Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Defender - Error found: Code 0x80072efe also windows update


  • This topic is locked This topic is locked
3 replies to this topic

#1 thebigman

thebigman

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:36 AM

Posted 05 September 2010 - 05:49 PM

Hi I wonder if anyone can help i cant get updates from microsoft.

Have posted the 3 files below. Thanks for any help.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4551

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

05/09/2010 22:12:43
mbam-log-2010-09-05 (22-12-43).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 324218
Time elapsed: 1 hour(s), 32 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Logfile of random's system information tool 1.08 (written by random/random)
Run by fallows at 2010-09-05 23:43:29
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 57 GB (50%) free of 114 GB
Total RAM: 3037 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:43:48, on 05/09/2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\PLFSetI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\vSoft\Rapidshare Auto Downloader 4.1\RapidshareAutoDownloader.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\fallows\Downloads\RSIT.exe
C:\Program Files\trend micro\fallows.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...p;m=aspire_5535
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&a...p;m=aspire_5535
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...p;m=aspire_5535
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&a...p;m=aspire_5535
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [EPSON Stylus D78 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBGE.EXE /FU "C:\Windows\TEMP\E_S69CA.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7361 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-06-17 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-05-14 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-05-14 142896]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-25 1049896]
"BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-26 28672]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-05-21 6144000]
"Skytel"=C:\Windows\Skytel.exe [2007-11-21 1826816]
"PLFSetI"=C:\Windows\PLFSetI.exe [2007-10-23 200704]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2008-09-10 809480]
"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-05-14 526896]
"ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-06-11 409600]
"ProductReg"=C:\Program Files\Acer\WR_PopUp\ProductReg.exe [2008-09-23 6144]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"=C:\Program Files\Google\Gmail Notifier\gnotify.exe [2005-07-15 479232]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"EPSON Stylus D78 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBGE.EXE [2006-09-22 139264]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-09-01 328568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2010-06-17 40368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-04-03 1234216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^fallows^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-05-20 1195008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-09-05 23:43:29 ----D---- C:\rsit
2010-09-05 22:19:52 ----D---- C:\Windows\system32\catroot2
2010-09-05 22:10:00 ----SHD---- C:\Config.Msi
2010-09-05 22:09:01 ----A---- C:\Windows\PayPal Shop Maker 3.5.0 Uninstall Log.txt
2010-09-05 20:06:31 ----D---- C:\Program Files\Trend Micro
2010-09-05 19:58:56 ----D---- C:\Users\fallows\AppData\Roaming\Malwarebytes
2010-09-05 19:58:43 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-09-05 19:58:42 ----D---- C:\ProgramData\Malwarebytes
2010-09-05 19:58:41 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-09-05 19:58:41 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-09-04 18:45:41 ----D---- C:\Windows\pss
2010-09-04 15:59:43 ----D---- C:\Users\fallows\AppData\Roaming\ESET
2010-09-04 15:57:48 ----D---- C:\Program Files\ESET
2010-09-02 22:17:58 ----A---- C:\Windows\system32\VB5STKIT.DLL
2010-09-02 22:17:57 ----A---- C:\Windows\system32\MSVBVM50.dll
2010-09-02 22:17:57 ----A---- C:\Windows\system32\iwpsetup.exe
2010-09-01 17:59:33 ----D---- C:\Program Files\uTorrent
2010-08-31 19:58:52 ----D---- C:\Program Files\CCleaner
2010-08-29 15:40:50 ----RASH---- C:\MSDOS.SYS
2010-08-29 15:40:50 ----RASH---- C:\IO.SYS
2010-08-28 20:06:50 ----D---- C:\Inetpub
2010-08-28 11:24:41 ----D---- C:\ProgramData\LightScribe
2010-08-28 11:12:21 ----D---- C:\Users\fallows\AppData\Roaming\Nero
2010-08-28 10:45:38 ----D---- C:\ProgramData\Nero
2010-08-28 10:44:44 ----D---- C:\Program Files\Common Files\Nero
2010-08-28 10:44:33 ----D---- C:\Program Files\Nero
2010-08-28 10:06:34 ----D---- C:\Program Files\Microsoft.NET
2010-08-28 10:06:21 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-08-28 10:06:14 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-08-28 10:06:06 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-08-28 10:05:59 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-08-28 10:05:51 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-08-28 10:05:41 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-08-27 21:07:46 ----D---- C:\Windows\Sun
2010-08-26 20:32:05 ----D---- C:\Windows\PayPal Shop Maker
2010-08-26 20:32:05 ----D---- C:\Program Files\Common Files\e.World
2010-08-25 21:40:08 ----D---- C:\Program Files\Adobe
2010-08-25 19:37:23 ----D---- C:\Users\fallows\AppData\Roaming\Notepad++
2010-08-25 19:37:23 ----D---- C:\Program Files\Notepad++
2010-08-22 22:54:31 ----D---- C:\Users\fallows\AppData\Roaming\YouSendIt
2010-08-22 22:41:31 ----D---- C:\Windows\Applian Director
2010-08-22 22:41:31 ----D---- C:\Program Files\Applian Director
2010-08-22 22:40:06 ----D---- C:\Windows\Downloaded Installations
2010-08-22 22:39:57 ----D---- C:\Program Files\WinPcap
2010-08-22 22:38:27 ----D---- C:\Windows\Replay Converter 4
2010-08-22 22:38:27 ----D---- C:\Program Files\Replay Converter 4
2010-08-22 22:37:48 ----D---- C:\Windows\Replay AV
2010-08-22 22:37:41 ----D---- C:\Program Files\Replay AV 8
2010-08-18 20:36:30 ----D---- C:\ProgramData\Blueberry
2010-08-18 20:34:47 ----D---- C:\Windows\system32\ShellDD
2010-08-18 20:34:19 ----HDC---- C:\ProgramData\{3DE32C28-52E4-4E69-9FF0-AE6E4DDFC935}
2010-08-18 19:33:05 ----D---- C:\Program Files\Amara - Flash Intro and Banner Builder
2010-08-18 19:24:38 ----D---- C:\Program Files\Aleo Software
2010-08-18 18:56:27 ----D---- C:\Users\fallows\AppData\Roaming\Blueberry
2010-08-18 18:49:21 ----A---- C:\Windows\system32\drivers\bbcap.sys
2010-08-18 18:49:21 ----A---- C:\Windows\system32\bbchlp.dll
2010-08-18 18:49:21 ----A---- C:\Windows\system32\bbcap.dll
2010-08-18 18:49:16 ----D---- C:\Users\fallows\AppData\Roaming\LogSys
2010-08-18 18:49:14 ----D---- C:\ProgramData\LogSys
2010-08-18 18:48:57 ----D---- C:\Program Files\Common Files\Blueberry Software
2010-08-18 18:48:57 ----D---- C:\Program Files\Blueberry Software
2010-08-18 18:48:26 ----DC---- C:\ProgramData\{21C1E35C-913A-42D2-91B6-6AE1243D6B65}
2010-08-16 23:34:21 ----D---- C:\Program Files\Paint.NET
2010-08-16 21:51:35 ----D---- C:\ProgramData\Blumentals
2010-08-16 21:50:50 ----D---- C:\Program Files\LeeGTs Software
2010-08-16 16:53:11 ----A---- C:\Windows\system32\E_DCINST.DLL
2010-08-16 16:53:10 ----A---- C:\Windows\system32\E_FLBBGE.DLL
2010-08-16 16:53:10 ----A---- C:\Windows\system32\E_FD4BBGE.DLL
2010-08-16 16:53:00 ----D---- C:\ProgramData\EPSON
2010-08-16 10:56:00 ----D---- C:\Users\fallows\AppData\Roaming\Template
2010-08-15 17:31:59 ----A---- C:\Windows\system32\FGWVB32.DLL
2010-08-15 17:31:59 ----A---- C:\Windows\system32\AviProcessor.dll
2010-08-15 17:31:57 ----A---- C:\Windows\system32\picn20.dll
2010-08-15 17:31:57 ----A---- C:\Windows\system32\ImagXpr5.dll
2010-08-15 17:31:57 ----A---- C:\Windows\system32\imagx5.dll
2010-08-15 17:31:57 ----A---- C:\Windows\system32\imagr5.dll
2010-08-15 17:31:54 ----D---- C:\KBStudio
2010-08-15 17:31:54 ----A---- C:\Windows\system32\Huffyuv.dll
2010-08-15 17:31:54 ----A---- C:\Windows\system32\camcodec.dll
2010-08-15 17:31:54 ----A---- C:\Windows\system32\avizlib.dll
2010-08-12 21:10:25 ----A---- C:\Windows\system32\WnASPI32.dll
2010-08-12 20:43:12 ----D---- C:\Users\fallows\AppData\Roaming\vlc
2010-08-12 20:42:31 ----D---- C:\Program Files\VideoLAN
2010-08-11 22:52:29 ----D---- C:\Program Files\Common Files\dvdauthor
2010-08-11 22:52:28 ----D---- C:\Program Files\Common Files\Doblon
2010-08-11 19:54:07 ----D---- C:\Users\fallows\AppData\Roaming\Thinstall
2010-08-11 18:26:50 ----A---- C:\Windows\system32\iertutil.dll
2010-08-11 18:26:49 ----A---- C:\Windows\system32\mshtml.dll
2010-08-11 18:26:48 ----A---- C:\Windows\system32\ieframe.dll
2010-08-11 18:26:45 ----A---- C:\Windows\system32\wininet.dll
2010-08-11 18:26:45 ----A---- C:\Windows\system32\urlmon.dll
2010-08-11 18:26:45 ----A---- C:\Windows\system32\msfeeds.dll
2010-08-11 18:26:45 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-11 18:26:45 ----A---- C:\Windows\system32\ie4uinit.exe
2010-08-11 18:26:44 ----A---- C:\Windows\system32\occache.dll
2010-08-11 18:26:44 ----A---- C:\Windows\system32\mstime.dll
2010-08-11 18:26:44 ----A---- C:\Windows\system32\ieui.dll
2010-08-11 18:26:44 ----A---- C:\Windows\system32\iepeers.dll
2010-08-11 18:26:43 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-11 18:26:43 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-11 18:26:43 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-11 18:26:43 ----A---- C:\Windows\system32\ieUnatt.exe
2010-08-11 18:26:43 ----A---- C:\Windows\system32\iesysprep.dll
2010-08-11 18:26:43 ----A---- C:\Windows\system32\iesetup.dll
2010-08-11 18:26:43 ----A---- C:\Windows\system32\iernonce.dll
2010-08-11 18:26:40 ----A---- C:\Windows\system32\iccvid.dll
2010-08-11 18:26:39 ----A---- C:\Windows\system32\schannel.dll
2010-08-11 18:26:32 ----A---- C:\Windows\system32\win32k.sys
2010-08-11 18:26:30 ----A---- C:\Windows\system32\rtutils.dll
2010-08-11 18:25:53 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-11 18:25:52 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-11 18:24:45 ----A---- C:\Windows\system32\msxml3.dll
2010-08-11 18:24:43 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-11 18:24:43 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-11 18:24:41 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-09 16:30:57 ----D---- C:\Program Files\Windows Portable Devices
2010-08-08 20:17:09 ----A---- C:\Windows\system32\UIRibbonRes.dll
2010-08-08 20:17:09 ----A---- C:\Windows\system32\UIRibbon.dll
2010-08-08 20:17:09 ----A---- C:\Windows\system32\UIAnimation.dll
2010-08-08 20:16:49 ----A---- C:\Windows\system32\WMPhoto.dll
2010-08-08 20:16:48 ----A---- C:\Windows\system32\XpsRasterService.dll
2010-08-08 20:16:48 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2010-08-08 20:16:48 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2010-08-08 20:16:48 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-08-08 20:16:48 ----A---- C:\Windows\system32\d3d10warp.dll
2010-08-08 20:16:48 ----A---- C:\Windows\system32\cdd.dll
2010-08-08 20:16:47 ----A---- C:\Windows\system32\xpsservices.dll
2010-08-08 20:16:47 ----A---- C:\Windows\system32\XpsPrint.dll
2010-08-08 20:16:47 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-08-08 20:16:47 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-08-08 20:16:47 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2010-08-08 20:16:47 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-08-08 20:16:47 ----A---- C:\Windows\system32\OpcServices.dll
2010-08-08 20:16:47 ----A---- C:\Windows\system32\FntCache.dll
2010-08-08 20:16:47 ----A---- C:\Windows\system32\dxgi.dll
2010-08-08 20:16:47 ----A---- C:\Windows\system32\dxdiagn.dll
2010-08-08 20:16:47 ----A---- C:\Windows\system32\dxdiag.exe
2010-08-08 20:16:47 ----A---- C:\Windows\system32\DWrite.dll
2010-08-08 20:16:47 ----A---- C:\Windows\system32\d3d11.dll
2010-08-08 20:16:47 ----A---- C:\Windows\system32\d3d10level9.dll
2010-08-08 20:16:47 ----A---- C:\Windows\system32\d3d10core.dll
2010-08-08 20:16:47 ----A---- C:\Windows\system32\d3d10_1core.dll
2010-08-08 20:16:47 ----A---- C:\Windows\system32\d3d10_1.dll
2010-08-08 20:16:47 ----A---- C:\Windows\system32\d3d10.dll
2010-08-08 20:16:47 ----A---- C:\Windows\system32\d2d1.dll
2010-08-08 20:16:27 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2010-08-08 20:16:27 ----A---- C:\Windows\system32\wpdbusenum.dll
2010-08-08 20:16:27 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2010-08-08 20:16:26 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2010-08-08 20:16:24 ----A---- C:\Windows\system32\wpdshext.dll
2010-08-08 20:16:24 ----A---- C:\Windows\system32\WpdMtpUS.dll
2010-08-08 20:16:24 ----A---- C:\Windows\system32\WpdConns.dll
2010-08-08 20:16:24 ----A---- C:\Windows\system32\wpd_ci.dll
2010-08-08 20:16:24 ----A---- C:\Windows\system32\drivers\WpdUsb.sys
2010-08-08 20:16:23 ----A---- C:\Windows\system32\WPDSp.dll
2010-08-08 20:16:23 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2010-08-08 20:16:23 ----A---- C:\Windows\system32\WpdMtp.dll
2010-08-08 20:16:23 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2010-08-08 20:16:23 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2010-08-08 20:16:23 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2010-08-08 20:16:23 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2010-08-08 20:15:40 ----A---- C:\Windows\system32\UIAutomationCore.dll
2010-08-08 20:15:40 ----A---- C:\Windows\system32\oleaccrc.dll
2010-08-08 20:15:40 ----A---- C:\Windows\system32\oleacc.dll
2010-08-08 19:12:33 ----D---- C:\Users\fallows\AppData\Roaming\CoffeeCup Software
2010-08-08 19:12:33 ----A---- C:\Windows\system32\xpysys.dll
2010-08-08 19:12:04 ----D---- C:\Program Files\CoffeeCup Software
2010-08-08 13:12:58 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-08-08 13:12:58 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-08-08 12:38:11 ----D---- C:\Windows\system32\eu-ES
2010-08-08 12:38:11 ----D---- C:\Windows\system32\ca-ES
2010-08-08 12:38:10 ----D---- C:\Windows\system32\vi-VN
2010-08-08 12:05:48 ----D---- C:\Windows\system32\EventProviders
2010-08-07 11:26:40 ----D---- C:\Users\fallows\AppData\Roaming\CyberLink
2010-08-07 11:22:19 ----D---- C:\Users\fallows\AppData\Roaming\VistaCodecs
2010-08-07 11:21:45 ----D---- C:\ProgramData\VistaCodecs
2010-08-07 09:04:21 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-08-07 09:04:21 ----A---- C:\Windows\system32\PresentationHost.exe
2010-08-07 09:04:21 ----A---- C:\Windows\system32\netfxperf.dll
2010-08-07 09:04:21 ----A---- C:\Windows\system32\mscoree.dll
2010-08-07 09:04:21 ----A---- C:\Windows\system32\dfshim.dll
2010-08-06 23:33:26 ----D---- C:\Program Files\Digiarty
2010-08-06 22:09:47 ----D---- C:\Program Files\MSN Toolbar
2010-08-06 22:09:47 ----D---- C:\Program Files\Microsoft
2010-08-06 22:09:39 ----D---- C:\Program Files\Microsoft Silverlight
2010-08-06 22:06:11 ----D---- C:\Program Files\VistaCodecPack
2010-08-06 20:50:05 ----D---- C:\Program Files\Common Files\cdrdao
2010-08-06 20:21:28 ----D---- C:\Users\fallows\AppData\Roaming\Doblon
2010-08-06 20:21:18 ----D---- C:\Program Files\Doblon
2010-08-06 20:06:45 ----D---- C:\Users\fallows\AppData\Roaming\uTorrent
2010-08-06 17:38:41 ----A---- C:\Windows\XSitePro2 Uninstaller.exe
2010-08-06 17:36:43 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2010-08-06 17:36:39 ----A---- C:\Windows\system32\SLCExt.dll
2010-08-06 17:36:38 ----A---- C:\Windows\system32\SLsvc.exe
2010-08-06 17:36:36 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2010-08-06 17:36:36 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2010-08-06 17:36:35 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2010-08-06 17:36:33 ----A---- C:\Windows\system32\mssrch.dll
2010-08-06 17:36:31 ----A---- C:\Windows\system32\tquery.dll
2010-08-06 17:36:31 ----A---- C:\Windows\system32\drivers\spsys.sys
2010-08-06 17:36:30 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2010-08-06 17:36:29 ----A---- C:\Windows\system32\scavenge.dll
2010-08-06 17:36:29 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2010-08-06 17:36:28 ----D---- C:\Program Files\XSitePro2
2010-08-06 17:36:28 ----D---- C:\Program Files\Common Files\Thraex Software
2010-08-06 17:36:28 ----A---- C:\Windows\system32\msi.dll
2010-08-06 17:36:27 ----A---- C:\Windows\system32\imapi2fs.dll
2010-08-06 17:36:26 ----A---- C:\Windows\system32\WscEapPr.dll
2010-08-06 17:36:26 ----A---- C:\Windows\system32\wcnwiz2.dll
2010-08-06 17:36:26 ----A---- C:\Windows\system32\sysmain.dll
2010-08-06 17:36:26 ----A---- C:\Windows\system32\icardagt.exe
2010-08-06 17:36:25 ----A---- C:\Windows\system32\EhStorShell.dll
2010-08-06 17:36:24 ----A---- C:\Windows\system32\spreview.exe
2010-08-06 17:36:24 ----A---- C:\Windows\system32\spinstall.exe
2010-08-06 17:36:24 ----A---- C:\Windows\system32\drmv2clt.dll
2010-08-06 17:36:23 ----A---- C:\Windows\system32\spwizui.dll
2010-08-06 17:36:23 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2010-08-06 17:36:22 ----A---- C:\Windows\system32\SearchIndexer.exe
2010-08-06 17:36:22 ----A---- C:\Windows\system32\p2psvc.dll
2010-08-06 17:36:22 ----A---- C:\Windows\system32\mssvp.dll
2010-08-06 17:36:21 ----A---- C:\Windows\system32\mssphtb.dll
2010-08-06 17:36:21 ----A---- C:\Windows\system32\mssph.dll
2010-08-06 17:36:20 ----A---- C:\Windows\system32\sdohlp.dll
2010-08-06 17:36:20 ----A---- C:\Windows\system32\imapi2.dll
2010-08-06 17:36:19 ----A---- C:\Windows\system32\IMJP10K.DLL
2010-08-06 17:36:19 ----A---- C:\Windows\system32\esent.dll
2010-08-06 17:36:19 ----A---- C:\Windows\system32\DevicePairing.dll
2010-08-06 17:36:18 ----A---- C:\Windows\system32\wevtsvc.dll
2010-08-06 17:36:18 ----A---- C:\Windows\system32\sperror.dll
2010-08-06 17:36:18 ----A---- C:\Windows\system32\korwbrkr.dll
2010-08-06 17:36:18 ----A---- C:\Windows\system32\IasMigReader.exe
2010-08-06 17:36:17 ----A---- C:\Windows\system32\SLC.dll
2010-08-06 17:36:17 ----A---- C:\Windows\system32\msshsq.dll
2010-08-06 17:36:16 ----A---- C:\Windows\system32\msjet40.dll
2010-08-06 17:36:16 ----A---- C:\Windows\system32\MPSSVC.dll
2010-08-06 17:36:15 ----A---- C:\Windows\system32\Query.dll
2010-08-06 17:36:15 ----A---- C:\Windows\system32\qmgr.dll
2010-08-06 17:36:14 ----A---- C:\Windows\system32\P2PGraph.dll
2010-08-06 17:36:14 ----A---- C:\Windows\system32\ole32.dll
2010-08-06 17:36:14 ----A---- C:\Windows\system32\msexch40.dll
2010-08-06 17:36:14 ----A---- C:\Windows\system32\diagperf.dll
2010-08-06 17:36:13 ----A---- C:\Windows\system32\winload.exe
2010-08-06 17:36:13 ----A---- C:\Windows\system32\uDWM.dll
2010-08-06 17:36:13 ----A---- C:\Windows\system32\srchadmin.dll
2010-08-06 17:36:13 ----A---- C:\Windows\system32\ntdll.dll
2010-08-06 17:36:13 ----A---- C:\Windows\system32\mmc.exe
2010-08-06 17:36:13 ----A---- C:\Windows\system32\mblctr.exe
2010-08-06 17:36:13 ----A---- C:\Windows\system32\EncDec.dll
2010-08-06 17:36:13 ----A---- C:\Windows\system32\dfsr.exe
2010-08-06 17:36:12 ----A---- C:\Windows\system32\riched20.dll
2010-08-06 17:36:12 ----A---- C:\Windows\system32\RacEngn.dll
2010-08-06 17:36:12 ----A---- C:\Windows\system32\IasMigPlugin.dll
2010-08-06 17:36:12 ----A---- C:\Windows\system32\fdBth.dll
2010-08-06 17:36:11 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2010-08-06 17:36:11 ----A---- C:\Windows\system32\SearchFilterHost.exe
2010-08-06 17:36:11 ----A---- C:\Windows\system32\milcore.dll
2010-08-06 17:36:11 ----A---- C:\Windows\system32\kernel32.dll
2010-08-06 17:36:10 ----A---- C:\Windows\system32\spoolss.dll
2010-08-06 17:36:10 ----A---- C:\Windows\system32\EhStorAPI.dll
2010-08-06 17:36:10 ----A---- C:\Windows\system32\CertEnroll.dll
2010-08-06 17:36:09 ----A---- C:\Windows\system32\schedsvc.dll
2010-08-06 17:36:09 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2010-08-06 17:36:06 ----A---- C:\Windows\system32\WinSAT.exe
2010-08-06 17:36:06 ----A---- C:\Windows\system32\msvcp60.dll
2010-08-06 17:36:06 ----A---- C:\Windows\system32\msjtes40.dll
2010-08-06 17:36:06 ----A---- C:\Windows\system32\infocardapi.dll
2010-08-06 17:36:06 ----A---- C:\Windows\system32\gpedit.dll
2010-08-06 17:36:05 ----A---- C:\Windows\system32\mstext40.dll
2010-08-06 17:36:05 ----A---- C:\Windows\system32\Magnify.exe
2010-08-06 17:36:05 ----A---- C:\Windows\system32\es.dll
2010-08-06 17:36:05 ----A---- C:\Windows\system32\drivers\ntfs.sys
2010-08-06 17:36:05 ----A---- C:\Windows\system32\advapi32.dll
2010-08-06 17:36:04 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2010-08-06 17:36:04 ----A---- C:\Windows\system32\WebClnt.dll
2010-08-06 17:36:04 ----A---- C:\Windows\system32\vssapi.dll
2010-08-06 17:36:04 ----A---- C:\Windows\system32\slwmi.dll
2010-08-06 17:36:04 ----A---- C:\Windows\system32\msxbde40.dll
2010-08-06 17:36:04 ----A---- C:\Windows\system32\msexcl40.dll
2010-08-06 17:36:04 ----A---- C:\Windows\system32\comsvcs.dll
2010-08-06 17:36:03 ----A---- C:\Windows\system32\msrepl40.dll
2010-08-06 17:36:03 ----A---- C:\Windows\system32\authui.dll
2010-08-06 17:36:02 ----A---- C:\Windows\system32\rpcss.dll
2010-08-06 17:36:02 ----A---- C:\Windows\system32\propsys.dll
2010-08-06 17:36:02 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2010-08-06 17:36:02 ----A---- C:\Windows\system32\newdev.dll
2010-08-06 17:36:02 ----A---- C:\Windows\system32\iasrecst.dll
2010-08-06 17:36:02 ----A---- C:\Windows\system32\gpsvc.dll
2010-08-06 17:36:02 ----A---- C:\Windows\system32\eudcedit.exe
2010-08-06 17:36:02 ----A---- C:\Windows\system32\crypt32.dll
2010-08-06 17:36:02 ----A---- C:\Windows\explorer.exe
2010-08-06 17:36:01 ----A---- C:\Windows\system32\setupapi.dll
2010-08-06 17:36:01 ----A---- C:\Windows\system32\mspbde40.dll
2010-08-06 17:36:01 ----A---- C:\Windows\system32\d3d9.dll
2010-08-06 17:36:00 ----A---- C:\Windows\system32\shlwapi.dll
2010-08-06 17:36:00 ----A---- C:\Windows\system32\msrd3x40.dll
2010-08-06 17:36:00 ----A---- C:\Windows\system32\msltus40.dll
2010-08-06 17:36:00 ----A---- C:\Windows\system32\msdtctm.dll
2010-08-06 17:36:00 ----A---- C:\Windows\system32\mfc42.dll
2010-08-06 17:36:00 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2010-08-06 17:36:00 ----A---- C:\Windows\system32\EhStorAuthn.dll
2010-08-06 17:36:00 ----A---- C:\Windows\system32\davclnt.dll
2010-08-06 17:35:59 ----A---- C:\Windows\system32\wevtapi.dll
2010-08-06 17:35:59 ----A---- C:\Windows\system32\photowiz.dll
2010-08-06 17:35:59 ----A---- C:\Windows\system32\nlhtml.dll
2010-08-06 17:35:59 ----A---- C:\Windows\system32\browseui.dll
2010-08-06 17:35:58 ----A---- C:\Windows\system32\win32spl.dll
2010-08-06 17:35:58 ----A---- C:\Windows\system32\user32.dll
2010-08-06 17:35:58 ----A---- C:\Windows\system32\samsrv.dll
2010-08-06 17:35:58 ----A---- C:\Windows\system32\ci.dll
2010-08-06 17:35:57 ----A---- C:\Windows\system32\WcnNetsh.dll
2010-08-06 17:35:57 ----A---- C:\Windows\system32\SLCommDlg.dll
2010-08-06 17:35:57 ----A---- C:\Windows\system32\oleaut32.dll
2010-08-06 17:35:57 ----A---- C:\Windows\system32\netshell.dll
2010-08-06 17:35:57 ----A---- C:\Windows\system32\IKEEXT.DLL
2010-08-06 17:35:57 ----A---- C:\Windows\system32\compcln.exe
2010-08-06 17:35:56 ----A---- C:\Windows\system32\xmlfilter.dll
2010-08-06 17:35:56 ----A---- C:\Windows\system32\mswstr10.dll
2010-08-06 17:35:56 ----A---- C:\Windows\system32\drivers\rdbss.sys
2010-08-06 17:35:56 ----A---- C:\Windows\system32\audiosrv.dll
2010-08-06 17:35:56 ----A---- C:\Windows\system32\apds.dll
2010-08-06 17:35:55 ----A---- C:\Windows\system32\msctf.dll
2010-08-06 17:35:55 ----A---- C:\Windows\system32\emdmgmt.dll
2010-08-06 17:35:55 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2010-08-06 17:35:54 ----A---- C:\Windows\system32\drivers\netio.sys
2010-08-06 17:35:53 ----A---- C:\Windows\system32\msvcrt.dll
2010-08-06 17:35:52 ----A---- C:\Windows\system32\VSSVC.exe
2010-08-06 17:35:52 ----A---- C:\Windows\system32\QAGENTRT.DLL
2010-08-06 17:35:52 ----A---- C:\Windows\system32\gdi32.dll
2010-08-06 17:35:51 ----A---- C:\Windows\system32\SLUI.exe
2010-08-06 17:35:51 ----A---- C:\Windows\system32\mfc42u.dll
2010-08-06 17:35:50 ----A---- C:\Windows\system32\sqlsrv32.dll
2010-08-06 17:35:50 ----A---- C:\Windows\system32\propdefs.dll
2010-08-06 17:35:50 ----A---- C:\Windows\system32\odbc32.dll
2010-08-06 17:35:50 ----A---- C:\Windows\system32\msrd2x40.dll
2010-08-06 17:35:50 ----A---- C:\Windows\system32\eapphost.dll
2010-08-06 17:35:50 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2010-08-06 17:35:49 ----A---- C:\Windows\system32\winresume.exe
2010-08-06 17:35:49 ----A---- C:\Windows\system32\shdocvw.dll
2010-08-06 17:35:49 ----A---- C:\Windows\system32\drivers\usbhub.sys
2010-08-06 17:35:49 ----A---- C:\Windows\system32\dbgeng.dll
2010-08-06 17:35:48 ----A---- C:\Windows\system32\WsmSvc.dll
2010-08-06 17:35:48 ----A---- C:\Windows\system32\wevtutil.exe
2010-08-06 17:35:48 ----A---- C:\Windows\system32\swprv.dll
2010-08-06 17:35:48 ----A---- C:\Windows\system32\mssitlb.dll
2010-08-06 17:35:48 ----A---- C:\Windows\system32\mmcndmgr.dll
2010-08-06 17:35:47 ----A---- C:\Windows\system32\vds.exe
2010-08-06 17:35:47 ----A---- C:\Windows\system32\usp10.dll
2010-08-06 17:35:47 ----A---- C:\Windows\system32\netlogon.dll
2010-08-06 17:35:47 ----A---- C:\Windows\system32\msscb.dll
2010-08-06 17:35:47 ----A---- C:\Windows\system32\msctfp.dll
2010-08-06 17:35:47 ----A---- C:\Windows\system32\fdBthProxy.dll
2010-08-06 17:35:47 ----A---- C:\Windows\system32\drvinst.exe
2010-08-06 17:35:47 ----A---- C:\Windows\system32\devmgr.dll
2010-08-06 17:35:47 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2010-08-06 17:35:47 ----A---- C:\Windows\system32\adsldpc.dll
2010-08-06 17:35:46 ----A---- C:\Windows\system32\WMVSDECD.DLL
2010-08-06 17:35:46 ----A---- C:\Windows\system32\Wldap32.dll
2010-08-06 17:35:46 ----A---- C:\Windows\system32\wcnwiz.dll
2010-08-06 17:35:46 ----A---- C:\Windows\system32\services.exe
2010-08-06 17:35:46 ----A---- C:\Windows\system32\evr.dll
2010-08-06 17:35:46 ----A---- C:\Windows\system32\BFE.DLL
2010-08-06 17:35:45 ----A---- C:\Windows\system32\wercon.exe
2010-08-06 17:35:45 ----A---- C:\Windows\system32\wcncsvc.dll
2010-08-06 17:35:45 ----A---- C:\Windows\system32\msjter40.dll
2010-08-06 17:35:45 ----A---- C:\Windows\system32\msdtcprx.dll
2010-08-06 17:35:45 ----A---- C:\Windows\system32\mimefilt.dll
2010-08-06 17:35:45 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2010-08-06 17:35:45 ----A---- C:\Windows\system32\comdlg32.dll
2010-08-06 17:35:45 ----A---- C:\Windows\system32\certcli.dll
2010-08-06 17:35:45 ----A---- C:\Windows\system32\adtschema.dll
2010-08-06 17:35:44 ----A---- C:\Windows\system32\umpnpmgr.dll
2010-08-06 17:35:44 ----A---- C:\Windows\system32\taskeng.exe
2010-08-06 17:35:44 ----A---- C:\Windows\system32\rtffilt.dll
2010-08-06 17:35:44 ----A---- C:\Windows\system32\reg.exe
2010-08-06 17:35:44 ----A---- C:\Windows\system32\mswdat10.dll
2010-08-06 17:35:44 ----A---- C:\Windows\system32\ipsmsnap.dll
2010-08-06 17:35:44 ----A---- C:\Windows\system32\dnsapi.dll
2010-08-06 17:35:44 ----A---- C:\Windows\system32\certutil.exe
2010-08-06 17:35:43 ----A---- C:\Windows\system32\WMNetMgr.dll
2010-08-06 17:35:43 ----A---- C:\Windows\system32\w32time.dll
2010-08-06 17:35:43 ----A---- C:\Windows\system32\msshooks.dll
2010-08-06 17:35:43 ----A---- C:\Windows\system32\msscntrs.dll
2010-08-06 17:35:43 ----A---- C:\Windows\system32\IPSECSVC.DLL
2010-08-06 17:35:43 ----A---- C:\Windows\system32\drivers\usbport.sys
2010-08-06 17:35:43 ----A---- C:\Windows\system32\bcrypt.dll
2010-08-06 17:35:42 ----A---- C:\Windows\system32\TsWpfWrp.exe
2010-08-06 17:35:42 ----A---- C:\Windows\system32\rsaenh.dll
2010-08-06 17:35:42 ----A---- C:\Windows\system32\msstrc.dll
2010-08-06 17:35:42 ----A---- C:\Windows\system32\msihnd.dll
2010-08-06 17:35:42 ----A---- C:\Windows\system32\MMDevAPI.dll
2010-08-06 17:35:42 ----A---- C:\Windows\system32\drivers\ndis.sys
2010-08-06 17:35:42 ----A---- C:\Windows\system32\bthserv.dll
2010-08-06 17:35:41 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-08-06 17:35:41 ----A---- C:\Windows\system32\termsrv.dll
2010-08-06 17:35:41 ----A---- C:\Windows\system32\profsvc.dll
2010-08-06 17:35:41 ----A---- C:\Windows\system32\netapi32.dll
2010-08-06 17:35:41 ----A---- C:\Windows\system32\mtxclu.dll
2010-08-06 17:35:41 ----A---- C:\Windows\system32\mscories.dll
2010-08-06 17:35:41 ----A---- C:\Windows\system32\inetpp.dll
2010-08-06 17:35:41 ----A---- C:\Windows\system32\hidserv.dll
2010-08-06 17:35:41 ----A---- C:\Windows\system32\fundisc.dll
2010-08-06 17:35:41 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2010-08-06 17:35:41 ----A---- C:\Windows\system32\cryptsvc.dll
2010-08-06 17:35:40 ----A---- C:\Windows\system32\wdc.dll
2010-08-06 17:35:40 ----A---- C:\Windows\system32\shsvcs.dll
2010-08-06 17:35:40 ----A---- C:\Windows\system32\msiexec.exe
2010-08-06 17:35:40 ----A---- C:\Windows\system32\imapi.dll
2010-08-06 17:35:40 ----A---- C:\Windows\system32\drivers\pci.sys
2010-08-06 17:35:40 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2010-08-06 17:35:40 ----A---- C:\Windows\system32\chsbrkr.dll
2010-08-06 17:35:39 ----A---- C:\Windows\system32\rasmans.dll
2010-08-06 17:35:39 ----A---- C:\Windows\system32\pnidui.dll
2010-08-06 17:35:39 ----A---- C:\Windows\system32\icardres.dll
2010-08-06 17:35:39 ----A---- C:\Windows\system32\iassdo.dll
2010-08-06 17:35:38 ----A---- C:\Windows\system32\wersvc.dll
2010-08-06 17:35:38 ----A---- C:\Windows\system32\spoolsv.exe
2010-08-06 17:35:38 ----A---- C:\Windows\system32\slmgr.vbs
2010-08-06 17:35:38 ----A---- C:\Windows\system32\scrrun.dll
2010-08-06 17:35:38 ----A---- C:\Windows\system32\PSHED.DLL
2010-08-06 17:35:38 ----A---- C:\Windows\system32\drivers\termdd.sys
2010-08-06 17:35:38 ----A---- C:\Windows\system32\drivers\crashdmp.sys
2010-08-06 17:35:38 ----A---- C:\Windows\system32\drivers\acpi.sys
2010-08-06 17:35:38 ----A---- C:\Windows\system32\autofmt.exe
2010-08-06 17:35:37 ----A---- C:\Windows\system32\wmpmde.dll
2010-08-06 17:35:37 ----A---- C:\Windows\system32\pidgenx.dll
2010-08-06 17:35:37 ----A---- C:\Windows\system32\pdh.dll
2010-08-06 17:35:37 ----A---- C:\Windows\system32\drivers\Storport.sys
2010-08-06 17:35:37 ----A---- C:\Windows\system32\drivers\partmgr.sys
2010-08-06 17:35:37 ----A---- C:\Windows\system32\drivers\ataport.sys
2010-08-06 17:35:37 ----A---- C:\Windows\system32\dhcpcsvc.dll
2010-08-06 17:35:37 ----A---- C:\Windows\system32\clfs.sys
2010-08-06 17:35:37 ----A---- C:\Windows\system32\CertEnrollUI.dll
2010-08-06 17:35:37 ----A---- C:\Windows\system32\azroles.dll
2010-08-06 17:35:36 ----A---- C:\Windows\system32\winlogon.exe
2010-08-06 17:35:36 ----A---- C:\Windows\system32\SyncCenter.dll
2010-08-06 17:35:36 ----A---- C:\Windows\system32\SLUINotify.dll
2010-08-06 17:35:36 ----A---- C:\Windows\system32\msjetoledb40.dll
2010-08-06 17:35:36 ----A---- C:\Windows\system32\drivers\mup.sys
2010-08-06 17:35:36 ----A---- C:\Windows\system32\comuid.dll
2010-08-06 17:35:35 ----A---- C:\Windows\system32\wisptis.exe
2010-08-06 17:35:35 ----A---- C:\Windows\system32\untfs.dll
2010-08-06 17:35:35 ----A---- C:\Windows\system32\spp.dll
2010-08-06 17:35:35 ----A---- C:\Windows\system32\sethc.exe
2010-08-06 17:35:35 ----A---- C:\Windows\system32\scrobj.dll
2010-08-06 17:35:35 ----A---- C:\Windows\system32\ncrypt.dll
2010-08-06 17:35:35 ----A---- C:\Windows\system32\kd1394.dll
2010-08-06 17:35:35 ----A---- C:\Windows\system32\iassam.dll
2010-08-06 17:35:35 ----A---- C:\Windows\system32\drivers\disk.sys
2010-08-06 17:35:35 ----A---- C:\Windows\system32\certmgr.dll
2010-08-06 17:35:34 ----A---- C:\Windows\system32\taskcomp.dll
2010-08-06 17:35:34 ----A---- C:\Windows\system32\printui.dll
2010-08-06 17:35:34 ----A---- C:\Windows\system32\iasnap.dll
2010-08-06 17:35:34 ----A---- C:\Windows\system32\dwm.exe
2010-08-06 17:35:34 ----A---- C:\Windows\system32\drivers\volsnap.sys
2010-08-06 17:35:34 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2010-08-06 17:35:34 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2010-08-06 17:35:34 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2010-08-06 17:35:34 ----A---- C:\Windows\system32\drivers\ecache.sys
2010-08-06 17:35:34 ----A---- C:\Windows\system32\autoconv.exe
2010-08-06 17:35:34 ----A---- C:\Windows\system32\autochk.exe
2010-08-06 17:35:33 ----A---- C:\Windows\system32\wow32.dll
2010-08-06 17:35:33 ----A---- C:\Windows\system32\winsrv.dll
2010-08-06 17:35:33 ----A---- C:\Windows\system32\userenv.dll
2010-08-06 17:35:33 ----A---- C:\Windows\system32\osk.exe
2010-08-06 17:35:33 ----A---- C:\Windows\system32\onex.dll
2010-08-06 17:35:33 ----A---- C:\Windows\system32\mswsock.dll
2010-08-06 17:35:33 ----A---- C:\Windows\system32\kdcom.dll
2010-08-06 17:35:33 ----A---- C:\Windows\system32\drivers\msrpc.sys
2010-08-06 17:35:33 ----A---- C:\Windows\system32\drivers\Dumpata.sys
2010-08-06 17:35:33 ----A---- C:\Windows\system32\cscript.exe
2010-08-06 17:35:33 ----A---- C:\Windows\system32\basecsp.dll
2010-08-06 17:35:33 ----A---- C:\Windows\system32\audiodg.exe
2010-08-06 17:35:32 ----A---- C:\Windows\system32\WinSCard.dll
2010-08-06 17:35:32 ----A---- C:\Windows\system32\winmm.dll
2010-08-06 17:35:32 ----A---- C:\Windows\system32\WerFaultSecure.exe
2010-08-06 17:35:32 ----A---- C:\Windows\system32\spcmsg.dll
2010-08-06 17:35:32 ----A---- C:\Windows\system32\RelMon.dll
2010-08-06 17:35:32 ----A---- C:\Windows\system32\rdpencom.dll
2010-08-06 17:35:32 ----A---- C:\Windows\system32\msftedit.dll
2010-08-06 17:35:32 ----A---- C:\Windows\system32\kdusb.dll
2010-08-06 17:35:32 ----A---- C:\Windows\system32\drivers\netbt.sys
2010-08-06 17:35:32 ----A---- C:\Windows\system32\drivers\atapi.sys
2010-08-06 17:35:31 ----A---- C:\Windows\system32\offfilt.dll
2010-08-06 17:35:31 ----A---- C:\Windows\system32\dnsrslvr.dll
2010-08-06 17:35:30 ----A---- C:\Windows\system32\wsepno.dll
2010-08-06 17:35:30 ----A---- C:\Windows\system32\WerFault.exe
2010-08-06 17:35:30 ----A---- C:\Windows\system32\Utilman.exe
2010-08-06 17:35:30 ----A---- C:\Windows\system32\stobject.dll
2010-08-06 17:35:30 ----A---- C:\Windows\system32\SndVol.exe
2010-08-06 17:35:30 ----A---- C:\Windows\system32\mfplat.dll
2010-08-06 17:35:30 ----A---- C:\Windows\system32\diskraid.exe
2010-08-06 17:35:30 ----A---- C:\Windows\system32\apphelp.dll
2010-08-06 17:35:29 ----A---- C:\Windows\system32\wscript.exe
2010-08-06 17:35:29 ----A---- C:\Windows\system32\wiaservc.dll
2010-08-06 17:35:29 ----A---- C:\Windows\system32\ulib.dll
2010-08-06 17:35:29 ----A---- C:\Windows\system32\sysclass.dll
2010-08-06 17:35:29 ----A---- C:\Windows\system32\prnntfy.dll
2010-08-06 17:35:29 ----A---- C:\Windows\system32\odbccp32.dll
2010-08-06 17:35:29 ----A---- C:\Windows\system32\msnetobj.dll
2010-08-06 17:35:29 ----A---- C:\Windows\system32\mscms.dll
2010-08-06 17:35:29 ----A---- C:\Windows\system32\iasdatastore.dll
2010-08-06 17:35:29 ----A---- C:\Windows\system32\dsound.dll
2010-08-06 17:35:29 ----A---- C:\Windows\system32\cryptui.dll
2010-08-06 17:35:29 ----A---- C:\Windows\system32\adsmsext.dll
2010-08-06 17:35:28 ----A---- C:\Windows\system32\wscsvc.dll
2010-08-06 17:35:28 ----A---- C:\Windows\system32\wscntfy.dll
2010-08-06 17:35:28 ----A---- C:\Windows\system32\WMVENCOD.DLL
2010-08-06 17:35:28 ----A---- C:\Windows\system32\wlangpui.dll
2010-08-06 17:35:28 ----A---- C:\Windows\system32\vdsdyn.dll
2010-08-06 17:35:28 ----A---- C:\Windows\system32\rastapi.dll
2010-08-06 17:35:28 ----A---- C:\Windows\system32\rasapi32.dll
2010-08-06 17:35:28 ----A---- C:\Windows\system32\pnpsetup.dll
2010-08-06 17:35:28 ----A---- C:\Windows\system32\logman.exe
2010-08-06 17:35:28 ----A---- C:\Windows\system32\ipsecsnp.dll
2010-08-06 17:35:28 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2010-08-06 17:35:28 ----A---- C:\Windows\system32\iashlpr.dll
2010-08-06 17:35:28 ----A---- C:\Windows\system32\gpapi.dll
2010-08-06 17:35:28 ----A---- C:\Windows\system32\fdProxy.dll
2010-08-06 17:35:28 ----A---- C:\Windows\system32\diskpart.exe
2010-08-06 17:35:28 ----A---- C:\Windows\system32\brcpl.dll
2010-08-06 17:35:27 ----A---- C:\Windows\system32\zipfldr.dll
2010-08-06 17:35:27 ----A---- C:\Windows\system32\wusa.exe
2010-08-06 17:35:27 ----A---- C:\Windows\system32\wshext.dll
2010-08-06 17:35:27 ----A---- C:\Windows\system32\wpccpl.dll
2010-08-06 17:35:27 ----A---- C:\Windows\system32\regsvc.dll
2010-08-06 17:35:27 ----A---- C:\Windows\system32\ntprint.dll
2010-08-06 17:35:27 ----A---- C:\Windows\system32\netcenter.dll
2010-08-06 17:35:27 ----A---- C:\Windows\system32\mscorier.dll
2010-08-06 17:35:27 ----A---- C:\Windows\system32\iasrad.dll
2010-08-06 17:35:27 ----A---- C:\Windows\system32\findstr.exe
2010-08-06 17:35:26 ----A---- C:\Windows\system32\wsnmp32.dll
2010-08-06 17:35:26 ----A---- C:\Windows\system32\wer.dll
2010-08-06 17:35:26 ----A---- C:\Windows\system32\uxsms.dll
2010-08-06 17:35:26 ----A---- C:\Windows\system32\themecpl.dll
2010-08-06 17:35:26 ----A---- C:\Windows\system32\srvsvc.dll
2010-08-06 17:35:26 ----A---- C:\Windows\system32\rasdlg.dll
2010-08-06 17:35:26 ----A---- C:\Windows\system32\ntmarta.dll
2010-08-06 17:35:26 ----A---- C:\Windows\system32\mssprxy.dll
2010-08-06 17:35:26 ----A---- C:\Windows\system32\iassvcs.dll
2010-08-06 17:35:26 ----A---- C:\Windows\system32\drivers\usbehci.sys
2010-08-06 17:35:25 ----A---- C:\Windows\system32\slcc.dll
2010-08-06 17:35:25 ----A---- C:\Windows\system32\scansetting.dll
2010-08-06 17:35:25 ----A---- C:\Windows\system32\powrprof.dll
2010-08-06 17:35:25 ----A---- C:\Windows\system32\powercpl.dll
2010-08-06 17:35:25 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2010-08-06 17:35:25 ----A---- C:\Windows\system32\newdev.exe
2010-08-06 17:35:25 ----A---- C:\Windows\system32\networkmap.dll
2010-08-06 17:35:25 ----A---- C:\Windows\system32\msutb.dll
2010-08-06 17:35:25 ----A---- C:\Windows\system32\mstsc.exe
2010-08-06 17:35:25 ----A---- C:\Windows\system32\mstlsapi.dll
2010-08-06 17:35:25 ----A---- C:\Windows\system32\iasads.dll
2010-08-06 17:35:25 ----A---- C:\Windows\system32\iasacct.dll
2010-08-06 17:35:25 ----A---- C:\Windows\system32\drivers\ks.sys
2010-08-06 17:35:25 ----A---- C:\Windows\system32\authz.dll
2010-08-06 17:35:24 ----A---- C:\Windows\system32\wlanpref.dll
2010-08-06 17:35:24 ----A---- C:\Windows\system32\usercpl.dll
2010-08-06 17:35:24 ----A---- C:\Windows\system32\themeui.dll
2010-08-06 17:35:24 ----A---- C:\Windows\system32\systemcpl.dll
2010-08-06 17:35:24 ----A---- C:\Windows\system32\sud.dll
2010-08-06 17:35:24 ----A---- C:\Windows\system32\samlib.dll
2010-08-06 17:35:24 ----A---- C:\Windows\system32\qdvd.dll
2010-08-06 17:35:24 ----A---- C:\Windows\system32\pcaui.dll
2010-08-06 17:35:24 ----A---- C:\Windows\system32\mmci.dll
2010-08-06 17:35:24 ----A---- C:\Windows\system32\dot3svc.dll
2010-08-06 17:35:24 ----A---- C:\Windows\system32\connect.dll
2010-08-06 17:35:24 ----A---- C:\Windows\system32\autoplay.dll
2010-08-06 17:35:24 ----A---- C:\Windows\system32\accessibilitycpl.dll
2010-08-06 17:35:23 ----A---- C:\Windows\system32\wpcao.dll
2010-08-06 17:35:23 ----A---- C:\Windows\system32\vdsutil.dll
2010-08-06 17:35:23 ----A---- C:\Windows\system32\tapisrv.dll
2010-08-06 17:35:23 ----A---- C:\Windows\system32\scksp.dll
2010-08-06 17:35:23 ----A---- C:\Windows\system32\scesrv.dll
2010-08-06 17:35:23 ----A---- C:\Windows\system32\rpchttp.dll
2010-08-06 17:35:23 ----A---- C:\Windows\system32\regapi.dll
2010-08-06 17:35:23 ----A---- C:\Windows\system32\psisdecd.dll
2010-08-06 17:35:23 ----A---- C:\Windows\system32\oleprn.dll
2010-08-06 17:35:23 ----A---- C:\Windows\system32\msinfo32.exe
2010-08-06 17:35:23 ----A---- C:\Windows\system32\mpr.dll
2010-08-06 17:35:23 ----A---- C:\Windows\system32\feclient.dll
2010-08-06 17:35:22 ----A---- C:\Windows\system32\wscisvif.dll
2010-08-06 17:35:22 ----A---- C:\Windows\system32\sdclt.exe
2010-08-06 17:35:22 ----A---- C:\Windows\system32\rekeywiz.exe
2010-08-06 17:35:22 ----A---- C:\Windows\system32\qedit.dll
2010-08-06 17:35:22 ----A---- C:\Windows\system32\pnpui.dll
2010-08-06 17:35:22 ----A---- C:\Windows\system32\perfdisk.dll
2010-08-06 17:35:22 ----A---- C:\Windows\system32\ncryptui.dll
2010-08-06 17:35:22 ----A---- C:\Windows\system32\imm32.dll
2010-08-06 17:35:22 ----A---- C:\Windows\system32\iaspolcy.dll
2010-08-06 17:35:22 ----A---- C:\Windows\system32\Faultrep.dll
2010-08-06 17:35:22 ----A---- C:\Windows\system32\drivers\exfat.sys
2010-08-06 17:35:22 ----A---- C:\Windows\system32\dpapimig.exe
2010-08-06 17:35:22 ----A---- C:\Windows\system32\dot3msm.dll
2010-08-06 17:35:22 ----A---- C:\Windows\system32\DeviceEject.exe
2010-08-06 17:35:22 ----A---- C:\Windows\system32\AudioSes.dll
2010-08-06 17:35:21 ----A---- C:\Windows\system32\TSTheme.exe
2010-08-06 17:35:21 ----A---- C:\Windows\system32\tcpipcfg.dll
2010-08-06 17:35:21 ----A---- C:\Windows\system32\spwinsat.dll
2010-08-06 17:35:21 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2010-08-06 17:35:21 ----A---- C:\Windows\system32\scecli.dll
2010-08-06 17:35:21 ----A---- C:\Windows\system32\rasplap.dll
2010-08-06 17:35:21 ----A---- C:\Windows\system32\rasgcw.dll
2010-08-06 17:35:21 ----A---- C:\Windows\system32\PnPUnattend.exe
2010-08-06 17:35:21 ----A---- C:\Windows\system32\hdwwiz.exe
2010-08-06 17:35:21 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2010-08-06 17:35:21 ----A---- C:\Windows\system32\drivers\portcls.sys
2010-08-06 17:35:21 ----A---- C:\Windows\system32\cmmon32.exe
2010-08-06 17:35:21 ----A---- C:\Windows\system32\certreq.exe
2010-08-06 17:35:20 ----A---- C:\Windows\system32\wiaaut.dll
2010-08-06 17:35:20 ----A---- C:\Windows\system32\whealogr.dll
2010-08-06 17:35:20 ----A---- C:\Windows\system32\tcpmon.dll
2010-08-06 17:35:20 ----A---- C:\Windows\system32\srcore.dll
2010-08-06 17:35:20 ----A---- C:\Windows\system32\SCardSvr.dll
2010-08-06 17:35:20 ----A---- C:\Windows\system32\raschap.dll
2010-08-06 17:35:20 ----A---- C:\Windows\system32\MSVidCtl.dll
2010-08-06 17:35:20 ----A---- C:\Windows\system32\fontext.dll
2010-08-06 17:35:20 ----A---- C:\Windows\system32\fdWSD.dll
2010-08-06 17:35:20 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2010-08-06 17:35:20 ----A---- C:\Windows\system32\drivers\USBCAMD.sys
2010-08-06 17:35:20 ----A---- C:\Windows\system32\drivers\afd.sys
2010-08-06 17:35:20 ----A---- C:\Windows\system32\conime.exe
2010-08-06 17:35:20 ----A---- C:\Windows\system32\cmdial32.dll
2010-08-06 17:35:19 ----A---- C:\Windows\system32\WMVXENCD.DLL
2010-08-06 17:35:19 ----A---- C:\Windows\system32\wlanui.dll
2010-08-06 17:35:19 ----A---- C:\Windows\system32\shwebsvc.dll
2010-08-06 17:35:19 ----A---- C:\Windows\system32\shsetup.dll
2010-08-06 17:35:19 ----A---- C:\Windows\system32\rasppp.dll
2010-08-06 17:35:19 ----A---- C:\Windows\system32\rasmontr.dll
2010-08-06 17:35:19 ----A---- C:\Windows\system32\PnPutil.exe
2010-08-06 17:35:19 ----A---- C:\Windows\system32\oobefldr.dll
2010-08-06 17:35:19 ----A---- C:\Windows\system32\modemui.dll
2010-08-06 17:35:19 ----A---- C:\Windows\system32\dsprop.dll
2010-08-06 17:35:19 ----A---- C:\Windows\system32\drivers\tdx.sys
2010-08-06 17:35:19 ----A---- C:\Windows\system32\drivers\pacer.sys
2010-08-06 17:35:19 ----A---- C:\Windows\system32\drivers\npfs.sys
2010-08-06 17:35:19 ----A---- C:\Windows\system32\dimsroam.dll
2010-08-06 17:35:18 ----A---- C:\Windows\system32\wmdrmsdk.dll
2010-08-06 17:35:18 ----A---- C:\Windows\system32\wlgpclnt.dll
2010-08-06 17:35:18 ----A---- C:\Windows\system32\smss.exe
2010-08-06 17:35:18 ----A---- C:\Windows\system32\rdpwsx.dll
2010-08-06 17:35:18 ----A---- C:\Windows\system32\mscandui.dll
2010-08-06 17:35:18 ----A---- C:\Windows\system32\drivers\fastfat.sys
2010-08-06 17:35:18 ----A---- C:\Windows\system32\dataclen.dll
2010-08-06 17:35:18 ----A---- C:\Windows\system32\credui.dll
2010-08-06 17:35:18 ----A---- C:\Windows\system32\chtbrkr.dll
2010-08-06 17:35:18 ----A---- C:\Windows\system32\blackbox.dll
2010-08-06 17:35:17 ----A---- C:\Windows\system32\WSDMon.dll
2010-08-06 17:35:17 ----A---- C:\Windows\system32\wmpeffects.dll
2010-08-06 17:35:17 ----A---- C:\Windows\system32\networkexplorer.dll
2010-08-06 17:35:17 ----A---- C:\Windows\system32\netplwiz.dll
2010-08-06 17:35:17 ----A---- C:\Windows\system32\drivers\rmcast.sys
2010-08-06 17:35:17 ----A---- C:\Windows\system32\certprop.dll
2010-08-06 17:35:16 ----A---- C:\Windows\system32\wscapi.dll
2010-08-06 17:35:16 ----A---- C:\Windows\system32\wpcsvc.dll
2010-08-06 17:35:16 ----A---- C:\Windows\system32\msscp.dll
2010-08-06 17:35:16 ----A---- C:\Windows\system32\msimtf.dll
2010-08-06 17:35:16 ----A---- C:\Windows\system32\logagent.exe
2010-08-06 17:35:16 ----A---- C:\Windows\system32\InkEd.dll
2010-08-06 17:35:16 ----A---- C:\Windows\system32\ifmon.dll
2010-08-06 17:35:16 ----A---- C:\Windows\system32\gpresult.exe
2010-08-06 17:35:16 ----A---- C:\Windows\system32\cipher.exe
2010-08-06 17:35:15 ----A---- C:\Windows\system32\thawbrkr.dll
2010-08-06 17:35:15 ----A---- C:\Windows\system32\softkbd.dll
2010-08-06 17:35:15 ----A---- C:\Windows\system32\sendmail.dll
2010-08-06 17:35:15 ----A---- C:\Windows\system32\puiapi.dll
2010-08-06 17:35:15 ----A---- C:\Windows\system32\olepro32.dll
2010-08-06 17:35:15 ----A---- C:\Windows\system32\msctfui.dll
2010-08-06 17:35:15 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2010-08-06 17:35:15 ----A---- C:\Windows\system32\input.dll
2010-08-06 17:35:15 ----A---- C:\Windows\system32\drmmgrtn.dll
2010-08-06 17:35:15 ----A---- C:\Windows\system32\drivers\watchdog.sys
2010-08-06 17:35:15 ----A---- C:\Windows\system32\drivers\udfs.sys
2010-08-06 17:35:15 ----A---- C:\Windows\system32\drivers\smb.sys
2010-08-06 17:35:15 ----A---- C:\Windows\system32\drivers\hidusb.sys
2010-08-06 17:35:15 ----A---- C:\Windows\system32\dmsynth.dll
2010-08-06 17:35:14 ----A---- C:\Windows\system32\wshbth.dll
2010-08-06 17:35:14 ----A---- C:\Windows\system32\version.dll
2010-08-06 17:35:14 ----A---- C:\Windows\system32\SLLUA.exe
2010-08-06 17:35:14 ----A---- C:\Windows\system32\msjint40.dll
2010-08-06 17:35:14 ----A---- C:\Windows\system32\msisip.dll
2010-08-06 17:35:14 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2010-08-06 17:35:14 ----A---- C:\Windows\system32\mprapi.dll
2010-08-06 17:35:14 ----A---- C:\Windows\system32\fdSSDP.dll
2010-08-06 17:35:14 ----A---- C:\Windows\system32\fc.exe
2010-08-06 17:35:14 ----A---- C:\Windows\system32\ExplorerFrame.dll
2010-08-06 17:35:14 ----A---- C:\Windows\system32\eapp3hst.dll
2010-08-06 17:35:14 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2010-08-06 17:35:14 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2010-08-06 17:35:14 ----A---- C:\Windows\system32\dmusic.dll
2010-08-06 17:35:14 ----A---- C:\Windows\system32\cscapi.dll
2010-08-06 17:35:13 ----A---- C:\Windows\system32\wsdchngr.dll
2010-08-06 17:35:13 ----A---- C:\Windows\system32\Storprop.dll
2010-08-06 17:35:13 ----A---- C:\Windows\system32\SMBHelperClass.dll
2010-08-06 17:35:13 ----A---- C:\Windows\system32\rasdial.exe
2010-08-06 17:35:13 ----A---- C:\Windows\system32\rasdiag.dll
2010-08-06 17:35:13 ----A---- C:\Windows\system32\l2nacp.dll
2010-08-06 17:35:13 ----A---- C:\Windows\system32\ftp.exe
2010-08-06 17:35:13 ----A---- C:\Windows\system32\fdWCN.dll
2010-08-06 17:35:13 ----A---- C:\Windows\system32\dot3cfg.dll
2010-08-06 17:35:13 ----A---- C:\Windows\system32\cscdll.dll
2010-08-06 17:35:13 ----A---- C:\Windows\system32\bthudtask.exe
2010-08-06 17:35:13 ----A---- C:\Windows\system32\bthci.dll
2010-08-06 17:35:12 ----A---- C:\Windows\system32\tscupgrd.exe
2010-08-06 17:35:12 ----A---- C:\Windows\system32\slcinst.dll
2010-08-06 17:35:12 ----A---- C:\Windows\system32\ocsetup.exe
2010-08-06 17:35:12 ----A---- C:\Windows\system32\nslookup.exe
2010-08-06 17:35:12 ----A---- C:\Windows\system32\networkitemfactory.dll
2010-08-06 17:35:12 ----A---- C:\Windows\system32\ipconfig.exe
2010-08-06 17:35:12 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2010-08-06 17:35:12 ----A---- C:\Windows\system32\eappgnui.dll
2010-08-06 17:35:12 ----A---- C:\Windows\system32\eappcfg.dll
2010-08-06 17:35:12 ----A---- C:\Windows\system32\drivers\rassstp.sys
2010-08-06 17:35:12 ----A---- C:\Windows\system32\drivers\hidclass.sys
2010-08-06 17:35:12 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2010-08-06 17:35:11 ----A---- C:\Windows\system32\PNPXAssoc.dll
2010-08-06 17:35:11 ----A---- C:\Windows\system32\mmcico.dll
2010-08-06 17:35:11 ----A---- C:\Windows\system32\hbaapi.dll
2010-08-06 17:35:11 ----A---- C:\Windows\system32\gpupdate.exe
2010-08-06 17:35:11 ----A---- C:\Windows\system32\fdeploy.dll
2010-08-06 17:35:11 ----A---- C:\Windows\system32\drivers\nwifi.sys
2010-08-06 17:35:11 ----A---- C:\Windows\system32\drivers\dfsc.sys
2010-08-06 17:35:11 ----A---- C:\Windows\system32\drivers\cdrom.sys
2010-08-06 17:35:10 ----A---- C:\Windows\system32\NcdProp.dll
2010-08-06 17:35:10 ----A---- C:\Windows\system32\iscsilog.dll
2010-08-06 17:35:10 ----A---- C:\Windows\system32\csrstub.exe
2010-08-06 17:35:10 ----A---- C:\Windows\system32\cbsra.exe
2010-08-06 17:35:10 ----A---- C:\Windows\system32\bitsigd.dll
2010-08-06 17:35:09 ----A---- C:\Windows\system32\winrnr.dll
2010-08-06 17:35:09 ----A---- C:\Windows\system32\vdmdbg.dll
2010-08-06 17:35:09 ----A---- C:\Windows\system32\slwga.dll
2010-08-06 17:35:09 ----A---- C:\Windows\system32\odbcconf.dll
2010-08-06 17:35:09 ----A---- C:\Windows\system32\inetppui.dll
2010-08-06 17:35:09 ----A---- C:\Windows\system32\drivers\dxg.sys
2010-08-06 17:35:09 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-08-06 17:35:08 ----A---- C:\Windows\system32\midimap.dll
2010-08-06 17:35:08 ----A---- C:\Windows\system32\drivers\stream.sys
2010-08-06 17:35:08 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2010-08-06 17:35:07 ----A---- C:\Windows\system32\f3ahvoas.dll
2010-08-06 17:35:07 ----A---- C:\Windows\system32\drivers\usbohci.sys
2010-08-06 17:35:07 ----A---- C:\Windows\system32\drivers\usb8023.sys
2010-08-06 17:35:07 ----A---- C:\Windows\system32\drivers\raspppoe.sys
2010-08-06 17:35:07 ----A---- C:\Windows\system32\drivers\bridge.sys
2010-08-06 17:35:06 ----A---- C:\Windows\system32\msimsg.dll
2010-08-06 17:34:54 ----A---- C:\Windows\system32\SmiEngine.dll
2010-08-06 17:34:51 ----A---- C:\Windows\system32\wdscore.dll
2010-08-06 17:34:51 ----A---- C:\Windows\system32\PkgMgr.exe
2010-08-06 17:34:45 ----A---- C:\Windows\system32\drvstore.dll
2010-08-06 17:11:12 ----D---- C:\Downloads
2010-08-06 17:08:42 ----D---- C:\Program Files\vSoft
2010-08-06 16:58:57 ----A---- C:\Windows\system32\vbscript.dll
2010-08-06 16:58:56 ----A---- C:\Windows\system32\winhttp.dll
2010-08-06 16:58:54 ----A---- C:\Windows\system32\jscript.dll
2010-08-06 16:58:50 ----A---- C:\Windows\system32\drivers\http.sys
2010-08-06 16:58:49 ----A---- C:\Windows\system32\nshhttp.dll
2010-08-06 16:58:49 ----A---- C:\Windows\system32\httpapi.dll

======List of files/folders modified in the last 1 months======

2010-09-05 23:43:33 ----D---- C:\Windows\Temp
2010-09-05 23:23:03 ----D---- C:\Windows\System32
2010-09-05 23:22:00 ----SD---- C:\Users\fallows\AppData\Roaming\Microsoft
2010-09-05 23:22:00 ----D---- C:\Windows\system32\drivers
2010-09-05 23:22:00 ----D---- C:\Windows
2010-09-05 23:21:55 ----HD---- C:\ProgramData
2010-09-05 23:21:55 ----D---- C:\ProgramData\avg9
2010-09-05 23:21:09 ----D---- C:\Windows\system32\catroot
2010-09-05 23:21:09 ----D---- C:\Windows\inf
2010-09-05 22:10:12 ----SHD---- C:\Windows\Installer
2010-09-05 22:10:10 ----HD---- C:\Program Files\InstallShield Installation Information
2010-09-05 22:10:05 ----RD---- C:\Program Files
2010-09-05 20:36:50 ----D---- C:\Program Files\Google
2010-09-01 18:01:28 ----D---- C:\Windows\system32\Tasks
2010-08-29 20:05:37 ----D---- C:\Users\fallows\AppData\Roaming\FileZilla
2010-08-28 10:44:44 ----D---- C:\Program Files\Common Files
2010-08-28 10:06:38 ----RSD---- C:\Windows\assembly
2010-08-28 10:05:52 ----D---- C:\Windows\Logs
2010-08-28 10:05:16 ----D---- C:\Windows\winsxs
2010-08-26 20:07:26 ----D---- C:\Windows\system32\WDI
2010-08-26 17:27:09 ----D---- C:\ProgramData\Adobe
2010-08-25 21:40:14 ----D---- C:\Program Files\Common Files\Adobe
2010-08-22 21:51:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-22 07:49:41 ----D---- C:\Windows\Debug
2010-08-20 21:01:02 ----D---- C:\Program Files\FileZilla FTP Client
2010-08-20 20:22:41 ----SHD---- C:\System Volume Information
2010-08-18 18:49:14 ----D---- C:\Windows\Help
2010-08-16 20:33:17 ----D---- C:\Windows\system32\LogFiles
2010-08-12 16:59:55 ----D---- C:\Windows\Microsoft.NET
2010-08-12 08:07:17 ----D---- C:\Windows\system32\migration
2010-08-12 08:07:17 ----D---- C:\Program Files\Internet Explorer
2010-08-12 08:07:16 ----D---- C:\Program Files\Movie Maker
2010-08-12 07:47:00 ----D---- C:\Program Files\Windows Mail
2010-08-11 22:52:30 ----RSD---- C:\Windows\Fonts
2010-08-10 12:54:57 ----D---- C:\Users\fallows\AppData\Roaming\Adobe
2010-08-09 16:48:43 ----D---- C:\Windows\rescache
2010-08-09 16:33:39 ----D---- C:\Windows\system32\drivers\UMDF
2010-08-09 16:31:01 ----D---- C:\Windows\system32\en-US
2010-08-09 16:31:00 ----D---- C:\Windows\system32\drivers\en-US
2010-08-09 16:30:57 ----D---- C:\Windows\system32\wbem
2010-08-09 16:30:53 ----D---- C:\Windows\system32\uk-UA
2010-08-09 16:30:53 ----D---- C:\Windows\system32\pt-PT
2010-08-09 16:30:53 ----D---- C:\Windows\system32\pt-BR
2010-08-09 16:30:53 ----D---- C:\Windows\system32\pl-PL
2010-08-09 16:30:53 ----D---- C:\Windows\system32\ko-KR
2010-08-09 16:30:53 ----D---- C:\Windows\system32\it-IT
2010-08-09 16:30:53 ----D---- C:\Windows\system32\hu-HU
2010-08-09 16:30:53 ----D---- C:\Windows\system32\he-IL
2010-08-09 16:30:53 ----D---- C:\Windows\system32\bg-BG
2010-08-09 16:30:52 ----D---- C:\Windows\system32\zh-HK
2010-08-09 16:30:52 ----D---- C:\Windows\system32\tr-TR
2010-08-09 16:30:52 ----D---- C:\Windows\system32\sr-Latn-CS
2010-08-09 16:30:52 ----D---- C:\Windows\system32\sl-SI
2010-08-09 16:30:52 ----D---- C:\Windows\system32\nl-NL
2010-08-09 16:30:52 ----D---- C:\Windows\system32\hr-HR
2010-08-09 16:30:52 ----D---- C:\Windows\system32\fr-FR
2010-08-09 16:30:52 ----D---- C:\Windows\system32\fi-FI
2010-08-09 16:30:52 ----D---- C:\Windows\system32\el-GR
2010-08-09 16:30:51 ----D---- C:\Windows\system32\zh-TW
2010-08-09 16:30:51 ----D---- C:\Windows\system32\zh-CN
2010-08-09 16:30:51 ----D---- C:\Windows\system32\th-TH
2010-08-09 16:30:51 ----D---- C:\Windows\system32\sv-SE
2010-08-09 16:30:51 ----D---- C:\Windows\system32\sk-SK
2010-08-09 16:30:51 ----D---- C:\Windows\system32\ru-RU
2010-08-09 16:30:51 ----D---- C:\Windows\system32\ro-RO
2010-08-09 16:30:51 ----D---- C:\Windows\system32\nb-NO
2010-08-09 16:30:51 ----D---- C:\Windows\system32\lv-LV
2010-08-09 16:30:51 ----D---- C:\Windows\system32\lt-LT
2010-08-09 16:30:51 ----D---- C:\Windows\system32\ja-JP
2010-08-09 16:30:51 ----D---- C:\Windows\system32\et-EE
2010-08-09 16:30:51 ----D---- C:\Windows\system32\es-ES
2010-08-09 16:30:51 ----D---- C:\Windows\system32\de-DE
2010-08-09 16:30:51 ----D---- C:\Windows\system32\da-DK
2010-08-09 16:30:51 ----D---- C:\Windows\system32\cs-CZ
2010-08-09 16:30:51 ----D---- C:\Windows\system32\ar-SA
2010-08-08 13:28:45 ----D---- C:\Windows\system32\drivers\etc
2010-08-08 12:45:45 ----SHD---- C:\Boot
2010-08-08 12:38:43 ----D---- C:\Program Files\Windows Calendar
2010-08-08 12:38:42 ----D---- C:\Program Files\Windows Sidebar
2010-08-08 12:38:42 ----D---- C:\Program Files\Windows Photo Gallery
2010-08-08 12:38:42 ----D---- C:\Program Files\Windows Media Player
2010-08-08 12:38:42 ----D---- C:\Program Files\Windows Collaboration
2010-08-08 12:38:42 ----D---- C:\Program Files\Common Files\System
2010-08-08 12:38:41 ----D---- C:\Windows\servicing
2010-08-08 12:38:41 ----D---- C:\Program Files\Windows Defender
2010-08-08 12:38:38 ----D---- C:\Windows\IME
2010-08-08 12:38:37 ----D---- C:\Windows\system32\XPSViewer
2010-08-08 12:38:36 ----D---- C:\Windows\system32\oobe
2010-08-08 12:38:34 ----D---- C:\Windows\system32\setup
2010-08-08 12:38:34 ----D---- C:\Windows\system32\AdvancedInstallers
2010-08-08 12:38:33 ----D---- C:\Windows\system32\SLUI
2010-08-08 12:38:33 ----D---- C:\Windows\system32\manifeststore
2010-08-08 12:38:33 ----D---- C:\Windows\system32\en
2010-08-08 12:38:31 ----D---- C:\Windows\system32\migwiz
2010-08-08 12:38:16 ----D---- C:\Windows\AppPatch
2010-08-08 12:38:10 ----D---- C:\Windows\system32\Boot
2010-08-08 12:37:04 ----D---- C:\Windows\system32\RTCOM
2010-08-08 12:19:40 ----A---- C:\Windows\fonts\GlobalUserInterface.CompositeFont
2010-08-08 12:01:58 ----D---- C:\Windows\Prefetch
2010-08-07 17:57:58 ----D---- C:\Windows\system32\config
2010-08-07 17:57:49 ----D---- C:\Windows\Tasks
2010-08-07 17:57:49 ----D---- C:\Windows\system32\spool
2010-08-07 17:57:49 ----D---- C:\Windows\system32\Msdtc
2010-08-07 17:57:47 ----D---- C:\Windows\registration
2010-08-07 11:26:34 ----D---- C:\ProgramData\CyberLink
2010-08-07 11:25:22 ----SD---- C:\ProgramData\Microsoft
2010-08-07 11:23:28 ----D---- C:\Program Files\Common Files\microsoft shared

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ahcix86s;ahcix86s; C:\Windows\system32\DRIVERS\ahcix86s.sys [2008-05-27 173576]
R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2008-04-28 14352]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2008-05-14 18992]
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-31 13824]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-03-21 15392]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-21 95744]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-05-14 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-05-14 60464]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-29 8192]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-08-15 921600]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-06-25 3844608]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-03-28 210432]
R3 bbcap;bbcap; C:\Windows\system32\DRIVERS\bbcap.sys [2010-08-18 4096]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-03 21264]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-22 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-22 207360]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-21 2143136]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-31 14848]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-03-12 61440]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-25 199472]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2008-05-28 22072]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-22 659968]
S3 APLMp50;APLMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\APLMp50.sys [2006-11-29 28224]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2007-11-06 34064]
S3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-21 30720]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-06-25 692224]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-05-14 500784]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-07 110592]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-26 45056]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-26 131072]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-29 386560]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]

-----------------EOF-----------------
info.txt logfile of random's system information tool 1.08 2010-09-05 23:43:51

======Uninstall list======

µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Acer Crystal Eye webcam Ver:1.1.57.409-->C:\Program Files\InstallShield Installation Information\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}\setup.exe -runfromtemp -l0x0009 -removeonly
Acer eDataSecurity Management-->C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSnstHelper.exe -Operation UNINSTALL
Acer Empowering Technology-->"C:\Program Files\InstallShield Installation Information\{8F1B6239-FEA0-450A-A950-B05276CE177C}\setup.exe" -runfromtemp -l0x0009 -removeonly
Acer ePower Management-->"C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -runfromtemp -l0x0009 -removeonly
Acer eSettings Management-->"C:\Program Files\InstallShield Installation Information\{13D85C14-2B85-419F-AC41-C7F21E68B25D}\setup.exe" -runfromtemp -l0x0009 -removeonly
Acer GameZone Console 2.0.1.1-->"C:\Program Files\Acer GameZone\GameConsole\unins000.exe"
Acer GridVista-->C:\Windows\GVUni.exe GridV.UNI
Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x9 -removeonly
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin
Adobe Reader 8.2.4-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A82000000003}
Aleo Flash Intro Banner Maker 3.0-->"C:\Program Files\Aleo Software\Flash Intro and Banner Maker\unins000.exe"
Amara - Flash Intro and Banner Builder-->C:\Program Files\Amara - Flash Intro and Banner Builder\uninstall.exe
AMD USB Audio Driver Filter-->MsiExec.exe /X{A3AB35FA-943E-4799-99DC-46EFD59E998F}
Applian Director-->"C:\Windows\Applian Director\uninstall.exe" "/U:C:\Program Files\Applian Director\Uninstall\uninstall_director.xml"
BB FlashBack 2 Express-->"C:\ProgramData\{21C1E35C-913A-42D2-91B6-6AE1243D6B65}\BB FlashBack Express.exe" REMOVE=TRUE MODIFY=FALSE
BB FlashBack 2 Express-->C:\ProgramData\{21C1E35C-913A-42D2-91B6-6AE1243D6B65}\BB FlashBack Express.exe
BB FlashBack Pro-->"C:\ProgramData\{3DE32C28-52E4-4E69-9FF0-AE6E4DDFC935}\BB FlashBack.exe" REMOVE=TRUE MODIFY=FALSE
BB FlashBack Pro-->C:\ProgramData\{3DE32C28-52E4-4E69-9FF0-AE6E4DDFC935}\BB FlashBack.exe
Broadcom Gigabit Integrated Controller-->MsiExec.exe /X{A64A5576-D862-44F8-89DC-2B17FCC9B86E}
Catalyst Control Center - Branding-->MsiExec.exe /I{802F0F4E-A0A5-4E4D-9D7B-1933913EF7B6}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CyberLink PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
CyberLink PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
Easy GIF Animator Pro 5.1-->MsiExec.exe /X{F4995503-86AA-432F-BF3C-0A613D444A27}
EPSON Printer Software-->C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
FileZilla Client 3.3.4.1-->C:\Program Files\FileZilla FTP Client\uninstall.exe
Google Gmail Notifier-->"C:\Program Files\Google\Gmail Notifier\UninstallGmail.exe"
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118\UIU32m.exe -U -Ic:\Release\Foxconn\51338\AcrZUn32z.inf
High-Definition Video Playback 10-->MsiExec.exe /X{237CCB62-8454-43E3-B158-3ACD0134852E}
HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Java™ 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}
Karaoke Builder Studio 3.x-->C:\KBStudio\UNWISE.EXE C:\KBStudio\INSTALL.LOG
Karaoke DVD Burner-->"C:\Program Files\Doblon\Karaoke DVD Burner\unins000.exe"
Launch Manager-->C:\Windows\UNINST32.EXE LManager.UNI
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Primary Interoperability Assemblies 2005-->MsiExec.exe /X{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Works-->MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
Mozilla Firefox (3.6.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 10 Menu TemplatePack Basic-->MsiExec.exe /X{63AA3EAB-23BB-48B2-9AD0-44F878075604}
Nero 10 Movie ThemePack Basic-->MsiExec.exe /X{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}
Nero BackItUp 10 Help (CHM)-->MsiExec.exe /X{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}
Nero BackItUp 10-->MsiExec.exe /X{68AB6930-5BFF-4FF6-923B-516A91984FE6}
Nero Burning ROM 10-->MsiExec.exe /X{7A5D731D-B4B3-490E-B339-75685712BAAB}
Nero BurningROM 10 Help (CHM)-->MsiExec.exe /X{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}
Nero BurnRights 10 Help (CHM)-->MsiExec.exe /X{555868C6-49FB-484F-BB43-8980651A1B00}
Nero BurnRights 10-->MsiExec.exe /X{943CFD7D-5336-47AF-9418-E02473A5A517}
Nero Control Center 10-->MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38}
Nero ControlCenter 10 Help (CHM)-->MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}
Nero Core Components 10-->MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}
Nero CoverDesigner 10 Help (CHM)-->MsiExec.exe /X{C3273C55-E1E4-41FF-8D69-0158090DB8D8}
Nero CoverDesigner 10-->MsiExec.exe /X{FCF00A6E-FB58-477A-ABE9-232907105521}
Nero DiscCopy Gadget 10-->MsiExec.exe /X{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}
Nero DiscCopyGadget 10 Help (CHM)-->MsiExec.exe /X{5F548A02-80BC-404D-BAE6-F05F9BF6B449}
Nero DiscSpeed 10 Help (CHM)-->MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC}
Nero DiscSpeed 10-->MsiExec.exe /X{34490F4E-48D0-492E-8249-B48BECF0537C}
Nero Dolby Files 10-->MsiExec.exe /X{C3580AC4-C827-4332-B935-9A282ED5BB97}
Nero Express 10 Help (CHM)-->MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98}
Nero Express 10-->MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7}
Nero InfoTool 10 Help (CHM)-->MsiExec.exe /X{66049135-9659-4AAD-9169-9CCA269EBB3E}
Nero InfoTool 10-->MsiExec.exe /X{F412B4AF-388C-4FF5-9B2F-33DB1C536953}
Nero MediaHub 10 Help (CHM)-->MsiExec.exe /X{F467862A-D9CA-47ED-8D81-B4B3C9399272}
Nero MediaHub 10-->MsiExec.exe /X{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}
Nero Multimedia Suite 10-->MsiExec.exe /I{277C1559-4CF7-44FF-8D07-98AA9C13AABD}
Nero Recode 10 Help (CHM)-->MsiExec.exe /X{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}
Nero Recode 10-->MsiExec.exe /X{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}
Nero RescueAgent 10 Help (CHM)-->MsiExec.exe /X{92E25238-61A3-4ACD-A407-3C480EEF47A7}
Nero RescueAgent 10-->MsiExec.exe /X{E337E787-CF61-4B7B-B84F-509202A54023}
Nero SoundTrax 10 Help (CHM)-->MsiExec.exe /X{16987E99-C95C-4513-9239-7B44A0A71DB5}
Nero SoundTrax 10-->MsiExec.exe /X{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}
Nero StartSmart 10 Help (CHM)-->MsiExec.exe /X{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}
Nero StartSmart 10-->MsiExec.exe /X{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}
Nero Update-->MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
Nero Vision 10 Help (CHM)-->MsiExec.exe /X{329411A0-19F3-4740-874F-17400B126F27}
Nero Vision 10-->MsiExec.exe /X{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}
Nero WaveEditor 10 Help (CHM)-->MsiExec.exe /X{7A295D8F-484B-4FFB-89AB-C1FD497591FE}
Nero WaveEditor 10-->MsiExec.exe /X{EDCDFAD5-DF80-4600-A493-E9DAD6810230}
Notepad++-->C:\Program Files\Notepad++\uninstall.exe
NTI Backup Now 5-->C:\Program Files\InstallShield Installation Information\{12EFA1A4-AC3B-443C-8143-237EDE760403}\setup.exe -runfromtemp -l0x0409
NTI Media Maker 8-->C:\Program Files\InstallShield Installation Information\{2413930C-8309-47A6-BC61-5EF27A4222BC}\setup.exe -runfromtemp -l0x0409
OpenOffice.org 3.2-->MsiExec.exe /I{09DF00E6-520C-49D5-B7E0-9612165CACA8}
Paint.NET v3.5.5-->MsiExec.exe /X{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}
PhotoNow!-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" -uninstall
Power CD+G Burner-->"C:\Program Files\Doblon\Power CD+G Burner\unins000.exe"
Rapidshare Auto Downloader 4.1-->MsiExec.exe /I{B0B46A1F-EC96-44A4-A9FB-62FE33BAF7DE}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
Realtek USB 2.0 Card Reader-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\Setup.exe" -l0x9 -removeonly
Replay AV 8-->"C:\Windows\Replay AV\uninstall.exe" "/U:C:\Program Files\Replay AV 8\uninstallRAV8.ini"
Replay Converter 4-->"C:\Windows\Replay Converter 4\uninstall.exe" "/U:C:\Program Files\Replay Converter 4\Uninstall\ReplayConverrter4Uninstall.xml"
Serif DrawPlus X4-->MsiExec.exe /X{EEA1BB90-CF27-449E-B269-0C5A660AC4C1}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Vista Codec Package-->MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
WinPcap 4.0.2-->C:\Program Files\WinPcap\uninstall.exe
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
XSitePro2-->"C:\Windows\XSitePro2 Uninstaller.exe"

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AS: Spybot - Search and Destroy
AS: Windows Defender

======System event log======

Computer Name: WIN-KV40Q3DZD07
Event Code: 134
Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
Record Number: 9111
Source Name: Microsoft-Windows-Time-Service
Time Written: 20100805180919.000000-000
Event Type: Warning
User:

Computer Name: WIN-KV40Q3DZD07
Event Code: 134
Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
Record Number: 9110
Source Name: Microsoft-Windows-Time-Service
Time Written: 20100805180917.000000-000
Event Type: Warning
User:

Computer Name: WIN-KV40Q3DZD07
Event Code: 15016
Message: Unable to initialize the security package Kerberos for server side authentication. The data field contains the error number.
Record Number: 9109
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20100805180907.023771-000
Event Type: Error
User:

Computer Name: WIN-KV40Q3DZD07
Event Code: 263
Message: The service 'ShellHWDetection' may not have unregistered for device event notifications before it was stopped.
Record Number: 9108
Source Name: PlugPlayManager
Time Written: 20100805180906.000000-000
Event Type: Warning
User:

Computer Name: WIN-KV40Q3DZD07
Event Code: 4
Message: Broadcom NetXtreme Gigabit Ethernet: The network link is down. Check to make sure the network cable is properly connected.
Record Number: 9106
Source Name: b57nd60x
Time Written: 20100805180644.002054-000
Event Type: Warning
User:

=====Application event log=====

Computer Name: fallows-PC
Event Code: 10
Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Record Number: 592
Source Name: Microsoft-Windows-WMI
Time Written: 20100805103729.000000-000
Event Type: Error
User:

Computer Name: fallows-PC
Event Code: 3086
Message: The system locale has changed. Existing data will be deleted and the index must be recreated.

Context: Application, SystemIndex Catalog

Record Number: 584
Source Name: Microsoft-Windows-Search
Time Written: 20100805103614.000000-000
Event Type: Warning
User:

Computer Name: fallows-PC
Event Code: 10
Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Record Number: 558
Source Name: Microsoft-Windows-WMI
Time Written: 20100805102943.000000-000
Event Type: Error
User:

Computer Name: WIN-KV40Q3DZD07
Event Code: 1008
Message: The Windows Search Service is attempting to remove the old catalog.

Record Number: 542
Source Name: Microsoft-Windows-Search
Time Written: 20100805181205.000000-000
Event Type: Warning
User:

Computer Name: WIN-KV40Q3DZD07
Event Code: 1036
Message: InitializePrintProvider failed for provider inetpp.dll. This can occur because of system instability or a lack of system resources.
Record Number: 533
Source Name: Microsoft-Windows-SpoolerSpoolss
Time Written: 20100805181109.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: WIN-KV40Q3DZD07
Event Code: 4648
Message: A logon was attempted using explicit credentials.

Subject:
Security ID: S-1-5-18
Account Name: WIN-KV40Q3DZD07$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Account Whose Credentials Were Used:
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon GUID: {00000000-0000-0000-0000-000000000000}

Target Server:
Target Server Name: localhost
Additional Information: localhost

Process Information:
Process ID: 0x220
Process Name: C:\Windows\System32\services.exe

Network Information:
Network Address: -
Port: -

This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
Record Number: 545
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080820222304.485743-000
Event Type: Audit Success
User:

Computer Name: WIN-KV40Q3DZD07
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 544
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080820222304.255743-000
Event Type: Audit Success
User:

Computer Name: WIN-KV40Q3DZD07
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: WIN-KV40Q3DZD07$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x220
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 543
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080820222304.255743-000
Event Type: Audit Success
User:

Computer Name: WIN-KV40Q3DZD07
Event Code: 4648
Message: A logon was attempted using explicit credentials.

Subject:
Security ID: S-1-5-18
Account Name: WIN-KV40Q3DZD07$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Account Whose Credentials Were Used:
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon GUID: {00000000-0000-0000-0000-000000000000}

Target Server:
Target Server Name: localhost
Additional Information: localhost

Process Information:
Process ID: 0x220
Process Name: C:\Windows\System32\services.exe

Network Information:
Network Address: -
Port: -

This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
Record Number: 542
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080820222304.255743-000
Event Type: Audit Success
User:

Computer Name: WIN-KV40Q3DZD07
Event Code: 1102
Message: The audit log was cleared.
Subject:
Security ID: S-1-5-21-2070570978-2086935091-2248778342-500
Account Name: Administrator
Domain Name: WIN-KV40Q3DZD07
Logon ID: 0x3009c
Record Number: 541
Source Name: Microsoft-Windows-Eventlog
Time Written: 20080820222258.451743-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\CoffeeCup Software\CoffeeCup ShoppingCart;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Acer\Empowering Technology\eDataSecurity\;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=17
"PROCESSOR_IDENTIFIER"=x86 Family 17 Model 3 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0301
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"Pathtem"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"NTIPath"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\;

-----------------EOF-----------------

Edited by hamluis, 05 September 2010 - 06:21 PM.
Moved from Vista forum to Malware Removal Logs ~ Hamluis.


BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,204 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:36 AM

Posted 13 September 2010 - 04:30 AM

Hello ,
And welcome.gif to the Bleeping Computer Malware Removal Forum
. My name is Elise and I'll be glad to help you with your computer problems.


I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.
  • The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.
You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.
-----------------------------------------------------------

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

If you have already posted a log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Quick Scan button.
  • Two reports will open, copy and paste them in a reply here:
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Please download Rootkit Unhooker and save it to your Desktop
  • Double-click on RKUnhookerLE to run it
  • Click the Report tab, then click Scan
  • Check Drivers, Stealth and uncheck the rest
  • Click OK
  • Wait until it's finished and then go to File > Save Report
  • Save the report to your Desktop
Copy the entire contents of the report and paste it in a reply here.

Note - you may get this warning it is ok, just ignore: "Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"


-------------------------------------------------------------
In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem

If you still need help, please include the following in your next reply
  • A detailed description of your problems
  • A new OTL log (don't forget extra.txt)
  • RKU log

Thanks and again sorry for the delay.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#3 thebigman

thebigman
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:36 AM

Posted 16 September 2010 - 06:38 AM

Hi Thanks very much. I finished up reformating my computer. Thanks again.


#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,204 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:36 AM

Posted 16 September 2010 - 06:51 AM

Thank you for letting me know. I will now close this topic.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users