Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Firefox Crashing and "Perfect Defender 2009 Popup"

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Firefox Crashing and "Perfect Defender 2009 Popup"

Unread postby wuchris » January 23rd, 2009, 2:34 am

1.Combofix Log
    ComboFix 09-01-19.05 - Christine 2009-01-20 16:10:53.3 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1621 [GMT -6:00]
    Running from: c:\documents and settings\Christine\Desktop\ComboFix.exe
    Command switches used :: c:\documents and settings\Christine\Desktop\CFScript.txt
    AV: avast! antivirus 4.8.1296 [VPS 090120-0] *On-access scanning disabled* (Updated)
    * Created a new restore point
    .

    ((((((((((((((((((((((((( Files Created from 2008-12-20 to 2009-01-20 )))))))))))))))))))))))))))))))
    .

    2009-01-18 19:22 . 2009-01-18 19:22 <DIR> d-------- C:\rsit
    2009-01-12 22:39 . 2009-01-12 22:39 <DIR> d-------- c:\program files\SUPERAntiSpyware
    2009-01-12 22:39 . 2009-01-12 22:39 <DIR> d-------- c:\documents and settings\Christine\Application Data\SUPERAntiSpyware.com
    2009-01-12 22:39 . 2009-01-12 22:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
    2009-01-12 22:38 . 2009-01-12 22:38 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
    2008-12-31 10:26 . 2008-12-31 10:27 <DIR> d-------- c:\program files\jZip
    2008-12-27 17:32 . 2008-12-27 17:32 <DIR> d-------- c:\documents and settings\Christine\Application Data\vlc
    2008-12-20 23:01 . 2008-12-21 21:11 250 --a------ c:\windows\gmer.ini

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-01-20 22:14 --------- d-----w c:\documents and settings\Christine\Application Data\WTablet
    2009-01-20 22:02 --------- d-----w c:\documents and settings\LocalService\Application Data\WTablet
    2009-01-13 04:33 --------- d-----w c:\program files\CCleaner
    2008-12-15 08:26 --------- d-----w c:\program files\ERUNT
    2008-12-13 00:44 --------- d-----w c:\program files\DivX
    2008-12-12 23:18 --------- d-----w c:\program files\EsetOnlineScanner
    2008-12-12 23:11 --------- d-----w c:\program files\Java
    2008-12-12 05:04 --------- d-----w c:\documents and settings\Christine\Application Data\AVG7
    2008-12-12 05:04 --------- d-----w c:\documents and settings\All Users\Application Data\avg7
    2008-12-12 03:57 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
    2008-12-12 03:55 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
    2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
    2008-12-04 01:52 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
    2008-12-04 01:52 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
    2008-11-29 17:23 --------- d-----w c:\program files\Trend Micro
    2008-11-29 17:18 --------- d-----w c:\program files\Windows Defender
    2008-11-29 17:10 --------- d-----w c:\program files\Panda Security
    2008-11-29 16:58 --------- d-----w c:\program files\Spybot - Search & Destroy
    2008-11-29 05:46 --------- d-----w c:\documents and settings\Christine\Application Data\Malwarebytes
    2008-11-29 05:46 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
    2008-11-29 01:14 --------- d-----w c:\program files\Apple Software Update
    2008-11-28 22:39 --------- d-----w c:\program files\iTunes
    2008-11-28 22:39 --------- d-----w c:\program files\iPod
    2008-11-28 22:39 --------- d-----w c:\program files\Common Files\Apple
    2008-11-28 22:39 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2008-11-28 22:38 --------- d-----w c:\program files\Bonjour
    2008-11-28 22:37 --------- d-----w c:\program files\QuickTime
    2007-12-02 17:27 88 --sh--r c:\windows\system32\04C847D3D0.sys
    2007-12-02 20:32 952 --sha-w c:\windows\system32\KGyGaAvL.sys
    2008-09-21 04:31 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008092020080921\index.dat
    .

    ((((((((((((((((((((((((((((( snapshot@2009-01-14_13.44.36.18 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2004-08-04 05:56:48 295,424 -c--a-w c:\windows\system32\dllcache\termsrv.dll
    + 2004-08-04 05:56:58 502,272 -c--a-w c:\windows\system32\dllcache\winlogon.exe
    - 2008-11-29 01:18:47 295,424 ----a-w c:\windows\system32\termsrv.dll
    + 2004-08-04 05:56:48 295,424 ----a-w c:\windows\system32\termsrv.dll
    - 2008-11-29 01:18:47 507,904 ----a-w c:\windows\system32\winlogon.exe
    + 2004-08-04 05:56:58 502,272 ----a-w c:\windows\system32\winlogon.exe
    + 2009-01-20 22:14:05 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_318.dat
    + 2009-01-20 22:13:53 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_5f0.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
    "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-11-07 122940]
    "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-12 136600]
    "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-19 7700480]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-04-19 86016]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
    "BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 c:\windows\BCMSMMSG.exe]
    "nwiz"="nwiz.exe" [2007-04-19 c:\windows\system32\nwiz.exe]

    c:\documents and settings\Christine\Start Menu\Programs\Startup\
    Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2008-12-22 11:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
    "c:\\Program Files\\AIM6\\aim6.exe"=
    "c:\\WINDOWS\\system32\\LEXPPS.EXE"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=

    R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2008-11-29 28544]
    R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-04-04 111184]
    R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-01-12 8944]
    R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-01-12 55024]
    R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-04-04 20560]
    R4 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe [2007-12-01 1373480]
    R4 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
    S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-01-12 7408]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{74f57558-c556-11dc-a899-0002b3d3ccf7}]
    \Shell\AutoRun\command - H:\LaunchU3.exe -a
    .
    Contents of the 'Scheduled Tasks' folder

    2009-01-15 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

    2009-01-20 c:\windows\Tasks\MP Scheduled Scan.job
    - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://auburn.edu/
    uInternet Settings,ProxyOverride = *.local
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    IE: {{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - {4CF088BD-BE95-40a5-BE9B-677F8683EDEA} - c:\program files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
    FF - ProfilePath - c:\documents and settings\Christine\Application Data\Mozilla\Firefox\Profiles\ndhm1ltp.default\
    FF - prefs.js: browser.startup.homepage - hxxp://auburn.edu/

    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.homepage.dontask - true
    FF - user.js: keyword.enabled - true
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-01-20 16:14:20
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'winlogon.exe'(676)
    c:\program files\SUPERAntiSpyware\SASWINLO.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files\Alwil Software\Avast4\aswUpdSv.exe
    c:\program files\Alwil Software\Avast4\ashServ.exe
    c:\windows\system32\LEXBCES.EXE
    c:\windows\system32\LEXPPS.EXE
    c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\windows\system32\nvsvc32.exe
    c:\windows\system32\PSIService.exe
    c:\windows\system32\WTablet\Wacom_TabletUser.exe
    c:\windows\system32\rundll32.exe
    c:\program files\Alwil Software\Avast4\ashMaiSv.exe
    c:\program files\Alwil Software\Avast4\ashWebSv.exe
    c:\program files\iPod\bin\iPodService.exe
    .
    **************************************************************************
    .
    Completion time: 2009-01-20 16:16:50 - machine was rebooted [Christine]
    ComboFix-quarantined-files.txt 2009-01-20 22:16:47
    ComboFix2.txt 2009-01-19 01:11:49
    ComboFix3.txt 2009-01-14 19:45:30

    Pre-Run: 64,250,101,760 bytes free
    Post-Run: 64,236,064,768 bytes free

    165 --- E O F --- 2009-01-19 00:46:39

Edit: Yoog was removed from firefox, but not from internet explorer. I don't know if I did this incorrectly?


2a.RSIT Log
    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Christine at 2008-01-24 00:32:25
    Microsoft Windows XP Professional Service Pack 3
    System drive C: has 61 GB (80%) free of 76 GB
    Total RAM: 2047 MB (71% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:32:34 AM, on 1/24/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Wacom_Tablet.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
    C:\WINDOWS\system32\Wacom_Tablet.exe
    C:\WINDOWS\BCMSMMSG.exe
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Corel\Corel Painter X\Painter X.exe
    C:\Documents and Settings\Christine\Desktop\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\Christine.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://auburn.edu/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O2 - BHO: EmailBHO - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - C:\Program Files\jZip\WebmailPlugin.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
    O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe

    --
    End of file - 7071 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\MP Scheduled Scan.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
    DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-11-07 110652]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{647FD14A-C4F1-46F4-8FC3-0B40F54226F7}]
    jZip Webmail plugin - C:\Program Files\jZip\WebmailPlugin.dll [2008-10-28 591296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-12 320920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-12 34816]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-12 73728]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "BCMSMMSG"=C:\WINDOWS\BCMSMMSG.exe [2003-08-29 122880]
    "DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2005-11-07 122940]
    "SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2004-10-14 1404928]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-12 136600]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-04-19 7700480]
    "nwiz"=nwiz.exe /install []
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-04-19 86016]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
    "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]

    C:\Documents and Settings\Christine\Start Menu\Programs\Startup
    Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
    C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=323
    "NoDrives"=0
    "NoDriveAutoRun"=67108863

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
    "C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
    "C:\WINDOWS\system32\LEXPPS.EXE"="C:\WINDOWS\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{74f57558-c556-11dc-a899-0002b3d3ccf7}]
    shell\AutoRun\command - H:\LaunchU3.exe -a


    ======List of files/folders created in the last 1 months======

    2009-01-20 16:20:04 ----SHD---- C:\RECYCLER
    2009-01-20 16:16:52 ----A---- C:\ComboFix.txt
    2009-01-20 16:10:05 ----A---- C:\WINDOWS\NIRCMD.exe
    2009-01-14 13:42:33 ----A---- C:\Boot.bak
    2009-01-14 13:42:24 ----RASHD---- C:\cmdcons
    2009-01-14 13:41:26 ----A---- C:\WINDOWS\zip.exe
    2009-01-14 13:41:26 ----A---- C:\WINDOWS\VFIND.exe
    2009-01-14 13:41:26 ----A---- C:\WINDOWS\SWXCACLS.exe
    2009-01-14 13:41:26 ----A---- C:\WINDOWS\SWSC.exe
    2009-01-14 13:41:26 ----A---- C:\WINDOWS\SWREG.exe
    2009-01-14 13:41:26 ----A---- C:\WINDOWS\sed.exe
    2009-01-14 13:41:26 ----A---- C:\WINDOWS\grep.exe
    2009-01-14 13:41:26 ----A---- C:\WINDOWS\fdsv.exe
    2009-01-13 17:19:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
    2009-01-12 22:39:41 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    2009-01-12 22:39:36 ----D---- C:\Program Files\SUPERAntiSpyware
    2009-01-12 22:39:36 ----D---- C:\Documents and Settings\Christine\Application Data\SUPERAntiSpyware.com
    2009-01-12 22:38:28 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
    2008-12-31 10:26:52 ----D---- C:\Program Files\jZip
    2008-12-27 17:35:05 ----D---- C:\WINDOWS\Minidump
    2008-12-27 17:32:02 ----D---- C:\Documents and Settings\Christine\Application Data\vlc
    2008-12-20 23:01:04 ----A---- C:\WINDOWS\gmer.ini
    2008-12-20 23:01:02 ----RA---- C:\WINDOWS\gmer.exe
    2008-12-20 23:01:02 ----A---- C:\WINDOWS\gmer_uninstall.cmd
    2008-12-20 23:01:02 ----A---- C:\WINDOWS\gmer.dll
    2008-12-15 02:28:02 ----D---- C:\WINDOWS\ERDNT
    2008-12-15 02:26:53 ----D---- C:\Program Files\ERUNT
    2008-12-12 17:16:22 ----D---- C:\Program Files\EsetOnlineScanner
    2008-12-12 17:11:52 ----A---- C:\WINDOWS\system32\javaws.exe
    2008-12-12 17:11:52 ----A---- C:\WINDOWS\system32\javaw.exe
    2008-12-12 17:11:52 ----A---- C:\WINDOWS\system32\java.exe
    2008-12-12 17:11:52 ----A---- C:\WINDOWS\system32\deploytk.dll
    2008-12-11 23:34:21 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
    2008-12-11 23:31:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
    2008-12-11 23:31:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
    2008-12-11 23:31:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
    2008-12-11 21:53:51 ----D---- C:\Program Files\CCleaner
    2008-11-29 11:23:21 ----D---- C:\Program Files\Trend Micro
    2008-11-29 11:18:04 ----D---- C:\Program Files\Windows Defender
    2008-11-29 11:10:57 ----D---- C:\Program Files\Panda Security
    2008-11-28 23:46:07 ----D---- C:\Documents and Settings\Christine\Application Data\Malwarebytes
    2008-11-28 23:46:00 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-11-28 23:45:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-11-28 19:21:51 ----D---- C:\Documents and Settings\Christine\Application Data\Google
    2008-11-28 16:39:15 ----D---- C:\Program Files\iPod
    2008-11-28 16:39:08 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2008-11-28 16:38:01 ----D---- C:\Program Files\Bonjour
    2008-11-21 15:46:10 ----A---- C:\WINDOWS\system32\ssldivx.dll
    2008-11-21 15:46:10 ----A---- C:\WINDOWS\system32\libdivx.dll
    2008-11-13 17:10:50 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2008-11-13 17:10:43 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
    2008-11-13 17:10:30 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2008-10-25 22:32:58 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2008-10-16 20:05:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2008-10-16 20:05:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
    2008-10-16 20:05:38 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
    2008-10-16 20:05:05 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
    2008-10-16 20:04:52 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
    2008-09-30 23:09:56 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
    2008-09-20 22:31:37 ----D---- C:\WINDOWS\Prefetch
    2008-09-20 22:29:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2008-09-20 22:28:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2008-09-20 22:28:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
    2008-09-20 22:28:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
    2008-09-20 22:28:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
    2008-09-20 22:27:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
    2008-09-20 22:27:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2008-09-20 22:27:17 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2008-09-20 22:27:03 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
    2008-09-20 22:26:44 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2008-09-20 22:26:31 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
    2008-09-20 22:19:17 ----D---- C:\WINDOWS\system32\scripting
    2008-09-20 22:19:16 ----D---- C:\WINDOWS\l2schemas
    2008-09-20 22:19:14 ----D---- C:\WINDOWS\system32\en
    2008-09-20 22:19:14 ----D---- C:\WINDOWS\system32\bits
    2008-09-20 22:14:46 ----D---- C:\WINDOWS\ServicePackFiles
    2008-09-20 22:01:58 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
    2008-09-13 12:00:08 ----N---- C:\WINDOWS\system32\wmphoto.dll
    2008-09-13 12:00:03 ----N---- C:\WINDOWS\system32\wlanapi.dll
    2008-09-13 12:00:00 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
    2008-09-13 11:59:59 ----N---- C:\WINDOWS\system32\windowscodecs.dll
    2008-09-13 11:59:31 ----N---- C:\WINDOWS\system32\tspkg.dll
    2008-09-13 11:59:30 ----N---- C:\WINDOWS\system32\tsgqec.dll
    2008-09-13 11:59:11 ----N---- C:\WINDOWS\system32\spupdwxp.exe
    2008-09-13 11:59:08 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
    2008-09-13 11:59:04 ----N---- C:\WINDOWS\system32\slserv.exe
    2008-09-13 11:59:04 ----N---- C:\WINDOWS\system32\slrundll.exe
    2008-09-13 11:59:04 ----N---- C:\WINDOWS\system32\slgen.dll
    2008-09-13 11:59:04 ----N---- C:\WINDOWS\slrundll.exe
    2008-09-13 11:59:03 ----N---- C:\WINDOWS\system32\slextspk.dll
    2008-09-13 11:59:03 ----N---- C:\WINDOWS\system32\slcoinst.dll
    2008-09-13 11:58:56 ----N---- C:\WINDOWS\system32\setupn.exe
    2008-09-13 11:58:46 ----N---- C:\WINDOWS\system32\s3gnb.dll
    2008-09-13 11:58:42 ----N---- C:\WINDOWS\system32\rhttpaa.dll
    2008-09-13 11:58:38 ----N---- C:\WINDOWS\system32\rasqec.dll
    2008-09-13 11:58:35 ----N---- C:\WINDOWS\system32\qutil.dll
    2008-09-13 11:58:30 ----N---- C:\WINDOWS\system32\qcliprov.dll
    2008-09-13 11:58:29 ----N---- C:\WINDOWS\system32\qagentrt.dll
    2008-09-13 11:58:29 ----N---- C:\WINDOWS\system32\qagent.dll
    2008-09-13 11:58:22 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
    2008-09-13 11:58:09 ----N---- C:\WINDOWS\system32\onex.dll
    2008-09-13 11:57:35 ----N---- C:\WINDOWS\system32\napstat.exe
    2008-09-13 11:57:35 ----N---- C:\WINDOWS\system32\napmontr.dll
    2008-09-13 11:57:35 ----N---- C:\WINDOWS\system32\napipsec.dll
    2008-09-13 11:57:33 ----N---- C:\WINDOWS\system32\mtxparhd.dll
    2008-09-13 11:57:32 ----N---- C:\WINDOWS\system32\msxml6r.dll
    2008-09-13 11:57:32 ----N---- C:\WINDOWS\system32\msxml6.dll
    2008-09-13 11:57:26 ----N---- C:\WINDOWS\system32\msshavmsg.dll
    2008-09-13 11:57:26 ----N---- C:\WINDOWS\system32\mssha.dll
    2008-09-13 11:56:24 ----N---- C:\WINDOWS\system32\mmcperf.exe
    2008-09-13 11:56:23 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
    2008-09-13 11:56:23 ----N---- C:\WINDOWS\system32\mmcex.dll
    2008-09-13 11:56:22 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
    2008-09-13 11:56:16 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
    2008-09-13 11:55:51 ----N---- C:\WINDOWS\system32\l2gpstore.dll
    2008-09-13 11:55:49 ----N---- C:\WINDOWS\system32\kmsvc.dll
    2008-09-13 11:55:46 ----N---- C:\WINDOWS\system32\kbdpash.dll
    2008-09-13 11:55:46 ----N---- C:\WINDOWS\system32\kbdnepr.dll
    2008-09-13 11:55:46 ----N---- C:\WINDOWS\system32\kbdiultn.dll
    2008-09-13 11:55:45 ----N---- C:\WINDOWS\system32\kbdbhc.dll
    2008-09-13 11:55:14 ----N---- C:\WINDOWS\system32\smtpapi.dll
    2008-09-13 11:55:13 ----N---- C:\WINDOWS\system32\rwnh.dll
    2008-09-13 11:55:08 ----N---- C:\WINDOWS\system32\comsdupd.exe
    2008-09-13 11:54:59 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
    2008-09-13 11:54:34 ----A---- C:\WINDOWS\003045_.tmp
    2008-09-13 11:54:33 ----N---- C:\WINDOWS\system32\faxpatch.exe
    2008-09-13 11:54:25 ----N---- C:\WINDOWS\system32\eapsvc.dll
    2008-09-13 11:54:24 ----N---- C:\WINDOWS\system32\eapqec.dll
    2008-09-13 11:54:24 ----N---- C:\WINDOWS\system32\eappprxy.dll
    2008-09-13 11:54:24 ----N---- C:\WINDOWS\system32\eapphost.dll
    2008-09-13 11:54:24 ----N---- C:\WINDOWS\system32\eappgnui.dll
    2008-09-13 11:54:24 ----N---- C:\WINDOWS\system32\eappcfg.dll
    2008-09-13 11:54:24 ----N---- C:\WINDOWS\system32\eapp3hst.dll
    2008-09-13 11:54:24 ----N---- C:\WINDOWS\system32\eapolqec.dll
    2008-09-13 11:54:06 ----N---- C:\WINDOWS\system32\dot3ui.dll
    2008-09-13 11:54:06 ----N---- C:\WINDOWS\system32\dot3svc.dll
    2008-09-13 11:54:05 ----N---- C:\WINDOWS\system32\dot3msm.dll
    2008-09-13 11:54:05 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
    2008-09-13 11:54:05 ----N---- C:\WINDOWS\system32\dot3dlg.dll
    2008-09-13 11:54:05 ----N---- C:\WINDOWS\system32\dot3cfg.dll
    2008-09-13 11:54:05 ----N---- C:\WINDOWS\system32\dot3api.dll
    2008-09-13 11:54:00 ----N---- C:\WINDOWS\system32\dimsroam.dll
    2008-09-13 11:54:00 ----N---- C:\WINDOWS\system32\dimsntfy.dll
    2008-09-13 11:53:57 ----N---- C:\WINDOWS\system32\dhcpqec.dll
    2008-09-13 11:53:45 ----N---- C:\WINDOWS\system32\credssp.dll
    2008-09-13 11:53:19 ----N---- C:\WINDOWS\system32\bitsprx4.dll
    2008-09-13 11:53:17 ----N---- C:\WINDOWS\system32\azroles.dll
    2008-09-13 11:53:15 ----N---- C:\WINDOWS\system32\ativvaxx.dll
    2008-09-13 11:53:14 ----N---- C:\WINDOWS\system32\ativtmxx.dll
    2008-09-13 11:53:13 ----N---- C:\WINDOWS\system32\ati3duag.dll
    2008-09-13 11:53:12 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
    2008-09-13 11:53:12 ----N---- C:\WINDOWS\system32\ati2dvag.dll
    2008-09-13 11:53:12 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
    2008-09-13 11:53:12 ----N---- C:\WINDOWS\system32\ati2cqag.dll
    2008-09-13 11:52:57 ----N---- C:\WINDOWS\system32\aaclient.dll
    2008-09-09 14:40:33 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
    2008-09-09 14:39:57 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
    2008-08-29 10:18:58 ----A---- C:\WINDOWS\system32\dns-sd.exe
    2008-08-29 09:53:50 ----A---- C:\WINDOWS\system32\dnssd.dll
    2008-08-18 06:20:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
    2008-08-18 06:20:07 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
    2008-08-18 06:20:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
    2008-08-18 06:18:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
    2008-08-18 06:18:51 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
    2008-08-18 06:18:15 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
    2008-08-18 06:12:14 ----D---- C:\Program Files\Corel
    2008-08-18 06:12:14 ----D---- C:\Documents and Settings\All Users\Application Data\Corel
    2008-08-18 06:06:14 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
    2008-07-10 06:46:49 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
    2008-06-19 19:14:09 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
    2008-06-10 15:30:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$
    2008-06-10 15:30:45 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
    2008-06-10 15:30:40 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
    2008-06-10 15:30:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951376_0$
    2008-05-27 23:28:43 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
    2008-05-24 07:33:26 ----D---- C:\Program Files\MSECache
    2008-05-22 10:11:05 ----D---- C:\Program Files\Apple Software Update
    2008-05-13 23:17:05 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
    2008-05-11 19:49:20 ----D---- C:\WINDOWS\system32\NtmsData
    2008-05-05 11:58:18 ----D---- C:\Documents and Settings\Christine\Application Data\DNA
    2008-04-12 09:40:52 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles
    2008-04-12 09:37:29 ----A---- C:\WINDOWS\system32\nvwrszht.dll
    2008-04-12 09:37:29 ----A---- C:\WINDOWS\system32\nvrszht.dll
    2008-04-12 09:37:28 ----A---- C:\WINDOWS\system32\nvwrszhc.dll
    2008-04-12 09:37:28 ----A---- C:\WINDOWS\system32\nvwrstr.dll
    2008-04-12 09:37:28 ----A---- C:\WINDOWS\system32\nvwrssv.dll
    2008-04-12 09:37:28 ----A---- C:\WINDOWS\system32\nvwrssl.dll
    2008-04-12 09:37:28 ----A---- C:\WINDOWS\system32\nvwrssk.dll
    2008-04-12 09:37:28 ----A---- C:\WINDOWS\system32\nvwrsru.dll
    2008-04-12 09:37:28 ----A---- C:\WINDOWS\system32\nvrszhc.dll
    2008-04-12 09:37:28 ----A---- C:\WINDOWS\system32\nvrstr.dll
    2008-04-12 09:37:28 ----A---- C:\WINDOWS\system32\nvrssv.dll
    2008-04-12 09:37:28 ----A---- C:\WINDOWS\system32\nvrssl.dll
    2008-04-12 09:37:28 ----A---- C:\WINDOWS\system32\nvrssk.dll
    2008-04-12 09:37:28 ----A---- C:\WINDOWS\system32\nvrsru.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvwrsptb.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvwrspt.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvwrspl.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvwrsno.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvwrsnl.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvwrsko.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvwrsja.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvwrsit.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvwrshu.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvwrshe.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvwrsfr.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvwrsfi.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvwrsesm.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvrsptb.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvrspt.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvrspl.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvrsno.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvrsnl.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvrsko.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvrsja.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvrsit.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvrshu.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvrshe.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvrsfr.dll
    2008-04-12 09:37:27 ----A---- C:\WINDOWS\system32\nvrsfi.dll
    2008-04-12 09:37:26 ----D---- C:\WINDOWS\nview
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nwiz.exe
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nvwrses.dll
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nvwrseng.dll
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nvwrsel.dll
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nvwrsde.dll
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nvwrsda.dll
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nvwrscs.dll
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nvwrsar.dll
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nvwimg.dll
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nvshell.dll
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nvrsesm.dll
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nvrses.dll
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nvrseng.dll
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nvrsel.dll
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nvrsde.dll
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nvrsda.dll
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nvrscs.dll
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nvrsar.dll
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nvmccsrs.dll
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nview.dll
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nvdspsch.exe
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nvcolor.exe
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\nvappbar.exe
    2008-04-12 09:37:26 ----A---- C:\WINDOWS\system32\keystone.exe
    2008-04-12 09:37:25 ----A---- C:\WINDOWS\system32\nvudisp.exe
    2008-04-12 09:31:23 ----A---- C:\WINDOWS\system32\nvwddi.dll
    2008-04-12 09:29:46 ----A---- C:\WINDOWS\system32\nvsvc32.exe
    2008-04-12 09:26:57 ----A---- C:\WINDOWS\system32\nvoglnt.dll
    2008-04-12 09:26:49 ----A---- C:\WINDOWS\system32\nvnt4cpl.dll
    2008-04-12 09:26:06 ----A---- C:\WINDOWS\system32\nvmctray.dll
    2008-04-12 09:25:55 ----A---- C:\WINDOWS\system32\nvmccs.dll
    2008-04-12 09:25:33 ----A---- C:\WINDOWS\system32\nvhwvid.dll
    2008-04-12 09:19:29 ----A---- C:\WINDOWS\system32\nvcpl.dll
    2008-04-12 09:18:37 ----A---- C:\WINDOWS\system32\nvcodins.dll
    2008-04-12 09:18:37 ----A---- C:\WINDOWS\system32\nvcod.dll
    2008-04-12 09:18:30 ----A---- C:\WINDOWS\system32\nvapi.dll
    2008-04-12 09:16:48 ----D---- C:\WINDOWS\system32\EVGA
    2008-04-12 09:13:00 ----D---- C:\NVIDIA
    2008-04-08 19:05:39 ----HDC---- C:\WINDOWS\$NtUninstallKB948881$
    2008-04-08 19:05:33 ----HDC---- C:\WINDOWS\$NtUninstallKB941693$
    2008-04-08 19:04:56 ----HDC---- C:\WINDOWS\$NtUninstallKB948590$
    2008-04-08 19:03:51 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$
    2008-02-22 20:57:08 ----D---- C:\Documents and Settings\All Users\Application Data\GlobalSCAPE
    2008-02-22 20:57:06 ----D---- C:\Documents and Settings\Christine\Application Data\GlobalSCAPE
    2008-02-22 20:56:02 ----D---- C:\Program Files\GlobalSCAPE
    2008-02-20 05:13:25 ----D---- C:\Documents and Settings\All Users\Application Data\AOL Downloads
    2008-02-12 20:56:59 ----HDC---- C:\WINDOWS\$NtUninstallKB946026$
    2008-02-12 20:56:19 ----HDC---- C:\WINDOWS\$NtUninstallKB943055$
    2008-02-11 09:39:26 ----A---- C:\WINDOWS\system32\OnlineScannerDLLA.dll
    2008-02-11 09:39:18 ----A---- C:\WINDOWS\system32\OnlineScannerDLLW.dll
    2008-02-08 13:53:46 ----A---- C:\WINDOWS\system32\OnlineScannerLang.dll
    2008-02-05 08:48:04 ----A---- C:\WINDOWS\system32\OnlineScannerUninstaller.exe
    2008-01-29 11:02:30 ----A---- C:\WINDOWS\system32\GEARAspi.dll
    2008-01-28 17:12:38 ----RHD---- C:\$VAULT$.AVG
    2008-01-24 00:32:25 ----D---- C:\rsit
    2008-01-19 11:11:50 ----D---- C:\Program Files\iPod(2)
    2008-01-19 11:08:15 ----SHD---- C:\Config.Msi
    2008-01-15 19:24:16 ----D---- C:\Documents and Settings\Christine\Application Data\Workrave
    2008-01-15 19:24:06 ----D---- C:\Program Files\Workrave
    2008-01-14 13:38:33 ----D---- C:\Qoobox
    2008-01-08 16:16:25 ----HDC---- C:\WINDOWS\$NtUninstallKB941644$
    2008-01-08 16:16:12 ----HDC---- C:\WINDOWS\$NtUninstallKB943485$
    2008-01-03 19:35:36 ----A---- C:\WINDOWS\system32\ptpusb.dll
    2008-01-03 19:35:35 ----A---- C:\WINDOWS\system32\ptpusd.dll
    2008-01-01 21:22:49 ----A---- C:\WINDOWS\system32\kbdkor.dll
    2008-01-01 21:22:48 ----A---- C:\WINDOWS\system32\kbdjpn.dll
    2008-01-01 21:22:48 ----A---- C:\WINDOWS\system32\kbd106.dll
    2008-01-01 21:22:48 ----A---- C:\WINDOWS\system32\kbd103.dll
    2008-01-01 21:22:48 ----A---- C:\WINDOWS\system32\kbd101c.dll
    2008-01-01 21:22:47 ----A---- C:\WINDOWS\system32\kbd101b.dll
    2007-12-27 17:27:03 ----D---- C:\Program Files\SE Inc

    ======List of files/folders modified in the last 1 months======

    2009-01-20 19:51:22 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-01-20 16:16:55 ----D---- C:\WINDOWS\system32\drivers
    2009-01-20 16:16:55 ----D---- C:\WINDOWS\system32
    2009-01-20 16:16:53 ----D---- C:\WINDOWS
    2009-01-20 16:14:23 ----A---- C:\WINDOWS\system.ini
    2009-01-20 16:12:09 ----D---- C:\Program Files\Common Files
    2009-01-20 16:12:08 ----D---- C:\WINDOWS\AppPatch
    2009-01-18 19:07:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-01-14 13:42:33 ----RASH---- C:\boot.ini
    2009-01-13 17:19:15 ----HD---- C:\WINDOWS\$hf_mig$
    2009-01-13 17:18:14 ----D---- C:\WINDOWS\Debug
    2009-01-12 22:39:39 ----SHD---- C:\WINDOWS\Installer
    2009-01-12 22:39:38 ----SD---- C:\Documents and Settings\Christine\Application Data\Microsoft
    2009-01-12 22:39:36 ----RD---- C:\Program Files
    2009-01-09 19:35:28 ----A---- C:\WINDOWS\system32\MRT.exe
    2008-12-30 17:49:19 ----D---- C:\Documents and Settings\Christine\Application Data\Mozilla
    2008-12-29 19:05:21 ----RSD---- C:\WINDOWS\Fonts
    2008-12-27 01:07:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2008-12-17 21:14:05 ----D---- C:\WINDOWS\ie7updates
    2008-12-13 00:40:02 ----A---- C:\WINDOWS\system32\mshtml.dll
    2008-12-12 19:34:12 ----SD---- C:\WINDOWS\Downloaded Program Files
    2008-12-12 18:44:52 ----D---- C:\Program Files\DivX
    2008-12-12 17:11:01 ----D---- C:\Program Files\Java
    2008-12-11 23:34:09 ----D---- C:\Program Files\Internet Explorer
    2008-12-11 23:04:45 ----D---- C:\WINDOWS\system
    2008-12-11 23:04:32 ----D---- C:\Documents and Settings\All Users\Application Data\avg7
    2008-12-11 23:04:19 ----D---- C:\Documents and Settings\Christine\Application Data\AVG7
    2008-12-11 21:55:47 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-11-29 11:18:04 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2008-11-29 10:58:20 ----D---- C:\Program Files\Spybot - Search & Destroy
    2008-11-28 16:39:47 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2008-11-28 16:39:45 ----D---- C:\Program Files\iTunes
    2008-11-28 16:39:11 ----D---- C:\Program Files\Common Files\Apple
    2008-11-28 16:37:29 ----D---- C:\Program Files\QuickTime
    2008-11-28 16:19:25 ----D---- C:\WINDOWS\Help
    2008-11-26 11:21:30 ----A---- C:\WINDOWS\system32\aswBoot.exe
    2008-10-23 06:36:14 ----A---- C:\WINDOWS\system32\gdi32.dll
    2008-10-23 04:06:59 ----N---- C:\WINDOWS\system32\tzchange.exe
    2008-10-20 15:13:14 ----D---- C:\WINDOWS\system32\CatRoot
    2008-10-16 14:38:40 ----A---- C:\WINDOWS\system32\wininet.dll
    2008-10-16 14:38:39 ----N---- C:\WINDOWS\system32\occache.dll
    2008-10-16 14:38:39 ----N---- C:\WINDOWS\system32\mstime.dll
    2008-10-16 14:38:39 ----A---- C:\WINDOWS\system32\webcheck.dll
    2008-10-16 14:38:39 ----A---- C:\WINDOWS\system32\urlmon.dll
    2008-10-16 14:38:39 ----A---- C:\WINDOWS\system32\url.dll
    2008-10-16 14:38:39 ----A---- C:\WINDOWS\system32\pngfilt.dll
    2008-10-16 14:38:38 ----N---- C:\WINDOWS\system32\msrating.dll
    2008-10-16 14:38:38 ----A---- C:\WINDOWS\system32\mshtmled.dll
    2008-10-16 14:38:37 ----N---- C:\WINDOWS\system32\jsproxy.dll
    2008-10-16 14:38:37 ----N---- C:\WINDOWS\system32\iernonce.dll
    2008-10-16 14:38:37 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
    2008-10-16 14:38:37 ----A---- C:\WINDOWS\system32\msfeeds.dll
    2008-10-16 14:38:37 ----A---- C:\WINDOWS\system32\iertutil.dll
    2008-10-16 14:38:37 ----A---- C:\WINDOWS\system32\ieframe.dll
    2008-10-16 14:38:35 ----N---- C:\WINDOWS\system32\iedkcs32.dll
    2008-10-16 14:38:35 ----N---- C:\WINDOWS\system32\ieaksie.dll
    2008-10-16 14:38:35 ----N---- C:\WINDOWS\system32\ieakeng.dll
    2008-10-16 14:38:35 ----N---- C:\WINDOWS\system32\extmgr.dll
    2008-10-16 14:38:35 ----A---- C:\WINDOWS\system32\ieapfltr.dll
    2008-10-16 14:38:35 ----A---- C:\WINDOWS\system32\icardie.dll
    2008-10-16 14:38:34 ----A---- C:\WINDOWS\system32\dxtrans.dll
    2008-10-16 14:38:34 ----A---- C:\WINDOWS\system32\dxtmsft.dll
    2008-10-16 14:38:34 ----A---- C:\WINDOWS\system32\advpack.dll
    2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuweb.dll
    2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
    2008-10-16 14:12:22 ----A---- C:\WINDOWS\system32\wucltui.dll
    2008-10-16 14:12:20 ----A---- C:\WINDOWS\system32\wuapi.dll
    2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
    2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
    2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
    2008-10-16 14:09:40 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
    2008-10-16 14:08:58 ----A---- C:\WINDOWS\system32\wups.dll
    2008-10-16 14:07:44 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
    2008-10-16 14:07:14 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
    2008-10-16 07:11:09 ----N---- C:\WINDOWS\system32\ie4uinit.exe
    2008-10-16 07:11:09 ----A---- C:\WINDOWS\system32\ieudinit.exe
    2008-10-15 10:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
    2008-10-15 01:04:53 ----N---- C:\WINDOWS\system32\ieakui.dll
    2008-10-03 04:02:42 ----A---- C:\WINDOWS\system32\strmdll.dll
    2008-09-20 22:30:54 ----D---- C:\WINDOWS\system32\Setup
    2008-09-20 22:30:53 ----D---- C:\WINDOWS\system32\wbem
    2008-09-20 22:26:47 ----D---- C:\Program Files\Messenger
    2008-09-20 22:26:08 ----D---- C:\WINDOWS\security
    2008-09-20 22:20:16 ----D---- C:\WINDOWS\WinSxS
    2008-09-20 22:19:50 ----D---- C:\WINDOWS\system32\inetsrv
    2008-09-20 22:19:49 ----D---- C:\WINDOWS\network diagnostic
    2008-09-20 22:19:49 ----D---- C:\WINDOWS\ime
    2008-09-20 22:19:18 ----D---- C:\WINDOWS\system32\usmt
    2008-09-20 22:19:18 ----D---- C:\WINDOWS\system32\en-US
    2008-09-20 22:19:14 ----D---- C:\WINDOWS\PeerNet
    2008-09-20 22:19:13 ----D---- C:\Program Files\Movie Maker
    2008-09-20 22:14:29 ----D---- C:\WINDOWS\system32\Restore
    2008-09-20 22:14:29 ----D---- C:\WINDOWS\system32\npp
    2008-09-20 22:14:29 ----D---- C:\WINDOWS\mui
    2008-09-20 22:14:27 ----D---- C:\WINDOWS\msagent
    2008-09-20 22:14:24 ----D---- C:\WINDOWS\srchasst
    2008-09-20 22:14:23 ----D---- C:\Program Files\NetMeeting
    2008-09-20 22:14:21 ----D---- C:\WINDOWS\system32\Com
    2008-09-20 22:14:17 ----D---- C:\Program Files\Windows Media Player
    2008-09-20 22:14:16 ----D---- C:\Program Files\Windows NT
    2008-09-20 22:14:16 ----D---- C:\Program Files\Outlook Express
    2008-09-20 22:14:09 ----D---- C:\Program Files\Common Files\System
    2008-09-20 22:13:37 ----D---- C:\WINDOWS\system32\oobe
    2008-09-20 22:07:55 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2008-09-20 22:01:55 ----D---- C:\WINDOWS\ehome
    2008-09-05 22:30:42 ----A---- C:\WINDOWS\system32\WgaLogon.dll
    2008-09-05 22:30:06 ----N---- C:\WINDOWS\system32\LegitCheckControl.dll
    2008-09-05 22:29:58 ----N---- C:\WINDOWS\system32\WgaTray.exe
    2008-09-04 11:15:04 ----A---- C:\WINDOWS\system32\msxml3.dll
    2008-08-14 04:11:02 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
    2008-08-14 03:33:16 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
    2008-08-02 15:40:08 ----D---- C:\Documents and Settings\Christine\Application Data\LimeWire
    2008-07-09 08:53:26 ----D---- C:\Program Files\Adobe
    2008-07-07 14:26:58 ----A---- C:\WINDOWS\system32\es.dll
    2008-06-24 17:12:58 ----N---- C:\WINDOWS\system32\wmpeffects.dll
    2008-06-24 10:43:16 ----A---- C:\WINDOWS\system32\mscms.dll
    2008-06-20 11:46:57 ----A---- C:\WINDOWS\system32\mswsock.dll
    2008-06-20 11:46:57 ----A---- C:\WINDOWS\system32\dnsapi.dll
    2008-06-18 05:03:14 ----A---- C:\WINDOWS\system32\WMVCore.dll
    2008-06-18 05:03:08 ----A---- C:\WINDOWS\system32\WMNetmgr.dll
    2008-06-18 01:09:22 ----A---- C:\WINDOWS\system32\logagent.exe
    2008-05-24 07:33:43 ----D---- C:\Program Files\Microsoft Office
    2008-05-24 07:33:41 ----D---- C:\Program Files\Common Files\Microsoft Shared
    2008-05-11 19:57:16 ----SHD---- C:\System Volume Information
    2008-05-11 19:51:20 ----D---- C:\WINDOWS\repair
    2008-05-11 19:51:06 ----D---- C:\WINDOWS\Registration
    2008-05-09 04:53:40 ----A---- C:\WINDOWS\system32\wshext.dll
    2008-05-09 04:53:40 ----A---- C:\WINDOWS\system32\vbscript.dll
    2008-05-09 04:53:40 ----A---- C:\WINDOWS\system32\scrrun.dll
    2008-05-09 04:53:39 ----A---- C:\WINDOWS\system32\scrobj.dll
    2008-05-09 04:53:39 ----A---- C:\WINDOWS\system32\jscript.dll
    2008-05-08 05:24:44 ----A---- C:\WINDOWS\system32\wscript.exe
    2008-05-07 03:07:23 ----A---- C:\WINDOWS\system32\cscript.exe
    2008-05-06 23:12:40 ----A---- C:\WINDOWS\system32\quartz.dll
    2008-04-14 04:42:38 ----A---- C:\WINDOWS\system32\spnpinst.exe
    2008-04-14 04:42:06 ----A---- C:\WINDOWS\system32\setupapi.dll
    2008-04-14 04:41:58 ----A---- C:\WINDOWS\system32\licdll.dll
    2008-04-13 18:16:51 ----A---- C:\WINDOWS\system32\netsetup.exe
    2008-04-13 18:13:22 ----A---- C:\WINDOWS\system32\rdpwsx.dll
    2008-04-13 18:13:22 ----A---- C:\WINDOWS\system32\rdpdd.dll
    2008-04-13 18:13:21 ----A---- C:\WINDOWS\system32\tsddd.dll
    2008-04-13 18:13:00 ----A---- C:\WINDOWS\system32\drmclien.dll
    2008-04-13 18:12:42 ----A---- C:\WINDOWS\system32\tree.com
    2008-04-13 18:12:42 ----A---- C:\WINDOWS\system32\more.com
    2008-04-13 18:12:42 ----A---- C:\WINDOWS\system32\format.com
    2008-04-13 18:12:41 ----A---- C:\WINDOWS\system32\xcopy.exe
    2008-04-13 18:12:41 ----A---- C:\WINDOWS\system32\wuauclt1.exe
    2008-04-13 18:12:41 ----A---- C:\WINDOWS\system32\wscntfy.exe
    2008-04-13 18:12:41 ----A---- C:\WINDOWS\system32\wpnpinst.exe
    2008-04-13 18:12:40 ----A---- C:\WINDOWS\system32\wpabaln.exe
    2008-04-13 18:12:40 ----A---- C:\WINDOWS\system32\winver.exe
    2008-04-13 18:12:39 ----A---- C:\WINDOWS\winhlp32.exe
    2008-04-13 18:12:39 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
    2008-04-13 18:12:39 ----A---- C:\WINDOWS\system32\wextract.exe
    2008-04-13 18:12:38 ----N---- C:\WINDOWS\system32\verclsid.exe
    2008-04-13 18:12:38 ----A---- C:\WINDOWS\system32\vssvc.exe
    2008-04-13 18:12:38 ----A---- C:\WINDOWS\system32\utilman.exe
    2008-04-13 18:12:38 ----A---- C:\WINDOWS\system32\userinit.exe
    2008-04-13 18:12:38 ----A---- C:\WINDOWS\system32\ups.exe
    2008-04-13 18:12:38 ----A---- C:\WINDOWS\system32\upnpcont.exe
    2008-04-13 18:12:38 ----A---- C:\WINDOWS\system32\tracert.exe
    2008-04-13 18:12:38 ----A---- C:\WINDOWS\system32\tracerpt.exe
    2008-04-13 18:12:38 ----A---- C:\WINDOWS\system32\tourstart.exe
    2008-04-13 18:12:38 ----A---- C:\WINDOWS\system32\tlntsvr.exe
    2008-04-13 18:12:37 ----A---- C:\WINDOWS\system32\tlntsess.exe
    2008-04-13 18:12:37 ----A---- C:\WINDOWS\system32\tlntadmn.exe
    2008-04-13 18:12:37 ----A---- C:\WINDOWS\system32\telnet.exe
    2008-04-13 18:12:37 ----A---- C:\WINDOWS\system32\taskmgr.exe
    2008-04-13 18:12:37 ----A---- C:\WINDOWS\system32\tasklist.exe
    2008-04-13 18:12:37 ----A---- C:\WINDOWS\system32\taskkill.exe
    2008-04-13 18:12:37 ----A---- C:\WINDOWS\system32\sysocmgr.exe
    2008-04-13 18:12:36 ----A---- C:\WINDOWS\system32\systeminfo.exe
    2008-04-13 18:12:36 ----A---- C:\WINDOWS\system32\svchost.exe
    2008-04-13 18:12:36 ----A---- C:\WINDOWS\system32\stimon.exe
    2008-04-13 18:12:36 ----A---- C:\WINDOWS\system32\spoolsv.exe
    2008-04-13 18:12:36 ----A---- C:\WINDOWS\system32\spider.exe
    2008-04-13 18:12:36 ----A---- C:\WINDOWS\system32\sort.exe
    2008-04-13 18:12:36 ----A---- C:\WINDOWS\system32\sndrec32.exe
    2008-04-13 18:12:36 ----A---- C:\WINDOWS\system32\smss.exe
    2008-04-13 18:12:35 ----A---- C:\WINDOWS\system32\smlogsvc.exe
    2008-04-13 18:12:35 ----A---- C:\WINDOWS\system32\smbinst.exe
    2008-04-13 18:12:35 ----A---- C:\WINDOWS\system32\skeys.exe
    2008-04-13 18:12:35 ----A---- C:\WINDOWS\system32\sigverif.exe
    2008-04-13 18:12:35 ----A---- C:\WINDOWS\system32\shutdown.exe
    2008-04-13 18:12:35 ----A---- C:\WINDOWS\system32\shrpubw.exe
    2008-04-13 18:12:35 ----A---- C:\WINDOWS\system32\shmgrate.exe
    2008-04-13 18:12:34 ----A---- C:\WINDOWS\system32\setup.exe
    2008-04-13 18:12:34 ----A---- C:\WINDOWS\system32\sethc.exe
    2008-04-13 18:12:34 ----A---- C:\WINDOWS\system32\sessmgr.exe
    2008-04-13 18:12:34 ----A---- C:\WINDOWS\system32\services.exe
    2008-04-13 18:12:34 ----A---- C:\WINDOWS\system32\secedit.exe
    2008-04-13 18:12:34 ----A---- C:\WINDOWS\system32\sdbinst.exe
    2008-04-13 18:12:34 ----A---- C:\WINDOWS\system32\schtasks.exe
    2008-04-13 18:12:33 ----A---- C:\WINDOWS\system32\scardsvr.exe
    2008-04-13 18:12:33 ----A---- C:\WINDOWS\system32\savedump.exe
    2008-04-13 18:12:33 ----A---- C:\WINDOWS\system32\runonce.exe
    2008-04-13 18:12:33 ----A---- C:\WINDOWS\system32\rundll32.exe
    2008-04-13 18:12:33 ----A---- C:\WINDOWS\system32\rtcshare.exe
    2008-04-13 18:12:33 ----A---- C:\WINDOWS\system32\rsnotify.exe
    2008-04-13 18:12:33 ----A---- C:\WINDOWS\system32\rsh.exe
    2008-04-13 18:12:33 ----A---- C:\WINDOWS\system32\rexec.exe
    2008-04-13 18:12:32 ----A---- C:\WINDOWS\system32\regsvr32.exe
    2008-04-13 18:12:32 ----A---- C:\WINDOWS\system32\reg.exe
    2008-04-13 18:12:32 ----A---- C:\WINDOWS\system32\rdshost.exe
    2008-04-13 18:12:32 ----A---- C:\WINDOWS\system32\rdsaddin.exe
    2008-04-13 18:12:32 ----A---- C:\WINDOWS\system32\rdpclip.exe
    2008-04-13 18:12:32 ----A---- C:\WINDOWS\system32\rcp.exe
    2008-04-13 18:12:32 ----A---- C:\WINDOWS\system32\rcimlby.exe
    2008-04-13 18:12:32 ----A---- C:\WINDOWS\system32\rasphone.exe
    2008-04-13 18:12:32 ----A---- C:\WINDOWS\system32\qprocess.exe
    2008-04-13 18:12:32 ----A---- C:\WINDOWS\system32\proxycfg.exe
    2008-04-13 18:12:32 ----A---- C:\WINDOWS\system32\proquota.exe
    2008-04-13 18:12:32 ----A---- C:\WINDOWS\regedit.exe
    2008-04-13 18:12:31 ----A---- C:\WINDOWS\system32\progman.exe
    2008-04-13 18:12:31 ----A---- C:\WINDOWS\system32\powercfg.exe
    2008-04-13 18:12:31 ----A---- C:\WINDOWS\system32\ping.exe
    2008-04-13 18:12:31 ----A---- C:\WINDOWS\system32\perfmon.exe
    2008-04-13 18:12:31 ----A---- C:\WINDOWS\system32\packager.exe
    2008-04-13 18:12:31 ----A---- C:\WINDOWS\system32\osk.exe
    2008-04-13 18:12:31 ----A---- C:\WINDOWS\system32\openfiles.exe
    2008-04-13 18:12:30 ----A---- C:\WINDOWS\system32\odbcconf.exe
    2008-04-13 18:12:30 ----A---- C:\WINDOWS\system32\odbcad32.exe
    2008-04-13 18:12:30 ----A---- C:\WINDOWS\system32\ntvdm.exe
    2008-04-13 18:12:30 ----A---- C:\WINDOWS\system32\ntbackup.exe
    2008-04-13 18:12:29 ----A---- C:\WINDOWS\system32\nslookup.exe
    2008-04-13 18:12:29 ----A---- C:\WINDOWS\system32\notepad.exe
    2008-04-13 18:12:29 ----A---- C:\WINDOWS\system32\netstat.exe
    2008-04-13 18:12:29 ----A---- C:\WINDOWS\system32\netsh.exe
    2008-04-13 18:12:29 ----A---- C:\WINDOWS\system32\netdde.exe
    2008-04-13 18:12:29 ----A---- C:\WINDOWS\system32\net1.exe
    2008-04-13 18:12:29 ----A---- C:\WINDOWS\system32\net.exe
    2008-04-13 18:12:29 ----A---- C:\WINDOWS\system32\nddeapir.exe
    2008-04-13 18:12:29 ----A---- C:\WINDOWS\system32\narrator.exe
    2008-04-13 18:12:29 ----A---- C:\WINDOWS\system32\mstinit.exe
    2008-04-13 18:12:29 ----A---- C:\WINDOWS\notepad.exe
    2008-04-13 18:12:28 ----A---- C:\WINDOWS\system32\mspaint.exe
    2008-04-13 18:12:28 ----A---- C:\WINDOWS\system32\msiexec.exe
    2008-04-13 18:12:27 ----A---- C:\WINDOWS\system32\msdtc.exe
    2008-04-13 18:12:27 ----A---- C:\WINDOWS\system32\mqtgsvc.exe
    2008-04-13 18:12:27 ----A---- C:\WINDOWS\system32\mqsvc.exe
    2008-04-13 18:12:27 ----A---- C:\WINDOWS\system32\mqbkup.exe
    2008-04-13 18:12:27 ----A---- C:\WINDOWS\system32\mplay32.exe
    2008-04-13 18:12:26 ----A---- C:\WINDOWS\system32\mobsync.exe
    2008-04-13 18:12:25 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
    2008-04-13 18:12:25 ----A---- C:\WINDOWS\system32\mmc.exe
    2008-04-13 18:12:25 ----A---- C:\WINDOWS\system32\makecab.exe
    2008-04-13 18:12:24 ----A---- C:\WINDOWS\system32\magnify.exe
    2008-04-13 18:12:24 ----A---- C:\WINDOWS\system32\lsass.exe
    2008-04-13 18:12:24 ----A---- C:\WINDOWS\system32\logonui.exe
    2008-04-13 18:12:24 ----A---- C:\WINDOWS\system32\logman.exe
    2008-04-13 18:12:24 ----A---- C:\WINDOWS\system32\locator.exe
    2008-04-13 18:12:23 ----A---- C:\WINDOWS\system32\mstsc.exe
    2008-04-13 18:12:23 ----A---- C:\WINDOWS\system32\ipxroute.exe
    2008-04-13 18:12:23 ----A---- C:\WINDOWS\system32\ipv6.exe
    2008-04-13 18:12:22 ----A---- C:\WINDOWS\system32\ipconfig.exe
    2008-04-13 18:12:22 ----A---- C:\WINDOWS\system32\imapi.exe
    2008-04-13 18:12:22 ----A---- C:\WINDOWS\system32\iexpress.exe
    2008-04-13 18:12:21 ----A---- C:\WINDOWS\system32\help.exe
    2008-04-13 18:12:21 ----A---- C:\WINDOWS\system32\grpconv.exe
    2008-04-13 18:12:21 ----A---- C:\WINDOWS\system32\gpresult.exe
    2008-04-13 18:12:21 ----A---- C:\WINDOWS\system32\getmac.exe
    2008-04-13 18:12:21 ----A---- C:\WINDOWS\hh.exe
    2008-04-13 18:12:20 ----A---- C:\WINDOWS\system32\ftp.exe
    2008-04-13 18:12:20 ----A---- C:\WINDOWS\system32\fsquirt.exe
    2008-04-13 18:12:20 ----A---- C:\WINDOWS\system32\forcedos.exe
    2008-04-13 18:12:20 ----A---- C:\WINDOWS\system32\fontview.exe
    2008-04-13 18:12:20 ----A---- C:\WINDOWS\system32\fltmc.exe
    2008-04-13 18:12:20 ----A---- C:\WINDOWS\system32\findstr.exe
    2008-04-13 18:12:19 ----A---- C:\WINDOWS\system32\extrac32.exe
    2008-04-13 18:12:19 ----A---- C:\WINDOWS\system32\eventtriggers.exe
    2008-04-13 18:12:19 ----A---- C:\WINDOWS\system32\eventcreate.exe
    2008-04-13 18:12:19 ----A---- C:\WINDOWS\system32\eudcedit.exe
    2008-04-13 18:12:19 ----A---- C:\WINDOWS\explorer.exe
    2008-04-13 18:12:18 ----A---- C:\WINDOWS\system32\dxdiag.exe
    2008-04-13 18:12:18 ----A---- C:\WINDOWS\system32\dwwin.exe
    2008-04-13 18:12:18 ----A---- C:\WINDOWS\system32\dvdupgrd.exe
    2008-04-13 18:12:18 ----A---- C:\WINDOWS\system32\dumprep.exe
    2008-04-13 18:12:18 ----A---- C:\WINDOWS\system32\driverquery.exe
    2008-04-13 18:12:18 ----A---- C:\WINDOWS\system32\dpvsetup.exe
    2008-04-13 18:12:17 ----A---- C:\WINDOWS\system32\dpnsvr.exe
    2008-04-13 18:12:17 ----A---- C:\WINDOWS\system32\dplaysvr.exe
    2008-04-13 18:12:17 ----A---- C:\WINDOWS\system32\dmremote.exe
    2008-04-13 18:12:17 ----A---- C:\WINDOWS\system32\dmadmin.exe
    2008-04-13 18:12:17 ----A---- C:\WINDOWS\system32\dllhost.exe
    2008-04-13 18:12:17 ----A---- C:\WINDOWS\system32\diskpart.exe
    2008-04-13 18:12:17 ----A---- C:\WINDOWS\system32\diantz.exe
    2008-04-13 18:12:16 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
    2008-04-13 18:12:16 ----A---- C:\WINDOWS\system32\dfrgfat.exe
    2008-04-13 18:12:16 ----A---- C:\WINDOWS\system32\defrag.exe
    2008-04-13 18:12:16 ----A---- C:\WINDOWS\system32\ddeshare.exe
    2008-04-13 18:12:16 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
    2008-04-13 18:12:16 ----A---- C:\WINDOWS\system32\ctfmon.exe
    2008-04-13 18:12:15 ----A---- C:\WINDOWS\system32\csrss.exe
    2008-04-13 18:12:15 ----A---- C:\WINDOWS\system32\conime.exe
    2008-04-13 18:12:15 ----A---- C:\WINDOWS\system32\cmstp.exe
    2008-04-13 18:12:15 ----A---- C:\WINDOWS\system32\cmmon32.exe
    2008-04-13 18:12:14 ----A---- C:\WINDOWS\system32\cmdl32.exe
    2008-04-13 18:12:14 ----A---- C:\WINDOWS\system32\cmd.exe
    2008-04-13 18:12:14 ----A---- C:\WINDOWS\system32\clipsrv.exe
    2008-04-13 18:12:14 ----A---- C:\WINDOWS\system32\clipbrd.exe
    2008-04-13 18:12:14 ----A---- C:\WINDOWS\system32\cliconfg.exe
    2008-04-13 18:12:14 ----A---- C:\WINDOWS\system32\cleanmgr.exe
    2008-04-13 18:12:14 ----A---- C:\WINDOWS\system32\cisvc.exe
    2008-04-13 18:12:14 ----A---- C:\WINDOWS\system32\cipher.exe
    2008-04-13 18:12:13 ----A---- C:\WINDOWS\system32\cacls.exe
    2008-04-13 18:12:13 ----A---- C:\WINDOWS\system32\bootcfg.exe
    2008-04-13 18:12:13 ----A---- C:\WINDOWS\system32\blastcln.exe
    2008-04-13 18:12:13 ----A---- C:\WINDOWS\system32\autolfn.exe
    2008-04-13 18:12:13 ----A---- C:\WINDOWS\system32\autofmt.exe
    2008-04-13 18:12:12 ----A---- C:\WINDOWS\system32\autoconv.exe
    2008-04-13 18:12:12 ----A---- C:\WINDOWS\system32\autochk.exe
    2008-04-13 18:12:12 ----A---- C:\WINDOWS\system32\auditusr.exe
    2008-04-13 18:12:12 ----A---- C:\WINDOWS\system32\attrib.exe
    2008-04-13 18:12:12 ----A---- C:\WINDOWS\system32\atmadm.exe
    2008-04-13 18:12:12 ----A---- C:\WINDOWS\system32\at.exe
    2008-04-13 18:12:12 ----A---- C:\WINDOWS\system32\asr_pfu.exe
    2008-04-13 18:12:12 ----A---- C:\WINDOWS\system32\asr_fmt.exe
    2008-04-13 18:12:12 ----A---- C:\WINDOWS\system32\alg.exe
    2008-04-13 18:12:12 ----A---- C:\WINDOWS\system32\ahui.exe
    2008-04-13 18:12:12 ----A---- C:\WINDOWS\system32\actmovie.exe
    2008-04-13 18:12:11 ----N---- C:\WINDOWS\system32\xmllite.dll
    2008-04-13 18:12:11 ----A---- C:\WINDOWS\system32\zipfldr.dll
    2008-04-13 18:12:11 ----A---- C:\WINDOWS\system32\xolehlp.dll
    2008-04-13 18:12:11 ----A---- C:\WINDOWS\system32\xmlprovi.dll
    2008-04-13 18:12:11 ----A---- C:\WINDOWS\system32\xmlprov.dll
    2008-04-13 18:12:11 ----A---- C:\WINDOWS\system32\xactsrv.dll
    2008-04-13 18:12:11 ----A---- C:\WINDOWS\system32\wzcsvc.dll
    2008-04-13 18:12:11 ----A---- C:\WINDOWS\system32\wzcsapi.dll
    2008-04-13 18:12:11 ----A---- C:\WINDOWS\system32\wzcdlg.dll
    2008-04-13 18:12:11 ----A---- C:\WINDOWS\system32\wuauserv.dll
    2008-04-13 18:12:11 ----A---- C:\WINDOWS\system32\wuaueng1.dll
    2008-04-13 18:12:11 ----A---- C:\WINDOWS\system32\accwiz.exe
    2008-04-13 18:12:10 ----A---- C:\WINDOWS\system32\wtsapi32.dll
    2008-04-13 18:12:10 ----A---- C:\WINDOWS\system32\wstdecod.dll
    2008-04-13 18:12:10 ----A---- C:\WINDOWS\system32\wsock32.dll
    2008-04-13 18:12:10 ----A---- C:\WINDOWS\system32\wsnmp32.dll
    2008-04-13 18:12:10 ----A---- C:\WINDOWS\system32\wshtcpip.dll
    2008-04-13 18:12:10 ----A---- C:\WINDOWS\system32\wshrm.dll
    2008-04-13 18:12:10 ----A---- C:\WINDOWS\system32\wship6.dll
    2008-04-13 18:12:10 ----A---- C:\WINDOWS\system32\wshcon.dll
    2008-04-13 18:12:10 ----A---- C:\WINDOWS\system32\wshbth.dll
    2008-04-13 18:12:10 ----A---- C:\WINDOWS\system32\wsecedit.dll
    2008-04-13 18:12:10 ----A---- C:\WINDOWS\system32\wscsvc.dll
    2008-04-13 18:12:10 ----A---- C:\WINDOWS\system32\ws2help.dll
    2008-04-13 18:12:10 ----A---- C:\WINDOWS\system32\ws2_32.dll
    2008-04-13 18:12:10 ----A---- C:\WINDOWS\system32\wow32.dll
    2008-04-13 18:12:10 ----A---- C:\WINDOWS\system32\wmstream.dll
    2008-04-13 18:12:09 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
    2008-04-13 18:12:09 ----A---- C:\WINDOWS\system32\wmpui.dll
    2008-04-13 18:12:09 ----A---- C:\WINDOWS\system32\wmpcore.dll
    2008-04-13 18:12:09 ----A---- C:\WINDOWS\system32\wmpcd.dll
    2008-04-13 18:12:09 ----A---- C:\WINDOWS\system32\wlnotify.dll
    2008-04-13 18:12:09 ----A---- C:\WINDOWS\system32\wldap32.dll
    2008-04-13 18:12:09 ----A---- C:\WINDOWS\system32\wkssvc.dll
    2008-04-13 18:12:09 ----A---- C:\WINDOWS\system32\wintrust.dll
    2008-04-13 18:12:09 ----A---- C:\WINDOWS\system32\winsta.dll
    2008-04-13 18:12:09 ----A---- C:\WINDOWS\system32\winsrv.dll
    2008-04-13 18:12:09 ----A---- C:\WINDOWS\system32\winshfhc.dll
    2008-04-13 18:12:09 ----A---- C:\WINDOWS\system32\winscard.dll
    2008-04-13 18:12:09 ----A---- C:\WINDOWS\system32\winrnr.dll
    2008-04-13 18:12:09 ----A---- C:\WINDOWS\system32\winmm.dll
    2008-04-13 18:12:09 ----A---- C:\WINDOWS\system32\winipsec.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\winhttp.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\win32spl.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\wiavideo.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\wiashext.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\wiaservc.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\wiascr.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\wiadss.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\wiadefui.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\webvw.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\webclnt.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\wdigest.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\wavemsp.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\w3ssl.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\w32time.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\vssapi.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\version.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\verifier.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\vdmredir.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\vdmdbg.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\vbajet32.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\uxtheme.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\usp10.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\userenv.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\user32.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\usbui.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\usbmon.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\upnpui.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\upnphost.dll
    2008-04-13 18:12:08 ----A---- C:\WINDOWS\system32\upnp.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\twain_32.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\untfs.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\uniplat.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\unimdmat.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\umandlg.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\ulib.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\udhisapi.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\txflog.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\twext.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\trkwks.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\tlntsvrp.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\themeui.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\termmgr.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\tcpmonui.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\tcpmon.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\tcpmib.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\tapisrv.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\tapi32.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\tapi3.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\t2embed.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\syssetup.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\syncui.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\synceng.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\sxs.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\strmfilt.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\storprop.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\stobject.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\sti_ci.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\sti.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\stclient.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\ssdpapi.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\srvsvc.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\srsvc.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\srrstr.dll
    2008-04-13 18:12:07 ----A---- C:\WINDOWS\system32\srclient.dll
    2008-04-13 18:12:06 ----A---- C:\WINDOWS\system32\sqlunirl.dll
    2008-04-13 18:12:06 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
    2008-04-13 18:12:06 ----A---- C:\WINDOWS\system32\spoolss.dll
    2008-04-13 18:12:06 ----A---- C:\WINDOWS\system32\snmpsnap.dll
    2008-04-13 18:12:06 ----A---- C:\WINDOWS\system32\snmpapi.dll
    2008-04-13 18:12:06 ----A---- C:\WINDOWS\system32\smlogcfg.dll
    2008-04-13 18:12:06 ----A---- C:\WINDOWS\system32\slbiop.dll
    2008-04-13 18:12:06 ----A---- C:\WINDOWS\system32\slayerxp.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\sigtab.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\shsvcs.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\shscrap.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\shmedia.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\shlwapi.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\shimgvw.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\shimeng.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\shgina.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\shfolder.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\shell32.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\shdocvw.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\sfcfiles.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\sfc_os.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\sfc.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\servdeps.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\sensapi.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\sens.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\sendmail.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\sendcmsg.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\security.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\secur32.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\seclogon.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\sdhcinst.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\sclgntfy.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\schedsvc.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\schannel.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\scesrv.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\scecli.dll
    2008-04-13 18:12:05 ----A---- C:\WINDOWS\system32\sccsccp.dll
    2008-04-13 18:12:04 ----A---- C:\WINDOWS\system32\scarddlg.dll
    2008-04-13 18:12:04 ----A---- C:\WINDOWS\system32\sbeio.dll
    2008-04-13 18:12:04 ----A---- C:\WINDOWS\system32\sbe.dll
    2008-04-13 18:12:04 ----A---- C:\WINDOWS\system32\samsrv.dll
    2008-04-13 18:12:04 ----A---- C:\WINDOWS\system32\samlib.dll
    2008-04-13 18:12:04 ----A---- C:\WINDOWS\system32\safrslv.dll
    2008-04-13 18:12:04 ----A---- C:\WINDOWS\system32\safrdm.dll
    2008-04-13 18:12:04 ----A---- C:\WINDOWS\system32\safrcdlg.dll
    2008-04-13 18:12:04 ----A---- C:\WINDOWS\system32\rtutils.dll
    2008-04-13 18:12:04 ----A---- C:\WINDOWS\system32\rtipxmib.dll
    2008-04-13 18:12:04 ----A---- C:\WINDOWS\system32\rsvpsp.dll
    2008-04-13 18:12:04 ----A---- C:\WINDOWS\system32\rsmps.dll
    2008-04-13 18:12:04 ----A---- C:\WINDOWS\system32\rshx32.dll
    2008-04-13 18:12:04 ----A---- C:\WINDOWS\system32\rpcss.dll
    2008-04-13 18:12:04 ----A---- C:\WINDOWS\system32\rpcrt4.dll
    2008-04-13 18:12:04 ----A---- C:\WINDOWS\system32\riched20.dll
    2008-04-13 18:12:04 ----A---- C:\WINDOWS\system32\resutils.dll
    2008-04-13 18:12:04 ----A---- C:\WINDOWS\system32\remotepg.dll
    2008-04-13 18:12:04 ----A---- C:\WINDOWS\system32\regwizc.dll
    2008-04-13 18:12:04 ----A---- C:\WINDOWS\system32\regsvc.dll
    2008-04-13 18:12:04 ----A---- C:\WINDOWS\system32\regapi.dll
    2008-04-13 18:12:04 ----A---- C:\WINDOWS\system32\rdpsnd.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\rdchost.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\rcbdyctl.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\rastls.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\rastapi.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\rassapi.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\rasppp.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\rasmans.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\rasman.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\rasdlg.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\raschap.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\rasauto.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\rasapi32.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\rasadhlp.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\racpldlg.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\query.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\qmgr.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\qedit.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\qdvd.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\qdv.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\qcap.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\pstorsvc.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\pstorec.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\psbase.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\psapi.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\profmap.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\printui.dll
    2008-04-13 18:12:03 ----A---- C:\WINDOWS\system32\powrprof.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\polstore.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\pnrpnsp.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\pjlmon.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\pid.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\photowiz.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\perfproc.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\perfos.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\perfnet.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\perfdisk.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\perfctrs.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\pdh.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\pautoenr.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\p2psvc.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\p2pnetsh.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\p2pgraph.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\p2pgasvc.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\p2p.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\osuninst.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\opengl32.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\olepro32.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\oleprn.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\oledlg.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\olecnv32.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\olecli32.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\oleaut32.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\ole32.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\offfilt.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\odtext32.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\odpdx32.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\odfox32.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\odexl32.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\oddbse32.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\odbctrac.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\odbcjt32.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\odbccu32.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\odbccr32.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\odbccp32.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\odbcconf.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\odbcbcp.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\odbc32gt.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\odbc32.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\ocmanage.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\objsel.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\oakley.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\nwwks.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\nwprovau.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\nwapi32.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\ntvdmd.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\ntshrui.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\ntprint.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\ntmssvc.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\ntmsmgr.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\ntmsdba.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\ntmsapi.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\ntmarta.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\ntlsapi.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\ntlanman.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\ntdsapi.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\npptools.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\nmmkcert.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\nlhtml.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\newdev.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\netui1.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\netui0.dll
    2008-04-13 18:12:02 ----A---- C:\WINDOWS\system32\netshell.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\netrap.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\netplwiz.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\netman.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\netlogon.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\netid.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\netcfgx.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\nddenb32.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\nddeapi.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\ncobjapi.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\mydocs.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\mtxoci.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\mtxlegih.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\mtxex.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\mtxdm.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\mtxclu.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\msyuv.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\msxml2.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\msxml.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\mswebdvd.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\msw3prt.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\msvidctl.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\msvfw32.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\msvcrt.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\msvcp60.dll
    2008-04-13 18:12:01 ----A---- C:\WINDOWS\system32\msvcirt.dll
    2008-04-13 18:12:00 ----A---- C:\WINDOWS\system32\msvbvm60.dll
    2008-04-13 18:12:00 ----A---- C:\WINDOWS\system32\msv1_0.dll
    2008-04-13 18:12:00 ----A---- C:\WINDOWS\system32\msutb.dll
    2008-04-13 18:12:00 ----A---- C:\WINDOWS\system32\mstlsapi.dll
    2008-04-13 18:12:00 ----A---- C:\WINDOWS\system32\mstask.dll
    2008-04-13 18:12:00 ----A---- C:\WINDOWS\system32\mssap.dll
    2008-04-13 18:12:00 ----A---- C:\WINDOWS\system32\msrle32.dll
    2008-04-13 18:12:00 ----A---- C:\WINDOWS\system32\mspatcha.dll
    2008-04-13 18:12:00 ----A---- C:\WINDOWS\system32\msorcl32.dll
    2008-04-13 18:12:00 ----A---- C:\WINDOWS\system32\msoert2.dll
    2008-04-13 18:12:00 ----A---- C:\WINDOWS\system32\msoeacct.dll
    2008-04-13 18:12:00 ----A---- C:\WINDOWS\system32\msnsspc.dll
    2008-04-13 18:12:00 ----A---- C:\WINDOWS\system32\mslbui.dll
    2008-04-13 18:12:00 ----A---- C:\WINDOWS\system32\msjint40.dll
    2008-04-13 18:11:59 ----A---- C:\WINDOWS\system32\msisip.dll
    2008-04-13 18:11:59 ----A---- C:\WINDOWS\system32\msimtf.dll
    2008-04-13 18:11:59 ----A---- C:\WINDOWS\system32\msimg32.dll
    2008-04-13 18:11:59 ----A---- C:\WINDOWS\system32\msihnd.dll
    2008-04-13 18:11:59 ----A---- C:\WINDOWS\system32\msieftp.dll
    2008-04-13 18:11:59 ----A---- C:\WINDOWS\system32\msidle.dll
    2008-04-13 18:11:59 ----A---- C:\WINDOWS\system32\msident.dll
    2008-04-13 18:11:59 ----A---- C:\WINDOWS\system32\msi.dll
    2008-04-13 18:11:59 ----A---- C:\WINDOWS\system32\msgsvc.dll
    2008-04-13 18:11:59 ----A---- C:\WINDOWS\system32\msgina.dll
    2008-04-13 18:11:59 ----A---- C:\WINDOWS\system32\msftedit.dll
    2008-04-13 18:11:59 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
    2008-04-13 18:11:59 ----A---- C:\WINDOWS\system32\msdtctm.dll
    2008-04-13 18:11:59 ----A---- C:\WINDOWS\system32\msdtcprx.dll
    2008-04-13 18:11:59 ----A---- C:\WINDOWS\system32\msdtclog.dll
    2008-04-13 18:11:59 ----A---- C:\WINDOWS\system32\msdmo.dll
    2008-04-13 18:11:59 ----A---- C:\WINDOWS\system32\msdart.dll
    2008-04-13 18:11:58 ----A---- C:\WINDOWS\system32\msdadiag.dll
    2008-04-13 18:11:58 ----A---- C:\WINDOWS\system32\msctfp.dll
    2008-04-13 18:11:58 ----A---- C:\WINDOWS\system32\msctf.dll
    2008-04-13 18:11:58 ----A---- C:\WINDOWS\system32\mscpxl32.dll
    2008-04-13 18:11:58 ----A---- C:\WINDOWS\system32\msconf.dll
    2008-04-13 18:11:58 ----A---- C:\WINDOWS\system32\msasn1.dll
    2008-04-13 18:11:58 ----A---- C:\WINDOWS\system32\msapsspc.dll
    2008-04-13 18:11:58 ----A---- C:\WINDOWS\system32\msacm32.dll
    2008-04-13 18:11:58 ----A---- C:\WINDOWS\system32\mqutil.dll
    2008-04-13 18:11:58 ----A---- C:\WINDOWS\system32\mqupgrd.dll
    2008-04-13 18:11:58 ----A---- C:\WINDOWS\system32\mqtrig.dll
    2008-04-13 18:11:58 ----A---- C:\WINDOWS\system32\mqsnap.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\mqsec.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\mqrtdep.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\mqrt.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\mqqm.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\mqoa.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\mqlogmgr.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\mqise.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\mqdscli.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\mqad.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\mprdim.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\mprapi.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\mpr.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\modemui.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\mobsync.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\mnmdd.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\mmfutil.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\mmcshext.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\mmcbase.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\mlang.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\mimefilt.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\miglibnt.dll
    2008-04-13 18:11:57 ----A---- C:\WINDOWS\system32\midimap.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\mstscax.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\mgmtapi.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\mfcsubs.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\mfc42.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\mfc40u.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\mf3216.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\mdminst.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\mciwave.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\mciseq.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\mciqtz32.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\mciavi32.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\mcastmib.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\lsasrv.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\lprhelp.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\lpk.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\localui.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\localspl.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\localsec.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\loadperf.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\lmrt.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\lmhsvc.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\linkinfo.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\licwmi.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\ksuser.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\keymgr.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\kernel32.dll
    2008-04-13 18:11:56 ----A---- C:\WINDOWS\system32\kerberos.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\jgpl400.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\jgdw400.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\iyuv_32.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\ixsso.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\iuengine.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\itss.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\itircl.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\isrdbg32.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\isign32.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\ir50_qcx.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\ir50_qc.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\ir50_32.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\ir41_qcx.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\ir41_qc.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\ipxwan.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\ipv6mon.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\ipsmsnap.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\ipsecsnp.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\ippromon.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\ipnathlp.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\ipmontr.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\iphlpapi.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\input.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\initpki.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\inetppui.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\inetpp.dll
    2008-04-13 18:11:55 ----A---- C:\WINDOWS\system32\inetmib1.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\inetcfg.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\imm32.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\imeshare.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\imagehlp.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\ils.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\igmpagnt.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\ifmon.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\ieencode.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\idq.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\icwphbk.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\icwdial.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\icm32.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\iccvid.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\icaapi.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\iasrad.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\hypertrm.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\htui.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\httpapi.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\hotplug.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\hnetwiz.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\hnetcfg.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\hlink.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\hidserv.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\hid.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\hhsetup.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\hccoin.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\h323msp.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\gptext.dll
    2008-04-13 18:11:54 ----A---- C:\WINDOWS\system32\glu32.dll
    2008-04-13 18:11:53 ----A---- C:\WINDOWS\system32\fwcfg.dll
    2008-04-13 18:11:53 ----A---- C:\WINDOWS\system32\fontsub.dll
    2008-04-13 18:11:53 ----A---- C:\WINDOWS\system32\fontext.dll
    2008-04-13 18:11:53 ----A---- C:\WINDOWS\system32\fltlib.dll
    2008-04-13 18:11:53 ----A---- C:\WINDOWS\system32\fldrclnr.dll
    2008-04-13 18:11:53 ----A---- C:\WINDOWS\system32\filemgmt.dll
    2008-04-13 18:11:53 ----A---- C:\WINDOWS\system32\feclient.dll
    2008-04-13 18:11:53 ----A---- C:\WINDOWS\system32\fdeploy.dll
    2008-04-13 18:11:53 ----A---- C:\WINDOWS\system32\fde.dll
    2008-04-13 18:11:53 ----A---- C:\WINDOWS\system32\faultrep.dll
    2008-04-13 18:11:53 ----A---- C:\WINDOWS\system32\exts.dll
    2008-04-13 18:11:53 ----A---- C:\WINDOWS\system32\expsrv.dll
    2008-04-13 18:11:53 ----A---- C:\WINDOWS\system32\eventlog.dll
    2008-04-13 18:11:53 ----A---- C:\WINDOWS\system32\esent.dll
    2008-04-13 18:11:53 ----A---- C:\WINDOWS\system32\ersvc.dll
    2008-04-13 18:11:53 ----A---- C:\WINDOWS\system32\encdec.dll
    2008-04-13 18:11:53 ----A---- C:\WINDOWS\system32\encapi.dll
    2008-04-13 18:11:53 ----A---- C:\WINDOWS\system32\els.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\efsadu.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dxmasf.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dxdiagn.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dx8vb.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dx7vb.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\duser.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dswave.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dsuiext.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dssec.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dsquery.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dsprop.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dsound3d.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dsound.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dskquoui.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dskquota.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dsdmo.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\ds32gt.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\drprov.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\drmstor.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dpwsockx.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dpvvox.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dpvoice.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dpvacm.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dpnhpast.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dpnet.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dpmodemx.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dplayx.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\docprop2.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dmutil.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dmusic.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dmsynth.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dmstyle.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dmserver.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dmscript.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dmloader.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dmime.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dmdskmgr.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dmdlgs.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dmcompos.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dmband.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dispex.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\diskcopy.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dinput8.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dinput.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\digest.dll
    2008-04-13 18:11:52 ----A---- C:\WINDOWS\system32\dhcpmon.dll
    2008-04-13 18:11:51 ----N---- C:\WINDOWS\system32\corpol.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\dgnet.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\dfsshlex.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\dfrgui.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\devmgr.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\devenum.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\ddrawex.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\ddraw.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\dciman32.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\dbnmpntw.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\dbnetlib.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\dbghelp.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\davclnt.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\datime.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\dataclen.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\danim.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\d3dim700.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\d3d9.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\d3d8thk.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\d3d8.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\csrsrv.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\cscui.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\cscdll.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\cryptui.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\cryptsvc.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\cryptnet.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\cryptext.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\cryptdll.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\cryptdlg.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\crypt32.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\credui.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\confmsp.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\comuid.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\comsvcs.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\comsnap.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\comres.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\comrepl.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\compstui.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\compatui.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\comdlg32.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\comctl32.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\comaddin.dll
    2008-04-13 18:11:51 ----A---- C:\WINDOWS\system32\colbact.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\cnbjmon.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\cmutil.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\cmsetacl.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\cmprops.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\cmdial32.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\cmcfg32.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\clusapi.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\cliconfg.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\clbcatq.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\clbcatex.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\ciodm.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\cic.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\cfgbkend.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\certmgr.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\certcli.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\cdosys.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\cdfview.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\catsrvut.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\catsrvps.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\catsrv.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\capesnpn.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\camocx.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\cabview.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\cabinet.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\btpanui.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\bthserv.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\bthci.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\browsewm.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\browseui.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\browser.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\bitsprx3.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\bitsprx2.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\bidispl.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\batt.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\batmeter.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\basesrv.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\avifil32.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\authz.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\audiosrv.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\atmlib.dll
    2008-04-13 18:11:50 ----A---- C:\WINDOWS\system32\atl.dll
    2008-04-13 18:11:49 ----A---- C:\WINDOWS\system32\asycfilt.dll
    2008-04-13 18:11:49 ----A---- C:\WINDOWS\system32\appmgr.dll
    2008-04-13 18:11:49 ----A---- C:\WINDOWS\system32\appmgmts.dll
    2008-04-13 18:11:49 ----A---- C:\WINDOWS\system32\apphelp.dll
    2008-04-13 18:11:49 ----A---- C:\WINDOWS\system32\amstream.dll
    2008-04-13 18:11:49 ----A---- C:\WINDOWS\system32\alrsvc.dll
    2008-04-13 18:11:48 ----A---- C:\WINDOWS\system32\advapi32.dll
    2008-04-13 18:11:48 ----A---- C:\WINDOWS\system32\adsnw.dll
    2008-04-13 18:11:48 ----A---- C:\WINDOWS\system32\adsnt.dll
    2008-04-13 18:11:48 ----A---- C:\WINDOWS\system32\adsmsext.dll
    2008-04-13 18:11:48 ----A---- C:\WINDOWS\system32\adsldpc.dll
    2008-04-13 18:11:48 ----A---- C:\WINDOWS\system32\adsldp.dll
    2008-04-13 18:11:48 ----A---- C:\WINDOWS\system32\actxprxy.dll
    2008-04-13 18:11:48 ----A---- C:\WINDOWS\system32\activeds.dll
    2008-04-13 18:11:48 ----A---- C:\WINDOWS\system32\aclui.dll
    2008-04-13 18:11:48 ----A---- C:\WINDOWS\system32\6to4svc.dll
    2008-04-13 18:11:24 ----A---- C:\WINDOWS\system32\ntdll.dll
    2008-04-13 18:11:15 ----A---- C:\WINDOWS\system32\wmi.dll
    2008-04-13 18:11:11 ----A---- C:\WINDOWS\system32\winntbbu.dll
    2008-04-13 18:10:45 ----A---- C:\WINDOWS\system32\dpcdll.dll
    2008-04-13 18:10:31 ----A---- C:\WINDOWS\system32\odbcji32.dll
    2008-04-13 18:10:08 ----A---- C:\WINDOWS\system32\msdxmlc.dll
    2008-04-13 18:10:06 ----A---- C:\WINDOWS\system32\msafd.dll
    2008-04-13 18:09:55 ----A---- C:\WINDOWS\system32\kbdukx.dll
    2008-04-13 18:09:55 ----A---- C:\WINDOWS\system32\kbdsmsno.dll
    2008-04-13 18:09:55 ----A---- C:\WINDOWS\system32\kbdsmsfi.dll
    2008-04-13 18:09:55 ----A---- C:\WINDOWS\system32\kbdno1.dll
    2008-04-13 18:09:55 ----A---- C:\WINDOWS\system32\kbdnec.dll
    2008-04-13 18:09:55 ----A---- C:\WINDOWS\system32\kbdmlt48.dll
    2008-04-13 18:09:55 ----A---- C:\WINDOWS\system32\kbdmlt47.dll
    2008-04-13 18:09:55 ----A---- C:\WINDOWS\system32\kbdmaori.dll
    2008-04-13 18:09:55 ----A---- C:\WINDOWS\system32\kbdinmal.dll
    2008-04-13 18:09:55 ----A---- C:\WINDOWS\system32\kbdinben.dll
    2008-04-13 18:09:55 ----A---- C:\WINDOWS\system32\kbdinbe1.dll
    2008-04-13 18:09:55 ----A---- C:\WINDOWS\system32\kbdfi1.dll
    2008-04-13 18:09:40 ----A---- C:\WINDOWS\system32\icmp.dll
    2008-04-13 18:09:35 ----A---- C:\WINDOWS\system32\gpedit.dll
    2008-04-13 18:09:33 ----A---- C:\WINDOWS\system32\framebuf.dll
    2008-04-13 18:09:24 ----A---- C:\WINDOWS\system32\pidgen.dll
    2008-04-13 18:09:20 ----A---- C:\WINDOWS\system32\dpnlobby.dll
    2008-04-13 18:09:19 ----A---- C:\WINDOWS\system32\dpnaddr.dll
    2008-04-13 18:09:05 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
    2008-04-13 18:09:01 ----A---- C:\WINDOWS\system32\atmfd.dll
    2008-04-13 12:43:31 ----A---- C:\WINDOWS\system32\spiisupd.exe
    2008-04-13 12:31:35 ----A---- C:\WINDOWS\system32\kd1394.dll
    2008-04-13 12:31:28 ----A---- C:\WINDOWS\system32\HAL.DLL
    2008-04-13 12:30:46 ----A---- C:\WINDOWS\system32\msvcrt40.dll
    2008-04-13 11:39:29 ----A---- C:\WINDOWS\system32\xpob2res.dll
    2008-04-13 11:39:26 ----A---- C:\WINDOWS\system32\xpsp3res.dll
    2008-04-13 11:39:24 ----A---- C:\WINDOWS\system32\xpsp2res.dll
    2008-04-13 11:39:22 ----A---- C:\WINDOWS\system32\xpsp1res.dll
    2008-04-13 11:37:57 ----A---- C:\WINDOWS\system32\rsaenh.dll
    2008-04-13 11:37:57 ----A---- C:\WINDOWS\system32\dssenh.dll
    2008-04-13 11:26:07 ----A---- C:\WINDOWS\system32\mscpx32r.dll
    2008-04-13 11:26:05 ----A---- C:\WINDOWS\system32\odbcp32r.dll
    2008-04-13 11:26:05 ----A---- C:\WINDOWS\system32\odbcint.dll
    2008-04-13 11:24:14 ----A---- C:\WINDOWS\system32\msorc32r.dll
    2008-04-13 11:21:32 ----A---- C:\WINDOWS\system32\qedwipes.dll
    2008-04-13 11:09:30 ----A---- C:\WINDOWS\system32\dsprpres.dll
    2008-04-13 11:03:24 ----A---- C:\WINDOWS\system32\browselc.dll
    2008-04-13 11:03:19 ----A---- C:\WINDOWS\system32\shdoclc.dll
    2008-04-13 10:48:53 ----A---- C:\WINDOWS\system32\winbrand.dll
    2008-04-13 10:45:30 ----A---- C:\WINDOWS\system32\moricons.dll
    2008-04-13 10:23:31 ----A---- C:\WINDOWS\system32\msprivs.dll
    2008-04-13 10:22:12 ----A---- C:\WINDOWS\system32\inetres.dll
    2008-04-13 09:39:43 ----A---- C:\WINDOWS\system32\msimsg.dll
    2008-04-12 09:16:15 ----HD---- C:\Program Files\InstallShield Installation Information
    2008-04-11 13:04:26 ----A---- C:\WINDOWS\system32\inetcomm.dll
    2008-03-24 22:50:58 ----A---- C:\WINDOWS\system32\msxbde40.dll
    2008-03-24 22:50:58 ----A---- C:\WINDOWS\system32\mswstr10.dll
    2008-03-24 22:50:57 ----A---- C:\WINDOWS\system32\mswdat10.dll
    2008-03-24 22:50:55 ----A---- C:\WINDOWS\system32\mstext40.dll
    2008-03-24 22:50:52 ----A---- C:\WINDOWS\system32\msrepl40.dll
    2008-03-24 22:50:49 ----A---- C:\WINDOWS\system32\msrd3x40.dll
    2008-03-24 22:50:47 ----A---- C:\WINDOWS\system32\msrd2x40.dll
    2008-03-24 22:50:45 ----A---- C:\WINDOWS\system32\mspbde40.dll
    2008-03-24 22:50:44 ----A---- C:\WINDOWS\system32\msltus40.dll
    2008-03-24 22:50:42 ----A---- C:\WINDOWS\system32\msjtes40.dll
    2008-03-24 22:50:42 ----A---- C:\WINDOWS\system32\msjter40.dll
    2008-03-24 22:50:40 ----A---- C:\WINDOWS\system32\msjetoledb40.dll
    2008-03-24 22:50:34 ----A---- C:\WINDOWS\system32\msjet40.dll
    2008-03-24 22:50:30 ----A---- C:\WINDOWS\system32\msexcl40.dll
    2008-03-24 22:50:28 ----A---- C:\WINDOWS\system32\msexch40.dll
    2008-02-22 20:55:31 ----D---- C:\Program Files\Common Files\InstallShield
    2008-02-20 05:15:16 ----D---- C:\Program Files\AIM6
    2008-02-20 05:14:28 ----D---- C:\Documents and Settings\All Users\Application Data\AOL
    2008-02-13 22:46:08 ----D---- C:\Program Files\Common Files\Adobe
    2008-02-13 22:45:59 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2008-02-06 22:26:17 ----D---- C:\WINDOWS\system32\config
    2008-01-28 17:12:38 ----D---- C:\Program Files\7-Zip
    2008-01-24 00:25:12 ----SD---- C:\WINDOWS\Tasks
    2008-01-24 00:24:37 ----D---- C:\Program Files\Mozilla Firefox
    2008-01-24 00:24:03 ----D---- C:\Documents and Settings\Christine\Application Data\WTablet
    2008-01-24 00:24:02 ----D---- C:\WINDOWS\Temp
    2008-01-23 14:09:47 ----A---- C:\WINDOWS\SchedLgU.Txt
    2008-01-17 17:46:41 ----HD---- C:\WINDOWS\inf
    2008-01-04 13:59:24 ----D---- C:\Documents and Settings\Christine\Application Data\Adobe

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864]
    R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-11-18 5660]
    R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-11-18 22684]
    R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
    R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
    R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
    R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032]
    R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-11-07 25628]
    R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-11-07 2496]
    R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-11-07 86652]
    R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-11-07 14684]
    R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-11-07 6364]
    R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-11-07 87036]
    R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-11-07 94332]
    R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544]
    R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\drivers\PfModNT.sys []
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152]
    R3 BCMModem;BCM V.92 56K Modem; C:\WINDOWS\system32\DRIVERS\BCMSM.sys [2003-08-29 1101696]
    R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2007-03-14 165760]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
    R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-04-19 3988384]
    R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-09-17 732928]
    R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-01-27 260352]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 wacommousefilter;Wacom Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys [2007-02-16 11312]
    R3 wacomvhid;Wacom Virtual Hid Driver; C:\WINDOWS\system32\DRIVERS\wacomvhid.sys [2007-02-16 12848]
    R3 WacomVKHid;Virtual Keyboard Driver; C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys [2007-02-15 11440]
    S1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys []
    S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
    S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
    S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
    R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-12 152984]
    R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-29 307200]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-04-19 159810]
    R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2006-11-02 174656]
    R2 TabletServiceWacom;TabletServiceWacom; C:\WINDOWS\system32\Wacom_Tablet.exe [2007-09-07 1373480]
    R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
    R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-12-02 72704]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

    -----------------EOF-----------------

2b.RSIT INFO
    info.txt logfile of random's system information tool 1.04 2008-01-24 00:32:41

    ======Uninstall list======

    -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
    -->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    7-Zip 4.56 beta-->"C:\Program Files\7-Zip\Uninstall.exe"
    Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
    Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
    Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
    Adobe Illustrator CS2-->msiexec /I {B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}
    Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
    Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
    Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
    Adobe SVG Viewer 3.0-->C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log
    AIM 6-->C:\Program Files\AIM6\uninst.exe
    Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    BCM V.92 56K Modem-->C:\WINDOWS\BCMSMU.exe quiet
    Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
    Corel Painter X-->C:\Program Files\Corel\Corel Painter X\MSILauncher {91CABF8F-A81C-4CB0-A1B0-D55B25F1B150} C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\PainterX.log
    Corel Painter X-->MsiExec.exe /I{91CABF8F-A81C-4CB0-A1B0-D55B25F1B150}
    CuteFTP 8 Home-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{949DBB22-2FB7-4DE1-804C-23D495A988D8}\Setup.exe" -l0x9
    DELETER COMICWORKS-->MsiExec.exe /I{85CFC80F-B410-42E7-855F-F2AE1DF64315}
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"
    ESET Online Scanner-->C:\WINDOWS\system32\OnlineScannerUninstaller.exe
    EVGA Display Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEF3EFE7-5159-436D-9BF0-CCC633179EB4}\Setup.exe" -l0x9 -removeonly
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Intel(R) PRO Network Connections 12.3.31.0-->MsiExec.exe /i{DDD0A758-F44C-47D3-8E88-692FFF775127} ARPREMOVE=1
    iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
    Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
    jZip-->C:\PROGRA~1\jZip\UNWISE.EXE /U C:\PROGRA~1\jZip\INSTALL.LOG
    Lexmark Z700-P700 Series-->C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBLUN5C.EXE -dLexmark Z700-P700 Series
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    MobileMe Control Panel-->MsiExec.exe /I{924EB80F-C2BB-4B9F-8412-88BBA937393F}
    Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
    QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
    Roxio DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
    Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
    Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
    Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
    Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
    Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
    Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
    Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.exe" -l0x9 -removeonly
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
    Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Wacom Tablet-->C:\Program Files\Tablet\Wacom\Remove.exe /u
    Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
    Windows Driver Package - Hewlett-Packard Image (12/27/2006 8.0.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst32.exe /u C:\WINDOWS\system32\DRVSTORE\hpxp4370_EE583B2413E4C828DFD7901D646C3D9BF7599402\hpxp4370.inf
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

    =====HijackThis Backups=====

    O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll (file missing)
    O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll (file missing)

    ======Security center information======

    AV: avast! antivirus 4.8.1296 [VPS 090122-0]

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Intel\DMIX;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem;C:\Program Files\jZip
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel
    "PROCESSOR_REVISION"=0207
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

    -----------------EOF-----------------

Thanks again, and I look forward to your post!
wuchris
Regular Member
 
Posts: 26
Joined: November 29th, 2008, 1:31 pm
Advertisement
Register to Remove

Re: Firefox Crashing and "Perfect Defender 2009 Popup"

Unread postby Sharagoz » January 23rd, 2009, 6:28 am

Disable Avast before the next step

1) Run ComboFix with CFScript
  • Right-click on your desktop, select New -> Text file
  • Name the file CFScript.txt
  • Open CFScript.txt and copy the contents of the code box below into it, save and close
    Code: Select all
    Killall::
    
    Registry::
    O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} -
    
  • Drag CFScript.txt on top of the ComboFix.exe icon and release
  • ComboFix will start if you did this correctly
  • When ComboFix has finished scanning, a log will open
  • Include this log in your next reply

Enable Avast again

2) Manually change IE search engine
  • Close all instances of Internet Explorer
  • Press the windows key and the R key at the same time to open the Run dialog box
  • Type inetcpl.cpl and press Enter
  • In the section for Search, click Settings
  • Select Google (or something other than Yoog) and click Set Default to set it as the default search engine
  • Select Yoog and click Remove
  • Click OK and launch IE to see if the Yoog is gone
  • Let me know how that went

3) Get new RSIT log
  • Double click on RSIT.exe (on your desktop) to run RSIT
  • Click Continue at the disclaimer screen to start the scanner
  • When the scan finishes a log will open. Include this log in your next reply

Logs I need:
ComboFix log
RSIT log

The logs you posted last time were looking a lot better.
Any more issues after these steps?
User avatar
Sharagoz
Retired Graduate
 
Posts: 985
Joined: February 22nd, 2008, 4:31 pm
Location: Norway

Re: Firefox Crashing and "Perfect Defender 2009 Popup"

Unread postby Sharagoz » January 26th, 2009, 4:39 am

Don't quit on me now Christine, we're almost there
User avatar
Sharagoz
Retired Graduate
 
Posts: 985
Joined: February 22nd, 2008, 4:31 pm
Location: Norway

Re: Firefox Crashing and "Perfect Defender 2009 Popup"

Unread postby wuchris » January 26th, 2009, 3:32 pm

Hey there! I'm so sorry I keep dipping in and out--school is unbelievably rough these days, and I can't access my computer as often. Thank you so much for holding on for me, I really appreciate it.

1.Combofix Log
    ComboFix 09-01-21.04 - Christine 2009-01-26 13:17:04.4 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1621 [GMT -6:00]
    Running from: c:\documents and settings\Christine\Desktop\ComboFix.exe
    Command switches used :: c:\documents and settings\Christine\Desktop\CFScript.txt
    AV: avast! antivirus 4.8.1296 [VPS 090126-0] *On-access scanning disabled* (Updated)
    * Created a new restore point
    .

    ((((((((((((((((((((((((( Files Created from 2008-12-26 to 2009-01-26 )))))))))))))))))))))))))))))))
    .

    2009-01-12 22:39 . 2009-01-12 22:39 <DIR> d-------- c:\program files\SUPERAntiSpyware
    2009-01-12 22:39 . 2009-01-12 22:39 <DIR> d-------- c:\documents and settings\Christine\Application Data\SUPERAntiSpyware.com
    2009-01-12 22:39 . 2009-01-12 22:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
    2009-01-12 22:38 . 2009-01-12 22:38 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
    2008-12-31 10:26 . 2008-12-31 10:27 <DIR> d-------- c:\program files\jZip
    2008-12-27 17:32 . 2008-12-27 17:32 <DIR> d-------- c:\documents and settings\Christine\Application Data\vlc

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-01-26 19:20 --------- d-----w c:\documents and settings\Christine\Application Data\WTablet
    2009-01-13 04:33 --------- d-----w c:\program files\CCleaner
    2008-12-15 08:26 --------- d-----w c:\program files\ERUNT
    2008-12-13 00:44 --------- d-----w c:\program files\DivX
    2008-12-12 23:18 --------- d-----w c:\program files\EsetOnlineScanner
    2008-12-12 23:11 --------- d-----w c:\program files\Java
    2008-12-12 05:04 --------- d-----w c:\documents and settings\Christine\Application Data\AVG7
    2008-12-12 05:04 --------- d-----w c:\documents and settings\All Users\Application Data\avg7
    2008-12-12 03:57 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
    2008-12-12 03:55 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
    2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
    2008-12-04 01:52 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
    2008-12-04 01:52 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
    2008-11-29 17:23 --------- d-----w c:\program files\Trend Micro
    2008-11-29 17:18 --------- d-----w c:\program files\Windows Defender
    2008-11-29 17:10 --------- d-----w c:\program files\Panda Security
    2008-11-29 16:58 --------- d-----w c:\program files\Spybot - Search & Destroy
    2008-11-29 05:46 --------- d-----w c:\documents and settings\Christine\Application Data\Malwarebytes
    2008-11-29 05:46 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
    2008-11-29 01:14 --------- d-----w c:\program files\Apple Software Update
    2008-11-28 22:39 --------- d-----w c:\program files\iTunes
    2008-11-28 22:39 --------- d-----w c:\program files\iPod
    2008-11-28 22:39 --------- d-----w c:\program files\Common Files\Apple
    2008-11-28 22:39 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2008-11-28 22:38 --------- d-----w c:\program files\Bonjour
    2008-11-28 22:37 --------- d-----w c:\program files\QuickTime
    2007-12-02 17:27 88 --sh--r c:\windows\system32\04C847D3D0.sys
    2007-12-02 20:32 952 --sha-w c:\windows\system32\KGyGaAvL.sys
    2008-09-21 04:31 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008092020080921\index.dat
    .

    ((((((((((((((((((((((((((((( snapshot@2009-01-14_13.44.36.18 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2004-08-04 05:56:48 295,424 -c--a-w c:\windows\system32\dllcache\termsrv.dll
    + 2004-08-04 05:56:58 502,272 -c--a-w c:\windows\system32\dllcache\winlogon.exe
    - 2008-11-29 01:18:47 295,424 ----a-w c:\windows\system32\termsrv.dll
    + 2004-08-04 05:56:48 295,424 ----a-w c:\windows\system32\termsrv.dll
    - 2008-11-29 01:18:47 507,904 ----a-w c:\windows\system32\winlogon.exe
    + 2004-08-04 05:56:58 502,272 ----a-w c:\windows\system32\winlogon.exe
    + 2009-01-26 19:20:28 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_5f0.dat
    + 2009-01-26 19:20:35 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_6d8.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
    "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-11-07 122940]
    "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-12 136600]
    "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-19 7700480]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-04-19 86016]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
    "BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 c:\windows\BCMSMMSG.exe]
    "nwiz"="nwiz.exe" [2007-04-19 c:\windows\system32\nwiz.exe]

    c:\documents and settings\Christine\Start Menu\Programs\Startup\
    Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2008-12-22 11:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
    "c:\\Program Files\\AIM6\\aim6.exe"=
    "c:\\WINDOWS\\system32\\LEXPPS.EXE"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=

    R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2008-11-29 28544]
    R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-04-04 111184]
    R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-01-12 8944]
    R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-01-12 55024]
    R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-04-04 20560]
    R4 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe [2007-12-01 1373480]
    R4 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
    S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-01-12 7408]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{74f57558-c556-11dc-a899-0002b3d3ccf7}]
    \Shell\AutoRun\command - H:\LaunchU3.exe -a
    .
    Contents of the 'Scheduled Tasks' folder

    2009-01-15 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

    2009-01-26 c:\windows\Tasks\MP Scheduled Scan.job
    - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://auburn.edu/
    uInternet Settings,ProxyOverride = *.local
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    FF - ProfilePath - c:\documents and settings\Christine\Application Data\Mozilla\Firefox\Profiles\ndhm1ltp.default\
    FF - prefs.js: browser.startup.homepage - hxxp://auburn.edu/

    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.homepage.dontask - true
    FF - user.js: keyword.enabled - true
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-01-26 13:20:59
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'winlogon.exe'(672)
    c:\program files\SUPERAntiSpyware\SASWINLO.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files\Alwil Software\Avast4\aswUpdSv.exe
    c:\program files\Alwil Software\Avast4\ashServ.exe
    c:\windows\system32\LEXBCES.EXE
    c:\windows\system32\LEXPPS.EXE
    c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\windows\system32\nvsvc32.exe
    c:\windows\system32\PSIService.exe
    c:\windows\system32\WTablet\Wacom_TabletUser.exe
    c:\windows\system32\rundll32.exe
    c:\program files\iPod\bin\iPodService.exe
    c:\windows\system32\wscntfy.exe
    .
    **************************************************************************
    .
    Completion time: 2009-01-26 13:23:17 - machine was rebooted
    ComboFix-quarantined-files.txt 2009-01-26 19:23:14
    ComboFix2.txt 2009-01-20 22:16:52
    ComboFix3.txt 2009-01-19 01:11:49
    ComboFix4.txt 2009-01-14 19:45:30

    Pre-Run: 64,408,936,448 bytes free
    Post-Run: 64,402,841,600 bytes free

    161 --- E O F --- 2009-01-19 00:46:39


2.Yoog Removal
    This went great. IE's search engine is now set to Google, and Yoog isn't listed as one of the available search engines. Thank you for getting rid of this pest!


3a.RSIT Log
    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Christine at 2009-01-26 13:26:32
    Microsoft Windows XP Professional Service Pack 3
    System drive C: has 61 GB (81%) free of 76 GB
    Total RAM: 2047 MB (77% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 1:26:41 PM, on 1/26/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Wacom_Tablet.exe
    C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
    C:\WINDOWS\system32\Wacom_Tablet.exe
    C:\WINDOWS\BCMSMMSG.exe
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Christine\Desktop\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\Christine.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://auburn.edu/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O2 - BHO: EmailBHO - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - C:\Program Files\jZip\WebmailPlugin.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
    O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe

    --
    End of file - 6841 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\MP Scheduled Scan.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
    DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-11-07 110652]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{647FD14A-C4F1-46F4-8FC3-0B40F54226F7}]
    jZip Webmail plugin - C:\Program Files\jZip\WebmailPlugin.dll [2008-10-28 591296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-12 320920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-12 34816]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-12 73728]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "BCMSMMSG"=C:\WINDOWS\BCMSMMSG.exe [2003-08-29 122880]
    "DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2005-11-07 122940]
    "SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2004-10-14 1404928]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-12 136600]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-04-19 7700480]
    "nwiz"=nwiz.exe /install []
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-04-19 86016]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
    "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]

    C:\Documents and Settings\Christine\Start Menu\Programs\Startup
    Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
    C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=323
    "NoDrives"=0
    "NoDriveAutoRun"=67108863

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
    "C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
    "C:\WINDOWS\system32\LEXPPS.EXE"="C:\WINDOWS\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{74f57558-c556-11dc-a899-0002b3d3ccf7}]
    shell\AutoRun\command - H:\LaunchU3.exe -a


    ======List of files/folders created in the last 1 months======

    2009-01-26 13:26:32 ----D---- C:\rsit
    2009-01-26 13:26:22 ----SHD---- C:\RECYCLER
    2009-01-26 13:23:18 ----A---- C:\ComboFix.txt
    2009-01-20 16:10:05 ----A---- C:\WINDOWS\NIRCMD.exe
    2009-01-14 13:42:33 ----A---- C:\Boot.bak
    2009-01-14 13:42:24 ----RASHD---- C:\cmdcons
    2009-01-14 13:41:26 ----A---- C:\WINDOWS\zip.exe
    2009-01-14 13:41:26 ----A---- C:\WINDOWS\VFIND.exe
    2009-01-14 13:41:26 ----A---- C:\WINDOWS\SWXCACLS.exe
    2009-01-14 13:41:26 ----A---- C:\WINDOWS\SWSC.exe
    2009-01-14 13:41:26 ----A---- C:\WINDOWS\SWREG.exe
    2009-01-14 13:41:26 ----A---- C:\WINDOWS\sed.exe
    2009-01-14 13:41:26 ----A---- C:\WINDOWS\grep.exe
    2009-01-14 13:41:26 ----A---- C:\WINDOWS\fdsv.exe
    2009-01-13 17:19:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
    2009-01-12 22:39:41 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    2009-01-12 22:39:36 ----D---- C:\Program Files\SUPERAntiSpyware
    2009-01-12 22:39:36 ----D---- C:\Documents and Settings\Christine\Application Data\SUPERAntiSpyware.com
    2009-01-12 22:38:28 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
    2008-12-31 10:26:52 ----D---- C:\Program Files\jZip
    2008-12-27 17:35:05 ----D---- C:\WINDOWS\Minidump
    2008-12-27 17:32:02 ----D---- C:\Documents and Settings\Christine\Application Data\vlc

    ======List of files/folders modified in the last 1 months======

    2009-01-26 13:23:55 ----D---- C:\Program Files\Mozilla Firefox
    2009-01-26 13:23:27 ----SD---- C:\WINDOWS\Tasks
    2009-01-26 13:23:23 ----D---- C:\WINDOWS\Temp
    2009-01-26 13:23:21 ----D---- C:\WINDOWS\system32
    2009-01-26 13:23:21 ----D---- C:\Qoobox
    2009-01-26 13:23:20 ----D---- C:\WINDOWS\system32\drivers
    2009-01-26 13:23:20 ----D---- C:\WINDOWS
    2009-01-26 13:22:13 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-01-26 13:21:03 ----A---- C:\WINDOWS\system.ini
    2009-01-26 13:20:48 ----D---- C:\Documents and Settings\Christine\Application Data\WTablet
    2009-01-26 13:18:20 ----D---- C:\WINDOWS\AppPatch
    2009-01-26 13:18:20 ----D---- C:\Program Files\Common Files
    2009-01-26 13:16:36 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-01-20 16:10:00 ----D---- C:\WINDOWS\Prefetch
    2009-01-18 19:09:27 ----D---- C:\WINDOWS\ERDNT
    2009-01-18 19:07:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-01-14 13:42:33 ----RASH---- C:\boot.ini
    2009-01-13 17:19:15 ----HD---- C:\WINDOWS\$hf_mig$
    2009-01-13 17:18:14 ----D---- C:\WINDOWS\Debug
    2009-01-12 22:39:39 ----SHD---- C:\WINDOWS\Installer
    2009-01-12 22:39:39 ----SHD---- C:\Config.Msi
    2009-01-12 22:39:38 ----SD---- C:\Documents and Settings\Christine\Application Data\Microsoft
    2009-01-12 22:39:36 ----RD---- C:\Program Files
    2009-01-12 22:33:17 ----D---- C:\Program Files\CCleaner
    2009-01-09 19:35:28 ----A---- C:\WINDOWS\system32\MRT.exe
    2008-12-30 17:49:19 ----D---- C:\Documents and Settings\Christine\Application Data\Mozilla
    2008-12-29 19:05:21 ----RSD---- C:\WINDOWS\Fonts
    2008-12-27 01:07:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864]
    R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-11-18 5660]
    R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-11-18 22684]
    R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
    R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
    R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
    R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032]
    R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-11-07 25628]
    R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-11-07 2496]
    R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-11-07 86652]
    R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-11-07 14684]
    R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-11-07 6364]
    R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-11-07 87036]
    R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-11-07 94332]
    R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544]
    R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\drivers\PfModNT.sys []
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152]
    R3 BCMModem;BCM V.92 56K Modem; C:\WINDOWS\system32\DRIVERS\BCMSM.sys [2003-08-29 1101696]
    R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2007-03-14 165760]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
    R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-04-19 3988384]
    R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-09-17 732928]
    R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-01-27 260352]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 wacommousefilter;Wacom Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys [2007-02-16 11312]
    R3 wacomvhid;Wacom Virtual Hid Driver; C:\WINDOWS\system32\DRIVERS\wacomvhid.sys [2007-02-16 12848]
    R3 WacomVKHid;Virtual Keyboard Driver; C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys [2007-02-15 11440]
    S1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys []
    S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
    S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
    S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
    R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-12 152984]
    R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-29 307200]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-04-19 159810]
    R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2006-11-02 174656]
    R2 TabletServiceWacom;TabletServiceWacom; C:\WINDOWS\system32\Wacom_Tablet.exe [2007-09-07 1373480]
    R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
    R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-12-02 72704]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

    -----------------EOF-----------------


3b.RSIT Info
    info.txt logfile of random's system information tool 1.04 2009-01-26 13:26:42

    ======Uninstall list======

    -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
    -->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    7-Zip 4.56 beta-->"C:\Program Files\7-Zip\Uninstall.exe"
    Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
    Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
    Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
    Adobe Illustrator CS2-->msiexec /I {B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}
    Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
    Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
    Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
    Adobe SVG Viewer 3.0-->C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log
    AIM 6-->C:\Program Files\AIM6\uninst.exe
    Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    BCM V.92 56K Modem-->C:\WINDOWS\BCMSMU.exe quiet
    Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
    Corel Painter X-->C:\Program Files\Corel\Corel Painter X\MSILauncher {91CABF8F-A81C-4CB0-A1B0-D55B25F1B150} C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\PainterX.log
    Corel Painter X-->MsiExec.exe /I{91CABF8F-A81C-4CB0-A1B0-D55B25F1B150}
    CuteFTP 8 Home-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{949DBB22-2FB7-4DE1-804C-23D495A988D8}\Setup.exe" -l0x9
    DELETER COMICWORKS-->MsiExec.exe /I{85CFC80F-B410-42E7-855F-F2AE1DF64315}
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"
    ESET Online Scanner-->C:\WINDOWS\system32\OnlineScannerUninstaller.exe
    EVGA Display Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEF3EFE7-5159-436D-9BF0-CCC633179EB4}\Setup.exe" -l0x9 -removeonly
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Intel(R) PRO Network Connections 12.3.31.0-->MsiExec.exe /i{DDD0A758-F44C-47D3-8E88-692FFF775127} ARPREMOVE=1
    iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
    Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
    jZip-->C:\PROGRA~1\jZip\UNWISE.EXE /U C:\PROGRA~1\jZip\INSTALL.LOG
    Lexmark Z700-P700 Series-->C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBLUN5C.EXE -dLexmark Z700-P700 Series
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    MobileMe Control Panel-->MsiExec.exe /I{924EB80F-C2BB-4B9F-8412-88BBA937393F}
    Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
    QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
    Roxio DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
    Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
    Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
    Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
    Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
    Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
    Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
    Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.exe" -l0x9 -removeonly
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
    Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Wacom Tablet-->C:\Program Files\Tablet\Wacom\Remove.exe /u
    Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
    Windows Driver Package - Hewlett-Packard Image (12/27/2006 8.0.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst32.exe /u C:\WINDOWS\system32\DRVSTORE\hpxp4370_EE583B2413E4C828DFD7901D646C3D9BF7599402\hpxp4370.inf
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

    =====HijackThis Backups=====

    O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll (file missing)
    O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll (file missing)

    ======Security center information======

    AV: avast! antivirus 4.8.1296 [VPS 090126-0]

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Intel\DMIX;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem;C:\Program Files\jZip
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel
    "PROCESSOR_REVISION"=0207
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

    -----------------EOF-----------------
wuchris
Regular Member
 
Posts: 26
Joined: November 29th, 2008, 1:31 pm

Re: Firefox Crashing and "Perfect Defender 2009 Popup"

Unread postby Sharagoz » January 26th, 2009, 4:18 pm

Your logs are now clean, well done!
You did very well hanging in there until the end, most people would not, so give yourself a pat on the back.

Unless you have discovered new problems its time to do the final steps.

Cleaning up after the removal procedures
  • 1) Uninstall through Add/Remove Programs
    • Press the windows key and the R key at the same time to open the Run dialog box
    • Type appwiz.cpl and press enter
    • This will take you to Add/Remove Programs
      (Optionally you can locate Add/Remove Programs through the control panel)
    • Locate and uninstall the below programs unless you want to keep some of them for future usage:
      CCleaner
      ERUNT
      ESET Online Scanner
      Malwarebytes' Anti-Malware
      SUPERAntiSpyware
    • You uninstall by selecting the program and then clicking the button labeled Remove or Uninstall
  • 2) Uninstall ComboFix
    • Press the windows key and the R key at the same time to open the Run dialog box
    • Copy the command below into it and press Enter
      Code: Select all
      combofix /u
  • 3) Other deletions
    • RSIT.exe (on your desktop)
      C:\rsit (folder)
    • Delete any other logs that remain on your desktop.

You can now enable Windows Defender again, using a similar procedure as step 3 of this post

2) Taking measures to prevent your computer from being infected again
    Now that your computer is free from malware you may want to know how you can prevent this from happening again.
    Below I'm quoting a tutorial I've written which I post to everybody I help here at MWR.
    It covers the key parts of the software side of computer security. What steps you take or dont take to increase your own computers security is of course up to you.
    The tutorial will take a little while to get through, but I hope you find it to be worth your time.
    If you have any questions beyond this, feel free to ask.

    How to protect yourself from malware
    Over the last few years there has been a dramatic increase in the number of infected computers online.
    If everybody using the internet knew what Im about to go through, this number would be significantly reduced.
    I dont have all the answers, and I cant go through every detail if the size of the tutorial is to be kept fairly short, but I'll do my best to explain the most important parts.

  • 1) Keeping your operating system up to date (windows updates)
    This is the most important security measure. With an unpatched operating system you will be defenseless even with top-notch security software.
    Malware often exploit security holes in your operating system to install itself, and keeping your OS up to date at all times will make sure this risk is at a minimum.
    Visit http://update.microsoft.com/ using Internet Explorer, and get all critical updates.
    You may have to repeat the update procedure several times before you get all updates. Repeat it until there are no more critical updates showing as missing.
    Also, I recommend you turn on automatic updates if you havent already.

  • 2) Keeping applications up to date
    Keeping your operating system up to date is critical, but its also important to keep your applications up to date.
    If security holes are discovered in common applications that most people use, malware writers are sure to try and exploit them to install their malicious content.
    Many applications have automatic updates. If you are asked about installing an update you should do so unless you got a good reason not to.
    There are also several online sites that offer to scan your computer for outdated software.
    One of them is provided by Secunia. This one is quick and easy to use, and will provide links to updates if outdated software is discovered.
    I recommend you go there once in a while and make sure you got your software up to date.
    Secunias Software Inspector is located here:
    http://secunia.com/vulnerability_scanning/online/
    Visit that page, click Start Scanner and the rest should be fairly easy to figure out.

  • 3) Immunization software
    This section covers security measures which doesn't do any realtime scanning. All they do is block sites that hosts malware, sites that advertises for malware, malicious ActiveX objects, malicious browser helpers, and cookies that have been identified as bad.
    These protection measures have proven very effective against "internet related" threats and require virtually no computer resources.
    I recommend you install all of the below, regardless of what real-time scanners you use (i.e anti-virus and such).
    - MVP hosts
      Blocks rougly 25k online domains that hosts or advertises malicious content.
      Will significantly reduce the chance of getting in trouble by accidently visiting the wrong page.
    • Download hosts.zip from here and save the file to your desktop
    • Open hosts.zip and extract the file called HOSTS to the folder C:\windows\system32\drivers\etc
    • Answer Yes if asked about overwriting an existing file
    • Delete hosts.zip
    Notes:
    If you have previously added custom entries to your own hosts file, these will have to be re-added after the new hosts file is installed.
    The MVP hosts file should be downloaded and re-installed every now and then to keep it up to date.
    If you install MVP Hosts you should disable a service called "DNS client".
    If you dont, your browser(s) will use 10-60 seconds longer to start than what you are used to.
    Disabling this service will have no side-effects. Its purpose is to put domains in cache, but there is no noticeable increase in browsing speed.
    To disable the "DNS Client" service, do the following:
    • Press the windows key and the R key at the same time to open the run dialog box
    • Type in services.msc and press Enter to open the control panel for services
    • Right-click on "DNS client" and chose "Stop".
    • After the service has stopped, right-click on it again, chose "Properties" and set "startup type" to "disabled, press "Apply" and "OK".

    - Javacool Spywareblaster
      Multi-purpose blocker of activeX objects, browser helpers and unwanted cookies.
    • Download Spywareblaster from here and install it using default settings
    • Launch Spywareblaster
    • Click "manual updating" (automatic require a subscription)
    • Click "updates"->"check for updates"
    • When the updates are finished downloading, click "protection status" -> "enable all protection"
    Note:
    The last two steps should be repeated from time to time to keep the protection up to date.

    - Spybot immunization
      Multi-purpose blocker of domains, activeX objects, browsers helpers and unwanted cookies.
    • Download Spybot from here
    • When installing spybot, be sure to uncheck "Security center integration", "Separate secure shredder application" and "use system settings protection (teatimer)".
      These features have more cons than pros.
    • Launch Spybot
    • Click "update" -> "check for updates" and install all available updates.
    • Click "Immunize" in the left menu and then "immunize" in the right-hand window to enable the protection. (this may take a couple of minutes to finish)
    Note:
    The last two steps should be repeated from time to time to keep the protection up to date.

    After immunization you will start to notice that on some web sites advertisements are not displayed, instead it shows an icon indicating that an image couldnt be loaded or a small frame saying "the web page could not be displayed".
    The reason for this is that the immunization is blocking the site that are hosting the ads because it has been found to advertise for malicious software.
    If you try to enter a website that is being blocked, the browser will simply say "the web page could not be displayed".

    4) Real-time protection
    This section covers security measures that work in real time and scans computer activity as it is happening (anti-virus/anti-malware scans a file before it allows it to be opened, a firewall controls network traffic and blocks it unless you have allowed it to happen).
    This requires a lot of system resources, so what we are looking for is applications with good detection rate, low resource usage, that dont cause problems for legitimate applications.
    I have divided the real-timer scanners into sub-catergories and listed my recommendation for each catergory.

    - Anti-virusNote:
    Never have more than one Anti-virus application installed. Installing a second one is likely to cause conflicts between the two and apart from making your system unstable it will reduce your security rather than increase it.

    - Anti-malware
      These applications are ment to supplement your antivirus as they are aimed spesifically at detecting malicious programs.
      This can be programs designed to display advertisements (adware), track your internet surfing (spyware), give other people control over your computer (backdoors) and the likes.
      Unfortuntly, in the anti-malware department there arent any great free alternatives like there are in the anti-virus department.
      If you want an anti-malware application worth using you'll need to purchase one. Here are three good alternatives:
    • Malwarebytes' Anti-Malware
    • SUPERAntiSpyware (can be tried for 14 days for free)
    • A-squared Anti-Malware (can be tried for 30 days for free)
    Note:
    You can have more than one of these running at the same time, but I don't recommend it because it only gives a small increase in security while a big increase in usage of system resources.
    These can also be run alongside a security suite.

    - 3rd party Firewall
      Modern operating systems and routers have firewalls built into them that control incoming traffic so the main reason you might want to install a 3rd party firewall is to control outgoing traffic.
      Firewalls are different from other security software as it really is a tool you need to learn how to use, rather than an automatic security solution. An anti-virus application for instance you usually just install and then it runs in the background and only alerts you if something is wrong.
      That is not the case with firewalls. It will alert you whenever something tries to connect to the internet, whether its good or bad, and then its up to you to allow or deny the request. So ultimately you are increasing the security yourself with the help of the firewall.
      If you want to have top notch security you need a 3rd party firewall and the knowledge of how to use it. This will be your last line of defense should something bad get through your immunzation, and anti-virus/anti-malware protection.
      It enables you to prevent a trojan downloader from downloading malware to your computer should you end up with one, or prevent malware from sending personal information after it has collected it.
      However, firewalls can be difficult to use properly. When the firewall prompts you with "should xxx be allowed to connect to the internet?" you need to be able to decide whether xxx is good or bad. Most people who use a 3rd party firewall doesnt know how to do this, and click Yes every time, hence making it fairly useless to have a 3rd party firewall.
      In my opinion, firewalls are for the ones who have an above average need/interest in computer security, but nevertheless it's needed to have top-notch security.
      Here are three good, free alternatives if you desire to have one. They each have their own support forum that can help you learn how setup and use their firewall.
    • Comodo
      (If you chose this one, be sure to uncheck the following alternatives during installation:
      "Install Comodo SafeSurf..", "Make Comodo my default search provider" and "Make Comodo Search my homepage")
    • PCTools Firewall
    • Online Armor

    - Winpatrol
      This program is not strictly a security application, but gives you a lot more control over your computer.
      Like a firewall it's a tool you need to learn how to use.
      Basically it watches your system settings and alerts you if an application tries to change something. Then its up to you to accept or deny this change.
      Its main purpose is to watch programs that add themselfs to auto-start, but it also watches file associations, activeX objects and Internet Explorer helpers.
      Most programs do not need to be on auto-start, and the bad thing about auto-start is that it clogs down system resources.
      With winpatrol you can easily detect and prevent when an unwanted auto-start entry is added, and this becomes an additional security layer because most malware will add itself to auto-start.
      You can download winpatrol from here
      And here's a link to a place where you can get more information on how to use it

    If you managed to read through all of that you're probably asking "do I really need that much security software?".
    That depends on what your computer is used for.
    I'd say that everybody who uses a computer on the internet today really needs the following:
    - Windows updates (having all windows updates is more important than any security software)
    - The immunization software in step 3
    - Anti-virus software
    That's the minimum.
    If you use your computer for financial transactions (online bank, web-shopping, etc) or have sensitive information stored on the computer, you should strongly consider buying an anti-malware application to supplement your anti-virus software. A 3rd party firewall should also be considered.
    If you like to use your computer freely and install a lot of different programs, use file-sharing applications and surf all over the web you should also consider enhancing security as you'll be more at risk for infections.

    5) Safe and sensible online practices
    A book could be written on this subject, but here are some key points:
    - Be carefull about what you download and which programs you install.
    Dont blindly install every program that looks neat. If you're suspicious about a program, do a search online and see what others have to say about it before you install it.
    Be especially cautious about programs ment to "boost" your computer in any way, or programs that claim to make your computer run better.
    Any content given away for free are reason for suspicion.
    - Be carefull about which links you click.
    If somebody sends you a link you didnt expect, ask them about it before you click it.
    Some infections are designed to send messages to everybody on a persons email/messenger contact list, and if one of your contacts are infected, you may recive such messages
    - Be carefull about which email attachments you open.
    Use the same caution with unexpected email attachments as with links.
    - If a site looks shady, it probably is
    Sites that host malicious content often look shady with all types of adds and offers. Just navigate away.


That was a general guide, not aimed spesifically at your computer.
You have Avast installed already, which is one of the best Anti-Virus applications out there, so keep using it if you're happy with it.
You also have Spybot installed already. Make sure it got all updates and have the immunzation enabled.
I recommend you add MVP hosts and Spywareblaster for increased protection, and then decide for yourself if you'd like to get an Anti-Malware application or a 3rd party firewall.

Thats it.
If you have questions or comments, please respond back and let me know. If you do not respond, this thread will be closed within 48 hours.

Surf safely!
User avatar
Sharagoz
Retired Graduate
 
Posts: 985
Joined: February 22nd, 2008, 4:31 pm
Location: Norway

Re: Firefox Crashing and "Perfect Defender 2009 Popup"

Unread postby wuchris » January 26th, 2009, 6:17 pm

Oh my gosh. I can't believe it!
Thank you so much for everything you've done-- you are awesome.
wuchris
Regular Member
 
Posts: 26
Joined: November 29th, 2008, 1:31 pm

Re: Firefox Crashing and "Perfect Defender 2009 Popup"

Unread postby Sharagoz » January 27th, 2009, 6:19 am

You're welcome :)
User avatar
Sharagoz
Retired Graduate
 
Posts: 985
Joined: February 22nd, 2008, 4:31 pm
Location: Norway

Re: Firefox Crashing and "Perfect Defender 2009 Popup"

Unread postby Shaba » January 30th, 2009, 6:25 am

wuchris this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland
Advertisement
Register to Remove

Previous

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 355 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware