1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Computer Freezing

Discussion in 'Virus & Other Malware Removal' started by DrkSdBls, Apr 7, 2010.

Thread Status:
Not open for further replies.
Advertisement
  1. DrkSdBls

    DrkSdBls Thread Starter

    Joined:
    Jul 19, 2003
    Messages:
    161
    Recently, my computer has been freezing up on my. Strange part is, it doesn't freeze while running High End games but when I playing smaller games or downloading and once or twice browsing Web pages. I've done everything I know to do including Malware/Virus Scans, Cleaning Files, Defragmenting, and Hardware Tests but I need a second opinion.

    This is my HIjackthis Log:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:50:57, on 2010/04/07
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16827)
    Boot mode: Normal

    Running processes:
    F:\WINDOWS\System32\smss.exe
    F:\WINDOWS\system32\winlogon.exe
    F:\WINDOWS\system32\services.exe
    F:\WINDOWS\system32\lsass.exe
    F:\WINDOWS\system32\nvsvc32.exe
    F:\WINDOWS\system32\svchost.exe
    F:\WINDOWS\System32\svchost.exe
    F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    F:\Program Files\Alwil Software\Avast4\ashServ.exe
    F:\WINDOWS\Explorer.EXE
    F:\WINDOWS\system32\ctfmon.exe
    F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    F:\Program Files\Common Files\Real\Update_OB\realsched.exe
    F:\Program Files\Common Files\Java\Java Update\jusched.exe
    F:\WINDOWS\SOUNDMAN.EXE
    F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    F:\WINDOWS\system32\RUNDLL32.EXE
    F:\WINDOWS\system32\rundll32.exe
    F:\Program Files\DivX\DivX Update\DivXUpdate.exe
    F:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    F:\WINDOWS\system32\spoolsv.exe
    F:\Program Files\Java\jre6\bin\jqs.exe
    F:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    F:\WINDOWS\system32\svchost.exe
    F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    F:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    F:\WINDOWS\System32\svchost.exe
    F:\Program Files\Internet Explorer\IEXPLORE.EXE
    F:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    O1 - Hosts: ::1 localhost
    O1 - Hosts: 209.44.111.62 itsecure.microsoft.com
    O1 - Hosts: 209.44.111.62 avremover-pro.com
    O1 - Hosts: 209.44.111.62 www.avremover-pro.com
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [TkBellExe] "F:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [RemoteControl] "F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Jomantha] F:\Program Files\n52te\n52teHid.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "F:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [Google Desktop Search] "F:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [DivXUpdate] "F:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    O4 - HKLM\..\Run: [amd_dc_opt] F:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [NVIDIA nTune] "F:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
    O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] F:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [igndlm.exe] F:\Program Files\Download Manager\dlm.exe /windowsstart /startifwork
    O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
    O4 - Global Startup: Windows Search.lnk = F:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &Clean Traces - F:\Program Files\DAP\Privacy Package\dapcleanerie.htm
    O8 - Extra context menu item: &Download with &DAP - F:\Program Files\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - F:\Program Files\DAP\dapextie2.htm
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
    O15 - ESC Trusted Zone: http://*.update.microsoft.com
    O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/mygarmin/m/GarminAxControl.CAB
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.9.113.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1240541163015
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O20 - AppInit_DLLs: f:\windows\system32\givejijo.dll
    O20 - Winlogon Notify: !SASWinLogon - F:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Imapi Helper - Alex Feinman - F:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: nTune Service (nTuneService) - NVIDIA - F:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe

    --
    End of file - 7827 bytes
     
  2. Megabite

    Megabite

    Joined:
    Apr 5, 2008
    Messages:
    11,761
    Howdy,

    and is this Online or off line it freezes or both?....and some specs on the PC would help...like memory install...etc

    did you put these there

    O1 - Hosts: 209.44.111.62 itsecure.microsoft.com
    O1 - Hosts: 209.44.111.62 avremover-pro.com
    O1 - Hosts: 209.44.111.62 www.avremover-pro.com
     
  3. DrkSdBls

    DrkSdBls Thread Starter

    Joined:
    Jul 19, 2003
    Messages:
    161
    Honestly, I have no idea what those are. I was hoping someone here did.

    Specs:
    Operating System: Windows XP Home Edition (5.1, Build 2600) Service Pack 3 (2600.xpsp_sp3_gdr.090206-1234)
    Language: English (Regional Setting: English)
    System Manufacturer: System manufacturer
    System Model: System Product Name
    BIOS: Phoenix - AwardBIOS v6.00PG
    Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 6000+, MMX, 3DNow (2 CPUs), ~3.0GHz
    Memory: 3582MB RAM
    Card name: NVIDIA GeForce 8500 GT
     
  4. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    Your computer is infected. Please click on Report and kindly ask to be moved to the Malware Removal & HijackThis Logs forum. From there, be patient. You should get an answer within the next 48 hours. These guys are really busy!​
     
  5. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,452
    First Name:
    Derek
    step 1

    use the Microsoft fixit tool on http://support.microsoft.com/kb/972034 to reset hosts to default

    step2


    Please download Malwarebytes' Anti-Malware to your desktop
    from HERE or HERE

    Double-click mbam-setup.exe and follow the prompts to install the program. At the end, be sure a checkmark is placed next to the following:

    Update Malwarebytes' Anti-Malware. Launch Malwarebytes' Anti-Malware. Then click Finish.

    If an update is found, it will download and install the latest version. Press Update to make sure the latest database is loaded.
    Once the program has loaded, select Perform quick scan, then click Scan.
    When the scan is complete, click OK, then Show Results to view the results.
    Be sure that everything is checked, and click Remove Selected.
    When completed, a log will open in Notepad.
    Please include this log in your next reply.

    It might ask you to reboot to finish cleaning. Please do so. ( Press YES on the alert)
    If you receive an (Error Loading xxxxxxxxxx .dll) error on reboot please reboot a second time . It is normal for this error to occur once and does not need to be reported unless it continues on every boot
     
  6. DrkSdBls

    DrkSdBls Thread Starter

    Joined:
    Jul 19, 2003
    Messages:
    161
    Results:

    Malwarebytes' Anti-Malware 1.45
    www.malwarebytes.org

    Database version: 3967

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 7.0.5730.13

    2010/04/07 19:36:45
    mbam-log-2010-04-07 (19-36-45).txt

    Scan type: Quick scan
    Objects scanned: 103778
    Time elapsed: 4 minute(s), 53 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 2
    Registry Values Infected: 0
    Registry Data Items Infected: 1
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1f158a1e-a687-4a11-9679-b3ac64b86a1c} (Adware.Seekmo) -> Quarantined and deleted successfully.

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)
     
  7. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,452
    First Name:
    Derek
    Delete any existing version of ComboFix you have sitting on your desktop
    Please read and follow all these instructions very carefully

    Download ComboFix from Here to your Desktop.

    **Note: It is important that it is saved directly to your desktop and run from the desktop and not any other folder on your computer**
    --------------------------------------------------------------------
    1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    • Very Important! Temporarily disable your anti-virus and anti-malware real-time protection and any script blocking components of them or your firewall before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results" or stop combofix running at all
    • Click on THIS LINK to see instructions on how to temporarily disable many security programs while running combofix. The list does not cover every program. If yours is not listed and you don't know how to disable it, please ask.
    • Remember to re enable the protection again after combofix has finished
    --------------------------------------------------------------------
    2. Close any open browsers and any other programs you might have running
    Double click on combofix.exe & follow the prompts.​
    If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?"
    Please select yes & let it download the files it needs to do this
    When finished, it will produce a report for you.
    Please post the "C:\ComboFix.txt" for further review


    ****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

    Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
    Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read HERE why we disable autoruns

    Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.
     
  8. DrkSdBls

    DrkSdBls Thread Starter

    Joined:
    Jul 19, 2003
    Messages:
    161
    ALright. So, I've done everything suggested here and cleaned a lot out of my computer. But My computer's still Freezing. Odd thing is, it seams to only freeze if I leave my computer for a few minutes.

    The Combofix.txt:
    ComboFix 10-04-10.02 - Kami 2010/04/11 14:45:26.5.2 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.932.81.1033.18.3582.3136 [GMT -4:00]
    Running from: f:\documents and settings\Kami\Desktop\ComboFix.exe
    AV: avast! antivirus 4.8.1368 [VPS 100411-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
    AV: Windows Live OneCare *On-access scanning disabled* (Updated) {427ADFC3-B354-4A51-BE34-A9D4218E45C4}
    FW: Windows Live OneCare Firewall *disabled* {A3899D22-27E6-4A7E-AE4E-2C106646DAAB}
    .

    ((((((((((((((((((((((((( Files Created from 2010-03-11 to 2010-04-11 )))))))))))))))))))))))))))))))
    .

    2010-04-10 04:40 . 2008-04-14 00:12 50176 -c--a-w- f:\windows\system32\dllcache\proquota.exe
    2010-04-10 04:40 . 2008-04-14 00:12 50176 ----a-w- f:\windows\system32\proquota.exe
    2010-04-10 04:27 . 2010-04-10 04:26 389120 ----a-w- f:\windows\system32\CF5710.exe
    2010-04-09 17:30 . 2010-04-09 17:30 -------- d-----w- f:\program files\KeyTweak
    2010-04-07 23:30 . 2010-04-07 23:30 -------- d-----w- f:\documents and settings\Kami\Application Data\Malwarebytes
    2010-04-07 23:30 . 2010-03-30 04:46 38224 ----a-w- f:\windows\system32\drivers\mbamswissarmy.sys
    2010-04-07 23:30 . 2010-04-07 23:30 -------- d-----w- f:\program files\Malwarebytes' Anti-Malware
    2010-04-07 23:30 . 2010-04-07 23:30 -------- d-----w- f:\documents and settings\All Users\Application Data\Malwarebytes
    2010-04-07 23:30 . 2010-03-30 04:45 20824 ----a-w- f:\windows\system32\drivers\mbam.sys
    2010-04-02 23:07 . 2007-06-29 18:47 34304 ----a-w- f:\windows\system32\drivers\AmdLLD.sys
    2010-04-02 23:07 . 2010-04-02 23:07 -------- d-----w- f:\program files\AMD
    2010-04-02 23:07 . 2010-04-02 23:07 -------- d-----w- f:\documents and settings\Kami\Local Settings\Application Data\Downloaded Installations
    2010-04-02 22:00 . 2010-04-02 22:00 -------- d-----w- f:\program files\CPUID
    2010-04-02 22:00 . 2010-03-31 03:38 20968 ----a-w- f:\windows\system32\drivers\cpuz133_x32.sys
    2010-03-31 09:42 . 2010-03-31 04:36 754984 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll
    2010-03-31 09:42 . 2010-03-31 04:35 986904 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
    2010-03-31 09:41 . 2009-08-22 03:46 529171 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe
    2010-03-31 09:41 . 2009-08-22 03:46 529171 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe
    2010-03-31 09:40 . 2010-03-31 09:40 56766 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
    2010-03-31 09:37 . 2010-03-31 09:37 56978 ----a-w- f:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
    2010-03-31 09:26 . 2010-03-31 09:26 53600 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe
    2010-03-31 09:20 . 2010-03-31 09:20 57677 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Player\Uninstaller.exe
    2010-03-31 08:33 . 2010-03-31 08:33 84035 ----a-w- f:\documents and settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
    2010-03-31 08:22 . 2010-03-31 08:22 57054 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
    2010-03-31 08:21 . 2010-03-31 08:21 54166 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
    2010-03-31 08:19 . 2010-03-31 08:19 57532 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
    2010-03-31 08:17 . 2010-03-31 08:17 56458 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
    2010-03-31 08:12 . 2010-03-31 08:12 54174 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
    2010-03-31 08:10 . 2010-03-31 08:10 54153 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
    2010-03-31 08:08 . 2010-03-31 08:08 54128 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
    2010-03-31 08:06 . 2010-03-31 08:06 54629 ----a-w- f:\documents and settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
    2010-03-31 07:59 . 2010-03-31 07:59 54101 ----a-w- f:\documents and settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
    2010-03-31 07:59 . 2010-03-31 07:59 57409 ----a-w- f:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
    2010-03-31 07:57 . 2010-03-31 07:57 52963 ----a-w- f:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
    2010-03-31 05:15 . 2010-03-31 05:15 54073 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
    2010-03-31 05:09 . 2010-03-31 05:09 56969 ----a-w- f:\documents and settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
    2010-03-31 04:35 . 2010-03-31 09:41 -------- d-----w- f:\documents and settings\All Users\Application Data\DivX
    2010-03-30 22:32 . 2010-03-30 22:32 503808 ----a-w- f:\documents and settings\Kami\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-65cb026b-n\msvcp71.dll
    2010-03-30 22:32 . 2010-03-30 22:32 499712 ----a-w- f:\documents and settings\Kami\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-65cb026b-n\jmc.dll
    2010-03-30 22:32 . 2010-03-30 22:32 348160 ----a-w- f:\documents and settings\Kami\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-65cb026b-n\msvcr71.dll
    2010-03-30 22:32 . 2010-03-30 22:32 -------- d-----w- f:\program files\Common Files\Java
    2010-03-30 22:32 . 2010-03-30 22:32 61440 ----a-w- f:\documents and settings\Kami\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-30ddab3e-n\decora-sse.dll
    2010-03-30 22:32 . 2010-03-30 22:32 12800 ----a-w- f:\documents and settings\Kami\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-30ddab3e-n\decora-d3d.dll
    2010-03-30 21:32 . 2010-03-30 21:32 -------- d-----w- f:\program files\Hot CPU Tester Pro 4 LE
    2010-03-30 04:42 . 2010-03-30 04:42 -------- d-----w- f:\documents and settings\Kami\Local Settings\Application Data\StoryBoard
    2010-03-23 00:29 . 2010-03-23 00:29 -------- d-----w- f:\documents and settings\Kami\Local Settings\Application Data\Rawr
    2010-03-19 23:04 . 2010-03-19 23:04 848 --sha-w- f:\windows\system32\KGyGaAvL.sys

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-04-11 18:24 . 2008-12-12 02:36 -------- d-----w- f:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
    2010-04-11 03:36 . 2008-08-22 02:35 -------- d---a-w- f:\documents and settings\All Users\Application Data\TEMP
    2010-04-11 01:31 . 2008-02-07 03:57 -------- d-----w- f:\documents and settings\Kami\Application Data\Ventrilo
    2010-04-09 02:41 . 2010-02-10 05:18 1 ----a-w- f:\documents and settings\Kami\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
    2010-04-06 22:36 . 2007-12-18 09:28 -------- d-----w- f:\program files\Google
    2010-04-06 18:26 . 2007-07-16 21:52 -------- d--h--w- f:\program files\InstallShield Installation Information
    2010-04-06 18:26 . 2009-10-22 18:25 -------- d-----w- f:\program files\n52te
    2010-04-06 18:24 . 2008-12-16 17:10 -------- d-----w- f:\program files\Eusing Free Registry Cleaner
    2010-04-06 18:24 . 2007-11-30 20:06 -------- d-----w- f:\program files\Azureus
    2010-04-06 15:35 . 2007-06-16 00:56 26520 ----a-w- f:\documents and settings\Kami\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2010-04-06 14:56 . 2007-10-16 02:02 -------- d-----w- f:\program files\SUPERAntiSpyware
    2010-03-31 09:41 . 2008-06-03 23:12 -------- d-----w- f:\program files\DivX
    2010-03-31 05:10 . 2009-08-22 03:45 -------- d-----w- f:\program files\Common Files\DivX Shared
    2010-03-30 22:31 . 2009-04-23 17:23 -------- d-----w- f:\program files\Java
    2010-03-30 21:18 . 2008-09-08 22:26 -------- d-----w- f:\program files\BCM Diagnostics Pro
    2010-03-09 08:28 . 2009-04-23 17:23 411368 ----a-w- f:\windows\system32\deploytk.dll
    2010-03-08 17:59 . 2010-03-08 17:59 94208 ----a-w- f:\windows\system32\dpl100.dll
    2010-02-19 19:27 . 2010-02-19 19:27 720384 ----a-w- f:\windows\system32\DivX.dll
    2010-02-19 19:27 . 2010-02-19 19:27 856064 ----a-w- f:\windows\system32\divx_xx0c.dll
    2010-02-19 19:27 . 2010-02-19 19:27 856064 ----a-w- f:\windows\system32\divx_xx07.dll
    2010-02-19 19:27 . 2010-02-19 19:27 847872 ----a-w- f:\windows\system32\divx_xx0a.dll
    2010-02-19 19:27 . 2010-02-19 19:27 843776 ----a-w- f:\windows\system32\divx_xx16.dll
    2010-02-19 19:27 . 2010-02-19 19:27 839680 ----a-w- f:\windows\system32\divx_xx11.dll
    2010-01-12 20:12 . 2010-01-12 20:12 85504 ----a-w- f:\windows\system32\ff_vfw.dll
    2008-03-09 12:25 . 2009-01-13 23:25 236 -c-ha-w- f:\program files\Common Files\dx.reg
    2005-02-27 18:22 . 2005-02-27 18:22 74 -c--a-w- f:\program files\Serial.txt
    2005-02-22 00:39 . 2005-02-22 00:39 2662 -c--a-w- f:\program files\1337Warez.nfo
    2004-09-29 23:15 . 2007-05-12 21:24 10475048 -c--a-w- f:\program files\RealPlayer10-5GOLD.exe
    2008-11-30 05:20 . 2009-04-21 16:34 251392 -c--a-w- f:\program files\opera\program\plugins\dapop.dll
    2008-12-10 00:27 . 2008-11-04 18:21 56 -csha-r- f:\windows\system32\D88FFC2E59.sys
    .

    ((((((((((((((((((((((((((((( SnapShot_2010-04-10_04.40.53 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2010-04-11 18:39 . 2010-04-11 18:39 16384 f:\windows\temp\Perflib_Perfdata_74.dat
    + 2010-04-11 18:39 . 2010-04-11 18:39 16384 f:\windows\temp\Perflib_Perfdata_55c.dat
    + 2010-04-11 18:40 . 2010-04-11 18:40 16384 f:\windows\temp\Perflib_Perfdata_28c.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NVIDIA nTune"="f:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]
    "SUPERAntiSpyware"="f:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-04-06 2010864]
    "SpybotSD TeaTimer"="f:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
    "igndlm.exe"="f:\program files\Download Manager\dlm.exe" [2009-05-14 1103216]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avast!"="f:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
    "TkBellExe"="f:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-02-17 185896]
    "SunJavaUpdateSched"="f:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
    "SoundMan"="SOUNDMAN.EXE" [2005-08-17 90112]
    "RemoteControl"="f:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 32768]
    "nwiz"="nwiz.exe" [2009-06-10 1657376]
    "NvMediaCenter"="f:\windows\system32\NvMcTray.dll" [2009-06-10 86016]
    "NvCplDaemon"="f:\windows\system32\NvCpl.dll" [2009-06-10 13758464]
    "NeroFilterCheck"="f:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
    "IMJPMIG8.1"="f:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
    "DivXUpdate"="f:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-03-05 1135912]
    "amd_dc_opt"="f:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
    "Adobe Reader Speed Launcher"="f:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="f:\windows\system32\ctfmon.exe" [2008-04-14 15360]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "tscuninstall"="f:\windows\system32\tscupgrd.exe" [2004-08-04 44544]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2009-09-05 22:28 548352 ----a-w- f:\program files\SUPERAntiSpyware\SASWINLO.DLL

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "GoogleDesktopManager-121207-085209"=3 (0x3)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "f:\\Program Files\\eMule\\emule.exe"=
    "f:\\WINDOWS\\system32\\dpvsetup.exe"=
    "e:\\GAMES\\WOW\\World of Warcraft\\Launcher.exe"=
    "f:\\Program Files\\Sony\\Station\\LaunchPad\\LaunchPad.exe"=
    "e:\\GAMES\\WOW\\World of Warcraft\\BackgroundDownloader.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "e:\\GAMES\\WOW\\World of Warcraft\\WoW-2.4.3-to-3.0.2-enUS-Win-Final-downloader.exe"=
    "f:\\WINDOWS\\system32\\spoolsv.exe"=
    "e:\\GAMES\\WOW\\World of Warcraft\\WoW-3.1.2.9901-to-3.1.3.9947-enUS-downloader.exe"=
    "e:\\GAMES\\WOW\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe"=
    "e:\\GAMES\\WOW\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe"=
    "e:\\GAMES\\WOW\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe"=
    "e:\\GAMES\\WOW\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

    R1 aswSP;avast! Self Protection;f:\windows\system32\drivers\aswSP.sys [2009/04/26 19:45 114768]
    R1 SASDIFSV;SASDIFSV;f:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2006/10/10 13:53 12872]
    R1 SASKUTIL;SASKUTIL;f:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2007/02/27 12:39 66632]
    R2 aswFsBlk;aswFsBlk;f:\windows\system32\drivers\aswFsBlk.sys [2009/04/26 19:45 20560]
    R2 cpuz133;cpuz133;f:\windows\system32\drivers\cpuz133_x32.sys [2010/04/02 18:00 20968]
    R2 WMDrive;WMDrive;f:\windows\system32\drivers\WMDrive.sys [2009/02/14 0:30 37376]
    R3 dpK0Bx01;Fingerprint Reader Filter Driver;f:\windows\system32\drivers\dpK0Bx01.sys [2008/09/03 22:41 32640]
    R3 SASENUM;SASENUM;f:\program files\SUPERAntiSpyware\SASENUM.SYS [2006/02/16 17:51 12872]
    R3 UsbdpFP;Fingerprint Reader Class Driver;f:\windows\system32\drivers\UsbdpFP.sys [2008/09/03 22:41 34560]
    S0 sptd;sptd;f:\windows\system32\drivers\sptd.sys [2007/06/18 20:40 682232]
    S0 stwlfbus;stwlfbus;f:\windows\system32\DRIVERS\stwlfbus.sys --> f:\windows\system32\DRIVERS\stwlfbus.sys [?]
    S2 {09BB444F-B2E2-4009-BAF2-7B727681223E};BuddyVM;\??\f:\program files\VMLaunch\BuddyVM.sys --> f:\program files\VMLaunch\BuddyVM.sys [?]
    S3 dmouc0;dmouc0;f:\windows\system32\drivers\dmouc0.sys [2009/01/09 18:08 7680]
    S3 dmouc1;dmouc1;f:\windows\system32\drivers\dmouc1.sys [2009/10/27 11:51 7680]
    S3 dmouc2;dmouc2;f:\windows\system32\drivers\dmouc2.sys [2009/10/27 11:52 7680]
    S3 JmtFltr;n52te;f:\windows\system32\drivers\JmtFltr.sys [2009/10/22 14:25 48896]
    S3 MBAMSwissArmy;MBAMSwissArmy;f:\windows\system32\drivers\mbamswissarmy.sys [2010/04/07 19:30 38224]
    S3 st3wolf;st3wolf;f:\windows\system32\DRIVERS\st3wolf.sys --> f:\windows\system32\DRIVERS\st3wolf.sys [?]
    S3 Usblink;Usblink Driver;f:\windows\system32\drivers\ulink.sys [2008/07/22 15:20 40788]
    .
    Contents of the 'Scheduled Tasks' folder

    2010-04-05 f:\windows\Tasks\AppleSoftwareUpdate.job
    - f:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

    2010-04-09 f:\windows\Tasks\defrag.job
    - f:\windows\system32\defrag.exe [2004-08-04 00:12]

    2010-04-04 f:\windows\Tasks\File Helper.job
    - f:\program files\File Helper\1.1.0.10\FileHelper.exe [2010-01-28 23:25]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = about:blank
    uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
    IE: &Clean Traces - f:\program files\DAP\Privacy Package\dapcleanerie.htm
    IE: &Download with &DAP - f:\program files\DAP\dapextie.htm
    IE: Download &all with DAP - f:\program files\DAP\dapextie2.htm
    DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/mygarmin/m/GarminAxControl.CAB
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-04-11 14:49
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_USERS\S-1-5-21-1614895754-412668190-839522115-1004\Software\KISS-MA\K0Y0_0€0&W0Y0_0A0 *-*J0・a0・n0D0D0j0・-*]
    "InstallPath"="c:\\Program Files\\KISS-MA\\かすたむしすたぁ\\"
    "DskSht"=dword:00000001
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'winlogon.exe'(696)
    f:\program files\SUPERAntiSpyware\SASWINLO.DLL
    f:\windows\system32\Ati2evxx.dll
    f:\windows\IME\IMJP8_1\Dicts\IMJPCD.DIC

    - - - - - - - > 'explorer.exe'(2160)
    f:\windows\system32\nview.dll
    f:\windows\system32\nvwddi.dll
    f:\windows\IME\IMJP8_1\Dicts\IMJPCD.DIC
    .
    Completion time: 2010-04-11 14:51:06
    ComboFix-quarantined-files.txt 2010-04-11 18:51
    ComboFix2.txt 2010-04-10 04:41
    ComboFix3.txt 2009-04-27 15:03
    ComboFix4.txt 2009-04-23 17:10
    ComboFix5.txt 2010-04-11 18:44

    Pre-Run: 23,722,942,464 bytes free
    Post-Run: 23,679,905,792 bytes free

    Current=14 Default=14 Failed=13 LastKnownGood=15 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15
    - - End Of File - - BB1EF67D9CF86CEBAA21401C8F90610B
     
  9. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,452
    First Name:
    Derek
    what do you mean by only freezes when left for few minutes

    please f=go to C:\qoobox & find ComboFix-quarantined-files.txt and ComboFix2.txt

    they might be in teh quarantine folder inside qoobox

    Once I see them and see what cf fixed becasue you ran it twice, I might eb ablke to work out waht is wrong, ( apart from all the P2P & downloading progranms that will infect you that is)
     
  10. DrkSdBls

    DrkSdBls Thread Starter

    Joined:
    Jul 19, 2003
    Messages:
    161
    Oops, I did run it twice. my bad.
    And I meant when I leave my computer alone and don't touch it for a hour or so. But, on that note, it hasn't froze again since last night.

    You need both ComboFix-quarantined-files.txt and ComboFix2.txt cause that's a lot to post in one post.

    2010-04-10 04:41:31 . 2010-04-10 04:41:31 1,174 ----a-w- F:\Qoobox\Quarantine\Registry_backups\AddRemove-{7B63B2922B174135AFC0E1377DD81EC2}.reg.dat
    2010-04-10 04:41:31 . 2010-04-10 04:41:31 712 ----a-w- F:\Qoobox\Quarantine\Registry_backups\AddRemove-Yahoo! Messenger.reg.dat
    2010-04-10 04:41:31 . 2010-04-10 04:41:31 604 ----a-w- F:\Qoobox\Quarantine\Registry_backups\AddRemove-KISSLD.reg.dat
    2010-04-10 04:41:31 . 2010-04-10 04:41:31 490 ----a-w- F:\Qoobox\Quarantine\Registry_backups\AddRemove-Direct KiSS.reg.dat
    2010-04-10 04:41:31 . 2010-04-10 04:41:31 728 ----a-w- F:\Qoobox\Quarantine\Registry_backups\AddRemove-Artificial Girl 3.reg.dat
    2010-04-10 04:41:16 . 2010-04-10 04:41:16 188 ----a-w- F:\Qoobox\Quarantine\Registry_backups\HKLM-Run-Google Desktop Search.reg.dat
    2010-04-10 04:41:16 . 2010-04-10 04:41:16 133 ----a-w- F:\Qoobox\Quarantine\Registry_backups\HKLM-Run-Jomantha.reg.dat
    2010-03-30 21:32:36 . 2007-03-05 15:51:56 360,580 ----a-w- F:\Qoobox\Quarantine\F\WINDOWS\eSellerateEngine.dll.vir
    2009-04-27 15:03:13 . 2009-04-27 15:03:13 146 -c--a-w- F:\Qoobox\Quarantine\Registry_backups\ShellExecuteHooks-{56F9679E-7826-4C84-81F3-532071A8BCC5}.reg.dat
    2009-04-27 15:03:13 . 2009-04-27 15:03:13 146 -c--a-w- F:\Qoobox\Quarantine\Registry_backups\ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}.reg.dat
    2009-04-27 15:03:09 . 2009-04-27 15:03:09 166 -c--a-w- F:\Qoobox\Quarantine\Registry_backups\HKLM-Run-OneCareUI.reg.dat
    2009-04-27 15:03:08 . 2009-04-27 15:03:08 448 -c--a-w- F:\Qoobox\Quarantine\Registry_backups\BHO-{7EB07FBE-7637-38F2-44BD-815F596D56A8}.reg.dat
    2009-04-23 17:09:41 . 2009-04-23 17:09:41 225 -c--a-w- F:\Qoobox\Quarantine\Registry_backups\BHO-{fa05bc1b-b57c-419c-9ae6-182bd6e27c3a}.reg.dat
    2009-04-22 11:58:22 . 2009-04-22 11:58:22 486,400 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\daptqgfntwwl.dll.vir
    2009-04-21 05:41:43 . 2009-04-21 06:02:53 1,399,323 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\ovohodod.ini.vir
    2009-04-20 21:16:50 . 2009-04-20 21:16:50 151 -c--a-w- F:\Qoobox\Quarantine\Registry_backups\HKLM-Run-bofalihifo.reg.dat
    2009-04-20 21:16:48 . 2009-04-20 21:16:48 225 -c--a-w- F:\Qoobox\Quarantine\Registry_backups\BHO-{20bee274-4e4d-4a0c-80a2-e132ac686e61}.reg.dat
    2009-04-20 21:13:04 . 2010-04-11 18:49:02 10,875 -c--a-w- F:\Qoobox\Quarantine\Registry_backups\tcpip.reg
    2009-04-20 21:10:20 . 2010-04-11 18:44:52 613 -c--a-w- F:\Qoobox\Quarantine\catchme.log
    2009-04-20 17:41:27 . 2009-04-20 18:02:37 1,399,323 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\ujakemij.ini.vir
    2009-04-20 04:29:48 . 2009-04-20 04:50:58 1,409,558 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\operabem.ini.vir
    2009-04-19 04:29:26 . 2009-04-19 04:50:47 1,412,977 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\omotoyam.ini.vir
    2009-04-15 17:18:57 . 2009-04-18 18:32:10 1,412,977 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\asijapoy.ini.vir
    2009-04-15 02:17:01 . 2009-04-15 02:38:22 1,410,834 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\okudigam.ini.vir
    2009-04-14 14:17:06 . 2009-04-14 14:38:16 1,410,839 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\upavepah.ini.vir
    2009-04-14 02:16:26 . 2009-04-14 02:25:58 1,408,899 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\ilafigap.ini.vir
    2009-04-13 14:16:08 . 2009-04-13 14:37:29 1,408,899 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\ekehopab.ini.vir
    2009-04-13 02:16:05 . 2009-04-13 02:37:16 1,405,937 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\ofadodab.ini.vir
    2009-04-12 14:16:00 . 2009-04-12 14:37:21 1,405,935 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\uyiworev.ini.vir
    2009-04-12 02:16:07 . 2009-04-12 02:37:17 1,403,888 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\ajikojol.ini.vir
    2009-03-29 21:04:25 . 2009-03-29 21:04:25 2,713 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\fuvevuja.exe.vir
    2009-03-29 09:04:15 . 2009-03-29 09:04:25 122 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\eparegej.ini.vir
    2009-03-28 21:04:19 . 2009-03-28 21:04:19 122 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\iluteweb.ini.vir
    2009-03-28 21:04:10 . 2009-03-28 21:04:10 2,713 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\biwapuyu.exe.vir
    2009-01-13 23:25:16 . 2008-04-23 03:23:02 134,671 ----a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\winstanew.dll.vir
    2009-01-13 23:25:16 . 2008-04-23 03:10:50 633,871 ----a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\user32new.dll.vir
    2009-01-13 23:25:15 . 2008-04-23 03:16:14 72,707 ----a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\secur32new.dll.vir
    2009-01-13 23:25:15 . 2008-04-23 03:18:46 96,783 ----a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\powrprofnew.dll.vir
    2009-01-13 23:25:15 . 2008-04-23 03:21:48 87,558 ----a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\ntdsapinew.dll.vir
    2009-01-13 23:25:15 . 2008-04-23 03:05:30 39,948 ----a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\dwmapi.dll.vir
    2009-01-13 23:25:15 . 2008-04-23 02:59:18 167,948 ----a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\dxgi.dll.vir
    2009-01-13 23:25:13 . 2008-04-23 03:25:38 974,354 ----a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\crypt32new.dll.vir
    2009-01-13 23:25:13 . 2008-04-23 03:21:26 171,023 ----a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\apphelpnew.dll.vir
    2009-01-13 23:25:13 . 2008-04-23 03:07:36 770,069 ----a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\advapi32new.dll.vir
    2008-12-20 04:36:55 . 2008-12-20 04:36:55 0 ----a-w- F:\Qoobox\Quarantine\F\FCMDE.tmp.vir
    2008-12-20 04:36:47 . 2008-12-20 04:36:47 0 ----a-w- F:\Qoobox\Quarantine\F\FCMDC.tmp.vir
    2008-12-20 04:36:47 . 2008-12-20 04:36:47 0 ----a-w- F:\Qoobox\Quarantine\F\FCMDA.tmp.vir
    2008-12-20 04:36:46 . 2008-12-20 04:36:46 0 ----a-w- F:\Qoobox\Quarantine\F\FCMD8.tmp.vir
    2008-12-20 04:36:46 . 2008-12-20 04:36:46 0 ----a-w- F:\Qoobox\Quarantine\F\FCMD6.tmp.vir
    2008-12-20 04:36:45 . 2008-12-20 04:36:45 0 ----a-w- F:\Qoobox\Quarantine\F\FCMD4.tmp.vir
    2008-12-20 04:36:44 . 2008-12-20 04:36:44 0 ----a-w- F:\Qoobox\Quarantine\F\FCMD2.tmp.vir
    2008-12-20 04:36:44 . 2008-12-20 04:36:44 0 ----a-w- F:\Qoobox\Quarantine\F\FCMD0.tmp.vir
    2008-12-20 04:36:43 . 2008-12-20 04:36:43 0 ----a-w- F:\Qoobox\Quarantine\F\FCMCE.tmp.vir
    2008-12-20 04:36:42 . 2008-12-20 04:36:42 0 ----a-w- F:\Qoobox\Quarantine\F\FCMCC.tmp.vir
    2008-12-20 04:36:42 . 2008-12-20 04:36:42 0 ----a-w- F:\Qoobox\Quarantine\F\FCMCA.tmp.vir
    2008-12-20 04:36:41 . 2008-12-20 04:36:41 0 ----a-w- F:\Qoobox\Quarantine\F\FCMC8.tmp.vir
    2008-12-20 04:36:40 . 2008-12-20 04:36:40 0 ----a-w- F:\Qoobox\Quarantine\F\FCMC6.tmp.vir
    2008-12-20 04:36:39 . 2008-12-20 04:36:39 0 ----a-w- F:\Qoobox\Quarantine\F\FCMC4.tmp.vir
    2008-12-20 04:36:39 . 2008-12-20 04:36:39 0 ----a-w- F:\Qoobox\Quarantine\F\FCMC2.tmp.vir
    2008-12-20 04:36:38 . 2008-12-20 04:36:38 0 ----a-w- F:\Qoobox\Quarantine\F\FCMC0.tmp.vir
    2008-12-20 04:36:37 . 2008-12-20 04:36:37 0 ----a-w- F:\Qoobox\Quarantine\F\FCMBE.tmp.vir
    2008-12-20 04:36:36 . 2008-12-20 04:36:36 0 ----a-w- F:\Qoobox\Quarantine\F\FCMBC.tmp.vir
    2008-12-20 04:36:33 . 2008-12-20 04:36:33 0 ----a-w- F:\Qoobox\Quarantine\F\FCMBA.tmp.vir
    2008-12-20 04:36:28 . 2008-12-20 04:36:28 0 ----a-w- F:\Qoobox\Quarantine\F\FCMB8.tmp.vir
    2008-12-20 04:35:43 . 2008-12-20 04:35:43 0 ----a-w- F:\Qoobox\Quarantine\F\FCMB5.tmp.vir
    2008-12-20 04:34:50 . 2008-12-20 04:34:50 0 ----a-w- F:\Qoobox\Quarantine\F\FCMB3.tmp.vir
    2008-03-15 23:15:36 . 2008-03-15 23:15:38 112,128 ----a-w- F:\Qoobox\Quarantine\F\Thumbs.db.vir
    2007-10-16 01:55:19 . 2007-10-16 01:55:19 2,908 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\tmp.reg.vir
    2007-10-16 01:55:06 . 2004-07-31 22:50:36 51,200 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\dumphive.exe.vir
    2007-10-16 01:55:06 . 2006-04-27 21:49:30 288,417 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\SrchSTS.exe.vir
    2007-08-27 17:24:49 . 2008-12-12 19:20:39 23,552 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\Thumbs.db.vir
    2007-06-14 17:48:05 . 2007-04-06 02:31:36 185 -c--a-w- F:\Qoobox\Quarantine\F\Documents and Settings\Favorites\. . h e l a e n e . ..url.vir
    2004-08-04 12:00:00 . 2004-08-04 12:00:00 1,835,904 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\_000006_.tmp.dll.vir
    2004-08-04 12:00:00 . 2004-08-04 12:00:00 144,896 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\_000007_.tmp.dll.vir
    2004-08-04 12:00:00 . 2004-08-04 12:00:00 983,552 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\_000019_.tmp.dll.vir
    2004-08-04 12:00:00 . 2004-08-04 12:00:00 108,032 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\_000036_.tmp.dll.vir
    2004-08-04 12:00:00 . 2004-08-04 12:00:00 708,096 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\_000037_.tmp.dll.vir
    2004-08-04 12:00:00 . 2004-08-04 12:00:00 721,920 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\_000038_.tmp.dll.vir
    2004-08-04 12:00:00 . 2004-08-04 12:00:00 616,960 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\_000039_.tmp.dll.vir


    ComboFix 10-04-09.01 - Kami 2010/04/10 0:35.4.2 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.932.81.1033.18.3582.2926 [GMT -4:00]
    Running from: f:\documents and settings\Kami\Desktop\ComboFix.exe
    AV: avast! antivirus 4.8.1368 [VPS 100409-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
    AV: Windows Live OneCare *On-access scanning disabled* (Updated) {427ADFC3-B354-4A51-BE34-A9D4218E45C4}
    FW: Windows Live OneCare Firewall *disabled* {A3899D22-27E6-4A7E-AE4E-2C106646DAAB}
    * Created a new restore point
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    F:\data
    f:\documents and settings\Favorites\. . h e l a e n e . ..url
    F:\FCMB3.tmp
    F:\FCMB5.tmp
    F:\FCMB8.tmp
    F:\FCMBA.tmp
    F:\FCMBC.tmp
    F:\FCMBE.tmp
    F:\FCMC0.tmp
    F:\FCMC2.tmp
    F:\FCMC4.tmp
    F:\FCMC6.tmp
    F:\FCMC8.tmp
    F:\FCMCA.tmp
    F:\FCMCC.tmp
    F:\FCMCE.tmp
    F:\FCMD0.tmp
    F:\FCMD2.tmp
    F:\FCMD4.tmp
    F:\FCMD6.tmp
    F:\FCMD8.tmp
    F:\FCMDA.tmp
    F:\FCMDC.tmp
    F:\FCMDE.tmp
    F:\Thumbs.db
    f:\windows\eSellerateEngine.dll
    f:\windows\system32\advapi32new.dll
    f:\windows\system32\apphelpnew.dll
    f:\windows\system32\crypt32new.dll
    f:\windows\system32\dwmapi.dll
    f:\windows\system32\dxgi.dll
    f:\windows\system32\ntdsapinew.dll
    f:\windows\system32\powrprofnew.dll
    f:\windows\system32\secur32new.dll
    f:\windows\system32\Thumbs.db
    f:\windows\system32\user32new.dll
    f:\windows\system32\winstanew.dll

    f:\windows\system32\proquota.exe was missing
    Restored copy from - f:\windows\ServicePackFiles\i386\proquota.exe

    .
    ((((((((((((((((((((((((( Files Created from 2010-03-10 to 2010-04-10 )))))))))))))))))))))))))))))))
    .

    2010-04-10 04:40 . 2008-04-14 00:12 50176 -c--a-w- f:\windows\system32\dllcache\proquota.exe
    2010-04-10 04:40 . 2008-04-14 00:12 50176 ----a-w- f:\windows\system32\proquota.exe
    2010-04-10 04:27 . 2010-04-10 04:26 389120 ----a-w- f:\windows\system32\CF5710.exe
    2010-04-09 17:30 . 2010-04-09 17:30 -------- d-----w- f:\program files\KeyTweak
    2010-04-07 23:30 . 2010-04-07 23:30 -------- d-----w- f:\documents and settings\Kami\Application Data\Malwarebytes
    2010-04-07 23:30 . 2010-03-30 04:46 38224 ----a-w- f:\windows\system32\drivers\mbamswissarmy.sys
    2010-04-07 23:30 . 2010-04-07 23:30 -------- d-----w- f:\program files\Malwarebytes' Anti-Malware
    2010-04-07 23:30 . 2010-04-07 23:30 -------- d-----w- f:\documents and settings\All Users\Application Data\Malwarebytes
    2010-04-07 23:30 . 2010-03-30 04:45 20824 ----a-w- f:\windows\system32\drivers\mbam.sys
    2010-04-02 23:07 . 2007-06-29 18:47 34304 ----a-w- f:\windows\system32\drivers\AmdLLD.sys
    2010-04-02 23:07 . 2010-04-02 23:07 -------- d-----w- f:\program files\AMD
    2010-04-02 23:07 . 2010-04-02 23:07 -------- d-----w- f:\documents and settings\Kami\Local Settings\Application Data\Downloaded Installations
    2010-04-02 22:00 . 2010-04-02 22:00 -------- d-----w- f:\program files\CPUID
    2010-04-02 22:00 . 2010-03-31 03:38 20968 ----a-w- f:\windows\system32\drivers\cpuz133_x32.sys
    2010-03-31 09:42 . 2010-03-31 04:36 754984 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll
    2010-03-31 09:42 . 2010-03-31 04:35 986904 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
    2010-03-31 09:41 . 2009-08-22 03:46 529171 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe
    2010-03-31 09:41 . 2009-08-22 03:46 529171 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe
    2010-03-31 09:40 . 2010-03-31 09:40 56766 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
    2010-03-31 09:37 . 2010-03-31 09:37 56978 ----a-w- f:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
    2010-03-31 09:26 . 2010-03-31 09:26 53600 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe
    2010-03-31 09:20 . 2010-03-31 09:20 57677 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Player\Uninstaller.exe
    2010-03-31 08:33 . 2010-03-31 08:33 84035 ----a-w- f:\documents and settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
    2010-03-31 08:22 . 2010-03-31 08:22 57054 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
    2010-03-31 08:21 . 2010-03-31 08:21 54166 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
    2010-03-31 08:19 . 2010-03-31 08:19 57532 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
    2010-03-31 08:17 . 2010-03-31 08:17 56458 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
    2010-03-31 08:12 . 2010-03-31 08:12 54174 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
    2010-03-31 08:10 . 2010-03-31 08:10 54153 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
    2010-03-31 08:08 . 2010-03-31 08:08 54128 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
    2010-03-31 08:06 . 2010-03-31 08:06 54629 ----a-w- f:\documents and settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
    2010-03-31 07:59 . 2010-03-31 07:59 54101 ----a-w- f:\documents and settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
    2010-03-31 07:59 . 2010-03-31 07:59 57409 ----a-w- f:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
    2010-03-31 07:57 . 2010-03-31 07:57 52963 ----a-w- f:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
    2010-03-31 05:15 . 2010-03-31 05:15 54073 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
    2010-03-31 05:09 . 2010-03-31 05:09 56969 ----a-w- f:\documents and settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
    2010-03-31 04:35 . 2010-03-31 09:41 -------- d-----w- f:\documents and settings\All Users\Application Data\DivX
    2010-03-30 22:32 . 2010-03-30 22:32 503808 ----a-w- f:\documents and settings\Kami\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-65cb026b-n\msvcp71.dll
    2010-03-30 22:32 . 2010-03-30 22:32 499712 ----a-w- f:\documents and settings\Kami\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-65cb026b-n\jmc.dll
    2010-03-30 22:32 . 2010-03-30 22:32 348160 ----a-w- f:\documents and settings\Kami\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-65cb026b-n\msvcr71.dll
    2010-03-30 22:32 . 2010-03-30 22:32 -------- d-----w- f:\program files\Common Files\Java
    2010-03-30 22:32 . 2010-03-30 22:32 61440 ----a-w- f:\documents and settings\Kami\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-30ddab3e-n\decora-sse.dll
    2010-03-30 22:32 . 2010-03-30 22:32 12800 ----a-w- f:\documents and settings\Kami\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-30ddab3e-n\decora-d3d.dll
    2010-03-30 21:32 . 2010-03-30 21:32 -------- d-----w- f:\program files\Hot CPU Tester Pro 4 LE
    2010-03-30 04:42 . 2010-03-30 04:42 -------- d-----w- f:\documents and settings\Kami\Local Settings\Application Data\StoryBoard
    2010-03-23 00:29 . 2010-03-23 00:29 -------- d-----w- f:\documents and settings\Kami\Local Settings\Application Data\Rawr
    2010-03-19 23:04 . 2010-03-19 23:04 848 --sha-w- f:\windows\system32\KGyGaAvL.sys

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-04-09 02:41 . 2010-02-10 05:18 1 ----a-w- f:\documents and settings\Kami\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
    2010-04-08 03:13 . 2008-08-22 02:35 -------- d---a-w- f:\documents and settings\All Users\Application Data\TEMP
    2010-04-06 22:36 . 2007-12-18 09:28 -------- d-----w- f:\program files\Google
    2010-04-06 18:26 . 2007-07-16 21:52 -------- d--h--w- f:\program files\InstallShield Installation Information
    2010-04-06 18:26 . 2009-10-22 18:25 -------- d-----w- f:\program files\n52te
    2010-04-06 18:24 . 2008-12-16 17:10 -------- d-----w- f:\program files\Eusing Free Registry Cleaner
    2010-04-06 18:24 . 2007-11-30 20:06 -------- d-----w- f:\program files\Azureus
    2010-04-06 15:35 . 2007-06-16 00:56 26520 ----a-w- f:\documents and settings\Kami\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2010-04-06 14:56 . 2007-10-16 02:02 -------- d-----w- f:\program files\SUPERAntiSpyware
    2010-03-31 09:41 . 2008-06-03 23:12 -------- d-----w- f:\program files\DivX
    2010-03-31 05:10 . 2009-08-22 03:45 -------- d-----w- f:\program files\Common Files\DivX Shared
    2010-03-30 22:31 . 2009-04-23 17:23 -------- d-----w- f:\program files\Java
    2010-03-30 21:18 . 2008-09-08 22:26 -------- d-----w- f:\program files\BCM Diagnostics Pro
    2010-03-09 08:28 . 2009-04-23 17:23 411368 ----a-w- f:\windows\system32\deploytk.dll
    2010-03-08 17:59 . 2010-03-08 17:59 94208 ----a-w- f:\windows\system32\dpl100.dll
    2010-02-19 19:27 . 2010-02-19 19:27 720384 ----a-w- f:\windows\system32\DivX.dll
    2010-02-19 19:27 . 2010-02-19 19:27 856064 ----a-w- f:\windows\system32\divx_xx0c.dll
    2010-02-19 19:27 . 2010-02-19 19:27 856064 ----a-w- f:\windows\system32\divx_xx07.dll
    2010-02-19 19:27 . 2010-02-19 19:27 847872 ----a-w- f:\windows\system32\divx_xx0a.dll
    2010-02-19 19:27 . 2010-02-19 19:27 843776 ----a-w- f:\windows\system32\divx_xx16.dll
    2010-02-19 19:27 . 2010-02-19 19:27 839680 ----a-w- f:\windows\system32\divx_xx11.dll
    2010-02-10 05:17 . 2010-02-10 05:17 -------- d-----w- f:\documents and settings\Kami\Application Data\OpenOffice.org
    2010-01-12 20:12 . 2010-01-12 20:12 85504 ----a-w- f:\windows\system32\ff_vfw.dll
    2008-03-09 12:25 . 2009-01-13 23:25 236 -c-ha-w- f:\program files\Common Files\dx.reg
    2005-02-27 18:22 . 2005-02-27 18:22 74 -c--a-w- f:\program files\Serial.txt
    2005-02-22 00:39 . 2005-02-22 00:39 2662 -c--a-w- f:\program files\1337Warez.nfo
    2004-09-29 23:15 . 2007-05-12 21:24 10475048 -c--a-w- f:\program files\RealPlayer10-5GOLD.exe
    2008-11-30 05:20 . 2009-04-21 16:34 251392 -c--a-w- f:\program files\opera\program\plugins\dapop.dll
    2008-12-10 00:27 . 2008-11-04 18:21 56 -csha-r- f:\windows\system32\D88FFC2E59.sys
    .

    ((((((((((((((((((((((((((((( SnapShot_2009-04-27_15.02.52 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2009-08-18 13:07 . 2004-05-27 03:16 73728 f:\windows\twain_32\EOS20D_W\pscl2STI.dll
    + 2010-04-06 15:14 . 2010-04-06 15:14 16384 f:\windows\temp\Perflib_Perfdata_570.dat
    + 2010-04-07 23:45 . 2010-04-07 23:45 16384 f:\windows\temp\Perflib_Perfdata_4b0.dat
    + 2010-04-07 23:45 . 2010-04-07 23:45 16384 f:\windows\temp\Perflib_Perfdata_460.dat
    + 2009-06-16 23:55 . 2009-03-16 18:18 69448 f:\windows\system32\XAPOFX1_3.dll
    + 2009-06-16 23:55 . 2008-10-27 14:04 70992 f:\windows\system32\XAPOFX1_2.dll
    + 2009-06-16 23:55 . 2008-07-30 10:20 68616 f:\windows\system32\XAPOFX1_1.dll
    + 2009-06-16 23:55 . 2008-05-30 18:17 65032 f:\windows\system32\XAPOFX1_0.dll
    + 2009-06-16 23:55 . 2009-03-16 18:18 22360 f:\windows\system32\X3DAudio1_6.dll
    + 2009-06-16 23:55 . 2008-10-27 14:04 23376 f:\windows\system32\X3DAudio1_5.dll
    + 2009-06-16 23:55 . 2008-05-30 18:17 25608 f:\windows\system32\X3DAudio1_4.dll
    + 2009-06-16 23:55 . 2008-03-05 20:00 25608 f:\windows\system32\X3DAudio1_3.dll
    + 2007-06-19 01:17 . 2007-10-22 07:37 17928 f:\windows\system32\X3DAudio1_2.dll
    + 2009-10-22 18:25 . 2008-04-13 18:45 10368 f:\windows\system32\ReinstallBackups\0034\DriverFiles\i386\hidusb.sys
    + 2009-10-22 18:25 . 2008-04-13 18:45 24960 f:\windows\system32\ReinstallBackups\0034\DriverFiles\i386\hidparse.sys
    + 2009-10-22 18:25 . 2008-04-13 18:45 36864 f:\windows\system32\ReinstallBackups\0034\DriverFiles\i386\hidclass.sys
    + 2009-10-22 18:25 . 2008-04-14 00:11 20992 f:\windows\system32\ReinstallBackups\0034\DriverFiles\i386\hid.dll
    + 2009-10-22 18:25 . 2008-04-13 18:45 10368 f:\windows\system32\ReinstallBackups\0033\DriverFiles\i386\hidusb.sys
    + 2009-10-22 18:25 . 2008-04-13 18:45 24960 f:\windows\system32\ReinstallBackups\0033\DriverFiles\i386\hidparse.sys
    + 2009-10-22 18:25 . 2008-04-13 18:45 36864 f:\windows\system32\ReinstallBackups\0033\DriverFiles\i386\hidclass.sys
    + 2009-10-22 18:25 . 2008-04-14 00:11 20992 f:\windows\system32\ReinstallBackups\0033\DriverFiles\i386\hid.dll
    + 2009-07-17 18:26 . 2007-06-28 16:43 81920 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvwddi.dll
    + 2009-07-17 18:26 . 2007-06-28 16:43 81920 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvmctray.dll
    + 2009-07-17 18:26 . 2007-06-28 16:43 37376 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvcod.dll
    + 2008-02-13 21:16 . 2009-12-01 19:14 68080 f:\windows\system32\pxinsa64.exe
    + 2008-06-03 23:12 . 2009-12-01 19:14 72176 f:\windows\system32\pxhpinst.exe
    + 2008-06-08 22:58 . 2008-06-08 22:58 60273 f:\windows\system32\pthreadGC2.dll
    + 2009-04-28 13:55 . 2009-04-28 13:55 70936 f:\windows\system32\PhysXLoader.dll
    + 2008-12-04 13:28 . 2008-12-04 13:28 24344 f:\windows\system32\PhysXDevice.dll
    - 2004-08-04 12:00 . 2009-04-24 03:39 78230 f:\windows\system32\perfc009.dat
    + 2004-08-04 12:00 . 2010-03-17 05:27 78230 f:\windows\system32\perfc009.dat
    + 2009-06-10 12:29 . 2009-06-10 12:29 81920 f:\windows\system32\nvwddi.dll
    - 2004-10-18 08:15 . 2008-09-18 03:55 86016 f:\windows\system32\nvmctray.dll
    + 2009-06-10 12:28 . 2009-06-10 12:28 86016 f:\windows\system32\nvmctray.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 45056 f:\windows\system32\nvmccsrs.dll
    + 2009-11-14 18:11 . 2009-11-14 18:11 80384 f:\windows\system32\mkzlib.dll
    + 2009-11-14 18:11 . 2009-11-14 18:11 24576 f:\windows\system32\mkunicode.dll
    + 2008-02-11 00:56 . 2010-02-16 06:27 84507 f:\windows\system32\Macromed\Flash\uninstall_activeX.exe
    + 2009-07-17 18:35 . 2001-12-21 20:45 36352 f:\windows\system32\instdrv.dll
    + 2010-01-12 20:18 . 2010-01-12 20:18 97792 f:\windows\system32\ff_unrar.dll
    + 2009-10-22 18:25 . 2007-09-27 18:46 48896 f:\windows\system32\DRVSTORE\jmtflter_92E9C44249735A5E0CACA1DD6109994985059DF9\JmtFltr.sys
    + 2009-10-22 18:25 . 2007-09-19 21:01 12672 f:\windows\system32\drivers\vhidmini.sys
    + 2009-08-18 13:08 . 2008-04-13 18:45 15104 f:\windows\system32\drivers\usbscan.sys
    + 2009-10-22 18:25 . 2005-12-22 07:23 14592 f:\windows\system32\drivers\USBICP.sys
    + 2008-02-13 07:00 . 2009-12-01 19:14 44944 f:\windows\system32\drivers\pxhelp20.sys
    + 2009-10-22 18:25 . 2007-09-27 18:46 48896 f:\windows\system32\drivers\JmtFltr.sys
    + 2004-08-04 12:00 . 2008-04-13 18:45 10368 f:\windows\system32\drivers\hidusb.sys
    - 2004-08-04 12:00 . 2008-04-13 18:45 10368 f:\windows\system32\drivers\hidusb.sys
    + 2009-04-26 23:45 . 2009-11-24 23:49 48560 f:\windows\system32\drivers\aswTdi.sys
    + 2009-04-26 23:45 . 2009-11-24 23:48 23120 f:\windows\system32\drivers\aswRdr.sys
    + 2009-04-26 23:45 . 2009-11-24 23:50 94160 f:\windows\system32\drivers\aswmon2.sys
    + 2009-04-26 23:45 . 2009-11-24 23:51 93424 f:\windows\system32\drivers\aswmon.sys
    + 2009-04-26 23:45 . 2009-11-24 23:50 20560 f:\windows\system32\drivers\aswFsBlk.sys
    - 2009-04-26 23:45 . 2009-02-05 20:07 20560 f:\windows\system32\drivers\aswFsBlk.sys
    + 2009-04-26 23:45 . 2009-11-24 23:47 27408 f:\windows\system32\drivers\aavmker4.sys
    - 2008-12-09 02:28 . 2008-12-09 02:28 57344 f:\windows\system32\dpv11.dll
    + 2008-08-05 21:59 . 2008-08-05 21:59 57344 f:\windows\system32\dpv11.dll
    + 2007-06-14 18:55 . 2008-04-14 00:12 88576 f:\windows\system32\dllcache\wmiaprpl.dll
    + 2007-06-14 18:56 . 2008-04-14 00:12 85504 f:\windows\system32\dllcache\wabimp.dll
    + 2009-08-18 13:08 . 2008-04-13 18:45 15104 f:\windows\system32\dllcache\usbscan.sys
    + 2004-08-04 12:00 . 2008-04-14 00:12 26624 f:\windows\system32\dllcache\startoc.dll
    + 2004-08-04 12:00 . 2008-04-14 00:12 14336 f:\windows\system32\dllcache\ssstars.scr
    + 2004-08-04 12:00 . 2008-04-14 00:12 47104 f:\windows\system32\dllcache\ssmypics.scr
    + 2004-08-04 12:00 . 2008-04-13 16:43 62976 f:\windows\system32\dllcache\spgrmr.dll
    + 2007-06-14 18:56 . 2008-04-14 00:12 73216 f:\windows\system32\dllcache\setup50.exe
    + 2007-06-14 18:55 . 2008-04-14 00:12 36352 f:\windows\system32\dllcache\scrcons.exe
    + 2007-06-14 18:57 . 2008-04-14 00:12 51200 f:\windows\system32\dllcache\oobebaln.exe
    + 2007-06-14 18:56 . 2008-04-14 00:12 65536 f:\windows\system32\dllcache\oledb32r.dll
    + 2007-06-14 18:56 . 2008-04-14 00:12 60416 f:\windows\system32\dllcache\oemig50.exe
    + 2004-08-04 12:00 . 2008-04-14 00:12 17408 f:\windows\system32\dllcache\ocmsn.dll
    + 2004-08-04 12:00 . 2008-04-14 00:12 15360 f:\windows\system32\dllcache\ocgen.dll
    + 2004-08-04 12:00 . 2008-04-14 00:12 62976 f:\windows\system32\dllcache\ntoc.dll
    + 2004-08-04 12:00 . 2008-04-14 00:12 15360 f:\windows\system32\dllcache\nppagent.exe
    + 2007-06-14 18:56 . 2008-04-14 00:12 77824 f:\windows\system32\dllcache\nmcom.dll
    + 2007-06-14 18:56 . 2008-04-14 00:12 81920 f:\windows\system32\dllcache\nmchat.dll
    + 2007-06-14 18:56 . 2008-04-14 00:12 28672 f:\windows\system32\dllcache\nmasnt.dll
    + 2004-08-04 12:00 . 2008-04-14 00:12 77312 f:\windows\system32\dllcache\netoc.dll
    + 2004-08-04 12:00 . 2008-04-14 00:12 57344 f:\windows\system32\dllcache\ndisnpp.dll
    + 2007-06-14 18:56 . 2008-04-14 00:12 57344 f:\windows\system32\dllcache\mst123.dll
    + 2007-06-14 18:57 . 2008-04-14 00:12 29184 f:\windows\system32\dllcache\msoobe.exe
    + 2007-06-14 18:57 . 2008-04-14 00:12 19456 f:\windows\system32\dllcache\msobweb.dll
    + 2007-06-14 18:57 . 2008-04-14 00:12 30720 f:\windows\system32\dllcache\msobshel.dll
    + 2007-06-14 18:57 . 2008-04-14 00:12 16384 f:\windows\system32\dllcache\msobdl.dll
    + 2004-08-04 12:00 . 2008-04-14 00:11 15360 f:\windows\system32\dllcache\msgrocm.dll
    + 2004-08-04 12:00 . 2008-04-14 00:11 90112 f:\windows\system32\dllcache\msdtcstp.dll
    + 2007-06-14 18:56 . 2008-04-14 00:11 20480 f:\windows\system32\dllcache\msdatt.dll
    + 2007-06-14 18:56 . 2008-04-14 00:11 94208 f:\windows\system32\dllcache\msdatl3.dll
    + 2007-06-14 18:56 . 2008-04-13 17:26 16384 f:\windows\system32\dllcache\msdasqlr.dll
    + 2007-06-14 18:56 . 2008-04-13 17:25 16384 f:\windows\system32\dllcache\msdaremr.dll
    + 2007-06-14 18:56 . 2008-04-13 17:25 16384 f:\windows\system32\dllcache\msdaprsr.dll
    + 2007-06-14 18:56 . 2008-04-13 17:24 16384 f:\windows\system32\dllcache\msdaorar.dll
    + 2007-06-14 18:56 . 2008-04-14 00:11 57344 f:\windows\system32\dllcache\msador15.dll
    + 2007-06-14 18:56 . 2008-04-13 17:26 24576 f:\windows\system32\dllcache\msader15.dll
    + 2007-06-14 18:56 . 2008-04-13 17:25 24576 f:\windows\system32\dllcache\msaddsr.dll
    + 2007-06-14 18:56 . 2008-04-14 00:11 53248 f:\windows\system32\dllcache\msadcs.dll
    + 2007-06-14 18:56 . 2008-04-13 17:25 16384 f:\windows\system32\dllcache\msadcor.dll
    + 2007-06-14 18:56 . 2008-04-13 17:25 16384 f:\windows\system32\dllcache\msadcfr.dll
    + 2007-06-14 18:56 . 2008-04-13 17:25 20480 f:\windows\system32\dllcache\msadcer.dll
    + 2007-06-14 18:55 . 2008-04-14 00:12 16384 f:\windows\system32\dllcache\mofcomp.exe
    + 2004-08-04 12:00 . 2008-04-14 00:11 19968 f:\windows\system32\dllcache\log.dll
    + 2007-06-14 18:57 . 2008-04-14 00:12 18432 f:\windows\system32\dllcache\hscupd.exe
    + 2004-08-04 12:00 . 2008-04-13 18:45 10368 f:\windows\system32\dllcache\hidusb.sys
    + 2004-08-04 12:00 . 2008-04-13 18:45 24960 f:\windows\system32\dllcache\hidparse.sys
    + 2004-08-04 12:00 . 2008-04-13 18:45 36864 f:\windows\system32\dllcache\hidclass.sys
    + 2007-06-14 18:56 . 2008-04-14 00:11 57344 f:\windows\system32\dllcache\h323cc.dll
    + 2004-08-04 12:00 . 2008-04-14 00:11 32828 f:\windows\system32\dllcache\fp40ext.dll
    + 2007-06-14 18:56 . 2008-04-14 00:11 40960 f:\windows\system32\dllcache\dcap32.dll
    + 2007-12-04 00:48 . 2008-04-13 16:44 17920 f:\windows\system32\dllcache\cobramsg.dll
    - 2004-08-04 12:00 . 2004-08-04 12:00 69584 f:\windows\system32\dllcache\avicap.dll
    + 2007-06-14 14:50 . 2004-08-04 12:00 69584 f:\windows\system32\dllcache\avicap.dll
    + 2004-08-04 12:00 . 2007-04-02 18:26 20480 f:\windows\system32\dllcache\agt0c0a.dll
    + 2004-08-04 12:00 . 2007-04-02 18:26 20992 f:\windows\system32\dllcache\agt0816.dll
    + 2007-12-04 02:35 . 2007-04-02 18:26 19456 f:\windows\system32\dllcache\agt0804.dll
    + 2007-06-14 14:50 . 2007-04-02 18:26 19456 f:\windows\system32\dllcache\agt041f.dll
    + 2004-08-04 12:00 . 2007-04-02 18:26 19456 f:\windows\system32\dllcache\agt041d.dll
    + 2007-06-14 14:50 . 2007-04-02 18:26 19456 f:\windows\system32\dllcache\agt0419.dll
    + 2004-08-04 12:00 . 2007-04-02 18:26 20480 f:\windows\system32\dllcache\agt0416.dll
    + 2007-06-14 14:50 . 2007-04-02 18:26 19456 f:\windows\system32\dllcache\agt0415.dll
    + 2004-08-04 12:00 . 2007-04-02 18:26 19456 f:\windows\system32\dllcache\agt0414.dll
    + 2004-08-04 12:00 . 2007-04-02 18:26 20992 f:\windows\system32\dllcache\agt0413.dll
    + 2007-12-04 02:35 . 2007-04-02 18:26 19456 f:\windows\system32\dllcache\agt0412.dll
    + 2007-12-04 02:35 . 2007-04-02 18:26 19456 f:\windows\system32\dllcache\agt0411.dll
    + 2004-08-04 12:00 . 2007-04-02 18:26 20992 f:\windows\system32\dllcache\agt0410.dll
    + 2007-06-14 14:50 . 2007-04-02 18:26 19968 f:\windows\system32\dllcache\agt040e.dll
    + 2004-08-04 12:00 . 2007-04-02 18:26 21504 f:\windows\system32\dllcache\agt040c.dll
    + 2004-08-04 12:00 . 2007-04-02 18:26 19456 f:\windows\system32\dllcache\agt040b.dll
    + 2004-08-04 12:00 . 2008-04-13 17:32 19968 f:\windows\system32\dllcache\agt0409.dll
    + 2007-06-14 14:50 . 2007-04-02 18:26 22016 f:\windows\system32\dllcache\agt0408.dll
    + 2004-08-04 12:00 . 2007-04-02 18:26 21504 f:\windows\system32\dllcache\agt0407.dll
    + 2004-08-04 12:00 . 2007-04-02 18:25 19456 f:\windows\system32\dllcache\agt0406.dll
    + 2007-06-14 14:50 . 2007-04-02 18:25 19456 f:\windows\system32\dllcache\agt0405.dll
    + 2007-12-04 02:35 . 2007-04-02 18:25 19456 f:\windows\system32\dllcache\agt0404.dll
    + 2004-08-04 12:00 . 2008-04-14 00:11 24064 f:\windows\system32\dllcache\agentanm.dll
    + 2009-08-18 13:07 . 2004-06-01 07:27 40960 f:\windows\system32\CNDNDlg.exe
    + 2009-08-18 13:07 . 2004-06-02 22:26 94208 f:\windows\system32\CNDCK175.dll
    - 2008-10-21 18:29 . 2008-10-21 18:29 43520 f:\windows\system32\CmdLineExt03.dll
    + 2008-10-21 18:29 . 2009-04-28 21:02 43520 f:\windows\system32\CmdLineExt03.dll
    + 2008-05-25 14:39 . 2008-05-25 14:39 13824 f:\windows\system32\C2MP\StatsReader.exe
    + 2002-12-12 00:14 . 2002-12-12 00:14 13312 f:\windows\system32\C2MP\msdmo.dll
    + 2002-06-12 16:52 . 2002-06-12 16:52 23040 f:\windows\system32\C2MP\MiniCalc.exe
    + 2009-05-01 21:02 . 2009-05-01 21:02 69632 f:\windows\system32\C2MP\DivXConfig.exe
    + 2009-07-17 18:35 . 2001-12-21 20:45 42496 f:\windows\system32\bcmrmv.exe
    + 2007-02-01 23:19 . 2007-02-01 23:19 28088 f:\windows\system32\bass_wv.dll
    + 2007-02-01 23:19 . 2007-02-01 23:19 18888 f:\windows\system32\bass_mpc.dll
    + 2007-02-01 23:19 . 2007-02-01 23:19 23616 f:\windows\system32\bass_flac.dll
    + 2007-02-01 23:19 . 2007-02-01 23:19 33240 f:\windows\system32\bass_ape.dll
    + 2007-02-01 23:19 . 2007-02-01 23:19 12784 f:\windows\system32\bass_alac.dll
    + 2007-02-01 23:19 . 2007-02-01 23:19 92728 f:\windows\system32\bass.dll
    + 2009-11-14 18:11 . 2009-11-14 18:11 93184 f:\windows\system32\avss.dll
    + 2009-11-14 18:11 . 2009-11-14 18:11 97792 f:\windows\system32\avs.dll
    - 2009-04-26 23:45 . 2009-02-05 20:04 97480 f:\windows\system32\AvastSS.scr
    + 2009-04-26 23:45 . 2009-11-24 23:47 97480 f:\windows\system32\AvastSS.scr
    + 2008-10-07 13:13 . 2008-10-07 13:13 58648 f:\windows\system32\AgCPanelTraditionalChinese.dll
    + 2008-10-07 13:13 . 2008-10-07 13:13 58648 f:\windows\system32\AgCPanelSwedish.dll
    + 2008-10-07 13:13 . 2008-10-07 13:13 58648 f:\windows\system32\AgCPanelSpanish.dll
    + 2008-10-07 13:13 . 2008-10-07 13:13 58648 f:\windows\system32\AgCPanelSimplifiedChinese.dll
    + 2008-10-07 13:13 . 2008-10-07 13:13 58648 f:\windows\system32\AgCPanelPortugese.dll
    + 2008-10-07 13:13 . 2008-10-07 13:13 58648 f:\windows\system32\AgCPanelKorean.dll
    + 2008-10-07 13:13 . 2008-10-07 13:13 58648 f:\windows\system32\AgCPanelJapanese.dll
    + 2008-10-07 13:13 . 2008-10-07 13:13 58648 f:\windows\system32\AgCPanelGerman.dll
    + 2008-10-07 13:13 . 2008-10-07 13:13 58648 f:\windows\system32\AgCPanelFrench.dll
    + 2009-08-11 20:21 . 2009-08-11 20:21 87552 f:\windows\system32\ac3config.exe
    + 2007-09-04 23:26 . 2007-09-04 23:26 29696 f:\windows\nvoclock.sys
    + 2008-02-22 22:37 . 2008-02-22 22:37 51712 f:\windows\Installer\51c63f6.msi
    + 2008-02-22 22:33 . 2008-02-22 22:33 51712 f:\windows\Installer\51c63f2.msi
    + 2008-07-30 01:07 . 2008-07-30 01:07 23040 f:\windows\Installer\411f213.msp
    + 2009-04-17 02:06 . 2009-04-17 02:06 88576 f:\windows\Installer\40f3185.msi
    + 2008-07-29 21:27 . 2008-07-29 21:27 93184 f:\windows\Installer\26c60a6.msi
    + 2010-04-02 23:07 . 2010-04-02 23:07 10134 f:\windows\Installer\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}\ARPPRODUCTICON.exe
    + 2009-08-15 16:26 . 2003-12-14 18:10 40208 f:\windows\dsetup.dll
    + 2007-09-04 23:25 . 2007-09-04 23:25 65536 f:\windows\AutoTuneScript.dll
    + 2009-08-22 03:08 . 2009-08-22 03:08 12800 f:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
    - 2007-12-22 21:55 . 2007-12-22 21:55 12800 f:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
    - 2007-12-22 21:55 . 2007-12-22 21:55 53248 f:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
    + 2009-08-22 03:08 . 2009-08-22 03:08 53248 f:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
    + 2010-02-09 02:20 . 2010-02-09 02:20 11264 f:\windows\assembly\GAC_MSIL\cli_basetypes\1.0.14.0__ce2cb7e279207b9e\cli_basetypes.dll
    + 2010-02-09 02:21 . 2010-02-09 02:21 64000 f:\windows\assembly\GAC_32\cli_cppuhelper\1.0.17.0__ce2cb7e279207b9e\cli_cppuhelper.dll
    + 2009-10-27 15:52 . 2008-03-21 10:08 7680 f:\windows\system32\drivers\dmouc2.sys
    + 2009-10-27 15:51 . 2008-03-21 10:08 7680 f:\windows\system32\drivers\dmouc1.sys
    + 2007-06-14 18:57 . 2008-04-14 00:12 5632 f:\windows\system32\dllcache\wmm2res2.dll
    + 2007-06-14 18:57 . 2008-04-14 00:12 7680 f:\windows\system32\dllcache\wmm2ext.dll
    + 2007-06-14 18:57 . 2008-04-14 00:12 4096 f:\windows\system32\dllcache\wmm2eres.dll
    + 2004-08-04 12:00 . 2008-04-14 00:12 9216 f:\windows\system32\dllcache\scrnsave.scr
    + 2007-06-14 18:56 . 2008-04-14 00:11 4096 f:\windows\system32\dllcache\msdaurl.dll
    + 2007-06-14 18:56 . 2008-04-14 00:11 4096 f:\windows\system32\dllcache\msdasc.dll
    + 2007-06-14 18:56 . 2008-04-14 00:11 4096 f:\windows\system32\dllcache\msdaer.dll
    + 2007-06-14 18:56 . 2008-04-14 00:11 4096 f:\windows\system32\dllcache\msdaenum.dll
    + 2007-06-14 18:56 . 2008-04-14 00:11 4096 f:\windows\system32\dllcache\msdadc.dll
    + 2007-06-14 18:55 . 2008-04-14 00:12 6144 f:\windows\system32\dllcache\comrereg.exe
    + 2007-06-14 18:55 . 2008-04-14 00:12 9728 f:\windows\system32\dllcache\comrepl.exe
    + 2008-02-11 18:21 . 2009-08-05 19:34 4456 f:\windows\system32\d3d9caps.dat
    + 2003-12-26 19:26 . 2003-12-26 19:26 9216 f:\windows\system32\C2MP\OGMCalc.exe
    + 2004-03-04 20:00 . 2004-03-04 20:00 6144 f:\windows\system32\C2MP\AviC.exe
    + 2007-02-01 23:19 . 2007-02-01 23:19 8664 f:\windows\system32\bass_tta.dll
    + 2010-02-09 02:20 . 2010-02-09 02:20 3072 f:\windows\assembly\GAC_MSIL\policy.1.0.cli_uretypes\3.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_uretypes.dll
    + 2010-02-09 02:20 . 2010-02-09 02:20 3072 f:\windows\assembly\GAC_MSIL\policy.1.0.cli_ure\17.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_ure.dll
    + 2010-02-09 02:21 . 2010-02-09 02:21 3072 f:\windows\assembly\GAC_MSIL\policy.1.0.cli_oootypes\3.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_oootypes.dll
    + 2010-02-09 02:20 . 2010-02-09 02:20 3072 f:\windows\assembly\GAC_MSIL\policy.1.0.cli_basetypes\14.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_basetypes.dll
    + 2010-02-09 02:20 . 2010-02-09 02:20 7680 f:\windows\assembly\GAC_MSIL\cli_ure\1.0.17.0__ce2cb7e279207b9e\cli_ure.dll
    + 2010-02-09 02:21 . 2010-02-09 02:21 3072 f:\windows\assembly\GAC_32\policy.1.0.cli_cppuhelper\17.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_cppuhelper.dll
    + 2009-07-12 05:12 . 2009-07-12 05:12 632656 f:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
    + 2009-07-12 05:09 . 2009-07-12 05:09 554832 f:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
    + 2009-07-12 05:08 . 2009-07-12 05:08 479232 f:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
    + 2009-08-18 13:07 . 2004-05-27 04:47 266240 f:\windows\twain_32\EOS20D_W\rcPropSt.dll
    + 2009-08-18 13:07 . 2004-05-27 05:41 569407 f:\windows\twain_32\EOS20D_W\rcParse.dll
    + 2009-08-18 13:07 . 2004-05-25 03:09 151552 f:\windows\twain_32\EOS20D_W\rcDvlp.dll
    + 2009-08-18 13:07 . 2004-05-27 23:21 356352 f:\windows\twain_32\EOS20D_W\rcDcd.dll
    + 2009-08-18 13:07 . 2003-12-12 00:28 598016 f:\windows\twain_32\EOS20D_W\RcCamDat.dll
    + 2009-08-18 13:07 . 2002-05-22 06:46 122880 f:\windows\twain_32\EOS20D_W\cmSelDlg.dll
    + 2008-12-03 22:11 . 2008-12-03 22:11 180224 f:\windows\system32\xvidvfw.dll
    + 2010-01-12 20:18 . 2010-01-12 20:18 882688 f:\windows\system32\xvidcore.dll
    + 2009-06-16 23:55 . 2009-03-16 18:18 517448 f:\windows\system32\XAudio2_4.dll
    + 2009-06-16 23:55 . 2008-10-27 14:04 514384 f:\windows\system32\XAudio2_3.dll
    + 2009-06-16 23:55 . 2008-07-30 10:20 509448 f:\windows\system32\XAudio2_2.dll
    + 2009-06-16 23:55 . 2008-05-30 18:19 507400 f:\windows\system32\XAudio2_1.dll
    + 2009-06-16 23:55 . 2008-03-05 20:03 479752 f:\windows\system32\XAudio2_0.dll
    + 2009-06-16 23:55 . 2009-03-16 18:18 235352 f:\windows\system32\xactengine3_4.dll
    + 2009-06-16 23:55 . 2008-10-27 14:04 235856 f:\windows\system32\xactengine3_3.dll
    + 2009-06-16 23:55 . 2008-07-30 10:20 238088 f:\windows\system32\xactengine3_2.dll
    + 2009-06-16 23:55 . 2008-05-30 18:18 238088 f:\windows\system32\xactengine3_1.dll
    + 2009-06-16 23:55 . 2008-03-05 20:03 238088 f:\windows\system32\xactengine3_0.dll
    + 2009-06-16 23:55 . 2007-10-22 07:39 267272 f:\windows\system32\xactengine2_10.dll
    + 2007-03-26 05:00 . 2009-12-01 19:14 100848 f:\windows\system32\vxblock.dll
    + 2008-08-26 22:11 . 2008-08-26 22:11 987136 f:\windows\system32\VSFilter.dll
    + 2009-11-14 18:37 . 2009-11-14 18:37 154112 f:\windows\system32\ts.dll
    + 2010-01-01 00:00 . 2010-01-01 00:00 324096 f:\windows\system32\TomsMoComp_ff.dll
    + 2009-05-01 21:02 . 2009-05-01 21:02 200704 f:\windows\system32\ssldivx.dll
    - 2008-11-06 16:35 . 2008-11-06 16:35 200704 f:\windows\system32\ssldivx.dll
    + 2009-07-17 18:26 . 2007-06-28 16:43 155716 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvsvc32.exe
    + 2009-07-17 18:26 . 2007-06-28 16:43 286720 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvnt4cpl.dll
    + 2009-07-17 18:26 . 2007-06-28 16:43 458752 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvmccssr.dll
    + 2009-07-17 18:26 . 2007-06-28 16:43 188416 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvmccss.dll
    + 2009-07-17 18:26 . 2007-06-28 16:43 229376 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvmccs.dll
    + 2009-07-17 18:26 . 2007-06-28 16:43 360448 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvapi.dll
    + 2007-07-05 21:55 . 2009-12-01 19:14 440816 f:\windows\system32\PxWave.dll
    + 2007-07-05 21:55 . 2009-12-01 19:14 219632 f:\windows\system32\PxMas.dll
    + 2008-02-13 21:16 . 2009-12-01 19:14 125424 f:\windows\system32\pxinsi64.exe
    + 2007-06-07 05:02 . 2009-12-01 19:14 559600 f:\windows\system32\pxdrv.dll
    + 2008-06-03 23:12 . 2009-12-01 19:14 133616 f:\windows\system32\pxafs.dll
    + 2007-07-05 21:55 . 2009-12-01 19:14 678384 f:\windows\system32\Px.dll
    + 2008-10-07 13:13 . 2008-10-07 13:13 197912 f:\windows\system32\physxcudart_20.dll
    + 2009-04-07 14:50 . 2009-04-07 14:50 288024 f:\windows\system32\PhysXCplUI.exe
    + 2009-04-07 14:50 . 2009-04-07 14:50 288024 f:\windows\system32\PhysXCompatCplUI.exe
    - 2004-08-04 12:00 . 2009-04-24 03:39 462476 f:\windows\system32\perfh009.dat
    + 2004-08-04 12:00 . 2010-03-17 05:27 462476 f:\windows\system32\perfh009.dat
    + 2004-04-20 22:00 . 2004-04-20 22:00 172032 f:\windows\system32\OptimFROG.dll
    + 2009-11-14 18:11 . 2009-11-14 18:11 123392 f:\windows\system32\ogm.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 167936 f:\windows\system32\nvwrszht.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 163840 f:\windows\system32\nvwrszhc.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 303104 f:\windows\system32\nvwrstr.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 294912 f:\windows\system32\nvwrssv.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 303104 f:\windows\system32\nvwrssl.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 299008 f:\windows\system32\nvwrssk.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 315392 f:\windows\system32\nvwrsru.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 319488 f:\windows\system32\nvwrsptb.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 323584 f:\windows\system32\nvwrspt.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 294912 f:\windows\system32\nvwrspl.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 299008 f:\windows\system32\nvwrsno.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 319488 f:\windows\system32\nvwrsnl.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 196608 f:\windows\system32\nvwrsko.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 212992 f:\windows\system32\nvwrsja.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 323584 f:\windows\system32\nvwrsit.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 315392 f:\windows\system32\nvwrshu.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 278528 f:\windows\system32\nvwrshe.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 327680 f:\windows\system32\nvwrsfr.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 303104 f:\windows\system32\nvwrsfi.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 327680 f:\windows\system32\nvwrsesm.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 335872 f:\windows\system32\nvwrses.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 286720 f:\windows\system32\nvwrseng.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 335872 f:\windows\system32\nvwrsel.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 311296 f:\windows\system32\nvwrsde.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 294912 f:\windows\system32\nvwrsda.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 286720 f:\windows\system32\nvwrscs.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 282624 f:\windows\system32\nvwrsar.dll
    + 2007-12-09 04:16 . 2009-06-21 12:46 485920 f:\windows\system32\NVUNINST.EXE
    + 2008-08-18 13:30 . 2009-06-10 10:03 457248 f:\windows\system32\nvudisp.exe
    + 2009-06-10 12:28 . 2009-06-10 12:28 168004 f:\windows\system32\nvsvc32.exe
    + 2009-06-10 12:29 . 2009-06-10 12:29 466944 f:\windows\system32\nvshell.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 126976 f:\windows\system32\nvrszht.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 225280 f:\windows\system32\nvrszhc.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 258048 f:\windows\system32\nvrstr.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 253952 f:\windows\system32\nvrssv.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 258048 f:\windows\system32\nvrssl.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 258048 f:\windows\system32\nvrssk.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 270336 f:\windows\system32\nvrsru.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 266240 f:\windows\system32\nvrsptb.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 274432 f:\windows\system32\nvrspt.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 253952 f:\windows\system32\nvrspl.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 253952 f:\windows\system32\nvrsno.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 274432 f:\windows\system32\nvrsnl.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 262144 f:\windows\system32\nvrsko.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 266240 f:\windows\system32\nvrsja.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 278528 f:\windows\system32\nvrsit.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 258048 f:\windows\system32\nvrshu.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 327680 f:\windows\system32\nvrshe.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 282624 f:\windows\system32\nvrsfr.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 249856 f:\windows\system32\nvrsfi.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 274432 f:\windows\system32\nvrsesm.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 282624 f:\windows\system32\nvrses.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 245760 f:\windows\system32\nvrseng.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 282624 f:\windows\system32\nvrsel.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 278528 f:\windows\system32\nvrsde.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 253952 f:\windows\system32\nvrsda.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 249856 f:\windows\system32\nvrscs.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 327680 f:\windows\system32\nvrsar.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 286720 f:\windows\system32\nvnt4cpl.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 458752 f:\windows\system32\nvmccssr.dll
    + 2009-06-10 12:29 . 2009-06-10 12:29 188416 f:\windows\system32\nvmccss.dll
    + 2009-06-10 12:28 . 2009-06-10 12:28 229376 f:\windows\system32\nvmccs.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 307200 f:\windows\system32\nvexpbar.dll
    + 2009-06-10 10:03 . 2009-06-10 10:03 671744 f:\windows\system32\nvcuvid.dll
    - 2008-09-18 03:55 . 2008-09-18 03:55 143360 f:\windows\system32\nvcolor.exe
    + 2009-06-10 12:28 . 2009-06-10 12:28 143360 f:\windows\system32\nvcolor.exe
    + 2007-06-28 16:43 . 2009-06-10 10:03 151552 f:\windows\system32\nvcodins.dll
    + 2007-06-28 16:43 . 2009-06-10 10:03 151552 f:\windows\system32\nvcod.dll
    - 2004-10-18 08:15 . 2008-09-18 03:55 449056 f:\windows\system32\nvappbar.exe
    + 2009-06-10 12:29 . 2009-06-10 12:29 449056 f:\windows\system32\nvappbar.exe
    + 2008-09-18 03:55 . 2009-06-10 10:03 815104 f:\windows\system32\nvapi.dll
    + 2009-11-14 18:11 . 2009-11-14 18:11 141824 f:\windows\system32\mp4.dll
    + 2009-01-10 22:15 . 2009-01-10 22:15 159744 f:\windows\system32\mmfinfo.dll
    + 2009-11-14 18:11 . 2009-11-14 18:11 150016 f:\windows\system32\mkx.dll
    + 2009-11-14 18:11 . 2009-11-14 18:11 136704 f:\windows\system32\mkv2vfr.exe
    + 2010-01-27 00:58 . 2010-01-27 00:58 256280 f:\windows\system32\Macromed\Flash\FlashUtil10e.exe
    + 2010-01-12 20:18 . 2010-01-12 20:18 556491 f:\windows\system32\libmplayer.dll
    + 2010-01-12 20:18 . 2010-01-12 20:18 145408 f:\windows\system32\libmpeg2_ff.dll
    - 2004-10-18 08:15 . 2008-09-18 03:55 436768 f:\windows\system32\keystone.exe
    + 2009-06-10 12:29 . 2009-06-10 12:29 436768 f:\windows\system32\keystone.exe
    + 2010-03-30 22:31 . 2010-03-09 08:28 153376 f:\windows\system32\javaws.exe
    + 2010-03-30 22:31 . 2010-03-09 08:28 145184 f:\windows\system32\javaw.exe
    + 2010-03-30 22:31 . 2010-03-09 08:28 145184 f:\windows\system32\java.exe
    + 2007-07-05 01:33 . 2007-07-05 01:33 892928 f:\windows\system32\iconv.dll
    + 2009-11-14 18:33 . 2009-11-14 18:33 357888 f:\windows\system32\gdsmux.exe
    + 2007-06-14 14:47 . 2010-04-06 15:35 126912 f:\windows\system32\FNTCACHE.DAT
    + 2010-01-12 20:18 . 2010-01-12 20:18 877385 f:\windows\system32\ff_x264.dll
    + 2010-01-12 20:18 . 2010-01-12 20:18 100864 f:\windows\system32\ff_wmv9.dll
    + 2010-01-12 20:18 . 2010-01-12 20:18 116736 f:\windows\system32\ff_tremor.dll
    + 2010-01-12 20:18 . 2010-01-12 20:18 169984 f:\windows\system32\ff_samplerate.dll
    + 2010-01-12 20:18 . 2010-01-12 20:18 151552 f:\windows\system32\ff_libmad.dll
    + 2010-01-12 20:18 . 2010-01-12 20:18 336384 f:\windows\system32\ff_libfaad2.dll
    + 2010-01-12 20:18 . 2010-01-12 20:18 216576 f:\windows\system32\ff_libdts.dll
    + 2010-01-12 20:18 . 2010-01-12 20:18 121856 f:\windows\system32\ff_liba52.dll
    + 2010-01-01 00:00 . 2010-01-01 00:00 248320 f:\windows\system32\ff_kernelDeint.dll
    + 2009-11-14 18:33 . 2009-11-14 18:33 249856 f:\windows\system32\dxr.dll
    + 2008-08-05 21:59 . 2008-08-05 21:59 196608 f:\windows\system32\dtu100.dll
    + 2009-11-14 18:11 . 2009-11-14 18:11 113152 f:\windows\system32\dsmux.exe
    + 2009-08-18 13:07 . 2004-06-01 06:04 118867 f:\windows\system32\DSLLK175.dll
    + 2009-04-26 23:45 . 2009-11-24 23:50 114768 f:\windows\system32\drivers\aswSP.sys
    - 2009-04-26 23:45 . 2009-02-05 20:07 114768 f:\windows\system32\drivers\aswSP.sys
    - 2008-12-09 02:28 . 2008-12-09 02:28 344064 f:\windows\system32\dpus11.dll
    + 2008-08-05 21:59 . 2008-08-05 21:59 344064 f:\windows\system32\dpus11.dll
    - 2008-12-09 02:28 . 2008-12-09 02:28 593920 f:\windows\system32\dpuGUI11.dll
    + 2008-08-05 21:59 . 2008-08-05 21:59 593920 f:\windows\system32\dpuGUI11.dll
    + 2008-08-05 21:59 . 2008-08-05 21:59 294912 f:\windows\system32\dpu11.dll
    - 2008-12-09 02:28 . 2008-12-09 02:28 294912 f:\windows\system32\dpu11.dll
    + 2007-06-14 14:50 . 2008-04-14 00:12 146432 f:\windows\system32\dllcache\winspool.drv
    + 2007-06-14 18:55 . 2008-04-14 00:12 197120 f:\windows\system32\dllcache\wbemupgd.dll
    + 2007-06-14 18:55 . 2008-04-14 00:12 116224 f:\windows\system32\dllcache\wbemtest.exe
    + 2007-06-14 18:56 . 2008-04-13 16:21 249856 f:\windows\system32\dllcache\wab32res.dll
    + 2007-06-14 18:56 . 2008-04-14 00:12 510976 f:\windows\system32\dllcache\wab32.dll
    + 2007-06-14 18:57 . 2008-04-14 00:12 150528 f:\windows\system32\dllcache\uploadm.exe
    + 2004-08-04 12:00 . 2008-04-14 00:12 130048 f:\windows\system32\dllcache\tsoc.dll
    + 2007-12-04 00:48 . 2008-04-14 00:12 173568 f:\windows\system32\dllcache\sysmoda.dll
    + 2004-08-04 12:00 . 2008-04-14 00:12 193024 f:\windows\system32\dllcache\sysmod.dll
    + 2004-08-04 12:00 . 2008-04-14 00:12 679936 f:\windows\system32\dllcache\sstext3d.scr
    + 2004-08-04 12:00 . 2008-04-14 00:12 610304 f:\windows\system32\dllcache\sspipes.scr
    + 2004-08-04 12:00 . 2008-04-14 00:12 393216 f:\windows\system32\dllcache\ssflwbox.scr
    + 2004-08-04 12:00 . 2008-04-14 00:12 704512 f:\windows\system32\dllcache\ss3dfo.scr
    + 2004-08-04 12:00 . 2008-04-14 00:12 110592 f:\windows\system32\dllcache\sqlse20.dll
    + 2004-08-04 12:00 . 2008-04-14 00:12 462848 f:\windows\system32\dllcache\sqlqp20.dll
    + 2004-08-04 12:00 . 2008-04-14 00:12 151552 f:\windows\system32\dllcache\sqldb20.dll
    + 2008-09-07 03:13 . 2008-04-13 18:40 576512 f:\windows\system32\dllcache\sprc0424.dll
    + 2008-09-07 03:13 . 2008-04-13 18:40 577536 f:\windows\system32\dllcache\sprc041b.dll
    + 2004-08-04 12:00 . 2008-04-13 18:38 732160 f:\windows\system32\dllcache\sprb0424.dll
    + 2004-08-04 12:00 . 2008-04-13 18:38 757248 f:\windows\system32\dllcache\sprb041b.dll
    + 2004-08-04 12:00 . 2008-04-13 18:35 192512 f:\windows\system32\dllcache\spra0424.dll
    + 2004-08-04 12:00 . 2008-04-13 18:35 192512 f:\windows\system32\dllcache\spra041b.dll
    + 2004-08-04 12:00 . 2008-04-14 00:12 101376 f:\windows\system32\dllcache\setupqry.dll
    + 2007-12-04 00:48 . 2008-04-14 00:12 199680 f:\windows\system32\dllcache\scripta.dll
    + 2004-08-04 12:00 . 2008-04-14 00:12 215552 f:\windows\system32\dllcache\script.dll
    + 2007-06-14 18:57 . 2008-04-14 00:12 102912 f:\windows\system32\dllcache\pchshell.dll
    + 2007-06-14 18:56 . 2008-04-14 00:12 172032 f:\windows\system32\dllcache\nmoldwb.dll
    + 2007-06-14 18:56 . 2008-04-14 00:12 151552 f:\windows\system32\dllcache\nmft.dll
    + 2007-06-14 18:56 . 2008-04-14 00:12 229376 f:\windows\system32\dllcache\nmas.dll
    + 2007-06-14 18:56 . 2008-04-14 00:12 221184 f:\windows\system32\dllcache\nac.dll
    + 2007-06-14 18:56 . 2008-04-14 00:12 274432 f:\windows\system32\dllcache\mst120.dll
    + 2007-06-14 18:57 . 2008-04-14 00:12 565248 f:\windows\system32\dllcache\msobmain.dll
    + 2007-06-14 18:57 . 2008-04-14 00:12 122368 f:\windows\system32\dllcache\msobcomm.dll
    + 2007-12-04 00:48 . 2008-04-14 00:12 241152 f:\windows\system32\dllcache\migwiza.exe
    + 2004-08-04 12:00 . 2008-04-14 00:12 103936 f:\windows\system32\dllcache\migload.exe
    + 2005-04-28 17:16 . 2008-04-14 00:11 261120 f:\windows\system32\dllcache\migisma.dll
    + 2004-08-04 12:00 . 2008-04-14 00:11 274432 f:\windows\system32\dllcache\migism.dll
    + 2004-08-04 12:00 . 2008-04-14 00:12 220672 f:\windows\system32\dllcache\logon.scr
    + 2004-08-04 12:00 . 2008-04-14 00:11 123392 f:\windows\system32\dllcache\imsinsnt.dll
    + 2004-08-04 12:00 . 2008-04-14 00:11 505344 f:\windows\system32\dllcache\iis.dll
    + 2007-12-04 00:48 . 2008-04-14 00:11 115200 f:\windows\system32\dllcache\guitrna.dll
    + 2004-08-04 12:00 . 2008-04-14 00:11 133120 f:\windows\system32\dllcache\guitrn.dll
    + 2007-06-14 18:59 . 2008-04-14 00:11 618605 f:\windows\system32\dllcache\fp4autl.dll
    + 2004-08-04 12:00 . 2008-04-14 00:11 274944 f:\windows\system32\dllcache\comsetup.dll
    + 2007-06-14 18:56 . 2008-04-14 00:11 385024 f:\windows\system32\dllcache\callcont.dll
    + 2004-08-04 12:00 . 2008-04-14 00:12 256512 f:\windows\system32\dllcache\agentsvr.exe
    + 2004-08-04 12:00 . 2008-04-14 00:11 116224 f:\windows\system32\dllcache\acxtrnal.dll
    + 2004-08-04 12:00 . 2008-04-14 00:11 245248 f:\windows\system32\dllcache\acspecfc.dll
    + 2004-08-04 12:00 . 2008-04-14 00:11 141312 f:\windows\system32\dllcache\aclua.dll
    + 2009-06-16 23:55 . 2009-03-09 19:27 453456 f:\windows\system32\d3dx10_41.dll
    + 2009-06-16 23:55 . 2008-10-10 08:52 452440 f:\windows\system32\d3dx10_40.dll
    + 2009-06-16 23:55 . 2008-07-10 15:01 467984 f:\windows\system32\d3dx10_39.dll
    + 2009-06-16 23:55 . 2008-05-30 18:11 467984 f:\windows\system32\d3dx10_38.dll
    + 2009-08-18 13:07 . 2004-06-02 22:27 163840 f:\windows\system32\CNDUK175.dll
    + 2010-01-14 20:39 . 2010-01-14 20:39 241338 f:\windows\system32\C2MP\Uninst.exe
    + 2010-01-14 20:39 . 2010-01-14 20:39 237995 f:\windows\system32\C2MP\Un_Parts.exe
    + 2010-01-14 20:39 . 2010-01-14 20:39 234691 f:\windows\system32\C2MP\Set_Defaults.exe
    + 2007-02-19 15:28 . 2007-02-19 15:28 117974 f:\windows\system32\C2MP\GSpot27.dat
    + 2007-02-22 20:08 . 2007-02-22 20:08 925696 f:\windows\system32\C2MP\GSpot.exe
    + 2007-02-01 23:19 . 2007-02-01 23:19 150520 f:\windows\system32\bass_aac.dll
    + 2009-11-14 18:11 . 2009-11-14 18:11 109568 f:\windows\system32\avi.dll
    + 2008-10-07 13:13 . 2008-10-07 13:13 116977 f:\windows\system32\AGEIA\AG1021\diag.bin
    + 2008-10-07 13:13 . 2008-10-07 13:13 214629 f:\windows\system32\AGEIA\AG1021\app.bin
    + 2008-10-07 13:13 . 2008-10-07 13:13 119473 f:\windows\system32\AGEIA\AG1011\diag.bin
    + 2008-10-07 13:13 . 2008-10-07 13:13 199885 f:\windows\system32\AGEIA\AG1011\app.bin
    + 2009-04-24 02:54 . 2004-08-04 12:00 366080 f:\windows\ServicePackFiles\i386\digreqex.msi
    + 2009-04-24 02:54 . 2004-08-04 12:00 863232 f:\windows\ServicePackFiles\i386\digopt.msi
    + 2009-08-15 16:26 . 2003-12-14 18:19 376832 f:\windows\Pool of Radiance remove.exe
    + 2007-03-12 16:01 . 2007-03-12 16:01 217088 f:\windows\NVGfxOgl.dll
    + 2007-09-04 23:26 . 2007-09-04 23:26 450560 f:\windows\ntuneoem.dll
    + 2009-04-17 02:08 . 2009-04-17 02:08 652800 f:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi
    + 2009-04-23 17:23 . 2009-04-23 17:23 598016 f:\windows\Installer\fc5ac.msi
    + 2007-12-04 01:31 . 2007-12-04 01:31 871424 f:\windows\Installer\f5802.msi
    + 2009-02-14 04:41 . 2009-02-14 04:41 588800 f:\windows\Installer\eac8852.msi
    + 2009-01-12 17:46 . 2009-01-12 17:46 331264 f:\windows\Installer\e81f7d8.msi
    + 2008-02-07 03:57 . 2008-02-07 03:57 451584 f:\windows\Installer\d5e9587.msi
    + 2008-11-04 18:21 . 2008-11-04 18:21 228352 f:\windows\Installer\ccdd53.msi
    + 2008-02-17 01:26 . 2008-02-17 01:26 366592 f:\windows\Installer\c5d375.msi
    + 2010-04-02 23:07 . 2010-04-02 23:07 982528 f:\windows\Installer\9dbefd1.msi
    + 2009-06-23 16:03 . 2009-06-23 16:03 532992 f:\windows\Installer\9614a51.msi
    + 2009-04-15 18:17 . 2009-04-15 18:17 301056 f:\windows\Installer\84f8a.msi
    + 2009-07-29 23:19 . 2009-07-29 23:19 360960 f:\windows\Installer\5d18b7f.msi
    + 2007-02-16 20:42 . 2007-02-16 20:42 223232 f:\windows\Installer\4cf4c.msp
    + 2009-01-04 23:10 . 2009-01-04 23:10 163840 f:\windows\Installer\4792859.msi
    + 2010-03-30 22:32 . 2010-03-30 22:32 180224 f:\windows\Installer\4774f9.msi
    + 2008-12-13 13:58 . 2008-12-13 13:58 754688 f:\windows\Installer\412e140.msp
    + 2009-04-17 02:09 . 2009-04-17 02:09 648192 f:\windows\Installer\412e114.msi
    + 2008-07-30 01:23 . 2008-07-30 01:23 250880 f:\windows\Installer\411f21c.msp
    + 2008-07-30 01:28 . 2008-07-30 01:28 278016 f:\windows\Installer\411f21a.msp
    + 2008-07-29 23:40 . 2008-07-29 23:40 291840 f:\windows\Installer\411f218.msp
    + 2009-04-17 02:08 . 2009-04-17 02:08 137728 f:\windows\Installer\411f212.msi
    + 2008-07-29 21:35 . 2008-07-29 21:35 553472 f:\windows\Installer\40f318a.msp
    + 2008-07-29 21:33 . 2008-07-29 21:33 506368 f:\windows\Installer\40f3188.msp
    + 2008-07-29 21:37 . 2008-07-29 21:37 911360 f:\windows\Installer\40f3187.msp
    + 2008-07-05 16:05 . 2008-07-05 16:05 385536 f:\windows\Installer\3c9a98c.msi
    + 2009-10-07 16:27 . 2009-10-07 16:27 421376 f:\windows\Installer\3b1ad40.msi
    + 2008-07-29 21:37 . 2008-07-29 21:37 911360 f:\windows\Installer\26c60ae.msp
    + 2008-07-29 21:33 . 2008-07-29 21:33 506368 f:\windows\Installer\26c60ad.msp
    + 2008-07-29 21:35 . 2008-07-29 21:35 553472 f:\windows\Installer\26c60ab.msp
    + 2007-06-14 19:04 . 2007-06-14 19:04 264704 f:\windows\Installer\23c99.msi
    + 2008-10-09 20:43 . 2008-10-09 20:43 133632 f:\windows\Installer\1ee29d55.msi
    + 2009-10-06 23:41 . 2009-10-06 23:41 512000 f:\windows\Installer\1c1e7f.msi
    + 2010-03-31 07:57 . 2010-03-31 07:57 169472 f:\windows\Installer\1be12b0.msi
    + 2003-05-14 13:35 . 2003-05-14 13:35 473600 f:\windows\Installer\1606d7f.msi
    + 2008-06-24 06:57 . 2008-06-24 06:57 406528 f:\windows\Installer\105b0c88.msi
    + 2009-01-06 21:40 . 2009-01-06 21:40 442368 f:\windows\Installer\1035172.msi
    + 2009-08-18 14:07 . 2010-01-11 00:38 295606 f:\windows\Installer\{AC76BA86-7AD7-1033-7B44-A81300000003}\SC_Reader.exe
    + 2007-01-23 15:39 . 2007-01-23 15:39 443904 f:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A3100000030\8.1.3\JP2KLib.dll
    + 2009-08-15 16:26 . 2003-12-14 18:19 195856 f:\windows\dsetup32.dll
    + 2009-04-03 14:26 . 2009-04-03 14:26 354608 f:\windows\Downloaded Program Files\sysreqlab_nvd.dll
    + 2009-05-14 23:03 . 2009-05-14 23:03 324984 f:\windows\Downloaded Program Files\CONFLICT.1\DLMControl.dll
    + 2009-07-17 18:35 . 1999-09-24 06:13 269312 f:\windows\bcmrmv.exe
    + 2009-08-22 03:08 . 2009-08-22 03:08 223232 f:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
    - 2007-12-22 21:55 . 2007-12-22 21:55 223232 f:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
    - 2007-12-22 21:55 . 2007-12-22 21:55 178176 f:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
    + 2009-08-22 03:08 . 2009-08-22 03:08 178176 f:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
    + 2009-08-22 03:08 . 2009-08-22 03:08 364544 f:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
    - 2007-12-22 21:55 . 2007-12-22 21:55 364544 f:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
    - 2007-12-22 21:55 . 2007-12-22 21:55 159232 f:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
    + 2009-08-22 03:08 . 2009-08-22 03:08 159232 f:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
    + 2009-08-22 03:08 . 2009-08-22 03:08 145920 f:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
    - 2007-12-22 21:55 . 2007-12-22 21:55 145920 f:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
    - 2007-12-22 21:55 . 2007-12-22 21:55 578560 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2009-08-13 20:36 . 2009-08-13 20:36 578560 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2009-08-22 03:08 . 2009-08-22 03:08 578560 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    - 2007-12-22 21:55 . 2007-12-22 21:55 578560 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    - 2007-12-22 21:55 . 2007-12-22 21:55 577536 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2009-08-22 03:08 . 2009-08-22 03:08 577536 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2009-08-22 03:08 . 2009-08-22 03:08 577536 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    - 2007-12-22 21:55 . 2007-12-22 21:55 577536 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    - 2007-12-22 21:55 . 2007-12-22 21:55 577024 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2009-08-22 03:08 . 2009-08-22 03:08 577024 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2009-08-22 03:08 . 2009-08-22 03:08 576000 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    - 2007-12-22 21:55 . 2007-12-22 21:55 576000 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2009-08-22 03:08 . 2009-08-22 03:08 567296 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    - 2007-12-22 21:55 . 2007-12-22 21:55 567296 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    - 2007-12-22 21:55 . 2007-12-22 21:55 563712 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2009-08-22 03:08 . 2009-08-22 03:08 563712 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2009-08-22 03:08 . 2009-08-22 03:08 473600 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
    - 2007-12-22 21:55 . 2007-12-22 21:55 473600 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
    + 2010-02-09 02:20 . 2010-02-09 02:20 114688 f:\windows\assembly\GAC_MSIL\cli_uretypes\1.0.3.0__ce2cb7e279207b9e\cli_uretypes.dll
    + 2010-02-09 02:21 . 2010-02-09 02:21 839680 f:\windows\assembly\GAC_MSIL\cli_oootypes\1.0.3.0__ce2cb7e279207b9e\cli_oootypes.dll
    + 2004-08-04 12:00 . 2004-08-04 12:00 1326080 f:\windows\system32\webfldrs.msi
    + 2008-11-06 16:37 . 2008-11-06 16:37 1585664 f:\windows\system32\VC80CRTRedist.msi
    + 2009-07-17 18:26 . 2007-06-28 16:43 2416640 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvwssr.dll
    + 2009-07-17 18:26 . 2007-06-28 16:43 2330624 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvwss.dll
    + 2009-07-17 18:26 . 2007-06-28 16:43 3600384 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvvitvsr.dll
    + 2009-07-17 18:26 . 2007-06-28 16:43 3518464 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvvitvs.dll
    + 2009-07-17 18:26 . 2007-06-28 16:43 1018772 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvucode.bin
    + 2009-07-17 18:26 . 2007-06-28 16:43 6729728 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvoglnt.dll
    + 2009-07-17 18:26 . 2007-06-28 16:43 2854912 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvmoblsr.dll
    + 2009-07-17 18:26 . 2007-06-28 16:43 1142784 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvmobls.dll
    + 2009-07-17 18:26 . 2007-06-28 16:43 3072000 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvgamesr.dll
    + 2009-07-17 18:26 . 2007-06-28 16:43 3321856 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvgames.dll
    + 2009-07-17 18:26 . 2007-06-28 16:43 5455872 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvdispsr.dll
    + 2009-07-17 18:26 . 2007-06-28 16:43 6234112 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvdisps.dll
    + 2009-07-17 18:26 . 2007-06-28 16:43 8466432 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvcpl.dll
    + 2009-07-17 18:26 . 2007-06-28 16:43 6807328 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nv4_mini.sys
    + 2009-07-17 18:26 . 2007-06-28 16:43 5690624 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nv4_disp.dll
    + 2007-07-05 21:55 . 2009-12-01 19:14 2083312 f:\windows\system32\PxSFS.DLL
    - 2004-10-18 08:15 . 2008-09-18 03:55 1657376 f:\windows\system32\nwiz.exe
    + 2009-06-10 12:29 . 2009-06-10 12:29 1657376 f:\windows\system32\nwiz.exe
    + 2007-06-28 16:43 . 2007-06-28 16:43 2416640 f:\windows\system32\nvwssr.dll
    + 2009-06-10 12:29 . 2009-06-10 12:29 3117056 f:\windows\system32\nvwss.dll
    + 2009-06-10 12:29 . 2009-06-10 12:29 1101824 f:\windows\system32\nvwimg.dll
    + 2009-06-10 12:29 . 2009-06-10 12:29 1724416 f:\windows\system32\nvwdmcpl.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 3600384 f:\windows\system32\nvvitvsr.dll
    + 2009-06-10 12:29 . 2009-06-10 12:29 4038656 f:\windows\system32\nvvitvs.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 1018772 f:\windows\system32\nvucode.bin
    + 2007-06-28 16:43 . 2009-06-10 10:03 9998336 f:\windows\system32\nvoglnt.dll
    - 2008-09-18 03:55 . 2008-09-18 03:55 2854912 f:\windows\system32\nvmoblsr.dll
    + 2008-09-18 03:55 . 2007-06-28 16:43 2854912 f:\windows\system32\nvmoblsr.dll
    + 2009-06-10 12:29 . 2009-06-10 12:29 1282048 f:\windows\system32\nvmobls.dll
    + 2009-06-10 12:29 . 2009-06-10 12:29 1507328 f:\windows\system32\nview.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 3072000 f:\windows\system32\nvgamesr.dll
    + 2009-06-10 12:28 . 2009-06-10 12:28 3510272 f:\windows\system32\nvgames.dll
    + 2004-10-18 08:15 . 2007-06-28 16:43 1339392 f:\windows\system32\nvdspsch.exe
    + 2007-06-28 16:43 . 2007-06-28 16:43 5455872 f:\windows\system32\nvdispsr.dll
    + 2009-06-10 12:28 . 2009-06-10 12:28 4022272 f:\windows\system32\nvdisps.dll
    + 2009-06-10 10:03 . 2009-06-10 10:03 1580550 f:\windows\system32\nvdata.bin
    + 2009-06-10 10:03 . 2009-06-10 10:03 1310720 f:\windows\system32\nvcuvenc.dll
    + 2009-06-10 10:03 . 2009-06-10 10:03 1720320 f:\windows\system32\nvcuda.dll
    + 2007-06-28 16:43 . 2007-06-28 16:43 1073152 f:\windows\system32\nvcpluir.dll
    + 2009-06-10 12:29 . 2009-06-10 12:29 1194528 f:\windows\system32\nvcplui.exe
    + 2004-10-18 08:15 . 2009-06-10 10:03 5908608 f:\windows\system32\nv4_disp.dll
    + 2009-05-01 21:02 . 2009-05-01 21:02 1044480 f:\windows\system32\libdivx.dll
    - 2008-11-06 16:35 . 2008-11-06 16:35 1044480 f:\windows\system32\libdivx.dll
    + 2010-01-12 20:18 . 2010-01-12 20:18 4507983 f:\windows\system32\libavcodec.dll
    + 2007-03-15 22:19 . 2009-02-06 16:35 1486208 f:\windows\system32\LegitCheckControl.DLL
    + 2010-01-12 20:18 . 2010-01-12 20:18 1409890 f:\windows\system32\ffmpegmt.dll
    + 2004-10-18 08:15 . 2009-06-10 10:03 8087712 f:\windows\system32\drivers\nv4_mini.sys
    + 2004-10-18 08:15 . 2009-06-10 10:03 8087712 f:\windows\system32\dllcache\nv4_mini.sys
    + 2007-06-14 18:56 . 2008-04-13 16:23 2479616 f:\windows\system32\dllcache\msoeres.dll
    + 2009-06-16 23:55 . 2009-03-09 19:27 4178264 f:\windows\system32\D3DX9_41.dll
    + 2009-06-16 23:55 . 2008-10-10 08:52 4379984 f:\windows\system32\D3DX9_40.dll
    + 2009-06-16 23:55 . 2008-07-10 15:00 3851784 f:\windows\system32\D3DX9_39.dll
    + 2009-06-16 23:55 . 2008-05-30 18:11 3850760 f:\windows\system32\D3DX9_38.dll
    + 2009-06-16 23:55 . 2009-03-09 19:27 1846632 f:\windows\system32\D3DCompiler_41.dll
    + 2009-06-16 23:55 . 2008-10-10 08:52 2036576 f:\windows\system32\D3DCompiler_40.dll
    + 2009-06-16 23:55 . 2008-07-10 15:00 1493528 f:\windows\system32\D3DCompiler_39.dll
    + 2009-06-16 23:55 . 2008-05-30 18:11 1491992 f:\windows\system32\D3DCompiler_38.dll
    + 2009-06-16 23:55 . 2008-03-05 19:56 1420824 f:\windows\system32\D3DCompiler_37.dll
    + 2009-06-16 23:55 . 2007-10-12 19:14 1374232 f:\windows\system32\D3DCompiler_36.dll
    + 2009-05-12 18:46 . 2009-05-12 18:46 1650992 f:\windows\system32\C2MP\npdivx32.dll
    + 2009-04-26 23:44 . 2009-11-24 23:54 1280480 f:\windows\system32\aswBoot.exe
    + 2009-04-24 02:53 . 2004-08-04 12:00 1326080 f:\windows\ServicePackFiles\i386\webfldrs.msi
    + 2009-04-24 02:54 . 2004-08-04 12:00 5080576 f:\windows\ServicePackFiles\i386\msnmsgs.msi
    + 2007-09-04 23:25 . 2007-09-04 23:25 1646592 f:\windows\NVBenchMarks.dll
    + 2007-05-25 17:08 . 2007-05-25 17:08 9609728 f:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp
    + 2008-06-24 04:53 . 2008-06-24 04:53 1533440 f:\windows\Installer\fea067f.msi
    + 2007-10-16 02:02 . 2008-03-13 19:32 1077248 f:\windows\Installer\f7b92.msi
    + 2009-10-15 00:51 . 2009-10-15 00:51 1711616 f:\windows\Installer\f542e17.msp
    + 2010-01-11 00:38 . 2010-01-11 00:38 9680384 f:\windows\Installer\a851e58.msp
    + 2009-04-14 02:42 . 2009-04-14 02:42 1549312 f:\windows\Installer\876e5.msi
    + 2010-02-09 02:22 . 2010-02-09 02:22 9811968 f:\windows\Installer\670e14.msi
    + 2010-02-09 02:19 . 2010-02-09 02:19 1757696 f:\windows\Installer\670e0e.msi
    + 2007-07-31 06:30 . 2007-07-31 06:30 4466176 f:\windows\Installer\54c9668.msi
    + 2009-08-22 02:51 . 2009-08-22 02:51 3683840 f:\windows\Installer\43bd4f31.msi
    + 2008-12-13 13:57 . 2008-12-13 13:57 8397824 f:\windows\Installer\412e125.msp
    + 2008-07-29 23:26 . 2008-07-29 23:26 1043456 f:\windows\Installer\411f21b.msp
    + 2008-07-30 00:37 . 2008-07-30 00:37 2679808 f:\windows\Installer\411f219.msp
    + 2008-07-30 01:15 . 2008-07-30 01:15 3697664 f:\windows\Installer\411f217.msp
    + 2008-07-29 23:34 . 2008-07-29 23:34 1448448 f:\windows\Installer\411f216.msp
    + 2008-07-30 00:22 . 2008-07-30 00:22 4137984 f:\windows\Installer\411f215.msp
    + 2008-07-29 23:18 . 2008-07-29 23:18 3376640 f:\windows\Installer\411f214.msp
    + 2008-07-29 21:45 . 2008-07-29 21:45 2543616 f:\windows\Installer\40f318e.msp
    + 2008-07-29 21:29 . 2008-07-29 21:29 2926080 f:\windows\Installer\40f318d.msp
    + 2008-07-29 21:41 . 2008-07-29 21:41 6487040 f:\windows\Installer\40f318c.msp
    + 2008-07-29 21:39 . 2008-07-29 21:39 3403264 f:\windows\Installer\40f318b.msp
    + 2008-07-29 21:43 . 2008-07-29 21:43 1013248 f:\windows\Installer\40f3189.msp
    + 2008-07-29 21:31 . 2008-07-29 21:31 6083072 f:\windows\Installer\40f3186.msp
    + 2009-08-18 14:06 . 2009-08-18 14:06 4192256 f:\windows\Installer\318ea2b3.msi
    + 2009-08-18 13:07 . 2009-08-18 13:07 1178624 f:\windows\Installer\315909f6.msi
    + 2008-12-16 18:02 . 2008-12-16 18:02 1805824 f:\windows\Installer\2b7234.msi
    + 2008-07-29 21:31 . 2008-07-29 21:31 6083072 f:\windows\Installer\26c60af.msp
    + 2008-07-29 21:43 . 2008-07-29 21:43 1013248 f:\windows\Installer\26c60ac.msp
    + 2008-07-29 21:39 . 2008-07-29 21:39 3403264 f:\windows\Installer\26c60aa.msp
    + 2008-07-29 21:41 . 2008-07-29 21:41 6487040 f:\windows\Installer\26c60a9.msp
    + 2008-07-29 21:29 . 2008-07-29 21:29 2926080 f:\windows\Installer\26c60a8.msp
    + 2008-07-29 21:45 . 2008-07-29 21:45 2543616 f:\windows\Installer\26c60a7.msp
    + 2009-08-13 20:35 . 2009-08-13 20:35 2524160 f:\windows\Installer\192ad4e8.msi
    + 2007-12-04 01:06 . 2007-12-04 01:06 1142784 f:\windows\Installer\17e1c3.msi
    + 2007-12-04 01:00 . 2007-12-04 01:00 3443712 f:\windows\Installer\140e1f.msi
    + 2009-09-09 23:32 . 2009-09-09 23:32 4733440 f:\windows\Installer\13bf1b0f.msp
    + 2009-07-17 18:26 . 2009-07-17 18:26 1500160 f:\windows\Installer\12da01.msi
    + 2010-02-09 02:22 . 2010-02-09 02:22 7424000 f:\windows\Installer\{E6B87DC4-2B3D-4483-ADFF-E483BF718991}\soffice.exe
    + 2007-07-31 06:29 . 2007-07-31 06:29 9834496 f:\windows\Downloaded Installations\{FE6F1783-A2E5-4CFA-8255-BA2C5299B0BB}\URGE.msi
    + 2007-09-26 23:36 . 2007-10-15 00:10 8581632 f:\windows\Downloaded Installations\{3E547985-AA94-4B1B-8ADD-21E060E5E31F}\Adobe Photoshop Album 3.2 SE.msi
    + 2007-10-20 01:08 . 2003-05-19 19:36 2250240 f:\windows\Cache\Adobe Reader 6.0\ENUBIG\Adobe Reader 6.0.msi
    - 2007-12-22 21:55 . 2007-12-22 21:55 2846720 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2009-08-22 03:08 . 2009-08-22 03:08 2846720 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    - 2007-12-22 21:55 . 2007-12-22 21:55 2676224 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2009-08-22 03:08 . 2009-08-22 03:08 2676224 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2009-06-10 12:28 . 2009-06-10 12:28 13758464 f:\windows\system32\nvcpl.dll
    + 2006-10-30 09:05 . 2006-10-30 09:05 11390464 f:\windows\Microsoft.NET\Framework\v3.0\WPF\wpf.msi
    + 2007-12-04 01:33 . 2007-12-04 01:33 19210240 f:\windows\Installer\f589a.msp
    + 2007-12-04 01:42 . 2007-12-04 01:42 15256576 f:\windows\Installer\4cf65.msp
    + 2008-12-13 14:21 . 2008-12-13 14:21 10473472 f:\windows\Installer\412e132.msp
    + 2009-07-17 18:16 . 2009-07-17 18:16 13896704 f:\windows\Installer\12d9f9.msi
    + 2008-10-15 04:42 . 2008-10-15 04:42 13219184 f:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A3100000030\8.1.3\AcroRd32.dll
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NVIDIA nTune"="f:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]
    "SUPERAntiSpyware"="f:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-04-06 2010864]
    "SpybotSD TeaTimer"="f:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
    "igndlm.exe"="f:\program files\Download Manager\dlm.exe" [2009-05-14 1103216]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avast!"="f:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
    "TkBellExe"="f:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-02-17 185896]
    "SunJavaUpdateSched"="f:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
    "SoundMan"="SOUNDMAN.EXE" [2005-08-17 90112]
    "RemoteControl"="f:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 32768]
    "nwiz"="nwiz.exe" [2009-06-10 1657376]
    "NvMediaCenter"="f:\windows\system32\NvMcTray.dll" [2009-06-10 86016]
    "NvCplDaemon"="f:\windows\system32\NvCpl.dll" [2009-06-10 13758464]
    "NeroFilterCheck"="f:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
    "IMJPMIG8.1"="f:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
    "DivXUpdate"="f:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-03-05 1135912]
    "amd_dc_opt"="f:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
    "Adobe Reader Speed Launcher"="f:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="f:\windows\system32\ctfmon.exe" [2008-04-14 15360]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "tscuninstall"="f:\windows\system32\tscupgrd.exe" [2004-08-04 44544]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2009-09-05 22:28 548352 ----a-w- f:\program files\SUPERAntiSpyware\SASWINLO.DLL

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "GoogleDesktopManager-121207-085209"=3 (0x3)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "f:\\Program Files\\eMule\\emule.exe"=
    "f:\\WINDOWS\\system32\\dpvsetup.exe"=
    "e:\\GAMES\\WOW\\World of Warcraft\\Launcher.exe"=
    "f:\\Program Files\\Sony\\Station\\LaunchPad\\LaunchPad.exe"=
    "e:\\GAMES\\WOW\\World of Warcraft\\BackgroundDownloader.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "e:\\GAMES\\WOW\\World of Warcraft\\WoW-2.4.3-to-3.0.2-enUS-Win-Final-downloader.exe"=
    "f:\\WINDOWS\\system32\\spoolsv.exe"=
    "e:\\GAMES\\WOW\\World of Warcraft\\WoW-3.1.2.9901-to-3.1.3.9947-enUS-downloader.exe"=
    "e:\\GAMES\\WOW\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe"=
    "e:\\GAMES\\WOW\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe"=
    "e:\\GAMES\\WOW\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe"=
    "e:\\GAMES\\WOW\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

    R1 aswSP;avast! Self Protection;f:\windows\system32\drivers\aswSP.sys [2009/04/26 19:45 114768]
    R1 SASDIFSV;SASDIFSV;f:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2006/10/10 13:53 12872]
    R1 SASKUTIL;SASKUTIL;f:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2007/02/27 12:39 66632]
    R2 aswFsBlk;aswFsBlk;f:\windows\system32\drivers\aswFsBlk.sys [2009/04/26 19:45 20560]
    R2 cpuz133;cpuz133;f:\windows\system32\drivers\cpuz133_x32.sys [2010/04/02 18:00 20968]
    R2 WMDrive;WMDrive;f:\windows\system32\drivers\WMDrive.sys [2009/02/14 0:30 37376]
    R3 dpK0Bx01;Fingerprint Reader Filter Driver;f:\windows\system32\drivers\dpK0Bx01.sys [2008/09/03 22:41 32640]
    R3 SASENUM;SASENUM;f:\program files\SUPERAntiSpyware\SASENUM.SYS [2006/02/16 17:51 12872]
    R3 UsbdpFP;Fingerprint Reader Class Driver;f:\windows\system32\drivers\UsbdpFP.sys [2008/09/03 22:41 34560]
    S0 sptd;sptd;f:\windows\system32\drivers\sptd.sys [2007/06/18 20:40 682232]
    S0 stwlfbus;stwlfbus;f:\windows\system32\DRIVERS\stwlfbus.sys --> f:\windows\system32\DRIVERS\stwlfbus.sys [?]
    S2 {09BB444F-B2E2-4009-BAF2-7B727681223E};BuddyVM;\??\f:\program files\VMLaunch\BuddyVM.sys --> f:\program files\VMLaunch\BuddyVM.sys [?]
    S3 dmouc0;dmouc0;f:\windows\system32\drivers\dmouc0.sys [2009/01/09 18:08 7680]
    S3 dmouc1;dmouc1;f:\windows\system32\drivers\dmouc1.sys [2009/10/27 11:51 7680]
    S3 dmouc2;dmouc2;f:\windows\system32\drivers\dmouc2.sys [2009/10/27 11:52 7680]
    S3 JmtFltr;n52te;f:\windows\system32\drivers\JmtFltr.sys [2009/10/22 14:25 48896]
    S3 st3wolf;st3wolf;f:\windows\system32\DRIVERS\st3wolf.sys --> f:\windows\system32\DRIVERS\st3wolf.sys [?]
    S3 Usblink;Usblink Driver;f:\windows\system32\drivers\ulink.sys [2008/07/22 15:20 40788]
    .
    Contents of the 'Scheduled Tasks' folder

    2010-04-05 f:\windows\Tasks\AppleSoftwareUpdate.job
    - f:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

    2010-04-09 f:\windows\Tasks\defrag.job
    - f:\windows\system32\defrag.exe [2004-08-04 00:12]

    2010-04-04 f:\windows\Tasks\File Helper.job
    - f:\program files\File Helper\1.1.0.10\FileHelper.exe [2010-01-28 23:25]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = about:blank
    uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
    IE: &Clean Traces - f:\program files\DAP\Privacy Package\dapcleanerie.htm
    IE: &Download with &DAP - f:\program files\DAP\dapextie.htm
    IE: Download &all with DAP - f:\program files\DAP\dapextie2.htm
    DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/mygarmin/m/GarminAxControl.CAB
    .
    - - - - ORPHANS REMOVED - - - -

    HKLM-Run-Jomantha - f:\program files\n52te\n52teHid.exe
    HKLM-Run-Google Desktop Search - f:\program files\Google\Google Desktop Search\GoogleDesktop.exe
    AddRemove-Artificial Girl 3 - e:\illusion\人工少女3\unjs3.exe
    AddRemove-Direct KiSS - c:\kiss\Direct KiSS\Uninst.isu
    AddRemove-KISSLD - g:\storage\Azureus Downloads\haruki\(同人ソフト) [RaijinKai(雷神会)] LoveKISS(ラブきす) いちごバージョン\ラブきすいちご\aya_b.kis\kissld.exe
    AddRemove-Yahoo! Messenger - f:\progra~1\Yahoo!\MESSEN~1\UNWISE.EXE
    AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - f:\program files\DivX\DivXCodecUninstall.exe



    **************************************************************************
    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files:

    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_USERS\S-1-5-21-1614895754-412668190-839522115-1004\Software\KISS-MA\K0Y0_0€0&W0Y0_0A0 *-*J0・a0・n0D0D0j0・-*]
    "InstallPath"="c:\\Program Files\\KISS-MA\\かすたむしすたぁ\\"
    "DskSht"=dword:00000001
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'winlogon.exe'(696)
    f:\program files\SUPERAntiSpyware\SASWINLO.DLL
    f:\windows\system32\Ati2evxx.dll
    f:\windows\IME\IMJP8_1\Dicts\IMJPCD.DIC
    .
    Completion time: 2010-04-10 00:41:59
    ComboFix-quarantined-files.txt 2010-04-10 04:41
    ComboFix2.txt 2009-04-27 15:03
    ComboFix3.txt 2009-04-23 17:10
    ComboFix4.txt 2009-04-20 21:17
    ComboFix5.txt 2010-04-10 04:32

    Pre-Run: 21,414,428,672 bytes free
    Post-Run: 21,569,781,760 bytes free

    WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(3)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(3)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /noexecute=optout

    Current=14 Default=14 Failed=13 LastKnownGood=15 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15
    - - End Of File - - B605D094B4737BAE7163CD499D1E7E14
     
  11. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,452
    First Name:
    Derek
    that fixed a lot including a missing system file that would have caused your problems

    next step

    Download RSIT (random's system information tool) from here to your desktop, then click on the RSIT.exe to start the scan.

    If necessary allow it to locate or download a copy of HijackThis as needed.

    Once the scan completes a textbox will open - copy/paste those contents here for review please. The log can also be found at C:\rsit\log.txt.

    RSIT will also create a second log, info.txt, which will be minimized to your taskbar. Post that here as well please (it will also be stored at C:\rsit\info.txt).

    You can use separate posts here when replying and posting the log files if needed.
     
  12. DrkSdBls

    DrkSdBls Thread Starter

    Joined:
    Jul 19, 2003
    Messages:
    161
    info.txt logfile of random's system information tool 1.06 2010-04-13 11:07:11

    ======Uninstall list======

    -->F:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe /CONVERTER
    -->F:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->MsiExec /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 F:\WINDOWS\INF\PCHealth.inf
    7-Zip 4.57-->"F:\Program Files\7-Zip\Uninstall.exe"
    Adobe Flash Player 10 ActiveX-->F:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->F:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 8.1.6-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
    Adobe Shockwave Player-->F:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE F:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
    Age Of Pirates - Caribbean Tales 1.41-->"F:\Program Files\Playlogic\Age of Pirates - Caribbean Tales\unins000.exe"
    Alligator Flash Designer 7 (7.0.7.3) Trial-->F:\PROGRA~1\Selteco\ALLIGA~1\Setup.exe /remove
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    ATI Display Driver-->rundll32 F:\WINDOWS\system32\atiiiexx.dll,[email protected] -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
    avast! Antivirus-->F:\Program Files\Alwil Software\Avast4\aswRunDll.exe "F:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    AVS DVD Player version 2.4-->"F:\Program Files\AVS4YOU\AVSDVDPlayer\unins000.exe"
    AVS4YOU Software Navigator 1.2-->"F:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
    BCM Diagnostics Pro-->F:\WINDOWS\uninst.exe -f"F:\Program Files\BCM Diagnostics Pro\DeIsL4.isu"
    Canon EOS 20D WIA Driver-->F:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{ED9775A0-383E-4EAA-8DA5-8CC6860D60A3}
    CCleaner (remove only)-->"F:\Program Files\CCleaner\uninst.exe"
    CEP - Color Enable Package-->"E:\GAMES\zCEP_Uninstaller\unins000.exe"
    CPUID CPU-Z 1.54-->"F:\Program Files\CPUID\CPU-Z\unins000.exe"
    DivX Converter-->F:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe /CONVERTER
    DivX Plus DirectShow Filters-->F:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe /DSFILTERS
    DivX Setup-->F:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
    Download Accelerator Plus (DAP)-->F:\PROGRA~1\DAP\DAPREMOVE.EXE
    Download Manager 2.3.6-->F:\Program Files\Download Manager\uninst.exe
    Dual-Core Optimizer-->MsiExec.exe /X{9FD6F1A8-5550-46AF-8509-271DF0E768B5}
    DVD Decrypter (Remove Only)-->"F:\Program Files\DVD Decrypter\uninstall.exe"
    eMule-->"F:\Program Files\eMule\Uninstall.exe"
    EVEREST Home Edition v2.20-->"F:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
    Google Desktop Plugin - Calendar-->MsiExec.exe /X{CE55B9C0-D0E6-42F5-8CCA-9A6B90359FAC}
    Google Desktop Plugin - oCalendar-->MsiExec.exe /X{31127C19-C589-4C1A-AEB3-7DB8091F303C}
    GUN-KATANA-->MsiExec.exe /I{E3DA97E8-F41F-448A-A186-9147C9CBD040}
    HentHighschool-->MsiExec.exe /I{CDB7CEA6-E010-482B-9A81-70A1DB242C8C}
    HijackThis 2.0.2-->"F:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hot CPU Tester Pro 4.4.1-->"F:\Program Files\Hot CPU Tester Pro 4 LE\unins000.exe"
    Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->F:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->F:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->F:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    Hotfix for Windows XP (KB952287)-->"F:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB961118)-->"F:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
    ILLUSION BotuPlay-->E:\Games\illusion\BotuPlay\LSUin000.exe "E:\Games\illusion\BotuPlay\LSUin000.lil"
    ILLUSION Sexyビーチ3~キャラクター追加DISC~-->MsiExec.exe /X{F5DCB11C-8F09-4C71-B952-B96DBB4E6584}
    ILLUSION アンリミテッドボツ-->MsiExec.exe /X{3880FBF3-6227-41AA-B53F-A8EA05216CC1}
    ILLUSION 勇者からは逃げられない!-->MsiExec.exe /X{A99C800B-C5F3-48B9-AE2F-A9BE1C553111}
    Inkscape 0.46-->F:\Program Files\Inkscape\Uninstall.exe
    INTERACT PLAY VR-->MsiExec.exe /X{D54C9627-5E92-11D5-BACB-0090CC01356A}
    InterActual Player-->F:\Program Files\InterActual\InterActual Player\inuninst.exe
    ISO Recorder-->MsiExec.exe /I{DFC6573E-124D-4026-BFA4-B433C9D3FF21}
    IsoBuster 2.4-->"F:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
    Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016F0}
    Java(TM) 6 Update 19-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
    KeyTweak - Keyboard Remapper (remove only)-->"F:\Program Files\KeyTweak\uninstall.exe"
    Malwarebytes' Anti-Malware-->"F:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Media Player Codec Pack 3.9.2-->F:\WINDOWS\system32\C2MP\Uninst.exe
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"F:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "F:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
    Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
    Microsoft .NET Framework 3.5 SP1-->F:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Internationalized Domain Names Mitigation APIs-->"F:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"F:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
    Nero OEM-->F:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
    NJStar Communicator-->F:\Program Files\NJStar Communicator\uninst.exe
    NVIDIA Drivers-->F:\WINDOWS\system32\nvuninst.exe UninstallGUI
    NVIDIA nTune-->F:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF} /l1041
    NVIDIA PhysX-->MsiExec.exe /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
    OpenOffice.org 3.1-->MsiExec.exe /I{E6B87DC4-2B3D-4483-ADFF-E483BF718991}
    Opera 9.63-->MsiExec.exe /X{2C0CD17D-0B06-4700-83FA-7344B868B0A2}
    Optical Mouse driver-->F:\Program Files\OpticalMouse\uinst.exe
    Pool of Radiance-->F:\WINDOWS\Pool of Radiance remove.exe remove
    PowerDVD-->RunDll32 F:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "F:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
    Q-Xpress Installer 1.1.9-->E:\GAMES\Q-Xpress Installer\uninst.exe
    RapeLay (remove only)-->"E:\GAMES\RapeLay\uninstall.exe"
    RealPlayer-->F:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    RGSS-RTP Standard-->MsiExec.exe /I{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}
    Rhapsody Player Engine-->MsiExec.exe /I{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}
    RON Too1 Addestination-->F:\WINDOWS\system32\acmkkataykap.exe
    Rosetta Stone 2.1.4.1A-->"E:\Rosetta Stone\RS2.1.4.1A_Support\Uninstall_Rosetta Stone 2.1.4.1A\Uninstall Rosetta Stone 2.1.4.1A.exe"
    RPG Maker 2000 1.05-->F:\WINDOWS\UnGins.exe "F:\Program Files\ASCII\RPG2000\install.log"
    RPG Maker VX RTP-->"F:\Program Files\Common Files\Enterbrain\RGSS2\RPGVX\unins000.exe"
    RPGXP-->MsiExec.exe /I{9B34CAC6-738F-4A20-B428-A115C3E3474C}
    RPGツクール2000 ランタイムパッケージ-->RunDll32 F:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "F:\Program Files\InstallShield Installation Information\{33F7A957-A66D-45A1-BADF-6576083B14E2}\setup.exe"
    RPGツクール2003 ランタイムパッケージ-->RunDll32 F:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "F:\Program Files\InstallShield Installation Information\{0044AEC7-8924-4FB1-B4F7-FD14A5FEA9E4}\setup.exe"
    RTP 1.32 Add-On for RM2k-->F:\WINDOWS\UnGins.exe "F:\Program Files\ASCII\RPG2000\RTP\install.log"
    RTP for RM2K (Png, Wav, Midi, Fonts)-->F:\WINDOWS\UnGins.exe "F:\Program Files\ASCII\RPG2000\RTP\install.log"
    SchoolMate-->MsiExec.exe /X{D1AB869E-1381-46CB-A782-FE7190E6DBC2}
    Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"F:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
    Security Update for Windows Internet Explorer 7 (KB963027)-->"F:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
    Security Update for Windows XP (KB923561)-->"F:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB923789)-->F:\WINDOWS\system32\MacroMed\Flash\genuinst.exe F:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    Security Update for Windows XP (KB938464-v2)-->"F:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB946648)-->"F:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB950762)-->"F:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB950974)-->"F:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951066)-->"F:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951376-v2)-->"F:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951748)-->"F:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB952004)-->"F:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB952954)-->"F:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB954459)-->"F:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB954600)-->"F:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB955069)-->"F:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956572)-->"F:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956802)-->"F:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956803)-->"F:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB957097)-->"F:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB958644)-->"F:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB958687)-->"F:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB958690)-->"F:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB959426)-->"F:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB960225)-->"F:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB960715)-->"F:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB960803)-->"F:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB961373)-->"F:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB963027)-->"F:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
    Spybot - Search & Destroy-->"F:\Program Files\Spybot - Search & Destroy\unins003.exe"
    Star Trek Legacy-->MsiExec.exe /I{287A4E96-AC57-4A19-9B51-C5EED2EAB382}
    SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
    Swiff Player 1.5-->"F:\Program Files\GlobFX\Swiff Player\unins000.exe"
    System Requirements Lab-->F:\Program Files\SystemRequirementsLab\Uninstall.exe
    The Sims 2 Family Fun Stuff-->E:\GAMES\The Sims 2 Family Fun Stuff\EAUninstall.exe
    The Sims 2 Glamour Life Stuff-->E:\GAMES\The Sims 2 Glamour Life Stuff\EAUninstall.exe
    The Sims 2 Nightlife-->E:\GAMES\The Sims 2 Nightlife\EAUninstall.exe
    The Sims 2 Open For Business-->E:\GAMES\The Sims 2 Open For Business\EAUninstall.exe
    The Sims 2 Pets-->E:\GAMES\The Sims 2 Pets\EAUninstall.exe
    The Sims 2 University-->E:\GAMES\The Sims 2 University\EAUninstall.exe
    The Sims 2-->E:\GAMES\The Sims 2\EAUninstall.exe
    Tweak UI-->"F:\WINDOWS\system32\mshta.exe" "res://F:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
    Update for Windows XP (KB951978)-->"F:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Update for Windows XP (KB955839)-->"F:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Update for Windows XP (KB967715)-->"F:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    URGE-->MsiExec.exe /I{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}
    USB Super Link-->F:\WINDOWS\ISUNINST.EXE -f"F:\Program Files\USB Super Link\Uninst.isu" -c"F:\WINDOWS\Setupdll.dll"
    VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
    Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
    Vodei Multimedia Processor 2.10-->F:\Program Files\Vodei\uninst.exe
    Wanko to Kurasou English v1.0-->"e:\ivory\WANKO\unins000.exe"
    Windows Driver Package - Belkin (HidUsb) HIDClass (01/11/2007 1.0)-->F:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst.exe /u F:\WINDOWS\system32\DRVSTORE\jmtflter_92E9C44249735A5E0CACA1DD6109994985059DF9\jmtflter.inf
    Windows Driver Package - MOTOROLA (uisp) USB (09/08/2006 1.2.0.0)-->F:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst.exe /u F:\WINDOWS\system32\DRVSTORE\usbicp_148F9D51ADD758FCD4B68B61FF903F813AA2083E\usbicp.inf
    Windows Internet Explorer 7-->"F:\WINDOWS\ie7\spuninst\spuninst.exe"
    Windows Media Format 11 runtime-->"F:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Player 11-->"F:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
    Windows XP Service Pack 3-->"F:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    WinMount V3.1.1219-->"F:\Program Files\WinMount3\unins000.exe"
    WinRAR archiver-->F:\Program Files\WinRAR\uninstall.exe
    WinZip 11.2-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B6}
    World of Warcraft-->F:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft (2)\Uninstall.exe
    X-Change 2-->F:\WINDOWS\unvise32.exe e:\Games\uninstal.log
    Xvid 1.1.3 final uninstall-->"F:\Program Files\Xvid\unins000.exe"
    ふたりでマーヴルしちゃいます!-->E:\MBSTruth\Marvl\Uninstall.exe
    痴漢電車男2 伝説へのライナー-->E:\Games\GuiltyPLUS\痴漢電車男2\UNINST.EXE
    涼宮ハル●の嗚咽-->F:\Program Files\セイバーフィッシュ\涼宮ハル●の嗚咽\_uninst.exe JHMBILHLIDGOIDILIBJMICMMJKGKIIPE

    =====HijackThis Backups=====

    O20 - AppInit_DLLs: F:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL f:\windows\system32\huheliva.dll,F:\WINDOWS\system32\nukijafu.dll [2008-12-16]
    O4 - HKLM\..\Run: [CPM035248fa] Rundll32.exe "f:\windows\system32\huheliva.dll",a [2008-12-16]
    O4 - HKUS\S-1-5-20\..\Run: [bofalihifo] Rundll32.exe "F:\WINDOWS\system32\zayapilo.dll",s (User 'NETWORK SERVICE') [2008-12-16]
    O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - f:\windows\system32\huheliva.dll [2008-12-16]
    O4 - HKUS\S-1-5-19\..\Run: [bofalihifo] Rundll32.exe "F:\WINDOWS\system32\zayapilo.dll",s (User 'LOCAL SERVICE') [2008-12-16]
    O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - f:\windows\system32\huheliva.dll [2008-12-16]
    O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - f:\windows\system32\huheliva.dll [2008-12-16]
    O20 - AppInit_DLLs: f:\windows\system32\huheliva.dll [2008-12-16]
    O4 - HKLM\..\Run: [CPM035248fa] Rundll32.exe "f:\windows\system32\huheliva.dll",a [2008-12-16]

    Hosts File Missing
    ======Security center information======

    AV: avast! antivirus 4.8.1368 [VPS 100411-0] (disabled)
    AV: Windows Live OneCare (disabled)
    FW: Windows Live OneCare Firewall (disabled)

    ======System event log======

    Computer Name: KAMI-706842B87D
    Event Code: 4
    Message: Driver detected an internal error in its data structures for .

    Record Number: 17262
    Source Name: sptd
    Time Written: 20091218003217.000000-300
    Event Type: error
    User:

    Computer Name: KAMI-706842B87D
    Event Code: 7026
    Message: The following boot-start or system-start driver(s) failed to load:
    sptd

    Record Number: 17255
    Source Name: Service Control Manager
    Time Written: 20091218003216.000000-300
    Event Type: error
    User:

    Computer Name: KAMI-706842B87D
    Event Code: 7024
    Message: The Windows Search service terminated with service-specific error 2147746132 (0x80040154).

    Record Number: 17254
    Source Name: Service Control Manager
    Time Written: 20091218003216.000000-300
    Event Type: error
    User:

    Computer Name: KAMI-706842B87D
    Event Code: 7023
    Message: The Automatic Updates service terminated with the following error:
    The specified module could not be found.


    Record Number: 17253
    Source Name: Service Control Manager
    Time Written: 20091218003216.000000-300
    Event Type: error
    User:

    Computer Name: KAMI-706842B87D
    Event Code: 7000
    Message: The BuddyVM service failed to start due to the following error:
    The system cannot find the file specified.


    Record Number: 17252
    Source Name: Service Control Manager
    Time Written: 20091218003216.000000-300
    Event Type: error
    User:

    =====Application event log=====

    Computer Name: KAMI-706842B87D
    Event Code: 4356
    Message: The COM+ Event System failed to create an instance of the subscriber partition:{41E90F3E-56C1-4633-81C3-6E8BAC8BDD70}!new:{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}. CoGetObject returned HRESULT 80070422.
    Record Number: 24
    Source Name: EventSystem
    Time Written: 20080907173335.000000-240
    Event Type: warning
    User:

    Computer Name: KAMI-706842B87D
    Event Code: 4353
    Message: The COM+ Event System attempted to fire the EventObjectChange::ChangedSubscription event but received a bad return code. HRESULT was 80040201.
    Record Number: 23
    Source Name: EventSystem
    Time Written: 20080907173335.000000-240
    Event Type: warning
    User:

    Computer Name: KAMI-706842B87D
    Event Code: 4356
    Message: The COM+ Event System failed to create an instance of the subscriber partition:{41E90F3E-56C1-4633-81C3-6E8BAC8BDD70}!new:{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}. CoGetObject returned HRESULT 80070422.
    Record Number: 22
    Source Name: EventSystem
    Time Written: 20080907173335.000000-240
    Event Type: warning
    User:

    Computer Name: KAMI-706842B87D
    Event Code: 63
    Message: A provider, HiPerfCooker_v1, has been registered in the WMI namespace, Root\WMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

    Record Number: 17
    Source Name: WinMgmt
    Time Written: 20080907173132.000000-240
    Event Type: warning
    User: NT AUTHORITY\SYSTEM

    Computer Name: KAMI-706842B87D
    Event Code: 63
    Message: A provider, HiPerfCooker_v1, has been registered in the WMI namespace, Root\WMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

    Record Number: 16
    Source Name: WinMgmt
    Time Written: 20080907173132.000000-240
    Event Type: warning
    User: NT AUTHORITY\SYSTEM

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;F:\Program Files\Smart Projects\IsoBuster;F:\Program Files\Common Files\DivX Shared
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 67 Stepping 3, AuthenticAMD
    "PROCESSOR_REVISION"=4303
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP

    -----------------EOF-----------------
     
  13. DrkSdBls

    DrkSdBls Thread Starter

    Joined:
    Jul 19, 2003
    Messages:
    161
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Kami at 2010-04-13 11:07:02
    Microsoft Windows XP Home Edition Service Pack 3
    System drive F: has 23 GB (17%) free of 137 GB
    Total RAM: 3582 MB (80% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:07:10, on 2010/04/13
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16827)
    Boot mode: Normal

    Running processes:
    F:\WINDOWS\System32\smss.exe
    F:\WINDOWS\system32\winlogon.exe
    F:\WINDOWS\system32\services.exe
    F:\WINDOWS\system32\lsass.exe
    F:\WINDOWS\system32\nvsvc32.exe
    F:\WINDOWS\system32\svchost.exe
    F:\WINDOWS\System32\svchost.exe
    F:\WINDOWS\system32\spoolsv.exe
    F:\WINDOWS\Explorer.EXE
    F:\WINDOWS\system32\ctfmon.exe
    F:\Program Files\Common Files\Java\Java Update\jusched.exe
    F:\WINDOWS\SOUNDMAN.EXE
    F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    F:\WINDOWS\system32\RUNDLL32.EXE
    F:\Program Files\DivX\DivX Update\DivXUpdate.exe
    F:\WINDOWS\system32\rundll32.exe
    F:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    F:\Program Files\Java\jre6\bin\jqs.exe
    F:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    F:\WINDOWS\system32\svchost.exe
    F:\WINDOWS\system32\wscntfy.exe
    F:\WINDOWS\System32\svchost.exe
    F:\Program Files\DAP\DAP.exe
    F:\Program Files\Common Files\Real\Update_OB\realsched.exe
    F:\Program Files\Internet Explorer\IEXPLORE.EXE
    F:\Documents and Settings\Kami\Desktop\RSIT.exe
    F:\Program Files\Trend Micro\HijackThis\Kami.exe

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [TkBellExe] "F:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [RemoteControl] "F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "F:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [DivXUpdate] "F:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    O4 - HKLM\..\Run: [amd_dc_opt] F:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [MSConfig] F:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
    O4 - HKCU\..\Run: [NVIDIA nTune] "F:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
    O4 - HKCU\..\Run: [SUPERAntiSpyware] F:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [igndlm.exe] F:\Program Files\Download Manager\dlm.exe /windowsstart /startifwork
    O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
    O4 - Global Startup: Windows Search.lnk = F:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &Clean Traces - F:\Program Files\DAP\Privacy Package\dapcleanerie.htm
    O8 - Extra context menu item: &Download with &DAP - F:\Program Files\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - F:\Program Files\DAP\dapextie2.htm
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
    O15 - ESC Trusted Zone: http://*.update.microsoft.com
    O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/mygarmin/m/GarminAxControl.CAB
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.9.113.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1240541163015
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O20 - Winlogon Notify: !SASWinLogon - F:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Imapi Helper - Alex Feinman - F:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: nTune Service (nTuneService) - NVIDIA - F:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe

    --
    End of file - 6774 bytes

    ======Scheduled tasks folder======

    F:\WINDOWS\tasks\AppleSoftwareUpdate.job
    F:\WINDOWS\tasks\defrag.job
    F:\WINDOWS\tasks\File Helper.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Adobe PDF Reader Link Helper - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - F:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - F:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"=F:\WINDOWS\system32\NvCpl.dll [2009-06-10 13758464]
    "TkBellExe"=F:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-02-16 185896]
    "SunJavaUpdateSched"=F:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
    "SoundMan"=F:\WINDOWS\SOUNDMAN.EXE [2005-08-17 90112]
    "RemoteControl"=F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2005-01-12 32768]
    "nwiz"=nwiz.exe /install []
    "NvMediaCenter"=F:\WINDOWS\system32\NvMcTray.dll [2009-06-10 86016]
    "NeroFilterCheck"=F:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
    "IMJPMIG8.1"=F:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
    "DivXUpdate"=F:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-03-05 1135912]
    "amd_dc_opt"=F:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
    "Adobe Reader Speed Launcher"=F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
    "MSConfig"=F:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [2008-04-13 169984]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "NVIDIA nTune"=F:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-09-04 81920]
    "SUPERAntiSpyware"=F:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-04-06 2010864]
    "SpybotSD TeaTimer"=F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
    "igndlm.exe"=F:\Program Files\Download Manager\dlm.exe [2009-05-14 1103216]
    "ctfmon.exe"=F:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
    F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-24 81000]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "GoogleDesktopManager-121207-085209"=3

    F:\Documents and Settings\All Users\Start Menu\Programs\Startup
    Windows Search.lnk - F:\Program Files\Windows Desktop Search\WindowsSearch.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
    F:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-05 548352]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    F:\WINDOWS\system32\Ati2evxx.dll [2006-01-24 61440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    F:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5}

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\OneCareMP]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=323
    "NoDriveAutoRun"=67108863
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"
    "F:\Program Files\eMule\emule.exe"="F:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "F:\WINDOWS\system32\dpvsetup.exe"="F:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
    "E:\GAMES\WOW\World of Warcraft\Launcher.exe"="E:\GAMES\WOW\World of Warcraft\Launcher.exe:*:Enabled:World of Warcraft"
    "F:\Program Files\Sony\Station\LaunchPad\LaunchPad.exe"="F:\Program Files\Sony\Station\LaunchPad\LaunchPad.exe:*:Enabled:LaunchPad"
    "E:\GAMES\WOW\World of Warcraft\BackgroundDownloader.exe"="E:\GAMES\WOW\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000"
    "E:\GAMES\WOW\World of Warcraft\WoW-2.4.3-to-3.0.2-enUS-Win-Final-downloader.exe"="E:\GAMES\WOW\World of Warcraft\WoW-2.4.3-to-3.0.2-enUS-Win-Final-downloader.exe:*:Enabled:Blizzard Downloader"
    "F:\WINDOWS\system32\spoolsv.exe"="F:\WINDOWS\system32\spoolsv.exe:*:Enabled:spoolsv"
    "E:\GAMES\WOW\World of Warcraft\WoW-3.1.2.9901-to-3.1.3.9947-enUS-downloader.exe"="E:\GAMES\WOW\World of Warcraft\WoW-3.1.2.9901-to-3.1.3.9947-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
    "E:\GAMES\WOW\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe"="E:\GAMES\WOW\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
    "E:\GAMES\WOW\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe"="E:\GAMES\WOW\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
    "E:\GAMES\WOW\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe"="E:\GAMES\WOW\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
    "E:\GAMES\WOW\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe"="E:\GAMES\WOW\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe:*:Enabled:Blizzard Downloader"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000"

    ======List of files/folders created in the last 1 months======

    2010-04-13 11:07:02 ----D---- F:\rsit
    2010-04-11 15:49:32 ----SHD---- F:\RECYCLER
    2010-04-11 14:55:58 ----A---- F:\WINDOWS\ntbtlog.txt
    2010-04-11 14:51:07 ----A---- F:\ComboFix.txt
    2010-04-11 14:44:51 ----D---- F:\ComboFix
    2010-04-10 00:40:19 ----A---- F:\WINDOWS\system32\proquota.exe
    2010-04-10 00:32:51 ----A---- F:\WINDOWS\MBR.exe
    2010-04-10 00:32:50 ----A---- F:\WINDOWS\PEV.exe
    2010-04-10 00:27:01 ----A---- F:\WINDOWS\system32\CF5710.exe
    2010-04-09 13:30:34 ----D---- F:\Program Files\KeyTweak
    2010-04-07 19:30:24 ----D---- F:\Documents and Settings\Kami\Application Data\Malwarebytes
    2010-04-07 19:30:15 ----D---- F:\Program Files\Malwarebytes' Anti-Malware
    2010-04-07 19:30:15 ----D---- F:\Documents and Settings\All Users\Application Data\Malwarebytes
    2010-04-02 19:07:42 ----D---- F:\Program Files\AMD
    2010-04-02 18:00:32 ----D---- F:\Program Files\CPUID
    2010-03-31 00:35:55 ----D---- F:\Documents and Settings\All Users\Application Data\DivX
    2010-03-30 18:32:05 ----D---- F:\Documents and Settings\All Users\Application Data\Sun
    2010-03-30 18:32:04 ----D---- F:\Program Files\Common Files\Java
    2010-03-30 18:31:53 ----A---- F:\WINDOWS\system32\javaws.exe
    2010-03-30 18:31:53 ----A---- F:\WINDOWS\system32\javaw.exe
    2010-03-30 18:31:53 ----A---- F:\WINDOWS\system32\java.exe
    2010-03-30 17:32:35 ----D---- F:\Program Files\Hot CPU Tester Pro 4 LE

    ======List of files/folders modified in the last 1 months======

    2010-04-13 07:09:46 ----D---- F:\WINDOWS\temp
    2010-04-12 23:15:41 ----D---- F:\WINDOWS
    2010-04-11 17:27:03 ----AD---- F:\Documents and Settings\All Users\Application Data\TEMP
    2010-04-11 16:38:49 ----D---- F:\WINDOWS\Prefetch
    2010-04-11 16:38:33 ----A---- F:\WINDOWS\win.ini
    2010-04-11 16:38:33 ----A---- F:\WINDOWS\system.ini
    2010-04-11 16:37:37 ----SHD---- F:\System Volume Information
    2010-04-11 16:37:37 ----D---- F:\WINDOWS\system32\Restore
    2010-04-11 16:05:24 ----D---- F:\WINDOWS\pss
    2010-04-11 16:04:30 ----D---- F:\Documents and Settings
    2010-04-11 15:00:20 ----D---- F:\WINDOWS\system32\CatRoot2
    2010-04-11 14:51:08 ----D---- F:\QooBox
    2010-04-11 14:48:40 ----D---- F:\WINDOWS\system32\drivers
    2010-04-11 14:48:40 ----D---- F:\WINDOWS\system32
    2010-04-11 14:48:40 ----D---- F:\WINDOWS\AppPatch
    2010-04-11 14:48:37 ----D---- F:\Program Files\Common Files
    2010-04-11 14:44:59 ----A---- F:\WINDOWS\SchedLgU.Txt
    2010-04-11 14:24:03 ----D---- F:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2010-04-11 14:23:59 ----D---- F:\WINDOWS\Minidump
    2010-04-11 14:23:59 ----D---- F:\WINDOWS\Debug
    2010-04-10 21:31:09 ----D---- F:\Documents and Settings\Kami\Application Data\Ventrilo
    2010-04-10 00:41:10 ----D---- F:\WINDOWS\ERDNT
    2010-04-10 00:40:24 ----RSHDC---- F:\WINDOWS\system32\dllcache
    2010-04-09 13:30:34 ----RD---- F:\Program Files
    2010-04-07 19:24:10 ----SHD---- F:\WINDOWS\Installer
    2010-04-07 19:23:57 ----D---- F:\Config.Msi
    2010-04-06 18:38:13 ----AC---- F:\WINDOWS\system32\wpa.bak
    2010-04-06 18:36:58 ----D---- F:\Program Files\Google
    2010-04-06 14:27:33 ----A---- F:\WINDOWS\WININIT.INI
    2010-04-06 14:26:30 ----HD---- F:\Program Files\InstallShield Installation Information
    2010-04-06 14:26:06 ----D---- F:\Program Files\n52te
    2010-04-06 14:26:05 ----HD---- F:\WINDOWS\inf
    2010-04-06 14:24:52 ----D---- F:\Program Files\Eusing Free Registry Cleaner
    2010-04-06 14:24:20 ----D---- F:\Program Files\Azureus
    2010-04-06 10:56:31 ----D---- F:\Program Files\SUPERAntiSpyware
    2010-03-31 05:41:33 ----D---- F:\Program Files\DivX
    2010-03-31 03:49:55 ----D---- F:\WINDOWS\WinSxS
    2010-03-31 01:10:13 ----D---- F:\Program Files\Common Files\DivX Shared
    2010-03-30 18:31:52 ----D---- F:\Program Files\Java
    2010-03-30 17:18:02 ----D---- F:\Program Files\BCM Diagnostics Pro
    2010-03-17 01:27:54 ----A---- F:\WINDOWS\system32\PerfStringBackup.INI

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; F:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-24 27408]
    R1 AmdPPM;AMD HwPState Processor Driver; F:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
    R1 aswSP;avast! Self Protection; F:\WINDOWS\system32\drivers\aswSP.sys [2009-11-24 114768]
    R1 aswTdi;avast! Network Shield Support; F:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-24 48560]
    R1 FsVga;FsVga; F:\WINDOWS\system32\DRIVERS\fsvga.sys [2004-08-04 12160]
    R1 kbdhid;Keyboard HID Driver; F:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
    R1 SASDIFSV;SASDIFSV; \??\F:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
    R1 SASKUTIL;SASKUTIL; \??\F:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
    R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; F:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
    R2 aswFsBlk;aswFsBlk; F:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
    R2 aswMon2;avast! Standard Shield Support; F:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-24 94160]
    R2 atksgt;atksgt; F:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-09-25 278728]
    R2 cpuz133;cpuz133; \??\F:\WINDOWS\system32\drivers\cpuz133_x32.sys []
    R2 lirsgt;lirsgt; F:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-09-25 25416]
    R2 WMDrive;WMDrive; \??\F:\WINDOWS\system32\drivers\WMDrive.sys []
    R3 AmdLLD;AMD Low Level Device Driver; F:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
    R3 Arp1394;1394 ARP Client Protocol; F:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 dpK0Bx01;Fingerprint Reader Filter Driver; F:\WINDOWS\system32\DRIVERS\dpK0Bx01.sys [2004-08-04 32640]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; F:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 hidusb;Microsoft HID Class Driver; F:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 mouhid;Mouse HID Driver; F:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
    R3 MTsensor;ATK0110 ACPI UTILITY; F:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-12 5810]
    R3 NIC1394;1394 Net Driver; F:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 nv;nv; F:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-06-10 8087712]
    R3 NVENETFD;NVIDIA nForce Networking Controller Driver; F:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-09-11 57856]
    R3 nvnetbus;NVIDIA Network Bus Enumerator; F:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-09-11 19968]
    R3 NVR0Dev;NVR0Dev; \??\F:\WINDOWS\nvoclock.sys []
    R3 SASENUM;SASENUM; \??\F:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
    R3 usbaudio;USB Audio Driver (WDM); F:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    R3 usbccgp;Microsoft USB Generic Parent Driver; F:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 UsbdpFP;Fingerprint Reader Class Driver; F:\WINDOWS\system32\DRIVERS\UsbdpFP.sys [2004-08-04 34560]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; F:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Microsoft USB Standard Hub Driver; F:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; F:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    R3 usbstor;USB Mass Storage Driver; F:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R3 vhidmini;Virtual Hid Device; F:\WINDOWS\system32\DRIVERS\vhidmini.sys [2007-09-19 12672]
    S2 {09BB444F-B2E2-4009-BAF2-7B727681223E};BuddyVM; \??\F:\Program Files\VMLaunch\BuddyVM.sys []
    S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); F:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-08-19 3644800]
    S3 aswRdr;aswRdr; F:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-24 23120]
    S3 ati2mtag;ati2mtag; F:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-01-24 1478656]
    S3 catchme;catchme; \??\F:\DOCUME~1\Kami\LOCALS~1\Temp\catchme.sys []
    S3 dmouc0;dmouc0; F:\WINDOWS\System32\DRIVERS\dmouc0.sys [2008-03-21 7680]
    S3 dmouc1;dmouc1; F:\WINDOWS\System32\DRIVERS\dmouc1.sys [2008-03-21 7680]
    S3 dmouc2;dmouc2; F:\WINDOWS\System32\DRIVERS\dmouc2.sys [2008-03-21 7680]
    S3 grmnusb;grmnusb; F:\WINDOWS\system32\drivers\grmnusb.sys [2003-09-23 7296]
    S3 JmtFltr;n52te; F:\WINDOWS\System32\Drivers\JmtFltr.sys [2007-09-27 48896]
    S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; F:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
    S3 RT25USBAP;Nintendo Wi-Fi USB Connector Service; F:\WINDOWS\system32\DRIVERS\rt25usbap.sys [2006-04-10 162816]
    S3 st3wolf;st3wolf; F:\WINDOWS\system32\DRIVERS\st3wolf.sys []
    S3 Usblink;Usblink Driver; F:\WINDOWS\System32\Drivers\ulink.sys [2003-08-08 40788]
    S3 usbscan;USB Scanner Driver; F:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; F:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; F:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; F:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-09-19 241280]
    S4 IntelIde;IntelIde; F:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 JavaQuickStarterService;Java Quick Starter; F:\Program Files\Java\jre6\bin\jqs.exe [2010-03-09 153376]
    R2 nTuneService;nTune Service; F:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-09-04 131072]
    R2 NVSvc;NVIDIA Display Driver Service; F:\WINDOWS\system32\nvsvc32.exe [2009-06-10 168004]
    S2 Ati HotKey Poller;Ati HotKey Poller; F:\WINDOWS\system32\Ati2evxx.exe [2006-01-24 405504]
    S2 WSearch;Windows Search; F:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
    S3 aspnet_state;ASP.NET State Service; F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; F:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 IDriverT;InstallDriver Table Manager; F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 idsvc;Windows CardSpace; F:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 Imapi Helper;Imapi Helper; F:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe [2006-01-05 163840]
    S3 usprserv;User Privilege Service; F:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
    S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; F:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; F:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
    S4 aswUpdSv;avast! iAVS4 Control Service; F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-24 18752]
    S4 avast! Antivirus;avast! Antivirus; F:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-24 138680]
    S4 avast! Mail Scanner;avast! Mail Scanner; F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-24 254040]
    S4 avast! Web Scanner;avast! Web Scanner; F:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-24 352920]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; F:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
     
  14. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,452
    First Name:
    Derek
    are you still gettinmg any problems or is it all OK now
     
  15. DrkSdBls

    DrkSdBls Thread Starter

    Joined:
    Jul 19, 2003
    Messages:
    161
    Nope. no more Freezing
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/915364

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice