Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.

Computer Freezing

3K views 21 replies 4 participants last post by  dvk01 
#1 ·
Recently, my computer has been freezing up on my. Strange part is, it doesn't freeze while running High End games but when I playing smaller games or downloading and once or twice browsing Web pages. I've done everything I know to do including Malware/Virus Scans, Cleaning Files, Defragmenting, and Hardware Tests but I need a second opinion.

This is my HIjackthis Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:50:57, on 2010/04/07
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\nvsvc32.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
F:\Program Files\Alwil Software\Avast4\ashServ.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\ctfmon.exe
F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
F:\Program Files\Common Files\Real\Update_OB\realsched.exe
F:\Program Files\Common Files\Java\Java Update\jusched.exe
F:\WINDOWS\SOUNDMAN.EXE
F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
F:\WINDOWS\system32\RUNDLL32.EXE
F:\WINDOWS\system32\rundll32.exe
F:\Program Files\DivX\DivX Update\DivXUpdate.exe
F:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Java\jre6\bin\jqs.exe
F:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
F:\Program Files\Alwil Software\Avast4\ashWebSv.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Internet Explorer\IEXPLORE.EXE
F:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O1 - Hosts: ::1 localhost
O1 - Hosts: 209.44.111.62 itsecure.microsoft.com
O1 - Hosts: 209.44.111.62 avremover-pro.com
O1 - Hosts: 209.44.111.62 www.avremover-pro.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "F:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RemoteControl] "F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Jomantha] F:\Program Files\n52te\n52teHid.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "F:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [Google Desktop Search] "F:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [DivXUpdate] "F:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [amd_dc_opt] F:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [NVIDIA nTune] "F:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] F:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [igndlm.exe] F:\Program Files\Download Manager\dlm.exe /windowsstart /startifwork
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Windows Search.lnk = F:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Clean Traces - F:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - F:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - F:\Program Files\DAP\dapextie2.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/mygarmin/m/GarminAxControl.CAB
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.9.113.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1240541163015
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: f:\windows\system32\givejijo.dll
O20 - Winlogon Notify: !SASWinLogon - F:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Imapi Helper - Alex Feinman - F:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - F:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe

--
End of file - 7827 bytes
 
See less See more
#3 ·
Honestly, I have no idea what those are. I was hoping someone here did.

Specs:
Operating System: Windows XP Home Edition (5.1, Build 2600) Service Pack 3 (2600.xpsp_sp3_gdr.090206-1234)
Language: English (Regional Setting: English)
System Manufacturer: System manufacturer
System Model: System Product Name
BIOS: Phoenix - AwardBIOS v6.00PG
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 6000+, MMX, 3DNow (2 CPUs), ~3.0GHz
Memory: 3582MB RAM
Card name: NVIDIA GeForce 8500 GT
 
#5 ·
step 1

use the Microsoft fixit tool on http://support.microsoft.com/kb/972034 to reset hosts to default

step2

Please download Malwarebytes' Anti-Malware to your desktop
from HERE or HERE

Double-click mbam-setup.exe and follow the prompts to install the program. At the end, be sure a checkmark is placed next to the following:

Update Malwarebytes' Anti-Malware. Launch Malwarebytes' Anti-Malware. Then click Finish.

If an update is found, it will download and install the latest version. Press Update to make sure the latest database is loaded.
Once the program has loaded, select Perform quick scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad.
Please include this log in your next reply.

It might ask you to reboot to finish cleaning. Please do so. ( Press YES on the alert)
If you receive an (Error Loading xxxxxxxxxx .dll) error on reboot please reboot a second time . It is normal for this error to occur once and does not need to be reported unless it continues on every boot
 
#6 ·
Results:

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Database version: 3967

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

2010/04/07 19:36:45
mbam-log-2010-04-07 (19-36-45).txt

Scan type: Quick scan
Objects scanned: 103778
Time elapsed: 4 minute(s), 53 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1f158a1e-a687-4a11-9679-b3ac64b86a1c} (Adware.Seekmo) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
 
#7 ·
Delete any existing version of ComboFix you have sitting on your desktop
Please read and follow all these instructions very carefully

Download ComboFix from Here to your Desktop.

**Note: It is important that it is saved directly to your desktop and run from the desktop and not any other folder on your computer**
--------------------------------------------------------------------
1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • Very Important! Temporarily disable your anti-virus and anti-malware real-time protection and any script blocking components of them or your firewall before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results" or stop combofix running at all
  • Click on THIS LINK to see instructions on how to temporarily disable many security programs while running combofix. The list does not cover every program. If yours is not listed and you don't know how to disable it, please ask.
  • Remember to re enable the protection again after combofix has finished
--------------------------------------------------------------------
2. Close any open browsers and any other programs you might have running
Double click on combofix.exe & follow the prompts.​
If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?"
Please select yes & let it download the files it needs to do this
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt" for further review

****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read HERE why we disable autoruns

Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.
 
#8 ·
ALright. So, I've done everything suggested here and cleaned a lot out of my computer. But My computer's still Freezing. Odd thing is, it seams to only freeze if I leave my computer for a few minutes.

The Combofix.txt:
ComboFix 10-04-10.02 - Kami 2010/04/11 14:45:26.5.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.932.81.1033.18.3582.3136 [GMT -4:00]
Running from: f:\documents and settings\Kami\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100411-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Windows Live OneCare *On-access scanning disabled* (Updated) {427ADFC3-B354-4A51-BE34-A9D4218E45C4}
FW: Windows Live OneCare Firewall *disabled* {A3899D22-27E6-4A7E-AE4E-2C106646DAAB}
.

((((((((((((((((((((((((( Files Created from 2010-03-11 to 2010-04-11 )))))))))))))))))))))))))))))))
.

2010-04-10 04:40 . 2008-04-14 00:12 50176 -c--a-w- f:\windows\system32\dllcache\proquota.exe
2010-04-10 04:40 . 2008-04-14 00:12 50176 ----a-w- f:\windows\system32\proquota.exe
2010-04-10 04:27 . 2010-04-10 04:26 389120 ----a-w- f:\windows\system32\CF5710.exe
2010-04-09 17:30 . 2010-04-09 17:30 -------- d-----w- f:\program files\KeyTweak
2010-04-07 23:30 . 2010-04-07 23:30 -------- d-----w- f:\documents and settings\Kami\Application Data\Malwarebytes
2010-04-07 23:30 . 2010-03-30 04:46 38224 ----a-w- f:\windows\system32\drivers\mbamswissarmy.sys
2010-04-07 23:30 . 2010-04-07 23:30 -------- d-----w- f:\program files\Malwarebytes' Anti-Malware
2010-04-07 23:30 . 2010-04-07 23:30 -------- d-----w- f:\documents and settings\All Users\Application Data\Malwarebytes
2010-04-07 23:30 . 2010-03-30 04:45 20824 ----a-w- f:\windows\system32\drivers\mbam.sys
2010-04-02 23:07 . 2007-06-29 18:47 34304 ----a-w- f:\windows\system32\drivers\AmdLLD.sys
2010-04-02 23:07 . 2010-04-02 23:07 -------- d-----w- f:\program files\AMD
2010-04-02 23:07 . 2010-04-02 23:07 -------- d-----w- f:\documents and settings\Kami\Local Settings\Application Data\Downloaded Installations
2010-04-02 22:00 . 2010-04-02 22:00 -------- d-----w- f:\program files\CPUID
2010-04-02 22:00 . 2010-03-31 03:38 20968 ----a-w- f:\windows\system32\drivers\cpuz133_x32.sys
2010-03-31 09:42 . 2010-03-31 04:36 754984 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll
2010-03-31 09:42 . 2010-03-31 04:35 986904 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
2010-03-31 09:41 . 2009-08-22 03:46 529171 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe
2010-03-31 09:41 . 2009-08-22 03:46 529171 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe
2010-03-31 09:40 . 2010-03-31 09:40 56766 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-03-31 09:37 . 2010-03-31 09:37 56978 ----a-w- f:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
2010-03-31 09:26 . 2010-03-31 09:26 53600 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe
2010-03-31 09:20 . 2010-03-31 09:20 57677 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Player\Uninstaller.exe
2010-03-31 08:33 . 2010-03-31 08:33 84035 ----a-w- f:\documents and settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
2010-03-31 08:22 . 2010-03-31 08:22 57054 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
2010-03-31 08:21 . 2010-03-31 08:21 54166 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
2010-03-31 08:19 . 2010-03-31 08:19 57532 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
2010-03-31 08:17 . 2010-03-31 08:17 56458 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-03-31 08:12 . 2010-03-31 08:12 54174 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
2010-03-31 08:10 . 2010-03-31 08:10 54153 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
2010-03-31 08:08 . 2010-03-31 08:08 54128 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
2010-03-31 08:06 . 2010-03-31 08:06 54629 ----a-w- f:\documents and settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
2010-03-31 07:59 . 2010-03-31 07:59 54101 ----a-w- f:\documents and settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
2010-03-31 07:59 . 2010-03-31 07:59 57409 ----a-w- f:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
2010-03-31 07:57 . 2010-03-31 07:57 52963 ----a-w- f:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-03-31 05:15 . 2010-03-31 05:15 54073 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
2010-03-31 05:09 . 2010-03-31 05:09 56969 ----a-w- f:\documents and settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
2010-03-31 04:35 . 2010-03-31 09:41 -------- d-----w- f:\documents and settings\All Users\Application Data\DivX
2010-03-30 22:32 . 2010-03-30 22:32 503808 ----a-w- f:\documents and settings\Kami\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-65cb026b-n\msvcp71.dll
2010-03-30 22:32 . 2010-03-30 22:32 499712 ----a-w- f:\documents and settings\Kami\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-65cb026b-n\jmc.dll
2010-03-30 22:32 . 2010-03-30 22:32 348160 ----a-w- f:\documents and settings\Kami\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-65cb026b-n\msvcr71.dll
2010-03-30 22:32 . 2010-03-30 22:32 -------- d-----w- f:\program files\Common Files\Java
2010-03-30 22:32 . 2010-03-30 22:32 61440 ----a-w- f:\documents and settings\Kami\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-30ddab3e-n\decora-sse.dll
2010-03-30 22:32 . 2010-03-30 22:32 12800 ----a-w- f:\documents and settings\Kami\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-30ddab3e-n\decora-d3d.dll
2010-03-30 21:32 . 2010-03-30 21:32 -------- d-----w- f:\program files\Hot CPU Tester Pro 4 LE
2010-03-30 04:42 . 2010-03-30 04:42 -------- d-----w- f:\documents and settings\Kami\Local Settings\Application Data\StoryBoard
2010-03-23 00:29 . 2010-03-23 00:29 -------- d-----w- f:\documents and settings\Kami\Local Settings\Application Data\Rawr
2010-03-19 23:04 . 2010-03-19 23:04 848 --sha-w- f:\windows\system32\KGyGaAvL.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-11 18:24 . 2008-12-12 02:36 -------- d-----w- f:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-04-11 03:36 . 2008-08-22 02:35 -------- d---a-w- f:\documents and settings\All Users\Application Data\TEMP
2010-04-11 01:31 . 2008-02-07 03:57 -------- d-----w- f:\documents and settings\Kami\Application Data\Ventrilo
2010-04-09 02:41 . 2010-02-10 05:18 1 ----a-w- f:\documents and settings\Kami\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-04-06 22:36 . 2007-12-18 09:28 -------- d-----w- f:\program files\Google
2010-04-06 18:26 . 2007-07-16 21:52 -------- d--h--w- f:\program files\InstallShield Installation Information
2010-04-06 18:26 . 2009-10-22 18:25 -------- d-----w- f:\program files\n52te
2010-04-06 18:24 . 2008-12-16 17:10 -------- d-----w- f:\program files\Eusing Free Registry Cleaner
2010-04-06 18:24 . 2007-11-30 20:06 -------- d-----w- f:\program files\Azureus
2010-04-06 15:35 . 2007-06-16 00:56 26520 ----a-w- f:\documents and settings\Kami\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-04-06 14:56 . 2007-10-16 02:02 -------- d-----w- f:\program files\SUPERAntiSpyware
2010-03-31 09:41 . 2008-06-03 23:12 -------- d-----w- f:\program files\DivX
2010-03-31 05:10 . 2009-08-22 03:45 -------- d-----w- f:\program files\Common Files\DivX Shared
2010-03-30 22:31 . 2009-04-23 17:23 -------- d-----w- f:\program files\Java
2010-03-30 21:18 . 2008-09-08 22:26 -------- d-----w- f:\program files\BCM Diagnostics Pro
2010-03-09 08:28 . 2009-04-23 17:23 411368 ----a-w- f:\windows\system32\deploytk.dll
2010-03-08 17:59 . 2010-03-08 17:59 94208 ----a-w- f:\windows\system32\dpl100.dll
2010-02-19 19:27 . 2010-02-19 19:27 720384 ----a-w- f:\windows\system32\DivX.dll
2010-02-19 19:27 . 2010-02-19 19:27 856064 ----a-w- f:\windows\system32\divx_xx0c.dll
2010-02-19 19:27 . 2010-02-19 19:27 856064 ----a-w- f:\windows\system32\divx_xx07.dll
2010-02-19 19:27 . 2010-02-19 19:27 847872 ----a-w- f:\windows\system32\divx_xx0a.dll
2010-02-19 19:27 . 2010-02-19 19:27 843776 ----a-w- f:\windows\system32\divx_xx16.dll
2010-02-19 19:27 . 2010-02-19 19:27 839680 ----a-w- f:\windows\system32\divx_xx11.dll
2010-01-12 20:12 . 2010-01-12 20:12 85504 ----a-w- f:\windows\system32\ff_vfw.dll
2008-03-09 12:25 . 2009-01-13 23:25 236 -c-ha-w- f:\program files\Common Files\dx.reg
2005-02-27 18:22 . 2005-02-27 18:22 74 -c--a-w- f:\program files\Serial.txt
2005-02-22 00:39 . 2005-02-22 00:39 2662 -c--a-w- f:\program files\1337Warez.nfo
2004-09-29 23:15 . 2007-05-12 21:24 10475048 -c--a-w- f:\program files\RealPlayer10-5GOLD.exe
2008-11-30 05:20 . 2009-04-21 16:34 251392 -c--a-w- f:\program files\opera\program\plugins\dapop.dll
2008-12-10 00:27 . 2008-11-04 18:21 56 -csha-r- f:\windows\system32\D88FFC2E59.sys
.

((((((((((((((((((((((((((((( SnapShot_2010-04-10_04.40.53 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-04-11 18:39 . 2010-04-11 18:39 16384 f:\windows\temp\Perflib_Perfdata_74.dat
+ 2010-04-11 18:39 . 2010-04-11 18:39 16384 f:\windows\temp\Perflib_Perfdata_55c.dat
+ 2010-04-11 18:40 . 2010-04-11 18:40 16384 f:\windows\temp\Perflib_Perfdata_28c.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"="f:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]
"SUPERAntiSpyware"="f:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-04-06 2010864]
"SpybotSD TeaTimer"="f:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"igndlm.exe"="f:\program files\Download Manager\dlm.exe" [2009-05-14 1103216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="f:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"TkBellExe"="f:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-02-17 185896]
"SunJavaUpdateSched"="f:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"SoundMan"="SOUNDMAN.EXE" [2005-08-17 90112]
"RemoteControl"="f:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 32768]
"nwiz"="nwiz.exe" [2009-06-10 1657376]
"NvMediaCenter"="f:\windows\system32\NvMcTray.dll" [2009-06-10 86016]
"NvCplDaemon"="f:\windows\system32\NvCpl.dll" [2009-06-10 13758464]
"NeroFilterCheck"="f:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"IMJPMIG8.1"="f:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"DivXUpdate"="f:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-03-05 1135912]
"amd_dc_opt"="f:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Adobe Reader Speed Launcher"="f:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="f:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="f:\windows\system32\tscupgrd.exe" [2004-08-04 44544]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-05 22:28 548352 ----a-w- f:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"GoogleDesktopManager-121207-085209"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"f:\\Program Files\\eMule\\emule.exe"=
"f:\\WINDOWS\\system32\\dpvsetup.exe"=
"e:\\GAMES\\WOW\\World of Warcraft\\Launcher.exe"=
"f:\\Program Files\\Sony\\Station\\LaunchPad\\LaunchPad.exe"=
"e:\\GAMES\\WOW\\World of Warcraft\\BackgroundDownloader.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\GAMES\\WOW\\World of Warcraft\\WoW-2.4.3-to-3.0.2-enUS-Win-Final-downloader.exe"=
"f:\\WINDOWS\\system32\\spoolsv.exe"=
"e:\\GAMES\\WOW\\World of Warcraft\\WoW-3.1.2.9901-to-3.1.3.9947-enUS-downloader.exe"=
"e:\\GAMES\\WOW\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe"=
"e:\\GAMES\\WOW\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe"=
"e:\\GAMES\\WOW\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe"=
"e:\\GAMES\\WOW\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R1 aswSP;avast! Self Protection;f:\windows\system32\drivers\aswSP.sys [2009/04/26 19:45 114768]
R1 SASDIFSV;SASDIFSV;f:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2006/10/10 13:53 12872]
R1 SASKUTIL;SASKUTIL;f:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2007/02/27 12:39 66632]
R2 aswFsBlk;aswFsBlk;f:\windows\system32\drivers\aswFsBlk.sys [2009/04/26 19:45 20560]
R2 cpuz133;cpuz133;f:\windows\system32\drivers\cpuz133_x32.sys [2010/04/02 18:00 20968]
R2 WMDrive;WMDrive;f:\windows\system32\drivers\WMDrive.sys [2009/02/14 0:30 37376]
R3 dpK0Bx01;Fingerprint Reader Filter Driver;f:\windows\system32\drivers\dpK0Bx01.sys [2008/09/03 22:41 32640]
R3 SASENUM;SASENUM;f:\program files\SUPERAntiSpyware\SASENUM.SYS [2006/02/16 17:51 12872]
R3 UsbdpFP;Fingerprint Reader Class Driver;f:\windows\system32\drivers\UsbdpFP.sys [2008/09/03 22:41 34560]
S0 sptd;sptd;f:\windows\system32\drivers\sptd.sys [2007/06/18 20:40 682232]
S0 stwlfbus;stwlfbus;f:\windows\system32\DRIVERS\stwlfbus.sys --> f:\windows\system32\DRIVERS\stwlfbus.sys [?]
S2 {09BB444F-B2E2-4009-BAF2-7B727681223E};BuddyVM;\??\f:\program files\VMLaunch\BuddyVM.sys --> f:\program files\VMLaunch\BuddyVM.sys [?]
S3 dmouc0;dmouc0;f:\windows\system32\drivers\dmouc0.sys [2009/01/09 18:08 7680]
S3 dmouc1;dmouc1;f:\windows\system32\drivers\dmouc1.sys [2009/10/27 11:51 7680]
S3 dmouc2;dmouc2;f:\windows\system32\drivers\dmouc2.sys [2009/10/27 11:52 7680]
S3 JmtFltr;n52te;f:\windows\system32\drivers\JmtFltr.sys [2009/10/22 14:25 48896]
S3 MBAMSwissArmy;MBAMSwissArmy;f:\windows\system32\drivers\mbamswissarmy.sys [2010/04/07 19:30 38224]
S3 st3wolf;st3wolf;f:\windows\system32\DRIVERS\st3wolf.sys --> f:\windows\system32\DRIVERS\st3wolf.sys [?]
S3 Usblink;Usblink Driver;f:\windows\system32\drivers\ulink.sys [2008/07/22 15:20 40788]
.
Contents of the 'Scheduled Tasks' folder

2010-04-05 f:\windows\Tasks\AppleSoftwareUpdate.job
- f:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2010-04-09 f:\windows\Tasks\defrag.job
- f:\windows\system32\defrag.exe [2004-08-04 00:12]

2010-04-04 f:\windows\Tasks\File Helper.job
- f:\program files\File Helper\1.1.0.10\FileHelper.exe [2010-01-28 23:25]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &Clean Traces - f:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - f:\program files\DAP\dapextie.htm
IE: Download &all with DAP - f:\program files\DAP\dapextie2.htm
DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/mygarmin/m/GarminAxControl.CAB
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-11 14:49
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1614895754-412668190-839522115-1004\Software\KISS-MA\K0Y0_0€0&W0Y0_0A0 *-*J0・a0・n0D0D0j0・-*]
"InstallPath"="c:\\Program Files\\KISS-MA\\かすたむしすたぁ\\"
"DskSht"=dword:00000001
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(696)
f:\program files\SUPERAntiSpyware\SASWINLO.DLL
f:\windows\system32\Ati2evxx.dll
f:\windows\IME\IMJP8_1\Dicts\IMJPCD.DIC

- - - - - - - > 'explorer.exe'(2160)
f:\windows\system32\nview.dll
f:\windows\system32\nvwddi.dll
f:\windows\IME\IMJP8_1\Dicts\IMJPCD.DIC
.
Completion time: 2010-04-11 14:51:06
ComboFix-quarantined-files.txt 2010-04-11 18:51
ComboFix2.txt 2010-04-10 04:41
ComboFix3.txt 2009-04-27 15:03
ComboFix4.txt 2009-04-23 17:10
ComboFix5.txt 2010-04-11 18:44

Pre-Run: 23,722,942,464 bytes free
Post-Run: 23,679,905,792 bytes free

Current=14 Default=14 Failed=13 LastKnownGood=15 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15
- - End Of File - - BB1EF67D9CF86CEBAA21401C8F90610B
 
#9 ·
what do you mean by only freezes when left for few minutes

please f=go to C:\qoobox & find ComboFix-quarantined-files.txt and ComboFix2.txt

they might be in teh quarantine folder inside qoobox

Once I see them and see what cf fixed becasue you ran it twice, I might eb ablke to work out waht is wrong, ( apart from all the P2P & downloading progranms that will infect you that is)
 
#10 ·
Oops, I did run it twice. my bad.
And I meant when I leave my computer alone and don't touch it for a hour or so. But, on that note, it hasn't froze again since last night.

You need both ComboFix-quarantined-files.txt and ComboFix2.txt cause that's a lot to post in one post.

2010-04-10 04:41:31 . 2010-04-10 04:41:31 1,174 ----a-w- F:\Qoobox\Quarantine\Registry_backups\AddRemove-{7B63B2922B174135AFC0E1377DD81EC2}.reg.dat
2010-04-10 04:41:31 . 2010-04-10 04:41:31 712 ----a-w- F:\Qoobox\Quarantine\Registry_backups\AddRemove-Yahoo! Messenger.reg.dat
2010-04-10 04:41:31 . 2010-04-10 04:41:31 604 ----a-w- F:\Qoobox\Quarantine\Registry_backups\AddRemove-KISSLD.reg.dat
2010-04-10 04:41:31 . 2010-04-10 04:41:31 490 ----a-w- F:\Qoobox\Quarantine\Registry_backups\AddRemove-Direct KiSS.reg.dat
2010-04-10 04:41:31 . 2010-04-10 04:41:31 728 ----a-w- F:\Qoobox\Quarantine\Registry_backups\AddRemove-Artificial Girl 3.reg.dat
2010-04-10 04:41:16 . 2010-04-10 04:41:16 188 ----a-w- F:\Qoobox\Quarantine\Registry_backups\HKLM-Run-Google Desktop Search.reg.dat
2010-04-10 04:41:16 . 2010-04-10 04:41:16 133 ----a-w- F:\Qoobox\Quarantine\Registry_backups\HKLM-Run-Jomantha.reg.dat
2010-03-30 21:32:36 . 2007-03-05 15:51:56 360,580 ----a-w- F:\Qoobox\Quarantine\F\WINDOWS\eSellerateEngine.dll.vir
2009-04-27 15:03:13 . 2009-04-27 15:03:13 146 -c--a-w- F:\Qoobox\Quarantine\Registry_backups\ShellExecuteHooks-{56F9679E-7826-4C84-81F3-532071A8BCC5}.reg.dat
2009-04-27 15:03:13 . 2009-04-27 15:03:13 146 -c--a-w- F:\Qoobox\Quarantine\Registry_backups\ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}.reg.dat
2009-04-27 15:03:09 . 2009-04-27 15:03:09 166 -c--a-w- F:\Qoobox\Quarantine\Registry_backups\HKLM-Run-OneCareUI.reg.dat
2009-04-27 15:03:08 . 2009-04-27 15:03:08 448 -c--a-w- F:\Qoobox\Quarantine\Registry_backups\BHO-{7EB07FBE-7637-38F2-44BD-815F596D56A8}.reg.dat
2009-04-23 17:09:41 . 2009-04-23 17:09:41 225 -c--a-w- F:\Qoobox\Quarantine\Registry_backups\BHO-{fa05bc1b-b57c-419c-9ae6-182bd6e27c3a}.reg.dat
2009-04-22 11:58:22 . 2009-04-22 11:58:22 486,400 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\daptqgfntwwl.dll.vir
2009-04-21 05:41:43 . 2009-04-21 06:02:53 1,399,323 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\ovohodod.ini.vir
2009-04-20 21:16:50 . 2009-04-20 21:16:50 151 -c--a-w- F:\Qoobox\Quarantine\Registry_backups\HKLM-Run-bofalihifo.reg.dat
2009-04-20 21:16:48 . 2009-04-20 21:16:48 225 -c--a-w- F:\Qoobox\Quarantine\Registry_backups\BHO-{20bee274-4e4d-4a0c-80a2-e132ac686e61}.reg.dat
2009-04-20 21:13:04 . 2010-04-11 18:49:02 10,875 -c--a-w- F:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2009-04-20 21:10:20 . 2010-04-11 18:44:52 613 -c--a-w- F:\Qoobox\Quarantine\catchme.log
2009-04-20 17:41:27 . 2009-04-20 18:02:37 1,399,323 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\ujakemij.ini.vir
2009-04-20 04:29:48 . 2009-04-20 04:50:58 1,409,558 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\operabem.ini.vir
2009-04-19 04:29:26 . 2009-04-19 04:50:47 1,412,977 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\omotoyam.ini.vir
2009-04-15 17:18:57 . 2009-04-18 18:32:10 1,412,977 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\asijapoy.ini.vir
2009-04-15 02:17:01 . 2009-04-15 02:38:22 1,410,834 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\okudigam.ini.vir
2009-04-14 14:17:06 . 2009-04-14 14:38:16 1,410,839 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\upavepah.ini.vir
2009-04-14 02:16:26 . 2009-04-14 02:25:58 1,408,899 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\ilafigap.ini.vir
2009-04-13 14:16:08 . 2009-04-13 14:37:29 1,408,899 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\ekehopab.ini.vir
2009-04-13 02:16:05 . 2009-04-13 02:37:16 1,405,937 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\ofadodab.ini.vir
2009-04-12 14:16:00 . 2009-04-12 14:37:21 1,405,935 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\uyiworev.ini.vir
2009-04-12 02:16:07 . 2009-04-12 02:37:17 1,403,888 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\ajikojol.ini.vir
2009-03-29 21:04:25 . 2009-03-29 21:04:25 2,713 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\fuvevuja.exe.vir
2009-03-29 09:04:15 . 2009-03-29 09:04:25 122 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\eparegej.ini.vir
2009-03-28 21:04:19 . 2009-03-28 21:04:19 122 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\iluteweb.ini.vir
2009-03-28 21:04:10 . 2009-03-28 21:04:10 2,713 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\biwapuyu.exe.vir
2009-01-13 23:25:16 . 2008-04-23 03:23:02 134,671 ----a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\winstanew.dll.vir
2009-01-13 23:25:16 . 2008-04-23 03:10:50 633,871 ----a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\user32new.dll.vir
2009-01-13 23:25:15 . 2008-04-23 03:16:14 72,707 ----a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\secur32new.dll.vir
2009-01-13 23:25:15 . 2008-04-23 03:18:46 96,783 ----a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\powrprofnew.dll.vir
2009-01-13 23:25:15 . 2008-04-23 03:21:48 87,558 ----a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\ntdsapinew.dll.vir
2009-01-13 23:25:15 . 2008-04-23 03:05:30 39,948 ----a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\dwmapi.dll.vir
2009-01-13 23:25:15 . 2008-04-23 02:59:18 167,948 ----a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\dxgi.dll.vir
2009-01-13 23:25:13 . 2008-04-23 03:25:38 974,354 ----a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\crypt32new.dll.vir
2009-01-13 23:25:13 . 2008-04-23 03:21:26 171,023 ----a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\apphelpnew.dll.vir
2009-01-13 23:25:13 . 2008-04-23 03:07:36 770,069 ----a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\advapi32new.dll.vir
2008-12-20 04:36:55 . 2008-12-20 04:36:55 0 ----a-w- F:\Qoobox\Quarantine\F\FCMDE.tmp.vir
2008-12-20 04:36:47 . 2008-12-20 04:36:47 0 ----a-w- F:\Qoobox\Quarantine\F\FCMDC.tmp.vir
2008-12-20 04:36:47 . 2008-12-20 04:36:47 0 ----a-w- F:\Qoobox\Quarantine\F\FCMDA.tmp.vir
2008-12-20 04:36:46 . 2008-12-20 04:36:46 0 ----a-w- F:\Qoobox\Quarantine\F\FCMD8.tmp.vir
2008-12-20 04:36:46 . 2008-12-20 04:36:46 0 ----a-w- F:\Qoobox\Quarantine\F\FCMD6.tmp.vir
2008-12-20 04:36:45 . 2008-12-20 04:36:45 0 ----a-w- F:\Qoobox\Quarantine\F\FCMD4.tmp.vir
2008-12-20 04:36:44 . 2008-12-20 04:36:44 0 ----a-w- F:\Qoobox\Quarantine\F\FCMD2.tmp.vir
2008-12-20 04:36:44 . 2008-12-20 04:36:44 0 ----a-w- F:\Qoobox\Quarantine\F\FCMD0.tmp.vir
2008-12-20 04:36:43 . 2008-12-20 04:36:43 0 ----a-w- F:\Qoobox\Quarantine\F\FCMCE.tmp.vir
2008-12-20 04:36:42 . 2008-12-20 04:36:42 0 ----a-w- F:\Qoobox\Quarantine\F\FCMCC.tmp.vir
2008-12-20 04:36:42 . 2008-12-20 04:36:42 0 ----a-w- F:\Qoobox\Quarantine\F\FCMCA.tmp.vir
2008-12-20 04:36:41 . 2008-12-20 04:36:41 0 ----a-w- F:\Qoobox\Quarantine\F\FCMC8.tmp.vir
2008-12-20 04:36:40 . 2008-12-20 04:36:40 0 ----a-w- F:\Qoobox\Quarantine\F\FCMC6.tmp.vir
2008-12-20 04:36:39 . 2008-12-20 04:36:39 0 ----a-w- F:\Qoobox\Quarantine\F\FCMC4.tmp.vir
2008-12-20 04:36:39 . 2008-12-20 04:36:39 0 ----a-w- F:\Qoobox\Quarantine\F\FCMC2.tmp.vir
2008-12-20 04:36:38 . 2008-12-20 04:36:38 0 ----a-w- F:\Qoobox\Quarantine\F\FCMC0.tmp.vir
2008-12-20 04:36:37 . 2008-12-20 04:36:37 0 ----a-w- F:\Qoobox\Quarantine\F\FCMBE.tmp.vir
2008-12-20 04:36:36 . 2008-12-20 04:36:36 0 ----a-w- F:\Qoobox\Quarantine\F\FCMBC.tmp.vir
2008-12-20 04:36:33 . 2008-12-20 04:36:33 0 ----a-w- F:\Qoobox\Quarantine\F\FCMBA.tmp.vir
2008-12-20 04:36:28 . 2008-12-20 04:36:28 0 ----a-w- F:\Qoobox\Quarantine\F\FCMB8.tmp.vir
2008-12-20 04:35:43 . 2008-12-20 04:35:43 0 ----a-w- F:\Qoobox\Quarantine\F\FCMB5.tmp.vir
2008-12-20 04:34:50 . 2008-12-20 04:34:50 0 ----a-w- F:\Qoobox\Quarantine\F\FCMB3.tmp.vir
2008-03-15 23:15:36 . 2008-03-15 23:15:38 112,128 ----a-w- F:\Qoobox\Quarantine\F\Thumbs.db.vir
2007-10-16 01:55:19 . 2007-10-16 01:55:19 2,908 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\tmp.reg.vir
2007-10-16 01:55:06 . 2004-07-31 22:50:36 51,200 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\dumphive.exe.vir
2007-10-16 01:55:06 . 2006-04-27 21:49:30 288,417 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\SrchSTS.exe.vir
2007-08-27 17:24:49 . 2008-12-12 19:20:39 23,552 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\Thumbs.db.vir
2007-06-14 17:48:05 . 2007-04-06 02:31:36 185 -c--a-w- F:\Qoobox\Quarantine\F\Documents and Settings\Favorites\. . h e l a e n e . ..url.vir
2004-08-04 12:00:00 . 2004-08-04 12:00:00 1,835,904 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\_000006_.tmp.dll.vir
2004-08-04 12:00:00 . 2004-08-04 12:00:00 144,896 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\_000007_.tmp.dll.vir
2004-08-04 12:00:00 . 2004-08-04 12:00:00 983,552 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\_000019_.tmp.dll.vir
2004-08-04 12:00:00 . 2004-08-04 12:00:00 108,032 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\_000036_.tmp.dll.vir
2004-08-04 12:00:00 . 2004-08-04 12:00:00 708,096 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\_000037_.tmp.dll.vir
2004-08-04 12:00:00 . 2004-08-04 12:00:00 721,920 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\_000038_.tmp.dll.vir
2004-08-04 12:00:00 . 2004-08-04 12:00:00 616,960 -c--a-w- F:\Qoobox\Quarantine\F\WINDOWS\system32\_000039_.tmp.dll.vir

ComboFix 10-04-09.01 - Kami 2010/04/10 0:35.4.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.932.81.1033.18.3582.2926 [GMT -4:00]
Running from: f:\documents and settings\Kami\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100409-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Windows Live OneCare *On-access scanning disabled* (Updated) {427ADFC3-B354-4A51-BE34-A9D4218E45C4}
FW: Windows Live OneCare Firewall *disabled* {A3899D22-27E6-4A7E-AE4E-2C106646DAAB}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

F:\data
f:\documents and settings\Favorites\. . h e l a e n e . ..url
F:\FCMB3.tmp
F:\FCMB5.tmp
F:\FCMB8.tmp
F:\FCMBA.tmp
F:\FCMBC.tmp
F:\FCMBE.tmp
F:\FCMC0.tmp
F:\FCMC2.tmp
F:\FCMC4.tmp
F:\FCMC6.tmp
F:\FCMC8.tmp
F:\FCMCA.tmp
F:\FCMCC.tmp
F:\FCMCE.tmp
F:\FCMD0.tmp
F:\FCMD2.tmp
F:\FCMD4.tmp
F:\FCMD6.tmp
F:\FCMD8.tmp
F:\FCMDA.tmp
F:\FCMDC.tmp
F:\FCMDE.tmp
F:\Thumbs.db
f:\windows\eSellerateEngine.dll
f:\windows\system32\advapi32new.dll
f:\windows\system32\apphelpnew.dll
f:\windows\system32\crypt32new.dll
f:\windows\system32\dwmapi.dll
f:\windows\system32\dxgi.dll
f:\windows\system32\ntdsapinew.dll
f:\windows\system32\powrprofnew.dll
f:\windows\system32\secur32new.dll
f:\windows\system32\Thumbs.db
f:\windows\system32\user32new.dll
f:\windows\system32\winstanew.dll

f:\windows\system32\proquota.exe was missing
Restored copy from - f:\windows\ServicePackFiles\i386\proquota.exe

.
((((((((((((((((((((((((( Files Created from 2010-03-10 to 2010-04-10 )))))))))))))))))))))))))))))))
.

2010-04-10 04:40 . 2008-04-14 00:12 50176 -c--a-w- f:\windows\system32\dllcache\proquota.exe
2010-04-10 04:40 . 2008-04-14 00:12 50176 ----a-w- f:\windows\system32\proquota.exe
2010-04-10 04:27 . 2010-04-10 04:26 389120 ----a-w- f:\windows\system32\CF5710.exe
2010-04-09 17:30 . 2010-04-09 17:30 -------- d-----w- f:\program files\KeyTweak
2010-04-07 23:30 . 2010-04-07 23:30 -------- d-----w- f:\documents and settings\Kami\Application Data\Malwarebytes
2010-04-07 23:30 . 2010-03-30 04:46 38224 ----a-w- f:\windows\system32\drivers\mbamswissarmy.sys
2010-04-07 23:30 . 2010-04-07 23:30 -------- d-----w- f:\program files\Malwarebytes' Anti-Malware
2010-04-07 23:30 . 2010-04-07 23:30 -------- d-----w- f:\documents and settings\All Users\Application Data\Malwarebytes
2010-04-07 23:30 . 2010-03-30 04:45 20824 ----a-w- f:\windows\system32\drivers\mbam.sys
2010-04-02 23:07 . 2007-06-29 18:47 34304 ----a-w- f:\windows\system32\drivers\AmdLLD.sys
2010-04-02 23:07 . 2010-04-02 23:07 -------- d-----w- f:\program files\AMD
2010-04-02 23:07 . 2010-04-02 23:07 -------- d-----w- f:\documents and settings\Kami\Local Settings\Application Data\Downloaded Installations
2010-04-02 22:00 . 2010-04-02 22:00 -------- d-----w- f:\program files\CPUID
2010-04-02 22:00 . 2010-03-31 03:38 20968 ----a-w- f:\windows\system32\drivers\cpuz133_x32.sys
2010-03-31 09:42 . 2010-03-31 04:36 754984 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll
2010-03-31 09:42 . 2010-03-31 04:35 986904 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
2010-03-31 09:41 . 2009-08-22 03:46 529171 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe
2010-03-31 09:41 . 2009-08-22 03:46 529171 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe
2010-03-31 09:40 . 2010-03-31 09:40 56766 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-03-31 09:37 . 2010-03-31 09:37 56978 ----a-w- f:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
2010-03-31 09:26 . 2010-03-31 09:26 53600 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe
2010-03-31 09:20 . 2010-03-31 09:20 57677 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Player\Uninstaller.exe
2010-03-31 08:33 . 2010-03-31 08:33 84035 ----a-w- f:\documents and settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
2010-03-31 08:22 . 2010-03-31 08:22 57054 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
2010-03-31 08:21 . 2010-03-31 08:21 54166 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
2010-03-31 08:19 . 2010-03-31 08:19 57532 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
2010-03-31 08:17 . 2010-03-31 08:17 56458 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-03-31 08:12 . 2010-03-31 08:12 54174 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
2010-03-31 08:10 . 2010-03-31 08:10 54153 ----a-w- f:\documents and settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
2010-03-31 08:08 . 2010-03-31 08:08 54128 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
2010-03-31 08:06 . 2010-03-31 08:06 54629 ----a-w- f:\documents and settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
2010-03-31 07:59 . 2010-03-31 07:59 54101 ----a-w- f:\documents and settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
2010-03-31 07:59 . 2010-03-31 07:59 57409 ----a-w- f:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
2010-03-31 07:57 . 2010-03-31 07:57 52963 ----a-w- f:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-03-31 05:15 . 2010-03-31 05:15 54073 ----a-w- f:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
2010-03-31 05:09 . 2010-03-31 05:09 56969 ----a-w- f:\documents and settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
2010-03-31 04:35 . 2010-03-31 09:41 -------- d-----w- f:\documents and settings\All Users\Application Data\DivX
2010-03-30 22:32 . 2010-03-30 22:32 503808 ----a-w- f:\documents and settings\Kami\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-65cb026b-n\msvcp71.dll
2010-03-30 22:32 . 2010-03-30 22:32 499712 ----a-w- f:\documents and settings\Kami\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-65cb026b-n\jmc.dll
2010-03-30 22:32 . 2010-03-30 22:32 348160 ----a-w- f:\documents and settings\Kami\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-65cb026b-n\msvcr71.dll
2010-03-30 22:32 . 2010-03-30 22:32 -------- d-----w- f:\program files\Common Files\Java
2010-03-30 22:32 . 2010-03-30 22:32 61440 ----a-w- f:\documents and settings\Kami\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-30ddab3e-n\decora-sse.dll
2010-03-30 22:32 . 2010-03-30 22:32 12800 ----a-w- f:\documents and settings\Kami\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-30ddab3e-n\decora-d3d.dll
2010-03-30 21:32 . 2010-03-30 21:32 -------- d-----w- f:\program files\Hot CPU Tester Pro 4 LE
2010-03-30 04:42 . 2010-03-30 04:42 -------- d-----w- f:\documents and settings\Kami\Local Settings\Application Data\StoryBoard
2010-03-23 00:29 . 2010-03-23 00:29 -------- d-----w- f:\documents and settings\Kami\Local Settings\Application Data\Rawr
2010-03-19 23:04 . 2010-03-19 23:04 848 --sha-w- f:\windows\system32\KGyGaAvL.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-09 02:41 . 2010-02-10 05:18 1 ----a-w- f:\documents and settings\Kami\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-04-08 03:13 . 2008-08-22 02:35 -------- d---a-w- f:\documents and settings\All Users\Application Data\TEMP
2010-04-06 22:36 . 2007-12-18 09:28 -------- d-----w- f:\program files\Google
2010-04-06 18:26 . 2007-07-16 21:52 -------- d--h--w- f:\program files\InstallShield Installation Information
2010-04-06 18:26 . 2009-10-22 18:25 -------- d-----w- f:\program files\n52te
2010-04-06 18:24 . 2008-12-16 17:10 -------- d-----w- f:\program files\Eusing Free Registry Cleaner
2010-04-06 18:24 . 2007-11-30 20:06 -------- d-----w- f:\program files\Azureus
2010-04-06 15:35 . 2007-06-16 00:56 26520 ----a-w- f:\documents and settings\Kami\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-04-06 14:56 . 2007-10-16 02:02 -------- d-----w- f:\program files\SUPERAntiSpyware
2010-03-31 09:41 . 2008-06-03 23:12 -------- d-----w- f:\program files\DivX
2010-03-31 05:10 . 2009-08-22 03:45 -------- d-----w- f:\program files\Common Files\DivX Shared
2010-03-30 22:31 . 2009-04-23 17:23 -------- d-----w- f:\program files\Java
2010-03-30 21:18 . 2008-09-08 22:26 -------- d-----w- f:\program files\BCM Diagnostics Pro
2010-03-09 08:28 . 2009-04-23 17:23 411368 ----a-w- f:\windows\system32\deploytk.dll
2010-03-08 17:59 . 2010-03-08 17:59 94208 ----a-w- f:\windows\system32\dpl100.dll
2010-02-19 19:27 . 2010-02-19 19:27 720384 ----a-w- f:\windows\system32\DivX.dll
2010-02-19 19:27 . 2010-02-19 19:27 856064 ----a-w- f:\windows\system32\divx_xx0c.dll
2010-02-19 19:27 . 2010-02-19 19:27 856064 ----a-w- f:\windows\system32\divx_xx07.dll
2010-02-19 19:27 . 2010-02-19 19:27 847872 ----a-w- f:\windows\system32\divx_xx0a.dll
2010-02-19 19:27 . 2010-02-19 19:27 843776 ----a-w- f:\windows\system32\divx_xx16.dll
2010-02-19 19:27 . 2010-02-19 19:27 839680 ----a-w- f:\windows\system32\divx_xx11.dll
2010-02-10 05:17 . 2010-02-10 05:17 -------- d-----w- f:\documents and settings\Kami\Application Data\OpenOffice.org
2010-01-12 20:12 . 2010-01-12 20:12 85504 ----a-w- f:\windows\system32\ff_vfw.dll
2008-03-09 12:25 . 2009-01-13 23:25 236 -c-ha-w- f:\program files\Common Files\dx.reg
2005-02-27 18:22 . 2005-02-27 18:22 74 -c--a-w- f:\program files\Serial.txt
2005-02-22 00:39 . 2005-02-22 00:39 2662 -c--a-w- f:\program files\1337Warez.nfo
2004-09-29 23:15 . 2007-05-12 21:24 10475048 -c--a-w- f:\program files\RealPlayer10-5GOLD.exe
2008-11-30 05:20 . 2009-04-21 16:34 251392 -c--a-w- f:\program files\opera\program\plugins\dapop.dll
2008-12-10 00:27 . 2008-11-04 18:21 56 -csha-r- f:\windows\system32\D88FFC2E59.sys
.

((((((((((((((((((((((((((((( SnapShot_2009-04-27_15.02.52 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-08-18 13:07 . 2004-05-27 03:16 73728 f:\windows\twain_32\EOS20D_W\pscl2STI.dll
+ 2010-04-06 15:14 . 2010-04-06 15:14 16384 f:\windows\temp\Perflib_Perfdata_570.dat
+ 2010-04-07 23:45 . 2010-04-07 23:45 16384 f:\windows\temp\Perflib_Perfdata_4b0.dat
+ 2010-04-07 23:45 . 2010-04-07 23:45 16384 f:\windows\temp\Perflib_Perfdata_460.dat
+ 2009-06-16 23:55 . 2009-03-16 18:18 69448 f:\windows\system32\XAPOFX1_3.dll
+ 2009-06-16 23:55 . 2008-10-27 14:04 70992 f:\windows\system32\XAPOFX1_2.dll
+ 2009-06-16 23:55 . 2008-07-30 10:20 68616 f:\windows\system32\XAPOFX1_1.dll
+ 2009-06-16 23:55 . 2008-05-30 18:17 65032 f:\windows\system32\XAPOFX1_0.dll
+ 2009-06-16 23:55 . 2009-03-16 18:18 22360 f:\windows\system32\X3DAudio1_6.dll
+ 2009-06-16 23:55 . 2008-10-27 14:04 23376 f:\windows\system32\X3DAudio1_5.dll
+ 2009-06-16 23:55 . 2008-05-30 18:17 25608 f:\windows\system32\X3DAudio1_4.dll
+ 2009-06-16 23:55 . 2008-03-05 20:00 25608 f:\windows\system32\X3DAudio1_3.dll
+ 2007-06-19 01:17 . 2007-10-22 07:37 17928 f:\windows\system32\X3DAudio1_2.dll
+ 2009-10-22 18:25 . 2008-04-13 18:45 10368 f:\windows\system32\ReinstallBackups\0034\DriverFiles\i386\hidusb.sys
+ 2009-10-22 18:25 . 2008-04-13 18:45 24960 f:\windows\system32\ReinstallBackups\0034\DriverFiles\i386\hidparse.sys
+ 2009-10-22 18:25 . 2008-04-13 18:45 36864 f:\windows\system32\ReinstallBackups\0034\DriverFiles\i386\hidclass.sys
+ 2009-10-22 18:25 . 2008-04-14 00:11 20992 f:\windows\system32\ReinstallBackups\0034\DriverFiles\i386\hid.dll
+ 2009-10-22 18:25 . 2008-04-13 18:45 10368 f:\windows\system32\ReinstallBackups\0033\DriverFiles\i386\hidusb.sys
+ 2009-10-22 18:25 . 2008-04-13 18:45 24960 f:\windows\system32\ReinstallBackups\0033\DriverFiles\i386\hidparse.sys
+ 2009-10-22 18:25 . 2008-04-13 18:45 36864 f:\windows\system32\ReinstallBackups\0033\DriverFiles\i386\hidclass.sys
+ 2009-10-22 18:25 . 2008-04-14 00:11 20992 f:\windows\system32\ReinstallBackups\0033\DriverFiles\i386\hid.dll
+ 2009-07-17 18:26 . 2007-06-28 16:43 81920 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvwddi.dll
+ 2009-07-17 18:26 . 2007-06-28 16:43 81920 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvmctray.dll
+ 2009-07-17 18:26 . 2007-06-28 16:43 37376 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvcod.dll
+ 2008-02-13 21:16 . 2009-12-01 19:14 68080 f:\windows\system32\pxinsa64.exe
+ 2008-06-03 23:12 . 2009-12-01 19:14 72176 f:\windows\system32\pxhpinst.exe
+ 2008-06-08 22:58 . 2008-06-08 22:58 60273 f:\windows\system32\pthreadGC2.dll
+ 2009-04-28 13:55 . 2009-04-28 13:55 70936 f:\windows\system32\PhysXLoader.dll
+ 2008-12-04 13:28 . 2008-12-04 13:28 24344 f:\windows\system32\PhysXDevice.dll
- 2004-08-04 12:00 . 2009-04-24 03:39 78230 f:\windows\system32\perfc009.dat
+ 2004-08-04 12:00 . 2010-03-17 05:27 78230 f:\windows\system32\perfc009.dat
+ 2009-06-10 12:29 . 2009-06-10 12:29 81920 f:\windows\system32\nvwddi.dll
- 2004-10-18 08:15 . 2008-09-18 03:55 86016 f:\windows\system32\nvmctray.dll
+ 2009-06-10 12:28 . 2009-06-10 12:28 86016 f:\windows\system32\nvmctray.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 45056 f:\windows\system32\nvmccsrs.dll
+ 2009-11-14 18:11 . 2009-11-14 18:11 80384 f:\windows\system32\mkzlib.dll
+ 2009-11-14 18:11 . 2009-11-14 18:11 24576 f:\windows\system32\mkunicode.dll
+ 2008-02-11 00:56 . 2010-02-16 06:27 84507 f:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2009-07-17 18:35 . 2001-12-21 20:45 36352 f:\windows\system32\instdrv.dll
+ 2010-01-12 20:18 . 2010-01-12 20:18 97792 f:\windows\system32\ff_unrar.dll
+ 2009-10-22 18:25 . 2007-09-27 18:46 48896 f:\windows\system32\DRVSTORE\jmtflter_92E9C44249735A5E0CACA1DD6109994985059DF9\JmtFltr.sys
+ 2009-10-22 18:25 . 2007-09-19 21:01 12672 f:\windows\system32\drivers\vhidmini.sys
+ 2009-08-18 13:08 . 2008-04-13 18:45 15104 f:\windows\system32\drivers\usbscan.sys
+ 2009-10-22 18:25 . 2005-12-22 07:23 14592 f:\windows\system32\drivers\USBICP.sys
+ 2008-02-13 07:00 . 2009-12-01 19:14 44944 f:\windows\system32\drivers\pxhelp20.sys
+ 2009-10-22 18:25 . 2007-09-27 18:46 48896 f:\windows\system32\drivers\JmtFltr.sys
+ 2004-08-04 12:00 . 2008-04-13 18:45 10368 f:\windows\system32\drivers\hidusb.sys
- 2004-08-04 12:00 . 2008-04-13 18:45 10368 f:\windows\system32\drivers\hidusb.sys
+ 2009-04-26 23:45 . 2009-11-24 23:49 48560 f:\windows\system32\drivers\aswTdi.sys
+ 2009-04-26 23:45 . 2009-11-24 23:48 23120 f:\windows\system32\drivers\aswRdr.sys
+ 2009-04-26 23:45 . 2009-11-24 23:50 94160 f:\windows\system32\drivers\aswmon2.sys
+ 2009-04-26 23:45 . 2009-11-24 23:51 93424 f:\windows\system32\drivers\aswmon.sys
+ 2009-04-26 23:45 . 2009-11-24 23:50 20560 f:\windows\system32\drivers\aswFsBlk.sys
- 2009-04-26 23:45 . 2009-02-05 20:07 20560 f:\windows\system32\drivers\aswFsBlk.sys
+ 2009-04-26 23:45 . 2009-11-24 23:47 27408 f:\windows\system32\drivers\aavmker4.sys
- 2008-12-09 02:28 . 2008-12-09 02:28 57344 f:\windows\system32\dpv11.dll
+ 2008-08-05 21:59 . 2008-08-05 21:59 57344 f:\windows\system32\dpv11.dll
+ 2007-06-14 18:55 . 2008-04-14 00:12 88576 f:\windows\system32\dllcache\wmiaprpl.dll
+ 2007-06-14 18:56 . 2008-04-14 00:12 85504 f:\windows\system32\dllcache\wabimp.dll
+ 2009-08-18 13:08 . 2008-04-13 18:45 15104 f:\windows\system32\dllcache\usbscan.sys
+ 2004-08-04 12:00 . 2008-04-14 00:12 26624 f:\windows\system32\dllcache\startoc.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 14336 f:\windows\system32\dllcache\ssstars.scr
+ 2004-08-04 12:00 . 2008-04-14 00:12 47104 f:\windows\system32\dllcache\ssmypics.scr
+ 2004-08-04 12:00 . 2008-04-13 16:43 62976 f:\windows\system32\dllcache\spgrmr.dll
+ 2007-06-14 18:56 . 2008-04-14 00:12 73216 f:\windows\system32\dllcache\setup50.exe
+ 2007-06-14 18:55 . 2008-04-14 00:12 36352 f:\windows\system32\dllcache\scrcons.exe
+ 2007-06-14 18:57 . 2008-04-14 00:12 51200 f:\windows\system32\dllcache\oobebaln.exe
+ 2007-06-14 18:56 . 2008-04-14 00:12 65536 f:\windows\system32\dllcache\oledb32r.dll
+ 2007-06-14 18:56 . 2008-04-14 00:12 60416 f:\windows\system32\dllcache\oemig50.exe
+ 2004-08-04 12:00 . 2008-04-14 00:12 17408 f:\windows\system32\dllcache\ocmsn.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 15360 f:\windows\system32\dllcache\ocgen.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 62976 f:\windows\system32\dllcache\ntoc.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 15360 f:\windows\system32\dllcache\nppagent.exe
+ 2007-06-14 18:56 . 2008-04-14 00:12 77824 f:\windows\system32\dllcache\nmcom.dll
+ 2007-06-14 18:56 . 2008-04-14 00:12 81920 f:\windows\system32\dllcache\nmchat.dll
+ 2007-06-14 18:56 . 2008-04-14 00:12 28672 f:\windows\system32\dllcache\nmasnt.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 77312 f:\windows\system32\dllcache\netoc.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 57344 f:\windows\system32\dllcache\ndisnpp.dll
+ 2007-06-14 18:56 . 2008-04-14 00:12 57344 f:\windows\system32\dllcache\mst123.dll
+ 2007-06-14 18:57 . 2008-04-14 00:12 29184 f:\windows\system32\dllcache\msoobe.exe
+ 2007-06-14 18:57 . 2008-04-14 00:12 19456 f:\windows\system32\dllcache\msobweb.dll
+ 2007-06-14 18:57 . 2008-04-14 00:12 30720 f:\windows\system32\dllcache\msobshel.dll
+ 2007-06-14 18:57 . 2008-04-14 00:12 16384 f:\windows\system32\dllcache\msobdl.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 15360 f:\windows\system32\dllcache\msgrocm.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 90112 f:\windows\system32\dllcache\msdtcstp.dll
+ 2007-06-14 18:56 . 2008-04-14 00:11 20480 f:\windows\system32\dllcache\msdatt.dll
+ 2007-06-14 18:56 . 2008-04-14 00:11 94208 f:\windows\system32\dllcache\msdatl3.dll
+ 2007-06-14 18:56 . 2008-04-13 17:26 16384 f:\windows\system32\dllcache\msdasqlr.dll
+ 2007-06-14 18:56 . 2008-04-13 17:25 16384 f:\windows\system32\dllcache\msdaremr.dll
+ 2007-06-14 18:56 . 2008-04-13 17:25 16384 f:\windows\system32\dllcache\msdaprsr.dll
+ 2007-06-14 18:56 . 2008-04-13 17:24 16384 f:\windows\system32\dllcache\msdaorar.dll
+ 2007-06-14 18:56 . 2008-04-14 00:11 57344 f:\windows\system32\dllcache\msador15.dll
+ 2007-06-14 18:56 . 2008-04-13 17:26 24576 f:\windows\system32\dllcache\msader15.dll
+ 2007-06-14 18:56 . 2008-04-13 17:25 24576 f:\windows\system32\dllcache\msaddsr.dll
+ 2007-06-14 18:56 . 2008-04-14 00:11 53248 f:\windows\system32\dllcache\msadcs.dll
+ 2007-06-14 18:56 . 2008-04-13 17:25 16384 f:\windows\system32\dllcache\msadcor.dll
+ 2007-06-14 18:56 . 2008-04-13 17:25 16384 f:\windows\system32\dllcache\msadcfr.dll
+ 2007-06-14 18:56 . 2008-04-13 17:25 20480 f:\windows\system32\dllcache\msadcer.dll
+ 2007-06-14 18:55 . 2008-04-14 00:12 16384 f:\windows\system32\dllcache\mofcomp.exe
+ 2004-08-04 12:00 . 2008-04-14 00:11 19968 f:\windows\system32\dllcache\log.dll
+ 2007-06-14 18:57 . 2008-04-14 00:12 18432 f:\windows\system32\dllcache\hscupd.exe
+ 2004-08-04 12:00 . 2008-04-13 18:45 10368 f:\windows\system32\dllcache\hidusb.sys
+ 2004-08-04 12:00 . 2008-04-13 18:45 24960 f:\windows\system32\dllcache\hidparse.sys
+ 2004-08-04 12:00 . 2008-04-13 18:45 36864 f:\windows\system32\dllcache\hidclass.sys
+ 2007-06-14 18:56 . 2008-04-14 00:11 57344 f:\windows\system32\dllcache\h323cc.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 32828 f:\windows\system32\dllcache\fp40ext.dll
+ 2007-06-14 18:56 . 2008-04-14 00:11 40960 f:\windows\system32\dllcache\dcap32.dll
+ 2007-12-04 00:48 . 2008-04-13 16:44 17920 f:\windows\system32\dllcache\cobramsg.dll
- 2004-08-04 12:00 . 2004-08-04 12:00 69584 f:\windows\system32\dllcache\avicap.dll
+ 2007-06-14 14:50 . 2004-08-04 12:00 69584 f:\windows\system32\dllcache\avicap.dll
+ 2004-08-04 12:00 . 2007-04-02 18:26 20480 f:\windows\system32\dllcache\agt0c0a.dll
+ 2004-08-04 12:00 . 2007-04-02 18:26 20992 f:\windows\system32\dllcache\agt0816.dll
+ 2007-12-04 02:35 . 2007-04-02 18:26 19456 f:\windows\system32\dllcache\agt0804.dll
+ 2007-06-14 14:50 . 2007-04-02 18:26 19456 f:\windows\system32\dllcache\agt041f.dll
+ 2004-08-04 12:00 . 2007-04-02 18:26 19456 f:\windows\system32\dllcache\agt041d.dll
+ 2007-06-14 14:50 . 2007-04-02 18:26 19456 f:\windows\system32\dllcache\agt0419.dll
+ 2004-08-04 12:00 . 2007-04-02 18:26 20480 f:\windows\system32\dllcache\agt0416.dll
+ 2007-06-14 14:50 . 2007-04-02 18:26 19456 f:\windows\system32\dllcache\agt0415.dll
+ 2004-08-04 12:00 . 2007-04-02 18:26 19456 f:\windows\system32\dllcache\agt0414.dll
+ 2004-08-04 12:00 . 2007-04-02 18:26 20992 f:\windows\system32\dllcache\agt0413.dll
+ 2007-12-04 02:35 . 2007-04-02 18:26 19456 f:\windows\system32\dllcache\agt0412.dll
+ 2007-12-04 02:35 . 2007-04-02 18:26 19456 f:\windows\system32\dllcache\agt0411.dll
+ 2004-08-04 12:00 . 2007-04-02 18:26 20992 f:\windows\system32\dllcache\agt0410.dll
+ 2007-06-14 14:50 . 2007-04-02 18:26 19968 f:\windows\system32\dllcache\agt040e.dll
+ 2004-08-04 12:00 . 2007-04-02 18:26 21504 f:\windows\system32\dllcache\agt040c.dll
+ 2004-08-04 12:00 . 2007-04-02 18:26 19456 f:\windows\system32\dllcache\agt040b.dll
+ 2004-08-04 12:00 . 2008-04-13 17:32 19968 f:\windows\system32\dllcache\agt0409.dll
+ 2007-06-14 14:50 . 2007-04-02 18:26 22016 f:\windows\system32\dllcache\agt0408.dll
+ 2004-08-04 12:00 . 2007-04-02 18:26 21504 f:\windows\system32\dllcache\agt0407.dll
+ 2004-08-04 12:00 . 2007-04-02 18:25 19456 f:\windows\system32\dllcache\agt0406.dll
+ 2007-06-14 14:50 . 2007-04-02 18:25 19456 f:\windows\system32\dllcache\agt0405.dll
+ 2007-12-04 02:35 . 2007-04-02 18:25 19456 f:\windows\system32\dllcache\agt0404.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 24064 f:\windows\system32\dllcache\agentanm.dll
+ 2009-08-18 13:07 . 2004-06-01 07:27 40960 f:\windows\system32\CNDNDlg.exe
+ 2009-08-18 13:07 . 2004-06-02 22:26 94208 f:\windows\system32\CNDCK175.dll
- 2008-10-21 18:29 . 2008-10-21 18:29 43520 f:\windows\system32\CmdLineExt03.dll
+ 2008-10-21 18:29 . 2009-04-28 21:02 43520 f:\windows\system32\CmdLineExt03.dll
+ 2008-05-25 14:39 . 2008-05-25 14:39 13824 f:\windows\system32\C2MP\StatsReader.exe
+ 2002-12-12 00:14 . 2002-12-12 00:14 13312 f:\windows\system32\C2MP\msdmo.dll
+ 2002-06-12 16:52 . 2002-06-12 16:52 23040 f:\windows\system32\C2MP\MiniCalc.exe
+ 2009-05-01 21:02 . 2009-05-01 21:02 69632 f:\windows\system32\C2MP\DivXConfig.exe
+ 2009-07-17 18:35 . 2001-12-21 20:45 42496 f:\windows\system32\bcmrmv.exe
+ 2007-02-01 23:19 . 2007-02-01 23:19 28088 f:\windows\system32\bass_wv.dll
+ 2007-02-01 23:19 . 2007-02-01 23:19 18888 f:\windows\system32\bass_mpc.dll
+ 2007-02-01 23:19 . 2007-02-01 23:19 23616 f:\windows\system32\bass_flac.dll
+ 2007-02-01 23:19 . 2007-02-01 23:19 33240 f:\windows\system32\bass_ape.dll
+ 2007-02-01 23:19 . 2007-02-01 23:19 12784 f:\windows\system32\bass_alac.dll
+ 2007-02-01 23:19 . 2007-02-01 23:19 92728 f:\windows\system32\bass.dll
+ 2009-11-14 18:11 . 2009-11-14 18:11 93184 f:\windows\system32\avss.dll
+ 2009-11-14 18:11 . 2009-11-14 18:11 97792 f:\windows\system32\avs.dll
- 2009-04-26 23:45 . 2009-02-05 20:04 97480 f:\windows\system32\AvastSS.scr
+ 2009-04-26 23:45 . 2009-11-24 23:47 97480 f:\windows\system32\AvastSS.scr
+ 2008-10-07 13:13 . 2008-10-07 13:13 58648 f:\windows\system32\AgCPanelTraditionalChinese.dll
+ 2008-10-07 13:13 . 2008-10-07 13:13 58648 f:\windows\system32\AgCPanelSwedish.dll
+ 2008-10-07 13:13 . 2008-10-07 13:13 58648 f:\windows\system32\AgCPanelSpanish.dll
+ 2008-10-07 13:13 . 2008-10-07 13:13 58648 f:\windows\system32\AgCPanelSimplifiedChinese.dll
+ 2008-10-07 13:13 . 2008-10-07 13:13 58648 f:\windows\system32\AgCPanelPortugese.dll
+ 2008-10-07 13:13 . 2008-10-07 13:13 58648 f:\windows\system32\AgCPanelKorean.dll
+ 2008-10-07 13:13 . 2008-10-07 13:13 58648 f:\windows\system32\AgCPanelJapanese.dll
+ 2008-10-07 13:13 . 2008-10-07 13:13 58648 f:\windows\system32\AgCPanelGerman.dll
+ 2008-10-07 13:13 . 2008-10-07 13:13 58648 f:\windows\system32\AgCPanelFrench.dll
+ 2009-08-11 20:21 . 2009-08-11 20:21 87552 f:\windows\system32\ac3config.exe
+ 2007-09-04 23:26 . 2007-09-04 23:26 29696 f:\windows\nvoclock.sys
+ 2008-02-22 22:37 . 2008-02-22 22:37 51712 f:\windows\Installer\51c63f6.msi
+ 2008-02-22 22:33 . 2008-02-22 22:33 51712 f:\windows\Installer\51c63f2.msi
+ 2008-07-30 01:07 . 2008-07-30 01:07 23040 f:\windows\Installer\411f213.msp
+ 2009-04-17 02:06 . 2009-04-17 02:06 88576 f:\windows\Installer\40f3185.msi
+ 2008-07-29 21:27 . 2008-07-29 21:27 93184 f:\windows\Installer\26c60a6.msi
+ 2010-04-02 23:07 . 2010-04-02 23:07 10134 f:\windows\Installer\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}\ARPPRODUCTICON.exe
+ 2009-08-15 16:26 . 2003-12-14 18:10 40208 f:\windows\dsetup.dll
+ 2007-09-04 23:25 . 2007-09-04 23:25 65536 f:\windows\AutoTuneScript.dll
+ 2009-08-22 03:08 . 2009-08-22 03:08 12800 f:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2007-12-22 21:55 . 2007-12-22 21:55 12800 f:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2007-12-22 21:55 . 2007-12-22 21:55 53248 f:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2009-08-22 03:08 . 2009-08-22 03:08 53248 f:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2010-02-09 02:20 . 2010-02-09 02:20 11264 f:\windows\assembly\GAC_MSIL\cli_basetypes\1.0.14.0__ce2cb7e279207b9e\cli_basetypes.dll
+ 2010-02-09 02:21 . 2010-02-09 02:21 64000 f:\windows\assembly\GAC_32\cli_cppuhelper\1.0.17.0__ce2cb7e279207b9e\cli_cppuhelper.dll
+ 2009-10-27 15:52 . 2008-03-21 10:08 7680 f:\windows\system32\drivers\dmouc2.sys
+ 2009-10-27 15:51 . 2008-03-21 10:08 7680 f:\windows\system32\drivers\dmouc1.sys
+ 2007-06-14 18:57 . 2008-04-14 00:12 5632 f:\windows\system32\dllcache\wmm2res2.dll
+ 2007-06-14 18:57 . 2008-04-14 00:12 7680 f:\windows\system32\dllcache\wmm2ext.dll
+ 2007-06-14 18:57 . 2008-04-14 00:12 4096 f:\windows\system32\dllcache\wmm2eres.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 9216 f:\windows\system32\dllcache\scrnsave.scr
+ 2007-06-14 18:56 . 2008-04-14 00:11 4096 f:\windows\system32\dllcache\msdaurl.dll
+ 2007-06-14 18:56 . 2008-04-14 00:11 4096 f:\windows\system32\dllcache\msdasc.dll
+ 2007-06-14 18:56 . 2008-04-14 00:11 4096 f:\windows\system32\dllcache\msdaer.dll
+ 2007-06-14 18:56 . 2008-04-14 00:11 4096 f:\windows\system32\dllcache\msdaenum.dll
+ 2007-06-14 18:56 . 2008-04-14 00:11 4096 f:\windows\system32\dllcache\msdadc.dll
+ 2007-06-14 18:55 . 2008-04-14 00:12 6144 f:\windows\system32\dllcache\comrereg.exe
+ 2007-06-14 18:55 . 2008-04-14 00:12 9728 f:\windows\system32\dllcache\comrepl.exe
+ 2008-02-11 18:21 . 2009-08-05 19:34 4456 f:\windows\system32\d3d9caps.dat
+ 2003-12-26 19:26 . 2003-12-26 19:26 9216 f:\windows\system32\C2MP\OGMCalc.exe
+ 2004-03-04 20:00 . 2004-03-04 20:00 6144 f:\windows\system32\C2MP\AviC.exe
+ 2007-02-01 23:19 . 2007-02-01 23:19 8664 f:\windows\system32\bass_tta.dll
+ 2010-02-09 02:20 . 2010-02-09 02:20 3072 f:\windows\assembly\GAC_MSIL\policy.1.0.cli_uretypes\3.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_uretypes.dll
+ 2010-02-09 02:20 . 2010-02-09 02:20 3072 f:\windows\assembly\GAC_MSIL\policy.1.0.cli_ure\17.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_ure.dll
+ 2010-02-09 02:21 . 2010-02-09 02:21 3072 f:\windows\assembly\GAC_MSIL\policy.1.0.cli_oootypes\3.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_oootypes.dll
+ 2010-02-09 02:20 . 2010-02-09 02:20 3072 f:\windows\assembly\GAC_MSIL\policy.1.0.cli_basetypes\14.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_basetypes.dll
+ 2010-02-09 02:20 . 2010-02-09 02:20 7680 f:\windows\assembly\GAC_MSIL\cli_ure\1.0.17.0__ce2cb7e279207b9e\cli_ure.dll
+ 2010-02-09 02:21 . 2010-02-09 02:21 3072 f:\windows\assembly\GAC_32\policy.1.0.cli_cppuhelper\17.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_cppuhelper.dll
+ 2009-07-12 05:12 . 2009-07-12 05:12 632656 f:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-12 05:09 . 2009-07-12 05:09 554832 f:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-12 05:08 . 2009-07-12 05:08 479232 f:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
+ 2009-08-18 13:07 . 2004-05-27 04:47 266240 f:\windows\twain_32\EOS20D_W\rcPropSt.dll
+ 2009-08-18 13:07 . 2004-05-27 05:41 569407 f:\windows\twain_32\EOS20D_W\rcParse.dll
+ 2009-08-18 13:07 . 2004-05-25 03:09 151552 f:\windows\twain_32\EOS20D_W\rcDvlp.dll
+ 2009-08-18 13:07 . 2004-05-27 23:21 356352 f:\windows\twain_32\EOS20D_W\rcDcd.dll
+ 2009-08-18 13:07 . 2003-12-12 00:28 598016 f:\windows\twain_32\EOS20D_W\RcCamDat.dll
+ 2009-08-18 13:07 . 2002-05-22 06:46 122880 f:\windows\twain_32\EOS20D_W\cmSelDlg.dll
+ 2008-12-03 22:11 . 2008-12-03 22:11 180224 f:\windows\system32\xvidvfw.dll
+ 2010-01-12 20:18 . 2010-01-12 20:18 882688 f:\windows\system32\xvidcore.dll
+ 2009-06-16 23:55 . 2009-03-16 18:18 517448 f:\windows\system32\XAudio2_4.dll
+ 2009-06-16 23:55 . 2008-10-27 14:04 514384 f:\windows\system32\XAudio2_3.dll
+ 2009-06-16 23:55 . 2008-07-30 10:20 509448 f:\windows\system32\XAudio2_2.dll
+ 2009-06-16 23:55 . 2008-05-30 18:19 507400 f:\windows\system32\XAudio2_1.dll
+ 2009-06-16 23:55 . 2008-03-05 20:03 479752 f:\windows\system32\XAudio2_0.dll
+ 2009-06-16 23:55 . 2009-03-16 18:18 235352 f:\windows\system32\xactengine3_4.dll
+ 2009-06-16 23:55 . 2008-10-27 14:04 235856 f:\windows\system32\xactengine3_3.dll
+ 2009-06-16 23:55 . 2008-07-30 10:20 238088 f:\windows\system32\xactengine3_2.dll
+ 2009-06-16 23:55 . 2008-05-30 18:18 238088 f:\windows\system32\xactengine3_1.dll
+ 2009-06-16 23:55 . 2008-03-05 20:03 238088 f:\windows\system32\xactengine3_0.dll
+ 2009-06-16 23:55 . 2007-10-22 07:39 267272 f:\windows\system32\xactengine2_10.dll
+ 2007-03-26 05:00 . 2009-12-01 19:14 100848 f:\windows\system32\vxblock.dll
+ 2008-08-26 22:11 . 2008-08-26 22:11 987136 f:\windows\system32\VSFilter.dll
+ 2009-11-14 18:37 . 2009-11-14 18:37 154112 f:\windows\system32\ts.dll
+ 2010-01-01 00:00 . 2010-01-01 00:00 324096 f:\windows\system32\TomsMoComp_ff.dll
+ 2009-05-01 21:02 . 2009-05-01 21:02 200704 f:\windows\system32\ssldivx.dll
- 2008-11-06 16:35 . 2008-11-06 16:35 200704 f:\windows\system32\ssldivx.dll
+ 2009-07-17 18:26 . 2007-06-28 16:43 155716 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvsvc32.exe
+ 2009-07-17 18:26 . 2007-06-28 16:43 286720 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvnt4cpl.dll
+ 2009-07-17 18:26 . 2007-06-28 16:43 458752 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvmccssr.dll
+ 2009-07-17 18:26 . 2007-06-28 16:43 188416 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvmccss.dll
+ 2009-07-17 18:26 . 2007-06-28 16:43 229376 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvmccs.dll
+ 2009-07-17 18:26 . 2007-06-28 16:43 360448 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvapi.dll
+ 2007-07-05 21:55 . 2009-12-01 19:14 440816 f:\windows\system32\PxWave.dll
+ 2007-07-05 21:55 . 2009-12-01 19:14 219632 f:\windows\system32\PxMas.dll
+ 2008-02-13 21:16 . 2009-12-01 19:14 125424 f:\windows\system32\pxinsi64.exe
+ 2007-06-07 05:02 . 2009-12-01 19:14 559600 f:\windows\system32\pxdrv.dll
+ 2008-06-03 23:12 . 2009-12-01 19:14 133616 f:\windows\system32\pxafs.dll
+ 2007-07-05 21:55 . 2009-12-01 19:14 678384 f:\windows\system32\Px.dll
+ 2008-10-07 13:13 . 2008-10-07 13:13 197912 f:\windows\system32\physxcudart_20.dll
+ 2009-04-07 14:50 . 2009-04-07 14:50 288024 f:\windows\system32\PhysXCplUI.exe
+ 2009-04-07 14:50 . 2009-04-07 14:50 288024 f:\windows\system32\PhysXCompatCplUI.exe
- 2004-08-04 12:00 . 2009-04-24 03:39 462476 f:\windows\system32\perfh009.dat
+ 2004-08-04 12:00 . 2010-03-17 05:27 462476 f:\windows\system32\perfh009.dat
+ 2004-04-20 22:00 . 2004-04-20 22:00 172032 f:\windows\system32\OptimFROG.dll
+ 2009-11-14 18:11 . 2009-11-14 18:11 123392 f:\windows\system32\ogm.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 167936 f:\windows\system32\nvwrszht.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 163840 f:\windows\system32\nvwrszhc.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 303104 f:\windows\system32\nvwrstr.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 294912 f:\windows\system32\nvwrssv.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 303104 f:\windows\system32\nvwrssl.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 299008 f:\windows\system32\nvwrssk.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 315392 f:\windows\system32\nvwrsru.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 319488 f:\windows\system32\nvwrsptb.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 323584 f:\windows\system32\nvwrspt.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 294912 f:\windows\system32\nvwrspl.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 299008 f:\windows\system32\nvwrsno.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 319488 f:\windows\system32\nvwrsnl.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 196608 f:\windows\system32\nvwrsko.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 212992 f:\windows\system32\nvwrsja.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 323584 f:\windows\system32\nvwrsit.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 315392 f:\windows\system32\nvwrshu.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 278528 f:\windows\system32\nvwrshe.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 327680 f:\windows\system32\nvwrsfr.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 303104 f:\windows\system32\nvwrsfi.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 327680 f:\windows\system32\nvwrsesm.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 335872 f:\windows\system32\nvwrses.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 286720 f:\windows\system32\nvwrseng.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 335872 f:\windows\system32\nvwrsel.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 311296 f:\windows\system32\nvwrsde.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 294912 f:\windows\system32\nvwrsda.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 286720 f:\windows\system32\nvwrscs.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 282624 f:\windows\system32\nvwrsar.dll
+ 2007-12-09 04:16 . 2009-06-21 12:46 485920 f:\windows\system32\NVUNINST.EXE
+ 2008-08-18 13:30 . 2009-06-10 10:03 457248 f:\windows\system32\nvudisp.exe
+ 2009-06-10 12:28 . 2009-06-10 12:28 168004 f:\windows\system32\nvsvc32.exe
+ 2009-06-10 12:29 . 2009-06-10 12:29 466944 f:\windows\system32\nvshell.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 126976 f:\windows\system32\nvrszht.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 225280 f:\windows\system32\nvrszhc.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 258048 f:\windows\system32\nvrstr.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 253952 f:\windows\system32\nvrssv.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 258048 f:\windows\system32\nvrssl.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 258048 f:\windows\system32\nvrssk.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 270336 f:\windows\system32\nvrsru.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 266240 f:\windows\system32\nvrsptb.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 274432 f:\windows\system32\nvrspt.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 253952 f:\windows\system32\nvrspl.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 253952 f:\windows\system32\nvrsno.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 274432 f:\windows\system32\nvrsnl.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 262144 f:\windows\system32\nvrsko.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 266240 f:\windows\system32\nvrsja.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 278528 f:\windows\system32\nvrsit.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 258048 f:\windows\system32\nvrshu.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 327680 f:\windows\system32\nvrshe.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 282624 f:\windows\system32\nvrsfr.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 249856 f:\windows\system32\nvrsfi.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 274432 f:\windows\system32\nvrsesm.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 282624 f:\windows\system32\nvrses.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 245760 f:\windows\system32\nvrseng.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 282624 f:\windows\system32\nvrsel.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 278528 f:\windows\system32\nvrsde.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 253952 f:\windows\system32\nvrsda.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 249856 f:\windows\system32\nvrscs.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 327680 f:\windows\system32\nvrsar.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 286720 f:\windows\system32\nvnt4cpl.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 458752 f:\windows\system32\nvmccssr.dll
+ 2009-06-10 12:29 . 2009-06-10 12:29 188416 f:\windows\system32\nvmccss.dll
+ 2009-06-10 12:28 . 2009-06-10 12:28 229376 f:\windows\system32\nvmccs.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 307200 f:\windows\system32\nvexpbar.dll
+ 2009-06-10 10:03 . 2009-06-10 10:03 671744 f:\windows\system32\nvcuvid.dll
- 2008-09-18 03:55 . 2008-09-18 03:55 143360 f:\windows\system32\nvcolor.exe
+ 2009-06-10 12:28 . 2009-06-10 12:28 143360 f:\windows\system32\nvcolor.exe
+ 2007-06-28 16:43 . 2009-06-10 10:03 151552 f:\windows\system32\nvcodins.dll
+ 2007-06-28 16:43 . 2009-06-10 10:03 151552 f:\windows\system32\nvcod.dll
- 2004-10-18 08:15 . 2008-09-18 03:55 449056 f:\windows\system32\nvappbar.exe
+ 2009-06-10 12:29 . 2009-06-10 12:29 449056 f:\windows\system32\nvappbar.exe
+ 2008-09-18 03:55 . 2009-06-10 10:03 815104 f:\windows\system32\nvapi.dll
+ 2009-11-14 18:11 . 2009-11-14 18:11 141824 f:\windows\system32\mp4.dll
+ 2009-01-10 22:15 . 2009-01-10 22:15 159744 f:\windows\system32\mmfinfo.dll
+ 2009-11-14 18:11 . 2009-11-14 18:11 150016 f:\windows\system32\mkx.dll
+ 2009-11-14 18:11 . 2009-11-14 18:11 136704 f:\windows\system32\mkv2vfr.exe
+ 2010-01-27 00:58 . 2010-01-27 00:58 256280 f:\windows\system32\Macromed\Flash\FlashUtil10e.exe
+ 2010-01-12 20:18 . 2010-01-12 20:18 556491 f:\windows\system32\libmplayer.dll
+ 2010-01-12 20:18 . 2010-01-12 20:18 145408 f:\windows\system32\libmpeg2_ff.dll
- 2004-10-18 08:15 . 2008-09-18 03:55 436768 f:\windows\system32\keystone.exe
+ 2009-06-10 12:29 . 2009-06-10 12:29 436768 f:\windows\system32\keystone.exe
+ 2010-03-30 22:31 . 2010-03-09 08:28 153376 f:\windows\system32\javaws.exe
+ 2010-03-30 22:31 . 2010-03-09 08:28 145184 f:\windows\system32\javaw.exe
+ 2010-03-30 22:31 . 2010-03-09 08:28 145184 f:\windows\system32\java.exe
+ 2007-07-05 01:33 . 2007-07-05 01:33 892928 f:\windows\system32\iconv.dll
+ 2009-11-14 18:33 . 2009-11-14 18:33 357888 f:\windows\system32\gdsmux.exe
+ 2007-06-14 14:47 . 2010-04-06 15:35 126912 f:\windows\system32\FNTCACHE.DAT
+ 2010-01-12 20:18 . 2010-01-12 20:18 877385 f:\windows\system32\ff_x264.dll
+ 2010-01-12 20:18 . 2010-01-12 20:18 100864 f:\windows\system32\ff_wmv9.dll
+ 2010-01-12 20:18 . 2010-01-12 20:18 116736 f:\windows\system32\ff_tremor.dll
+ 2010-01-12 20:18 . 2010-01-12 20:18 169984 f:\windows\system32\ff_samplerate.dll
+ 2010-01-12 20:18 . 2010-01-12 20:18 151552 f:\windows\system32\ff_libmad.dll
+ 2010-01-12 20:18 . 2010-01-12 20:18 336384 f:\windows\system32\ff_libfaad2.dll
+ 2010-01-12 20:18 . 2010-01-12 20:18 216576 f:\windows\system32\ff_libdts.dll
+ 2010-01-12 20:18 . 2010-01-12 20:18 121856 f:\windows\system32\ff_liba52.dll
+ 2010-01-01 00:00 . 2010-01-01 00:00 248320 f:\windows\system32\ff_kernelDeint.dll
+ 2009-11-14 18:33 . 2009-11-14 18:33 249856 f:\windows\system32\dxr.dll
+ 2008-08-05 21:59 . 2008-08-05 21:59 196608 f:\windows\system32\dtu100.dll
+ 2009-11-14 18:11 . 2009-11-14 18:11 113152 f:\windows\system32\dsmux.exe
+ 2009-08-18 13:07 . 2004-06-01 06:04 118867 f:\windows\system32\DSLLK175.dll
+ 2009-04-26 23:45 . 2009-11-24 23:50 114768 f:\windows\system32\drivers\aswSP.sys
- 2009-04-26 23:45 . 2009-02-05 20:07 114768 f:\windows\system32\drivers\aswSP.sys
- 2008-12-09 02:28 . 2008-12-09 02:28 344064 f:\windows\system32\dpus11.dll
+ 2008-08-05 21:59 . 2008-08-05 21:59 344064 f:\windows\system32\dpus11.dll
- 2008-12-09 02:28 . 2008-12-09 02:28 593920 f:\windows\system32\dpuGUI11.dll
+ 2008-08-05 21:59 . 2008-08-05 21:59 593920 f:\windows\system32\dpuGUI11.dll
+ 2008-08-05 21:59 . 2008-08-05 21:59 294912 f:\windows\system32\dpu11.dll
- 2008-12-09 02:28 . 2008-12-09 02:28 294912 f:\windows\system32\dpu11.dll
+ 2007-06-14 14:50 . 2008-04-14 00:12 146432 f:\windows\system32\dllcache\winspool.drv
+ 2007-06-14 18:55 . 2008-04-14 00:12 197120 f:\windows\system32\dllcache\wbemupgd.dll
+ 2007-06-14 18:55 . 2008-04-14 00:12 116224 f:\windows\system32\dllcache\wbemtest.exe
+ 2007-06-14 18:56 . 2008-04-13 16:21 249856 f:\windows\system32\dllcache\wab32res.dll
+ 2007-06-14 18:56 . 2008-04-14 00:12 510976 f:\windows\system32\dllcache\wab32.dll
+ 2007-06-14 18:57 . 2008-04-14 00:12 150528 f:\windows\system32\dllcache\uploadm.exe
+ 2004-08-04 12:00 . 2008-04-14 00:12 130048 f:\windows\system32\dllcache\tsoc.dll
+ 2007-12-04 00:48 . 2008-04-14 00:12 173568 f:\windows\system32\dllcache\sysmoda.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 193024 f:\windows\system32\dllcache\sysmod.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 679936 f:\windows\system32\dllcache\sstext3d.scr
+ 2004-08-04 12:00 . 2008-04-14 00:12 610304 f:\windows\system32\dllcache\sspipes.scr
+ 2004-08-04 12:00 . 2008-04-14 00:12 393216 f:\windows\system32\dllcache\ssflwbox.scr
+ 2004-08-04 12:00 . 2008-04-14 00:12 704512 f:\windows\system32\dllcache\ss3dfo.scr
+ 2004-08-04 12:00 . 2008-04-14 00:12 110592 f:\windows\system32\dllcache\sqlse20.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 462848 f:\windows\system32\dllcache\sqlqp20.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 151552 f:\windows\system32\dllcache\sqldb20.dll
+ 2008-09-07 03:13 . 2008-04-13 18:40 576512 f:\windows\system32\dllcache\sprc0424.dll
+ 2008-09-07 03:13 . 2008-04-13 18:40 577536 f:\windows\system32\dllcache\sprc041b.dll
+ 2004-08-04 12:00 . 2008-04-13 18:38 732160 f:\windows\system32\dllcache\sprb0424.dll
+ 2004-08-04 12:00 . 2008-04-13 18:38 757248 f:\windows\system32\dllcache\sprb041b.dll
+ 2004-08-04 12:00 . 2008-04-13 18:35 192512 f:\windows\system32\dllcache\spra0424.dll
+ 2004-08-04 12:00 . 2008-04-13 18:35 192512 f:\windows\system32\dllcache\spra041b.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 101376 f:\windows\system32\dllcache\setupqry.dll
+ 2007-12-04 00:48 . 2008-04-14 00:12 199680 f:\windows\system32\dllcache\scripta.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 215552 f:\windows\system32\dllcache\script.dll
+ 2007-06-14 18:57 . 2008-04-14 00:12 102912 f:\windows\system32\dllcache\pchshell.dll
+ 2007-06-14 18:56 . 2008-04-14 00:12 172032 f:\windows\system32\dllcache\nmoldwb.dll
+ 2007-06-14 18:56 . 2008-04-14 00:12 151552 f:\windows\system32\dllcache\nmft.dll
+ 2007-06-14 18:56 . 2008-04-14 00:12 229376 f:\windows\system32\dllcache\nmas.dll
+ 2007-06-14 18:56 . 2008-04-14 00:12 221184 f:\windows\system32\dllcache\nac.dll
+ 2007-06-14 18:56 . 2008-04-14 00:12 274432 f:\windows\system32\dllcache\mst120.dll
+ 2007-06-14 18:57 . 2008-04-14 00:12 565248 f:\windows\system32\dllcache\msobmain.dll
+ 2007-06-14 18:57 . 2008-04-14 00:12 122368 f:\windows\system32\dllcache\msobcomm.dll
+ 2007-12-04 00:48 . 2008-04-14 00:12 241152 f:\windows\system32\dllcache\migwiza.exe
+ 2004-08-04 12:00 . 2008-04-14 00:12 103936 f:\windows\system32\dllcache\migload.exe
+ 2005-04-28 17:16 . 2008-04-14 00:11 261120 f:\windows\system32\dllcache\migisma.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 274432 f:\windows\system32\dllcache\migism.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 220672 f:\windows\system32\dllcache\logon.scr
+ 2004-08-04 12:00 . 2008-04-14 00:11 123392 f:\windows\system32\dllcache\imsinsnt.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 505344 f:\windows\system32\dllcache\iis.dll
+ 2007-12-04 00:48 . 2008-04-14 00:11 115200 f:\windows\system32\dllcache\guitrna.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 133120 f:\windows\system32\dllcache\guitrn.dll
+ 2007-06-14 18:59 . 2008-04-14 00:11 618605 f:\windows\system32\dllcache\fp4autl.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 274944 f:\windows\system32\dllcache\comsetup.dll
+ 2007-06-14 18:56 . 2008-04-14 00:11 385024 f:\windows\system32\dllcache\callcont.dll
+ 2004-08-04 12:00 . 2008-04-14 00:12 256512 f:\windows\system32\dllcache\agentsvr.exe
+ 2004-08-04 12:00 . 2008-04-14 00:11 116224 f:\windows\system32\dllcache\acxtrnal.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 245248 f:\windows\system32\dllcache\acspecfc.dll
+ 2004-08-04 12:00 . 2008-04-14 00:11 141312 f:\windows\system32\dllcache\aclua.dll
+ 2009-06-16 23:55 . 2009-03-09 19:27 453456 f:\windows\system32\d3dx10_41.dll
+ 2009-06-16 23:55 . 2008-10-10 08:52 452440 f:\windows\system32\d3dx10_40.dll
+ 2009-06-16 23:55 . 2008-07-10 15:01 467984 f:\windows\system32\d3dx10_39.dll
+ 2009-06-16 23:55 . 2008-05-30 18:11 467984 f:\windows\system32\d3dx10_38.dll
+ 2009-08-18 13:07 . 2004-06-02 22:27 163840 f:\windows\system32\CNDUK175.dll
+ 2010-01-14 20:39 . 2010-01-14 20:39 241338 f:\windows\system32\C2MP\Uninst.exe
+ 2010-01-14 20:39 . 2010-01-14 20:39 237995 f:\windows\system32\C2MP\Un_Parts.exe
+ 2010-01-14 20:39 . 2010-01-14 20:39 234691 f:\windows\system32\C2MP\Set_Defaults.exe
+ 2007-02-19 15:28 . 2007-02-19 15:28 117974 f:\windows\system32\C2MP\GSpot27.dat
+ 2007-02-22 20:08 . 2007-02-22 20:08 925696 f:\windows\system32\C2MP\GSpot.exe
+ 2007-02-01 23:19 . 2007-02-01 23:19 150520 f:\windows\system32\bass_aac.dll
+ 2009-11-14 18:11 . 2009-11-14 18:11 109568 f:\windows\system32\avi.dll
+ 2008-10-07 13:13 . 2008-10-07 13:13 116977 f:\windows\system32\AGEIA\AG1021\diag.bin
+ 2008-10-07 13:13 . 2008-10-07 13:13 214629 f:\windows\system32\AGEIA\AG1021\app.bin
+ 2008-10-07 13:13 . 2008-10-07 13:13 119473 f:\windows\system32\AGEIA\AG1011\diag.bin
+ 2008-10-07 13:13 . 2008-10-07 13:13 199885 f:\windows\system32\AGEIA\AG1011\app.bin
+ 2009-04-24 02:54 . 2004-08-04 12:00 366080 f:\windows\ServicePackFiles\i386\digreqex.msi
+ 2009-04-24 02:54 . 2004-08-04 12:00 863232 f:\windows\ServicePackFiles\i386\digopt.msi
+ 2009-08-15 16:26 . 2003-12-14 18:19 376832 f:\windows\Pool of Radiance remove.exe
+ 2007-03-12 16:01 . 2007-03-12 16:01 217088 f:\windows\NVGfxOgl.dll
+ 2007-09-04 23:26 . 2007-09-04 23:26 450560 f:\windows\ntuneoem.dll
+ 2009-04-17 02:08 . 2009-04-17 02:08 652800 f:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi
+ 2009-04-23 17:23 . 2009-04-23 17:23 598016 f:\windows\Installer\fc5ac.msi
+ 2007-12-04 01:31 . 2007-12-04 01:31 871424 f:\windows\Installer\f5802.msi
+ 2009-02-14 04:41 . 2009-02-14 04:41 588800 f:\windows\Installer\eac8852.msi
+ 2009-01-12 17:46 . 2009-01-12 17:46 331264 f:\windows\Installer\e81f7d8.msi
+ 2008-02-07 03:57 . 2008-02-07 03:57 451584 f:\windows\Installer\d5e9587.msi
+ 2008-11-04 18:21 . 2008-11-04 18:21 228352 f:\windows\Installer\ccdd53.msi
+ 2008-02-17 01:26 . 2008-02-17 01:26 366592 f:\windows\Installer\c5d375.msi
+ 2010-04-02 23:07 . 2010-04-02 23:07 982528 f:\windows\Installer\9dbefd1.msi
+ 2009-06-23 16:03 . 2009-06-23 16:03 532992 f:\windows\Installer\9614a51.msi
+ 2009-04-15 18:17 . 2009-04-15 18:17 301056 f:\windows\Installer\84f8a.msi
+ 2009-07-29 23:19 . 2009-07-29 23:19 360960 f:\windows\Installer\5d18b7f.msi
+ 2007-02-16 20:42 . 2007-02-16 20:42 223232 f:\windows\Installer\4cf4c.msp
+ 2009-01-04 23:10 . 2009-01-04 23:10 163840 f:\windows\Installer\4792859.msi
+ 2010-03-30 22:32 . 2010-03-30 22:32 180224 f:\windows\Installer\4774f9.msi
+ 2008-12-13 13:58 . 2008-12-13 13:58 754688 f:\windows\Installer\412e140.msp
+ 2009-04-17 02:09 . 2009-04-17 02:09 648192 f:\windows\Installer\412e114.msi
+ 2008-07-30 01:23 . 2008-07-30 01:23 250880 f:\windows\Installer\411f21c.msp
+ 2008-07-30 01:28 . 2008-07-30 01:28 278016 f:\windows\Installer\411f21a.msp
+ 2008-07-29 23:40 . 2008-07-29 23:40 291840 f:\windows\Installer\411f218.msp
+ 2009-04-17 02:08 . 2009-04-17 02:08 137728 f:\windows\Installer\411f212.msi
+ 2008-07-29 21:35 . 2008-07-29 21:35 553472 f:\windows\Installer\40f318a.msp
+ 2008-07-29 21:33 . 2008-07-29 21:33 506368 f:\windows\Installer\40f3188.msp
+ 2008-07-29 21:37 . 2008-07-29 21:37 911360 f:\windows\Installer\40f3187.msp
+ 2008-07-05 16:05 . 2008-07-05 16:05 385536 f:\windows\Installer\3c9a98c.msi
+ 2009-10-07 16:27 . 2009-10-07 16:27 421376 f:\windows\Installer\3b1ad40.msi
+ 2008-07-29 21:37 . 2008-07-29 21:37 911360 f:\windows\Installer\26c60ae.msp
+ 2008-07-29 21:33 . 2008-07-29 21:33 506368 f:\windows\Installer\26c60ad.msp
+ 2008-07-29 21:35 . 2008-07-29 21:35 553472 f:\windows\Installer\26c60ab.msp
+ 2007-06-14 19:04 . 2007-06-14 19:04 264704 f:\windows\Installer\23c99.msi
+ 2008-10-09 20:43 . 2008-10-09 20:43 133632 f:\windows\Installer\1ee29d55.msi
+ 2009-10-06 23:41 . 2009-10-06 23:41 512000 f:\windows\Installer\1c1e7f.msi
+ 2010-03-31 07:57 . 2010-03-31 07:57 169472 f:\windows\Installer\1be12b0.msi
+ 2003-05-14 13:35 . 2003-05-14 13:35 473600 f:\windows\Installer\1606d7f.msi
+ 2008-06-24 06:57 . 2008-06-24 06:57 406528 f:\windows\Installer\105b0c88.msi
+ 2009-01-06 21:40 . 2009-01-06 21:40 442368 f:\windows\Installer\1035172.msi
+ 2009-08-18 14:07 . 2010-01-11 00:38 295606 f:\windows\Installer\{AC76BA86-7AD7-1033-7B44-A81300000003}\SC_Reader.exe
+ 2007-01-23 15:39 . 2007-01-23 15:39 443904 f:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A3100000030\8.1.3\JP2KLib.dll
+ 2009-08-15 16:26 . 2003-12-14 18:19 195856 f:\windows\dsetup32.dll
+ 2009-04-03 14:26 . 2009-04-03 14:26 354608 f:\windows\Downloaded Program Files\sysreqlab_nvd.dll
+ 2009-05-14 23:03 . 2009-05-14 23:03 324984 f:\windows\Downloaded Program Files\CONFLICT.1\DLMControl.dll
+ 2009-07-17 18:35 . 1999-09-24 06:13 269312 f:\windows\bcmrmv.exe
+ 2009-08-22 03:08 . 2009-08-22 03:08 223232 f:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2007-12-22 21:55 . 2007-12-22 21:55 223232 f:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2007-12-22 21:55 . 2007-12-22 21:55 178176 f:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2009-08-22 03:08 . 2009-08-22 03:08 178176 f:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2009-08-22 03:08 . 2009-08-22 03:08 364544 f:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2007-12-22 21:55 . 2007-12-22 21:55 364544 f:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2007-12-22 21:55 . 2007-12-22 21:55 159232 f:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2009-08-22 03:08 . 2009-08-22 03:08 159232 f:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2009-08-22 03:08 . 2009-08-22 03:08 145920 f:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2007-12-22 21:55 . 2007-12-22 21:55 145920 f:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2007-12-22 21:55 . 2007-12-22 21:55 578560 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-08-13 20:36 . 2009-08-13 20:36 578560 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-08-22 03:08 . 2009-08-22 03:08 578560 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-12-22 21:55 . 2007-12-22 21:55 578560 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-12-22 21:55 . 2007-12-22 21:55 577536 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-08-22 03:08 . 2009-08-22 03:08 577536 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-08-22 03:08 . 2009-08-22 03:08 577536 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-12-22 21:55 . 2007-12-22 21:55 577536 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-12-22 21:55 . 2007-12-22 21:55 577024 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-08-22 03:08 . 2009-08-22 03:08 577024 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-08-22 03:08 . 2009-08-22 03:08 576000 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-12-22 21:55 . 2007-12-22 21:55 576000 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-08-22 03:08 . 2009-08-22 03:08 567296 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-12-22 21:55 . 2007-12-22 21:55 567296 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-12-22 21:55 . 2007-12-22 21:55 563712 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-08-22 03:08 . 2009-08-22 03:08 563712 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-08-22 03:08 . 2009-08-22 03:08 473600 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2007-12-22 21:55 . 2007-12-22 21:55 473600 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2010-02-09 02:20 . 2010-02-09 02:20 114688 f:\windows\assembly\GAC_MSIL\cli_uretypes\1.0.3.0__ce2cb7e279207b9e\cli_uretypes.dll
+ 2010-02-09 02:21 . 2010-02-09 02:21 839680 f:\windows\assembly\GAC_MSIL\cli_oootypes\1.0.3.0__ce2cb7e279207b9e\cli_oootypes.dll
+ 2004-08-04 12:00 . 2004-08-04 12:00 1326080 f:\windows\system32\webfldrs.msi
+ 2008-11-06 16:37 . 2008-11-06 16:37 1585664 f:\windows\system32\VC80CRTRedist.msi
+ 2009-07-17 18:26 . 2007-06-28 16:43 2416640 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvwssr.dll
+ 2009-07-17 18:26 . 2007-06-28 16:43 2330624 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvwss.dll
+ 2009-07-17 18:26 . 2007-06-28 16:43 3600384 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvvitvsr.dll
+ 2009-07-17 18:26 . 2007-06-28 16:43 3518464 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvvitvs.dll
+ 2009-07-17 18:26 . 2007-06-28 16:43 1018772 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvucode.bin
+ 2009-07-17 18:26 . 2007-06-28 16:43 6729728 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvoglnt.dll
+ 2009-07-17 18:26 . 2007-06-28 16:43 2854912 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvmoblsr.dll
+ 2009-07-17 18:26 . 2007-06-28 16:43 1142784 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvmobls.dll
+ 2009-07-17 18:26 . 2007-06-28 16:43 3072000 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvgamesr.dll
+ 2009-07-17 18:26 . 2007-06-28 16:43 3321856 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvgames.dll
+ 2009-07-17 18:26 . 2007-06-28 16:43 5455872 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvdispsr.dll
+ 2009-07-17 18:26 . 2007-06-28 16:43 6234112 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvdisps.dll
+ 2009-07-17 18:26 . 2007-06-28 16:43 8466432 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nvcpl.dll
+ 2009-07-17 18:26 . 2007-06-28 16:43 6807328 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nv4_mini.sys
+ 2009-07-17 18:26 . 2007-06-28 16:43 5690624 f:\windows\system32\ReinstallBackups\0031\DriverFiles\nv4_disp.dll
+ 2007-07-05 21:55 . 2009-12-01 19:14 2083312 f:\windows\system32\PxSFS.DLL
- 2004-10-18 08:15 . 2008-09-18 03:55 1657376 f:\windows\system32\nwiz.exe
+ 2009-06-10 12:29 . 2009-06-10 12:29 1657376 f:\windows\system32\nwiz.exe
+ 2007-06-28 16:43 . 2007-06-28 16:43 2416640 f:\windows\system32\nvwssr.dll
+ 2009-06-10 12:29 . 2009-06-10 12:29 3117056 f:\windows\system32\nvwss.dll
+ 2009-06-10 12:29 . 2009-06-10 12:29 1101824 f:\windows\system32\nvwimg.dll
+ 2009-06-10 12:29 . 2009-06-10 12:29 1724416 f:\windows\system32\nvwdmcpl.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 3600384 f:\windows\system32\nvvitvsr.dll
+ 2009-06-10 12:29 . 2009-06-10 12:29 4038656 f:\windows\system32\nvvitvs.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 1018772 f:\windows\system32\nvucode.bin
+ 2007-06-28 16:43 . 2009-06-10 10:03 9998336 f:\windows\system32\nvoglnt.dll
- 2008-09-18 03:55 . 2008-09-18 03:55 2854912 f:\windows\system32\nvmoblsr.dll
+ 2008-09-18 03:55 . 2007-06-28 16:43 2854912 f:\windows\system32\nvmoblsr.dll
+ 2009-06-10 12:29 . 2009-06-10 12:29 1282048 f:\windows\system32\nvmobls.dll
+ 2009-06-10 12:29 . 2009-06-10 12:29 1507328 f:\windows\system32\nview.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 3072000 f:\windows\system32\nvgamesr.dll
+ 2009-06-10 12:28 . 2009-06-10 12:28 3510272 f:\windows\system32\nvgames.dll
+ 2004-10-18 08:15 . 2007-06-28 16:43 1339392 f:\windows\system32\nvdspsch.exe
+ 2007-06-28 16:43 . 2007-06-28 16:43 5455872 f:\windows\system32\nvdispsr.dll
+ 2009-06-10 12:28 . 2009-06-10 12:28 4022272 f:\windows\system32\nvdisps.dll
+ 2009-06-10 10:03 . 2009-06-10 10:03 1580550 f:\windows\system32\nvdata.bin
+ 2009-06-10 10:03 . 2009-06-10 10:03 1310720 f:\windows\system32\nvcuvenc.dll
+ 2009-06-10 10:03 . 2009-06-10 10:03 1720320 f:\windows\system32\nvcuda.dll
+ 2007-06-28 16:43 . 2007-06-28 16:43 1073152 f:\windows\system32\nvcpluir.dll
+ 2009-06-10 12:29 . 2009-06-10 12:29 1194528 f:\windows\system32\nvcplui.exe
+ 2004-10-18 08:15 . 2009-06-10 10:03 5908608 f:\windows\system32\nv4_disp.dll
+ 2009-05-01 21:02 . 2009-05-01 21:02 1044480 f:\windows\system32\libdivx.dll
- 2008-11-06 16:35 . 2008-11-06 16:35 1044480 f:\windows\system32\libdivx.dll
+ 2010-01-12 20:18 . 2010-01-12 20:18 4507983 f:\windows\system32\libavcodec.dll
+ 2007-03-15 22:19 . 2009-02-06 16:35 1486208 f:\windows\system32\LegitCheckControl.DLL
+ 2010-01-12 20:18 . 2010-01-12 20:18 1409890 f:\windows\system32\ffmpegmt.dll
+ 2004-10-18 08:15 . 2009-06-10 10:03 8087712 f:\windows\system32\drivers\nv4_mini.sys
+ 2004-10-18 08:15 . 2009-06-10 10:03 8087712 f:\windows\system32\dllcache\nv4_mini.sys
+ 2007-06-14 18:56 . 2008-04-13 16:23 2479616 f:\windows\system32\dllcache\msoeres.dll
+ 2009-06-16 23:55 . 2009-03-09 19:27 4178264 f:\windows\system32\D3DX9_41.dll
+ 2009-06-16 23:55 . 2008-10-10 08:52 4379984 f:\windows\system32\D3DX9_40.dll
+ 2009-06-16 23:55 . 2008-07-10 15:00 3851784 f:\windows\system32\D3DX9_39.dll
+ 2009-06-16 23:55 . 2008-05-30 18:11 3850760 f:\windows\system32\D3DX9_38.dll
+ 2009-06-16 23:55 . 2009-03-09 19:27 1846632 f:\windows\system32\D3DCompiler_41.dll
+ 2009-06-16 23:55 . 2008-10-10 08:52 2036576 f:\windows\system32\D3DCompiler_40.dll
+ 2009-06-16 23:55 . 2008-07-10 15:00 1493528 f:\windows\system32\D3DCompiler_39.dll
+ 2009-06-16 23:55 . 2008-05-30 18:11 1491992 f:\windows\system32\D3DCompiler_38.dll
+ 2009-06-16 23:55 . 2008-03-05 19:56 1420824 f:\windows\system32\D3DCompiler_37.dll
+ 2009-06-16 23:55 . 2007-10-12 19:14 1374232 f:\windows\system32\D3DCompiler_36.dll
+ 2009-05-12 18:46 . 2009-05-12 18:46 1650992 f:\windows\system32\C2MP\npdivx32.dll
+ 2009-04-26 23:44 . 2009-11-24 23:54 1280480 f:\windows\system32\aswBoot.exe
+ 2009-04-24 02:53 . 2004-08-04 12:00 1326080 f:\windows\ServicePackFiles\i386\webfldrs.msi
+ 2009-04-24 02:54 . 2004-08-04 12:00 5080576 f:\windows\ServicePackFiles\i386\msnmsgs.msi
+ 2007-09-04 23:25 . 2007-09-04 23:25 1646592 f:\windows\NVBenchMarks.dll
+ 2007-05-25 17:08 . 2007-05-25 17:08 9609728 f:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp
+ 2008-06-24 04:53 . 2008-06-24 04:53 1533440 f:\windows\Installer\fea067f.msi
+ 2007-10-16 02:02 . 2008-03-13 19:32 1077248 f:\windows\Installer\f7b92.msi
+ 2009-10-15 00:51 . 2009-10-15 00:51 1711616 f:\windows\Installer\f542e17.msp
+ 2010-01-11 00:38 . 2010-01-11 00:38 9680384 f:\windows\Installer\a851e58.msp
+ 2009-04-14 02:42 . 2009-04-14 02:42 1549312 f:\windows\Installer\876e5.msi
+ 2010-02-09 02:22 . 2010-02-09 02:22 9811968 f:\windows\Installer\670e14.msi
+ 2010-02-09 02:19 . 2010-02-09 02:19 1757696 f:\windows\Installer\670e0e.msi
+ 2007-07-31 06:30 . 2007-07-31 06:30 4466176 f:\windows\Installer\54c9668.msi
+ 2009-08-22 02:51 . 2009-08-22 02:51 3683840 f:\windows\Installer\43bd4f31.msi
+ 2008-12-13 13:57 . 2008-12-13 13:57 8397824 f:\windows\Installer\412e125.msp
+ 2008-07-29 23:26 . 2008-07-29 23:26 1043456 f:\windows\Installer\411f21b.msp
+ 2008-07-30 00:37 . 2008-07-30 00:37 2679808 f:\windows\Installer\411f219.msp
+ 2008-07-30 01:15 . 2008-07-30 01:15 3697664 f:\windows\Installer\411f217.msp
+ 2008-07-29 23:34 . 2008-07-29 23:34 1448448 f:\windows\Installer\411f216.msp
+ 2008-07-30 00:22 . 2008-07-30 00:22 4137984 f:\windows\Installer\411f215.msp
+ 2008-07-29 23:18 . 2008-07-29 23:18 3376640 f:\windows\Installer\411f214.msp
+ 2008-07-29 21:45 . 2008-07-29 21:45 2543616 f:\windows\Installer\40f318e.msp
+ 2008-07-29 21:29 . 2008-07-29 21:29 2926080 f:\windows\Installer\40f318d.msp
+ 2008-07-29 21:41 . 2008-07-29 21:41 6487040 f:\windows\Installer\40f318c.msp
+ 2008-07-29 21:39 . 2008-07-29 21:39 3403264 f:\windows\Installer\40f318b.msp
+ 2008-07-29 21:43 . 2008-07-29 21:43 1013248 f:\windows\Installer\40f3189.msp
+ 2008-07-29 21:31 . 2008-07-29 21:31 6083072 f:\windows\Installer\40f3186.msp
+ 2009-08-18 14:06 . 2009-08-18 14:06 4192256 f:\windows\Installer\318ea2b3.msi
+ 2009-08-18 13:07 . 2009-08-18 13:07 1178624 f:\windows\Installer\315909f6.msi
+ 2008-12-16 18:02 . 2008-12-16 18:02 1805824 f:\windows\Installer\2b7234.msi
+ 2008-07-29 21:31 . 2008-07-29 21:31 6083072 f:\windows\Installer\26c60af.msp
+ 2008-07-29 21:43 . 2008-07-29 21:43 1013248 f:\windows\Installer\26c60ac.msp
+ 2008-07-29 21:39 . 2008-07-29 21:39 3403264 f:\windows\Installer\26c60aa.msp
+ 2008-07-29 21:41 . 2008-07-29 21:41 6487040 f:\windows\Installer\26c60a9.msp
+ 2008-07-29 21:29 . 2008-07-29 21:29 2926080 f:\windows\Installer\26c60a8.msp
+ 2008-07-29 21:45 . 2008-07-29 21:45 2543616 f:\windows\Installer\26c60a7.msp
+ 2009-08-13 20:35 . 2009-08-13 20:35 2524160 f:\windows\Installer\192ad4e8.msi
+ 2007-12-04 01:06 . 2007-12-04 01:06 1142784 f:\windows\Installer\17e1c3.msi
+ 2007-12-04 01:00 . 2007-12-04 01:00 3443712 f:\windows\Installer\140e1f.msi
+ 2009-09-09 23:32 . 2009-09-09 23:32 4733440 f:\windows\Installer\13bf1b0f.msp
+ 2009-07-17 18:26 . 2009-07-17 18:26 1500160 f:\windows\Installer\12da01.msi
+ 2010-02-09 02:22 . 2010-02-09 02:22 7424000 f:\windows\Installer\{E6B87DC4-2B3D-4483-ADFF-E483BF718991}\soffice.exe
+ 2007-07-31 06:29 . 2007-07-31 06:29 9834496 f:\windows\Downloaded Installations\{FE6F1783-A2E5-4CFA-8255-BA2C5299B0BB}\URGE.msi
+ 2007-09-26 23:36 . 2007-10-15 00:10 8581632 f:\windows\Downloaded Installations\{3E547985-AA94-4B1B-8ADD-21E060E5E31F}\Adobe Photoshop Album 3.2 SE.msi
+ 2007-10-20 01:08 . 2003-05-19 19:36 2250240 f:\windows\Cache\Adobe Reader 6.0\ENUBIG\Adobe Reader 6.0.msi
- 2007-12-22 21:55 . 2007-12-22 21:55 2846720 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-08-22 03:08 . 2009-08-22 03:08 2846720 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2007-12-22 21:55 . 2007-12-22 21:55 2676224 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-08-22 03:08 . 2009-08-22 03:08 2676224 f:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-06-10 12:28 . 2009-06-10 12:28 13758464 f:\windows\system32\nvcpl.dll
+ 2006-10-30 09:05 . 2006-10-30 09:05 11390464 f:\windows\Microsoft.NET\Framework\v3.0\WPF\wpf.msi
+ 2007-12-04 01:33 . 2007-12-04 01:33 19210240 f:\windows\Installer\f589a.msp
+ 2007-12-04 01:42 . 2007-12-04 01:42 15256576 f:\windows\Installer\4cf65.msp
+ 2008-12-13 14:21 . 2008-12-13 14:21 10473472 f:\windows\Installer\412e132.msp
+ 2009-07-17 18:16 . 2009-07-17 18:16 13896704 f:\windows\Installer\12d9f9.msi
+ 2008-10-15 04:42 . 2008-10-15 04:42 13219184 f:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A3100000030\8.1.3\AcroRd32.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"="f:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]
"SUPERAntiSpyware"="f:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-04-06 2010864]
"SpybotSD TeaTimer"="f:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"igndlm.exe"="f:\program files\Download Manager\dlm.exe" [2009-05-14 1103216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="f:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"TkBellExe"="f:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-02-17 185896]
"SunJavaUpdateSched"="f:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"SoundMan"="SOUNDMAN.EXE" [2005-08-17 90112]
"RemoteControl"="f:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 32768]
"nwiz"="nwiz.exe" [2009-06-10 1657376]
"NvMediaCenter"="f:\windows\system32\NvMcTray.dll" [2009-06-10 86016]
"NvCplDaemon"="f:\windows\system32\NvCpl.dll" [2009-06-10 13758464]
"NeroFilterCheck"="f:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"IMJPMIG8.1"="f:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"DivXUpdate"="f:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-03-05 1135912]
"amd_dc_opt"="f:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Adobe Reader Speed Launcher"="f:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="f:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="f:\windows\system32\tscupgrd.exe" [2004-08-04 44544]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-05 22:28 548352 ----a-w- f:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"GoogleDesktopManager-121207-085209"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"f:\\Program Files\\eMule\\emule.exe"=
"f:\\WINDOWS\\system32\\dpvsetup.exe"=
"e:\\GAMES\\WOW\\World of Warcraft\\Launcher.exe"=
"f:\\Program Files\\Sony\\Station\\LaunchPad\\LaunchPad.exe"=
"e:\\GAMES\\WOW\\World of Warcraft\\BackgroundDownloader.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\GAMES\\WOW\\World of Warcraft\\WoW-2.4.3-to-3.0.2-enUS-Win-Final-downloader.exe"=
"f:\\WINDOWS\\system32\\spoolsv.exe"=
"e:\\GAMES\\WOW\\World of Warcraft\\WoW-3.1.2.9901-to-3.1.3.9947-enUS-downloader.exe"=
"e:\\GAMES\\WOW\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe"=
"e:\\GAMES\\WOW\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe"=
"e:\\GAMES\\WOW\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe"=
"e:\\GAMES\\WOW\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R1 aswSP;avast! Self Protection;f:\windows\system32\drivers\aswSP.sys [2009/04/26 19:45 114768]
R1 SASDIFSV;SASDIFSV;f:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2006/10/10 13:53 12872]
R1 SASKUTIL;SASKUTIL;f:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2007/02/27 12:39 66632]
R2 aswFsBlk;aswFsBlk;f:\windows\system32\drivers\aswFsBlk.sys [2009/04/26 19:45 20560]
R2 cpuz133;cpuz133;f:\windows\system32\drivers\cpuz133_x32.sys [2010/04/02 18:00 20968]
R2 WMDrive;WMDrive;f:\windows\system32\drivers\WMDrive.sys [2009/02/14 0:30 37376]
R3 dpK0Bx01;Fingerprint Reader Filter Driver;f:\windows\system32\drivers\dpK0Bx01.sys [2008/09/03 22:41 32640]
R3 SASENUM;SASENUM;f:\program files\SUPERAntiSpyware\SASENUM.SYS [2006/02/16 17:51 12872]
R3 UsbdpFP;Fingerprint Reader Class Driver;f:\windows\system32\drivers\UsbdpFP.sys [2008/09/03 22:41 34560]
S0 sptd;sptd;f:\windows\system32\drivers\sptd.sys [2007/06/18 20:40 682232]
S0 stwlfbus;stwlfbus;f:\windows\system32\DRIVERS\stwlfbus.sys --> f:\windows\system32\DRIVERS\stwlfbus.sys [?]
S2 {09BB444F-B2E2-4009-BAF2-7B727681223E};BuddyVM;\??\f:\program files\VMLaunch\BuddyVM.sys --> f:\program files\VMLaunch\BuddyVM.sys [?]
S3 dmouc0;dmouc0;f:\windows\system32\drivers\dmouc0.sys [2009/01/09 18:08 7680]
S3 dmouc1;dmouc1;f:\windows\system32\drivers\dmouc1.sys [2009/10/27 11:51 7680]
S3 dmouc2;dmouc2;f:\windows\system32\drivers\dmouc2.sys [2009/10/27 11:52 7680]
S3 JmtFltr;n52te;f:\windows\system32\drivers\JmtFltr.sys [2009/10/22 14:25 48896]
S3 st3wolf;st3wolf;f:\windows\system32\DRIVERS\st3wolf.sys --> f:\windows\system32\DRIVERS\st3wolf.sys [?]
S3 Usblink;Usblink Driver;f:\windows\system32\drivers\ulink.sys [2008/07/22 15:20 40788]
.
Contents of the 'Scheduled Tasks' folder

2010-04-05 f:\windows\Tasks\AppleSoftwareUpdate.job
- f:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2010-04-09 f:\windows\Tasks\defrag.job
- f:\windows\system32\defrag.exe [2004-08-04 00:12]

2010-04-04 f:\windows\Tasks\File Helper.job
- f:\program files\File Helper\1.1.0.10\FileHelper.exe [2010-01-28 23:25]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &Clean Traces - f:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - f:\program files\DAP\dapextie.htm
IE: Download &all with DAP - f:\program files\DAP\dapextie2.htm
DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/mygarmin/m/GarminAxControl.CAB
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-Jomantha - f:\program files\n52te\n52teHid.exe
HKLM-Run-Google Desktop Search - f:\program files\Google\Google Desktop Search\GoogleDesktop.exe
AddRemove-Artificial Girl 3 - e:\illusion\人工少女3\unjs3.exe
AddRemove-Direct KiSS - c:\kiss\Direct KiSS\Uninst.isu
AddRemove-KISSLD - g:\storage\Azureus Downloads\haruki\(同人ソフト) [RaijinKai(雷神会)] LoveKISS(ラブきす) いちごバージョン\ラブきすいちご\aya_b.kis\kissld.exe
AddRemove-Yahoo! Messenger - f:\progra~1\Yahoo!\MESSEN~1\UNWISE.EXE
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - f:\program files\DivX\DivXCodecUninstall.exe

**************************************************************************
scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files:

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1614895754-412668190-839522115-1004\Software\KISS-MA\K0Y0_0€0&W0Y0_0A0 *-*J0・a0・n0D0D0j0・-*]
"InstallPath"="c:\\Program Files\\KISS-MA\\かすたむしすたぁ\\"
"DskSht"=dword:00000001
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(696)
f:\program files\SUPERAntiSpyware\SASWINLO.DLL
f:\windows\system32\Ati2evxx.dll
f:\windows\IME\IMJP8_1\Dicts\IMJPCD.DIC
.
Completion time: 2010-04-10 00:41:59
ComboFix-quarantined-files.txt 2010-04-10 04:41
ComboFix2.txt 2009-04-27 15:03
ComboFix3.txt 2009-04-23 17:10
ComboFix4.txt 2009-04-20 21:17
ComboFix5.txt 2010-04-10 04:32

Pre-Run: 21,414,428,672 bytes free
Post-Run: 21,569,781,760 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(3)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(3)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /noexecute=optout

Current=14 Default=14 Failed=13 LastKnownGood=15 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15
- - End Of File - - B605D094B4737BAE7163CD499D1E7E14
 
#11 ·
that fixed a lot including a missing system file that would have caused your problems

next step

Download RSIT (random's system information tool) from here to your desktop, then click on the RSIT.exe to start the scan.

If necessary allow it to locate or download a copy of HijackThis as needed.

Once the scan completes a textbox will open - copy/paste those contents here for review please. The log can also be found at C:\rsit\log.txt.

RSIT will also create a second log, info.txt, which will be minimized to your taskbar. Post that here as well please (it will also be stored at C:\rsit\info.txt).

You can use separate posts here when replying and posting the log files if needed.
 
#12 ·
info.txt logfile of random's system information tool 1.06 2010-04-13 11:07:11

======Uninstall list======

-->F:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe /CONVERTER
-->F:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->MsiExec /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 F:\WINDOWS\INF\PCHealth.inf
7-Zip 4.57-->"F:\Program Files\7-Zip\Uninstall.exe"
Adobe Flash Player 10 ActiveX-->F:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->F:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.6-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
Adobe Shockwave Player-->F:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE F:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Age Of Pirates - Caribbean Tales 1.41-->"F:\Program Files\Playlogic\Age of Pirates - Caribbean Tales\unins000.exe"
Alligator Flash Designer 7 (7.0.7.3) Trial-->F:\PROGRA~1\Selteco\ALLIGA~1\Setup.exe /remove
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ATI Display Driver-->rundll32 F:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
avast! Antivirus-->F:\Program Files\Alwil Software\Avast4\aswRunDll.exe "F:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVS DVD Player version 2.4-->"F:\Program Files\AVS4YOU\AVSDVDPlayer\unins000.exe"
AVS4YOU Software Navigator 1.2-->"F:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
BCM Diagnostics Pro-->F:\WINDOWS\uninst.exe -f"F:\Program Files\BCM Diagnostics Pro\DeIsL4.isu"
Canon EOS 20D WIA Driver-->F:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{ED9775A0-383E-4EAA-8DA5-8CC6860D60A3}
CCleaner (remove only)-->"F:\Program Files\CCleaner\uninst.exe"
CEP - Color Enable Package-->"E:\GAMES\zCEP_Uninstaller\unins000.exe"
CPUID CPU-Z 1.54-->"F:\Program Files\CPUID\CPU-Z\unins000.exe"
DivX Converter-->F:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe /CONVERTER
DivX Plus DirectShow Filters-->F:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Setup-->F:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
Download Accelerator Plus (DAP)-->F:\PROGRA~1\DAP\DAPREMOVE.EXE
Download Manager 2.3.6-->F:\Program Files\Download Manager\uninst.exe
Dual-Core Optimizer-->MsiExec.exe /X{9FD6F1A8-5550-46AF-8509-271DF0E768B5}
DVD Decrypter (Remove Only)-->"F:\Program Files\DVD Decrypter\uninstall.exe"
eMule-->"F:\Program Files\eMule\Uninstall.exe"
EVEREST Home Edition v2.20-->"F:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Google Desktop Plugin - Calendar-->MsiExec.exe /X{CE55B9C0-D0E6-42F5-8CCA-9A6B90359FAC}
Google Desktop Plugin - oCalendar-->MsiExec.exe /X{31127C19-C589-4C1A-AEB3-7DB8091F303C}
GUN-KATANA-->MsiExec.exe /I{E3DA97E8-F41F-448A-A186-9147C9CBD040}
HentHighschool-->MsiExec.exe /I{CDB7CEA6-E010-482B-9A81-70A1DB242C8C}
HijackThis 2.0.2-->"F:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hot CPU Tester Pro 4.4.1-->"F:\Program Files\Hot CPU Tester Pro 4 LE\unins000.exe"
Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->F:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->F:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->F:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows XP (KB952287)-->"F:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"F:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
ILLUSION BotuPlay-->E:\Games\illusion\BotuPlay\LSUin000.exe "E:\Games\illusion\BotuPlay\LSUin000.lil"
ILLUSION Sexyビーチ3~キャラクター追加DISC~-->MsiExec.exe /X{F5DCB11C-8F09-4C71-B952-B96DBB4E6584}
ILLUSION アンリミテッドボツ-->MsiExec.exe /X{3880FBF3-6227-41AA-B53F-A8EA05216CC1}
ILLUSION 勇者からは逃げられない!-->MsiExec.exe /X{A99C800B-C5F3-48B9-AE2F-A9BE1C553111}
Inkscape 0.46-->F:\Program Files\Inkscape\Uninstall.exe
INTERACT PLAY VR-->MsiExec.exe /X{D54C9627-5E92-11D5-BACB-0090CC01356A}
InterActual Player-->F:\Program Files\InterActual\InterActual Player\inuninst.exe
ISO Recorder-->MsiExec.exe /I{DFC6573E-124D-4026-BFA4-B433C9D3FF21}
IsoBuster 2.4-->"F:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016F0}
Java(TM) 6 Update 19-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
KeyTweak - Keyboard Remapper (remove only)-->"F:\Program Files\KeyTweak\uninstall.exe"
Malwarebytes' Anti-Malware-->"F:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Media Player Codec Pack 3.9.2-->F:\WINDOWS\system32\C2MP\Uninst.exe
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"F:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "F:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->F:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Internationalized Domain Names Mitigation APIs-->"F:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"F:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nero OEM-->F:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NJStar Communicator-->F:\Program Files\NJStar Communicator\uninst.exe
NVIDIA Drivers-->F:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA nTune-->F:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF} /l1041
NVIDIA PhysX-->MsiExec.exe /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
OpenOffice.org 3.1-->MsiExec.exe /I{E6B87DC4-2B3D-4483-ADFF-E483BF718991}
Opera 9.63-->MsiExec.exe /X{2C0CD17D-0B06-4700-83FA-7344B868B0A2}
Optical Mouse driver-->F:\Program Files\OpticalMouse\uinst.exe
Pool of Radiance-->F:\WINDOWS\Pool of Radiance remove.exe remove
PowerDVD-->RunDll32 F:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "F:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Q-Xpress Installer 1.1.9-->E:\GAMES\Q-Xpress Installer\uninst.exe
RapeLay (remove only)-->"E:\GAMES\RapeLay\uninstall.exe"
RealPlayer-->F:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
RGSS-RTP Standard-->MsiExec.exe /I{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}
Rhapsody Player Engine-->MsiExec.exe /I{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}
RON Too1 Addestination-->F:\WINDOWS\system32\acmkkataykap.exe
Rosetta Stone 2.1.4.1A-->"E:\Rosetta Stone\RS2.1.4.1A_Support\Uninstall_Rosetta Stone 2.1.4.1A\Uninstall Rosetta Stone 2.1.4.1A.exe"
RPG Maker 2000 1.05-->F:\WINDOWS\UnGins.exe "F:\Program Files\ASCII\RPG2000\install.log"
RPG Maker VX RTP-->"F:\Program Files\Common Files\Enterbrain\RGSS2\RPGVX\unins000.exe"
RPGXP-->MsiExec.exe /I{9B34CAC6-738F-4A20-B428-A115C3E3474C}
RPGツクール2000 ランタイムパッケージ-->RunDll32 F:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "F:\Program Files\InstallShield Installation Information\{33F7A957-A66D-45A1-BADF-6576083B14E2}\setup.exe"
RPGツクール2003 ランタイムパッケージ-->RunDll32 F:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "F:\Program Files\InstallShield Installation Information\{0044AEC7-8924-4FB1-B4F7-FD14A5FEA9E4}\setup.exe"
RTP 1.32 Add-On for RM2k-->F:\WINDOWS\UnGins.exe "F:\Program Files\ASCII\RPG2000\RTP\install.log"
RTP for RM2K (Png, Wav, Midi, Fonts)-->F:\WINDOWS\UnGins.exe "F:\Program Files\ASCII\RPG2000\RTP\install.log"
SchoolMate-->MsiExec.exe /X{D1AB869E-1381-46CB-A782-FE7190E6DBC2}
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"F:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB963027)-->"F:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"F:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->F:\WINDOWS\system32\MacroMed\Flash\genuinst.exe F:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464-v2)-->"F:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"F:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"F:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"F:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"F:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"F:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"F:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"F:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"F:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"F:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"F:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"F:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"F:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"F:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"F:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"F:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"F:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"F:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"F:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"F:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"F:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"F:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"F:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"F:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Security Update for Windows XP (KB963027)-->"F:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Spybot - Search & Destroy-->"F:\Program Files\Spybot - Search & Destroy\unins003.exe"
Star Trek Legacy-->MsiExec.exe /I{287A4E96-AC57-4A19-9B51-C5EED2EAB382}
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Swiff Player 1.5-->"F:\Program Files\GlobFX\Swiff Player\unins000.exe"
System Requirements Lab-->F:\Program Files\SystemRequirementsLab\Uninstall.exe
The Sims 2 Family Fun Stuff-->E:\GAMES\The Sims 2 Family Fun Stuff\EAUninstall.exe
The Sims 2 Glamour Life Stuff-->E:\GAMES\The Sims 2 Glamour Life Stuff\EAUninstall.exe
The Sims 2 Nightlife-->E:\GAMES\The Sims 2 Nightlife\EAUninstall.exe
The Sims 2 Open For Business-->E:\GAMES\The Sims 2 Open For Business\EAUninstall.exe
The Sims 2 Pets-->E:\GAMES\The Sims 2 Pets\EAUninstall.exe
The Sims 2 University-->E:\GAMES\The Sims 2 University\EAUninstall.exe
The Sims 2-->E:\GAMES\The Sims 2\EAUninstall.exe
Tweak UI-->"F:\WINDOWS\system32\mshta.exe" "res://F:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
Update for Windows XP (KB951978)-->"F:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"F:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"F:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
URGE-->MsiExec.exe /I{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}
USB Super Link-->F:\WINDOWS\ISUNINST.EXE -f"F:\Program Files\USB Super Link\Uninst.isu" -c"F:\WINDOWS\Setupdll.dll"
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Vodei Multimedia Processor 2.10-->F:\Program Files\Vodei\uninst.exe
Wanko to Kurasou English v1.0-->"e:\ivory\WANKO\unins000.exe"
Windows Driver Package - Belkin (HidUsb) HIDClass (01/11/2007 1.0)-->F:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst.exe /u F:\WINDOWS\system32\DRVSTORE\jmtflter_92E9C44249735A5E0CACA1DD6109994985059DF9\jmtflter.inf
Windows Driver Package - MOTOROLA (uisp) USB (09/08/2006 1.2.0.0)-->F:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst.exe /u F:\WINDOWS\system32\DRVSTORE\usbicp_148F9D51ADD758FCD4B68B61FF903F813AA2083E\usbicp.inf
Windows Internet Explorer 7-->"F:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"F:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 11-->"F:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows XP Service Pack 3-->"F:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinMount V3.1.1219-->"F:\Program Files\WinMount3\unins000.exe"
WinRAR archiver-->F:\Program Files\WinRAR\uninstall.exe
WinZip 11.2-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B6}
World of Warcraft-->F:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft (2)\Uninstall.exe
X-Change 2-->F:\WINDOWS\unvise32.exe e:\Games\uninstal.log
Xvid 1.1.3 final uninstall-->"F:\Program Files\Xvid\unins000.exe"
ふたりでマーヴルしちゃいます!-->E:\MBSTruth\Marvl\Uninstall.exe
痴漢電車男2 伝説へのライナー-->E:\Games\GuiltyPLUS\痴漢電車男2\UNINST.EXE
涼宮ハル●の嗚咽-->F:\Program Files\セイバーフィッシュ\涼宮ハル●の嗚咽\_uninst.exe JHMBILHLIDGOIDILIBJMICMMJKGKIIPE

=====HijackThis Backups=====

O20 - AppInit_DLLs: F:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL f:\windows\system32\huheliva.dll,F:\WINDOWS\system32\nukijafu.dll [2008-12-16]
O4 - HKLM\..\Run: [CPM035248fa] Rundll32.exe "f:\windows\system32\huheliva.dll",a [2008-12-16]
O4 - HKUS\S-1-5-20\..\Run: [bofalihifo] Rundll32.exe "F:\WINDOWS\system32\zayapilo.dll",s (User 'NETWORK SERVICE') [2008-12-16]
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - f:\windows\system32\huheliva.dll [2008-12-16]
O4 - HKUS\S-1-5-19\..\Run: [bofalihifo] Rundll32.exe "F:\WINDOWS\system32\zayapilo.dll",s (User 'LOCAL SERVICE') [2008-12-16]
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - f:\windows\system32\huheliva.dll [2008-12-16]
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - f:\windows\system32\huheliva.dll [2008-12-16]
O20 - AppInit_DLLs: f:\windows\system32\huheliva.dll [2008-12-16]
O4 - HKLM\..\Run: [CPM035248fa] Rundll32.exe "f:\windows\system32\huheliva.dll",a [2008-12-16]

Hosts File Missing
======Security center information======

AV: avast! antivirus 4.8.1368 [VPS 100411-0] (disabled)
AV: Windows Live OneCare (disabled)
FW: Windows Live OneCare Firewall (disabled)

======System event log======

Computer Name: KAMI-706842B87D
Event Code: 4
Message: Driver detected an internal error in its data structures for .

Record Number: 17262
Source Name: sptd
Time Written: 20091218003217.000000-300
Event Type: error
User:

Computer Name: KAMI-706842B87D
Event Code: 7026
Message: The following boot-start or system-start driver(s) failed to load:
sptd

Record Number: 17255
Source Name: Service Control Manager
Time Written: 20091218003216.000000-300
Event Type: error
User:

Computer Name: KAMI-706842B87D
Event Code: 7024
Message: The Windows Search service terminated with service-specific error 2147746132 (0x80040154).

Record Number: 17254
Source Name: Service Control Manager
Time Written: 20091218003216.000000-300
Event Type: error
User:

Computer Name: KAMI-706842B87D
Event Code: 7023
Message: The Automatic Updates service terminated with the following error:
The specified module could not be found.

Record Number: 17253
Source Name: Service Control Manager
Time Written: 20091218003216.000000-300
Event Type: error
User:

Computer Name: KAMI-706842B87D
Event Code: 7000
Message: The BuddyVM service failed to start due to the following error:
The system cannot find the file specified.

Record Number: 17252
Source Name: Service Control Manager
Time Written: 20091218003216.000000-300
Event Type: error
User:

=====Application event log=====

Computer Name: KAMI-706842B87D
Event Code: 4356
Message: The COM+ Event System failed to create an instance of the subscriber partition:{41E90F3E-56C1-4633-81C3-6E8BAC8BDD70}!new:{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}. CoGetObject returned HRESULT 80070422.
Record Number: 24
Source Name: EventSystem
Time Written: 20080907173335.000000-240
Event Type: warning
User:

Computer Name: KAMI-706842B87D
Event Code: 4353
Message: The COM+ Event System attempted to fire the EventObjectChange::ChangedSubscription event but received a bad return code. HRESULT was 80040201.
Record Number: 23
Source Name: EventSystem
Time Written: 20080907173335.000000-240
Event Type: warning
User:

Computer Name: KAMI-706842B87D
Event Code: 4356
Message: The COM+ Event System failed to create an instance of the subscriber partition:{41E90F3E-56C1-4633-81C3-6E8BAC8BDD70}!new:{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}. CoGetObject returned HRESULT 80070422.
Record Number: 22
Source Name: EventSystem
Time Written: 20080907173335.000000-240
Event Type: warning
User:

Computer Name: KAMI-706842B87D
Event Code: 63
Message: A provider, HiPerfCooker_v1, has been registered in the WMI namespace, Root\WMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Record Number: 17
Source Name: WinMgmt
Time Written: 20080907173132.000000-240
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: KAMI-706842B87D
Event Code: 63
Message: A provider, HiPerfCooker_v1, has been registered in the WMI namespace, Root\WMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Record Number: 16
Source Name: WinMgmt
Time Written: 20080907173132.000000-240
Event Type: warning
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;F:\Program Files\Smart Projects\IsoBuster;F:\Program Files\Common Files\DivX Shared
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 67 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=4303
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------
 
#13 ·
Logfile of random's system information tool 1.06 (written by random/random)
Run by Kami at 2010-04-13 11:07:02
Microsoft Windows XP Home Edition Service Pack 3
System drive F: has 23 GB (17%) free of 137 GB
Total RAM: 3582 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:07:10, on 2010/04/13
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\nvsvc32.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Common Files\Java\Java Update\jusched.exe
F:\WINDOWS\SOUNDMAN.EXE
F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
F:\WINDOWS\system32\RUNDLL32.EXE
F:\Program Files\DivX\DivX Update\DivXUpdate.exe
F:\WINDOWS\system32\rundll32.exe
F:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
F:\Program Files\Java\jre6\bin\jqs.exe
F:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\system32\wscntfy.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\DAP\DAP.exe
F:\Program Files\Common Files\Real\Update_OB\realsched.exe
F:\Program Files\Internet Explorer\IEXPLORE.EXE
F:\Documents and Settings\Kami\Desktop\RSIT.exe
F:\Program Files\Trend Micro\HijackThis\Kami.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "F:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RemoteControl] "F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "F:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [DivXUpdate] "F:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [amd_dc_opt] F:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [MSConfig] F:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKCU\..\Run: [NVIDIA nTune] "F:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [SUPERAntiSpyware] F:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [igndlm.exe] F:\Program Files\Download Manager\dlm.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Windows Search.lnk = F:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Clean Traces - F:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - F:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - F:\Program Files\DAP\dapextie2.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/mygarmin/m/GarminAxControl.CAB
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.9.113.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1240541163015
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - F:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Imapi Helper - Alex Feinman - F:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - F:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6774 bytes

======Scheduled tasks folder======

F:\WINDOWS\tasks\AppleSoftwareUpdate.job
F:\WINDOWS\tasks\defrag.job
F:\WINDOWS\tasks\File Helper.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - F:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - F:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=F:\WINDOWS\system32\NvCpl.dll [2009-06-10 13758464]
"TkBellExe"=F:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-02-16 185896]
"SunJavaUpdateSched"=F:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"SoundMan"=F:\WINDOWS\SOUNDMAN.EXE [2005-08-17 90112]
"RemoteControl"=F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2005-01-12 32768]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=F:\WINDOWS\system32\NvMcTray.dll [2009-06-10 86016]
"NeroFilterCheck"=F:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"IMJPMIG8.1"=F:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
"DivXUpdate"=F:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-03-05 1135912]
"amd_dc_opt"=F:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"Adobe Reader Speed Launcher"=F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"MSConfig"=F:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [2008-04-13 169984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"=F:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-09-04 81920]
"SUPERAntiSpyware"=F:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-04-06 2010864]
"SpybotSD TeaTimer"=F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"igndlm.exe"=F:\Program Files\Download Manager\dlm.exe [2009-05-14 1103216]
"ctfmon.exe"=F:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-24 81000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"GoogleDesktopManager-121207-085209"=3

F:\Documents and Settings\All Users\Start Menu\Programs\Startup
Windows Search.lnk - F:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
F:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-05 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
F:\WINDOWS\system32\Ati2evxx.dll [2006-01-24 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
F:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\OneCareMP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"
"F:\Program Files\eMule\emule.exe"="F:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"F:\WINDOWS\system32\dpvsetup.exe"="F:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"E:\GAMES\WOW\World of Warcraft\Launcher.exe"="E:\GAMES\WOW\World of Warcraft\Launcher.exe:*:Enabled:World of Warcraft"
"F:\Program Files\Sony\Station\LaunchPad\LaunchPad.exe"="F:\Program Files\Sony\Station\LaunchPad\LaunchPad.exe:*:Enabled:LaunchPad"
"E:\GAMES\WOW\World of Warcraft\BackgroundDownloader.exe"="E:\GAMES\WOW\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000"
"E:\GAMES\WOW\World of Warcraft\WoW-2.4.3-to-3.0.2-enUS-Win-Final-downloader.exe"="E:\GAMES\WOW\World of Warcraft\WoW-2.4.3-to-3.0.2-enUS-Win-Final-downloader.exe:*:Enabled:Blizzard Downloader"
"F:\WINDOWS\system32\spoolsv.exe"="F:\WINDOWS\system32\spoolsv.exe:*:Enabled:spoolsv"
"E:\GAMES\WOW\World of Warcraft\WoW-3.1.2.9901-to-3.1.3.9947-enUS-downloader.exe"="E:\GAMES\WOW\World of Warcraft\WoW-3.1.2.9901-to-3.1.3.9947-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\GAMES\WOW\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe"="E:\GAMES\WOW\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\GAMES\WOW\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe"="E:\GAMES\WOW\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\GAMES\WOW\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe"="E:\GAMES\WOW\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\GAMES\WOW\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe"="E:\GAMES\WOW\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe:*:Enabled:Blizzard Downloader"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-04-13 11:07:02 ----D---- F:\rsit
2010-04-11 15:49:32 ----SHD---- F:\RECYCLER
2010-04-11 14:55:58 ----A---- F:\WINDOWS\ntbtlog.txt
2010-04-11 14:51:07 ----A---- F:\ComboFix.txt
2010-04-11 14:44:51 ----D---- F:\ComboFix
2010-04-10 00:40:19 ----A---- F:\WINDOWS\system32\proquota.exe
2010-04-10 00:32:51 ----A---- F:\WINDOWS\MBR.exe
2010-04-10 00:32:50 ----A---- F:\WINDOWS\PEV.exe
2010-04-10 00:27:01 ----A---- F:\WINDOWS\system32\CF5710.exe
2010-04-09 13:30:34 ----D---- F:\Program Files\KeyTweak
2010-04-07 19:30:24 ----D---- F:\Documents and Settings\Kami\Application Data\Malwarebytes
2010-04-07 19:30:15 ----D---- F:\Program Files\Malwarebytes' Anti-Malware
2010-04-07 19:30:15 ----D---- F:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-04-02 19:07:42 ----D---- F:\Program Files\AMD
2010-04-02 18:00:32 ----D---- F:\Program Files\CPUID
2010-03-31 00:35:55 ----D---- F:\Documents and Settings\All Users\Application Data\DivX
2010-03-30 18:32:05 ----D---- F:\Documents and Settings\All Users\Application Data\Sun
2010-03-30 18:32:04 ----D---- F:\Program Files\Common Files\Java
2010-03-30 18:31:53 ----A---- F:\WINDOWS\system32\javaws.exe
2010-03-30 18:31:53 ----A---- F:\WINDOWS\system32\javaw.exe
2010-03-30 18:31:53 ----A---- F:\WINDOWS\system32\java.exe
2010-03-30 17:32:35 ----D---- F:\Program Files\Hot CPU Tester Pro 4 LE

======List of files/folders modified in the last 1 months======

2010-04-13 07:09:46 ----D---- F:\WINDOWS\temp
2010-04-12 23:15:41 ----D---- F:\WINDOWS
2010-04-11 17:27:03 ----AD---- F:\Documents and Settings\All Users\Application Data\TEMP
2010-04-11 16:38:49 ----D---- F:\WINDOWS\Prefetch
2010-04-11 16:38:33 ----A---- F:\WINDOWS\win.ini
2010-04-11 16:38:33 ----A---- F:\WINDOWS\system.ini
2010-04-11 16:37:37 ----SHD---- F:\System Volume Information
2010-04-11 16:37:37 ----D---- F:\WINDOWS\system32\Restore
2010-04-11 16:05:24 ----D---- F:\WINDOWS\pss
2010-04-11 16:04:30 ----D---- F:\Documents and Settings
2010-04-11 15:00:20 ----D---- F:\WINDOWS\system32\CatRoot2
2010-04-11 14:51:08 ----D---- F:\QooBox
2010-04-11 14:48:40 ----D---- F:\WINDOWS\system32\drivers
2010-04-11 14:48:40 ----D---- F:\WINDOWS\system32
2010-04-11 14:48:40 ----D---- F:\WINDOWS\AppPatch
2010-04-11 14:48:37 ----D---- F:\Program Files\Common Files
2010-04-11 14:44:59 ----A---- F:\WINDOWS\SchedLgU.Txt
2010-04-11 14:24:03 ----D---- F:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-04-11 14:23:59 ----D---- F:\WINDOWS\Minidump
2010-04-11 14:23:59 ----D---- F:\WINDOWS\Debug
2010-04-10 21:31:09 ----D---- F:\Documents and Settings\Kami\Application Data\Ventrilo
2010-04-10 00:41:10 ----D---- F:\WINDOWS\ERDNT
2010-04-10 00:40:24 ----RSHDC---- F:\WINDOWS\system32\dllcache
2010-04-09 13:30:34 ----RD---- F:\Program Files
2010-04-07 19:24:10 ----SHD---- F:\WINDOWS\Installer
2010-04-07 19:23:57 ----D---- F:\Config.Msi
2010-04-06 18:38:13 ----AC---- F:\WINDOWS\system32\wpa.bak
2010-04-06 18:36:58 ----D---- F:\Program Files\Google
2010-04-06 14:27:33 ----A---- F:\WINDOWS\WININIT.INI
2010-04-06 14:26:30 ----HD---- F:\Program Files\InstallShield Installation Information
2010-04-06 14:26:06 ----D---- F:\Program Files\n52te
2010-04-06 14:26:05 ----HD---- F:\WINDOWS\inf
2010-04-06 14:24:52 ----D---- F:\Program Files\Eusing Free Registry Cleaner
2010-04-06 14:24:20 ----D---- F:\Program Files\Azureus
2010-04-06 10:56:31 ----D---- F:\Program Files\SUPERAntiSpyware
2010-03-31 05:41:33 ----D---- F:\Program Files\DivX
2010-03-31 03:49:55 ----D---- F:\WINDOWS\WinSxS
2010-03-31 01:10:13 ----D---- F:\Program Files\Common Files\DivX Shared
2010-03-30 18:31:52 ----D---- F:\Program Files\Java
2010-03-30 17:18:02 ----D---- F:\Program Files\BCM Diagnostics Pro
2010-03-17 01:27:54 ----A---- F:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; F:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-24 27408]
R1 AmdPPM;AMD HwPState Processor Driver; F:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 aswSP;avast! Self Protection; F:\WINDOWS\system32\drivers\aswSP.sys [2009-11-24 114768]
R1 aswTdi;avast! Network Shield Support; F:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-24 48560]
R1 FsVga;FsVga; F:\WINDOWS\system32\DRIVERS\fsvga.sys [2004-08-04 12160]
R1 kbdhid;Keyboard HID Driver; F:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 SASDIFSV;SASDIFSV; \??\F:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\F:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; F:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 aswFsBlk;aswFsBlk; F:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
R2 aswMon2;avast! Standard Shield Support; F:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-24 94160]
R2 atksgt;atksgt; F:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-09-25 278728]
R2 cpuz133;cpuz133; \??\F:\WINDOWS\system32\drivers\cpuz133_x32.sys []
R2 lirsgt;lirsgt; F:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-09-25 25416]
R2 WMDrive;WMDrive; \??\F:\WINDOWS\system32\drivers\WMDrive.sys []
R3 AmdLLD;AMD Low Level Device Driver; F:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 Arp1394;1394 ARP Client Protocol; F:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 dpK0Bx01;Fingerprint Reader Filter Driver; F:\WINDOWS\system32\DRIVERS\dpK0Bx01.sys [2004-08-04 32640]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; F:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; F:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; F:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; F:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-12 5810]
R3 NIC1394;1394 Net Driver; F:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; F:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-06-10 8087712]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; F:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-09-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; F:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-09-11 19968]
R3 NVR0Dev;NVR0Dev; \??\F:\WINDOWS\nvoclock.sys []
R3 SASENUM;SASENUM; \??\F:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 usbaudio;USB Audio Driver (WDM); F:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; F:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 UsbdpFP;Fingerprint Reader Class Driver; F:\WINDOWS\system32\DRIVERS\UsbdpFP.sys [2004-08-04 34560]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; F:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; F:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; F:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;USB Mass Storage Driver; F:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 vhidmini;Virtual Hid Device; F:\WINDOWS\system32\DRIVERS\vhidmini.sys [2007-09-19 12672]
S2 {09BB444F-B2E2-4009-BAF2-7B727681223E};BuddyVM; \??\F:\Program Files\VMLaunch\BuddyVM.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); F:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-08-19 3644800]
S3 aswRdr;aswRdr; F:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-24 23120]
S3 ati2mtag;ati2mtag; F:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-01-24 1478656]
S3 catchme;catchme; \??\F:\DOCUME~1\Kami\LOCALS~1\Temp\catchme.sys []
S3 dmouc0;dmouc0; F:\WINDOWS\System32\DRIVERS\dmouc0.sys [2008-03-21 7680]
S3 dmouc1;dmouc1; F:\WINDOWS\System32\DRIVERS\dmouc1.sys [2008-03-21 7680]
S3 dmouc2;dmouc2; F:\WINDOWS\System32\DRIVERS\dmouc2.sys [2008-03-21 7680]
S3 grmnusb;grmnusb; F:\WINDOWS\system32\drivers\grmnusb.sys [2003-09-23 7296]
S3 JmtFltr;n52te; F:\WINDOWS\System32\Drivers\JmtFltr.sys [2007-09-27 48896]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; F:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 RT25USBAP;Nintendo Wi-Fi USB Connector Service; F:\WINDOWS\system32\DRIVERS\rt25usbap.sys [2006-04-10 162816]
S3 st3wolf;st3wolf; F:\WINDOWS\system32\DRIVERS\st3wolf.sys []
S3 Usblink;Usblink Driver; F:\WINDOWS\System32\Drivers\ulink.sys [2003-08-08 40788]
S3 usbscan;USB Scanner Driver; F:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; F:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; F:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; F:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-09-19 241280]
S4 IntelIde;IntelIde; F:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 JavaQuickStarterService;Java Quick Starter; F:\Program Files\Java\jre6\bin\jqs.exe [2010-03-09 153376]
R2 nTuneService;nTune Service; F:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-09-04 131072]
R2 NVSvc;NVIDIA Display Driver Service; F:\WINDOWS\system32\nvsvc32.exe [2009-06-10 168004]
S2 Ati HotKey Poller;Ati HotKey Poller; F:\WINDOWS\system32\Ati2evxx.exe [2006-01-24 405504]
S2 WSearch;Windows Search; F:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S3 aspnet_state;ASP.NET State Service; F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; F:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; F:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Imapi Helper;Imapi Helper; F:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe [2006-01-05 163840]
S3 usprserv;User Privilege Service; F:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; F:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; F:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 aswUpdSv;avast! iAVS4 Control Service; F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-24 18752]
S4 avast! Antivirus;avast! Antivirus; F:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-24 138680]
S4 avast! Mail Scanner;avast! Mail Scanner; F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-24 254040]
S4 avast! Web Scanner;avast! Web Scanner; F:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-24 352920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; F:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
 
#16 ·
Delete RSIT from desktop

* Follow these steps to uninstall Combofix and the other tools it downloaded to remove the malware*
* Click START then RUN
* Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the /U, it needs to be there.


This will also purge the restore folder and clear any malware that has been put in there. Now Empty Recycle bin on desktop Then reboot.

go here http://www.thespykiller.co.uk/index.php?page=3 for info on how to tighten your security settings and how to help prevent future attacks.

and scan here http://secunia.com/software_inspector/ for out of date & vulnerable common applications on your computer and update whatever it suggests

Then pay an urgent visit to windows update & make sure you are fully updated, that will help to plug the security holes that let these pests on in the first place
 
#17 ·
My last post was premature..... It's still randomly freezing. Each time I try to download/apply one of those last fixes you've posted, it'll freeze if I don't keep moving my mouse (or doing something, anyway.) It's seams to be the only time it freezes is when I'm downloading or installing and I stop interacting with my computer.
 
#19 ·
As a Matter of Fact, it just so happens that I uninstalled Avast 4.8 for the purpose of installing 5.0 (for some reason, it wouldn't automatically upgrade) shortly before it started Freezing again. After an hour of Restarts trying to download Avast 5.0 (Avast wasn't installed during this time) I managed to Download in Safe mode to install it properly in Normal.

Having done that, I'm still getting Freezes.
 
#20 ·
I think we need to do an online av scan here

* Run Kaspersky online virus scan Kaspersky Online Scanner.

After the updates have downloaded, click on the "Scan Settings" button.
select the (b)"Spyware, Adware, Dialers and other potentially dangerous programs" for the scan.
Under "Please select a target to scan", click "My Computer".
When the scan is finished, Save the results from the scan!

Note: Kavscan is a scanner only & won't fix anything but will normally find the most infected files so it's report gives us a good place to work from

If that won't run then
Run an online antivirus check from one of the following sites

http://www.eset.com/online-scanner
http://www.pandasoftware.com/activescan/
http://www.bitdefender.com/scan8/ie.html
 
#21 ·
Well, I ran Kaspersky and I found nothing.

I was doing just fine for a few days but now it started again.

I ran Hijackthis again and I noticed something was different but I can't tell what exactly.

This is the new Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:49:53 PM, on 4/16/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Safe mode with network support

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Internet Explorer\IEXPLORE.EXE
F:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast5] F:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [TkBellExe] "F:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RemoteControl] "F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "F:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [DivXUpdate] "F:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [amd_dc_opt] F:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "F:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Windows Search.lnk = F:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Clean Traces - F:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - F:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - F:\Program Files\DAP\dapextie2.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/mygarmin/m/GarminAxControl.CAB
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.9.113.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1240541163015
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - F:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - F:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Imapi Helper - Alex Feinman - F:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - F:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6662 bytes
 
#22 ·
download gmer rootkit detector from http://gmer.net

unzip it & double click the gmer.exe file

It will do a quick scan automatically, when that finishes if it says "rootkit activity detected" then Stop there & press copy & post back the log it makes.
Do NOT allow it to perform a full scan at this time

If there is No warning of rootkit activity then select the rootkit tab & press scan. When it finishes press copy & post back the log it makes
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top