Attn noahdfear can't install service packs

Can't get Explorer to work now

I am posting from my mother's computer.

As I worked on the computer later this morning, it slowed way down and finally Internet Explorer started having real bad problems. I couldn't get onto any websites, and then it started doing this thing where several windows started opening up all by themselves.

For instance, I get an email message when there is a new post left on this thread. In that email there is a link to the thread, so if I just click on that link, it'll take me straight here.

When I did that this morning, it wouldn't even go there, and several windows of Explorer opened up, but nothing would come up on the screen. I finally just shut the computer off and left it.

What do I do when I get home and if I can't even get it to go online?

When I got the message this morning about the poison thing, it did tell me where the file is and I wrote it down, but it's at home.

I thought I was just about done with all the problems when I finally got SP 3 to install this morning and the computer worked wonderfully for awhile and was very quick going from one to another.

Thanks so much,
frustrated musicteacher

 

Do you have a usb flash drive, floppy disk or cd you can put a tool on and transfer it to your computer?

Download haxfix.exe and save it to your desktop.
Double click on haxfix.exe to run it.
A red "dos window" (dos box) will open with this options:

• 1. Make logfile
• E. Exit Haxfix

• Select option 1. Make logfile by typing 1 and then pressing Enter.
• Haxfix will start scanning the computer. When it is finished a logfile will open: haxlog.txt
• Close it for now.

• Double click on the haxfix.exe again.
• Close all other open windows since this step requires a reboot.
• Select option 2. Run auto fix by typing 2 and then pressing Enter.

If an infection is found, youll get a message to close all other open windows.

• Close all open windows except the red dos window from haxfix and then press Enter.
• The computer will reboot.
• After reboot a logfile ( "c:\haxfix.txt ") will open.
• If you're able to get online, post the contents of that logfile along with a new HijackThislog.

If you are still unable to get online, try to do a system restore to the first available restore point, then any other as needed. Let me know when you're back online and what it took to get there.

 

Thanks so much for your patiece with me. I do now have Service Packs 1A and 3 installed on the computer, but it's sure acting wild.

I've managed to download haxfix and run it. It didn't find anything.

Comodo was the program that notified me of an infected file on Saturday, August 30. It's located in
C:\documents and settings\owner\desktop\rsit.exe

Is rsit some program that I need to run and now that it's quarantineed, my computer is acting so bad?

Comodo shows that 3 other files are also quarantineed: bla.exe, killwind.exe, and nnwdac638.exe

Since these are in quarantine, are they OK to just leave there or should I do more?

Windows is crazy. Sunday night I managed to get online and open Internet Explorer, but when I tried to open a window, immediately 69 different windows in Explorer opened. I had to sit here and click, click, click, to get them all to close.

I'm getting ready for school but will try to run HJT so I can post you a log in another post. I want to send this before it shuts down or closes on me.

Thanks for all your help.

musicteacher

 

HAXFIX logfile - by Marckie

version 5.014
Mon 09/01/2008 21:43:39.68

--- Auto Haxdoorfix ---


Haxdoorfix Part 1

no infections found


Haxdoorfix Part 2

searching for notifykeys
no notifykeys found

searching for services
no services found

searching for safeboot services
no safeboot services found


--- Goldunfix ---


searching for other goldun- and haxdoorfiles:

checking iexplore.exe
iexplore.exe is not infected

searching for SSODLkeys
no SSODLkeys found

searching for notifykeys
no notify keys found

searching for services
no services found


Finished

 

I'm happy to see haxfix came up empty.

RSIT is the system information tool I had you download and run. Please tell Comodo it is safe. You can delete the files in quarantine too.

I need you to post another log from RSIT. First, please delete the folder C:\rsit if present. Instructions for RSIT below, in case they're needed.

• Download RSIT by random/random and save it to your desktop.
• Double click RSIT.exe to start the tool and click Continue at the disclaimer.
• When the scan completes it will open a log named log.txt maximized, and a log named info.txt minimized.
• Please post the contents of both logs here in your next reply.

 

info.txt logfile of random's system information tool 2008-09-04 22:00:07

Uninstall list

-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\System32\\MSIEXEC.EXE /x {09DA4F91-2A09-4232-AB8C-6BC740096DE3}
-->c:\WINDOWS\System32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->c:\WINDOWS\System32\\MSIEXEC.EXE /x {8214CC02-6271-4DC8-B8DD-779933450264}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ACDSee 10 Photo Manager-->MsiExec.exe /I{F8B98EB6-FC06-45BF-87D4-9784E0408611}
Ad-aware 6 Personal-->C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f "C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c "C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll "
Adobe Flash Player ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
ArcSoft ShowBiz-->C:\WINDOWS\IsUninst.exe -f "C:\Program Files\Arcsoft\Showbiz\Uninst.isu "
ArcSoft Software Suite-->C:\WINDOWS\IsUninst.exe -f "C:\Program Files\ArcSoft\Software Suite\Uninst.isu "
Atomic Pop--> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {96777B4D-1A97-492E-B5DA-C624AA675280}
Betty Bad--> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {A27EAF80-CBFC-4F56-94E1-929A401D7515}
Blackhawk Striker--> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {5415BC25-6D6C-46C4-B34C-EA8470FE56D5}
Blasterball 2--> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {357ECB62-CD36-4B63-B57E-769D0CA174F4}
Blasterball Wild--> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {28BA89E7-2F60-4BE7-BAA2-7949EB3FE527}
Comodo AntiVirus Beta 2.0-->C:\Program Files\Comodo\Comodo AntiVirus\UninstallCAVS.exe
Dark Orbit--> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {7841B68B-B7DD-408E-8B45-D5CA39608185}
Detto IntelliMover Demo-->MsiExec.exe /X{E62C706B-1352-4DCA-B4D4-81C24750B70F}
Disney's Lilo and Stitch Pinball--> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {63272979-21F0-48EF-9B97-A83DBC05BE39}
Disney's Toontown Online-->C:\PROGRA~1\Disney\DISNEY~1\Toontown\UNWISE.EXE /A C:\PROGRA~1\Disney\DISNEY~1\Toontown\INSTALL.LOG
DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
easy Internet sign-up-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B5DDB2C-0807-47FD-9C11-80EA761902C0}\Setup.exe" -l0x9
ESET Online Scanner-->C:\WINDOWS\System32\OnlineScannerUninstaller.exe
GemMaster 2--> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {4EDAE550-ACA5-4EF6-88BD-9F2B8BC2982D}
HijackThis 2.0.2--> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
hp center-->C:\WINDOWS\BWUnin-6.1.0.153.exe -AppId 137903
hp deskjet 3500 series-->rundll32 hpzcon09.dll,VendorJettison hp deskjet 3500 series
hp deskjet 3500-->msiexec /x{C7EC0699-D82C-4451-B701-C98C330D43AF}
HP Instant Support-->C:\PROGRA~1\HPINST~1\UNWISE.EXE C:\PROGRA~1\HPINST~1\INSTALL.LOG
HP Memories Disc-->MsiExec.exe /X{FF384BDE-429B-45AD-A0C6-E593393D9D1C}
HP Photo and Imaging 1.1 - Photosmart Cameras-->MsiExec.exe /X{1EEE2A9F-6471-42fa-8923-E8879168CE26}
HP Photo and Imaging 2.0 - Deskjet Series-->MsiExec.exe /I{E0828692-FD9D-459F-9312-C645C3CA6650}
hp toolkit-->c:\Windows\HPTK\unhptkit.exe
Inactive HP Printer Drivers (Remove only)-->RunDll32 hpuninst.dll,InstallHinfSection UninstDefault 132 prntunin.inf
Intel(R) 845G Chipset Graphics Driver Software-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
InterVideo WinDVD--> "C:\Program Files\InstallShield Installation Information\{C1939820-A945-11D4-86F6-0001031E5712}\setup.exe" REMOVEALL
KBD-->C:\HP\KBD\KBD.EXE uninstalled
Kublox--> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {F7A4D9BE-D989-45B9-BB49-2C0EA34B9991}
Lernout & Hauspie TruVoice American English TTS Engine-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tv_enua.inf, Uninstall
Malwarebytes' Anti-Malware--> "C:\Program Files\Malwarebytes\Malwarebytes' Anti-Malware\unins000.exe "
Microsoft Office 2000 Premium-->MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
MUSICMATCH Jukebox-->C:\WINDOWS\IsUninst.exe -f "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\Uninst.isu" -cC:\PROGRA~1\MUSICM~1\MUSICM~1\unmatch.dll
NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvhp.inf
PC-Doctor for Windows-->C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\PC-DOC~1\INSTALL.LOG
PigPen--> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {B279B0DA-6F60-4FBD-9847-0C9AB79A3674}
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 combined Win32 extensions-->C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
Python 2.2.1-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
Quicken Financial Center-->C:\PROGRA~1\QUICKE~1\rem\UNWISE.EXE /s C:\PROGRA~1\QUICKE~1\rem\INSTALL.LOG
RecordNow Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
RecordNow-->MsiExec.exe /I{8214CC02-6271-4DC8-B8DD-779933450264}
S3Display-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Display'
S3Gamma2-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Gamma2'
S3Info2-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Info2'
S3Overlay-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Overlay'
SabreWing 2--> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {922B6E62-57DC-4153-97E3-12443BB5F9AE}
Security Update for Windows XP (KB950762)--> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe "
Snowboard Extreme--> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {753FE96B-D926-4B6C-BCFB-CC59153D004A}
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
Space Rocks--> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {9FA01E11-9015-4140-B10A-5C6AA949B2FC}
Speedway--> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {D6CAB2F4-26A4-48F4-A35D-CA83063E3928}
Spybot - Search & Destroy--> "C:\Program Files\Spybot - Search & Destroy\unins000.exe "
Virtual Warfare--> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {4F0AE1FB-4082-4A27-8363-05D292D92FB0}
WildTangent Channel Manager-->C:\Program Files\WildTangent\DDC\DDCManager\Uninstall.exe
Windows Resource Kit Tools - SubInAcl.exe-->MsiExec.exe /X{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}
Windows XP Service Pack 3--> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe "
WordPerfect Productivity Pack-->C:\WINDOWS\Corel\uninst32.exe
WordPerfect Productivity Pack-->C:\WINDOWS\Corel\Uninst32.exe

Hosts File

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

Environment variables

"ComSpec "=%SystemRoot%\system32\cmd.exe
"Path "=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;c:\Python22;C:\Program files\PC-Doctor for Windows XP\WINDSAPI
"windir "=%SystemRoot%
"OS "=Windows_NT
"PROCESSOR_ARCHITECTURE "=x86
"PROCESSOR_LEVEL "=15
"PROCESSOR_IDENTIFIER "=x86 Family 15 Model 2 Stepping 7, GenuineIntel
"PROCESSOR_REVISION "=0207
"NUMBER_OF_PROCESSORS "=1
"PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP "=%SystemRoot%\TEMP
"TMP "=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK "=NO

-----------------EOF-----------------

 

Logfile of random's system information tool (written by random/random)
Run by Owner at 2008-09-04 21:57:36
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 37 GB (52%) free of 71 GB
Total RAM: 510 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:59:40 PM, on 9/4/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\Comodo\common\CAVASpy\cavasm.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Comodo\Comodo AntiVirus\Cavaud.exe
C:\Program Files\Comodo\Comodo AntiVirus\cavemsrv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Owner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us6.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us6.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe "
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe "
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [cnfgCav] "C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe "
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 7.0 Tray Icon.lnk = C:\Program Files\America Online 7.0\aoltray.exe
O4 - Global Startup: Exif Launcher.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/OnlineScanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1219026776889
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://a.download.toontown.com/sv1.0.34.14/ttinst.cab
O20 - Winlogon Notify: monln - C:\WINDOWS\SYSTEM32\monln.dll
O23 - Service: Comodo Anti-Virus and Anti-Spyware Service - Comodo Inc. - C:\Program Files\Comodo\common\CAVASpy\cavasm.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 6410 bytes

Scheduled tasks folder

C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#Deskjet#3320.job

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-07-07 1562448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv "=c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
"nwiz "=C:\WINDOWS\system32\nwiz.exe [2002-05-03 364544]
"CamMonitor "=c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe [2002-06-18 69632]
"KBD "=C:\HP\KBD\KBD.EXE [2001-07-07 61440]
"StorageGuard "=C:\Program Files\VERITAS Software\Update Manager\sgtray.exe [2002-05-09 155648]
"dla "=C:\WINDOWS\system32\dla\tfswctrl.exe [2002-07-16 106549]
"Recguard "=C:\WINDOWS\SMINST\RECGUARD.EXE [2001-12-19 212992]
"IgfxTray "=C:\WINDOWS\System32\igfxtray.exe [2002-05-15 155648]
"HotKeysCmds "=C:\WINDOWS\System32\hkcmd.exe [2002-05-15 114688]
"PS2 "=C:\WINDOWS\system32\ps2.exe [2002-06-14 81920]
"HP Software Update "=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe [2003-06-25 49152]
"HP Component Manager "=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-10-23 233472]
"HPDJ Taskbar Utility "=C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe [2003-09-01 176128]
"DeviceDiscovery "=C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-05-21 229437]
"cnfgCav "=C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe [2008-07-28 110592]
"BOC-426 "= []
"KernelFaultCheck "=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS "=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
America Online 7.0 Tray Icon.lnk - C:\Program Files\America Online 7.0\aoltray.exe
Exif Launcher.lnk - C:\Program Files\FinePixViewer\QuickDCF.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2002-05-15 307200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\monln]
C:\WINDOWS\system32\monln.dll [2008-07-28 216576]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\Comodo\Comodo AntiVirus\CavEmSrv.exe "= "C:\Program Files\Comodo\Comodo AntiVirus\CavEmSrv.exe:*:Enabled:Comodo AntiVirus Email Proxy Server "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "

 

List of files/folders created in the last three months

2008-09-04 21:57:36 ----D---- C:\rsit
2008-09-02 20:55:19 ----A---- C:\WINDOWS\gmer.dll
2008-09-01 20:59:35 ----A---- C:\HaxFix.txt
2008-09-01 00:00:27 ----A---- C:\HaxFix.exe
2008-09-01 00:00:25 ----D---- C:\HaxFix
2008-08-30 08:35:29 ----D---- C:\WINDOWS\Prefetch
2008-08-30 08:25:46 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-08-30 08:16:10 ----A---- C:\WINDOWS\setuplog.txt
2008-08-30 08:14:26 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-08-30 08:14:25 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-08-30 08:13:53 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-08-30 08:13:51 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-08-30 08:13:51 ----N---- C:\WINDOWS\system32\azroles.dll
2008-08-30 08:13:50 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-08-30 08:13:50 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-08-30 08:13:50 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-08-30 08:13:50 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-08-30 08:13:50 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-08-30 08:13:50 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-08-30 08:13:50 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-08-30 08:13:50 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-08-30 08:13:50 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-08-30 08:13:50 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-08-30 08:13:50 ----N---- C:\WINDOWS\system32\credssp.dll
2008-08-30 08:13:49 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-08-30 08:13:49 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-08-30 08:13:49 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-08-30 08:13:49 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-08-30 08:13:49 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-08-30 08:13:49 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-08-30 08:13:49 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-08-30 08:13:49 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-08-30 08:13:46 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-08-30 08:13:46 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-08-30 08:13:45 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-08-30 08:13:45 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-08-30 08:13:45 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-08-30 08:13:45 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-08-30 08:13:44 ----N---- C:\WINDOWS\system32\mssha.dll
2008-08-30 08:13:44 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-08-30 08:13:44 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-08-30 08:13:44 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-08-30 08:13:44 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-08-30 08:13:43 ----N---- C:\WINDOWS\system32\onex.dll
2008-08-30 08:13:43 ----N---- C:\WINDOWS\system32\napstat.exe
2008-08-30 08:13:43 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-08-30 08:13:43 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-08-30 08:13:43 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-08-30 08:13:42 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-08-30 08:13:41 ----N---- C:\WINDOWS\system32\setupn.exe
2008-08-30 08:13:41 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-08-30 08:13:41 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-08-30 08:13:41 ----N---- C:\WINDOWS\system32\qutil.dll
2008-08-30 08:13:41 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-08-30 08:13:41 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-08-30 08:13:41 ----N---- C:\WINDOWS\system32\qagent.dll
2008-08-30 08:13:40 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-08-30 08:13:40 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-08-30 08:13:39 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-08-30 08:13:39 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-08-30 08:13:38 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-08-30 08:13:38 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-08-30 08:13:33 ----D---- C:\WINDOWS\system32\scripting
2008-08-30 08:13:30 ----D---- C:\WINDOWS\l2schemas
2008-08-30 08:13:29 ----D---- C:\WINDOWS\system32\en
2008-08-30 08:01:04 ----A---- C:\WINDOWS\006763_.tmp
2008-08-29 05:52:53 ----SHD---- C:\RECYCLER
2008-08-27 22:20:18 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-08-27 21:46:55 ----D---- C:\de90abfdf826684a18d7b9338cb7df
2008-08-27 18:24:41 ----A---- C:\WINDOWS\OEWABLog.txt
2008-08-27 17:54:26 ----A---- C:\WINDOWS\system32\dpcdll.dll
2008-08-27 17:53:37 ----A---- C:\WINDOWS\system32\ati2dvaa.dll
2008-08-27 17:52:22 ----A---- C:\WINDOWS\hh.exe
2008-08-27 17:52:22 ----A---- C:\WINDOWS\explorer.exe
2008-08-27 17:52:21 ----A---- C:\WINDOWS\winhlp32.exe
2008-08-27 17:52:15 ----A---- C:\WINDOWS\system32\adsldp.dll
2008-08-27 17:52:15 ----A---- C:\WINDOWS\system32\6to4svc.dll
2008-08-27 17:52:14 ----A---- C:\WINDOWS\system32\ahui.exe
2008-08-27 17:52:14 ----A---- C:\WINDOWS\system32\advpack.dll
2008-08-27 17:52:14 ----A---- C:\WINDOWS\system32\adsnt.dll
2008-08-27 17:52:14 ----A---- C:\WINDOWS\system32\adsmsext.dll
2008-08-27 17:52:14 ----A---- C:\WINDOWS\system32\adsldpc.dll
2008-08-27 17:52:13 ----A---- C:\WINDOWS\system32\apphelp.dll
2008-08-27 17:52:13 ----A---- C:\WINDOWS\system32\alg.exe
2008-08-27 17:52:12 ----A---- C:\WINDOWS\system32\at.exe
2008-08-27 17:52:12 ----A---- C:\WINDOWS\system32\asferror.dll
2008-08-27 17:52:11 ----A---- C:\WINDOWS\system32\batt.dll
2008-08-27 17:52:11 ----A---- C:\WINDOWS\system32\avifil32.dll
2008-08-27 17:52:11 ----A---- C:\WINDOWS\system32\autolfn.exe
2008-08-27 17:52:11 ----A---- C:\WINDOWS\system32\audiosrv.dll
2008-08-27 17:52:11 ----A---- C:\WINDOWS\system32\atl.dll
2008-08-27 17:52:10 ----A---- C:\WINDOWS\system32\browser.dll
2008-08-27 17:52:10 ----A---- C:\WINDOWS\system32\browselc.dll
2008-08-27 17:52:09 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-08-27 17:52:09 ----A---- C:\WINDOWS\system32\browsewm.dll
2008-08-27 17:52:09 ----A---- C:\WINDOWS\system32\browseui.dll
2008-08-27 17:52:08 ----A---- C:\WINDOWS\system32\cewmdm.dll
2008-08-27 17:52:08 ----A---- C:\WINDOWS\system32\certcli.dll
2008-08-27 17:52:07 ----A---- C:\WINDOWS\system32\clusapi.dll
2008-08-27 17:52:07 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-08-27 17:52:07 ----A---- C:\WINDOWS\system32\ciodm.dll
2008-08-27 17:52:07 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-08-27 17:52:06 ----A---- C:\WINDOWS\system32\compatui.dll
2008-08-27 17:52:06 ----A---- C:\WINDOWS\system32\cmdl32.exe
2008-08-27 17:52:06 ----A---- C:\WINDOWS\system32\cmdial32.dll
2008-08-27 17:52:05 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-08-27 17:52:04 ----A---- C:\WINDOWS\system32\cryptdlg.dll
2008-08-27 17:52:04 ----A---- C:\WINDOWS\system32\crypt32.dll
2008-08-27 17:52:04 ----A---- C:\WINDOWS\system32\credui.dll
2008-08-27 17:52:04 ----A---- C:\WINDOWS\system32\conime.exe
2008-08-27 17:52:03 ----A---- C:\WINDOWS\system32\cryptui.dll
2008-08-27 17:52:03 ----A---- C:\WINDOWS\system32\cryptsvc.dll
2008-08-27 17:52:02 ----A---- C:\WINDOWS\system32\ctfmon.exe
2008-08-27 17:52:02 ----A---- C:\WINDOWS\system32\cscui.dll
2008-08-27 17:52:01 ----A---- C:\WINDOWS\system32\d3d8.dll
2008-08-27 17:52:00 ----A---- C:\WINDOWS\system32\danim.dll
2008-08-27 17:51:59 ----A---- C:\WINDOWS\system32\dbnetlib.dll
2008-08-27 17:51:59 ----A---- C:\WINDOWS\system32\dbmsvinn.dll
2008-08-27 17:51:59 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll
2008-08-27 17:51:59 ----A---- C:\WINDOWS\system32\dbmsadsn.dll
2008-08-27 17:51:58 ----A---- C:\WINDOWS\system32\devmgr.dll
2008-08-27 17:51:58 ----A---- C:\WINDOWS\system32\defrag.exe
2008-08-27 17:51:58 ----A---- C:\WINDOWS\system32\ddraw.dll
2008-08-27 17:51:58 ----A---- C:\WINDOWS\system32\dbnmpntw.dll
2008-08-27 17:51:57 ----A---- C:\WINDOWS\system32\dfrgui.dll
2008-08-27 17:51:57 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
2008-08-27 17:51:57 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2008-08-27 17:51:57 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2008-08-27 17:51:56 ----A---- C:\WINDOWS\system32\dinput8.dll
2008-08-27 17:51:56 ----A---- C:\WINDOWS\system32\dinput.dll
2008-08-27 17:51:56 ----A---- C:\WINDOWS\system32\digest.dll
2008-08-27 17:51:56 ----A---- C:\WINDOWS\system32\dgnet.dll
2008-08-27 17:51:56 ----A---- C:\WINDOWS\system32\dfsshlex.dll
2008-08-27 17:51:55 ----A---- C:\WINDOWS\system32\dmscript.dll
2008-08-27 17:51:55 ----A---- C:\WINDOWS\system32\dmloader.dll
2008-08-27 17:51:55 ----A---- C:\WINDOWS\system32\dmime.dll
2008-08-27 17:51:55 ----A---- C:\WINDOWS\system32\dmcompos.dll
2008-08-27 17:51:55 ----A---- C:\WINDOWS\system32\dmband.dll
2008-08-27 17:51:54 ----A---- C:\WINDOWS\system32\docprop2.dll
2008-08-27 17:51:54 ----A---- C:\WINDOWS\system32\dnsapi.dll
2008-08-27 17:51:54 ----A---- C:\WINDOWS\system32\dmusic.dll
2008-08-27 17:51:54 ----A---- C:\WINDOWS\system32\dmstyle.dll
2008-08-27 17:51:53 ----A---- C:\WINDOWS\system32\dpvoice.dll
2008-08-27 17:51:53 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2008-08-27 17:51:53 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2008-08-27 17:51:53 ----A---- C:\WINDOWS\system32\dpnet.dll
2008-08-27 17:51:52 ----A---- C:\WINDOWS\system32\dsquery.dll
2008-08-27 17:51:52 ----A---- C:\WINDOWS\system32\dsprop.dll
2008-08-27 17:51:52 ----A---- C:\WINDOWS\system32\ds32gt.dll
2008-08-27 17:51:52 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2008-08-27 17:51:52 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2008-08-27 17:51:51 ----A---- C:\WINDOWS\system32\dwwin.exe
2008-08-27 17:51:51 ----A---- C:\WINDOWS\system32\duser.dll
2008-08-27 17:51:51 ----A---- C:\WINDOWS\system32\dumprep.exe
2008-08-27 17:51:51 ----A---- C:\WINDOWS\system32\dssenh.dll
2008-08-27 17:51:50 ----A---- C:\WINDOWS\system32\dxdiag.exe
2008-08-27 17:51:49 ----A---- C:\WINDOWS\system32\dxmasf.dll
2008-08-27 17:51:48 ----A---- C:\WINDOWS\system32\els.dll
2008-08-27 17:51:48 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-08-27 17:51:48 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-08-27 17:51:47 ----A---- C:\WINDOWS\system32\ersvc.dll
2008-08-27 17:51:46 ----A---- C:\WINDOWS\system32\eventlog.dll
2008-08-27 17:51:46 ----A---- C:\WINDOWS\system32\eudcedit.exe
2008-08-27 17:51:46 ----A---- C:\WINDOWS\system32\es.dll
2008-08-27 17:51:45 ----A---- C:\WINDOWS\system32\framebuf.dll
2008-08-27 17:51:45 ----A---- C:\WINDOWS\system32\fontview.exe
2008-08-27 17:51:45 ----A---- C:\WINDOWS\system32\fldrclnr.dll
2008-08-27 17:51:45 ----A---- C:\WINDOWS\system32\faultrep.dll
2008-08-27 17:51:45 ----A---- C:\WINDOWS\system32\expsrv.dll
2008-08-27 17:51:44 ----A---- C:\WINDOWS\system32\fxscomex.dll
2008-08-27 17:51:44 ----A---- C:\WINDOWS\system32\fxsclnt.exe
2008-08-27 17:51:44 ----A---- C:\WINDOWS\system32\fxsapi.dll
2008-08-27 17:51:43 ----A---- C:\WINDOWS\system32\fxsres.dll
2008-08-27 17:51:43 ----A---- C:\WINDOWS\system32\fxsperf.dll
2008-08-27 17:51:43 ----A---- C:\WINDOWS\system32\fxsext32.dll
2008-08-27 17:51:43 ----A---- C:\WINDOWS\system32\fxsdrv.dll
2008-08-27 17:51:43 ----A---- C:\WINDOWS\system32\fxscover.exe
2008-08-27 17:51:42 ----A---- C:\WINDOWS\system32\fxsst.dll
2008-08-27 17:51:41 ----A---- C:\WINDOWS\system32\fxstiff.dll
2008-08-27 17:51:41 ----A---- C:\WINDOWS\system32\fxst30.dll
2008-08-27 17:51:41 ----A---- C:\WINDOWS\system32\fxssvc.exe
2008-08-27 17:51:40 ----A---- C:\WINDOWS\system32\fxswzrd.dll
2008-08-27 17:51:40 ----A---- C:\WINDOWS\system32\fxsui.dll
2008-08-27 17:51:39 ----A---- C:\WINDOWS\system32\hhsetup.dll
2008-08-27 17:51:39 ----A---- C:\WINDOWS\system32\fxsxp32.dll
2008-08-27 17:51:38 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-08-27 17:51:38 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2008-08-27 17:51:37 ----A---- C:\WINDOWS\system32\ieakeng.dll
2008-08-27 17:51:37 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2008-08-27 17:51:37 ----A---- C:\WINDOWS\system32\idq.dll
2008-08-27 17:51:37 ----A---- C:\WINDOWS\system32\icm32.dll
2008-08-27 17:51:36 ----A---- C:\WINDOWS\system32\iesetup.dll
2008-08-27 17:51:36 ----A---- C:\WINDOWS\system32\iepeers.dll
2008-08-27 17:51:36 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2008-08-27 17:51:36 ----A---- C:\WINDOWS\system32\ieaksie.dll
2008-08-27 17:51:35 ----A---- C:\WINDOWS\system32\imgutil.dll
2008-08-27 17:51:35 ----A---- C:\WINDOWS\system32\imeshare.dll
2008-08-27 17:51:35 ----A---- C:\WINDOWS\system32\imapi.exe
2008-08-27 17:51:35 ----A---- C:\WINDOWS\system32\ils.dll
2008-08-27 17:51:34 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-08-27 17:51:34 ----A---- C:\WINDOWS\system32\imm32.dll
2008-08-27 17:51:33 ----A---- C:\WINDOWS\system32\inseng.dll
2008-08-27 17:51:33 ----A---- C:\WINDOWS\system32\input.dll
2008-08-27 17:51:32 ----A---- C:\WINDOWS\system32\iphlpapi.dll
2008-08-27 17:51:32 ----A---- C:\WINDOWS\system32\ipconfig.exe
2008-08-27 17:51:31 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
2008-08-27 17:51:31 ----A---- C:\WINDOWS\system32\ippromon.dll
2008-08-27 17:51:31 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2008-08-27 17:51:30 ----A---- C:\WINDOWS\system32\itss.dll
2008-08-27 17:51:30 ----A---- C:\WINDOWS\system32\itircl.dll
2008-08-27 17:51:30 ----A---- C:\WINDOWS\system32\ipv6mon.dll
2008-08-27 17:51:30 ----A---- C:\WINDOWS\system32\ipv6.exe
2008-08-27 17:51:29 ----A---- C:\WINDOWS\system32\kd1394.dll
2008-08-27 17:51:29 ----A---- C:\WINDOWS\system32\ixsso.dll
2008-08-27 17:51:28 ----A---- C:\WINDOWS\system32\kerberos.dll
2008-08-27 17:51:27 ----A---- C:\WINDOWS\system32\lmrt.dll
2008-08-27 17:51:27 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-08-27 17:51:27 ----A---- C:\WINDOWS\system32\licmgr10.dll
2008-08-27 17:51:26 ----A---- C:\WINDOWS\system32\logonui.exe
2008-08-27 17:51:26 ----A---- C:\WINDOWS\system32\localui.dll
2008-08-27 17:51:25 ----A---- C:\WINDOWS\system32\mindex.dll
2008-08-27 17:51:24 ----A---- C:\WINDOWS\system32\mobsync.dll
2008-08-27 17:51:24 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-08-27 17:51:24 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2008-08-27 17:51:23 ----A---- C:\WINDOWS\system32\moricons.dll
2008-08-27 17:51:22 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-08-27 17:51:21 ----A---- C:\WINDOWS\system32\msctf.dll
2008-08-27 17:51:21 ----A---- C:\WINDOWS\system32\mscpx32r.dll
2008-08-27 17:51:21 ----A---- C:\WINDOWS\system32\msconf.dll
2008-08-27 17:51:21 ----A---- C:\WINDOWS\system32\mscms.dll
2008-08-27 17:51:20 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-08-27 17:51:20 ----A---- C:\WINDOWS\system32\msdart.dll
2008-08-27 17:51:20 ----A---- C:\WINDOWS\system32\msctfp.dll
2008-08-27 17:51:19 ----A---- C:\WINDOWS\system32\msdxmlc.dll
2008-08-27 17:51:18 ----A---- C:\WINDOWS\system32\msexch40.dll
2008-08-27 17:51:17 ----A---- C:\WINDOWS\system32\msexcl40.dll
2008-08-27 17:51:15 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-27 17:51:14 ----A---- C:\WINDOWS\system32\msieftp.dll
2008-08-27 17:51:14 ----A---- C:\WINDOWS\system32\mshtmler.dll
2008-08-27 17:51:14 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-08-27 17:51:13 ----A---- C:\WINDOWS\system32\msimtf.dll
2008-08-27 17:51:13 ----A---- C:\WINDOWS\system32\msimg32.dll
2008-08-27 17:51:12 ----A---- C:\WINDOWS\system32\msisam11.dll
2008-08-27 17:51:11 ----A---- C:\WINDOWS\system32\mslbui.dll
2008-08-27 17:51:11 ----A---- C:\WINDOWS\system32\msjtes40.dll
2008-08-27 17:51:11 ----A---- C:\WINDOWS\system32\msjetoledb40.dll
2008-08-27 17:51:11 ----A---- C:\WINDOWS\system32\msjet40.dll
2008-08-27 17:51:10 ----A---- C:\WINDOWS\system32\msorcl32.dll
2008-08-27 17:51:10 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-08-27 17:51:10 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-08-27 17:51:10 ----A---- C:\WINDOWS\system32\msnsspc.dll
2008-08-27 17:51:10 ----A---- C:\WINDOWS\system32\msltus40.dll
2008-08-27 17:51:09 ----A---- C:\WINDOWS\system32\mspmsp.dll
2008-08-27 17:51:09 ----A---- C:\WINDOWS\system32\mspbde40.dll
2008-08-27 17:51:09 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-08-27 17:51:08 ----A---- C:\WINDOWS\system32\msrd2x40.dll
2008-08-27 17:51:08 ----A---- C:\WINDOWS\system32\msrating.dll
2008-08-27 17:51:07 ----A---- C:\WINDOWS\system32\msscp.dll
2008-08-27 17:51:07 ----A---- C:\WINDOWS\system32\msrle32.dll
2008-08-27 17:51:07 ----A---- C:\WINDOWS\system32\msrepl40.dll
2008-08-27 17:51:06 ----A---- C:\WINDOWS\system32\mstime.dll
2008-08-27 17:51:06 ----A---- C:\WINDOWS\system32\mstext40.dll
2008-08-27 17:51:06 ----A---- C:\WINDOWS\system32\mstask.dll
2008-08-27 17:51:05 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-08-27 17:51:05 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-08-27 17:51:05 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-08-27 17:51:04 ----A---- C:\WINDOWS\system32\msvcp60.dll
2008-08-27 17:51:04 ----A---- C:\WINDOWS\system32\msutb.dll
2008-08-27 17:51:04 ----A---- C:\WINDOWS\system32\msuni11.dll
2008-08-27 17:51:03 ----A---- C:\WINDOWS\system32\msvidctl.dll
2008-08-27 17:51:03 ----A---- C:\WINDOWS\system32\msvfw32.dll
2008-08-27 17:51:03 ----A---- C:\WINDOWS\system32\msvcrt.dll
2008-08-27 17:51:02 ----A---- C:\WINDOWS\system32\msxbde40.dll
2008-08-27 17:51:02 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2008-08-27 17:51:01 ----A---- C:\WINDOWS\system32\msxml3.dll
2008-08-27 17:51:01 ----A---- C:\WINDOWS\system32\msxml2.dll
2008-08-27 17:51:00 ----A---- C:\WINDOWS\system32\net1.exe
2008-08-27 17:51:00 ----A---- C:\WINDOWS\system32\net.exe
2008-08-27 17:51:00 ----A---- C:\WINDOWS\system32\nddenb32.dll
2008-08-27 17:51:00 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2008-08-27 17:50:59 ----A---- C:\WINDOWS\system32\netdde.exe
2008-08-27 17:50:59 ----A---- C:\WINDOWS\system32\netcfgx.dll
2008-08-27 17:50:59 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-08-27 17:50:58 ----A---- C:\WINDOWS\system32\netman.dll
2008-08-27 17:50:58 ----A---- C:\WINDOWS\system32\netlogon.dll
2008-08-27 17:50:57 ----A---- C:\WINDOWS\system32\netplwiz.dll
2008-08-27 17:50:56 ----A---- C:\WINDOWS\system32\netshell.dll
2008-08-27 17:50:55 ----A---- C:\WINDOWS\system32\ntlanman.dll
2008-08-27 17:50:55 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-08-27 17:50:55 ----A---- C:\WINDOWS\system32\nlhtml.dll
2008-08-27 17:50:55 ----A---- C:\WINDOWS\system32\newdev.dll
2008-08-27 17:50:54 ----A---- C:\WINDOWS\system32\ntmssvc.dll
2008-08-27 17:50:54 ----A---- C:\WINDOWS\system32\ntmsdba.dll
2008-08-27 17:50:54 ----A---- C:\WINDOWS\system32\ntmsapi.dll
2008-08-27 17:50:54 ----A---- C:\WINDOWS\system32\ntmarta.dll
2008-08-27 17:50:53 ----A---- C:\WINDOWS\system32\odbc32.dll
2008-08-27 17:50:53 ----A---- C:\WINDOWS\system32\oakley.dll
2008-08-27 17:50:53 ----A---- C:\WINDOWS\system32\ntshrui.dll
2008-08-27 17:50:52 ----A---- C:\WINDOWS\system32\odbccp32.dll
2008-08-27 17:50:52 ----A---- C:\WINDOWS\system32\odbcconf.exe
2008-08-27 17:50:52 ----A---- C:\WINDOWS\system32\odbcconf.dll
2008-08-27 17:50:52 ----A---- C:\WINDOWS\system32\odbcbcp.dll
2008-08-27 17:50:52 ----A---- C:\WINDOWS\system32\odbcad32.exe
2008-08-27 17:50:52 ----A---- C:\WINDOWS\system32\odbc32gt.dll
2008-08-27 17:50:51 ----A---- C:\WINDOWS\system32\offfilt.dll
2008-08-27 17:50:51 ----A---- C:\WINDOWS\system32\odbctrac.dll
2008-08-27 17:50:51 ----A---- C:\WINDOWS\system32\odbcp32r.dll
2008-08-27 17:50:51 ----A---- C:\WINDOWS\system32\odbccu32.dll
2008-08-27 17:50:51 ----A---- C:\WINDOWS\system32\odbccr32.dll
2008-08-27 17:50:50 ----A---- C:\WINDOWS\system32\oleprn.dll
2008-08-27 17:50:50 ----A---- C:\WINDOWS\system32\ole32.dll
2008-08-27 17:50:49 ----A---- C:\WINDOWS\system32\packager.exe
2008-08-27 17:50:49 ----A---- C:\WINDOWS\system32\osk.exe
2008-08-27 17:50:49 ----A---- C:\WINDOWS\system32\opengl32.dll
2008-08-27 17:50:48 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-08-27 17:50:48 ----A---- C:\WINDOWS\system32\ping.exe
2008-08-27 17:50:48 ----A---- C:\WINDOWS\system32\pdh.dll
2008-08-27 17:50:48 ----A---- C:\WINDOWS\system32\pautoenr.dll
2008-08-27 17:50:47 ----A---- C:\WINDOWS\system32\qcap.dll
2008-08-27 17:50:47 ----A---- C:\WINDOWS\system32\psbase.dll
2008-08-27 17:50:47 ----A---- C:\WINDOWS\system32\psapi.dll
2008-08-27 17:50:46 ----A---- C:\WINDOWS\system32\qdvd.dll
2008-08-27 17:50:45 ----A---- C:\WINDOWS\system32\quartz.dll
2008-08-27 17:50:45 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-08-27 17:50:45 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-08-27 17:50:45 ----A---- C:\WINDOWS\system32\qedit.dll
2008-08-27 17:50:44 ----A---- C:\WINDOWS\system32\query.dll
2008-08-27 17:50:43 ----A---- C:\WINDOWS\system32\rassapi.dll
2008-08-27 17:50:43 ----A---- C:\WINDOWS\system32\rasppp.dll
2008-08-27 17:50:43 ----A---- C:\WINDOWS\system32\rasmans.dll
2008-08-27 17:50:43 ----A---- C:\WINDOWS\system32\raschap.dll
2008-08-27 17:50:42 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-08-27 17:50:42 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-08-27 17:50:42 ----A---- C:\WINDOWS\system32\rcimlby.exe
2008-08-27 17:50:42 ----A---- C:\WINDOWS\system32\rastls.dll
2008-08-27 17:50:41 ----A---- C:\WINDOWS\system32\reg.exe
2008-08-27 17:50:41 ----A---- C:\WINDOWS\system32\redir.exe
2008-08-27 17:50:41 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-08-27 17:50:41 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-08-27 17:50:41 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-08-27 17:50:41 ----A---- C:\WINDOWS\system32\rdpdd.dll
2008-08-27 17:50:40 ----A---- C:\WINDOWS\system32\riched20.dll
2008-08-27 17:50:40 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-08-27 17:50:40 ----A---- C:\WINDOWS\system32\regapi.dll
2008-08-27 17:50:39 ----A---- C:\WINDOWS\system32\rpcss.dll
2008-08-27 17:50:39 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2008-08-27 17:50:38 ----A---- C:\WINDOWS\system32\runonce.exe
2008-08-27 17:50:38 ----A---- C:\WINDOWS\system32\rtcshare.exe
2008-08-27 17:50:38 ----A---- C:\WINDOWS\system32\rsaenh.dll
2008-08-27 17:50:37 ----A---- C:\WINDOWS\system32\scecli.dll
2008-08-27 17:50:37 ----A---- C:\WINDOWS\system32\sccsccp.dll
2008-08-27 17:50:37 ----A---- C:\WINDOWS\system32\sccbase.dll
2008-08-27 17:50:36 ----A---- C:\WINDOWS\system32\sdbinst.exe
2008-08-27 17:50:36 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-08-27 17:50:36 ----A---- C:\WINDOWS\system32\scesrv.dll
2008-08-27 17:50:35 ----A---- C:\WINDOWS\system32\sfc_os.dll
2008-08-27 17:50:35 ----A---- C:\WINDOWS\system32\setup.exe
2008-08-27 17:50:35 ----A---- C:\WINDOWS\system32\sensapi.dll
2008-08-27 17:50:35 ----A---- C:\WINDOWS\system32\sens.dll
2008-08-27 17:50:35 ----A---- C:\WINDOWS\system32\secur32.dll
2008-08-27 17:50:34 ----A---- C:\WINDOWS\system32\sfcfiles.dll
2008-08-27 17:50:33 ----A---- C:\WINDOWS\system32\shdocvw.dll
2008-08-27 17:50:29 ----A---- C:\WINDOWS\system32\shimeng.dll
2008-08-27 17:50:29 ----A---- C:\WINDOWS\system32\shgina.dll
2008-08-27 17:50:29 ----A---- C:\WINDOWS\system32\shfolder.dll
2008-08-27 17:50:29 ----A---- C:\WINDOWS\system32\shell32.dll
2008-08-27 17:50:28 ----A---- C:\WINDOWS\system32\shsvcs.dll
2008-08-27 17:50:28 ----A---- C:\WINDOWS\system32\shmgrate.exe
2008-08-27 17:50:28 ----A---- C:\WINDOWS\system32\shlwapi.dll
2008-08-27 17:50:28 ----A---- C:\WINDOWS\system32\shimgvw.dll
2008-08-27 17:50:27 ----A---- C:\WINDOWS\system32\slayerxp.dll
2008-08-27 17:50:27 ----A---- C:\WINDOWS\system32\skeys.exe
2008-08-27 17:50:27 ----A---- C:\WINDOWS\system32\sigverif.exe
2008-08-27 17:50:27 ----A---- C:\WINDOWS\system32\sigtab.dll
2008-08-27 17:50:26 ----A---- C:\WINDOWS\system32\snmpapi.dll
2008-08-27 17:50:26 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2008-08-27 17:50:26 ----A---- C:\WINDOWS\system32\smlogcfg.dll
2008-08-27 17:50:25 ----A---- C:\WINDOWS\system32\spoolss.dll
2008-08-27 17:50:25 ----A---- C:\WINDOWS\system32\spider.exe
2008-08-27 17:50:24 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-08-27 17:50:24 ----A---- C:\WINDOWS\system32\srclient.dll
2008-08-27 17:50:24 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2008-08-27 17:50:23 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-08-27 17:50:22 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2008-08-27 17:50:21 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2008-08-27 17:50:19 ----A---- C:\WINDOWS\system32\stobject.dll
2008-08-27 17:50:19 ----A---- C:\WINDOWS\system32\sti_ci.dll
2008-08-27 17:50:19 ----A---- C:\WINDOWS\system32\sti.dll
2008-08-27 17:50:18 ----A---- C:\WINDOWS\system32\sxs.dll
2008-08-27 17:50:18 ----A---- C:\WINDOWS\system32\strmdll.dll
2008-08-27 17:50:17 ----A---- C:\WINDOWS\system32\tapisrv.dll
2008-08-27 17:50:17 ----A---- C:\WINDOWS\system32\tapi32.dll
2008-08-27 17:50:16 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-08-27 17:50:16 ----A---- C:\WINDOWS\system32\taskmgr.exe
2008-08-27 17:50:15 ----A---- C:\WINDOWS\system32\udhisapi.dll
2008-08-27 17:50:15 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-08-27 17:50:15 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-08-27 17:50:15 ----A---- C:\WINDOWS\system32\trkwks.dll
2008-08-27 17:50:15 ----A---- C:\WINDOWS\system32\tracert.exe
2008-08-27 17:50:15 ----A---- C:\WINDOWS\system32\themeui.dll
2008-08-27 17:50:14 ----A---- C:\WINDOWS\system32\upnp.dll
2008-08-27 17:50:14 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2008-08-27 17:50:14 ----A---- C:\WINDOWS\system32\umandlg.dll
2008-08-27 17:50:13 ----A---- C:\WINDOWS\system32\url.dll
2008-08-27 17:50:13 ----A---- C:\WINDOWS\system32\ups.exe
2008-08-27 17:50:13 ----A---- C:\WINDOWS\system32\upnpui.dll
2008-08-27 17:50:13 ----A---- C:\WINDOWS\system32\upnphost.dll
2008-08-27 17:50:12 ----A---- C:\WINDOWS\system32\utilman.exe
2008-08-27 17:50:12 ----A---- C:\WINDOWS\system32\usp10.dll
2008-08-27 17:50:12 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-27 17:50:11 ----A---- C:\WINDOWS\system32\uxtheme.dll
2008-08-27 17:50:10 ----A---- C:\WINDOWS\system32\vssapi.dll
2008-08-27 17:50:10 ----A---- C:\WINDOWS\system32\vdmredir.dll
2008-08-27 17:50:10 ----A---- C:\WINDOWS\system32\vbscript.dll
2008-08-27 17:50:09 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-08-27 17:50:09 ----A---- C:\WINDOWS\system32\w32time.dll
2008-08-27 17:50:08 ----A---- C:\WINDOWS\system32\webclnt.dll
2008-08-27 17:50:07 ----A---- C:\WINDOWS\system32\wiadss.dll
2008-08-27 17:50:07 ----A---- C:\WINDOWS\system32\wextract.exe
2008-08-27 17:50:07 ----A---- C:\WINDOWS\system32\webvw.dll
2008-08-27 17:50:06 ----A---- C:\WINDOWS\system32\wiaservc.dll
2008-08-27 17:50:05 ----A---- C:\WINDOWS\system32\winsta.dll
2008-08-27 17:50:05 ----A---- C:\WINDOWS\system32\winmm.dll
2008-08-27 17:50:05 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-27 17:50:04 ----A---- C:\WINDOWS\system32\wmerrenu.dll
2008-08-27 17:50:04 ----A---- C:\WINDOWS\system32\wlnotify.dll
2008-08-27 17:50:04 ----A---- C:\WINDOWS\system32\wldap32.dll
2008-08-27 17:50:03 ----A---- C:\WINDOWS\system32\wmpcd.dll
2008-08-27 17:50:02 ----A---- C:\WINDOWS\system32\wmpcore.dll
2008-08-27 17:50:01 ----A---- C:\WINDOWS\system32\wmpshell.dll
2008-08-27 17:50:01 ----A---- C:\WINDOWS\system32\wmploc.dll
2008-08-27 17:50:00 ----A---- C:\WINDOWS\system32\wmpstub.exe
2008-08-27 17:49:59 ----A---- C:\WINDOWS\system32\wmstream.dll
2008-08-27 17:49:59 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2008-08-27 17:49:59 ----A---- C:\WINDOWS\system32\wmpui.dll
2008-08-27 17:49:58 ----A---- C:\WINDOWS\system32\wmv8dmod.dll
2008-08-27 17:49:57 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2008-08-27 17:49:57 ----A---- C:\WINDOWS\system32\wship6.dll
2008-08-27 17:49:57 ----A---- C:\WINDOWS\system32\wow32.dll
2008-08-27 17:49:57 ----A---- C:\WINDOWS\system32\wmvdmoe.dll
2008-08-27 17:49:56 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2008-08-27 17:49:56 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-08-27 17:49:56 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2008-08-27 17:49:51 ----A---- C:\WINDOWS\system32\xenroll.dll
2008-08-27 17:49:51 ----A---- C:\WINDOWS\system32\xactsrv.dll
2008-08-27 17:49:50 ----A---- C:\WINDOWS\system32\zipfldr.dll
2008-08-27 17:49:50 ----A---- C:\WINDOWS\system32\HAL.DLL
2008-08-26 19:47:53 ----D---- C:\WINDOWS\temp
2008-08-23 11:36:32 ----A---- C:\WINDOWS\gmer.ini
2008-08-23 11:35:14 ----RA---- C:\WINDOWS\gmer.exe
2008-08-23 11:35:14 ----A---- C:\WINDOWS\gmer_uninstall.cmd
2008-08-20 00:50:35 ----D---- C:\Program Files\Windows Resource Kits
2008-08-20 00:45:25 ----A---- C:\WINDOWS\imsins.BAK
2008-08-17 22:48:19 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-08-17 16:06:35 ----D---- C:\Program Files\PCPitstop
2008-08-17 14:08:01 ----D---- C:\WINDOWS\system32\CatRoot2
2008-08-16 09:30:57 ----D---- C:\Program Files\EsetOnlineScanner
2008-08-16 09:11:09 ----A---- C:\WINDOWS\ntbtlog.txt
2008-08-15 21:29:48 ----D---- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-08-15 07:23:07 ----D---- C:\WINDOWS\erdnt
2008-08-14 23:31:14 ----A---- C:\Program Files\ATF-Cleaner.exe
2008-08-14 12:49:58 ----D---- C:\Program Files\Trend Micro
2008-08-14 09:09:29 ----D---- C:\Documents and Settings\Owner\Application Data\Malwarebytes
2008-08-14 09:07:52 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-14 09:05:24 ----D---- C:\Program Files\Malwarebytes
2008-08-08 22:41:59 ----A---- C:\Program Files\jre-6u7-windows-i586-p-iftw.exe
2008-08-08 07:12:44 ----D---- C:\Documents and Settings\Owner\Application Data\Motive
2008-08-06 20:52:41 ----A---- C:\Program Files\spybotsd160.exe
2008-08-05 22:10:35 ----D---- C:\Documents and Settings\Owner\Application Data\Spyware Terminator
2008-08-04 21:23:29 ----D---- C:\Program Files\New Folder
2008-07-31 11:03:04 ----D---- C:\Program Files\Disney
2008-07-29 23:01:25 ----D---- C:\Documents and Settings\Owner\Application Data\Yahoo!
2008-07-29 19:51:20 ----A---- C:\WINDOWS\system32\wmvdmod.dll
2008-07-29 19:51:20 ----A---- C:\WINDOWS\system32\wmsdmod.dll
2008-07-29 19:51:20 ----A---- C:\WINDOWS\system32\wmadmod.dll
2008-07-29 19:51:20 ----A---- C:\WINDOWS\system32\mpg4dmod.dll
2008-07-29 19:51:19 ----A---- C:\WINDOWS\system32\wmadmoe.dll
2008-07-29 19:51:19 ----A---- C:\WINDOWS\system32\qasf.dll
2008-07-29 19:51:19 ----A---- C:\WINDOWS\system32\logagent.exe
2008-07-29 19:51:19 ----A---- C:\WINDOWS\system32\laprxy.dll
2008-07-29 19:51:18 ----A---- C:\WINDOWS\system32\wmvcore.dll
2008-07-29 19:51:18 ----A---- C:\WINDOWS\system32\wmnetmgr.dll
2008-07-29 19:51:16 ----A---- C:\WINDOWS\system32\wmasf.dll
2008-07-29 19:51:12 ----A---- C:\WINDOWS\system32\msnetobj.dll
2008-07-29 19:51:11 ----A---- C:\WINDOWS\system32\drmv2clt.dll
2008-07-29 19:51:11 ----A---- C:\WINDOWS\system32\blackbox.dll
2008-07-29 19:51:10 ----A---- C:\WINDOWS\system32\drmstor.dll
2008-07-29 19:51:10 ----A---- C:\WINDOWS\system32\drmclien.dll
2008-07-27 17:36:15 ----A---- C:\WINDOWS\system32\iuengine.dll
2008-07-27 17:26:08 ----D---- C:\Documents and Settings\Owner\Application Data\Microsoft Web Folders
2008-07-25 23:31:51 ----D---- C:\Documents and Settings\Owner\Application Data\Aim
2008-07-25 21:56:04 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-07-20 23:33:16 ----D---- C:\TBR5LanguageAct
2008-07-20 23:33:15 ----D---- C:\Languages
2008-07-19 21:36:52 ----D---- C:\Program Files\Crawler
2008-07-19 17:49:17 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-07-19 17:49:05 ----D---- C:\Program Files\Spyware Terminator
2008-07-19 17:46:11 ----A---- C:\Program Files\SpywareTerminatorSetup.exe
2008-07-19 13:33:19 ----HDC---- C:\WINDOWS\$xpsp1hfm$
2008-07-18 17:50:00 ----D---- C:\Documents and Settings\Owner\Application Data\Help
2008-07-17 23:34:19 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll
2008-07-17 23:34:19 ----A---- C:\WINDOWS\system32\ChCfg.exe
2008-07-17 23:34:19 ----A---- C:\WINDOWS\soundman.exe
2008-07-17 23:34:19 ----A---- C:\WINDOWS\Alcxmntr.exe
2008-07-17 23:34:17 ----A---- C:\WINDOWS\system32\RTLCPL.exe
2008-07-17 23:34:17 ----A---- C:\WINDOWS\alcupd.exe
2008-07-17 23:34:17 ----A---- C:\WINDOWS\alcrmv.exe
2008-07-14 11:56:09 ----D---- C:\Program Files\WildGames
2008-07-10 21:25:18 ----D---- C:\Program Files\Coupons
2008-07-10 21:23:17 ----A---- C:\Program Files\CouponPrinter.exe
2008-07-08 07:21:09 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-07-08 07:13:48 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2008-07-08 07:13:42 ----D---- C:\Program Files\NOS
2008-06-30 22:44:13 ----D---- C:\Documents and Settings\Owner\Application Data\ACD Systems
2008-06-30 10:05:28 ----A---- C:\WINDOWS\UNBOC.EXE
2008-06-30 10:05:27 ----A---- C:\WINDOWS\CMDLIC.DLL
2008-06-30 10:05:21 ----D---- C:\Documents and Settings\All Users\Application Data\BOC426
2008-06-30 10:05:17 ----A---- C:\WINDOWS\BOC426.INI
2008-06-29 21:43:28 ----A---- C:\WINDOWS\system32\CavEmLSP.dll
2008-06-29 21:43:14 ----D---- C:\Documents and Settings\All Users\Application Data\Comodo
2008-06-29 21:43:03 ----A---- C:\WINDOWS\system32\MSVCRTD.DLL
2008-06-29 21:43:03 ----A---- C:\WINDOWS\system32\monln.dll
2008-06-29 21:19:23 ----D---- C:\Program Files\Comodo
2008-06-29 20:34:32 ----D---- C:\Program Files\Microsoft Visual Studio
2008-06-29 20:25:20 ----D---- C:\Program Files\OpenOffice
2008-06-29 20:12:35 ----D---- C:\Program Files\Comodo Free
2008-06-27 09:23:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-06-13 13:35:37 ----D---- C:\GradeQuickWeb
2008-06-12 08:03:05 ----A---- C:\WINDOWS\Chutes.ini
2008-06-12 08:02:57 ----D---- C:\Program Files\Hasbro Interactive
2008-06-12 06:57:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-06-12 06:57:45 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2008-06-12 06:57:34 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2008-06-12 06:57:09 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$

 

List of drivers

R1 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2002-05-22 90336]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2002-07-24 82380]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2002-06-19 5589]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2002-06-19 22995]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\system32\System32\drivers\ws2ifsl.sys []
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2002-06-06 40368]
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2002-07-16 23701]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2002-07-16 34805]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2002-07-16 4117]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2002-07-16 2201]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2002-07-16 54900]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2002-07-16 14421]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2002-07-16 6325]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2002-07-16 91156]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2002-07-16 95125]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2002-05-22 69504]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-03-23 95936]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2002-05-22 78045]
R3 ltmodem5;LT Modem Driver; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [2008-04-13 606684]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MxlW2k;MxlW2k; C:\WINDOWS\system32\drivers\MxlW2k.sys [2002-07-24 28164]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-03-09 13780]
R3 Ps2;PS2; C:\WINDOWS\System32\DRIVERS\PS2.sys [2001-06-04 14112]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2002-05-07 493896]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB Root Hub (usbport); C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 37760]
S1 P3;Intel PentiumIII Processor Driver; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-14 42752]
S3 catchme;catchme; \??\C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys []
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 FileObjInfo;STFileDriver; \??\C:\Documents and Settings\All Users\Application Data\Spyware Terminator\FileObjInfo.sys []
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-09-02 85969]
S3 i81x;i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [2001-08-08 158140]
S3 iAimFP0;iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [2001-08-08 12479]
S3 iAimFP1;iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [2001-08-08 12031]
S3 iAimFP2;iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [2001-08-08 11679]
S3 iAimFP3;iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [2001-08-08 11999]
S3 iAimFP4;iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [2001-08-08 19359]
S3 iAimTV0;iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [2001-08-08 29215]
S3 iAimTV1;iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [2001-08-08 19199]
S3 iAimTV3;iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [2001-08-08 33503]
S3 iAimTV4;iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [2001-08-08 23519]
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2002-05-03 931882]
S3 nv4;nv4; C:\WINDOWS\System32\DRIVERS\nv4.sys [2001-08-17 731648]
S3 S3Psddr;S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2002-07-13 155008]
S3 SiS315;SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [2002-04-09 188032]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-14 17152]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

List of services

R2 Comodo Anti-Virus and Anti-Spyware Service;Comodo Anti-Virus and Anti-Spyware Service; C:\Program Files\Comodo\common\CAVASpy\cavasm.exe [2008-07-28 523264]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-07-19 606720]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2002-05-03 61440]

-----------------EOF-----------------

 

During the night, my Comodo virus scan had started up and was partially done scanning. Once again, it is telling me that it has found a virus called:

Backdoor.Win32.Poison.cpb

It's still telling me that the infected file is located at:

C:\documents and settings\owner\desktop\RSIT.exe

I tried to disinfect it and it won't work, so I quarantined it. Is this really a virus on my computer?

As far as the computer, it's been very slow since last week. We're having horrible problems using Explorer and getting on any websites. I've finally found little tricks to work around it. For instance, the only way I can get here to read these forums is by starting Explorer, which automatically opens up to Google, then I type Window BBS in the box. It'll search, and this site comes up first with several selections. I clip on the malware seletion.

If I just use my bookmarks or anything else, I can't get here.

The first window opens up, then a second one automatically, without asking, will open up, and it will be called Internet Explorer or something and it just gets hung up everytime. I have to use control-alt-delete to try and shut them down and start all over again.

I really need to get this thing back to working normal, as school has started and my junior high son needs the computer for homework and projects. Right now I'm working about the little quirks to help him.

The original problem of getting the service packs installed has been solved, by why is all this going on??? Help!

Betsy

 

Again, as noted here, Comodo is flagging the scanner RSIT as infected. Thst is a false detection. RSIT is safe and you should tell Comodo to allow it.

Your logs look fine. Recommend you install Internet Explorer 7 and see how IE acts then. Try creating a new shortcut to windowsBBS and test it.

 

I think I've finally got it. I've been trying to install IE7 since your last message and tonight finally got it to work.

It's restarted and running. I'm shocked at how fast the computer is working. The little quirks in IE that have been coming up for days are now gone.

Everything seems to be fixed. Service packs are installed and computer life is great!

Thank you so much for your help. Any last pieces of advice for me? Stuff I can now remove or anything?

musicteacher
Betsy

 

BTW, a few days ago I was working offline on stuff and so I turned off the virus protection and HIPS Application Control on Comodo. Instantly the computer started acting better and working much faster. That HIPS thing seems to really slow stuff down. Is it something I need?

 

That's great news Betsy!

Post 1 more fresh log from RSIT (remember, do not allow Comodo to block it ) please.

There's a very good HIPS tutorial/FAQ here. Many people want the added security of HIPS and don't mind a bit of performance loss for it. If it is an excessive load on the computer, you might consider uninstalling/re-installing Comodo to see if it straightens out. Otherwise, you'll just have to make an informed decision on your own, after reading the article, as to whether you enable or disable HIPS.

 

Logfile of random's system information tool 1.01 (written by random/random)
Run by Owner at 2008-09-14 13:57:20
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 36 GB (50%) free of 71 GB
Total RAM: 510 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:02:40 PM, on 9/14/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Comodo\common\CAVASpy\cavasm.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\wscntfy.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Comodo\Firewall\cfp.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\Comodo\Comodo AntiVirus\Cavaud.exe
C:\Program Files\Comodo\Comodo AntiVirus\cavemsrv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Owner\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Owner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us6.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us6.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe "
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe "
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [cnfgCav] "C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe "
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\cfp.exe" -h
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 7.0 Tray Icon.lnk = C:\Program Files\America Online 7.0\aoltray.exe
O4 - Global Startup: Exif Launcher.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1219026776889
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1220927516578
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://a.download.toontown.com/sv1.0.34.14/ttinst.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: monln - C:\WINDOWS\SYSTEM32\monln.dll
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Comodo Anti-Virus and Anti-Spyware Service - Comodo Inc. - C:\Program Files\Comodo\common\CAVASpy\cavasm.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 7411 bytes

Scheduled tasks folder

C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#Deskjet#3320.job

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-07-07 1562448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv "=c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
"nwiz "=nwiz.exe /install []
"CamMonitor "=c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe [2002-06-18 69632]
"KBD "=C:\HP\KBD\KBD.EXE [2001-07-07 61440]
"StorageGuard "=C:\Program Files\VERITAS Software\Update Manager\sgtray.exe [2002-05-09 155648]
"dla "=C:\WINDOWS\system32\dla\tfswctrl.exe [2002-07-16 106549]
"Recguard "=C:\WINDOWS\SMINST\RECGUARD.EXE [2001-12-19 212992]
"IgfxTray "=C:\WINDOWS\System32\igfxtray.exe [2002-05-15 155648]
"HotKeysCmds "=C:\WINDOWS\System32\hkcmd.exe [2002-05-15 114688]
"PS2 "=C:\WINDOWS\system32\ps2.exe [2002-06-14 81920]
"HP Software Update "=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe [2003-06-25 49152]
"HP Component Manager "=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-10-23 233472]
"HPDJ Taskbar Utility "=C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe [2003-09-01 176128]
"DeviceDiscovery "=C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-05-21 229437]
"cnfgCav "=C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe [2008-07-28 110592]
"BOC-426 "=C:\WINDOWS\system32\
"KernelFaultCheck "=C:\WINDOWS\system32\dumprep 0 -k []
"COMODO Firewall Pro "=C:\Program Files\Comodo\Firewall\cfp.exe [2008-09-12 1655552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS "=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
America Online 7.0 Tray Icon.lnk - C:\Program Files\America Online 7.0\aoltray.exe
Exif Launcher.lnk - C:\Program Files\FinePixViewer\QuickDCF.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS "=" C:\WINDOWS\system32\guard32.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2002-05-15 307200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\monln]
C:\WINDOWS\system32\monln.dll [2008-07-28 216576]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\Comodo\Comodo AntiVirus\CavEmSrv.exe "= "C:\Program Files\Comodo\Comodo AntiVirus\CavEmSrv.exe:*:Enabled:Comodo AntiVirus Email Proxy Server "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "

List of files/folders created in the last three months

2008-09-14 06:29:11 ----D---- C:\WINDOWS\LastGood
2008-09-12 22:18:01 ----D---- C:\Documents and Settings\Owner\Application Data\Comodo
2008-09-12 22:17:52 ----A---- C:\WINDOWS\system32\guard32.dll
2008-09-11 03:58:42 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-09-11 03:55:08 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-09-11 03:51:31 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-09-11 03:47:22 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-09-11 03:43:27 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-09-11 03:34:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-09-11 03:30:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-09-11 03:26:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-09-11 03:21:49 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2008-09-11 03:17:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-09-11 03:13:11 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-08 21:45:06 ----D---- C:\TBR5LanguageAct
2008-09-04 21:57:36 ----D---- C:\rsit
2008-09-02 20:55:19 ----A---- C:\WINDOWS\gmer.dll
2008-09-01 20:59:35 ----A---- C:\HaxFix.txt
2008-09-01 00:00:27 ----A---- C:\HaxFix.exe
2008-09-01 00:00:25 ----D---- C:\HaxFix
2008-08-30 08:35:29 ----D---- C:\WINDOWS\Prefetch
2008-08-30 08:25:46 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-08-30 08:16:10 ----A---- C:\WINDOWS\setuplog.txt
2008-08-30 08:14:26 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-08-30 08:14:25 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-08-30 08:13:53 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-08-30 08:13:51 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-08-30 08:13:51 ----N---- C:\WINDOWS\system32\azroles.dll
2008-08-30 08:13:50 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-08-30 08:13:50 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-08-30 08:13:50 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-08-30 08:13:50 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-08-30 08:13:50 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-08-30 08:13:50 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-08-30 08:13:50 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-08-30 08:13:50 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-08-30 08:13:50 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-08-30 08:13:50 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-08-30 08:13:50 ----N---- C:\WINDOWS\system32\credssp.dll
2008-08-30 08:13:49 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-08-30 08:13:49 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-08-30 08:13:49 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-08-30 08:13:49 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-08-30 08:13:49 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-08-30 08:13:49 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-08-30 08:13:49 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-08-30 08:13:49 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-08-30 08:13:46 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-08-30 08:13:46 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-08-30 08:13:45 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-08-30 08:13:45 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-08-30 08:13:45 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-08-30 08:13:45 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-08-30 08:13:44 ----N---- C:\WINDOWS\system32\mssha.dll
2008-08-30 08:13:44 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-08-30 08:13:44 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-08-30 08:13:44 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-08-30 08:13:44 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-08-30 08:13:43 ----N---- C:\WINDOWS\system32\onex.dll
2008-08-30 08:13:43 ----N---- C:\WINDOWS\system32\napstat.exe
2008-08-30 08:13:43 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-08-30 08:13:43 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-08-30 08:13:43 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-08-30 08:13:42 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-08-30 08:13:41 ----N---- C:\WINDOWS\system32\setupn.exe
2008-08-30 08:13:41 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-08-30 08:13:41 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-08-30 08:13:41 ----N---- C:\WINDOWS\system32\qutil.dll
2008-08-30 08:13:41 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-08-30 08:13:41 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-08-30 08:13:41 ----N---- C:\WINDOWS\system32\qagent.dll
2008-08-30 08:13:40 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-08-30 08:13:40 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-08-30 08:13:39 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-08-30 08:13:39 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-08-30 08:13:38 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-08-30 08:13:38 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-08-30 08:13:33 ----D---- C:\WINDOWS\system32\scripting
2008-08-30 08:13:30 ----D---- C:\WINDOWS\l2schemas
2008-08-30 08:13:29 ----D---- C:\WINDOWS\system32\en
2008-08-30 08:01:04 ----A---- C:\WINDOWS\006763_.tmp
2008-08-29 05:52:53 ----SHD---- C:\RECYCLER
2008-08-27 22:20:18 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-08-27 21:46:55 ----D---- C:\de90abfdf826684a18d7b9338cb7df
2008-08-27 18:24:41 ----A---- C:\WINDOWS\OEWABLog.txt
2008-08-27 17:54:26 ----A---- C:\WINDOWS\system32\dpcdll.dll
2008-08-27 17:53:37 ----A---- C:\WINDOWS\system32\ati2dvaa.dll
2008-08-27 17:52:22 ----A---- C:\WINDOWS\hh.exe
2008-08-27 17:52:22 ----A---- C:\WINDOWS\explorer.exe
2008-08-27 17:52:21 ----A---- C:\WINDOWS\winhlp32.exe
2008-08-27 17:52:15 ----A---- C:\WINDOWS\system32\adsldp.dll
2008-08-27 17:52:15 ----A---- C:\WINDOWS\system32\6to4svc.dll
2008-08-27 17:52:14 ----A---- C:\WINDOWS\system32\ahui.exe
2008-08-27 17:52:14 ----A---- C:\WINDOWS\system32\advpack.dll
2008-08-27 17:52:14 ----A---- C:\WINDOWS\system32\adsnt.dll
2008-08-27 17:52:14 ----A---- C:\WINDOWS\system32\adsmsext.dll
2008-08-27 17:52:14 ----A---- C:\WINDOWS\system32\adsldpc.dll
2008-08-27 17:52:13 ----A---- C:\WINDOWS\system32\apphelp.dll
2008-08-27 17:52:13 ----A---- C:\WINDOWS\system32\alg.exe
2008-08-27 17:52:12 ----A---- C:\WINDOWS\system32\at.exe
2008-08-27 17:52:12 ----A---- C:\WINDOWS\system32\asferror.dll
2008-08-27 17:52:11 ----A---- C:\WINDOWS\system32\batt.dll
2008-08-27 17:52:11 ----A---- C:\WINDOWS\system32\avifil32.dll
2008-08-27 17:52:11 ----A---- C:\WINDOWS\system32\autolfn.exe
2008-08-27 17:52:11 ----A---- C:\WINDOWS\system32\audiosrv.dll
2008-08-27 17:52:11 ----A---- C:\WINDOWS\system32\atl.dll
2008-08-27 17:52:10 ----A---- C:\WINDOWS\system32\browser.dll
2008-08-27 17:52:10 ----A---- C:\WINDOWS\system32\browselc.dll
2008-08-27 17:52:09 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-08-27 17:52:09 ----A---- C:\WINDOWS\system32\browsewm.dll
2008-08-27 17:52:09 ----A---- C:\WINDOWS\system32\browseui.dll
2008-08-27 17:52:08 ----A---- C:\WINDOWS\system32\cewmdm.dll
2008-08-27 17:52:08 ----A---- C:\WINDOWS\system32\certcli.dll
2008-08-27 17:52:07 ----A---- C:\WINDOWS\system32\clusapi.dll
2008-08-27 17:52:07 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-08-27 17:52:07 ----A---- C:\WINDOWS\system32\ciodm.dll
2008-08-27 17:52:07 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-08-27 17:52:06 ----A---- C:\WINDOWS\system32\compatui.dll
2008-08-27 17:52:06 ----A---- C:\WINDOWS\system32\cmdl32.exe
2008-08-27 17:52:06 ----A---- C:\WINDOWS\system32\cmdial32.dll
2008-08-27 17:52:05 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-08-27 17:52:04 ----A---- C:\WINDOWS\system32\cryptdlg.dll
2008-08-27 17:52:04 ----A---- C:\WINDOWS\system32\crypt32.dll
2008-08-27 17:52:04 ----A---- C:\WINDOWS\system32\credui.dll
2008-08-27 17:52:04 ----A---- C:\WINDOWS\system32\conime.exe
2008-08-27 17:52:03 ----A---- C:\WINDOWS\system32\cryptui.dll
2008-08-27 17:52:03 ----A---- C:\WINDOWS\system32\cryptsvc.dll
2008-08-27 17:52:02 ----A---- C:\WINDOWS\system32\ctfmon.exe
2008-08-27 17:52:02 ----A---- C:\WINDOWS\system32\cscui.dll
2008-08-27 17:52:01 ----A---- C:\WINDOWS\system32\d3d8.dll
2008-08-27 17:52:00 ----A---- C:\WINDOWS\system32\danim.dll
2008-08-27 17:51:59 ----A---- C:\WINDOWS\system32\dbnetlib.dll
2008-08-27 17:51:59 ----A---- C:\WINDOWS\system32\dbmsvinn.dll
2008-08-27 17:51:59 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll
2008-08-27 17:51:59 ----A---- C:\WINDOWS\system32\dbmsadsn.dll
2008-08-27 17:51:58 ----A---- C:\WINDOWS\system32\devmgr.dll
2008-08-27 17:51:58 ----A---- C:\WINDOWS\system32\defrag.exe
2008-08-27 17:51:58 ----A---- C:\WINDOWS\system32\ddraw.dll
2008-08-27 17:51:58 ----A---- C:\WINDOWS\system32\dbnmpntw.dll
2008-08-27 17:51:57 ----A---- C:\WINDOWS\system32\dfrgui.dll
2008-08-27 17:51:57 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
2008-08-27 17:51:57 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2008-08-27 17:51:57 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2008-08-27 17:51:56 ----A---- C:\WINDOWS\system32\dinput8.dll
2008-08-27 17:51:56 ----A---- C:\WINDOWS\system32\dinput.dll
2008-08-27 17:51:56 ----A---- C:\WINDOWS\system32\digest.dll
2008-08-27 17:51:56 ----A---- C:\WINDOWS\system32\dgnet.dll
2008-08-27 17:51:56 ----A---- C:\WINDOWS\system32\dfsshlex.dll
2008-08-27 17:51:55 ----A---- C:\WINDOWS\system32\dmscript.dll
2008-08-27 17:51:55 ----A---- C:\WINDOWS\system32\dmloader.dll
2008-08-27 17:51:55 ----A---- C:\WINDOWS\system32\dmime.dll
2008-08-27 17:51:55 ----A---- C:\WINDOWS\system32\dmcompos.dll
2008-08-27 17:51:55 ----A---- C:\WINDOWS\system32\dmband.dll
2008-08-27 17:51:54 ----A---- C:\WINDOWS\system32\docprop2.dll
2008-08-27 17:51:54 ----A---- C:\WINDOWS\system32\dnsapi.dll
2008-08-27 17:51:54 ----A---- C:\WINDOWS\system32\dmusic.dll
2008-08-27 17:51:54 ----A---- C:\WINDOWS\system32\dmstyle.dll
2008-08-27 17:51:53 ----A---- C:\WINDOWS\system32\dpvoice.dll
2008-08-27 17:51:53 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2008-08-27 17:51:53 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2008-08-27 17:51:53 ----A---- C:\WINDOWS\system32\dpnet.dll
2008-08-27 17:51:52 ----A---- C:\WINDOWS\system32\dsquery.dll
2008-08-27 17:51:52 ----A---- C:\WINDOWS\system32\dsprop.dll
2008-08-27 17:51:52 ----A---- C:\WINDOWS\system32\ds32gt.dll
2008-08-27 17:51:52 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2008-08-27 17:51:52 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2008-08-27 17:51:51 ----A---- C:\WINDOWS\system32\dwwin.exe
2008-08-27 17:51:51 ----A---- C:\WINDOWS\system32\duser.dll
2008-08-27 17:51:51 ----A---- C:\WINDOWS\system32\dumprep.exe
2008-08-27 17:51:51 ----A---- C:\WINDOWS\system32\dssenh.dll
2008-08-27 17:51:50 ----A---- C:\WINDOWS\system32\dxdiag.exe
2008-08-27 17:51:49 ----A---- C:\WINDOWS\system32\dxmasf.dll
2008-08-27 17:51:48 ----A---- C:\WINDOWS\system32\els.dll
2008-08-27 17:51:48 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-08-27 17:51:48 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-08-27 17:51:47 ----A---- C:\WINDOWS\system32\ersvc.dll
2008-08-27 17:51:46 ----A---- C:\WINDOWS\system32\eventlog.dll
2008-08-27 17:51:46 ----A---- C:\WINDOWS\system32\eudcedit.exe
2008-08-27 17:51:46 ----A---- C:\WINDOWS\system32\es.dll
2008-08-27 17:51:45 ----A---- C:\WINDOWS\system32\framebuf.dll
2008-08-27 17:51:45 ----A---- C:\WINDOWS\system32\fontview.exe
2008-08-27 17:51:45 ----A---- C:\WINDOWS\system32\fldrclnr.dll
2008-08-27 17:51:45 ----A---- C:\WINDOWS\system32\faultrep.dll
2008-08-27 17:51:45 ----A---- C:\WINDOWS\system32\expsrv.dll
2008-08-27 17:51:44 ----A---- C:\WINDOWS\system32\fxscomex.dll
2008-08-27 17:51:44 ----A---- C:\WINDOWS\system32\fxsclnt.exe
2008-08-27 17:51:44 ----A---- C:\WINDOWS\system32\fxsapi.dll
2008-08-27 17:51:43 ----A---- C:\WINDOWS\system32\fxsres.dll
2008-08-27 17:51:43 ----A---- C:\WINDOWS\system32\fxsperf.dll
2008-08-27 17:51:43 ----A---- C:\WINDOWS\system32\fxsext32.dll
2008-08-27 17:51:43 ----A---- C:\WINDOWS\system32\fxsdrv.dll
2008-08-27 17:51:43 ----A---- C:\WINDOWS\system32\fxscover.exe
2008-08-27 17:51:42 ----A---- C:\WINDOWS\system32\fxsst.dll
2008-08-27 17:51:41 ----A---- C:\WINDOWS\system32\fxstiff.dll
2008-08-27 17:51:41 ----A---- C:\WINDOWS\system32\fxst30.dll
2008-08-27 17:51:41 ----A---- C:\WINDOWS\system32\fxssvc.exe
2008-08-27 17:51:40 ----A---- C:\WINDOWS\system32\fxswzrd.dll
2008-08-27 17:51:40 ----A---- C:\WINDOWS\system32\fxsui.dll
2008-08-27 17:51:39 ----A---- C:\WINDOWS\system32\hhsetup.dll
2008-08-27 17:51:39 ----A---- C:\WINDOWS\system32\fxsxp32.dll
2008-08-27 17:51:38 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-08-27 17:51:38 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2008-08-27 17:51:37 ----N---- C:\WINDOWS\system32\ieakeng.dll
2008-08-27 17:51:37 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2008-08-27 17:51:37 ----A---- C:\WINDOWS\system32\idq.dll
2008-08-27 17:51:37 ----A---- C:\WINDOWS\system32\icm32.dll
2008-08-27 17:51:36 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2008-08-27 17:51:36 ----N---- C:\WINDOWS\system32\ieaksie.dll
2008-08-27 17:51:36 ----A---- C:\WINDOWS\system32\iesetup.dll
2008-08-27 17:51:36 ----A---- C:\WINDOWS\system32\iepeers.dll
2008-08-27 17:51:35 ----A---- C:\WINDOWS\system32\imgutil.dll
2008-08-27 17:51:35 ----A---- C:\WINDOWS\system32\imeshare.dll

 

2008-08-27 17:51:35 ----A---- C:\WINDOWS\system32\imapi.exe
2008-08-27 17:51:35 ----A---- C:\WINDOWS\system32\ils.dll
2008-08-27 17:51:34 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-08-27 17:51:34 ----A---- C:\WINDOWS\system32\imm32.dll
2008-08-27 17:51:33 ----A---- C:\WINDOWS\system32\inseng.dll
2008-08-27 17:51:33 ----A---- C:\WINDOWS\system32\input.dll
2008-08-27 17:51:32 ----A---- C:\WINDOWS\system32\iphlpapi.dll
2008-08-27 17:51:32 ----A---- C:\WINDOWS\system32\ipconfig.exe
2008-08-27 17:51:31 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
2008-08-27 17:51:31 ----A---- C:\WINDOWS\system32\ippromon.dll
2008-08-27 17:51:31 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2008-08-27 17:51:30 ----A---- C:\WINDOWS\system32\itss.dll
2008-08-27 17:51:30 ----A---- C:\WINDOWS\system32\itircl.dll
2008-08-27 17:51:30 ----A---- C:\WINDOWS\system32\ipv6mon.dll
2008-08-27 17:51:30 ----A---- C:\WINDOWS\system32\ipv6.exe
2008-08-27 17:51:29 ----A---- C:\WINDOWS\system32\kd1394.dll
2008-08-27 17:51:29 ----A---- C:\WINDOWS\system32\ixsso.dll
2008-08-27 17:51:28 ----A---- C:\WINDOWS\system32\kerberos.dll
2008-08-27 17:51:27 ----A---- C:\WINDOWS\system32\lmrt.dll
2008-08-27 17:51:27 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-08-27 17:51:27 ----A---- C:\WINDOWS\system32\licmgr10.dll
2008-08-27 17:51:26 ----A---- C:\WINDOWS\system32\logonui.exe
2008-08-27 17:51:26 ----A---- C:\WINDOWS\system32\localui.dll
2008-08-27 17:51:25 ----A---- C:\WINDOWS\system32\mindex.dll
2008-08-27 17:51:24 ----A---- C:\WINDOWS\system32\mobsync.dll
2008-08-27 17:51:24 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-08-27 17:51:24 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2008-08-27 17:51:23 ----A---- C:\WINDOWS\system32\moricons.dll
2008-08-27 17:51:22 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-08-27 17:51:21 ----A---- C:\WINDOWS\system32\msctf.dll
2008-08-27 17:51:21 ----A---- C:\WINDOWS\system32\mscpx32r.dll
2008-08-27 17:51:21 ----A---- C:\WINDOWS\system32\msconf.dll
2008-08-27 17:51:21 ----A---- C:\WINDOWS\system32\mscms.dll
2008-08-27 17:51:20 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-08-27 17:51:20 ----A---- C:\WINDOWS\system32\msdart.dll
2008-08-27 17:51:20 ----A---- C:\WINDOWS\system32\msctfp.dll
2008-08-27 17:51:19 ----A---- C:\WINDOWS\system32\msdxmlc.dll
2008-08-27 17:51:18 ----A---- C:\WINDOWS\system32\msexch40.dll
2008-08-27 17:51:17 ----A---- C:\WINDOWS\system32\msexcl40.dll
2008-08-27 17:51:15 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-27 17:51:14 ----A---- C:\WINDOWS\system32\msieftp.dll
2008-08-27 17:51:14 ----A---- C:\WINDOWS\system32\mshtmler.dll
2008-08-27 17:51:14 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-08-27 17:51:13 ----A---- C:\WINDOWS\system32\msimtf.dll
2008-08-27 17:51:13 ----A---- C:\WINDOWS\system32\msimg32.dll
2008-08-27 17:51:12 ----A---- C:\WINDOWS\system32\msisam11.dll
2008-08-27 17:51:11 ----A---- C:\WINDOWS\system32\mslbui.dll
2008-08-27 17:51:11 ----A---- C:\WINDOWS\system32\msjtes40.dll
2008-08-27 17:51:11 ----A---- C:\WINDOWS\system32\msjetoledb40.dll
2008-08-27 17:51:11 ----A---- C:\WINDOWS\system32\msjet40.dll
2008-08-27 17:51:10 ----A---- C:\WINDOWS\system32\msorcl32.dll
2008-08-27 17:51:10 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-08-27 17:51:10 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-08-27 17:51:10 ----A---- C:\WINDOWS\system32\msnsspc.dll
2008-08-27 17:51:10 ----A---- C:\WINDOWS\system32\msltus40.dll
2008-08-27 17:51:09 ----A---- C:\WINDOWS\system32\mspmsp.dll
2008-08-27 17:51:09 ----A---- C:\WINDOWS\system32\mspbde40.dll
2008-08-27 17:51:09 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-08-27 17:51:08 ----N---- C:\WINDOWS\system32\msrating.dll
2008-08-27 17:51:08 ----A---- C:\WINDOWS\system32\msrd2x40.dll
2008-08-27 17:51:07 ----A---- C:\WINDOWS\system32\msscp.dll
2008-08-27 17:51:07 ----A---- C:\WINDOWS\system32\msrle32.dll
2008-08-27 17:51:07 ----A---- C:\WINDOWS\system32\msrepl40.dll
2008-08-27 17:51:06 ----N---- C:\WINDOWS\system32\mstime.dll
2008-08-27 17:51:06 ----A---- C:\WINDOWS\system32\mstext40.dll
2008-08-27 17:51:06 ----A---- C:\WINDOWS\system32\mstask.dll
2008-08-27 17:51:05 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-08-27 17:51:05 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-08-27 17:51:05 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-08-27 17:51:04 ----A---- C:\WINDOWS\system32\msvcp60.dll
2008-08-27 17:51:04 ----A---- C:\WINDOWS\system32\msutb.dll
2008-08-27 17:51:04 ----A---- C:\WINDOWS\system32\msuni11.dll
2008-08-27 17:51:03 ----A---- C:\WINDOWS\system32\msvidctl.dll
2008-08-27 17:51:03 ----A---- C:\WINDOWS\system32\msvfw32.dll
2008-08-27 17:51:03 ----A---- C:\WINDOWS\system32\msvcrt.dll
2008-08-27 17:51:02 ----A---- C:\WINDOWS\system32\msxbde40.dll
2008-08-27 17:51:02 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2008-08-27 17:51:01 ----A---- C:\WINDOWS\system32\msxml3.dll
2008-08-27 17:51:01 ----A---- C:\WINDOWS\system32\msxml2.dll
2008-08-27 17:51:00 ----A---- C:\WINDOWS\system32\net1.exe
2008-08-27 17:51:00 ----A---- C:\WINDOWS\system32\net.exe
2008-08-27 17:51:00 ----A---- C:\WINDOWS\system32\nddenb32.dll
2008-08-27 17:51:00 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2008-08-27 17:50:59 ----A---- C:\WINDOWS\system32\netdde.exe
2008-08-27 17:50:59 ----A---- C:\WINDOWS\system32\netcfgx.dll
2008-08-27 17:50:59 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-08-27 17:50:58 ----A---- C:\WINDOWS\system32\netman.dll
2008-08-27 17:50:58 ----A---- C:\WINDOWS\system32\netlogon.dll
2008-08-27 17:50:57 ----A---- C:\WINDOWS\system32\netplwiz.dll
2008-08-27 17:50:56 ----A---- C:\WINDOWS\system32\netshell.dll
2008-08-27 17:50:55 ----A---- C:\WINDOWS\system32\ntlanman.dll
2008-08-27 17:50:55 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-08-27 17:50:55 ----A---- C:\WINDOWS\system32\nlhtml.dll
2008-08-27 17:50:55 ----A---- C:\WINDOWS\system32\newdev.dll
2008-08-27 17:50:54 ----A---- C:\WINDOWS\system32\ntmssvc.dll
2008-08-27 17:50:54 ----A---- C:\WINDOWS\system32\ntmsdba.dll
2008-08-27 17:50:54 ----A---- C:\WINDOWS\system32\ntmsapi.dll
2008-08-27 17:50:54 ----A---- C:\WINDOWS\system32\ntmarta.dll
2008-08-27 17:50:53 ----A---- C:\WINDOWS\system32\odbc32.dll
2008-08-27 17:50:53 ----A---- C:\WINDOWS\system32\oakley.dll
2008-08-27 17:50:53 ----A---- C:\WINDOWS\system32\ntshrui.dll
2008-08-27 17:50:52 ----A---- C:\WINDOWS\system32\odbccp32.dll
2008-08-27 17:50:52 ----A---- C:\WINDOWS\system32\odbcconf.exe
2008-08-27 17:50:52 ----A---- C:\WINDOWS\system32\odbcconf.dll
2008-08-27 17:50:52 ----A---- C:\WINDOWS\system32\odbcbcp.dll
2008-08-27 17:50:52 ----A---- C:\WINDOWS\system32\odbcad32.exe
2008-08-27 17:50:52 ----A---- C:\WINDOWS\system32\odbc32gt.dll
2008-08-27 17:50:51 ----A---- C:\WINDOWS\system32\offfilt.dll
2008-08-27 17:50:51 ----A---- C:\WINDOWS\system32\odbctrac.dll
2008-08-27 17:50:51 ----A---- C:\WINDOWS\system32\odbcp32r.dll
2008-08-27 17:50:51 ----A---- C:\WINDOWS\system32\odbccu32.dll
2008-08-27 17:50:51 ----A---- C:\WINDOWS\system32\odbccr32.dll
2008-08-27 17:50:50 ----A---- C:\WINDOWS\system32\oleprn.dll
2008-08-27 17:50:50 ----A---- C:\WINDOWS\system32\ole32.dll
2008-08-27 17:50:49 ----A---- C:\WINDOWS\system32\packager.exe
2008-08-27 17:50:49 ----A---- C:\WINDOWS\system32\osk.exe
2008-08-27 17:50:49 ----A---- C:\WINDOWS\system32\opengl32.dll
2008-08-27 17:50:48 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-08-27 17:50:48 ----A---- C:\WINDOWS\system32\ping.exe
2008-08-27 17:50:48 ----A---- C:\WINDOWS\system32\pdh.dll
2008-08-27 17:50:48 ----A---- C:\WINDOWS\system32\pautoenr.dll
2008-08-27 17:50:47 ----A---- C:\WINDOWS\system32\qcap.dll
2008-08-27 17:50:47 ----A---- C:\WINDOWS\system32\psbase.dll
2008-08-27 17:50:47 ----A---- C:\WINDOWS\system32\psapi.dll
2008-08-27 17:50:46 ----A---- C:\WINDOWS\system32\qdvd.dll
2008-08-27 17:50:45 ----A---- C:\WINDOWS\system32\quartz.dll
2008-08-27 17:50:45 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-08-27 17:50:45 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-08-27 17:50:45 ----A---- C:\WINDOWS\system32\qedit.dll
2008-08-27 17:50:44 ----A---- C:\WINDOWS\system32\query.dll
2008-08-27 17:50:43 ----A---- C:\WINDOWS\system32\rassapi.dll
2008-08-27 17:50:43 ----A---- C:\WINDOWS\system32\rasppp.dll
2008-08-27 17:50:43 ----A---- C:\WINDOWS\system32\rasmans.dll
2008-08-27 17:50:43 ----A---- C:\WINDOWS\system32\raschap.dll
2008-08-27 17:50:42 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-08-27 17:50:42 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-08-27 17:50:42 ----A---- C:\WINDOWS\system32\rcimlby.exe
2008-08-27 17:50:42 ----A---- C:\WINDOWS\system32\rastls.dll
2008-08-27 17:50:41 ----A---- C:\WINDOWS\system32\reg.exe
2008-08-27 17:50:41 ----A---- C:\WINDOWS\system32\redir.exe
2008-08-27 17:50:41 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-08-27 17:50:41 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-08-27 17:50:41 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-08-27 17:50:41 ----A---- C:\WINDOWS\system32\rdpdd.dll
2008-08-27 17:50:40 ----A---- C:\WINDOWS\system32\riched20.dll
2008-08-27 17:50:40 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-08-27 17:50:40 ----A---- C:\WINDOWS\system32\regapi.dll
2008-08-27 17:50:39 ----A---- C:\WINDOWS\system32\rpcss.dll
2008-08-27 17:50:39 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2008-08-27 17:50:38 ----A---- C:\WINDOWS\system32\runonce.exe
2008-08-27 17:50:38 ----A---- C:\WINDOWS\system32\rtcshare.exe
2008-08-27 17:50:38 ----A---- C:\WINDOWS\system32\rsaenh.dll
2008-08-27 17:50:37 ----A---- C:\WINDOWS\system32\scecli.dll
2008-08-27 17:50:37 ----A---- C:\WINDOWS\system32\sccsccp.dll
2008-08-27 17:50:37 ----A---- C:\WINDOWS\system32\sccbase.dll
2008-08-27 17:50:36 ----A---- C:\WINDOWS\system32\sdbinst.exe
2008-08-27 17:50:36 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-08-27 17:50:36 ----A---- C:\WINDOWS\system32\scesrv.dll
2008-08-27 17:50:35 ----A---- C:\WINDOWS\system32\sfc_os.dll
2008-08-27 17:50:35 ----A---- C:\WINDOWS\system32\setup.exe
2008-08-27 17:50:35 ----A---- C:\WINDOWS\system32\sensapi.dll
2008-08-27 17:50:35 ----A---- C:\WINDOWS\system32\sens.dll
2008-08-27 17:50:35 ----A---- C:\WINDOWS\system32\secur32.dll
2008-08-27 17:50:34 ----A---- C:\WINDOWS\system32\sfcfiles.dll
2008-08-27 17:50:33 ----A---- C:\WINDOWS\system32\shdocvw.dll
2008-08-27 17:50:29 ----A---- C:\WINDOWS\system32\shimeng.dll
2008-08-27 17:50:29 ----A---- C:\WINDOWS\system32\shgina.dll
2008-08-27 17:50:29 ----A---- C:\WINDOWS\system32\shfolder.dll
2008-08-27 17:50:29 ----A---- C:\WINDOWS\system32\shell32.dll
2008-08-27 17:50:28 ----A---- C:\WINDOWS\system32\shsvcs.dll
2008-08-27 17:50:28 ----A---- C:\WINDOWS\system32\shmgrate.exe
2008-08-27 17:50:28 ----A---- C:\WINDOWS\system32\shlwapi.dll
2008-08-27 17:50:28 ----A---- C:\WINDOWS\system32\shimgvw.dll
2008-08-27 17:50:27 ----A---- C:\WINDOWS\system32\slayerxp.dll
2008-08-27 17:50:27 ----A---- C:\WINDOWS\system32\skeys.exe
2008-08-27 17:50:27 ----A---- C:\WINDOWS\system32\sigverif.exe
2008-08-27 17:50:27 ----A---- C:\WINDOWS\system32\sigtab.dll
2008-08-27 17:50:26 ----A---- C:\WINDOWS\system32\snmpapi.dll
2008-08-27 17:50:26 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2008-08-27 17:50:26 ----A---- C:\WINDOWS\system32\smlogcfg.dll
2008-08-27 17:50:25 ----A---- C:\WINDOWS\system32\spoolss.dll
2008-08-27 17:50:25 ----A---- C:\WINDOWS\system32\spider.exe
2008-08-27 17:50:24 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-08-27 17:50:24 ----A---- C:\WINDOWS\system32\srclient.dll
2008-08-27 17:50:24 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2008-08-27 17:50:23 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-08-27 17:50:22 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2008-08-27 17:50:21 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2008-08-27 17:50:19 ----A---- C:\WINDOWS\system32\stobject.dll
2008-08-27 17:50:19 ----A---- C:\WINDOWS\system32\sti_ci.dll
2008-08-27 17:50:19 ----A---- C:\WINDOWS\system32\sti.dll
2008-08-27 17:50:18 ----A---- C:\WINDOWS\system32\sxs.dll
2008-08-27 17:50:18 ----A---- C:\WINDOWS\system32\strmdll.dll
2008-08-27 17:50:17 ----A---- C:\WINDOWS\system32\tapisrv.dll
2008-08-27 17:50:17 ----A---- C:\WINDOWS\system32\tapi32.dll
2008-08-27 17:50:16 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-08-27 17:50:16 ----A---- C:\WINDOWS\system32\taskmgr.exe
2008-08-27 17:50:15 ----A---- C:\WINDOWS\system32\udhisapi.dll
2008-08-27 17:50:15 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-08-27 17:50:15 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-08-27 17:50:15 ----A---- C:\WINDOWS\system32\trkwks.dll
2008-08-27 17:50:15 ----A---- C:\WINDOWS\system32\tracert.exe
2008-08-27 17:50:15 ----A---- C:\WINDOWS\system32\themeui.dll
2008-08-27 17:50:14 ----A---- C:\WINDOWS\system32\upnp.dll
2008-08-27 17:50:14 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2008-08-27 17:50:14 ----A---- C:\WINDOWS\system32\umandlg.dll
2008-08-27 17:50:13 ----A---- C:\WINDOWS\system32\url.dll
2008-08-27 17:50:13 ----A---- C:\WINDOWS\system32\ups.exe
2008-08-27 17:50:13 ----A---- C:\WINDOWS\system32\upnpui.dll
2008-08-27 17:50:13 ----A---- C:\WINDOWS\system32\upnphost.dll
2008-08-27 17:50:12 ----A---- C:\WINDOWS\system32\utilman.exe
2008-08-27 17:50:12 ----A---- C:\WINDOWS\system32\usp10.dll
2008-08-27 17:50:12 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-27 17:50:11 ----A---- C:\WINDOWS\system32\uxtheme.dll
2008-08-27 17:50:10 ----A---- C:\WINDOWS\system32\vssapi.dll
2008-08-27 17:50:10 ----A---- C:\WINDOWS\system32\vdmredir.dll
2008-08-27 17:50:10 ----A---- C:\WINDOWS\system32\vbscript.dll
2008-08-27 17:50:09 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-08-27 17:50:09 ----A---- C:\WINDOWS\system32\w32time.dll
2008-08-27 17:50:08 ----A---- C:\WINDOWS\system32\webclnt.dll
2008-08-27 17:50:07 ----A---- C:\WINDOWS\system32\wiadss.dll
2008-08-27 17:50:07 ----A---- C:\WINDOWS\system32\wextract.exe
2008-08-27 17:50:07 ----A---- C:\WINDOWS\system32\webvw.dll
2008-08-27 17:50:06 ----A---- C:\WINDOWS\system32\wiaservc.dll
2008-08-27 17:50:05 ----A---- C:\WINDOWS\system32\winsta.dll
2008-08-27 17:50:05 ----A---- C:\WINDOWS\system32\winmm.dll
2008-08-27 17:50:05 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-27 17:50:04 ----A---- C:\WINDOWS\system32\wmerrenu.dll
2008-08-27 17:50:04 ----A---- C:\WINDOWS\system32\wlnotify.dll
2008-08-27 17:50:04 ----A---- C:\WINDOWS\system32\wldap32.dll
2008-08-27 17:50:03 ----A---- C:\WINDOWS\system32\wmpcd.dll
2008-08-27 17:50:02 ----A---- C:\WINDOWS\system32\wmpcore.dll
2008-08-27 17:50:01 ----A---- C:\WINDOWS\system32\wmpshell.dll
2008-08-27 17:50:01 ----A---- C:\WINDOWS\system32\wmploc.dll
2008-08-27 17:50:00 ----A---- C:\WINDOWS\system32\wmpstub.exe
2008-08-27 17:49:59 ----A---- C:\WINDOWS\system32\wmstream.dll
2008-08-27 17:49:59 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2008-08-27 17:49:59 ----A---- C:\WINDOWS\system32\wmpui.dll
2008-08-27 17:49:58 ----A---- C:\WINDOWS\system32\wmv8dmod.dll
2008-08-27 17:49:57 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2008-08-27 17:49:57 ----A---- C:\WINDOWS\system32\wship6.dll
2008-08-27 17:49:57 ----A---- C:\WINDOWS\system32\wow32.dll
2008-08-27 17:49:57 ----A---- C:\WINDOWS\system32\wmvdmoe.dll
2008-08-27 17:49:56 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2008-08-27 17:49:56 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-08-27 17:49:56 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2008-08-27 17:49:51 ----A---- C:\WINDOWS\system32\xenroll.dll
2008-08-27 17:49:51 ----A---- C:\WINDOWS\system32\xactsrv.dll
2008-08-27 17:49:50 ----A---- C:\WINDOWS\system32\zipfldr.dll
2008-08-27 17:49:50 ----A---- C:\WINDOWS\system32\HAL.DLL
2008-08-26 19:47:53 ----D---- C:\WINDOWS\temp
2008-08-23 11:36:32 ----A---- C:\WINDOWS\gmer.ini
2008-08-23 11:35:14 ----RA---- C:\WINDOWS\gmer.exe
2008-08-23 11:35:14 ----A---- C:\WINDOWS\gmer_uninstall.cmd
2008-08-20 00:50:35 ----D---- C:\Program Files\Windows Resource Kits
2008-08-20 00:45:25 ----A---- C:\WINDOWS\imsins.BAK
2008-08-17 22:48:19 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-08-17 16:06:35 ----D---- C:\Program Files\PCPitstop
2008-08-17 14:08:01 ----D---- C:\WINDOWS\system32\CatRoot2
2008-08-16 09:11:09 ----A---- C:\WINDOWS\ntbtlog.txt
2008-08-15 21:29:48 ----D---- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-08-15 07:23:07 ----D---- C:\WINDOWS\erdnt
2008-08-14 23:31:14 ----A---- C:\Program Files\ATF-Cleaner.exe
2008-08-14 12:49:58 ----D---- C:\Program Files\Trend Micro
2008-08-14 09:09:29 ----D---- C:\Documents and Settings\Owner\Application Data\Malwarebytes
2008-08-14 09:07:52 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-14 09:05:24 ----D---- C:\Program Files\Malwarebytes
2008-08-08 22:41:59 ----A---- C:\Program Files\jre-6u7-windows-i586-p-iftw.exe
2008-08-08 07:12:44 ----D---- C:\Documents and Settings\Owner\Application Data\Motive
2008-08-06 20:52:41 ----A---- C:\Program Files\spybotsd160.exe
2008-08-05 22:10:35 ----D---- C:\Documents and Settings\Owner\Application Data\Spyware Terminator
2008-08-04 21:23:29 ----D---- C:\Program Files\New Folder
2008-07-31 11:03:04 ----D---- C:\Program Files\Disney
2008-07-29 23:01:25 ----D---- C:\Documents and Settings\Owner\Application Data\Yahoo!
2008-07-29 19:51:20 ----A---- C:\WINDOWS\system32\wmvdmod.dll
2008-07-29 19:51:20 ----A---- C:\WINDOWS\system32\wmsdmod.dll
2008-07-29 19:51:20 ----A---- C:\WINDOWS\system32\wmadmod.dll
2008-07-29 19:51:20 ----A---- C:\WINDOWS\system32\mpg4dmod.dll
2008-07-29 19:51:19 ----A---- C:\WINDOWS\system32\wmadmoe.dll
2008-07-29 19:51:19 ----A---- C:\WINDOWS\system32\qasf.dll
2008-07-29 19:51:19 ----A---- C:\WINDOWS\system32\logagent.exe
2008-07-29 19:51:19 ----A---- C:\WINDOWS\system32\laprxy.dll
2008-07-29 19:51:18 ----A---- C:\WINDOWS\system32\wmvcore.dll
2008-07-29 19:51:18 ----A---- C:\WINDOWS\system32\wmnetmgr.dll
2008-07-29 19:51:16 ----A---- C:\WINDOWS\system32\wmasf.dll
2008-07-29 19:51:12 ----A---- C:\WINDOWS\system32\msnetobj.dll
2008-07-29 19:51:11 ----A---- C:\WINDOWS\system32\drmv2clt.dll
2008-07-29 19:51:11 ----A---- C:\WINDOWS\system32\blackbox.dll
2008-07-29 19:51:10 ----A---- C:\WINDOWS\system32\drmstor.dll
2008-07-29 19:51:10 ----A---- C:\WINDOWS\system32\drmclien.dll
2008-07-27 17:36:15 ----A---- C:\WINDOWS\system32\iuengine.dll
2008-07-27 17:26:08 ----D---- C:\Documents and Settings\Owner\Application Data\Microsoft Web Folders
2008-07-25 23:31:51 ----D---- C:\Documents and Settings\Owner\Application Data\Aim
2008-07-25 21:56:04 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-07-20 23:33:15 ----D---- C:\Languages
2008-07-19 21:36:52 ----D---- C:\Program Files\Crawler
2008-07-19 17:49:17 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-07-19 17:49:05 ----D---- C:\Program Files\Spyware Terminator
2008-07-19 17:46:11 ----A---- C:\Program Files\SpywareTerminatorSetup.exe
2008-07-19 13:33:19 ----HDC---- C:\WINDOWS\$xpsp1hfm$
2008-07-18 17:50:00 ----D---- C:\Documents and Settings\Owner\Application Data\Help
2008-07-17 23:34:19 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll
2008-07-17 23:34:19 ----A---- C:\WINDOWS\system32\ChCfg.exe
2008-07-17 23:34:19 ----A---- C:\WINDOWS\soundman.exe
2008-07-17 23:34:19 ----A---- C:\WINDOWS\Alcxmntr.exe
2008-07-17 23:34:17 ----A---- C:\WINDOWS\system32\RTLCPL.exe
2008-07-17 23:34:17 ----A---- C:\WINDOWS\alcupd.exe
2008-07-17 23:34:17 ----A---- C:\WINDOWS\alcrmv.exe
2008-07-14 11:56:09 ----D---- C:\Program Files\WildGames
2008-07-10 21:25:18 ----D---- C:\Program Files\Coupons
2008-07-10 21:23:17 ----A---- C:\Program Files\CouponPrinter.exe
2008-07-08 07:21:09 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-07-08 07:13:48 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2008-07-08 07:13:42 ----D---- C:\Program Files\NOS
2008-06-30 22:44:13 ----D---- C:\Documents and Settings\Owner\Application Data\ACD Systems
2008-06-30 10:05:28 ----A---- C:\WINDOWS\UNBOC.EXE
2008-06-30 10:05:27 ----A---- C:\WINDOWS\CMDLIC.DLL
2008-06-30 10:05:21 ----D---- C:\Documents and Settings\All Users\Application Data\BOC426
2008-06-30 10:05:17 ----A---- C:\WINDOWS\BOC426.INI
2008-06-29 21:43:28 ----A---- C:\WINDOWS\system32\CavEmLSP.dll
2008-06-29 21:43:14 ----D---- C:\Documents and Settings\All Users\Application Data\Comodo
2008-06-29 21:43:03 ----A---- C:\WINDOWS\system32\MSVCRTD.DLL
2008-06-29 21:43:03 ----A---- C:\WINDOWS\system32\monln.dll
2008-06-29 21:19:23 ----D---- C:\Program Files\Comodo
2008-06-29 20:34:32 ----D---- C:\Program Files\Microsoft Visual Studio
2008-06-29 20:25:20 ----D---- C:\Program Files\OpenOffice
2008-06-29 20:12:35 ----D---- C:\Program Files\Comodo Free
2008-06-27 09:23:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$

List of drivers

R1 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2002-05-22 90336]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2004-10-07 35840]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2008-09-12 87056]
R1 cmdHlp;COMODO Firewall Pro Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2008-09-12 24208]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2002-06-19 5589]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2002-06-19 22995]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-18 12032]
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2002-06-06 40368]
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2002-07-16 23701]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2002-07-16 34805]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2002-07-16 4117]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2002-07-16 2201]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2002-07-16 54900]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2002-07-16 14421]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2002-07-16 6325]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2002-07-16 91156]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2002-07-16 95125]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2002-05-22 69504]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-03-23 95936]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2002-05-22 78045]
R3 ltmodem5;LT Modem Driver; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [2008-04-13 606684]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MxlW2k;MxlW2k; C:\WINDOWS\system32\drivers\MxlW2k.sys [2002-07-24 28164]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-03-09 13780]
R3 Ps2;PS2; C:\WINDOWS\System32\DRIVERS\PS2.sys [2001-06-04 14112]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2002-05-07 493896]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB Root Hub (usbport); C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 37760]
S1 P3;Intel PentiumIII Processor Driver; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-14 42752]
S3 catchme;catchme; \??\C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys []
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 FileObjInfo;STFileDriver; \??\C:\Documents and Settings\All Users\Application Data\Spyware Terminator\FileObjInfo.sys []
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-09-02 85969]
S3 i81x;i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [2001-08-08 158140]
S3 iAimFP0;iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [2001-08-08 12479]
S3 iAimFP1;iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [2001-08-08 12031]
S3 iAimFP2;iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [2001-08-08 11679]
S3 iAimFP3;iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [2001-08-08 11999]
S3 iAimFP4;iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [2001-08-08 19359]
S3 iAimTV0;iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [2001-08-08 29215]
S3 iAimTV1;iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [2001-08-08 19199]
S3 iAimTV3;iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [2001-08-08 33503]
S3 iAimTV4;iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [2001-08-08 23519]
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2002-05-03 931882]
S3 nv4;nv4; C:\WINDOWS\System32\DRIVERS\nv4.sys [2001-08-17 731648]
S3 S3Psddr;S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2002-07-13 155008]
S3 SiS315;SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [2002-04-09 188032]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-14 17152]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

List of services

R2 cmdAgent;COMODO Firewall Pro Helper Service; C:\Program Files\Comodo\Firewall\cmdagent.exe [2008-09-12 519936]
R2 Comodo Anti-Virus and Anti-Spyware Service;Comodo Anti-Virus and Anti-Spyware Service; C:\Program Files\Comodo\common\CAVASpy\cavasm.exe [2008-07-28 523264]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-07-19 606720]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2002-05-03 61440]

-----------------EOF-----------------

 

Remove the following files and folders.

C:\HaxFix.txt
C:\HaxFix.exe
C:\HaxFix
C:\rsit
RSIT.exe on the desktop
C:\Program Files\jre-6u7-windows-i586-p-iftw.exe

Click Start>Run and paste in the following command.

C:\WINDOWS\gmer_uninstall.cmd

Then repeat with this command.

sc delete catchme

You can also remove any other files downloaded, like the service pack setup files, subinacl installer, etc, as well as any logs we created.
Empty the recycle bin when done, then reboot.

That should wrap things up.