Avast antivirus won't start after reboot

I reset my PC last night and now Avast antivirus won’t run. I have a red cross over the orange icon in my tray. Task Mng doesn’t show any Avast processes. Tried to “Open” and “Run as” but in both cases I get “Program not responding”. Update from Control Panel did not helped. I am running Win xp pro and Avast antivirus version 5.0.594. Please advice. Thanks, Mirek

Try avast repair and reboot

For a repair of avast. Windows, Add Remove programs, select ‘avast! Anti-Virus,’ click the Change/Remove button from the pop-up window, scroll down to Repair, click next and follow.

may you have malwares disable avast!,so do the following to ensure your system is clean
1.clear your temp files:http://www.piriform.com/ccleaner
2.do a dr.web cure it scan:http://www.freedrweb.com/cureit/?lng=en
3.scan your system for rootkits:http://www.usec.at/rootkit.html
4.scan with mbam:http://www.malwarebytes.org/mbam.php
5.post a Hijack Hunter log in this topic:http://www.novirusthanks.org/products/hijack-hunter/
6.wait until we help you and make a threat killer script for you

Pondus,
Thanks for the idea but that did not helped either. Will try suggestion from Superhacker.

Due to a post size limitation, I have to post several messages with the logs.

I ran all the programs suggested above.
No viruses found. USEC Radix have to run separate scan of Hidden Files. Found and deleted 2 recipe files. After that PC locked up so I did have to do hard reset. Malwarebytes did not find anything. Here is the Hijack Hunter log.

Thanks for advice.

Mirek

Hijack Hunter 1.8.2.0
http://www.novirusthanks.org
Log created on 7/6/2010 at 7:36:05 PM

[+] Generic system info

Operating System: Microsoft Windows XP Service Pack 3 32-bit OS
Build Version: 2600.xpsp_sp3_gdr.090804-1435
Internet Explorer: 7.0.5730.13
System Folder: C:\WINDOWS\system32

[+] Running processes

C:\WINDOWS\system32\ZoneLabs\vsmon.exe (2435592 bytes) (Check Point Software Technologies
LTD) (1/7/2009 10:23:07 AM) (–A-) (589a8b75fd731f8e186292275f3f3692)
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (1029456 bytes) (Lavasoft) (1/18/2009
3:34:37 PM) (–A-) (b30f37242dd1c640dd5c770ff5b378ae)
C:\WINDOWS\system32\DRIVERS\dcfssvc.exe (126526 bytes) (Eastman Kodak Company) (12/25/2008
3:03:02 PM) (–A-) (9fbcc5c671011e406941f5d2008bea87)
C:\Program Files\Common Files\LightScribe\LSSrvc.exe (73728 bytes) (Hewlett-Packard Company)
(2/26/2008 4:13:22 PM) (–A-) (984ecb68ed2a2b2e6a544e87e24fba2d)
C:\Program Files\KODAK\KODAK Picture Transfer Software\PTSsvc.exe (36864 bytes) (Unknown)
(10/29/2005 3:33:08 PM) (----) (e1855061710a925032249539f3f1a73d)
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (524632 bytes) (Lavasoft) (1/18/2009 3:34:48
PM) (–A-) (6f8f0ef862c6f67a09674620b7f5f418)
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe (2837864 bytes) (AVAST Software) (6/18/2010 1:54:53
PM) (–A-) (38ae7a942fc3fab1c6a27eb65de8f827)
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (1043968 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:37 AM) (–A-) (0d2f62c6e2e9bd508f7bf2e6c8ba176d)
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (2289664 bytes)
(Hewlett-Packard Company) (2/26/2008 4:08:32 PM) (–A-) (6cf023f0a798c56599b8ea9ff9f083a0)
C:\Program Files\Hewlett-Packard\HP OfficeJet T Series\Bin\HPOstr05.exe (1175552 bytes)
(Hewlett-Packard Co.) (5/2/2008 12:31:35 AM) (–A-) (f8578193d3f323934af37189ff50b939)
C:\Program Files\TechSmith\SnagIt 6\SnagIt32.exe (2068480 bytes) (TechSmith Corporation)
(10/29/2005 3:37:20 PM) (–A-) (1ea796b1b4e869c7fc89dc794e0ff555)
C:\Program Files\Hewlett-Packard\HP OfficeJet T Series\bin\HPOVDX05.EXE (81920 bytes)
(Hewlett-Packard Co.) (5/2/2008 12:31:35 AM) (–A-) (55567ce85bcae9c391117e333594eb51)
C:\WINDOWS\system32\hpoipm07.exe (57344 bytes) (HP) (5/2/2008 12:31:34 AM) (–A-)
(3db7f4db1cc7af93c08e07100d523bad)
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE (10737480 bytes) (Microsoft
Corporation) (9/30/2009 3:21:14 PM) (–AR) (e57208c65bba06f8873bacca803bb92e)
C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe (626176 bytes) (NoVirusThanks
Company Srl) (7/6/2010 7:32:33 PM) (–A-) (cbcb938e63b44da19d1d086cfafc7c00)

[+] Loaded Modules

C:\WINDOWS\system32\WgaLogon.dll (239496 bytes) (Microsoft Corporation) (9/5/2008 11:30:42
PM) (–A-) (02cf580510234e519736559a7f19ea20)
C:\WINDOWS\system32\msacm32.drv (20480 bytes) (Microsoft Corporation) (8/4/2004 6:00:00 AM)
(–A-) (9a3bd5f55aadff859539142f6328a66e)
C:\WINDOWS\system32\imaadp32.acm (16384 bytes) (Microsoft Corporation) (8/4/2004 6:00:00 AM)
(–A-) (577e496f0d41411bf149394d80959d53)
C:\WINDOWS\system32\msadp32.acm (14848 bytes) (Microsoft Corporation) (8/4/2004 6:00:00 AM)
(–A-) (c5648be5409e0aabda8c9047bac8f603)
C:\WINDOWS\system32\msg711.acm (9216 bytes) (Microsoft Corporation) (8/4/2004 6:00:00 AM)
(–A-) (33271a2667334b9a8842c65a079ef375)
C:\WINDOWS\system32\msgsm32.acm (19968 bytes) (Microsoft Corporation) (8/4/2004 6:00:00 AM)
(–A-) (3a9846e207dafc13009c048a2f6f8c2a)
C:\WINDOWS\system32\tssoft32.acm (8192 bytes) (DSP GROUP, INC.) (8/4/2004 6:00:00 AM) (–A-)
(e8cd0d7e169ecce2d4fd829daab786ed)
C:\WINDOWS\system32\msg723.acm (118784 bytes) (Microsoft Corporation) (2/16/2008 3:27:10 PM)
(–A-) (b87f759738c52e8d6fbcdaaa84c6486f)
C:\WINDOWS\system32\msaud32.acm (282654 bytes) (Microsoft Corporation) (8/4/2004 6:00:00 AM)
(–A-) (55aeea66c5e84e3fd6cd3e933397d478)
C:\WINDOWS\system32\sl_anet.acm (86016 bytes) (Sipro Lab Telecom Inc.) (8/4/2004 6:00:00 AM)
(–A-) (0dbb250a89e2e1c9281009ac269f0805)
C:\WINDOWS\system32\iac25_32.ax (199680 bytes) (Intel Corporation) (8/4/2004 6:00:00 AM) (-
-A-) (877c90686858d899b042bba45e9b7f2c)
C:\WINDOWS\system32\l3codeca.acm (290816 bytes) (Fraunhofer Institut Integrierte Schaltungen
IIS) (8/4/2004 6:00:00 AM) (–A-) (452705ac9e4c0dde91a61f0e02292423)
C:\WINDOWS\AppPatch\AcAdProc.dll (39424 bytes) (Microsoft Corporation) (3/1/2008 5:05:33 PM)
(–A-) (ea9ee60b408878e5f2012f9c783836db)
C:\WINDOWS\system32\Normaliz.dll (23552 bytes) (Microsoft Corporation) (6/29/2006 10:05:44
AM) (–A-) (10753a3adc3e39a3b10cc3f08e98e6b4)
C:\WINDOWS\system32\iertutil.dll (268288 bytes) (Microsoft Corporation) (8/13/2007 8:34:04
PM) (–A-) (bf7dfad80e6991942d362f71be1ead1f)
C:\WINDOWS\system32\VSDATA.dll (112128 bytes) (Check Point Software Technologies LTD)
(1/7/2009 10:19:51 AM) (–A-) (5a9a0451849497b667f0e15543065437)
C:\WINDOWS\system32\VSINIT.dll (228864 bytes) (Check Point Software Technologies LTD)
(1/7/2009 10:19:48 AM) (–A-) (8bb8d55cb7b7ba11abd25b4f051e8a3b)
C:\WINDOWS\system32\VSUTIL.dll (713728 bytes) (Check Point Software Technologies LTD)
(1/7/2009 10:19:46 AM) (–A-) (30104887d2f952d7640b57f2a03fe6b3)
C:\WINDOWS\system32\ZoneLabs\dbghelp.dll (813568 bytes) (Microsoft Corporation) (1/7/2009
10:23:41 AM) (–A-) (3b5f0bf4125688a531fa21c823ea6193)
C:\WINDOWS\system32\ZoneLabs\icslta.dll (595432 bytes) (Check Point Software Technologies)
(1/7/2009 10:19:48 AM) (–A-) (f2fd4239901a61e876c4f5c33ed520a5)
C:\WINDOWS\system32\ZoneLabs\SSLeay32.dll (434688 bytes) (Check Point Software Technologies
LTD) (1/7/2009 10:23:11 AM) (–A-) (b8625ec124b5b95db5dd1ebae99f9ccc)
C:\WINDOWS\system32\ZoneLabs\vsdb.dll (211456 bytes) (Check Point Software Technologies LTD)
(1/7/2009 10:19:50 AM) (–A-) (d1542c1450d8d6f16eabd406483b75aa)
C:\WINDOWS\system32\vsxml.dll (110080 bytes) (Check Point Software Technologies LTD)

(1/7/2009 10:23:07 AM) (–A-) (865ca0f8296540ad5c1493ae7fcbe3a8)
C:\WINDOWS\system32\ZoneLabs\fbl.dll (169984 bytes) (Check Point Software Technologies LTD)
(7/2/2010 4:52:38 AM) (–A-) (48a487428d3685f2077250fad279b120)
C:\WINDOWS\system32\vswmi.dll (43008 bytes) (Check Point Software Technologies LTD)
(1/7/2009 10:23:10 AM) (–A-) (dc9af641b6cc3cdd26d571fa8bfab0a1)
C:\WINDOWS\system32\zlcomm.dll (69120 bytes) (Check Point Software Technologies LTD)
(7/2/2010 4:52:35 AM) (–A-) (91192aa3ccd9ab58479f20d5415a43ee)
C:\WINDOWS\system32\ZLCommDB.dll (103936 bytes) (Check Point Software Technologies LTD)
(7/2/2010 4:52:35 AM) (–A-) (ffcf2d668cd1e1a3816fd2b5d3cc78b0)
C:\WINDOWS\system32\ZoneLabs\VSRULEDB.DLL (1790464 bytes) (Check Point Software Technologies
LTD) (1/7/2009 10:23:12 AM) (–A-) (b878b46a658fc2e2b1396f34c9da801c)
C:\WINDOWS\system32\ZoneLabs\vsvault.dll (173056 bytes) (Check Point Software Technologies
LTD) (7/2/2010 4:52:40 AM) (–A-) (04d75fbb76e4bda51a57d60fcbade4b6)
C:\WINDOWS\system32\ZoneLabs\zlquarantine.dll (99328 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:41 AM) (–A-) (84ff6b064a730e55cecf0b70cbcade3d)
C:\WINDOWS\system32\ZoneLabs\qrbase.dll (722392 bytes) (Check Point Software Technologies
LTD) (7/2/2010 4:52:41 AM) (–A-) (9639147d86058dbd944da82edace4279)
C:\WINDOWS\system32\ZoneLabs\scheduler.dll (135680 bytes) (Check Point Software Technologies
LTD) (7/2/2010 4:52:39 AM) (–A-) (23aa080554045624d38f46ab4bfe2f5b)
C:\WINDOWS\system32\ZoneLabs\zlupdate.dll (141824 bytes) (Check Point Software Technologies
LTD) (7/2/2010 4:52:39 AM) (–A-) (d6a2253c5cece39ed4488b398fd4b6b1)
C:\WINDOWS\system32\ZoneLabs\camupd.dll (75776 bytes) (Check Point Software Technologies
LTD) (7/2/2010 4:52:42 AM) (–A-) (11a1a5941d203f5da52ceafea89bb992)
C:\WINDOWS\system32\ieframe.dll (6067200 bytes) (Microsoft Corporation) (8/13/2007 8:54:10
PM) (–A-) (bc88680edb207514d8009bd98761b6bb)
C:\WINDOWS\system32\WPDShServiceObj.dll (133632 bytes) (Microsoft Corporation) (10/18/2006
11:47:22 PM) (–A-) (045e228f71c31901084b64be59093499)
C:\WINDOWS\system32\PortableDeviceTypes.dll (166912 bytes) (Microsoft Corporation)
(10/18/2006 11:47:18 PM) (–A-) (22358578cb321f3325496a3723029409)
C:\WINDOWS\system32\PortableDeviceApi.dll (284160 bytes) (Microsoft Corporation) (10/18/2006
11:47:18 PM) (–A-) (9d45b2201d0ecf9f42136c7b99deb8b2)
C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll (89088 bytes)
(Microsoft Corporation) (2/15/2009 5:47:40 PM) (–A-) (eee7f12d9ff46f68fbc0da059a359e9e)
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll (22024 bytes) (Microsoft
Corporation) (7/25/2008 12:16:40 PM) (–A-) (de5003632f20c69a07b8dfbc83f460e4)
C:\WINDOWS\system32\zpeng25.dll (1238528 bytes) (Check Point Software Technologies LTD)
(1/7/2009 10:23:08 AM) (–A-) (2a1f3a456e08e69073f979b2a53b1134)
C:\WINDOWS\system32\VSPUBAPI.dll (302592 bytes) (Check Point Software Technologies LTD)
(1/7/2009 10:23:06 AM) (–A-) (b8387a77ab4b7bccb8f291d335725cc9)
C:\WINDOWS\system32\ZoneLabs\lib\pyd\zpui.pyd (281600 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:25 AM) (–A-) (2e8d91755727839cb2b27f3036532204)
C:\WINDOWS\system32\ZoneLabs\lib\pyd_ctypes.pyd (81408 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:26 AM) (–A-) (99cda7006585bbcf9cc7e5981e4b3e00)
C:\WINDOWS\system32\ZoneLabs\lib\pyd\pyexpat.pyd (135168 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:25 AM) (–A-) (f85cb596820e9cc90a408a3f4f7fa2fb)
C:\WINDOWS\system32\vsmonapi.dll (108032 bytes) (Check Point Software Technologies LTD)
(1/7/2009 10:23:05 AM) (–A-) (dc7fb9c4d92a9b1c7b94b4d46dd51435)
C:\WINDOWS\system32\ZoneLabs\FFApi.dll (284136 bytes) (Check Point Software Technologies)
(7/2/2010 4:52:44 AM) (–A-) (1e2ff2dab11e82e758fd83df83f7c600)
C:\WINDOWS\system32\HPOMem05.dll (40448 bytes) (Hewlett-Packard Co.) (5/2/2008 12:31:47 AM)
(–A-) (ad1ebc05039c04472b357ff89f901cb1)
C:\WINDOWS\system32\HPOCNT05.dll (118784 bytes) (Unknown) (5/2/2008 12:31:47 AM) (–A-)
(c8df6ce06aa90bf61f922ed24b1dcdb1)
C:\WINDOWS\system32\hpoidr07.dll (73728 bytes) (HP) (2/17/2008 1:28:05 AM) (–A-)
(b43e6ad2bd7f22e6fdbf749fb292e909)
C:\WINDOWS\system32\hpoipr07.dll (53248 bytes) (HP) (5/2/2008 12:31:34 AM) (–A-)
(3b2ab41c33433590243111f223d159a4)
C:\WINDOWS\system32\hpotap05.dll (40960 bytes) (Hewlett-Packard Co.) (5/2/2008 12:31:39 AM)
(–A-) (0cee07e854f8cd707f28a825c99d0dd5)
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\hpoui05.DLL (407044 bytes) (Unknown) (10/24/2001
1:03:20 PM) (–A-) (043e46f254971dd9ea4423ed6709f12f)
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPOWIN05.dll (221184 bytes) (Unknown) (10/24/2001
1:03:20 PM) (–A-) (870643e3d01ee20cbfad500c72e952f1)
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPOCNT05.dll (118784 bytes) (Unknown) (10/24/2001
1:03:20 PM) (–A-) (c8df6ce06aa90bf61f922ed24b1dcdb1)
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPOMON05.dll (49152 bytes) (Unknown) (10/24/2001
1:03:20 PM) (–A-) (29ffbace6f4613a7a97d128c49c1e82b)
C:\WINDOWS\system32\spool\drivers\w32x86\3\HPOSRL05.DLL (389120 bytes) (Unknown) (10/24/2001
1:03:18 PM) (–A-) (bc565ed415a08b12e9884ac3ed6907f8)
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\hpontu05.DLL (213820 bytes) (Hewlett-Packard
Company) (10/24/2001 1:03:20 PM) (–A-) (b73327c232fe2a0e23f839c4911b02ce)
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPOrsu05.dll (36864 bytes) (Unknown) (10/24/2001
1:03:20 PM) (–A-) (845f9232357dad3af0c1757c20bedb55)
C:\WINDOWS\system32\SFMAN32.DLL (51200 bytes) (Creative Technology Ltd.) (2/16/2008 7:06:18
AM) (–A-) (235781d67706e492073363e587d3b4de)
C:\WINDOWS\system32\wpdshext.dll (2603008 bytes) (Microsoft Corporation) (10/18/2006
11:47:22 PM) (–A-) (81d2a27c916c7830743e4afa454099f7)
C:\WINDOWS\system32\Audiodev.dll (276992 bytes) (Microsoft Corporation) (10/18/2006 11:47:08
PM) (–A-) (4c48f1b30a82583caee0da02dd7259ee)

[+] Registry startups

Value: Ad-Watch
Data: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Value: avast5
Data: C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Value: Adobe Reader Speed Launcher
Data: “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Value: Adobe ARM
Data: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Value: ZoneAlarm Client

Data: “C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe”
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Value: ctfmon.exe
Data: C:\WINDOWS\system32\ctfmon.exe
Key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Value: SpybotSD TeaTimer
Data: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
Key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Value: LightScribe Control Panel
Data: C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
Key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Value: AnyDVD
Data: C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
Key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Value: 1ciVoi103M
Data: C:\Documents and Settings\All Users.WINDOWS\Application Data\xuxudele\tkdyhqbm.exe
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

Value: StubPath
Data: C:\WINDOWS\system32\ieudinit.exe
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components<{12d0ed0d-
0ee0-4f90-8827-78cefb8f4988}

Value: StubPath
Data: “C:\Program Files\Common Files\LightScribe\LSRunOnce.exe”
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components{10880D85-AAD9
-4558-ABDC-2AB1552D831F}

Value: StubPath
Data: rundll32.exe advpack.dll,LaunchINFSection
C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components{8b15971b-5355
-4c82-8c07-7e181ea07608}

Value: {00C6482D-C502-44C8-8409-FCE54AD9C208}
Data: C:\Program Files\TechSmith\SnagIt 6\SnagItBHO.dll
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects{00C6482D-C502-44C8-8409-FCE54AD9C208}

Value: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
Data: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

Value: {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
Data: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

Value: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Data: C:\Program Files\Java\jre6\bin\ssv.dll
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

Value: {DBC80044-A445-435b-BC74-9C25C1C588A9}
Data: C:\Program Files\Java\jre6\bin\jp2ssv.dll
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}

[+] Other Startups Methods

Value: WPDShServiceObj
Data: C:\WINDOWS\system32\WPDShServiceObj.dll
CLSID: {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
Key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad

Value: DllName
Data: WgaLogon.dll
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon\Notify\WgaLogon

[+] Startup folders

C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\HP OfficeJet T
Series Startup.lnk (987 bytes) (Unknown) (5/2/2008 12:31:48 AM) (----)
(05eb0c9551b2357c4ff43b42146ecae5)
C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office.lnk
(1730 bytes) (Unknown) (2/17/2008 12:33:40 PM) (–A-) (94cda678b1ac5db4560fd966107d94bc)
C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\SnagIt 6.lnk (810
bytes) (Unknown) (2/17/2008 12:49:17 PM) (----) (91a6d40861bdcac4f7c50fd346814554)

[+] TCPIP nameservers

[+] Internet Explorer settings

[+] Internet Explorer Trusted Sites

[+] Windows Firewall allowed programs

Value: %windir%\Network Diagnostic\xpnetdiag.exe
Data: %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List

Value: C:\Program Files\VideoLAN\VLC\vlc.exe
Data: C:\Program Files\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List

Value: C:\Program Files\RealVNC\VNC4\winvnc4.exe
Data: C:\Program Files\RealVNC\VNC4\winvnc4.exe:*:Enabled:VNC Server Free Edition for Win32
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List

Value: C:\Program Files\BitTorrent\bittorrent.exe
Data: C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List

Value: C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe
Data: C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe:LocalSubNet:Disabled:TurboTax
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List

Value: C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe
Data: C:\Program Files\TurboTax\Deluxe 2007
\32bit\updatemgr.exe:LocalSubNet:Disabled:TurboTax Update Manager
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List

Value: C:\Program Files\DNA\btdna.exe
Data: C:\Program Files\DNA\btdna.exe:*:Enabled:DNA
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List

Value: C:\Program Files\Vuze\Azureus.exe
Data: C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List

Value: C:\Program Files\Skype\Plugin Manager\skypePM.exe
Data: C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List

Value: C:\Program Files\uTorrent\uTorrent.exe
Data: C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List

Value: C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Data: C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List

Value: %windir%\Network Diagnostic\xpnetdiag.exe
Data: %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
DomainProfile\AuthorizedApplications\List

[+] Windows Firewall allowed ports

Value: 1900:UDP
Data: 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
DomainProfile\GloballyOpenPorts\List

Value: 2869:TCP
Data: 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
DomainProfile\GloballyOpenPorts\List

Value: 3587:TCP
Data: 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
DomainProfile\GloballyOpenPorts\List

Value: 3540:UDP
Data: 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
DomainProfile\GloballyOpenPorts\List

Value: 1900:UDP
Data: 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\GloballyOpenPorts\List

Value: 2869:TCP
Data: 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\GloballyOpenPorts\List

Value: 3587:TCP
Data: 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\GloballyOpenPorts\List

Value: 3540:UDP
Data: 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\GloballyOpenPorts\List

[+] System Hijack

Value: ShowSuperHidden
Data: 0
Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced

Value: FirstRunDisabled
Data: 1
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center

Value: EnableDCOM
Data: Y
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Ole

Value: Wallpaper
Data: C:\Documents and Settings\OUR PC\My Documents\My Pictures\Olympus 2005 - 09\9-1-06
Oregon\P8300066.mod.bmp
Key: HKEY_CURRENT_USER\Control Panel\Desktop

Value: OriginalWallpaper
Data: C:\Documents and Settings\OUR PC\Local Settings\Application
Data\Microsoft\Wallpaper1.bmp
Key: HKEY_CURRENT_USER\Control Panel\Desktop

Value: ConvertedWallpaper
Data: C:\Documents and Settings\OUR PC\My Documents\My Pictures\Olympus pictures\Czech 2008
\Croatia\P9110124.JPG
Key: HKEY_CURRENT_USER\Control Panel\Desktop

[+] Executables in Temp folders

C:\DOCUME~1\OUR PC\LOCALS~1\Temp\pvxinst169.exe (6385616 bytes) (Prevx) (7/4/2010 9:22:47 AM)
(–A-) (8eda696d91c56c2f16cacb2b3306ad5d)
C:\DOCUME~1\OUR PC\LOCALS~1\Temp\pvxinst396.exe (6385616 bytes) (Prevx) (7/4/2010 9:17:11 AM)
(–A-) (8eda696d91c56c2f16cacb2b3306ad5d)
C:\DOCUME~1\OUR PC\LOCALS~1\Temp\pvxinst483.exe (6385616 bytes) (Prevx) (7/4/2010 9:22:08 AM)
(–A-) (8eda696d91c56c2f16cacb2b3306ad5d)

[+] Executables in suspicious folders

C:\StubInstaller.exe (700416 bytes) (LimeWire) (10/31/2005 9:56:00 AM) (–A-)
(e2e6b01d43c2555b1be3f46d8297d409)
C:\Program Files\DSETUP.dll (74448 bytes) (Microsoft Corporation) (3/31/2006 1:39:32 PM) (-
-A-) (5a8e20bed41e568424b62cb7f13d978b)
C:\Program Files\dsetup32.dll (2248912 bytes) (Microsoft Corporation) (3/31/2006 1:40:58 PM)
(–A-) (54cfb64b0ef8b59786f0d1863711dbff)
C:\Program Files\DXSETUP.exe (484560 bytes) (Microsoft Corporation) (3/31/2006 1:40:32 PM)
(–A-) (ae58445ccff33bf3fe72bf5d0fa2f873)
C:\Documents and Settings\OUR PC\Application Data\inst.exe (87608 bytes) (Unknown) (2/16/2009
7:55:42 PM) (–A-) (254fbca565e049648b0cce2ceadf05d2)
C:\Documents and Settings\OUR PC\Application Data\pcouffin.sys (47360 bytes) (VSO Software)
(2/16/2009 7:55:41 PM) (–A-) (5b6c11de7e839c05248ced8825470fef)
C:\WINDOWS\system\wowpost.exe (4672 bytes) (Adaptec) (3/1/2008 10:30:39 AM) (–A-)
(1b947583f7d1ff4f50ca9665eef63fe2)
C:\WINDOWS\system32\vsdatant.sys (532224 bytes) (Check Point Software Technologies LTD)
(1/7/2009 10:23:01 AM) (–A-) (050c38ebb22512122e54b47dc278bccd)
C:\Program Files\windows nt\hypertrm.exe (28160 bytes) (Hilgraeve, Inc.) (11/2/2008 11:02:33
AM) (–A-) (9dbb82fb602aa42b131c55c5d136dc9c)

[+] Autorun.ini

[+] Unknown .SYS files

C:\WINDOWS\system32\drivers\aavmker4.sys (28880 bytes) (ALWIL Software) (2/16/2008 3:40:29
PM) (–A-) (467f062f76e07512ecc1f5f60aab2988)
C:\WINDOWS\system32\drivers\AmdPPM.sys (33792 bytes) (Advanced Micro Devices) (4/16/2007
9:46:00 PM) (–A-) (033448d435e65c4bd72e70521fd05c76)
C:\WINDOWS\system32\drivers\anydvd.sys (106432 bytes) (SlySoft, Inc.) (4/23/2010 10:31:01
AM) (–A-) (a198fd45dfe819c1f9a7bed90339842f)
C:\WINDOWS\system32\drivers\aspi32.sys (23936 bytes) (Adaptec) (3/1/2008 10:30:39 AM) (–A-)
(20d04091eba710f6988f710507d85868)
C:\WINDOWS\system32\drivers\aswFsBlk.sys (17744 bytes) (ALWIL Software) (3/29/2008 4:59:16
PM) (–A-) (0c0b08847f2f24baa7bd43d8f2c6c8b0)
C:\WINDOWS\system32\drivers\aswmon.sys (94544 bytes) (ALWIL Software) (2/16/2008 3:40:27 PM)
(–A-) (f4f015831ec57312d03f8541ce911401)
C:\WINDOWS\system32\drivers\aswmon2.sys (100176 bytes) (ALWIL Software) (2/16/2008 3:40:27
PM) (–A-) (aa504fa592c9ed79174cb06b8ae340aa)
C:\WINDOWS\system32\drivers\aswRdr.sys (23376 bytes) (ALWIL Software) (2/16/2008 3:40:30 PM)
(–A-) (f385ffd39165453fda96736aa3edfd9d)
C:\WINDOWS\system32\drivers\aswSP.sys (165456 bytes) (ALWIL Software) (3/29/2008 4:59:16 PM)
(–A-) (45adea26bf613a54fed64ecdd12e58a7)
C:\WINDOWS\system32\drivers\aswTdi.sys (46672 bytes) (ALWIL Software) (2/16/2008 3:40:29 PM)
(–A-) (c4ee975c87176f1900662d2874233c7f)
C:\WINDOWS\system32\drivers\CoachUsb.sys (51392 bytes) (FotoNation Inc.) (4/6/2009 7:13:10
PM) (–A-) (fafa3c99864e9df18cb68725bbcf7bca)
C:\WINDOWS\system32\drivers\CoachVid.sys (45344 bytes) (FotoNation Inc.) (4/6/2009 7:13:10
PM) (–A-) (7aefe82c02d4933cee4b7cb78c409845)
C:\WINDOWS\system32\drivers\DcCam.sys (33840 bytes) (Eastman Kodak Company) (12/25/2008
3:03:02 PM) (–A-) (9a04f967886f55121fb9c0d447a2993b)
C:\WINDOWS\system32\drivers\DcFpoint.sys (61872 bytes) (Eastman Kodak Company) (12/25/2008
3:03:02 PM) (–A-) (e338da0b7700682d325433cd1ce50ec3)
C:\WINDOWS\system32\drivers\DCFS2k.sys (36752 bytes) (Eastman Kodak Company) (12/25/2008
3:03:02 PM) (–A-) (b9a22912f7e19f5984e5f3c15fb80266)
C:\WINDOWS\system32\drivers\DcLps.sys (8304 bytes) (Eastman Kodak Company) (12/25/2008
3:03:02 PM) (–A-) (ccd2e14c7f093a5b72a74e286ec13ffb)
C:\WINDOWS\system32\drivers\DcPtp.sys (55856 bytes) (Eastman Kodak Company) (12/25/2008
3:03:02 PM) (–A-) (cabc849661f92492fed5a751b8606e4f)
C:\WINDOWS\system32\drivers\ElbyCDFL.sys (34760 bytes) (SlySoft, Inc.) (2/15/2007 6:57:04

PM) (–A-) (ce37e3d51912e59c80c6d84337c0b4cd)
C:\WINDOWS\system32\drivers\ElbyCDIO.sys (26024 bytes) (Elaborate Bytes AG) (1/1/2010
11:20:34 AM) (–A-) (309ac30471a0f1c3a89dee1c81230576)
C:\WINDOWS\system32\drivers\ExportIt.sys (124016 bytes) (Eastman Kodak Company) (12/25/2008
3:03:02 PM) (–A-) (8e50f31d6776872ef1680165f363bcf4)
C:\WINDOWS\system32\drivers\hdaudbus.sys (144384 bytes) (Windows (R) Server 2003 DDK
provider) (8/22/2008 6:15:11 PM) (----) (573c7d0a32852b48f3058cfd8026f511)
C:\WINDOWS\system32\drivers\Lbd.sys (64160 bytes) (Lavasoft AB) (2/13/2009 5:30:34 AM) (–A
-) (419590ebe7855215bb157ea0cf0d0531)
C:\WINDOWS\system32\drivers\LGUSBBUS.SYS (20092 bytes) (LG Electronics Inc.) (8/10/2008
9:22:29 PM) (–A-) (b5fbadee0e8aa4ad1f5e3f4f153c8c6c)
C:\WINDOWS\system32\drivers\LGUsbDiag.sys (39136 bytes) (LG Electronics Inc.) (8/10/2008
9:22:29 PM) (–A-) (3cedcf0b428d5f49a4a2b031f974e838)
C:\WINDOWS\system32\drivers\LGUsbModem.sys (41664 bytes) (LG Electronics Inc.) (8/10/2008
9:22:29 PM) (–A-) (b4796b12df011dc75617d4c687cf38cc)
C:\WINDOWS\system32\drivers\maplom.sys (40584 bytes) (SlySoft Inc.) (4/2/2009 3:20:50 PM)
(–A-) (f2a399021b819c60ee7569ba529d9596)
C:\WINDOWS\system32\drivers\maploml.sys (42632 bytes) (SlySoft Inc.) (4/2/2009 3:20:50 PM)
(–A-) (1c4d99cc6a264765f5a90820da85a247)
C:\WINDOWS\system32\drivers\mbam.sys (20952 bytes) (Malwarebytes Corporation) (1/25/2009
1:38:41 PM) (–A-) (67b48a903430c6d4fb58cbaca1866601)
C:\WINDOWS\system32\drivers\mbamswissarmy.sys (38224 bytes) (Malwarebytes Corporation)
(1/25/2009 1:38:38 PM) (–A-) (c7dd7d9739785bd3a6b8499eec1dee7e)
C:\WINDOWS\system32\drivers\mdmxsdk.sys (11868 bytes) (Conexant) (8/22/2008 6:16:00 PM) (–
–) (195741aee20369980796b557358cd774)
C:\WINDOWS\system32\drivers\pcouffin.sys (47360 bytes) (VSO Software) (2/16/2009 7:55:41 PM)
(–A-) (5b6c11de7e839c05248ced8825470fef)
C:\WINDOWS\system32\drivers\pxkbf.sys (24400 bytes) (Prevx) (7/4/2010 9:17:44 AM) (–A-)
(7991a4aacd1184d9f27fba5057253d3c)
C:\WINDOWS\system32\drivers\RegKill.sys (11984 bytes) (Elaborate Bytes AG) (2/15/2007
6:56:49 PM) (–A-) (e205c313417da6fa7afe85912a310a65)
C:\WINDOWS\system32\drivers\secdrv.sys (20480 bytes) (Macrovision Corporation, Macrovision
Europe Limited, and Macrovision Japan and Asia K.K.) (8/4/2004 6:00:00 AM) (–A-)
(90a3935d05b494a5a39d37e71f09a677)
C:\WINDOWS\system32\drivers\sffp_mmc.sys (10240 bytes) (Microsoft Corporation) (8/22/2008
6:17:04 PM) (----) (d66d22d76878bf3483a6be30183fb648)
C:\WINDOWS\system32\drivers\wpdusb.sys (38528 bytes) (Microsoft Corporation) (10/18/2006
10:00:00 PM) (–A-) (cf4def1bf66f06964dc0d91844239104)
C:\WINDOWS\system32\drivers\wudfpf.sys (77568 bytes) (Microsoft Corporation) (9/28/2006
8:55:50 PM) (–A-) (f15feafffbb3644ccc80c5da584e6311)
C:\WINDOWS\system32\drivers\wudfrd.sys (82944 bytes) (Microsoft Corporation) (9/28/2006
9:00:34 PM) (–A-) (28b524262bce6de1f7ef9f510ba3985b)

[+] Non accessible files

[+] Executables in Internet Explorer Folder

C:\Program Files\Internet Explorer\custsat.dll (33792 bytes) (Microsoft Corporation)
(8/13/2007 8:54:10 PM) (–A-) (68d36448ecabc1e03c20cd2bb3b3de9f)
C:\Program Files\Internet Explorer\ieproxy.dll (287744 bytes) (Microsoft Corporation)
(8/13/2007 8:54:10 PM) (–A-) (fd0cba527032d2d3d00e17c0f24a99d3)

[+] Files created/modified 15 days ago

C:\WINDOWS\system32\drivers\aavmker4.sys (28880 bytes) (ALWIL Software) (6/28/2010 2:32:16
PM) (–A-) (467f062f76e07512ecc1f5f60aab2988) (Modified)
C:\WINDOWS\system32\drivers\aswFsBlk.sys (17744 bytes) (ALWIL Software) (6/28/2010 2:32:33
PM) (–A-) (0c0b08847f2f24baa7bd43d8f2c6c8b0) (Modified)
C:\WINDOWS\system32\drivers\aswmon.sys (94544 bytes) (ALWIL Software) (6/28/2010 2:32:42 PM)
(–A-) (f4f015831ec57312d03f8541ce911401) (Modified)
C:\WINDOWS\system32\drivers\aswmon2.sys (100176 bytes) (ALWIL Software) (6/28/2010 2:32:45
PM) (–A-) (aa504fa592c9ed79174cb06b8ae340aa) (Modified)
C:\WINDOWS\system32\drivers\aswRdr.sys (23376 bytes) (ALWIL Software) (6/28/2010 2:33:13 PM)
(–A-) (f385ffd39165453fda96736aa3edfd9d) (Modified)
C:\WINDOWS\system32\drivers\aswSP.sys (165456 bytes) (ALWIL Software) (6/28/2010 2:37:30 PM)
(–A-) (45adea26bf613a54fed64ecdd12e58a7) (Modified)
C:\WINDOWS\system32\drivers\aswTdi.sys (46672 bytes) (ALWIL Software) (6/28/2010 2:37:52 PM)
(–A-) (c4ee975c87176f1900662d2874233c7f) (Modified)
C:\WINDOWS\system32\drivers\pxkbf.sys (24400 bytes) (Prevx) (7/4/2010 9:17:44 AM) (–A-)
(7991a4aacd1184d9f27fba5057253d3c) (Created)
C:\Program Files\Alwil Software\Avast5\Aavm4h.dll (272664 bytes) (AVAST Software) (6/28/2010
2:57:36 PM) (–A-) (02c51461b3a9f3595b92fb71300a6039) (Modified)
C:\Program Files\Alwil Software\Avast5\AavmRpch.dll (51208 bytes) (AVAST Software)
(6/28/2010 2:57:38 PM) (–A-) (8b2929b791ed9534c0830abf40526ef6) (Modified)
C:\Program Files\Alwil Software\Avast5\AhResBhv.dll (19800 bytes) (AVAST Software)
(6/28/2010 2:57:56 PM) (–A-) (3690d2efaa29f95b83523dca3fafa128) (Modified)
C:\Program Files\Alwil Software\Avast5\AhResMai.dll (47624 bytes) (AVAST Software)
(6/28/2010 2:58:01 PM) (–A-) (c8793eda93be50006d94e76c5c1dad47) (Modified)
C:\Program Files\Alwil Software\Avast5\ahResMes.dll (36288 bytes) (AVAST Software)
(6/28/2010 2:58:04 PM) (–A-) (f0afdce17708f94d4675dd09f00f7cd1) (Modified)
C:\Program Files\Alwil Software\Avast5\AhResNS.dll (45552 bytes) (AVAST Software) (6/28/2010
2:58:07 PM) (–A-) (6d03236ee1cc962df783120733dfa237) (Modified)
C:\Program Files\Alwil Software\Avast5\ahResP2P.dll (37824 bytes) (AVAST Software)
(6/28/2010 2:58:09 PM) (–A-) (b2933dd7ec8189d295fe9431af8e8e08) (Modified)
C:\Program Files\Alwil Software\Avast5\AhResStd.dll (54840 bytes) (AVAST Software)
(6/28/2010 2:58:14 PM) (–A-) (1ada042e02dbff575792e77622e5b788) (Modified)
C:\Program Files\Alwil Software\Avast5\AhResWS.dll (55864 bytes) (AVAST Software) (6/28/2010
2:58:17 PM) (–A-) (a39cdd5260d67311d7eec9fea02d2565) (Modified)
C:\Program Files\Alwil Software\Avast5\ashBase.dll (158840 bytes) (AVAST Software)
(6/28/2010 2:58:19 PM) (–A-) (812c994267aa01e298ef911f2179c148) (Modified)
C:\Program Files\Alwil Software\Avast5\ashMaiSv.dll (923600 bytes) (AVAST Software)
(6/28/2010 2:58:22 PM) (–A-) (afd4972daf2d74d7059cc09a86c5d017) (Modified)
C:\Program Files\Alwil Software\Avast5\ashOutXt.dll (142360 bytes) (AVAST Software)
(6/28/2010 2:58:25 PM) (–A-) (1b7ebd11394ec0a54129a585abe6dfbc) (Modified)

C:\Program Files\Alwil Software\Avast5\ashQuick.exe (95504 bytes) (AVAST Software)
(6/28/2010 2:57:07 PM) (–A-) (39036601e4a0679e9a06256838758e59) (Modified)
C:\Program Files\Alwil Software\Avast5\ashServ.dll (117128 bytes) (AVAST Software)
(6/28/2010 2:58:28 PM) (–A-) (7e462c1de313183490c78314c0d6b0b9) (Modified)
C:\Program Files\Alwil Software\Avast5\ashShell.dll (81072 bytes) (AVAST Software)
(6/28/2010 2:58:30 PM) (–A-) (4e4035f3ae41ded93da01503a53c24b8) (Modified)
C:\Program Files\Alwil Software\Avast5\ashTask.dll (137728 bytes) (AVAST Software)
(6/28/2010 2:58:33 PM) (–A-) (7ae2b7d6530f12f88ba097866b246d84) (Modified)
C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll (56352 bytes) (AVAST Software)
(6/28/2010 2:58:35 PM) (–A-) (66108647a48b9fbe0bc8164cf52f7964) (Modified)
C:\Program Files\Alwil Software\Avast5\ashUpd.exe (81560 bytes) (AVAST Software) (6/28/2010
2:57:09 PM) (–A-) (2dbd73e0fe86d90790728fea0b9f495d) (Modified)
C:\Program Files\Alwil Software\Avast5\ashWebSv.dll (349384 bytes) (AVAST Software)
(6/28/2010 2:58:38 PM) (–A-) (1099d81c9c2b1094074cbc8bc3497235) (Modified)
C:\Program Files\Alwil Software\Avast5\ashWsFtr.dll (60984 bytes) (AVAST Software)
(6/28/2010 2:58:40 PM) (–A-) (0aa417fb424b4a8e957fe0a6da0afcd6) (Modified)
C:\Program Files\Alwil Software\Avast5\aswAux.dll (680544 bytes) (AVAST Software) (6/28/2010
2:58:46 PM) (–A-) (e3ee9cc3fd1e5e229a818bede33962cd) (Modified)
C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll (294824 bytes) (AVAST Software)
(6/28/2010 2:58:48 PM) (–A-) (a796aa4d68e7eb009b2766e01cd62886) (Modified)
C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll (140824 bytes) (AVAST Software)
(6/28/2010 2:58:51 PM) (–A-) (7885b2eb5e54486af9c8a3b21769a7f3) (Modified)
C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll (87264 bytes) (AVAST Software)
(6/28/2010 2:58:53 PM) (–A-) (e441baed30a73ea20859d79296179c76) (Modified)
C:\Program Files\Alwil Software\Avast5\aswData.dll (108352 bytes) (AVAST Software)
(6/28/2010 2:58:56 PM) (–A-) (c633e761b183c9ac6d980c4a9252a5f7) (Modified)
C:\Program Files\Alwil Software\Avast5\aswDld.dll (123296 bytes) (Unknown) (6/28/2010
2:58:58 PM) (–A-) (49401f1a447be8cca978199fd27d05f8) (Modified)
C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll (43504 bytes) (AVAST Software)
(6/28/2010 2:59:01 PM) (–A-) (34db85c1829537a767438edb494a87ae) (Modified)
C:\Program Files\Alwil Software\Avast5\aswIdle.dll (12096 bytes) (AVAST Software) (6/28/2010
2:59:03 PM) (–A-) (afeb68ffe90ae4e6f6534e2f831fcdec) (Modified)
C:\Program Files\Alwil Software\Avast5\aswLog.dll (175344 bytes) (AVAST Software) (6/28/2010
2:59:06 PM) (–A-) (a601edfa73d0421c8052745b7cbbc193) (Modified)
C:\Program Files\Alwil Software\Avast5\aswProperty.dll (44504 bytes) (AVAST Software)
(6/28/2010 2:59:11 PM) (–A-) (3d0c4e7db2eae31353bee70ace5b4a33) (Modified)
C:\Program Files\Alwil Software\Avast5\aswSqLt.dll (396776 bytes) (ALWIL Software)
(6/28/2010 2:59:19 PM) (–A-) (94eb976e186780f1d9e416ab8980185b) (Modified)
C:\Program Files\Alwil Software\Avast5\aswUtil.dll (22904 bytes) (AVAST Software) (6/28/2010
2:59:21 PM) (–A-) (4d7ba53015f5e7d39acefec148ef0d88) (Modified)
C:\Program Files\Alwil Software\Avast5\avastSS.dll (29584 bytes) (AVAST Software) (6/28/2010
2:59:24 PM) (–A-) (c69c54a4f719d6221134cc53e0944973) (Modified)
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (40384 bytes) (AVAST Software)
(6/28/2010 2:57:15 PM) (–A-) (b2386a8e66891f7cfec9f5a03f0f1210) (Modified)
C:\Program Files\Alwil Software\Avast5\AvastUI.exe (2837864 bytes) (AVAST Software)
(6/28/2010 2:57:18 PM) (–A-) (38ae7a942fc3fab1c6a27eb65de8f827) (Modified)
C:\Program Files\Alwil Software\Avast5\AvSSHook.dll (51208 bytes) (AVAST Software)
(6/28/2010 2:59:26 PM) (–A-) (9c6e5f54c63972bd4a1a6d71fc41c22e) (Modified)
C:\Program Files\Alwil Software\Avast5\CommonRes.dll (1349520 bytes) (AVAST Software)
(6/28/2010 2:59:29 PM) (–A-) (e49300608e55e8011e5bb81e536da463) (Modified)
C:\Program Files\Alwil Software\Avast5\sched.exe (82096 bytes) (AVAST Software) (6/28/2010
2:57:23 PM) (–A-) (29c265b5742b5fa806f6b4d4295cae4d) (Modified)
C:\Program Files\Alwil Software\Avast5\VisthAux.exe (127392 bytes) (AVAST Software)
(6/28/2010 2:57:31 PM) (–A-) (4a0e9f39d15e846d93ab6fd0d82fd770) (Modified)
C:\Program Files\Alwil Software\Avast5\1033\Base.dll (55328 bytes) (AVAST Software)
(6/28/2010 3:00:31 PM) (–A-) (50a66b44064be496c4198be7b8181fab) (Modified)
C:\Program Files\Alwil Software\Avast5\1033\Boot.dll (24408 bytes) (AVAST Software)
(6/28/2010 3:00:34 PM) (–A-) (168961559bc58f433ad2606a4338b451) (Modified)
C:\Program Files\Alwil Software\Avast5\1033\uiLangRes.dll (149576 bytes) (AVAST Software)
(6/28/2010 3:00:36 PM) (–A-) (73423e3fbe8a8c6a7d7803e095b08d77) (Modified)
C:\Program Files\Alwil Software\Avast5\defs\10070400\algo.dll (661504 bytes) (Unknown)
(7/4/2010 11:02:54 AM) (–A-) (53e13a651c5e28d6ab992c3b25cf0c8d) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\ArPot.dll (36800 bytes) (AVAST
Software) (7/4/2010 11:02:51 AM) (–A-) (a26e59be59dd009db03f61600bc3e658) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\aswAR.dll (138216 bytes) (AVAST
Software) (7/4/2010 11:02:51 AM) (–A-) (401b9731f7db8f6d125bb6ba9f6c9eeb) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\aswBoot.dll (1374752 bytes) (AVAST
Software) (7/4/2010 11:02:51 AM) (–A-) (e58a96f641742e35f23a383e7a998033) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\aswCleanerDLL.dll (421032 bytes) (AVAST
Software) (7/4/2010 11:02:51 AM) (–A-) (9a77e3bbdee6de974ff41b877cb71a4f) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\aswCmnBS.dll (299456 bytes) (AVAST
Software) (7/4/2010 11:02:51 AM) (–A-) (d6b1f751d3bfaae77b71935919cbea4e) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\aswCmnIS.dll (160400 bytes) (AVAST
Software) (7/4/2010 11:02:51 AM) (–A-) (a292428cef3f43408199555867145ab3) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\aswCmnOS.dll (88800 bytes) (AVAST
Software) (7/4/2010 11:02:51 AM) (–A-) (6cf7a23f54988dcb6a5f70ef70ba9a49) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\aswEngin.dll (1138888 bytes) (AVAST
Software) (7/4/2010 11:02:51 AM) (–A-) (39ca340ab82c30857332ed7b8c41dc20) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\aswRawFS.dll (295336 bytes) (AVAST
Software) (7/4/2010 11:02:51 AM) (–A-) (96c205b8e990a1501ff7c0950d87d18a) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\aswScan.dll (69224 bytes) (AVAST
Software) (7/4/2010 11:02:51 AM) (–A-) (94940418051fe8433ecf7d77fa809d10) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\exts.dll (11048 bytes) (AVAST Software)
(7/4/2010 11:02:51 AM) (–A-) (7083d1a4d7b551aac9b8f3fb87b3231e) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\fwAux.dll (39384 bytes) (AVAST
Software) (7/4/2010 11:02:51 AM) (–A-) (ff675e6143d5494afde62e80ba6b63e1) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\Sf.bin (523960 bytes) (Unknown)
(7/4/2010 11:02:51 AM) (–A-) (209a9b52540ae7b6aba3eb1541ddbfd5) (Created)
C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll (186928 bytes) (Unknown)
(6/30/2010 11:09:49 AM) (----) (36429a92b495d7b3030e97305981ea8b) (Modified)
C:\Program Files\Alwil Software\Avast5\Setup\setiface.ovr (186928 bytes) (Unknown)
(6/30/2010 11:09:49 AM) (–A-) (36429a92b495d7b3030e97305981ea8b) (Modified)

C:\Program Files\Alwil Software\Avast5\Setup\setif_ais-252.vpx (186928 bytes) (Unknown)
(6/30/2010 11:09:49 AM) (–A-) (36429a92b495d7b3030e97305981ea8b) (Created)
C:\Program Files\Alwil Software\Avast5\Setup\setup.ovr (2701416 bytes) (AVAST Software)
(6/30/2010 11:09:53 AM) (–A-) (7debba7e0c78312248673cb37e7238be) (Modified)
C:\Program Files\Alwil Software\Avast5\Setup\setup_ais-252.vpx (2701416 bytes) (AVAST
Software) (6/30/2010 11:09:50 AM) (–A-) (7debba7e0c78312248673cb37e7238be) (Created)
C:\Program Files\Alwil Software\Avast5\Setup\INF\Aavmker4.sys (28880 bytes) (ALWIL Software)
(6/28/2010 2:32:16 PM) (–A-) (467f062f76e07512ecc1f5f60aab2988) (Modified)
C:\Program Files\Alwil Software\Avast5\Setup\INF\aswFsBlk.sys (17744 bytes) (ALWIL Software)
(6/28/2010 2:32:33 PM) (–A-) (0c0b08847f2f24baa7bd43d8f2c6c8b0) (Modified)
C:\Program Files\Alwil Software\Avast5\Setup\INF\aswMon.sys (94544 bytes) (ALWIL Software)
(6/28/2010 2:32:42 PM) (–A-) (f4f015831ec57312d03f8541ce911401) (Modified)
C:\Program Files\Alwil Software\Avast5\Setup\INF\aswMon2.sys (100176 bytes) (ALWIL Software)
(6/28/2010 2:32:45 PM) (–A-) (aa504fa592c9ed79174cb06b8ae340aa) (Modified)
C:\Program Files\Alwil Software\Avast5\Setup\INF\aswMonFlt.sys (50256 bytes) (ALWIL
Software) (6/28/2010 2:32:56 PM) (–A-) (effc39a1edf04e83a42279d9daa696a7) (Modified)
C:\Program Files\Alwil Software\Avast5\Setup\INF\AswRdr.sys (23376 bytes) (ALWIL Software)
(6/28/2010 2:33:13 PM) (–A-) (f385ffd39165453fda96736aa3edfd9d) (Modified)
C:\Program Files\Alwil Software\Avast5\Setup\INF\aswSP.sys (165456 bytes) (ALWIL Software)
(6/28/2010 2:37:30 PM) (–A-) (45adea26bf613a54fed64ecdd12e58a7) (Modified)
C:\Program Files\Alwil Software\Avast5\Setup\INF\AswTdi.sys (46672 bytes) (ALWIL Software)
(6/28/2010 2:37:52 PM) (–A-) (c4ee975c87176f1900662d2874233c7f) (Modified)
C:\Program Files\CCleaner\CCleaner.exe (1699128 bytes) (Piriform Ltd) (6/23/2010 3:07:14 PM)
(–A-) (33ef7a3e3b2004e9a225af3d98d5bc21) (Created)
C:\Program Files\CCleaner\uninst.exe (126272 bytes) (Piriform Ltd) (6/23/2010 3:55:30 PM)
(–A-) (e55e07f58e29edfc8b19cead8191acb5) (Created)
C:\Program Files\CCleaner\Lang\lang-1025.dll (23552 bytes) (Unknown) (6/23/2010 7:16:02 PM)
(–A-) (c8b413b153273352050483c8ff48efdc) (Created)
C:\Program Files\CCleaner\Lang\lang-1026.dll (29696 bytes) (Unknown) (6/23/2010 7:17:52 PM)
(–A-) (f1123f265ad6b45f329c6a2f2b859b53) (Created)
C:\Program Files\CCleaner\Lang\lang-1027.dll (27648 bytes) (Unknown) (6/23/2010 7:15:58 PM)
(–A-) (bde57c23a37adafe5712a9ec748b2284) (Created)
C:\Program Files\CCleaner\Lang\lang-1028.dll (14336 bytes) (Unknown) (6/23/2010 7:16:10 PM)
(–A-) (0952a0b00390f9823645668b92e0f01d) (Created)
C:\Program Files\CCleaner\Lang\lang-1029.dll (25088 bytes) (Unknown) (6/23/2010 7:16:14 PM)
(–A-) (31c57c554b0aacad3b2997b09c27a168) (Created)
C:\Program Files\CCleaner\Lang\lang-1030.dll (26624 bytes) (Unknown) (6/23/2010 7:16:18 PM)
(–A-) (24ddc53855628a3894879b73bc6d3337) (Created)
C:\Program Files\CCleaner\Lang\lang-1031.dll (27136 bytes) (Unknown) (6/23/2010 7:15:54 PM)
(–A-) (99f71c1122b12c11e5fff4bfa0e10137) (Created)
C:\Program Files\CCleaner\Lang\lang-1032.dll (31744 bytes) (Unknown) (6/23/2010 7:16:38 PM)
(–A-) (5cba2234f4b7a16a3d5ad26b5328c017) (Created)
C:\Program Files\CCleaner\Lang\lang-1034.dll (30208 bytes) (Unknown) (6/23/2010 7:17:32 PM)
(–A-) (56a8ddf06d02247f2e65d84326106c00) (Created)
C:\Program Files\CCleaner\Lang\lang-1035.dll (28160 bytes) (Unknown) (6/23/2010 7:16:26 PM)
(–A-) (7289c7b46f65186be410e73989073da6) (Created)
C:\Program Files\CCleaner\Lang\lang-1036.dll (31232 bytes) (Unknown) (6/23/2010 7:16:30 PM)
(–A-) (322dcff65a8d47d324f34bdd92f60888) (Created)
C:\Program Files\CCleaner\Lang\lang-1037.dll (23040 bytes) (Unknown) (6/23/2010 7:16:42 PM)
(–A-) (57cd8d929425a9d0d0b8a54cd0557ae8) (Created)
C:\Program Files\CCleaner\Lang\lang-1038.dll (28160 bytes) (Unknown) (6/23/2010 7:16:46 PM)
(–A-) (d1b078092c432dffd832ee2ffa765a36) (Created)
C:\Program Files\CCleaner\Lang\lang-1040.dll (28672 bytes) (Unknown) (6/23/2010 7:16:50 PM)
(–A-) (8ca24fd322364b146a85f08d8e0fe8b0) (Created)
C:\Program Files\CCleaner\Lang\lang-1041.dll (17408 bytes) (Unknown) (6/23/2010 7:16:54 PM)
(–A-) (95ce15bb8882abf2ffa6b2b720690b9d) (Created)
C:\Program Files\CCleaner\Lang\lang-1042.dll (13824 bytes) (Unknown) (6/23/2010 7:17:00 PM)
(–A-) (3f5ff3f66cf0b9e2add8aa065695d9c7) (Created)
C:\Program Files\CCleaner\Lang\lang-1043.dll (30208 bytes) (Unknown) (6/23/2010 7:16:22 PM)
(–A-) (1bbb2883419e5150082883851eeffe6f) (Created)
C:\Program Files\CCleaner\Lang\lang-1044.dll (26112 bytes) (Unknown) (6/23/2010 7:17:08 PM)
(–A-) (1a6d15381be03b01f7b2235659fd7432) (Created)
C:\Program Files\CCleaner\Lang\lang-1045.dll (28160 bytes) (Unknown) (6/23/2010 7:17:12 PM)
(–A-) (367853eb5943a77435579433ac463cf6) (Created)
C:\Program Files\CCleaner\Lang\lang-1046.dll (30208 bytes) (Unknown) (6/23/2010 7:17:22 PM)
(–A-) (389535752d5f6686291af05069ea502d) (Created)
C:\Program Files\CCleaner\Lang\lang-1048.dll (26624 bytes) (Unknown) (6/23/2010 7:17:26 PM)
(–A-) (b7f3f5f0b24a1f9f673240fbd6ddf8c7) (Created)
C:\Program Files\CCleaner\Lang\lang-1049.dll (25600 bytes) (Unknown) (6/23/2010 7:17:30 PM)
(–A-) (00078200f7555480f6b865c126ae3ca5) (Created)
C:\Program Files\CCleaner\Lang\lang-1050.dll (26624 bytes) (Unknown) (6/23/2010 7:18:08 PM)
(–A-) (e77c2bcd0fb54838a045def563e76e80) (Created)
C:\Program Files\CCleaner\Lang\lang-1051.dll (26112 bytes) (Unknown) (6/23/2010 7:15:44 PM)
(–A-) (b98cf7871deaabb39602d2268e80adec) (Created)
C:\Program Files\CCleaner\Lang\lang-1052.dll (26624 bytes) (Unknown) (6/23/2010 7:15:46 PM)
(–A-) (83b6b34f6f21a6fe48195bacc8fd0d5c) (Created)
C:\Program Files\CCleaner\Lang\lang-1053.dll (27136 bytes) (Unknown) (6/23/2010 7:15:50 PM)
(–A-) (b5aa357cc9e8fca33bbbb2cb25e2fee1) (Created)
C:\Program Files\CCleaner\Lang\lang-1055.dll (26112 bytes) (Unknown) (6/23/2010 7:17:36 PM)
(–A-) (9f16d833692b846f75828d2cc856f47d) (Created)
C:\Program Files\CCleaner\Lang\lang-1058.dll (25088 bytes) (Unknown) (6/23/2010 7:18:04 PM)
(–A-) (4b906ac69b568189c4fd327243f80030) (Created)
C:\Program Files\CCleaner\Lang\lang-1061.dll (26112 bytes) (Unknown) (6/23/2010 7:18:12 PM)
(–A-) (ccdb2a30017ed69c63614c87cb886aa3) (Created)
C:\Program Files\CCleaner\Lang\lang-1063.dll (23040 bytes) (Unknown) (6/23/2010 7:17:04 PM)
(–A-) (1619df482e20e5d6055e09f9b6b0c1a0) (Created)
C:\Program Files\CCleaner\Lang\lang-1065.dll (26624 bytes) (Unknown) (6/23/2010 7:18:00 PM)
(–A-) (78c1fedfb9ec48b2e110647e17224c69) (Created)
C:\Program Files\CCleaner\Lang\lang-1066.dll (26112 bytes) (Unknown) (6/23/2010 7:18:16 PM)
(–A-) (f84522f31168eee5c048413ede2b07b5) (Created)
C:\Program Files\CCleaner\Lang\lang-1067.dll (24576 bytes) (Unknown) (6/23/2010 7:18:20 PM)
(–A-) (eb1937db557b798f93dfe665c6ffc982) (Created)

C:\Program Files\CCleaner\Lang\lang-1071.dll (22016 bytes) (Unknown) (6/23/2010 7:17:48 PM)
(–A-) (0904c304ee26f8a7280e028162c8c334) (Created)
C:\Program Files\CCleaner\Lang\lang-1079.dll (27648 bytes) (Unknown) (6/23/2010 7:18:26 PM)
(–A-) (dd13d4cbe624088a7e8b203c75f02278) (Created)
C:\Program Files\CCleaner\Lang\lang-1110.dll (23040 bytes) (Unknown) (6/23/2010 7:16:36 PM)
(–A-) (bc9c1468005d34560fca2b1d0fc76104) (Created)
C:\Program Files\CCleaner\Lang\lang-2052.dll (12800 bytes) (Unknown) (6/23/2010 7:16:06 PM)
(–A-) (ed54ba9f3ff992242e1c32191f9b9433) (Created)
C:\Program Files\CCleaner\Lang\lang-2070.dll (30720 bytes) (Unknown) (6/23/2010 7:17:18 PM)
(–A-) (cbf4c8bf71dd1fba8e3943adaac9ca7e) (Created)
C:\Program Files\CCleaner\Lang\lang-2074.dll (21504 bytes) (Unknown) (6/23/2010 7:17:44 PM)
(–A-) (0f959bab5d981841deba30f994259195) (Created)
C:\Program Files\CCleaner\Lang\lang-3098.dll (25088 bytes) (Unknown) (6/23/2010 7:17:40 PM)
(–A-) (03f804a92bc07f0c8e33f9922c41db58) (Created)
C:\Program Files\CCleaner\Lang\lang-5146.dll (26112 bytes) (Unknown) (6/23/2010 7:17:56 PM)
(–A-) (446d3b3f34511a7adad23c30b9da537a) (Created)
C:\Program Files\CCleaner\Lang\lang-9999.dll (30720 bytes) (Unknown) (6/23/2010 2:59:36 PM)
(–A-) (78e1f19906909ea819d3a67a29c5e60d) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\basefx.dll (778240 bytes) (Jasc Software
Inc.) (1/20/2030 7:02:00 AM) (–A-) (294bca9110a7a4a9cd4e0347a7542447) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\fpxlib.dll (332800 bytes) (Unknown)
(1/20/2030 7:02:00 AM) (–A-) (5237cc27a7c26399094b29f868892955) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\jbrws.dll (290816 bytes) (Jasc Software,
Inc.) (1/20/2030 7:02:00 AM) (–A-) (53590fbda4748f4d9ebec062db832d65) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\jbrwsutil.dll (102400 bytes) (Jasc
Software, Inc.) (1/20/2030 7:02:00 AM) (–A-) (2a91bd38653e0de084f1922e7066ad88) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\jcap.dll (65536 bytes) (Jasc Software,
Inc.) (1/20/2030 7:02:00 AM) (–A-) (dff514f4c83ed5047e8a3a9fa45b71f8) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\jcmyk.dll (233472 bytes) (Jasc Software,
Inc.) (1/20/2030 7:02:00 AM) (–A-) (3022292315f7753c7686fcde223a8ed5) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\jcontrols.dll (458752 bytes) (Jasc
Software, Inc.) (1/20/2030 7:02:00 AM) (–A-) (a38f9b36a6eb8320a20b7254bec8875d) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\jff.dll (1892352 bytes) (Jasc Software,
Inc.) (1/20/2030 7:02:00 AM) (–A-) (8519db8dd78997a40a35a2ccedd0f49e) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\jlem.dll (69632 bytes) (Jasc Software,
Inc.) (1/20/2030 7:02:00 AM) (–A-) (3499f5315bf2421118741350ae0c3eff) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\jmem.dll (73728 bytes) (Jasc Software,
Inc.) (1/20/2030 7:02:00 AM) (–A-) (d214628bc02444513d29c1ccd8f1e661) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\jpeglib.dll (122880 bytes) (Unknown)
(1/20/2030 7:02:00 AM) (–A-) (324de03de18dfd6e4a03bcfb0d5c7a32) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\jwebtools.dll (376832 bytes) (Jasc
Software, Inc.) (1/20/2030 7:02:00 AM) (–A-) (763f8382ce89470900aad6e299a1cf05) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\morefx.dll (311296 bytes) (Jasc Software
Inc.) (1/20/2030 7:02:00 AM) (–A-) (0c27e8bec010e586c3855254e332af19) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\pcdlib32.dll (212480 bytes) (Eastman
Kodak) (1/20/2030 7:02:00 AM) (–A-) (7ed438c44b90af7b01609a942c7e7196) (Created)
C:\Program Files\mozilla.org\SeaMonkey\AccessibleMarshal.dll (28672 bytes) (Mozilla
Foundation) (6/25/2010 1:58:11 PM) (–A-) (867c59e700898521e5214c076e1bb247) (Created)
C:\Program Files\mozilla.org\SeaMonkey\nsldap32v50.dll (139264 bytes) (Unknown) (6/25/2010
1:58:12 PM) (–A-) (ebde0991b9697979e88a07e4d09966f1) (Created)
C:\Program Files\mozilla.org\SeaMonkey\nsldappr32v50.dll (24576 bytes) (Unknown) (6/25/2010
1:58:12 PM) (–A-) (7fbcfaf6f3c7a4c697edce1cf2515dbb) (Created)
C:\Program Files\mozilla.org\SeaMonkey\regxpcom.exe (16384 bytes) (Unknown) (6/25/2010
1:58:13 PM) (–A-) (288e4cc53b23139f7666bd4bf5049482) (Created)
C:\Program Files\mozilla.org\SeaMonkey\seamonkey.exe (106496 bytes) (mozilla.org) (6/25/2010
1:58:13 PM) (–A-) (ee4a130f66787c0714634aae7b06c66e) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\accessibility.dll (233472 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (–A-) (7a2ef89fe6d009c1b01f11e76129b4e9) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\appcomps.dll (229376 bytes) (Mozilla
Foundation) (6/25/2010 1:58:12 PM) (–A-) (113aa472824bf534a636aface341a467) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\appshell.dll (65536 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (–A-) (4064aa7781dec13d660b3b72f2649cf9) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\auth.dll (28672 bytes) (Mozilla
Foundation) (6/25/2010 1:58:12 PM) (–A-) (d516b96fd48147a46bc5be819e7a6301) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\autoconfig.dll (36864 bytes) (Mozilla
Foundation) (6/25/2010 1:58:13 PM) (–A-) (6e9a7b538b4a6a3e6426aefaa19ca962) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\caps.dll (61440 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (–A-) (bbeccced103e9f29ef7f5516365e5926) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\chrome.dll (65536 bytes) (Mozilla
Foundation) (6/25/2010 1:58:02 PM) (–A-) (58ea7597e980c27eacd0d5aa8af36aa9) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\composer.dll (57344 bytes) (Mozilla
Foundation) (6/25/2010 1:58:11 PM) (–A-) (d476dd06f920bd9980a29c888ed2aa9a) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\cookie.dll (36864 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (–A-) (325aa210ffced9ba4e7287166a51beeb) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\docshell.dll (188416 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (–A-) (e4165664e82a37ce68930a3356a8a893) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\editor.dll (405504 bytes) (Mozilla
Foundation) (6/25/2010 1:58:02 PM) (–A-) (d06bd7bc0a945b714dbfa1f74ea44610) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\embedcomponents.dll (126976 bytes)
(Mozilla Foundation) (6/25/2010 1:58:02 PM) (–A-) (1be6a140a593e9ded2c21d032523acd5)
(Created)
C:\Program Files\mozilla.org\SeaMonkey\components\gkgfxwin.dll (147456 bytes) (Mozilla
Foundation) (6/25/2010 1:58:03 PM) (–A-) (4cc56c402927dc46e55055f76d06c04f) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\gklayout.dll (3067904 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (–A-) (8342d340ef69047f8a64fb3d03f76a04) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\gkparser.dll (237568 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (–A-) (a662a6bd3d6aa07b8fe0d2b76f56e0e4) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\gkplugin.dll (151552 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (–A-) (48d7183ef8c1c6823c1dd236ee95f57a) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\gkwidget.dll (147456 bytes) (Unknown)
(6/25/2010 1:58:01 PM) (–A-) (a8e06d33875855d283c10545961967e3) (Created)

C:\Program Files\mozilla.org\SeaMonkey\components\i18n.dll (188416 bytes) (Mozilla
Foundation) (6/25/2010 1:58:02 PM) (–A-) (6f13a99931ef8c7cf53691fd434729c6) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\imgicon.dll (28672 bytes) (Mozilla
Foundation) (6/25/2010 1:57:59 PM) (–A-) (e32d74ffe0e384ad42f812c1a41e7a40) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\imglib2.dll (155648 bytes) (Mozilla
Foundation) (6/25/2010 1:57:59 PM) (–A-) (82792efd39475af512f753652a3c6082) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\jar50.dll (53248 bytes) (Mozilla
Foundation) (6/25/2010 1:57:58 PM) (–A-) (92daae1056ae10cd847a6401c892e20f) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\jsd3250.dll (61440 bytes) (Mozilla
Foundation) (6/25/2010 1:58:12 PM) (–A-) (f7683d0e0f654308dd82a4e1ef12f84e) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\mork.dll (106496 bytes) (Mozilla
Foundation) (6/25/2010 1:58:12 PM) (–A-) (292d817ebfc47659bb55090155031559) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\mozfind.dll (24576 bytes) (Mozilla
Foundation) (6/25/2010 1:58:13 PM) (–A-) (0247ed0ee345329f132ef461040d6b14) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\mozldap.dll (49152 bytes) (Mozilla
Foundation) (6/25/2010 1:58:12 PM) (–A-) (5d76326fcf65dc3b3aed164c45dee451) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\necko.dll (516096 bytes) (Mozilla
Foundation) (6/25/2010 1:58:01 PM) (–A-) (0e59adcb44494b018c71a23d9ae57118) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\necko2.dll (40960 bytes) (Mozilla
Foundation) (6/25/2010 1:58:01 PM) (–A-) (866e8ccbf6100852c5c1713cdbd66237) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\nsprefm.dll (40960 bytes) (Mozilla
Foundation) (6/25/2010 1:58:12 PM) (–A-) (59f806bbfe6d233ba15d45d3a706b08b) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\oji.dll (49152 bytes) (Mozilla Foundation)
(6/25/2010 1:57:59 PM) (–A-) (0bff1b408fe19008dd740922d997bc59) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\p3p.dll (32768 bytes) (Mozilla Foundation)
(6/25/2010 1:58:00 PM) (–A-) (640817221b8cf4034180de81965e9e43) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\perms.dll (24576 bytes) (Mozilla
Foundation) (6/25/2010 1:58:12 PM) (–A-) (29968b3de8e374acd6e92bef0f8c68a3) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\pipboot.dll (32768 bytes) (Mozilla
Foundation) (6/25/2010 1:58:01 PM) (–A-) (a3caf8aabf6f6733156939f729b74d2c) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\pipnss.dll (233472 bytes) (Mozilla
Foundation) (6/25/2010 1:58:02 PM) (–A-) (4a8f5129c3b7abdaa718508cc2912dc0) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\pippki.dll (32768 bytes) (Mozilla
Foundation) (6/25/2010 1:58:12 PM) (–A-) (4ecaba7b47145a21616b298131b59afe) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\profile.dll (61440 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (–A-) (99c7ddaa77a0af8846d9ac068bd3680d) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\rdf.dll (110592 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (–A-) (e0c90493c1cd6ee0d443da4c383231ca) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\srchsvc.dll (98304 bytes) (Mozilla
Foundation) (6/25/2010 1:58:11 PM) (–A-) (56d874a385396c3c8a77b8f08768fba2) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\strgcmps.dll (233472 bytes) (Mozilla
Foundation) (6/25/2010 1:57:59 PM) (–A-) (9d53d180907f308a16d78d1687be2e64) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\transformiix.dll (208896 bytes) (Mozilla
Foundation) (6/25/2010 1:58:12 PM) (–A-) (d21bec805eafb3a1fca7f49dcca76a19) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\txmgr.dll (32768 bytes) (Mozilla
Foundation) (6/25/2010 1:58:11 PM) (–A-) (da0ffa29097b877781a9dd6418f561ad) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\typeaheadfind.dll (49152 bytes) (Mozilla
Foundation) (6/25/2010 1:58:11 PM) (–A-) (efa986676871db8dcaf48f7389c75d12) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\uconv.dll (737280 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (–A-) (7949ddb234a865f4aef44c62ec3cb76d) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\ucvmath.dll (28672 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (–A-) (549825225861edbf8ff8b029e0a5f93f) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\universalchardet.dll (106496 bytes)
(Mozilla Foundation) (6/25/2010 1:57:59 PM) (–A-) (626f0b6aa3631d4bc927d256f4ef1429)
(Created)
C:\Program Files\mozilla.org\SeaMonkey\components\wallet.dll (77824 bytes) (Mozilla
Foundation) (6/25/2010 1:58:02 PM) (–A-) (a80e25e1919590174d940ccdc5551f43) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\webbrwsr.dll (57344 bytes) (Mozilla
Foundation) (6/25/2010 1:57:59 PM) (–A-) (378aff4ee0d83898fe009f56164ca7cf) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\websrvcs.dll (286720 bytes) (Mozilla
Foundation) (6/25/2010 1:58:12 PM) (–A-) (89226df89f4c8e86c1261f87cd4135be) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\wlltvwrs.dll (24576 bytes) (Mozilla
Foundation) (6/25/2010 1:58:12 PM) (–A-) (4c77e36a01c64de6cb87946a99d170e4) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\xmlextras.dll (28672 bytes) (Mozilla
Foundation) (6/25/2010 1:57:59 PM) (–A-) (b9755954f03176df243411cab13ce356) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\xpc3250.dll (221184 bytes) (Mozilla
Foundation) (6/25/2010 1:57:59 PM) (–A-) (acc92bef5830fda833175b998329fc07) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\xpcom_compat_c.dll (28672 bytes) (Mozilla
Foundation) (6/25/2010 1:57:58 PM) (–A-) (996bd8788737ef29df0bbb174a87bc36) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\xpinstal.dll (159744 bytes) (Mozilla
Foundation) (6/25/2010 1:57:58 PM) (–A-) (8af3a10612d00a284a50bcf5d7e1a75c) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\xppref32.dll (53248 bytes) (Mozilla
Foundation) (6/25/2010 1:58:01 PM) (–A-) (20d21c04d3f77fa4ac4bdad96a38c72a) (Created)
C:\Program Files\mozilla.org\SeaMonkey\Setup GRE\SETUP.EXE (249856 bytes) (mozilla.org)
(6/25/2010 1:57:54 PM) (–A-) (9bd37657c60c08ee4167537f4b4f510f) (Created)
C:\Program Files\mozilla.org\SeaMonkey\Setup GRE\setuprsc.dll (225280 bytes) (Unknown)
(6/25/2010 1:57:54 PM) (–A-) (527c9c732bcdc15f5a950f928775d743) (Created)
C:\Program Files\mozilla.org\SeaMonkey\uninstall\GREUninstall.exe (118784 bytes) (Unknown)
(6/25/2010 1:58:04 PM) (–A-) (672be8add341f1d2587c8518273531ea) (Modified)
C:\Program Files\mozilla.org\SeaMonkey\uninstall\SeaMonkeyUninstall.exe (118784 bytes)
(Unknown) (6/25/2010 1:58:15 PM) (–A-) (2bd7b5adcebf5ec1fbeaab9686936237) (Modified)
C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe (626176 bytes) (NoVirusThanks
Company Srl) (7/6/2010 7:32:33 PM) (–A-) (cbcb938e63b44da19d1d086cfafc7c00) (Created)
C:\Program Files\NoVirusThanks\Hijack Hunter\nhdrv.sys (4608 bytes) (NoVirusThanks Company
Srl) (7/6/2010 7:32:33 PM) (–A-) (8f40312ac7b0f3d0246fe52105e4f1d7) (Created)
C:\Program Files\NoVirusThanks\Hijack Hunter\unins000.exe (707354 bytes) (Unknown) (7/6/2010
7:32:33 PM) (–A-) (eecf7fe501b410aa3733bb0b23ab678a) (Created)
C:\Program Files\Prevx\prevx.exe (6385616 bytes) (Prevx) (7/4/2010 9:17:43 AM) (–A-)
(8eda696d91c56c2f16cacb2b3306ad5d) (Created)
C:\Program Files\SeaMonkey\AccessibleMarshal.dll (12288 bytes) (Mozilla Foundation)
(6/25/2010 1:47:00 PM) (–A-) (ff950ab4969ad5c74833cda77aff4ecd) (Modified)

C:\Program Files\SeaMonkey\crashreporter.exe (118272 bytes) (Mozilla Foundation) (6/25/2010
1:47:09 PM) (–A-) (41d38ed429db641884dd833ede79ec75) (Modified)
C:\Program Files\SeaMonkey\freebl3.dll (249856 bytes) (Mozilla Foundation) (6/25/2010
1:47:11 PM) (–A-) (02fa81c159a7a11d7113a6e79e49aa58) (Modified)
C:\Program Files\SeaMonkey\js3250.dll (809472 bytes) (Netscape Communications Corporation)
(6/25/2010 1:47:11 PM) (–A-) (2691f12e7d1983e12c675eb299f3d783) (Modified)
C:\Program Files\SeaMonkey\MapiProxy.dll (11776 bytes) (Mozilla.org) (6/25/2010 1:47:00 PM)
(–A-) (2cbfbad7e66189e376625f268919325a) (Modified)
C:\Program Files\SeaMonkey\MapiProxy_InUse.dll (11776 bytes) (Mozilla.org) (6/25/2010
1:47:00 PM) (–A-) (2cbfbad7e66189e376625f268919325a) (Modified)
C:\Program Files\SeaMonkey\mozcrt19.dll (708608 bytes) (Mozilla Foundation) (6/25/2010
1:47:11 PM) (–A-) (630b4e41473424fb6b085309a3d05aa0) (Modified)
C:\Program Files\SeaMonkey\mozMapi32.dll (45056 bytes) (Mozilla.org) (6/25/2010 1:47:11 PM)
(–A-) (f89eb91a1fc90fdf2dc17f801eb0e074) (Modified)
C:\Program Files\SeaMonkey\mozMapi32_InUse.dll (45056 bytes) (Mozilla.org) (6/25/2010
1:47:11 PM) (–A-) (f89eb91a1fc90fdf2dc17f801eb0e074) (Modified)
C:\Program Files\SeaMonkey\nsldap32v60.dll (155648 bytes) (Unknown) (6/25/2010 1:47:11 PM)
(–A-) (dc7224d3971e241030f36c829b9da85c) (Modified)
C:\Program Files\SeaMonkey\nsldappr32v60.dll (15360 bytes) (Unknown) (6/25/2010 1:47:11 PM)
(–A-) (94583c8e263da96db75129a298df054d) (Modified)
C:\Program Files\SeaMonkey\nsldif32v60.dll (10240 bytes) (Unknown) (6/25/2010 1:47:12 PM)
(–A-) (224cdcf795eb1f27355e8760010d6a2e) (Modified)
C:\Program Files\SeaMonkey\nspr4.dll (163840 bytes) (Mozilla Foundation) (6/25/2010 1:47:12
PM) (–A-) (5de7d301fd304698f3c4e3f1421889c5) (Modified)
C:\Program Files\SeaMonkey\nss3.dll (638976 bytes) (Mozilla Foundation) (6/25/2010 1:47:12
PM) (–A-) (9149956985475f1c74ccce8667aa6920) (Modified)
C:\Program Files\SeaMonkey\nssckbi.dll (344064 bytes) (Mozilla Foundation) (6/25/2010
1:47:12 PM) (–A-) (85ed24f4a069e8fc87280a8f4dfac6cf) (Modified)
C:\Program Files\SeaMonkey\nssdbm3.dll (98304 bytes) (Mozilla Foundation) (6/25/2010 1:47:13
PM) (–A-) (a6b20f65ce26dc0fe4f348522a5bbfad) (Modified)
C:\Program Files\SeaMonkey\nssutil3.dll (81920 bytes) (Mozilla Foundation) (6/25/2010
1:47:13 PM) (–A-) (a9a49ae75b2b0b6941b4886fc12f903d) (Modified)
C:\Program Files\SeaMonkey\plc4.dll (14848 bytes) (Mozilla Foundation) (6/25/2010 1:47:13
PM) (–A-) (ae635826d46d4a8803c07589f4895231) (Modified)
C:\Program Files\SeaMonkey\plds4.dll (11776 bytes) (Mozilla Foundation) (6/25/2010 1:47:13
PM) (–A-) (a73dd06ed1a0bb537449a60ec41c91ce) (Modified)
C:\Program Files\SeaMonkey\seamonkey.exe (11523072 bytes) (mozilla.org) (6/25/2010 1:47:20
PM) (–A-) (e7f1058abb0d073eab12e26544c6779a) (Modified)
C:\Program Files\SeaMonkey\smime3.dll (98304 bytes) (Mozilla Foundation) (6/25/2010 1:47:21
PM) (–A-) (e01c2ff05ed95096e4d313989d505f0f) (Modified)
C:\Program Files\SeaMonkey\softokn3.dll (155648 bytes) (Mozilla Foundation) (6/25/2010
1:47:21 PM) (–A-) (bfa9d39c112f9d5f9343a3cf746b6e91) (Modified)
C:\Program Files\SeaMonkey\sqlite3.dll (452096 bytes) (sqlite.org) (6/25/2010 1:47:21 PM)
(–A-) (78ce45a064e1b9139423d68e0aad5087) (Modified)
C:\Program Files\SeaMonkey\ssl3.dll (135168 bytes) (Mozilla Foundation) (6/25/2010 1:47:22
PM) (–A-) (145123f8dd242896143f4cb74317cb02) (Modified)
C:\Program Files\SeaMonkey\updater.exe (241152 bytes) (Mozilla Foundation) (6/25/2010
1:47:23 PM) (–A-) (2b706aae28bc186f1acd0a63378afe67) (Modified)
C:\Program Files\SeaMonkey\xpcom.dll (12288 bytes) (Mozilla Foundation) (6/25/2010 1:47:23
PM) (–A-) (8c9cc8d1fc4bd6275ae6aaf8cc2da0f8) (Modified)
C:\Program Files\SeaMonkey\xpcom_core.dll (393728 bytes) (Mozilla Foundation) (6/25/2010
1:47:23 PM) (–A-) (b4123595e86cb33cd3c8ff2708e1b1c3) (Modified)
C:\Program Files\SeaMonkey\components\jar50.dll (73216 bytes) (Mozilla Foundation)
(6/25/2010 1:47:07 PM) (–A-) (e8e1f1e72ed7826f11d1fc725a0e2ea9) (Modified)
C:\Program Files\SeaMonkey\components\jsd3250.dll (51712 bytes) (Mozilla Foundation)
(6/25/2010 1:47:08 PM) (–A-) (40efceac1ede246e5c32f844efd53597) (Modified)
C:\Program Files\SeaMonkey\components\suite.dll (219648 bytes) (Mozilla Foundation)
(6/25/2010 1:47:08 PM) (–A-) (327692eab89f8113533867a585bf82d5) (Modified)
C:\Program Files\SeaMonkey\components\xpinstal.dll (60928 bytes) (Mozilla Foundation)
(6/25/2010 1:47:09 PM) (–A-) (f7e2f40a58eb994520aea2dbdd3a99ed) (Modified)
C:\Program Files\SeaMonkey\plugins\npnul32.dll (59392 bytes) (mozilla.org) (6/25/2010
1:47:13 PM) (–A-) (b4818769db2221d8b6daed92a0fcf44e) (Modified)
C:\Program Files\SeaMonkey\uninstall\helper.exe (574366 bytes) (mozilla.org) (6/25/2010
1:47:22 PM) (–A-) (d9abaaae8c1533b688c37bae69c63b2c) (Modified)
C:\Program Files\Uniblue\RegistryBooster\cache.dll (47616 bytes) (Unknown) (7/4/2010 2:39:43
AM) (–A-) (7755a4124b2479747ac7d48f7ae50524) (Created)
C:\Program Files\Uniblue\RegistryBooster\cwebpage.dll (13312 bytes) (Unknown) (7/4/2010
2:39:43 AM) (–A-) (f93afc6e00fa44babcf453e0aff5cb90) (Created)
C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe (56680 bytes) (Uniblue Systems
Limited) (7/4/2010 2:39:45 AM) (–A-) (8282dbc5552bf24b67a015cb960f4379) (Created)
C:\Program Files\Uniblue\RegistryBooster\locale\en\en.dll (131072 bytes) (Unknown) (7/4/2010
2:39:46 AM) (–A-) (dc820e487afe07525e42094974679698) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\alert.zap (206848 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:40 AM) (–A-) (7b8585831ea0f3d17ab76917ebb9f110) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\cam.zap (77312 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:42 AM) (–A-) (7a45369411d5eafe098b9eacbbf68196) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\cpes_clean.exe (3894280 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:36 AM) (–A-) (95d7584246c4d0e4d673548ee50b265a) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\email.zap (68096 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:40 AM) (–A-) (8f55dd5df1cd0471a9f7cb9aae4b9e3b) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\expert.dll (215552 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:40 AM) (–A-) (de8953604082e49e706e8e732a83ba48) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\filter.zap (70656 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:40 AM) (–A-) (58d576c7862cd9c9079f5b1c22b5dd88) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\firewall.zap (139264 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:40 AM) (–A-) (3fc764f87954cb2c32c779ce20bb9d73) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\framewrk.dll (1480192 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:37 AM) (–A-) (d0c7036087aa8621f9c1c2ffd702f5ae) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\idlock.zap (219648 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:40 AM) (–A-) (c613b4e002e606edf9d2764d7c1945ce) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\multifix.exe (17920 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:38 AM) (–A-) (00e72530e2cff387ba3ff4383afaf1f8) (Created)

C:\Program Files\Zone Labs\ZoneAlarm\programs.zap (323584 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:39 AM) (–A-) (be98b0eafbaa8cb136db829f6323af58) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\scan.zap (617472 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:41 AM) (–A-) (015694f89b79e49f7feb7cedbb27a131) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\security.zap (353280 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:39 AM) (–A-) (7b3a934e7b16483f4a044aa67bc233de) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\websecurity.zap (53760 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:40 AM) (–A-) (785ab89038de4e22e7e92d301aa12fd7) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe (218624 bytes) (Unknown) (7/2/2010 4:52:35
AM) (–A-) (4b90b1e1dc53efbca79893d417ae3233) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\zhtml.dll (2035592 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:40 AM) (–A-) (16da352476324eb9f2745e7f2f0aee20) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (1043968 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:37 AM) (–A-) (0d2f62c6e2e9bd508f7bf2e6c8ba176d) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe (39936 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:38 AM) (–A-) (d8fc70ceedaf0306437186d9061651c5) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\Diagnostics\cpinfo.exe (345384 bytes) (Check Point
Software Technologies) (7/2/2010 4:52:18 AM) (–A-) (efaca930e0309acf4377390a7adcfb4c)
(Created)
C:\Program Files\Zone Labs\ZoneAlarm\Diagnostics\DiagnosticsCaptureTool.exe (253952 bytes)
(Unknown) (7/2/2010 4:52:17 AM) (–A-) (f3df58d3699453ba00cb4811c089def4) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\Diagnostics\osrbang.exe (67584 bytes) (OSR Open Systems
Resources, Inc.) (7/2/2010 4:52:18 AM) (–A-) (0571d17ad54479cded409e07a205c85b) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\Diagnostics\vsinit.dll (228864 bytes) (Check Point
Software Technologies LTD) (7/2/2010 4:52:18 AM) (–A-) (8bb8d55cb7b7ba11abd25b4f051e8a3b)
(Created)
C:\Program Files\Zone Labs\ZoneAlarm\Diagnostics\vsutil.dll (713728 bytes) (Check Point
Software Technologies LTD) (7/2/2010 4:52:18 AM) (–A-) (30104887d2f952d7640b57f2a03fe6b3)
(Created)
C:\Program Files\Zone Labs\ZoneAlarm\repair\vsdb.dll (211456 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:22 AM) (–A-) (d1542c1450d8d6f16eabd406483b75aa) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\repair\vsinit.dll (228864 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:44:14 AM) (–A-) (8bb8d55cb7b7ba11abd25b4f051e8a3b) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\repair\vsmon.exe (2435592 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:23 AM) (–A-) (589a8b75fd731f8e186292275f3f3692) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\repair\vsruledb.dll (1790464 bytes) (Check Point
Software Technologies LTD) (7/2/2010 4:52:27 AM) (–A-) (b878b46a658fc2e2b1396f34c9da801c)
(Created)
C:\Program Files\Zone Labs\ZoneAlarm\repair\vsutil.dll (713728 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:44:13 AM) (–A-) (30104887d2f952d7640b57f2a03fe6b3) (Created)
C:\WINDOWS\avastSS.scr (38848 bytes) (ALWIL Software) (6/30/2010 11:11:00 AM) (–A-)
(048948bd5b560f0db1788d31daa5caa5) (Created)
C:\WINDOWS\GREUninstall.exe (118784 bytes) (Unknown) (6/25/2010 1:58:04 PM) (–A-)
(672be8add341f1d2587c8518273531ea) (Modified)
C:\WINDOWS\SeaMonkeyUninstall.exe (118784 bytes) (Unknown) (6/25/2010 1:58:15 PM) (–A-)
(2bd7b5adcebf5ec1fbeaab9686936237) (Modified)
C:\DOCUME~1\OUR PC\LOCALS~1\Temp\pvxinst169.exe (6385616 bytes) (Prevx) (7/4/2010 9:22:47 AM)
(–A-) (8eda696d91c56c2f16cacb2b3306ad5d) (Created)
C:\DOCUME~1\OUR PC\LOCALS~1\Temp\pvxinst396.exe (6385616 bytes) (Prevx) (7/4/2010 9:17:11 AM)
(–A-) (8eda696d91c56c2f16cacb2b3306ad5d) (Created)
C:\DOCUME~1\OUR PC\LOCALS~1\Temp\pvxinst483.exe (6385616 bytes) (Prevx) (7/4/2010 9:22:08 AM)
(–A-) (8eda696d91c56c2f16cacb2b3306ad5d) (Created)
C:\DOCUME~1\OUR PC\LOCALS~1\Temp\4510DCCA-3609EAE0-6EC12C2E-4635F69C\7E11E135-8ECC946A-
535C87F0-C88831DA (119288 bytes) (Doctor Web, Ltd.) (7/5/2010 8:30:37 AM) (–A-)
(cde066123a0a7b52369ea75cdd39a343) (Created)

[+] Hidden files in suspicious folders

[+] Suspicious Registry Keys

[+] Suspicious folders

[+] Drivers

C:\WINDOWS\system32\drivers\amdppm.sys (AmdPPM) (AMD HwPState Processor Driver) (Advanced
Micro Devices) (033448d435e65c4bd72e70521fd05c76)
C:\WINDOWS\system32\drivers\anydvd.sys (AnyDVD) (AnyDVD) (SlySoft, Inc.)
(a198fd45dfe819c1f9a7bed90339842f)
C:\WINDOWS\system32\drivers\dccam.sys (DcCam) (Kodak Camera Proxy) (Eastman Kodak Company)
(9a04f967886f55121fb9c0d447a2993b)
C:\WINDOWS\system32\drivers\dcfs2k.sys (DCFS2k) (DCFS2k) (Eastman Kodak Company)
(b9a22912f7e19f5984e5f3c15fb80266)
C:\WINDOWS\system32\drivers\dclps.sys (DcLps) (Legacy Polling Service) (Eastman Kodak
Company) (ccd2e14c7f093a5b72a74e286ec13ffb)
C:\WINDOWS\system32\drivers\elbycdfl.sys (ElbyCDFL) (ElbyCDFL) (SlySoft, Inc.)
(ce37e3d51912e59c80c6d84337c0b4cd)
C:\WINDOWS\system32\drivers\elbycdio.sys (ElbyCDIO) (ElbyCDIO Driver) (Elaborate Bytes AG)
(309ac30471a0f1c3a89dee1c81230576)
C:\WINDOWS\system32\drivers\lbd.sys (Lbd) (Lbd) (Lavasoft AB)
(419590ebe7855215bb157ea0cf0d0531)
C:\WINDOWS\system32\vsdatant.sys (vsdatant) (vsdatant) (Check Point Software Technologies
LTD) (050c38ebb22512122e54b47dc278bccd)

[+] Drivers → FSFilter Anti-Virus

[+] Services

c:\windows\system32\drivers\dcfssvc.exe (Dcfssvc) (Dcfssvc) (Eastman Kodak Company)
(9fbcc5c671011e406941f5d2008bea87)
c:\program files\lavasoft\ad-aware\aawservice.exe (Lavasoft Ad-Aware Service) (Lavasoft Ad-
Aware Service) (Lavasoft) (b30f37242dd1c640dd5c770ff5b378ae)

c:\program files\common files\lightscribe\lssrvc.exe (LightScribeService)
(LightScribeService Direct Disc Labeling Service) (Hewlett-Packard Company)
(984ecb68ed2a2b2e6a544e87e24fba2d)
c:\program files\kodak\kodak picture transfer software\ptssvc.exe (ptssvc) (ptssvc)
(Unknown) (e1855061710a925032249539f3f1a73d)
slserv.exe (SLService) (SmartLinkService) (Smart Link) (d41d8cd98f00b204e9800998ecf8427e)
c:\windows\system32\zonelabs\vsmon.exe (vsmon) (TrueVector Internet Monitor) (Check Point
Software Technologies LTD) (589a8b75fd731f8e186292275f3f3692)

[+] ServiceDll

C:\Program Files\NOS\bin\getPlus_Helper.dll (68000 bytes) (NOS Microsystems Ltd.) (1/2/2010
2:00:45 PM) (–A-) (0879dc7444a201df84e69c5dd5083d61)

[+] Unknown files in Winsock LSP

[+] Unknown files in CLSID

C:\WINDOWS\System32\Adobe\SVG Viewer\SVGControl.dll (491574 bytes) (Adobe Systems
Incorporated) (4/9/2008 7:50:19 PM) (–A-) (90d5a849e8df91f94fe965e145818215)
C:\WINDOWS\Downloaded Program Files\IEAWSDC.DLL (175968 bytes) (Unknown) (6/30/2007 8:09:06
PM) (–A-) (bcd0a5c3c1715c363cb3f321abe31514)
C:\WINDOWS\system32\OGACheckControl.dll (403816 bytes) (Unknown) (8/3/2009 4:07:42 PM) (–A
-) (10c03f5479e6bd73c9cb3dfde9fa4c2e)
C:\WINDOWS\system32\threed32.ocx (205848 bytes) (Sheridan Software Systems, Inc.) (12/2/2003
10:19:09 AM) (–A-) (63b70d0ba6990e04ec37b9e3ead762b3)
C:\WINDOWS\system32\hypertrm.dll (347136 bytes) (Hilgraeve, Inc.) (8/22/2008 6:15:14 PM) (-
-A-) (277bdf16a94be0d063988d692541650b)
C:\WINDOWS\system32\ir50_32.dll (755200 bytes) (Intel Corporation) (8/4/2004 6:00:00 AM) (-
-A-) (5f10dc19d92ccf6b719b494572f4f74b)
C:\WINDOWS\system32\VSFLEX3.OCX (225280 bytes) (VideoSoft) (1/5/1999 5:30:02 PM) (–A-)
(c758ebc719c0d07b1b0e251c77f11bfd)
C:\WINDOWS\system32\MIDIFL32.OCX (52224 bytes) (Unknown) (7/15/2001 1:19:02 PM) (–A-)
(ad5724821febd3d0e12bcf55de9e32ea)
C:\WINDOWS\system32\Hpousd05.dll (50848 bytes) (Windows (R) 2000 DDK provider) (5/2/2008
12:31:47 AM) (–A-) (3f1c412a42120c0704d2fd14360daa86)
C:\WINDOWS\system32\ir41_32.ax (848384 bytes) (Intel Corporation) (8/4/2004 6:00:00 AM) (–
A-) (948e1498c6438625247f94534aaa82fe)
C:\WINDOWS\system32\l3codecx.ax (83456 bytes) (Fraunhofer Institut Integrierte Schaltungen
IIS) (8/4/2004 6:00:00 AM) (–A-) (b5a7a5a67ecc144117d1e7d5352a2f6a)
C:\WINDOWS\system32\acelpdec.ax (61952 bytes) (Sipro Lab Telecom Inc.) (8/4/2004 6:00:00 AM)
(–A-) (d0a33c77354a6f12ccd8034e4429a30d)
C:\WINDOWS\system32\MIDIIO32.OCX (61952 bytes) (Unknown) (7/15/2001 1:32:04 PM) (–A-)
(d75ae4ef5ccd747c1c12f5accb6f005c)
C:\WINDOWS\system32\hticons.dll (44544 bytes) (Hilgraeve, Inc.) (11/2/2008 11:02:34 AM) (–
A-) (f759a6e14403bc3d7a55ccad1b8f7b4a)
C:\WINDOWS\system32\CmdLineExt.dll (107888 bytes) (Sony DADC Austria AG.) (3/21/2009
12:13:06 AM) (–A-) (ccec125c8a9d90e2c27fc73bde97772b)
C:\WINDOWS\system32\actskin4.ocx (380928 bytes) (Unknown) (2/16/2008 3:40:18 PM) (–A-)
(99825c8aed2fa0ac76aa0fad770f44c1)
C:\WINDOWS\system32\HSlide32.OCX (61872 bytes) (Unknown) (6/11/2008 8:54:42 AM) (–A-)
(2dab57153ed40dcd8a021f69c14b0299)
C:\WINDOWS\system32\CoachWia.dll (96768 bytes) (FotoNation) (4/6/2009 7:13:10 PM) (–A-)
(d1a846757fa77dc56fb75cd4a80ddfd1)
C:\WINDOWS\system32\ivfsrc.ax (154624 bytes) (Intel Corporation) (8/4/2004 6:00:00 AM) (–A
-) (f7aceef4b13e8035ded875978b40c998)
C:\WINDOWS\system32\deploytk.dll (410984 bytes) (Sun Microsystems, Inc.) (2/21/2009 11:25:35
AM) (–A-) (d14bfab125e34b0f1bc152b92fb02d94)
C:\WINDOWS\system32\CoachDlg.dll (16896 bytes) (FotoNation Inc.) (4/6/2009 7:13:10 PM) (–A
-) (3fb1f0c7678b0c0841e2d33a78fad6df)

[+] TCP Connections

tcpsvcs.exe → 0.0.0.0:7 → 0.0.0.0:0 → LISTENING
tcpsvcs.exe → 0.0.0.0:9 → 0.0.0.0:0 → LISTENING
tcpsvcs.exe → 0.0.0.0:13 → 0.0.0.0:0 → LISTENING
tcpsvcs.exe → 0.0.0.0:17 → 0.0.0.0:0 → LISTENING
tcpsvcs.exe → 0.0.0.0:19 → 0.0.0.0:0 → LISTENING
inetinfo.exe → 0.0.0.0:25 → 0.0.0.0:0 → LISTENING
inetinfo.exe → 0.0.0.0:80 → 0.0.0.0:0 → LISTENING
svchost.exe → 0.0.0.0:135 → 0.0.0.0:0 → LISTENING
inetinfo.exe → 0.0.0.0:443 → 0.0.0.0:0 → LISTENING
N/A → 0.0.0.0:445 → 0.0.0.0:53303 → LISTENING
inetinfo.exe → 0.0.0.0:1025 → 0.0.0.0:0 → LISTENING
N/A → 96.18.111.243:139 → 0.0.0.0:2080 → LISTENING

[+] UDP Connections

tcpsvcs.exe → 0.0.0.0:7 → .
tcpsvcs.exe → 0.0.0.0:9 → .
tcpsvcs.exe → 0.0.0.0:13 → .
tcpsvcs.exe → 0.0.0.0:17 → .
tcpsvcs.exe → 0.0.0.0:19 → .
N/A → 0.0.0.0:445 → .
inetinfo.exe → 0.0.0.0:3456 → .
svchost.exe → 0.0.0.0:3544 → .
svchost.exe → 96.18.111.243:123 → .
N/A → 96.18.111.243:137 → .
N/A → 96.18.111.243:138 → .
svchost.exe → 96.18.111.243:520 → .
svchost.exe → 96.18.111.243:1041 → .
svchost.exe → 96.18.111.243:1900 → .
svchost.exe → 127.0.0.1:123 → .
svchost.exe → 127.0.0.1:1026 → .
svchost.exe → 127.0.0.1:1900 → .

[+] Hosts file

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com

(I have about 150 pages of additional Hosts files)

[+] Ring3 API Hooks

C:\WINDOWS\Explorer.EXE → KERNEL32.DLL->GetProcAddress → ShimEng.dll → IAT

[+] Kernel Mode Info

[SSDT] NtClose → 0xEEB56CD2 → 0x80567A6D → aswSP.SYS
[SSDT] NtConnectPort → 0xEECA1534 → 0x80588DBB → vsdatant.sys

[SSDT] NtCreateFile → 0xEEC9B782 → 0x8056F600 → vsdatant.sys
[SSDT] NtCreateKey → 0xEEB56B8E → 0x80572E9D → aswSP.SYS
[SSDT] NtCreatePort → 0xEECA1CC0 → 0x805975B1 → vsdatant.sys
[SSDT] NtCreateProcess → 0xEECB4EB4 → 0x805B136A → vsdatant.sys
[SSDT] NtCreateProcessEx → 0xEECB52A2 → 0x80581030 → vsdatant.sys
[SSDT] NtCreateSection → 0xEECBE916 → 0x805652B3 → vsdatant.sys
[SSDT] NtCreateWaitablePort → 0xEECA1DF6 → 0x805DB11C → vsdatant.sys
[SSDT] NtDeleteFile → 0xEEC9C398 → 0x805D8003 → vsdatant.sys
[SSDT] NtDeleteKey → 0xEEB57142 → 0x805952BE → aswSP.SYS
[SSDT] NtDeleteValueKey → 0xEEB5706C → 0x80592D50 → aswSP.SYS
[SSDT] NtDuplicateObject → 0xEECB3DF0 → 0x80573FE9 → vsdatant.sys
[SSDT] NtLoadKey → 0xEECBC93C → 0x805AED6D → vsdatant.sys
[SSDT] NtLoadKey2 → 0xEECBCB44 → 0x805AEBAA → vsdatant.sys
[SSDT] NtOpenFile → 0xEEC9BFAA → 0x8056F59B → vsdatant.sys
[SSDT] NtOpenKey → 0xEEB56C68 → 0x80568EE9 → aswSP.SYS
[SSDT] NtOpenProcess → 0xEECB71CE → 0x805741D0 → vsdatant.sys
[SSDT] NtOpenThread → 0xEECB6DF8 → 0x8058B58D → vsdatant.sys
[SSDT] NtQueryValueKey → 0xEEB56D88 → 0x8056A382 → aswSP.SYS
[SSDT] NtRenameKey → 0xEEB57210 → 0x8064E812 → aswSP.SYS
[SSDT] NtReplaceKey → 0xEECBD208 → 0x8064F16E → vsdatant.sys
[SSDT] NtRequestWaitReplyPort → 0xEECA10F4 → 0x8056DA20 → vsdatant.sys
[SSDT] NtRestoreKey → 0xEEB56D48 → 0x8064ED05 → aswSP.SYS
[SSDT] NtSecureConnectPort → 0xEECA17DC → 0x8058F4DC → vsdatant.sys
[SSDT] NtSetInformationFile → 0xEEC9C75C → 0x80576CA4 → vsdatant.sys
[SSDT] NtSetSecurityObject → 0xEECBDE12 → 0x8059B19B → vsdatant.sys
[SSDT] NtSetValueKey → 0xEEB56EC8 → 0x80579A43 → aswSP.SYS
[SSDT] NtSystemDebugControl → 0xEECB5F0A → 0x80649D57 → vsdatant.sys
[SSDT] NtTerminateProcess → 0xEECB5C86 → 0x805836B0 → vsdatant.sys
[RING0] ntoskrnl.exe → ObInsertObject → 0x8056503A → 0xEEB60F6C → aswSP.SYS
[RING0] ntoskrnl.exe → ObMakeTemporaryObject → 0x8059F85E → 0xEEB5F5B4 → aswSP.SYS
[RING0] ntoskrnl.exe → NtLoadDriver → 0x805A3B01 → 0xEEB63AFE → aswSP.SYS

(!!!POSSIBLE ROOTKIT DETECTED!!!)

Finish [ 0:9:24 ]

look in /var/log/Xorg.0.log for the reason X didnt start. That may give you a clue.

Hi friend sorry for lating i have a problem with internet connection.
1.download threat killer from here:http://www.novirusthanks.org/products/threat-killer/
2.i attach a file with name “clean.txt”,open the GUI of threat killer and browse for my file after download then press "Excute!"button
3.wait until the program work.then post the log here
4.download dial a fix to fix related policies problems:http://wiki.lunarsoft.net/wiki/Dial-a-fix
5.reboot
6.clean your temp using ccleaner:http://www.piriform.com/ccleaner
7.re install avast from scratch.

I suggest you to uninstall S&D and ad-aware and use a better product like MBAM.
post again if you have problems.
superhacker