Toshba Satellite A200-ST2043, random shutdowns, random freezes

[James2010]

Code:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:58:56 AM, on 7/16/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ph.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O13 - Gopher Prefix: 
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: pinger - Unknown owner - C:\TOSHIBA\IVP\ISM\pinger.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 7614 bytes

[Jintan]

Welcome to HijackThis.de James2010,

So far all that shows is that DAEMON Tools Toolbar, which is adware (see here). But not likely something that would bring on system freezes. The log does show a part of Norton there, as well as Eset, so you may be having problems caused by Norton leaving some of it's settings behind after some past uninstall. Let's get a more detailed look at things.

Be sure when running any of the files we use here to right click/Run as administrator each of them.


To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs. Here are some antivirus disable tips if needed.



Download RSIT (random's system information tool) from here to your desktop. Then click on the RSIT.exe to open the RSIT display, and click the Continue button.

If RSIT downloads/installs HijackThis be sure to agree to the install of that.

Once the scan completes a textbox will open - copy/paste those contents here for review please. The log can also be found at C:\rsit\log.txt.

RSIT will also create a second log, info.txt, which will be minimized to your taskbar. Post that here as well please (it will also be stored at C:\rsit\info.txt).

You can break logs into parts and use separate posts here when replying and posting the log files, if needed.

--------------

Also click here and download the installer for Gmer to your desktop, then click that file to run Gmer.


Once the opening scan finishes, click on Scan (before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan).

When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.

[James2010]

Logfile of random's system information tool 1.08 (written by random/random)
Run by James Raphael at 2010-07-19 16:10:44
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 61 GB (60%) free of 102 GB
Total RAM: 2046 MB (57% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion \Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion \Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0\bin\ssv.dll [2007-05-29 501384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion \Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion \Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"NDSTray.exe"=NDSTray.exe []
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-04-25 4444160]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-08-14 1348904]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2007-03-29 411192]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-03-22 448632]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-05-22 538744]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-02-06 2021400]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584]
"Skytel"=C:\Windows\Skytel.exe [2007-04-13 1822720]
""= []
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-02-12 174872]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Windows\system32\psqlpwd.dll [2006-12-03 90112]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
psqlpwd

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot \network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot \network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot \network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot \network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion \Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=67108675

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion \Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\shareda ccess\parameters\firewallpolicy\standardprofile\authorizedap plications\list]
"C:\TOSHIBA\ivp\NetInt\Netint.exe"="C:\TOSHIBA\ivp\NetInt\Ne tint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine"
"C:\TOSHIBA\Ivp\ISM\pinger.exe"="C:\TOSHIBA\Ivp\ISM\pinger.e xe:*:Enabled:Toshiba Software Upgrades Pinger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\shareda ccess\parameters\firewallpolicy\domainprofile\authorizedappl ications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2010-07-19 16:10:44 ----D---- C:\rsit
2010-07-18 21:08:41 ----A---- C:\Windows\ntbtlog.txt
2010-07-16 02:57:04 ----D---- C:\Program Files\Trend Micro
2010-07-13 23:57:43 ----A---- C:\Windows\system32\winrsmgr.dll
2010-07-13 23:57:14 ----A---- C:\Windows\system32\wsmprovhost.exe
2010-07-13 23:57:13 ----A---- C:\Windows\system32\winrshost.exe
2010-07-13 23:57:13 ----A---- C:\Windows\system32\winrs.exe
2010-07-13 23:57:11 ----A---- C:\Windows\system32\wsmplpxy.dll
2010-07-13 23:57:11 ----A---- C:\Windows\system32\winrssrv.dll
2010-07-13 23:57:04 ----A---- C:\Windows\system32\wevtfwd.dll
2010-07-13 23:57:04 ----A---- C:\Windows\system32\wecutil.exe
2010-07-13 23:57:04 ----A---- C:\Windows\system32\wecapi.dll
2010-07-13 23:57:03 ----A---- C:\Windows\system32\WsmRes.dll
2010-07-13 23:57:03 ----A---- C:\Windows\system32\wecsvc.dll
2010-07-13 23:57:03 ----A---- C:\Windows\system32\pwrshplugin.dll
2010-07-13 23:56:52 ----A---- C:\Windows\system32\winrm.vbs
2010-07-13 23:56:49 ----A---- C:\Windows\system32\WsmWmiPl.dll
2010-07-13 23:56:49 ----A---- C:\Windows\system32\WsmAuto.dll
2010-07-13 23:56:49 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2010-07-13 23:56:49 ----A---- C:\Windows\system32\winrscmd.dll
2010-07-13 23:56:48 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2010-07-13 23:56:45 ----A---- C:\Windows\system32\WsmSvc.dll
2010-07-13 23:51:45 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2010-07-13 03:43:26 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2010-07-13 03:43:26 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2010-07-13 03:35:54 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys
2010-07-13 03:35:16 ----D---- C:\Program Files\PC Connectivity Solution
2010-07-12 18:53:37 ----D---- C:\ProgramData\Nokia
2010-07-12 18:43:28 ----D---- C:\Users\James Raphael\AppData\Roaming\PC Suite
2010-07-12 18:41:51 ----D---- C:\Users\James Raphael\AppData\Roaming\Nokia
2010-07-12 18:41:49 ----D---- C:\ProgramData\PC Suite
2010-07-12 18:27:20 ----D---- C:\Program Files\Common Files\PCSuite
2010-07-12 18:27:12 ----D---- C:\Program Files\Common Files\Nokia
2010-07-12 18:26:59 ----D---- C:\Program Files\DIFX
2010-07-12 18:25:40 ----DC---- C:\Windows\system32\DRVSTORE
2010-07-12 18:17:45 ----D---- C:\Program Files\Nokia
2010-07-12 18:15:02 ----D---- C:\ProgramData\Installations
2010-07-12 03:15:07 ----D---- C:\Intel
2010-07-12 02:29:09 ----A---- C:\Windows\system32\drivers\WPEDRV.sys
2010-07-09 01:50:53 ----D---- C:\Users\James Raphael\AppData\Roaming\Roxio
2010-07-05 14:01:47 ----D---- C:\Users\James Raphael\AppData\Roaming\Media Player Classic
2010-07-05 03:03:11 ----D---- C:\Program Files\Roxio
2010-07-05 03:03:11 ----D---- C:\Program Files\Common Files\Sonic Shared
2010-07-05 02:38:50 ----A---- C:\Windows\system32\drivers\RimSerial.sys
2010-07-05 02:37:22 ----D---- C:\ProgramData\Research In Motion
2010-07-05 00:30:23 ----D---- C:\Users\James Raphael\AppData\Roaming\Research In Motion
2010-07-05 00:21:32 ----D---- C:\ProgramData\InstallShield
2010-07-05 00:21:22 ----D---- C:\ProgramData\Sonic
2010-07-05 00:20:27 ----ASH---- C:\Users\James Raphael\AppData\Roaming\desktop.ini
2010-07-05 00:17:43 ----D---- C:\ProgramData\Roxio
2010-07-05 00:17:29 ----D---- C:\Program Files\Common Files\Roxio Shared
2010-07-05 00:05:46 ----D---- C:\Program Files\Common Files\Research In Motion
2010-07-05 00:05:41 ----D---- C:\Program Files\Research In Motion
2010-07-05 00:00:35 ----D---- C:\Users\James Raphael\AppData\Roaming\Macromedia
2010-07-04 02:21:12 ----D---- C:\ProgramData\PopCap Games
2010-07-03 21:21:36 ----A---- C:\Windows\swupdate.INI
2010-07-03 21:13:48 ----D---- C:\Users\James Raphael\AppData\Roaming\Ulead Systems
2010-07-02 15:41:38 ----D---- C:\Users\James Raphael\AppData\Roaming\Camfrog
2010-07-02 15:41:19 ----D---- C:\Program Files\Ask.com
2010-07-02 15:40:53 ----D---- C:\Program Files\Camfrog
2010-06-30 00:40:02 ----D---- C:\Users\James Raphael\AppData\Roaming\GRETECH
2010-06-29 18:38:58 ----D---- C:\Program Files\Windows Portable Devices
2010-06-29 18:29:49 ----A---- C:\Windows\system32\UIAnimation.dll
2010-06-29 18:29:48 ----A---- C:\Windows\system32\UIRibbonRes.dll
2010-06-29 18:29:48 ----A---- C:\Windows\system32\UIRibbon.dll
2010-06-29 18:29:10 ----A---- C:\Windows\system32\WMPhoto.dll
2010-06-29 18:29:09 ----A---- C:\Windows\system32\cdd.dll
2010-06-29 18:29:08 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2010-06-29 18:29:08 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-06-29 18:29:08 ----A---- C:\Windows\system32\d3d10warp.dll
2010-06-29 18:29:07 ----A---- C:\Windows\system32\XpsRasterService.dll
2010-06-29 18:29:07 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2010-06-29 18:29:07 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-06-29 18:29:07 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-06-29 18:29:07 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2010-06-29 18:29:07 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-06-29 18:29:07 ----A---- C:\Windows\system32\dxdiagn.dll
2010-06-29 18:29:07 ----A---- C:\Windows\system32\dxdiag.exe
2010-06-29 18:29:07 ----A---- C:\Windows\system32\d2d1.dll
2010-06-29 18:28:59 ----A---- C:\Windows\system32\xpsservices.dll
2010-06-29 18:28:59 ----A---- C:\Windows\system32\XpsPrint.dll
2010-06-29 18:28:59 ----A---- C:\Windows\system32\OpcServices.dll
2010-06-29 18:28:58 ----A---- C:\Windows\system32\FntCache.dll
2010-06-29 18:28:58 ----A---- C:\Windows\system32\dxgi.dll
2010-06-29 18:28:58 ----A---- C:\Windows\system32\DWrite.dll
2010-06-29 18:28:58 ----A---- C:\Windows\system32\d3d11.dll
2010-06-29 18:28:58 ----A---- C:\Windows\system32\d3d10level9.dll
2010-06-29 18:28:58 ----A---- C:\Windows\system32\d3d10core.dll
2010-06-29 18:28:58 ----A---- C:\Windows\system32\d3d10_1core.dll
2010-06-29 18:28:58 ----A---- C:\Windows\system32\d3d10_1.dll
2010-06-29 18:28:58 ----A---- C:\Windows\system32\d3d10.dll
2010-06-29 18:28:18 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2010-06-29 18:28:18 ----A---- C:\Windows\system32\wpdbusenum.dll
2010-06-29 18:28:18 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2010-06-29 18:28:15 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2010-06-29 18:28:13 ----A---- C:\Windows\system32\WpdConns.dll
2010-06-29 18:28:12 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2010-06-29 18:28:12 ----A---- C:\Windows\system32\wpdshext.dll
2010-06-29 18:28:12 ----A---- C:\Windows\system32\WpdMtpUS.dll
2010-06-29 18:28:12 ----A---- C:\Windows\system32\WpdMtp.dll
2010-06-29 18:28:12 ----A---- C:\Windows\system32\wpd_ci.dll
2010-06-29 18:28:12 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2010-06-29 18:28:12 ----A---- C:\Windows\system32\drivers\WpdUsb.sys
2010-06-29 18:28:11 ----A---- C:\Windows\system32\WPDSp.dll
2010-06-29 18:28:11 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2010-06-29 18:28:11 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2010-06-29 18:28:11 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2010-06-29 18:26:37 ----A---- C:\Windows\system32\oleaccrc.dll
2010-06-29 18:26:34 ----A---- C:\Windows\system32\UIAutomationCore.dll
2010-06-29 18:26:34 ----A---- C:\Windows\system32\oleacc.dll
2010-06-28 16:17:25 ----D---- C:\divx
2010-06-27 21:06:24 ----D---- C:\Program Files\WinRAR
2010-06-26 19:58:28 ----D---- C:\Program Files\Microsoft.NET
2010-06-26 19:56:55 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-06-26 19:56:55 ----A---- C:\Windows\system32\PresentationHost.exe
2010-06-26 19:56:54 ----A---- C:\Windows\system32\netfxperf.dll
2010-06-26 19:56:54 ----A---- C:\Windows\system32\mscoree.dll
2010-06-26 19:56:54 ----A---- C:\Windows\system32\dfshim.dll
2010-06-26 19:44:24 ----A---- C:\Windows\system32\inetcomm.dll
2010-06-26 19:44:19 ----A---- C:\Windows\system32\asycfilt.dll
2010-06-26 19:44:09 ----A---- C:\Windows\system32\gameux.dll
2010-06-26 19:44:06 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-06-26 19:44:05 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-06-26 19:43:52 ----A---- C:\Windows\system32\tzres.dll
2010-06-26 19:43:15 ----A---- C:\Windows\system32\atmfd.dll
2010-06-26 19:43:14 ----A---- C:\Windows\system32\atmlib.dll
2010-06-26 19:41:13 ----A---- C:\Windows\system32\mshtml.dll
2010-06-26 19:41:06 ----A---- C:\Windows\system32\ieframe.dll
2010-06-26 19:41:04 ----A---- C:\Windows\system32\iertutil.dll
2010-06-26 19:41:02 ----A---- C:\Windows\system32\urlmon.dll
2010-06-26 19:41:01 ----A---- C:\Windows\system32\wininet.dll
2010-06-26 19:41:00 ----A---- C:\Windows\system32\occache.dll
2010-06-26 19:41:00 ----A---- C:\Windows\system32\msfeeds.dll
2010-06-26 19:40:59 ----A---- C:\Windows\system32\mstime.dll
2010-06-26 19:40:59 ----A---- C:\Windows\system32\iedkcs32.dll
2010-06-26 19:40:57 ----A---- C:\Windows\system32\ieui.dll
2010-06-26 19:40:56 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-06-26 19:40:56 ----A---- C:\Windows\system32\ieUnatt.exe
2010-06-26 19:40:56 ----A---- C:\Windows\system32\iepeers.dll
2010-06-26 19:40:55 ----A---- C:\Windows\system32\msfeedssync.exe
2010-06-26 19:40:55 ----A---- C:\Windows\system32\jsproxy.dll
2010-06-26 19:40:55 ----A---- C:\Windows\system32\iesysprep.dll
2010-06-26 19:40:55 ----A---- C:\Windows\system32\ie4uinit.exe
2010-06-26 19:40:54 ----A---- C:\Windows\system32\iesetup.dll
2010-06-26 19:40:54 ----A---- C:\Windows\system32\iernonce.dll
2010-06-26 19:40:41 ----A---- C:\Windows\system32\win32k.sys
2010-06-26 19:18:57 ----D---- C:\Windows\system32\eu-ES
2010-06-26 19:18:57 ----D---- C:\Windows\system32\ca-ES
2010-06-26 19:18:54 ----D---- C:\Windows\system32\vi-VN
2010-06-26 19:13:00 ----D---- C:\Windows\system32\SPReview
2010-06-26 18:49:06 ----A---- C:\Windows\system32\scavenge.dll
2010-06-26 18:48:54 ----A---- C:\Windows\system32\compcln.exe
2010-06-26 18:47:45 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2010-06-26 18:47:45 ----A---- C:\Windows\system32\SearchIndexer.exe
2010-06-26 18:47:45 ----A---- C:\Windows\system32\SearchFilterHost.exe
2010-06-26 18:47:45 ----A---- C:\Windows\system32\sdohlp.dll
2010-06-26 18:47:45 ----A---- C:\Windows\system32\sdclt.exe
2010-06-26 18:47:45 ----A---- C:\Windows\system32\samlib.dll
2010-06-26 18:47:45 ----A---- C:\Windows\system32\rtutils.dll
2010-06-26 18:47:45 ----A---- C:\Windows\system32\rtffilt.dll
2010-06-26 18:47:45 ----A---- C:\Windows\system32\rsaenh.dll
2010-06-26 18:47:45 ----A---- C:\Windows\system32\drivers\sdbus.sys
2010-06-26 18:47:44 ----A---- C:\Windows\system32\rpcss.dll
2010-06-26 18:47:44 ----A---- C:\Windows\system32\rpchttp.dll
2010-06-26 18:47:44 ----A---- C:\Windows\system32\riched20.dll
2010-06-26 18:47:44 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2010-06-26 18:47:44 ----A---- C:\Windows\system32\drivers\rmcast.sys
2010-06-26 18:47:43 ----A---- C:\Windows\system32\scrrun.dll
2010-06-26 18:47:42 ----A---- C:\Windows\system32\SCardSvr.dll
2010-06-26 18:47:42 ----A---- C:\Windows\system32\scansetting.dll
2010-06-26 18:47:41 ----A---- C:\Windows\system32\samsrv.dll
2010-06-26 18:47:38 ----A---- C:\Windows\system32\scrobj.dll
2010-06-26 18:47:38 ----A---- C:\Windows\system32\scksp.dll
2010-06-26 18:47:38 ----A---- C:\Windows\system32\schedsvc.dll
2010-06-26 18:47:38 ----A---- C:\Windows\system32\scesrv.dll
2010-06-26 18:47:38 ----A---- C:\Windows\system32\scecli.dll
2010-06-26 18:47:37 ----A---- C:\Windows\system32\perfdisk.dll
2010-06-26 18:47:37 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2010-06-26 18:47:37 ----A---- C:\Windows\system32\pdh.dll
2010-06-26 18:47:37 ----A---- C:\Windows\system32\drivers\pcmcia.sys
2010-06-26 18:47:36 ----A---- C:\Windows\system32\powercpl.dll
2010-06-26 18:47:36 ----A---- C:\Windows\system32\PNPXAssoc.dll
2010-06-26 18:47:36 ----A---- C:\Windows\system32\PnPutil.exe
2010-06-26 18:47:36 ----A---- C:\Windows\system32\PnPUnattend.exe
2010-06-26 18:47:36 ----A---- C:\Windows\system32\pnpui.dll
2010-06-26 18:47:36 ----A---- C:\Windows\system32\pnpsetup.dll
2010-06-26 18:47:36 ----A---- C:\Windows\system32\pnidui.dll
2010-06-26 18:47:36 ----A---- C:\Windows\system32\photowiz.dll
2010-06-26 18:47:36 ----A---- C:\Windows\system32\pcaui.dll
2010-06-26 18:47:36 ----A---- C:\Windows\system32\p2psvc.dll
2010-06-26 18:47:36 ----A---- C:\Windows\system32\P2PGraph.dll
2010-06-26 18:47:36 ----A---- C:\Windows\system32\drivers\portcls.sys
2010-06-26 18:47:36 ----A---- C:\Windows\system32\drivers\pciidex.sys
2010-06-26 18:47:36 ----A---- C:\Windows\system32\drivers\pci.sys
2010-06-26 18:47:36 ----A---- C:\Windows\system32\drivers\partmgr.sys
2010-06-26 18:47:36 ----A---- C:\Windows\system32\drivers\pacer.sys
2010-06-26 18:47:35 ----A---- C:\Windows\system32\PkgMgr.exe
2010-06-26 18:47:35 ----A---- C:\Windows\system32\pidgenx.dll
2010-06-26 18:47:35 ----A---- C:\Windows\system32\ntdll.dll
2010-06-26 18:47:35 ----A---- C:\Windows\system32\nslookup.exe
2010-06-26 18:47:35 ----A---- C:\Windows\system32\drivers\npfs.sys
2010-06-26 18:47:34 ----A---- C:\Windows\system32\drivers\ntfs.sys
2010-06-26 18:47:32 ----A---- C:\Windows\system32\offfilt.dll
2010-06-26 18:47:32 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2010-06-26 18:47:32 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2010-06-26 18:47:32 ----A---- C:\Windows\system32\nlhtml.dll
2010-06-26 18:47:32 ----A---- C:\Windows\system32\drivers\ohci1394.sys
2010-06-26 18:47:31 ----A---- C:\Windows\system32\oleaut32.dll
2010-06-26 18:47:30 ----A---- C:\Windows\system32\osk.exe
2010-06-26 18:47:30 ----A---- C:\Windows\system32\oobefldr.dll
2010-06-26 18:47:30 ----A---- C:\Windows\system32\onex.dll
2010-06-26 18:47:30 ----A---- C:\Windows\system32\olepro32.dll
2010-06-26 18:47:30 ----A---- C:\Windows\system32\oleprn.dll
2010-06-26 18:47:30 ----A---- C:\Windows\system32\ole32.dll
2010-06-26 18:47:30 ----A---- C:\Windows\system32\odbccp32.dll
2010-06-26 18:47:30 ----A---- C:\Windows\system32\odbcconf.dll
2010-06-26 18:47:30 ----A---- C:\Windows\system32\odbc32.dll
2010-06-26 18:47:29 ----A---- C:\Windows\system32\ocsetup.exe
2010-06-26 18:47:29 ----A---- C:\Windows\system32\ntmarta.dll
2010-06-26 18:47:29 ----A---- C:\Windows\system32\drivers\nwifi.sys
2010-06-26 18:47:28 ----A---- C:\Windows\system32\ntprint.dll
2010-06-26 18:47:27 ----A---- C:\Windows\system32\rastapi.dll
2010-06-26 18:47:27 ----A---- C:\Windows\system32\rasppp.dll
2010-06-26 18:47:27 ----A---- C:\Windows\system32\rasplap.dll
2010-06-26 18:47:27 ----A---- C:\Windows\system32\rasmontr.dll
2010-06-26 18:47:27 ----A---- C:\Windows\system32\rasmans.dll
2010-06-26 18:47:27 ----A---- C:\Windows\system32\rasgcw.dll
2010-06-26 18:47:27 ----A---- C:\Windows\system32\rasdlg.dll
2010-06-26 18:47:27 ----A---- C:\Windows\system32\rasdial.exe
2010-06-26 18:47:27 ----A---- C:\Windows\system32\rasdiag.dll
2010-06-26 18:47:27 ----A---- C:\Windows\system32\raschap.dll
2010-06-26 18:47:27 ----A---- C:\Windows\system32\rasapi32.dll
2010-06-26 18:47:27 ----A---- C:\Windows\system32\Query.dll
2010-06-26 18:47:27 ----A---- C:\Windows\system32\drivers\rassstp.sys
2010-06-26 18:47:27 ----A---- C:\Windows\system32\drivers\raspppoe.sys
2010-06-26 18:47:26 ----A---- C:\Windows\system32\RelMon.dll
2010-06-26 18:47:26 ----A---- C:\Windows\system32\rekeywiz.exe
2010-06-26 18:47:26 ----A---- C:\Windows\system32\regsvc.dll
2010-06-26 18:47:26 ----A---- C:\Windows\system32\RacEngn.dll
2010-06-26 18:47:26 ----A---- C:\Windows\system32\qmgr.dll
2010-06-26 18:47:26 ----A---- C:\Windows\system32\qedit.dll
2010-06-26 18:47:25 ----A---- C:\Windows\system32\regapi.dll
2010-06-26 18:47:25 ----A---- C:\Windows\system32\reg.exe
2010-06-26 18:47:25 ----A---- C:\Windows\system32\rdpwsx.dll
2010-06-26 18:47:25 ----A---- C:\Windows\system32\rdpencom.dll
2010-06-26 18:47:25 ----A---- C:\Windows\system32\PresentationSettings.exe
2010-06-26 18:47:25 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2010-06-26 18:47:25 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2010-06-26 18:47:25 ----A---- C:\Windows\system32\drivers\rdbss.sys
2010-06-26 18:47:24 ----A---- C:\Windows\system32\prnntfy.dll
2010-06-26 18:47:24 ----A---- C:\Windows\system32\printui.dll
2010-06-26 18:47:24 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dl l
2010-06-26 18:47:24 ----A---- C:\Windows\system32\powrprof.dll
2010-06-26 18:47:22 ----A---- C:\Windows\system32\qdvd.dll
2010-06-26 18:47:22 ----A---- C:\Windows\system32\QAGENTRT.DLL
2010-06-26 18:47:22 ----A---- C:\Windows\system32\puiapi.dll
2010-06-26 18:47:21 ----A---- C:\Windows\system32\psisdecd.dll
2010-06-26 18:47:21 ----A---- C:\Windows\system32\PSHED.DLL
2010-06-26 18:47:21 ----A---- C:\Windows\system32\propsys.dll
2010-06-26 18:47:21 ----A---- C:\Windows\system32\propdefs.dll
2010-06-26 18:47:21 ----A---- C:\Windows\system32\profsvc.dll
2010-06-26 18:47:18 ----A---- C:\Windows\system32\sendmail.dll
2010-06-26 18:47:17 ----A---- C:\Windows\system32\shlwapi.dll
2010-06-26 18:47:17 ----A---- C:\Windows\system32\shell32.dll
2010-06-26 18:47:17 ----A---- C:\Windows\system32\shdocvw.dll
2010-06-26 18:47:17 ----A---- C:\Windows\system32\setupapi.dll
2010-06-26 18:47:17 ----A---- C:\Windows\system32\sethc.exe
2010-06-26 18:47:17 ----A---- C:\Windows\system32\services.exe
2010-06-26 18:47:15 ----A---- C:\Windows\system32\eapphost.dll
2010-06-26 18:47:15 ----A---- C:\Windows\system32\eappgnui.dll
2010-06-26 18:47:15 ----A---- C:\Windows\system32\drivers\ecache.sys
2010-06-26 18:47:14 ----A---- C:\Windows\system32\EhStorAPI.dll
2010-06-26 18:47:14 ----A---- C:\Windows\system32\eappcfg.dll
2010-06-26 18:47:14 ----A---- C:\Windows\system32\eapp3hst.dll
2010-06-26 18:47:13 ----A---- C:\Windows\system32\dsprop.dll
2010-06-26 18:47:13 ----A---- C:\Windows\system32\dsound.dll
2010-06-26 18:47:13 ----A---- C:\Windows\system32\drivers\Dumpata.sys
2010-06-26 18:47:12 ----A---- C:\Windows\system32\f3ahvoas.dll
2010-06-26 18:47:12 ----A---- C:\Windows\system32\ExplorerFrame.dll
2010-06-26 18:47:12 ----A---- C:\Windows\system32\evr.dll
2010-06-26 18:47:12 ----A---- C:\Windows\system32\eudcedit.exe
2010-06-26 18:47:12 ----A---- C:\Windows\system32\esent.dll
2010-06-26 18:47:12 ----A---- C:\Windows\system32\dwm.exe
2010-06-26 18:47:12 ----A---- C:\Windows\system32\drivers\exfat.sys
2010-06-26 18:47:12 ----A---- C:\Windows\system32\drivers\dxg.sys
2010-06-26 18:47:12 ----A---- C:\Windows\explorer.exe
2010-06-26 18:47:11 ----A---- C:\Windows\system32\es.dll
2010-06-26 18:47:11 ----A---- C:\Windows\system32\EncDec.dll
2010-06-26 18:47:11 ----A---- C:\Windows\system32\emdmgmt.dll
2010-06-26 18:47:11 ----A---- C:\Windows\system32\EhStorShell.dll
2010-06-26 18:47:11 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2010-06-26 18:47:11 ----A---- C:\Windows\system32\EhStorAuthn.dll
2010-06-26 18:47:11 ----A---- C:\Windows\system32\diskraid.exe
2010-06-26 18:47:11 ----A---- C:\Windows\system32\diskpart.exe
2010-06-26 18:47:11 ----A---- C:\Windows\system32\dimsroam.dll
2010-06-26 18:47:11 ----A---- C:\Windows\system32\diagperf.dll
2010-06-26 18:47:11 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2010-06-26 18:47:10 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-06-26 18:47:10 ----A---- C:\Windows\system32\drivers\disk.sys
2010-06-26 18:47:10 ----A---- C:\Windows\system32\drivers\dfsc.sys
2010-06-26 18:47:10 ----A---- C:\Windows\system32\dfsr.exe
2010-06-26 18:47:10 ----A---- C:\Windows\system32\devmgr.dll
2010-06-26 18:47:09 ----A---- C:\Windows\system32\dhcpcsvc.dll
2010-06-26 18:47:08 ----A---- C:\Windows\system32\drvstore.dll
2010-06-26 18:47:08 ----A---- C:\Windows\system32\dpapimig.exe
2010-06-26 18:47:08 ----A---- C:\Windows\system32\dot3svc.dll
2010-06-26 18:47:08 ----A---- C:\Windows\system32\dot3msm.dll
2010-06-26 18:47:08 ----A---- C:\Windows\system32\dot3cfg.dll
2010-06-26 18:47:07 ----A---- C:\Windows\system32\drvinst.exe
2010-06-26 18:47:07 ----A---- C:\Windows\system32\drmv2clt.dll
2010-06-26 18:47:07 ----A---- C:\Windows\system32\drmmgrtn.dll
2010-06-26 18:47:07 ----A---- C:\Windows\system32\dnsrslvr.dll
2010-06-26 18:47:07 ----A---- C:\Windows\system32\dnsapi.dll
2010-06-26 18:47:07 ----A---- C:\Windows\system32\dmusic.dll
2010-06-26 18:47:07 ----A---- C:\Windows\system32\dmsynth.dll
2010-06-26 18:47:06 ----A---- C:\Windows\system32\hbaapi.dll
2010-06-26 18:47:06 ----A---- C:\Windows\system32\gpupdate.exe
2010-06-26 18:47:06 ----A---- C:\Windows\system32\gpsvc.dll
2010-06-26 18:47:06 ----A---- C:\Windows\system32\gpresult.exe
2010-06-26 18:47:06 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2010-06-26 18:47:06 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2010-06-26 18:47:05 ----A---- C:\Windows\system32\iashlpr.dll
2010-06-26 18:47:05 ----A---- C:\Windows\system32\iasdatastore.dll
2010-06-26 18:47:05 ----A---- C:\Windows\system32\iasads.dll
2010-06-26 18:47:05 ----A---- C:\Windows\system32\iasacct.dll
2010-06-26 18:47:04 ----A---- C:\Windows\system32\iasnap.dll
2010-06-26 18:47:04 ----A---- C:\Windows\system32\IasMigReader.exe
2010-06-26 18:47:04 ----A---- C:\Windows\system32\IasMigPlugin.dll
2010-06-26 18:47:04 ----A---- C:\Windows\system32\hidserv.dll
2010-06-26 18:47:04 ----A---- C:\Windows\system32\hdwwiz.exe
2010-06-26 18:47:04 ----A---- C:\Windows\system32\fontext.dll
2010-06-26 18:47:04 ----A---- C:\Windows\system32\findstr.exe
2010-06-26 18:47:04 ----A---- C:\Windows\system32\feclient.dll
2010-06-26 18:47:04 ----A---- C:\Windows\system32\fdWSD.dll
2010-06-26 18:47:04 ----A---- C:\Windows\system32\fdWCN.dll
2010-06-26 18:47:04 ----A---- C:\Windows\system32\fdSSDP.dll
2010-06-26 18:47:04 ----A---- C:\Windows\system32\fdProxy.dll
2010-06-26 18:47:04 ----A---- C:\Windows\system32\fdeploy.dll
2010-06-26 18:47:04 ----A---- C:\Windows\system32\fdBthProxy.dll
2010-06-26 18:47:04 ----A---- C:\Windows\system32\fdBth.dll
2010-06-26 18:47:04 ----A---- C:\Windows\system32\fc.exe
2010-06-26 18:47:04 ----A---- C:\Windows\system32\Faultrep.dll
2010-06-26 18:47:04 ----A---- C:\Windows\system32\drivers\hidusb.sys
2010-06-26 18:47:04 ----A---- C:\Windows\system32\drivers\hidclass.sys
2010-06-26 18:47:04 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2010-06-26 18:47:04 ----A---- C:\Windows\system32\drivers\fastfat.sys
2010-06-26 18:47:03 ----A---- C:\Windows\system32\gpedit.dll
2010-06-26 18:47:03 ----A---- C:\Windows\system32\gpapi.dll
2010-06-26 18:47:03 ----A---- C:\Windows\system32\gdi32.dll
2010-06-26 18:47:03 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2010-06-26 18:47:03 ----A---- C:\Windows\system32\fundisc.dll
2010-06-26 18:47:03 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2010-06-26 18:47:03 ----A---- C:\Windows\system32\ftp.exe
2010-06-26 18:47:02 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2010-06-26 18:47:02 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2010-06-26 18:47:02 ----A---- C:\Windows\system32\audiosrv.dll
2010-06-26 18:47:01 ----A---- C:\Windows\system32\drivers\ataport.sys
2010-06-26 18:47:01 ----A---- C:\Windows\system32\autochk.exe
2010-06-26 18:47:01 ----A---- C:\Windows\system32\authz.dll
2010-06-26 18:47:01 ----A---- C:\Windows\system32\authui.dll
2010-06-26 18:47:01 ----A---- C:\Windows\system32\AudioSes.dll
2010-06-26 18:47:00 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2010-06-26 18:47:00 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2010-06-26 18:47:00 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2010-06-26 18:47:00 ----A---- C:\Windows\system32\autoplay.dll
2010-06-26 18:47:00 ----A---- C:\Windows\system32\autofmt.exe
2010-06-26 18:47:00 ----A---- C:\Windows\system32\autoconv.exe
2010-06-26 18:47:00 ----A---- C:\Windows\system32\audiodg.exe
2010-06-26 18:46:59 ----A---- C:\Windows\system32\drivers\atapi.sys
2010-06-26 18:46:58 ----A---- C:\Windows\system32\browseui.dll
2010-06-26 18:46:58 ----A---- C:\Windows\system32\brcpl.dll
2010-06-26 18:46:57 ----A---- C:\Windows\system32\drivers\bridge.sys
2010-06-26 18:46:57 ----A---- C:\Windows\system32\drivers\acpi.sys
2010-06-26 18:46:57 ----A---- C:\Windows\system32\bthci.dll
2010-06-26 18:46:57 ----A---- C:\Windows\system32\blackbox.dll
2010-06-26 18:46:57 ----A---- C:\Windows\system32\bitsigd.dll
2010-06-26 18:46:57 ----A---- C:\Windows\system32\BFE.DLL
2010-06-26 18:46:57 ----A---- C:\Windows\system32\bcrypt.dll
2010-06-26 18:46:57 ----A---- C:\Windows\system32\basecsp.dll
2010-06-26 18:46:57 ----A---- C:\Windows\system32\azroles.dll
2010-06-26 18:46:57 ----A---- C:\Windows\system32\accessibilitycpl.dll
2010-06-26 18:46:56 ----A---- C:\Windows\system32\apphelp.dll
2010-06-26 18:46:56 ----A---- C:\Windows\system32\apds.dll
2010-06-26 18:46:55 ----A---- C:\Windows\system32\drivers\afd.sys
2010-06-26 18:46:55 ----A---- C:\Windows\system32\advapi32.dll
2010-06-26 18:46:55 ----A---- C:\Windows\system32\adtschema.dll
2010-06-26 18:46:55 ----A---- C:\Windows\system32\adsmsext.dll
2010-06-26 18:46:55 ----A---- C:\Windows\system32\adsldpc.dll
2010-06-26 18:46:54 ----A---- C:\Windows\system32\drivers\crashdmp.sys
2010-06-26 18:46:54 ----A---- C:\Windows\system32\crypt32.dll
2010-06-26 18:46:54 ----A---- C:\Windows\system32\credui.dll
2010-06-26 18:46:54 ----A---- C:\Windows\system32\connect.dll
2010-06-26 18:46:54 ----A---- C:\Windows\system32\conime.exe
2010-06-26 18:46:54 ----A---- C:\Windows\system32\comuid.dll
2010-06-26 18:46:54 ----A---- C:\Windows\system32\comsvcs.dll
2010-06-26 18:46:53 ----A---- C:\Windows\system32\comdlg32.dll
2010-06-26 18:46:53 ----A---- C:\Windows\system32\cmdial32.dll
2010-06-26 18:46:52 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2010-06-26 18:46:52 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2010-06-26 18:46:52 ----A---- C:\Windows\system32\DevicePairing.dll
2010-06-26 18:46:52 ----A---- C:\Windows\system32\DeviceEject.exe
2010-06-26 18:46:52 ----A---- C:\Windows\system32\dbgeng.dll
2010-06-26 18:46:52 ----A---- C:\Windows\system32\davclnt.dll
2010-06-26 18:46:52 ----A---- C:\Windows\system32\dataclen.dll
2010-06-26 18:46:52 ----A---- C:\Windows\system32\d3d9.dll
2010-06-26 18:46:52 ----A---- C:\Windows\system32\cmmon32.exe
2010-06-26 18:46:51 ----A---- C:\Windows\system32\drivers\cdrom.sys
2010-06-26 18:46:51 ----A---- C:\Windows\system32\csrstub.exe
2010-06-26 18:46:51 ----A---- C:\Windows\system32\cscript.exe
2010-06-26 18:46:51 ----A---- C:\Windows\system32\cscdll.dll
2010-06-26 18:46:51 ----A---- C:\Windows\system32\cscapi.dll
2010-06-26 18:46:51 ----A---- C:\Windows\system32\cryptui.dll
2010-06-26 18:46:51 ----A---- C:\Windows\system32\cryptsvc.dll
2010-06-26 18:46:50 ----A---- C:\Windows\system32\certmgr.dll
2010-06-26 18:46:50 ----A---- C:\Windows\system32\CertEnrollUI.dll
2010-06-26 18:46:50 ----A---- C:\Windows\system32\CertEnroll.dll
2010-06-26 18:46:50 ----A---- C:\Windows\system32\certcli.dll
2010-06-26 18:46:50 ----A---- C:\Windows\system32\bthudtask.exe
2010-06-26 18:46:50 ----A---- C:\Windows\system32\bthserv.dll
2010-06-26 18:46:49 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2010-06-26 18:46:49 ----A---- C:\Windows\system32\cipher.exe
2010-06-26 18:46:49 ----A---- C:\Windows\system32\ci.dll
2010-06-26 18:46:49 ----A---- C:\Windows\system32\chsbrkr.dll
2010-06-26 18:46:49 ----A---- C:\Windows\system32\cbsra.exe
2010-06-26 18:46:48 ----A---- C:\Windows\system32\clfs.sys
2010-06-26 18:46:48 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2010-06-26 18:46:48 ----A---- C:\Windows\system32\chtbrkr.dll
2010-06-26 18:46:48 ----A---- C:\Windows\system32\certreq.exe
2010-06-26 18:46:48 ----A---- C:\Windows\system32\certprop.dll
2010-06-26 18:46:47 ----A---- C:\Windows\system32\msihnd.dll
2010-06-26 18:46:47 ----A---- C:\Windows\system32\msiexec.exe
2010-06-26 18:46:47 ----A---- C:\Windows\system32\msftedit.dll
2010-06-26 18:46:47 ----A---- C:\Windows\system32\msexcl40.dll
2010-06-26 18:46:47 ----A---- C:\Windows\system32\msexch40.dll
2010-06-26 18:46:47 ----A---- C:\Windows\system32\msdtctm.dll
2010-06-26 18:46:47 ----A---- C:\Windows\system32\certutil.exe
2010-06-26 18:46:46 ----A---- C:\Windows\system32\msi.dll
2010-06-26 18:46:45 ----A---- C:\Windows\system32\msimsg.dll
2010-06-26 18:46:45 ----A---- C:\Windows\system32\msdtcprx.dll
2010-06-26 18:46:45 ----A---- C:\Windows\system32\msctfui.dll
2010-06-26 18:46:45 ----A---- C:\Windows\system32\msctfp.dll
2010-06-26 18:46:45 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2010-06-26 18:46:45 ----A---- C:\Windows\system32\msctf.dll
2010-06-26 18:46:45 ----A---- C:\Windows\system32\MPSSVC.dll
2010-06-26 18:46:45 ----A---- C:\Windows\system32\mprapi.dll
2010-06-26 18:46:45 ----A---- C:\Windows\system32\mpr.dll
2010-06-26 18:46:44 ----A---- C:\Windows\system32\modemui.dll
2010-06-26 18:46:44 ----A---- C:\Windows\system32\MMDevAPI.dll
2010-06-26 18:46:43 ----A---- C:\Windows\system32\mscories.dll
2010-06-26 18:46:43 ----A---- C:\Windows\system32\mscorier.dll
2010-06-26 18:46:43 ----A---- C:\Windows\system32\mscms.dll
2010-06-26 18:46:43 ----A---- C:\Windows\system32\mscandui.dll
2010-06-26 18:46:42 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2010-06-26 18:46:41 ----A---- C:\Windows\system32\NetProjW.dll
2010-06-26 18:46:41 ----A---- C:\Windows\system32\netplwiz.dll
2010-06-26 18:46:41 ----A---- C:\Windows\system32\netlogon.dll
2010-06-26 18:46:41 ----A---- C:\Windows\system32\netcenter.dll
2010-06-26 18:46:41 ----A---- C:\Windows\system32\netapi32.dll
2010-06-26 18:46:41 ----A---- C:\Windows\system32\ncryptui.dll
2010-06-26 18:46:41 ----A---- C:\Windows\system32\ncrypt.dll
2010-06-26 18:46:41 ----A---- C:\Windows\system32\mtxclu.dll
2010-06-26 18:46:41 ----A---- C:\Windows\system32\drivers\netio.sys
2010-06-26 18:46:41 ----A---- C:\Windows\system32\drivers\netbt.sys
2010-06-26 18:46:41 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2010-06-26 18:46:41 ----A---- C:\Windows\system32\drivers\ndis.sys
2010-06-26 18:46:41 ----A---- C:\Windows\system32\drivers\mup.sys
2010-06-26 18:46:39 ----A---- C:\Windows\system32\NcdProp.dll
2010-06-26 18:46:39 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2010-06-26 18:46:38 ----A---- C:\Windows\system32\newdev.exe
2010-06-26 18:46:38 ----A---- C:\Windows\system32\newdev.dll
2010-06-26 18:46:38 ----A---- C:\Windows\system32\netshell.dll
2010-06-26 18:46:37 ----A---- C:\Windows\system32\networkmap.dll
2010-06-26 18:46:37 ----A---- C:\Windows\system32\networkitemfactory.dll
2010-06-26 18:46:37 ----A---- C:\Windows\system32\networkexplorer.dll
2010-06-26 18:46:36 ----A---- C:\Windows\system32\msscntrs.dll
2010-06-26 18:46:36 ----A---- C:\Windows\system32\msscb.dll
2010-06-26 18:46:36 ----A---- C:\Windows\system32\msrepl40.dll
2010-06-26 18:46:36 ----A---- C:\Windows\system32\msrd3x40.dll
2010-06-26 18:46:36 ----A---- C:\Windows\system32\msrd2x40.dll
2010-06-26 18:46:36 ----A---- C:\Windows\system32\mspbde40.dll
2010-06-26 18:46:36 ----A---- C:\Windows\system32\msnetobj.dll
2010-06-26 18:46:36 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2010-06-26 18:46:36 ----A---- C:\Windows\system32\msltus40.dll
2010-06-26 18:46:36 ----A---- C:\Windows\system32\msinfo32.exe
2010-06-26 18:46:36 ----A---- C:\Windows\system32\msimtf.dll
2010-06-26 18:46:36 ----A---- C:\Windows\system32\drivers\msrpc.sys
2010-06-26 18:46:35 ----A---- C:\Windows\system32\msxbde40.dll
2010-06-26 18:46:35 ----A---- C:\Windows\system32\mswstr10.dll
2010-06-26 18:46:35 ----A---- C:\Windows\system32\mswsock.dll
2010-06-26 18:46:35 ----A---- C:\Windows\system32\mswdat10.dll
2010-06-26 18:46:35 ----A---- C:\Windows\system32\MSVidCtl.dll
2010-06-26 18:46:35 ----A---- C:\Windows\system32\msvcrt.dll
2010-06-26 18:46:35 ----A---- C:\Windows\system32\msvcp60.dll
2010-06-26 18:46:35 ----A---- C:\Windows\system32\msutb.dll
2010-06-26 18:46:35 ----A---- C:\Windows\system32\msjtes40.dll
2010-06-26 18:46:35 ----A---- C:\Windows\system32\msjter40.dll
2010-06-26 18:46:35 ----A---- C:\Windows\system32\msjint40.dll
2010-06-26 18:46:35 ----A---- C:\Windows\system32\msjetoledb40.dll
2010-06-26 18:46:35 ----A---- C:\Windows\system32\msjet40.dll
2010-06-26 18:46:35 ----A---- C:\Windows\system32\msisip.dll
2010-06-26 18:46:35 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2010-06-26 18:46:34 ----A---- C:\Windows\system32\mstsc.exe
2010-06-26 18:46:34 ----A---- C:\Windows\system32\mstlsapi.dll
2010-06-26 18:46:34 ----A---- C:\Windows\system32\mstext40.dll
2010-06-26 18:46:34 ----A---- C:\Windows\system32\mssvp.dll
2010-06-26 18:46:34 ----A---- C:\Windows\system32\msstrc.dll
2010-06-26 18:46:34 ----A---- C:\Windows\system32\mssrch.dll
2010-06-26 18:46:34 ----A---- C:\Windows\system32\mssprxy.dll
2010-06-26 18:46:34 ----A---- C:\Windows\system32\mssphtb.dll
2010-06-26 18:46:34 ----A---- C:\Windows\system32\mssph.dll
2010-06-26 18:46:34 ----A---- C:\Windows\system32\mssitlb.dll
2010-06-26 18:46:34 ----A---- C:\Windows\system32\msshsq.dll
2010-06-26 18:46:34 ----A---- C:\Windows\system32\msshooks.dll
2010-06-26 18:46:34 ----A---- C:\Windows\system32\msscp.dll
2010-06-26 18:46:34 ----A---- C:\Windows\system32\InkEd.dll
2010-06-26 18:46:33 ----A---- C:\Windows\system32\infocardapi.dll
2010-06-26 18:46:33 ----A---- C:\Windows\system32\inetppui.dll
2010-06-26 18:46:33 ----A---- C:\Windows\system32\inetpp.dll
2010-06-26 18:46:33 ----A---- C:\Windows\system32\imm32.dll
2010-06-26 18:46:32 ----A---- C:\Windows\system32\iscsilog.dll
2010-06-26 18:46:32 ----A---- C:\Windows\system32\ipsmsnap.dll
2010-06-26 18:46:32 ----A---- C:\Windows\system32\IPSECSVC.DLL
2010-06-26 18:46:32 ----A---- C:\Windows\system32\input.dll
2010-06-26 18:46:31 ----A---- C:\Windows\system32\ipsecsnp.dll
2010-06-26 18:46:31 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2010-06-26 18:46:31 ----A---- C:\Windows\system32\ipconfig.exe
2010-06-26 18:46:30 ----A---- C:\Windows\system32\ifmon.dll
2010-06-26 18:46:30 ----A---- C:\Windows\system32\icardres.dll
2010-06-26 18:46:30 ----A---- C:\Windows\system32\icardagt.exe
2010-06-26 18:46:30 ----A---- C:\Windows\system32\iassvcs.dll
2010-06-26 18:46:30 ----A---- C:\Windows\system32\iassdo.dll
2010-06-26 18:46:30 ----A---- C:\Windows\system32\iassam.dll
2010-06-26 18:46:30 ----A---- C:\Windows\system32\iasrecst.dll
2010-06-26 18:46:30 ----A---- C:\Windows\system32\iasrad.dll
2010-06-26 18:46:30 ----A---- C:\Windows\system32\iaspolcy.dll
2010-06-26 18:46:29 ----A---- C:\Windows\system32\IMJP10K.DLL
2010-06-26 18:46:29 ----A---- C:\Windows\system32\imapi2fs.dll
2010-06-26 18:46:29 ----A---- C:\Windows\system32\imapi2.dll
2010-06-26 18:46:29 ----A---- C:\Windows\system32\imapi.dll
2010-06-26 18:46:29 ----A---- C:\Windows\system32\IKEEXT.DLL
2010-06-26 18:46:28 ----A---- C:\Windows\system32\mfplat.dll
2010-06-26 18:46:28 ----A---- C:\Windows\system32\mfc42u.dll
2010-06-26 18:46:28 ----A---- C:\Windows\system32\mfc42.dll
2010-06-26 18:46:27 ----A---- C:\Windows\system32\mmcico.dll
2010-06-26 18:46:27 ----A---- C:\Windows\system32\mmci.dll
2010-06-26 18:46:27 ----A---- C:\Windows\system32\mimefilt.dll
2010-06-26 18:46:27 ----A---- C:\Windows\system32\milcore.dll
2010-06-26 18:46:27 ----A---- C:\Windows\system32\midimap.dll
2010-06-26 18:46:26 ----A---- C:\Windows\system32\mmcndmgr.dll
2010-06-26 18:46:26 ----A---- C:\Windows\system32\mmc.exe
2010-06-26 18:46:26 ----A---- C:\Windows\system32\korwbrkr.dll
2010-06-26 18:46:26 ----A---- C:\Windows\system32\drivers\ks.sys
2010-06-26 18:46:25 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2010-06-26 18:46:25 ----A---- C:\Windows\system32\mblctr.exe
2010-06-26 18:46:25 ----A---- C:\Windows\system32\l2nacp.dll
2010-06-26 18:46:25 ----A---- C:\Windows\system32\kernel32.dll
2010-06-26 18:46:25 ----A---- C:\Windows\system32\kdusb.dll
2010-06-26 18:46:25 ----A---- C:\Windows\system32\kdcom.dll
2010-06-26 18:46:25 ----A---- C:\Windows\system32\kd1394.dll
2010-06-26 18:46:24 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2010-06-26 18:46:24 ----A---- C:\Windows\system32\mcmde.dll
2010-06-26 18:46:23 ----A---- C:\Windows\system32\logman.exe
2010-06-26 18:46:23 ----A---- C:\Windows\system32\logagent.exe
2010-06-26 18:46:22 ----A---- C:\Windows\system32\wercon.exe
2010-06-26 18:46:22 ----A---- C:\Windows\system32\WebClnt.dll
2010-06-26 18:46:22 ----A---- C:\Windows\system32\shsetup.dll
2010-06-26 18:46:22 ----A---- C:\Windows\system32\Magnify.exe
2010-06-26 18:46:21 ----A---- C:\Windows\system32\wer.dll
2010-06-26 18:46:21 ----A---- C:\Windows\system32\wdscore.dll
2010-06-26 18:46:21 ----A---- C:\Windows\system32\wdc.dll
2010-06-26 18:46:20 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2010-06-26 18:46:20 ----A---- C:\Windows\system32\win32spl.dll
2010-06-26 18:46:20 ----A---- C:\Windows\system32\whealogr.dll
2010-06-26 18:46:20 ----A---- C:\Windows\system32\wevtutil.exe
2010-06-26 18:46:20 ----A---- C:\Windows\system32\wevtsvc.dll
2010-06-26 18:46:20 ----A---- C:\Windows\system32\wevtapi.dll
2010-06-26 18:46:20 ----A---- C:\Windows\system32\wersvc.dll
2010-06-26 18:46:20 ----A---- C:\Windows\system32\WerFaultSecure.exe
2010-06-26 18:46:20 ----A---- C:\Windows\system32\WerFault.exe
2010-06-26 18:46:19 ----A---- C:\Windows\system32\wiaservc.dll
2010-06-26 18:46:19 ----A---- C:\Windows\system32\wiaaut.dll
2010-06-26 18:46:19 ----A---- C:\Windows\system32\version.dll
2010-06-26 18:46:19 ----A---- C:\Windows\system32\vdsutil.dll
2010-06-26 18:46:19 ----A---- C:\Windows\system32\vdsdyn.dll
2010-06-26 18:46:19 ----A---- C:\Windows\system32\vds.exe
2010-06-26 18:46:19 ----A---- C:\Windows\system32\vdmdbg.dll
2010-06-26 18:46:18 ----A---- C:\Windows\system32\wcnwiz2.dll
2010-06-26 18:46:18 ----A---- C:\Windows\system32\wcnwiz.dll
2010-06-26 18:46:18 ----A---- C:\Windows\system32\WcnNetsh.dll
2010-06-26 18:46:18 ----A---- C:\Windows\system32\wcncsvc.dll
2010-06-26 18:46:18 ----A---- C:\Windows\system32\uxsms.dll
2010-06-26 18:46:18 ----A---- C:\Windows\system32\Utilman.exe
2010-06-26 18:46:18 ----A---- C:\Windows\system32\usp10.dll
2010-06-26 18:46:18 ----A---- C:\Windows\system32\userenv.dll
2010-06-26 18:46:18 ----A---- C:\Windows\system32\usercpl.dll
2010-06-26 18:46:18 ----A---- C:\Windows\system32\user32.dll
2010-06-26 18:46:18 ----A---- C:\Windows\system32\drivers\watchdog.sys
2010-06-26 18:46:18 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2010-06-26 18:46:18 ----A---- C:\Windows\system32\drivers\usbser.sys
2010-06-26 18:46:18 ----A---- C:\Windows\system32\drivers\usbport.sys
2010-06-26 18:46:17 ----A---- C:\Windows\system32\wscisvif.dll
2010-06-26 18:46:17 ----A---- C:\Windows\system32\WscEapPr.dll
2010-06-26 18:46:17 ----A---- C:\Windows\system32\wscapi.dll
2010-06-26 18:46:17 ----A---- C:\Windows\system32\w32time.dll
2010-06-26 18:46:17 ----A---- C:\Windows\system32\VSSVC.exe
2010-06-26 18:46:17 ----A---- C:\Windows\system32\vssapi.dll
2010-06-26 18:46:17 ----A---- C:\Windows\system32\drivers\volsnap.sys
2010-06-26 18:46:17 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2010-06-26 18:46:16 ----A---- C:\Windows\system32\WSDMon.dll
2010-06-26 18:46:16 ----A---- C:\Windows\system32\wsdchngr.dll
2010-06-26 18:46:16 ----A---- C:\Windows\system32\wscsvc.dll
2010-06-26 18:46:16 ----A---- C:\Windows\system32\wscript.exe
2010-06-26 18:46:16 ----A---- C:\Windows\system32\wscntfy.dll
2010-06-26 18:46:16 ----A---- C:\Windows\system32\wpccpl.dll
2010-06-26 18:46:16 ----A---- C:\Windows\system32\wow32.dll
2010-06-26 18:46:16 ----A---- C:\Windows\system32\WMVXENCD.DLL
2010-06-26 18:46:16 ----A---- C:\Windows\system32\WMVSDECD.DLL
2010-06-26 18:46:16 ----A---- C:\Windows\system32\WMVENCOD.DLL
2010-06-26 18:46:15 ----A---- C:\Windows\system32\xmlfilter.dll
2010-06-26 18:46:15 ----A---- C:\Windows\system32\wusa.exe
2010-06-26 18:46:15 ----A---- C:\Windows\system32\wpcsvc.dll
2010-06-26 18:46:15 ----A---- C:\Windows\system32\wpcao.dll
2010-06-26 18:46:14 ----A---- C:\Windows\system32\wshext.dll
2010-06-26 18:46:14 ----A---- C:\Windows\system32\wshbth.dll
2010-06-26 18:46:14 ----A---- C:\Windows\system32\wsepno.dll
2010-06-26 18:46:13 ----A---- C:\Windows\system32\wsnmp32.dll
2010-06-26 18:46:13 ----A---- C:\Windows\system32\wlgpclnt.dll
2010-06-26 18:46:13 ----A---- C:\Windows\system32\Wldap32.dll
2010-06-26 18:46:13 ----A---- C:\Windows\system32\wlanui.dll
2010-06-26 18:46:13 ----A---- C:\Windows\system32\wlanpref.dll
2010-06-26 18:46:13 ----A---- C:\Windows\system32\wlangpui.dll
2010-06-26 18:46:13 ----A---- C:\Windows\system32\wisptis.exe
2010-06-26 18:46:13 ----A---- C:\Windows\system32\WinSCard.dll
2010-06-26 18:46:13 ----A---- C:\Windows\system32\winrnr.dll
2010-06-26 18:46:13 ----A---- C:\Windows\system32\winresume.exe
2010-06-26 18:46:12 ----A---- C:\Windows\system32\wmpmde.dll
2010-06-26 18:46:12 ----A---- C:\Windows\system32\wmpeffects.dll
2010-06-26 18:46:12 ----A---- C:\Windows\system32\WMNetMgr.dll
2010-06-26 18:46:12 ----A---- C:\Windows\system32\winsrv.dll
2010-06-26 18:46:12 ----A---- C:\Windows\system32\WinSAT.exe
2010-06-26 18:46:12 ----A---- C:\Windows\system32\winmm.dll
2010-06-26 18:46:12 ----A---- C:\Windows\system32\winlogon.exe
2010-06-26 18:46:12 ----A---- C:\Windows\system32\winload.exe
2010-06-26 18:46:10 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-06-26 18:46:10 ----A---- C:\Windows\system32\wmdrmsdk.dll
2010-06-26 18:46:09 ----A---- C:\Windows\system32\Storprop.dll
2010-06-26 18:46:09 ----A---- C:\Windows\system32\stobject.dll
2010-06-26 18:46:09 ----A---- C:\Windows\system32\drivers\stream.sys
2010-06-26 18:46:09 ----A---- C:\Windows\system32\drivers\Storport.sys
2010-06-26 18:46:08 ----A---- C:\Windows\system32\sud.dll
2010-06-26 18:46:08 ----A---- C:\Windows\system32\srcore.dll
2010-06-26 18:46:08 ----A---- C:\Windows\system32\srchadmin.dll
2010-06-26 18:46:07 ----A---- C:\Windows\system32\srvsvc.dll
2010-06-26 18:46:06 ----A---- C:\Windows\system32\sysmain.dll
2010-06-26 18:46:06 ----A---- C:\Windows\system32\sysclass.dll
2010-06-26 18:46:06 ----A---- C:\Windows\system32\SyncCenter.dll
2010-06-26 18:46:06 ----A---- C:\Windows\system32\swprv.dll
2010-06-26 18:46:05 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2010-06-26 18:46:04 ----A---- C:\Windows\system32\smss.exe
2010-06-26 18:46:04 ----A---- C:\Windows\system32\SMBHelperClass.dll
2010-06-26 18:46:04 ----A---- C:\Windows\system32\slwmi.dll
2010-06-26 18:46:04 ----A---- C:\Windows\system32\drivers\smb.sys
2010-06-26 18:46:03 ----A---- C:\Windows\system32\SmiEngine.dll
2010-06-26 18:46:03 ----A---- C:\Windows\system32\slcc.dll
2010-06-26 18:46:03 ----A---- C:\Windows\system32\SLC.dll
2010-06-26 18:46:03 ----A---- C:\Windows\system32\shwebsvc.dll
2010-06-26 18:46:03 ----A---- C:\Windows\system32\shsvcs.dll
2010-06-26 18:46:02 ----A---- C:\Windows\system32\spp.dll
2010-06-26 18:46:02 ----A---- C:\Windows\system32\spoolsv.exe
2010-06-26 18:46:02 ----A---- C:\Windows\system32\spoolss.dll
2010-06-26 18:46:02 ----A---- C:\Windows\system32\spinstall.exe
2010-06-26 18:46:02 ----A---- C:\Windows\system32\sperror.dll
2010-06-26 18:46:02 ----A---- C:\Windows\system32\spcmsg.dll
2010-06-26 18:46:02 ----A---- C:\Windows\system32\slwga.dll
2010-06-26 18:46:02 ----A---- C:\Windows\system32\SLUINotify.dll
2010-06-26 18:46:02 ----A---- C:\Windows\system32\SLUI.exe
2010-06-26 18:46:02 ----A---- C:\Windows\system32\SLsvc.exe
2010-06-26 18:46:02 ----A---- C:\Windows\system32\slmgr.vbs
2010-06-26 18:46:02 ----A---- C:\Windows\system32\SLLUA.exe
2010-06-26 18:46:02 ----A---- C:\Windows\system32\SLCommDlg.dll
2010-06-26 18:46:02 ----A---- C:\Windows\system32\slcinst.dll
2010-06-26 18:46:02 ----A---- C:\Windows\system32\SLCExt.dll
2010-06-26 18:46:01 ----A---- C:\Windows\system32\sqlsrv32.dll
2010-06-26 18:46:01 ----A---- C:\Windows\system32\spwizui.dll
2010-06-26 18:46:01 ----A---- C:\Windows\system32\spwinsat.dll
2010-06-26 18:46:01 ----A---- C:\Windows\system32\spreview.exe
2010-06-26 18:46:01 ----A---- C:\Windows\system32\softkbd.dll
2010-06-26 18:46:01 ----A---- C:\Windows\system32\SnippingTool.exe
2010-06-26 18:46:01 ----A---- C:\Windows\system32\SndVol.exe
2010-06-26 18:46:01 ----A---- C:\Windows\system32\drivers\spsys.sys
2010-06-26 18:46:00 ----A---- C:\Windows\system32\TsWpfWrp.exe
2010-06-26 18:46:00 ----A---- C:\Windows\system32\TSTheme.exe
2010-06-26 18:46:00 ----A---- C:\Windows\system32\tscupgrd.exe
2010-06-26 18:46:00 ----A---- C:\Windows\system32\drivers\udfs.sys
2010-06-26 18:45:59 ----A---- C:\Windows\system32\drivers\usb8023.sys
2010-06-26 18:45:58 ----A---- C:\Windows\system32\zipfldr.dll
2010-06-26 18:45:58 ----A---- C:\Windows\system32\untfs.dll
2010-06-26 18:45:58 ----A---- C:\Windows\system32\ulib.dll
2010-06-26 18:45:58 ----A---- C:\Windows\system32\uDWM.dll
2010-06-26 18:45:58 ----A---- C:\Windows\system32\drivers\usbhub.sys
2010-06-26 18:45:58 ----A---- C:\Windows\system32\drivers\usbehci.sys
2010-06-26 18:45:58 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2010-06-26 18:45:58 ----A---- C:\Windows\system32\drivers\USBCAMD.sys
2010-06-26 18:45:57 ----A---- C:\Windows\system32\umpnpmgr.dll
2010-06-26 18:45:57 ----A---- C:\Windows\system32\systemcpl.dll
2010-06-26 18:45:54 ----A---- C:\Windows\system32\tquery.dll
2010-06-26 18:45:54 ----A---- C:\Windows\system32\themeui.dll
2010-06-26 18:45:54 ----A---- C:\Windows\system32\thawbrkr.dll
2010-06-26 18:45:54 ----A---- C:\Windows\system32\termsrv.dll
2010-06-26 18:45:54 ----A---- C:\Windows\system32\tcpmon.dll
2010-06-26 18:45:54 ----A---- C:\Windows\system32\tcpipcfg.dll
2010-06-26 18:45:54 ----A---- C:\Windows\system32\taskeng.exe
2010-06-26 18:45:54 ----A---- C:\Windows\system32\taskcomp.dll
2010-06-26 18:45:54 ----A---- C:\Windows\system32\tapisrv.dll
2010-06-26 18:45:53 ----A---- C:\Windows\system32\themecpl.dll
2010-06-26 18:45:53 ----A---- C:\Windows\system32\drivers\termdd.sys
2010-06-26 18:45:53 ----A---- C:\Windows\system32\drivers\tdx.sys
2010-06-26 17:52:25 ----D---- C:\PerfLogs
2010-06-26 17:03:53 ----A---- C:\Windows\system32\recdisc.exe
2010-06-26 17:03:51 ----A---- C:\Windows\system32\sdspres.dll
2010-06-26 17:03:12 ----A---- C:\Windows\system32\sxproxy.dll
2010-06-26 17:02:39 ----A---- C:\Windows\system32\mtxdm.dll
2010-06-26 17:02:39 ----A---- C:\Windows\system32\mstask.dll
2010-06-26 17:02:39 ----A---- C:\Windows\system32\mssha.dll
2010-06-26 17:02:39 ----A---- C:\Windows\system32\msrdc.dll
2010-06-26 17:02:39 ----A---- C:\Windows\system32\msra.exe
2010-06-26 17:02:39 ----A---- C:\Windows\system32\drivers\mstee.sys
2010-06-26 17:02:39 ----A---- C:\Windows\system32\drivers\mssmbios.sys
2010-06-26 17:02:39 ----A---- C:\Windows\system32\drivers\mspqm.sys
2010-06-26 17:02:39 ----A---- C:\Windows\system32\drivers\mspclock.sys
2010-06-26 17:02:38 ----A---- C:\Windows\system32\NAPMONTR.DLL
2010-06-26 17:02:38 ----A---- C:\Windows\system32\napipsec.dll
2010-06-26 17:02:38 ----A---- C:\Windows\system32\NapiNSP.dll
2010-06-26 17:02:38 ----A---- C:\Windows\system32\NAPHLPR.DLL
2010-06-26 17:02:38 ----A---- C:\Windows\system32\napdsnap.dll
2010-06-26 17:02:38 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2010-06-26 17:02:38 ----A---- C:\Windows\system32\mydocs.dll
2010-06-26 17:02:38 ----A---- C:\Windows\system32\mycomput.dll
2010-06-26 17:02:38 ----A---- C:\Windows\system32\MuiUnattend.exe
2010-06-26 17:02:38 ----A---- C:\Windows\system32\mtxoci.dll
2010-06-26 17:02:38 ----A---- C:\Windows\system32\mtxlegih.dll
2010-06-26 17:02:38 ----A---- C:\Windows\system32\mtstocom.exe
2010-06-26 17:02:38 ----A---- C:\Windows\system32\msvbvm60.dll
2010-06-26 17:02:36 ----A---- C:\Windows\system32\mswmdm.dll
2010-06-26 17:02:36 ----A---- C:\Windows\system32\drivers\msfs.sys
2010-06-26 17:02:32 ----A---- C:\Windows\system32\msdtcuiu.dll
2010-06-26 17:02:31 ----A---- C:\Windows\system32\msdtcVSp1res.dll
2010-06-26 17:02:29 ----A---- C:\Windows\system32\msdtclog.dll
2010-06-26 17:02:29 ----A---- C:\Windows\system32\msdtckrm.dll
2010-06-26 17:02:29 ----A---- C:\Windows\system32\msdtc.exe
2010-06-26 17:02:29 ----A---- C:\Windows\system32\msdt.exe
2010-06-26 17:02:29 ----A---- C:\Windows\system32\msdelta.dll
2010-06-26 17:02:29 ----A---- C:\Windows\system32\msdart.dll
2010-06-26 17:02:29 ----A---- C:\Windows\system32\msdadiag.dll
2010-06-26 17:02:28 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2010-06-26 17:02:28 ----A---- C:\Windows\system32\MSMPEG2ADEC.DLL
2010-06-26 17:02:28 ----A---- C:\Windows\system32\msmmsp.dll
2010-06-26 17:02:28 ----A---- C:\Windows\system32\msdt.dll
2010-06-26 17:02:28 ----A---- C:\Windows\system32\msdri.dll
2010-06-26 17:02:28 ----A---- C:\Windows\system32\msdmo.dll
2010-06-26 17:02:28 ----A---- C:\Windows\system32\drivers\mskssrv.sys
2010-06-26 17:02:27 ----A---- C:\Windows\system32\mspatcha.dll
2010-06-26 17:02:27 ----A---- C:\Windows\system32\mspaint.exe
2010-06-26 17:02:27 ----A---- C:\Windows\system32\msorcl32.dll
2010-06-26 17:02:27 ----A---- C:\Windows\system32\msoert2.dll
2010-06-26 17:02:27 ----A---- C:\Windows\system32\msoeacct.dll
2010-06-26 17:02:27 ----A---- C:\Windows\system32\msobjs.dll
2010-06-26 17:02:27 ----A---- C:\Windows\system32\msieftp.dll
2010-06-26 17:02:27 ----A---- C:\Windows\system32\msidle.dll
2010-06-26 17:02:27 ----A---- C:\Windows\system32\msident.dll
2010-06-26 17:02:27 ----A---- C:\Windows\system32\msidcrl30.dll
2010-06-26 17:02:25 ----A---- C:\Windows\system32\drivers\msisadrv.sys
2010-06-26 17:02:22 ----A---- C:\Windows\system32\notepad.exe
2010-06-26 17:02:22 ----A---- C:\Windows\system32\Nlsdl.dll
2010-06-26 17:02:22 ----A---- C:\Windows\notepad.exe
2010-06-26 17:02:20 ----A---- C:\Windows\system32\nlmgp.dll
2010-06-26 17:02:19 ----A---- C:\Windows\system32\nlsbres.dll
2010-06-26 17:02:18 ----A---- C:\Windows\system32\odbcbcp.dll
2010-06-26 17:02:18 ----A---- C:\Windows\system32\objsel.dll
2010-06-26 17:02:17 ----A---- C:\Windows\system32\odbctrac.dll
2010-06-26 17:02:17 ----A---- C:\Windows\system32\odbcjt32.dll
2010-06-26 17:02:17 ----A---- C:\Windows\system32\odbccu32.dll
2010-06-26 17:02:17 ----A---- C:\Windows\system32\odbccr32.dll
2010-06-26 17:02:17 ----A---- C:\Windows\system32\ntdsapi.dll
2010-06-26 17:02:16 ----A---- C:\Windows\system32\ntvdm.exe
2010-06-26 17:02:16 ----A---- C:\Windows\system32\ntshrui.dll
2010-06-26 17:02:16 ----A---- C:\Windows\system32\ntlanman.dll
2010-06-26 17:02:16 ----A---- C:\Windows\system32\nsisvc.dll
2010-06-26 17:02:16 ----A---- C:\Windows\system32\nsi.dll
2010-06-26 17:02:16 ----A---- C:\Windows\system32\nshipsec.dll
2010-06-26 17:02:16 ----A---- C:\Windows\system32\drivers\null.sys
2010-06-26 17:02:16 ----A---- C:\Windows\system32\drivers\nsiproxy.sys
2010-06-26 17:02:15 ----A---- C:\Windows\system32\netiougc.exe
2010-06-26 17:02:15 ----A---- C:\Windows\system32\netid.dll
2010-06-26 17:02:15 ----A---- C:\Windows\system32\netdiagfx.dll
2010-06-26 17:02:15 ----A---- C:\Windows\system32\netcorehc.dll
2010-06-26 17:02:15 ----A---- C:\Windows\system32\netcfgx.dll
2010-06-26 17:02:15 ----A---- C:\Windows\system32\netcfg.exe
2010-06-26 17:02:15 ----A---- C:\Windows\system32\netbtugc.exe
2010-06-26 17:02:15 ----A---- C:\Windows\system32\net1.exe
2010-06-26 17:02:15 ----A---- C:\Windows\system32\net.exe
2010-06-26 17:02:15 ----A---- C:\Windows\system32\ndfetw.dll
2010-06-26 17:02:15 ----A---- C:\Windows\system32\ndfapi.dll
2010-06-26 17:02:15 ----A---- C:\Windows\system32\ncsi.dll
2010-06-26 17:02:15 ----A---- C:\Windows\system32\ncobjapi.dll
2010-06-26 17:02:15 ----A---- C:\Windows\system32\nci.dll
2010-06-26 17:02:15 ----A---- C:\Windows\system32\nbtstat.exe
2010-06-26 17:02:15 ----A---- C:\Windows\system32\NAPSTAT.EXE
2010-06-26 17:02:15 ----A---- C:\Windows\system32\drivers\netbios.sys
2010-06-26 17:02:15 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2010-06-26 17:02:15 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2010-06-26 17:02:15 ----A---- C:\Windows\system32\drivers\ndistapi.sys
2010-06-26 17:02:14 ----A---- C:\Windows\system32\nlasvc.dll
2010-06-26 17:02:14 ----A---- C:\Windows\system32\nlaapi.dll
2010-06-26 17:02:13 ----A---- C:\Windows\system32\netprofm.dll
2010-06-26 17:02:13 ----A---- C:\Windows\system32\netprof.dll
2010-06-26 17:02:13 ----A---- C:\Windows\system32\Netplwiz.exe
2010-06-26 17:02:13 ----A---- C:\Windows\system32\netman.dll
2010-06-26 17:02:12 ----A---- C:\Windows\system32\makecab.exe
2010-06-26 17:02:12 ----A---- C:\Windows\system32\luainstall.dll
2010-06-26 17:02:12 ----A---- C:\Windows\system32\lsmproxy.dll
2010-06-26 17:02:12 ----A---- C:\Windows\system32\lsm.exe
2010-06-26 17:02:12 ----A---- C:\Windows\system32\drivers\luafv.sys
2010-06-26 17:02:11 ----A---- C:\Windows\system32\lpremove.exe
2010-06-26 17:02:11 ----A---- C:\Windows\system32\lpksetup.exe
2010-06-26 17:02:11 ----A---- C:\Windows\system32\loghours.dll
2010-06-26 17:02:11 ----A---- C:\Windows\system32\lodctr.exe
2010-06-26 17:02:11 ----A---- C:\Windows\system32\localui.dll
2010-06-26 17:02:11 ----A---- C:\Windows\system32\localsec.dll
2010-06-26 17:02:10 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2010-06-26 17:02:10 ----A---- C:\Windows\system32\mfvdsp.dll
2010-06-26 17:02:10 ----A---- C:\Windows\system32\mfcsubs.dll
2010-06-26 17:02:10 ----A---- C:\Windows\system32\LogonUI.exe
2010-06-26 17:02:09 ----A---- C:\Windows\system32\MdSched.exe
2010-06-26 17:02:09 ----A---- C:\Windows\system32\mdminst.dll
2010-06-26 17:02:09 ----A---- C:\Windows\system32\mcbuilder.exe
2010-06-26 17:02:09 ----A---- C:\Windows\system32\drivers\mcd.sys
2010-06-26 17:02:08 ----A---- C:\Windows\system32\McxDriv.dll
2010-06-26 17:02:08 ----A---- C:\Windows\system32\Mcx2Svc.dll
2010-06-26 17:02:08 ----A---- C:\Windows\system32\itss.dll
2010-06-26 17:02:08 ----A---- C:\Windows\system32\iscsiwmi.dll
2010-06-26 17:02:08 ----A---- C:\Windows\system32\iscsium.dll
2010-06-26 17:02:08 ----A---- C:\Windows\system32\iscsiexe.dll
2010-06-26 17:02:08 ----A---- C:\Windows\system32\iscsied.dll
2010-06-26 17:02:08 ----A---- C:\Windows\system32\iprtrmgr.dll
2010-06-26 17:02:08 ----A---- C:\Windows\system32\ipnathlp.dll
2010-06-26 17:02:08 ----A---- C:\Windows\system32\IPBusEnum.dll
2010-06-26 17:02:08 ----A---- C:\Windows\system32\drivers\irenum.sys
2010-06-26 17:02:08 ----A---- C:\Windows\system32\drivers\irda.sys
2010-06-26 17:02:08 ----A---- C:\Windows\system32\drivers\ipnat.sys
2010-06-26 17:02:08 ----A---- C:\Windows\system32\drivers\intelppm.sys
2010-06-26 17:02:08 ----A---- C:\Windows\system32\drivers\intelide.sys
2010-06-26 17:02:07 ----A---- C:\Windows\system32\loadperf.dll
2010-06-26 17:02:07 ----A---- C:\Windows\system32\lnkstub.exe
2010-06-26 17:02:07 ----A---- C:\Windows\system32\lltdsvc.dll
2010-06-26 17:02:07 ----A---- C:\Windows\system32\lltdapi.dll
2010-06-26 17:02:07 ----A---- C:\Windows\system32\LangCleanupSysprepAction.dll
2010-06-26 17:02:07 ----A---- C:\Windows\system32\l2gpstore.dll
2010-06-26 17:02:07 ----A---- C:\Windows\system32\ktmw32.dll
2010-06-26 17:02:07 ----A---- C:\Windows\system32\ktmutil.exe
2010-06-26 17:02:07 ----A---- C:\Windows\system32\KMSVC.DLL
2010-06-26 17:02:07 ----A---- C:\Windows\system32\keymgr.dll
2010-06-26 17:02:07 ----A---- C:\Windows\system32\iprtprio.dll
2010-06-26 17:02:07 ----A---- C:\Windows\system32\drivers\lltdio.sys
2010-06-26 17:02:07 ----A---- C:\Windows\system32\drivers\kbdclass.sys
2010-06-26 17:02:07 ----A---- C:\Windows\system32\drivers\ipfltdrv.sys
2010-06-26 17:02:06 ----A---- C:\Windows\system32\mprmsg.dll
2010-06-26 17:02:06 ----A---- C:\Windows\system32\mprdim.dll
2010-06-26 17:02:06 ----A---- C:\Windows\system32\mprddm.dll
2010-06-26 17:02:06 ----A---- C:\Windows\system32\mountvol.exe
2010-06-26 17:02:06 ----A---- C:\Windows\system32\KBDKOR.DLL
2010-06-26 17:02:06 ----A---- C:\Windows\system32\KBDJPN.DLL
2010-06-26 17:02:06 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2010-06-26 17:02:06 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2010-06-26 17:02:06 ----A---- C:\Windows\system32\drivers\mouhid.sys
2010-06-26 17:02:06 ----A---- C:\Windows\system32\drivers\mouclass.sys
2010-06-26 17:02:06 ----A---- C:\Windows\system32\drivers\monitor.sys
2010-06-26 17:02:05 ----A---- C:\Windows\system32\MPG4DECD.DLL
2010-06-26 17:02:04 ----A---- C:\Windows\system32\msconfig.exe
2010-06-26 17:02:04 ----A---- C:\Windows\system32\MP4SDECD.DLL
2010-06-26 17:02:04 ----A---- C:\Windows\system32\MP43DECD.DLL
2010-06-26 17:02:04 ----A---- C:\Windows\system32\MP3DMOD.DLL
2010-06-26 17:02:03 ----A---- C:\Windows\system32\msacm32.dll
2010-06-26 17:02:03 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2010-06-26 17:02:03 ----A---- C:\Windows\system32\msaatext.dll
2010-06-26 17:02:01 ----A---- C:\Windows\system32\mmcbase.dll
2010-06-26 17:02:00 ----A---- C:\Windows\system32\mobsync.exe
2010-06-26 17:02:00 ----A---- C:\Windows\system32\mmcshext.dll
2010-06-26 17:02:00 ----A---- C:\Windows\system32\mlang.dll
2010-06-26 17:01:59 ----A---- C:\Windows\system32\mmcss.dll
2010-06-26 17:01:59 ----A---- C:\Windows\system32\drivers\modem.sys
2010-06-26 17:01:58 ----A---- C:\Windows\system32\migisol.dll
2010-06-26 17:01:58 ----A---- C:\Windows\system32\MigAutoPlay.exe
2010-06-26 17:01:57 ----A---- C:\Windows\system32\seclogon.dll
2010-06-26 17:01:57 ----A---- C:\Windows\system32\SecEdit.exe
2010-06-26 17:01:57 ----A---- C:\Windows\system32\sdshext.dll
2010-06-26 17:01:57 ----A---- C:\Windows\system32\sdrsvc.dll
2010-06-26 17:01:56 ----A---- C:\Windows\system32\shrink.dll
2010-06-26 17:01:56 ----A---- C:\Windows\system32\shimgvw.dll
2010-06-26 17:01:56 ----A---- C:\Windows\system32\shgina.dll
2010-06-26 17:01:55 ----A---- C:\Windows\system32\shutdown.exe
2010-06-26 17:01:55 ----A---- C:\Windows\system32\shrpubw.exe
2010-06-26 17:01:55 ----A---- C:\Windows\system32\shacct.dll
2010-06-26 17:01:54 ----A---- C:\Windows\system32\SmiInstaller.dll
2010-06-26 17:01:53 ----A---- C:\Windows\system32\sfc_os.dll
2010-06-26 17:01:53 ----A---- C:\Windows\system32\sfc.exe
2010-06-26 17:01:53 ----A---- C:\Windows\system32\setupugc.exe
2010-06-26 17:01:53 ----A---- C:\Windows\system32\setupSNK.exe
2010-06-26 17:01:53 ----A---- C:\Windows\system32\setupcln.dll
2010-06-26 17:01:53 ----A---- C:\Windows\system32\setupcl.exe
2010-06-26 17:01:53 ----A---- C:\Windows\system32\setbcdlocale.dll
2010-06-26 17:01:53 ----A---- C:\Windows\system32\SessEnv.dll
2010-06-26 17:01:53 ----A---- C:\Windows\system32\serialui.dll
2010-06-26 17:01:53 ----A---- C:\Windows\system32\drivers\smclib.sys
2010-06-26 17:01:53 ----A---- C:\Windows\system32\drivers\sermouse.sys
2010-06-26 17:01:52 ----A---- C:\Windows\system32\Sens.dll
2010-06-26 17:01:51 ----A---- C:\Windows\system32\pnrpnsp.dll
2010-06-26 17:01:51 ----A---- C:\Windows\system32\PNPXAssocPrx.dll
2010-06-26 17:01:50 ----A---- C:\Windows\system32\QAGENT.DLL
2010-06-26 17:01:50 ----A---- C:\Windows\system32\puiobj.dll
2010-06-26 17:01:50 ----A---- C:\Windows\system32\psbase.dll
2010-06-26 17:01:50 ----A---- C:\Windows\system32\provthrd.dll
2010-06-26 17:01:50 ----A---- C:\Windows\system32\pots.dll
2010-06-26 17:01:50 ----A---- C:\Windows\system32\PortableDeviceWiaCompat.dll
2010-06-26 17:01:50 ----A---- C:\Windows\system32\pnpts.dll
2010-06-26 17:01:48 ----A---- C:\Windows\system32\profprov.dll
2010-06-26 17:01:48 ----A---- C:\Windows\system32\procinst.dll
2010-06-26 17:01:48 ----A---- C:\Windows\system32\prntvpt.dll
2010-06-26 17:01:48 ----A---- C:\Windows\system32\prevhost.exe
2010-06-26 17:01:48 ----A---- C:\Windows\system32\p2pcollab.dll
2010-06-26 17:01:48 ----A---- C:\Windows\system32\P2P.dll
2010-06-26 17:01:47 ----A---- C:\Windows\system32\pcasvc.dll
2010-06-26 17:01:47 ----A---- C:\Windows\system32\pcadm.dll
2010-06-26 17:01:47 ----A---- C:\Windows\system32\p2pnetsh.dll
2010-06-26 17:01:47 ----A---- C:\Windows\system32\p2phost.exe
2010-06-26 17:01:47 ----A---- C:\Windows\system32\osblprov.dll
2010-06-26 17:01:47 ----A---- C:\Windows\system32\osbaseln.dll
2010-06-26 17:01:47 ----A---- C:\Windows\system32\OptionalFeatures.exe
2010-06-26 17:01:47 ----A---- C:\Windows\system32\olethk32.dll
2010-06-26 17:01:47 ----A---- C:\Windows\system32\olesvr32.dll
2010-06-26 17:01:47 ----A---- C:\Windows\system32\oledlg.dll
2010-06-26 17:01:47 ----A---- C:\Windows\system32\olecli32.dll
2010-06-26 17:01:47 ----A---- C:\Windows\system32\ogldrv.dll
2010-06-26 17:01:40 ----A---- C:\Windows\system32\PlaySndSrv.dll
2010-06-26 17:01:40 ----A---- C:\Windows\system32\pla.dll
2010-06-26 17:01:40 ----A---- C:\Windows\system32\PING.EXE
2010-06-26 17:01:39 ----A---- C:\Windows\system32\rstrui.exe
2010-06-26 17:01:39 ----A---- C:\Windows\system32\RstrtMgr.dll
2010-06-26 17:01:39 ----A---- C:\Windows\system32\rshx32.dll
2010-06-26 17:01:39 ----A---- C:\Windows\system32\perfts.dll
2010-06-26 17:01:39 ----A---- C:\Windows\system32\perfnet.dll
2010-06-26 17:01:39 ----A---- C:\Windows\system32\perfmon.msc
2010-06-26 17:01:39 ----A---- C:\Windows\system32\perfmon.exe
2010-06-26 17:01:39 ----A---- C:\Windows\system32\pdhui.dll
2010-06-26 17:01:39 ----A---- C:\Windows\system32\drivers\rspndr.sys
2010-06-26 17:01:38 ----A---- C:\Windows\system32\runonce.exe
2010-06-26 17:01:38 ----A---- C:\Windows\system32\rtm.dll
2010-06-26 17:01:37 ----A---- C:\Windows\system32\schtasks.exe
2010-06-26 17:01:37 ----A---- C:\Windows\system32\RpcPing.exe
2010-06-26 17:01:37 ----A---- C:\Windows\system32\Robocopy.exe
2010-06-26 17:01:37 ----A---- C:\Windows\system32\riched32.dll
2010-06-26 17:01:37 ----A---- C:\Windows\system32\rgb9rast.dll
2010-06-26 17:01:37 ----A---- C:\Windows\system32\resutils.dll
2010-06-26 17:01:37 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2010-06-26 17:01:37 ----A---- C:\Windows\system32\drivers\rootmdm.sys
2010-06-26 17:01:36 ----A---- C:\Windows\system32\sdengin2.dll
2010-06-26 17:01:36 ----A---- C:\Windows\system32\sdchange.exe
2010-06-26 17:01:36 ----A---- C:\Windows\system32\sbunattend.exe
2010-06-26 17:01:36 ----A---- C:\Windows\system32\drivers\scsiport.sys
2010-06-26 17:01:33 ----A---- C:\Windows\system32\sbeio.dll
2010-06-26 17:01:33 ----A---- C:\Windows\system32\sbe.dll
2010-06-26 17:01:32 ----A---- C:\Windows\system32\rasctrs.dll
2010-06-26 17:01:32 ----A---- C:\Windows\system32\rascfg.dll
2010-06-26 17:01:32 ----A---- C:\Windows\system32\rasauto.dll
2010-06-26 17:01:32 ----A---- C:\Windows\system32\RacAgent.exe
2010-06-26 17:01:32 ----A---- C:\Windows\system32\drivers\rasacd.sys
2010-06-26 17:01:32 ----A---- C:\Windows\system32\drivers\qwavedrv.sys
2010-06-26 17:01:31 ----A---- C:\Windows\system32\remotepg.dll
2010-06-26 17:01:31 ----A---- C:\Windows\system32\regini.exe
2010-06-26 17:01:31 ----A---- C:\Windows\system32\rdrleakdiag.exe
2010-06-26 17:01:31 ----A---- C:\Windows\system32\RDPENCDD.dll
2010-06-26 17:01:31 ----A---- C:\Windows\system32\qwave.dll
2010-06-26 17:01:31 ----A---- C:\Windows\system32\QUTIL.DLL
2010-06-26 17:01:31 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2010-06-26 17:01:31 ----A---- C:\Windows\system32\QSHVHOST.DLL
2010-06-26 17:01:31 ----A---- C:\Windows\system32\qdv.dll
2010-06-26 17:01:31 ----A---- C:\Windows\system32\QCLIPROV.DLL
2010-06-26 17:01:31 ----A---- C:\Windows\system32\qcap.dll
2010-06-26 17:01:31 ----A---- C:\Windows\system32\qasf.dll
2010-06-26 17:01:31 ----A---- C:\Windows\system32\drivers\RDPENCDD.sys
2010-06-26 17:01:30 ----A---- C:\Windows\system32\RegCtrl.dll
2010-06-26 17:01:30 ----A---- C:\Windows\system32\rdpdd.dll
2010-06-26 17:01:30 ----A---- C:\Windows\system32\rdpcfgex.dll
2010-06-26 17:01:30 ----A---- C:\Windows\system32\rasqec.dll
2010-06-26 17:01:30 ----A---- C:\Windows\system32\rasphone.exe
2010-06-26 17:01:30 ----A---- C:\Windows\system32\RASMM.dll
2010-06-26 17:01:30 ----A---- C:\Windows\system32\rasman.dll
2010-06-26 17:01:30 ----A---- C:\Windows\system32\raserver.exe
2010-06-26 17:01:30 ----A---- C:\Windows\system32\drivers\RDPCDD.sys
2010-06-26 17:01:30 ----A---- C:\Windows\system32\drivers\raspptp.sys
2010-06-26 17:01:30 ----A---- C:\Windows\system32\drivers\rasl2tp.sys
2010-06-26 17:01:30 ----A---- C:\Windows\system32\d3dim700.dll
2010-06-26 17:01:30 ----A---- C:\Windows\system32\d3dim.dll
2010-06-26 17:01:30 ----A---- C:\Windows\system32\d3d8.dll
2010-06-26 17:01:30 ----A---- C:\Windows\regedit.exe
2010-06-26 17:01:29 ----A---- C:\Windows\system32\devenum.dll
2010-06-26 17:01:29 ----A---- C:\Windows\system32\Defrag.exe
2010-06-26 17:01:29 ----A---- C:\Windows\system32\ddraw.dll
2010-06-26 17:01:29 ----A---- C:\Windows\system32\dbnetlib.dll
2010-06-26 17:01:29 ----A---- C:\Windows\system32\d3dxof.dll
2010-06-26 17:01:28 ----A---- C:\Windows\system32\dinput8.dll
2010-06-26 17:01:28 ----A---- C:\Windows\system32\dimsjob.dll
2010-06-26 17:01:28 ----A---- C:\Windows\system32\diantz.exe
2010-06-26 17:01:28 ----A---- C:\Windows\system32\dbghelp.dll
2010-06-26 17:01:28 ----A---- C:\Windows\system32\csrss.exe
2010-06-26 17:01:28 ----A---- C:\Windows\system32\csrsrv.dll
2010-06-26 17:01:28 ----A---- C:\Windows\system32\cryptnet.dll
2010-06-26 17:01:28 ----A---- C:\Windows\system32\cryptdll.dll
2010-06-26 17:01:28 ----A---- C:\Windows\system32\credssp.dll
2010-06-26 17:01:27 ----A---- C:\Windows\system32\dispex.dll
2010-06-26 17:01:27 ----A---- C:\Windows\system32\dispdiag.exe
2010-06-26 17:01:27 ----A---- C:\Windows\system32\dispci.dll
2010-06-26 17:01:27 ----A---- C:\Windows\system32\dhcpsapi.dll
2010-06-26 17:01:27 ----A---- C:\Windows\system32\DfsShlEx.dll
2010-06-26 17:01:27 ----A---- C:\Windows\system32\dfrgui.exe
2010-06-26 17:01:27 ----A---- C:\Windows\system32\DfrgNtfs.exe
2010-06-26 17:01:27 ----A---- C:\Windows\system32\dfrgifc.exe
2010-06-26 17:01:27 ----A---- C:\Windows\system32\dfrgfat.exe
2010-06-26 17:01:27 ----A---- C:\Windows\system32\DFDWiz.exe
2010-06-26 17:01:27 ----A---- C:\Windows\system32\dfdts.dll
2010-06-26 17:01:26 ----A---- C:\Windows\system32\drivers\CmBatt.sys
2010-06-26 17:01:26 ----A---- C:\Windows\system32\DHCPQEC.DLL
2010-06-26 17:01:26 ----A---- C:\Windows\system32\cmlua.dll
2010-06-26 17:01:26 ----A---- C:\Windows\system32\cmd.exe
2010-06-26 17:01:26 ----A---- C:\Windows\system32\cmcfg32.dll
2010-06-26 17:01:26 ----A---- C:\Windows\system32\clusapi.dll
2010-06-26 17:01:25 ----A---- C:\Windows\system32\drivers\compbatt.sys
2010-06-26 17:01:25 ----A---- C:\Windows\system32\comsnap.dll
2010-06-26 17:01:25 ----A---- C:\Windows\system32\comres.dll
2010-06-26 17:01:25 ----A---- C:\Windows\system32\comrepl.dll
2010-06-26 17:01:25 ----A---- C:\Windows\system32\ComputerDefaults.exe
2010-06-26 17:01:25 ----A---- C:\Windows\system32\compstui.dll
2010-06-26 17:01:25 ----A---- C:\Windows\system32\CompatUI.dll
2010-06-26 17:01:25 ----A---- C:\Windows\system32\cmipnpinstall.dll
2010-06-26 17:01:25 ----A---- C:\Windows\system32\cmifw.dll
2010-06-26 17:01:25 ----A---- C:\Windows\system32\cmicryptinstall.dll
2010-06-26 17:01:25 ----A---- C:\Windows\system32\cmdl32.exe
2010-06-26 17:01:25 ----A---- C:\Windows\system32\clfsw32.dll
2010-06-26 17:01:25 ----A---- C:\Windows\system32\clbcatq.dll
2010-06-26 17:01:25 ----A---- C:\Windows\system32\cic.dll
2010-06-26 17:01:24 ----A---- C:\Windows\system32\convert.exe
2010-06-26 17:01:24 ----A---- C:\Windows\system32\consent.exe
2010-06-26 17:01:24 ----A---- C:\Windows\system32\CompMgmtLauncher.exe
2010-06-26 17:01:24 ----A---- C:\Windows\system32\comctl32.dll
2010-06-26 17:01:24 ----A---- C:\Windows\system32\colorui.dll
2010-06-26 17:01:24 ----A---- C:\Windows\system32\COLORCNV.DLL
2010-06-26 17:01:24 ----A---- C:\Windows\system32\colbact.dll
2010-06-26 17:01:24 ----A---- C:\Windows\system32\cofiredm.dll
2010-06-26 17:01:24 ----A---- C:\Windows\system32\cmutil.dll
2010-06-26 17:01:24 ----A---- C:\Windows\system32\cmstplua.dll
2010-06-26 17:01:24 ----A---- C:\Windows\system32\cmstp.exe
2010-06-26 17:01:24 ----A---- C:\Windows\system32\cmpbk32.dll
2010-06-26 17:01:23 ----A---- C:\Windows\system32\els.dll
2010-06-26 17:01:21 ----A---- C:\Windows\system32\esentutl.exe
2010-06-26 17:01:21 ----A---- C:\Windows\system32\esentprf.dll
2010-06-26 17:01:21 ----A---- C:\Windows\system32\EncDump.dll
2010-06-26 17:01:20 ----A---- C:\Windows\system32\filemgmt.dll
2010-06-26 17:01:20 ----A---- C:\Windows\system32\fde.dll
2010-06-26 17:01:20 ----A---- C:\Windows\system32\efsadu.dll
2010-06-26 17:01:20 ----A---- C:\Windows\system32\eapsvc.dll
2010-06-26 17:01:20 ----A---- C:\Windows\system32\EAPQEC.DLL
2010-06-26 17:01:20 ----A---- C:\Windows\system32\eappprxy.dll
2010-06-26 17:01:20 ----A---- C:\Windows\system32\drivers\filetrace.sys
2010-06-26 17:01:20 ----A---- C:\Windows\system32\drivers\fileinfo.sys
2010-06-26 17:01:19 ----A---- C:\Windows\system32\fmifs.dll
2010-06-26 17:01:19 ----A---- C:\Windows\system32\FirewallControlPanel.exe
2010-06-26 17:01:19 ----A---- C:\Windows\system32\FirewallAPI.dll
2010-06-26 17:01:19 ----A---- C:\Windows\system32\findnetprinters.dll
2010-06-26 17:01:19 ----A---- C:\Windows\system32\fdPHost.dll
2010-06-26 17:01:19 ----A---- C:\Windows\system32\expand.exe
2010-06-26 17:01:19 ----A---- C:\Windows\system32\eventcls.dll
2010-06-26 17:01:18 ----A---- C:\Windows\system32\extrac32.exe
2010-06-26 17:01:18 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2010-06-26 17:01:18 ----A---- C:\Windows\system32\drivers\drmk.sys
2010-06-26 17:01:18 ----A---- C:\Windows\system32\driverquery.exe
2010-06-26 17:01:18 ----A---- C:\Windows\system32\dpx.dll
2010-06-26 17:01:18 ----A---- C:\Windows\system32\dps.dll
2010-06-26 17:01:18 ----A---- C:\Windows\system32\dpnet.dll
2010-06-26 17:01:18 ----A---- C:\Windows\system32\DpiScaling.exe
2010-06-26 17:01:18 ----A---- C:\Windows\system32\dot3ui.dll
2010-06-26 17:01:18 ----A---- C:\Windows\system32\dot3gpui.dll
2010-06-26 17:01:18 ----A---- C:\Windows\system32\dot3gpclnt.dll
2010-06-26 17:01:18 ----A---- C:\Windows\system32\dot3dlg.dll
2010-06-26 17:01:18 ----A---- C:\Windows\system32\dot3api.dll
2010-06-26 17:01:18 ----A---- C:\Windows\system32\dmscript.dll
2010-06-26 17:01:18 ----A---- C:\Windows\system32\dmocx.dll
2010-06-26 17:01:18 ----A---- C:\Windows\system32\dmloader.dll
2010-06-26 17:01:18 ----A---- C:\Windows\system32\dmime.dll
2010-06-26 17:01:18 ----A---- C:\Windows\system32\dmdskres2.dll
2010-06-26 17:01:18 ----A---- C:\Windows\system32\dmdskmgr.dll
2010-06-26 17:01:17 ----A---- C:\Windows\system32\DWWIN.EXE
2010-06-26 17:01:17 ----A---- C:\Windows\system32\drivers\dxapi.sys
2010-06-26 17:01:17 ----A---- C:\Windows\system32\dnshc.dll
2010-06-26 17:01:17 ----A---- C:\Windows\system32\dnscacheugc.exe
2010-06-26 17:01:17 ----A---- C:\Windows\system32\dmvdsitf.dll
2010-06-26 17:01:17 ----A---- C:\Windows\system32\dmutil.dll
2010-06-26 17:01:17 ----A---- C:\Windows\system32\dmdlgs.dll
2010-06-26 17:01:15 ----A---- C:\Windows\system32\dxva2.dll
2010-06-26 17:01:15 ----A---- C:\Windows\system32\dwmredir.dll
2010-06-26 17:01:15 ----A---- C:\Windows\system32\dwmapi.dll
2010-06-26 17:01:15 ----A---- C:\Windows\system32\duser.dll
2010-06-26 17:01:15 ----A---- C:\Windows\system32\dsuiext.dll
2010-06-26 17:01:15 ----A---- C:\Windows\system32\dssenh.dll
2010-06-26 17:01:15 ----A---- C:\Windows\system32\dssec.dll
2010-06-26 17:01:15 ----A---- C:\Windows\system32\dsquery.dll
2010-06-26 17:01:15 ----A---- C:\Windows\system32\dskquoui.dll
2010-06-26 17:01:15 ----A---- C:\Windows\system32\dskquota.dll
2010-06-26 17:01:15 ----A---- C:\Windows\system32\dsdmo.dll
2010-06-26 17:01:15 ----A---- C:\Windows\system32\dsauth.dll
2010-06-26 17:01:14 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2010-06-26 17:01:14 ----A---- C:\Windows\system32\AuthFWGP.dll
2010-06-26 17:01:14 ----A---- C:\Windows\system32\authfwcfg.dll
2010-06-26 17:01:14 ----A---- C:\Windows\system32\auditpol.exe
2010-06-26 17:01:14 ----A---- C:\Windows\system32\AUDIOKSE.dll
2010-06-26 17:01:14 ----A---- C:\Windows\system32\AudioEng.dll
2010-06-26 17:01:14 ----A---- C:\Windows\system32\audiodev.dll
2010-06-26 17:01:14 ----A---- C:\Windows\system32\AtBroker.exe
2010-06-26 17:01:14 ----A---- C:\Windows\system32\at.exe
2010-06-26 17:01:13 ----A---- C:\Windows\system32\drivers\beep.sys
2010-06-26 17:01:13 ----A---- C:\Windows\system32\drivers\bdasup.sys
2010-06-26 17:01:13 ----A---- C:\Windows\system32\drivers\battc.sys
2010-06-26 17:01:13 ----A---- C:\Windows\system32\drivers\asyncmac.sys
2010-06-26 17:01:13 ----A---- C:\Windows\system32\bitsadmin.exe
2010-06-26 17:01:13 ----A---- C:\Windows\system32\bcdsrv.dll
2010-06-26 17:01:13 ----A---- C:\Windows\system32\bcdprov.dll
2010-06-26 17:01:13 ----A---- C:\Windows\system32\bcdedit.exe
2010-06-26 17:01:13 ----A---- C:\Windows\system32\batt.dll
2010-06-26 17:01:13 ----A---- C:\Windows\system32\basesrv.dll
2010-06-26 17:01:13 ----A---- C:\Windows\system32\AuxiliaryDisplayApi.dll
2010-06-26 17:01:13 ----A---- C:\Windows\bfsvc.exe
2010-06-26 17:01:12 ----A---- C:\Windows\system32\AzSqlExt.dll
2010-06-26 17:01:12 ----A---- C:\Windows\system32\azroleui.dll
2010-06-26 17:01:12 ----A---- C:\Windows\system32\avrt.dll
2010-06-26 17:01:12 ----A---- C:\Windows\system32\ACW.exe
2010-06-26 17:01:12 ----A---- C:\Windows\system32\actxprxy.dll
2010-06-26 17:01:12 ----A---- C:\Windows\system32\activeds.dll
2010-06-26 17:01:12 ----A---- C:\Windows\system32\ActiveContentWizard.dll
2010-06-26 17:01:12 ----A---- C:\Windows\system32\ActionQueue.dll
2010-06-26 17:01:10 ----A---- C:\Windows\system32\drivers\1394bus.sys
2010-06-26 17:01:07 ----A---- C:\Windows\system32\aclui.dll
2010-06-26 17:01:06 ----A---- C:\Windows\system32\amxread.dll
2010-06-26 17:01:06 ----A---- C:\Windows\system32\amstream.dll
2010-06-26 17:01:05 ----A---- C:\Windows\system32\apss.dll
2010-06-26 17:01:05 ----A---- C:\Windows\system32\appinfo.dll
2010-06-26 17:01:05 ----A---- C:\Windows\system32\apircl.dll
2010-06-26 17:01:05 ----A---- C:\Windows\system32\apilogen.dll
2010-06-26 17:01:05 ----A---- C:\Windows\system32\adsnt.dll
2010-06-26 17:01:04 ----A---- C:\Windows\system32\cabinet.dll
2010-06-26 17:01:04 ----A---- C:\Windows\system32\btpanui.dll
2010-06-26 17:01:04 ----A---- C:\Windows\system32\alg.exe
2010-06-26 17:01:04 ----A---- C:\Windows\system32\adsldp.dll
2010-06-26 17:01:03 ----A---- C:\Windows\system32\catsrvut.dll
2010-06-26 17:01:03 ----A---- C:\Windows\system32\catsrv.dll
2010-06-26 17:01:03 ----A---- C:\Windows\system32\capisp.dll
2010-06-26 17:01:03 ----A---- C:\Windows\system32\cacls.exe
2010-06-26 17:01:03 ----A---- C:\Windows\system32\BOOTVID.DLL
2010-06-26 17:01:03 ----A---- C:\Windows\system32\bootstr.dll
2010-06-26 17:01:02 ----A---- C:\Windows\system32\drivers\bowser.sys
2010-06-26 17:01:02 ----A---- C:\Windows\system32\CertEnrollCtrl.exe
2010-06-26 17:01:02 ----A---- C:\Windows\system32\browser.dll
2010-06-26 17:01:02 ----A---- C:\Windows\system32\bridgeunattend.exe
2010-06-26 17:01:02 ----A---- C:\Windows\system32\brcplsdw.dll
2010-06-26 17:01:01 ----A---- C:\Windows\system32\cfgbkend.dll
2010-06-26 17:01:01 ----A---- C:\Windows\system32\cewmdm.dll
2010-06-26 17:01:00 ----A---- C:\Windows\system32\drivers\cdfs.sys
2010-06-26 17:01:00 ----A---- C:\Windows\system32\cfgmgr32.dll
2010-06-26 17:01:00 ----A---- C:\Windows\system32\cdosys.dll
2010-06-26 17:01:00 ----A---- C:\Windows\system32\bootcfg.exe
2010-06-26 17:00:55 ----A---- C:\Windows\system32\imagesp1.dll
2010-06-26 17:00:54 ----A---- C:\Windows\system32\inetmib1.dll
2010-06-26 17:00:54 ----A---- C:\Windows\system32\imagehlp.dll
2010-06-26 17:00:53 ----A---- C:\Windows\system32\InfDefaultInstall.exe
2010-06-26 17:00:51 ----A---- C:\Windows\system32\icaapi.dll
2010-06-26 17:00:51 ----A---- C:\Windows\system32\iashost.exe
2010-06-26 17:00:51 ----A---- C:\Windows\system32\ias.dll
2010-06-26 17:00:51 ----A---- C:\Windows\system32\drivers\i8042prt.sys
2010-06-26 17:00:49 ----A---- C:\Windows\system32\ifsutil.dll
2010-06-26 17:00:49 ----A---- C:\Windows\system32\icsunattend.exe
2010-06-26 17:00:49 ----A---- C:\Windows\system32\icsfiltr.dll
2010-06-26 17:00:49 ----A---- C:\Windows\system32\icm32.dll
2010-06-26 17:00:48 ----A---- C:\Windows\system32\idndl.dll
2010-06-26 17:00:48 ----A---- C:\Windows\system32\icfupgd.dll
2010-06-26 17:00:48 ----A---- C:\Windows\system32\icacls.exe
2010-06-26 17:00:47 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2010-06-26 17:00:47 ----A---- C:\Windows\system32\hnetmon.dll
2010-06-26 17:00:47 ----A---- C:\Windows\system32\hnetcfg.dll
2010-06-26 17:00:47 ----A---- C:\Windows\system32\hlink.dll
2010-06-26 17:00:43 ----A---- C:\Windows\system32\fsutil.exe
2010-06-26 17:00:43 ----A---- C:\Windows\system32\fsmgmt.msc
2010-06-26 17:00:43 ----A---- C:\Windows\system32\framedyn.dll
2010-06-26 17:00:43 ----A---- C:\Windows\system32\framebuf.dll
2010-06-26 17:00:43 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2010-06-26 17:00:42 ----A---- C:\Windows\system32\fwcfg.dll
2010-06-26 17:00:42 ----A---- C:\Windows\system32\framedynos.dll
2010-06-26 17:00:42 ----A---- C:\Windows\system32\fphc.dll
2010-06-26 17:00:42 ----A---- C:\Windows\fveupdate.exe
2010-06-26 17:00:41 ----A---- C:\Windows\system32\hcrstco.dll
2010-06-26 17:00:41 ----A---- C:\Windows\system32\GuidedHelp.dll
2010-06-26 17:00:40 ----A---- C:\Windows\system32\HelpPaneProxy.dll
2010-06-26 17:00:40 ----A---- C:\Windows\system32\getmac.exe
2010-06-26 17:00:40 ----A---- C:\Windows\system32\gacinstall.dll
2010-06-26 17:00:40 ----A---- C:\Windows\system32\drivers\hidparse.sys
2010-06-26 17:00:40 ----A---- C:\Windows\HelpPane.exe
2010-06-26 17:00:39 ----A---- C:\Windows\system32\graftabl.com
2010-06-26 17:00:39 ----A---- C:\Windows\system32\gatherWiredInfo.vbs
2010-06-26 17:00:35 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
2010-06-26 17:00:34 ----A---- C:\Windows\system32\wiaacmgr.exe
2010-06-26 17:00:33 ----A---- C:\Windows\system32\wiarpc.dll
2010-06-26 17:00:33 ----A---- C:\Windows\system32\wiadss.dll
2010-06-26 17:00:33 ----A---- C:\Windows\system32\wiadefui.dll
2010-06-26 17:00:33 ----A---- C:\Windows\system32\wfapigp.dll
2010-06-26 17:00:32 ----A---- C:\Windows\system32\winusb.dll
2010-06-26 17:00:32 ----A---- C:\Windows\system32\winsta.dll
2010-06-26 17:00:32 ----A---- C:\Windows\system32\WINSRPC.DLL
2010-06-26 17:00:32 ----A---- C:\Windows\system32\WinSATAPI.dll
2010-06-26 17:00:32 ----A---- C:\Windows\system32\wiashext.dll
2010-06-26 17:00:32 ----A---- C:\Windows\system32\wiascanprofiles.dll
2010-06-26 17:00:31 ----A---- C:\Windows\system32\WLanConn.dll
2010-06-26 17:00:31 ----A---- C:\Windows\system32\wlancfg.dll
2010-06-26 17:00:31 ----A---- C:\Windows\system32\wininit.exe
2010-06-26 17:00:30 ----A---- C:\Windows\system32\winnsi.dll
2010-06-26 17:00:30 ----A---- C:\Windows\system32\winethc.dll
2010-06-26 17:00:30 ----A---- C:\Windows\system32\wbemcomn.dll
2010-06-26 17:00:30 ----A---- C:\Windows\system32\wavemsp.dll
2010-06-26 17:00:30 ----A---- C:\Windows\system32\WavDest.dll
2010-06-26 17:00:30 ----A---- C:\Windows\system32\w32tm.exe
2010-06-26 17:00:29 ----A---- C:\Windows\system32\waitfor.exe
2010-06-26 17:00:29 ----A---- C:\Windows\system32\vsstrace.dll
2010-06-26 17:00:29 ----A---- C:\Windows\system32\vssadmin.exe
2010-06-26 17:00:29 ----A---- C:\Windows\system32\vss_ps.dll
2010-06-26 17:00:29 ----A---- C:\Windows\system32\drivers\wanarp.sys
2010-06-26 17:00:28 ----A---- C:\Windows\system32\wermgr.exe
2010-06-26 17:00:28 ----A---- C:\Windows\system32\werdiagcontroller.dll
2010-06-26 17:00:28 ----A---- C:\Windows\system32\wercplsupport.dll
2010-06-26 17:00:28 ----A---- C:\Windows\system32\wdi.dll
2010-06-26 17:00:27 ----A---- C:\Windows\system32\wshcon.dll
2010-06-26 17:00:27 ----A---- C:\Windows\system32\wscproxystub.dll
2010-06-26 17:00:27 ----A---- C:\Windows\system32\wscmisetup.dll
2010-06-26 17:00:27 ----A---- C:\Windows\system32\drivers\ws2ifsl.sys
2010-06-26 17:00:26 ----A---- C:\Windows\system32\wship6.dll
2010-06-26 17:00:26 ----A---- C:\Windows\system32\wsecedit.dll
2010-06-26 17:00:25 ----A---- C:\Windows\system32\Wpc.dll
2010-06-26 17:00:24 ----A---- C:\Windows\system32\xcopy.exe
2010-06-26 17:00:24 ----A---- C:\Windows\system32\ws2_32.dll
2010-06-26 17:00:24 ----A---- C:\Windows\system32\wpnpinst.exe
2010-06-26 17:00:24 ----A---- C:\Windows\system32\wpdwcn.dll
2010-06-26 17:00:24 ----A---- C:\Windows\system32\wpclsp.dll
2010-06-26 17:00:23 ----A---- C:\Windows\system32\XPSSHHDR.dll
2010-06-26 17:00:23 ----A---- C:\Windows\system32\xolehlp.dll
2010-06-26 17:00:23 ----A---- C:\Windows\system32\xmlprovi.dll
2010-06-26 17:00:23 ----A---- C:\Windows\system32\xmllite.dll
2010-06-26 17:00:23 ----A---- C:\Windows\system32\xactsrv.dll
2010-06-26 17:00:23 ----A---- C:\Windows\system32\wzcdlg.dll
2010-06-26 17:00:23 ----A---- C:\Windows\system32\wvc.dll
2010-06-26 17:00:23 ----A---- C:\Windows\system32\WUDFx.dll
2010-06-26 17:00:23 ----A---- C:\Windows\system32\WUDFSvc.dll
2010-06-26 17:00:23 ----A---- C:\Windows\system32\WUDFPlatform.dll
2010-06-26 17:00:23 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2010-06-26 17:00:23 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2010-06-26 17:00:22 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2010-06-26 17:00:22 ----A---- C:\Windows\system32\wsqmcons.exe
2010-06-26 17:00:22 ----A---- C:\Windows\system32\wsock32.dll
2010-06-26 17:00:22 ----A---- C:\Windows\system32\WSHTCPIP.DLL
2010-06-26 17:00:21 ----A---- C:\Windows\system32\xwizards.dll
2010-06-26 17:00:21 ----A---- C:\Windows\system32\xpssvcs.dll
2010-06-26 17:00:21 ----A---- C:\Windows\system32\WUDFHost.exe
2010-06-26 17:00:21 ----A---- C:\Windows\system32\wtsapi32.dll
2010-06-26 17:00:20 ----A---- C:\Windows\system32\wmidx.dll
2010-06-26 17:00:20 ----A---- C:\Windows\system32\WlanMmHC.dll
2010-06-26 17:00:20 ----A---- C:\Windows\system32\WlanMM.dll
2010-06-26 17:00:20 ----A---- C:\Windows\system32\WLanHC.dll
2010-06-26 17:00:20 ----A---- C:\Windows\system32\wlanext.exe
2010-06-26 17:00:20 ----A---- C:\Windows\system32\wlandlg.dll
2010-06-26 17:00:20 ----A---- C:\Windows\system32\drivers\wmilib.sys
2010-06-26 17:00:18 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2010-06-26 17:00:18 ----A---- C:\Windows\system32\wmpshell.dll
2010-06-26 17:00:18 ----A---- C:\Windows\system32\wmdrmnet.dll
2010-06-26 17:00:18 ----A---- C:\Windows\system32\wmdrmdev.dll
2010-06-26 17:00:18 ----A---- C:\Windows\system32\WMASF.DLL
2010-06-26 17:00:18 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2010-06-26 17:00:18 ----A---- C:\Windows\system32\WMADMOE.DLL
2010-06-26 17:00:18 ----A---- C:\Windows\system32\WMADMOD.DLL
2010-06-26 17:00:17 ----A---- C:\Windows\system32\wmpsrcwp.dll
2010-06-26 17:00:15 ----A---- C:\Windows\system32\WMVSENCD.DLL
2010-06-26 17:00:15 ----A---- C:\Windows\system32\wmvdspa.dll
2010-06-26 17:00:14 ----A---- C:\Windows\system32\WMVDECOD.DLL
2010-06-26 17:00:14 ----A---- C:\Windows\system32\WMPEncEn.dll
2010-06-26 17:00:14 ----A---- C:\Windows\system32\wmiprop.dll
2010-06-26 17:00:12 ----A---- C:\Windows\system32\wmpcm.dll
2010-06-26 17:00:10 ----A---- C:\Windows\system32\Tabbtn.dll
2010-06-26 17:00:10 ----A---- C:\Windows\system32\systeminfo.exe
2010-06-26 17:00:06 ----A---- C:\Windows\system32\tbssvc.dll
2010-06-26 17:00:05 ----A---- C:\Windows\system32\tbs.dll
2010-06-26 17:00:05 ----A---- C:\Windows\system32\taskschd.dll
2010-06-26 17:00:05 ----A---- C:\Windows\system32\taskmgr.exe
2010-06-26 17:00:05 ----A---- C:\Windows\system32\tasklist.exe
2010-06-26 17:00:05 ----A---- C:\Windows\system32\taskkill.exe
2010-06-26 17:00:05 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2010-06-26 17:00:04 ----A---- C:\Windows\system32\tdh.dll
2010-06-26 17:00:04 ----A---- C:\Windows\system32\tcpmon.ini
2010-06-26 17:00:04 ----A---- C:\Windows\system32\tabcal.exe
2010-06-26 17:00:04 ----A---- C:\Windows\system32\TabbtnEx.dll
2010-06-26 17:00:04 ----A---- C:\Windows\system32\drivers\tdpipe.sys
2010-06-26 17:00:04 ----A---- C:\Windows\system32\drivers\tdi.sys
2010-06-26 17:00:03 ----A---- C:\Windows\system32\TapiMigPlugin.dll
2010-06-26 17:00:03 ----A---- C:\Windows\system32\drivers\tape.sys
2010-06-26 17:00:02 ----A---- C:\Windows\system32\takeown.exe
2010-06-26 17:00:02 ----A---- C:\Windows\system32\srclient.dll
2010-06-26 17:00:02 ----A---- C:\Windows\system32\sqmapi.dll
2010-06-26 17:00:01 ----A---- C:\Windows\system32\srrstr.dll
2010-06-26 17:00:01 ----A---- C:\Windows\system32\srdelayed.exe
2010-06-26 17:00:01 ----A---- C:\Windows\system32\sqlcese30.dll
2010-06-26 17:00:01 ----A---- C:\Windows\system32\sqlceqp30.dll
2010-06-26 17:00:00 ----A---- C:\Windows\system32\sstpsvc.dll
2010-06-26 17:00:00 ----A---- C:\Windows\system32\SSShim.dll
2010-06-26 17:00:00 ----A---- C:\Windows\system32\ssdpsrv.dll
2010-06-26 17:00:00 ----A---- C:\Windows\system32\srwmi.dll
2010-06-26 16:59:57 ----A---- C:\Windows\system32\SoundRecorder.exe
2010-06-26 16:59:57 ----A---- C:\Windows\system32\drivers\spldr.sys
2010-06-26 16:59:56 ----A---- C:\Windows\system32\spwizres.dll
2010-06-26 16:59:56 ----A---- C:\Windows\system32\spwizeng.dll
2010-06-26 16:59:56 ----A---- C:\Windows\system32\spbcd.dll
2010-06-26 16:59:55 ----A---- C:\Windows\system32\SysFxUI.dll
2010-06-26 16:59:55 ----A---- C:\Windows\system32\syncui.dll
2010-06-26 16:59:55 ----A---- C:\Windows\system32\synceng.dll
2010-06-26 16:59:55 ----A---- C:\Windows\system32\sxstrace.exe
2010-06-26 16:59:55 ----A---- C:\Windows\system32\spwizimg.dll
2010-06-26 16:59:55 ----A---- C:\Windows\system32\sppnp.dll
2010-06-26 16:59:55 ----A---- C:\Windows\system32\spopk.dll
2010-06-26 16:59:54 ----A---- C:\Windows\system32\sxsstore.dll
2010-06-26 16:59:54 ----A---- C:\Windows\system32\sxs.dll
2010-06-26 16:59:52 ----A---- C:\Windows\system32\userinit.exe
2010-06-26 16:59:52 ----A---- C:\Windows\system32\usbperf.dll
2010-06-26 16:59:52 ----A---- C:\Windows\system32\usbmon.dll
2010-06-26 16:59:52 ----A---- C:\Windows\system32\syssetup.dll
2010-06-26 16:59:52 ----A---- C:\Windows\system32\syskey.exe
2010-06-26 16:59:52 ----A---- C:\Windows\system32\svchost.exe
2010-06-26 16:59:52 ----A---- C:\Windows\system32\sti_ci.dll
2010-06-26 16:59:52 ----A---- C:\Windows\system32\drivers\swenum.sys
2010-06-26 16:59:50 ----A---- C:\Windows\system32\xwtpw32.dll
2010-06-26 16:59:50 ----A---- C:\Windows\system32\usbui.dll
2010-06-26 16:59:50 ----A---- C:\Windows\system32\upnphost.dll
2010-06-26 16:59:50 ----A---- C:\Windows\system32\upnpcont.exe
2010-06-26 16:59:50 ----A---- C:\Windows\system32\upnp.dll
2010-06-26 16:59:50 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2010-06-26 16:59:50 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2010-06-26 16:59:50 ----A---- C:\Windows\system32\drivers\usbd.sys
2010-06-26 16:59:50 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2010-06-26 16:59:49 ----A---- C:\Windows\system32\vga64k.dll
2010-06-26 16:59:49 ----A---- C:\Windows\system32\vga256.dll
2010-06-26 16:59:49 ----A---- C:\Windows\system32\vga.dll
2010-06-26 16:59:49 ----A---- C:\Windows\system32\drivers\vga.sys
2010-06-26 16:59:48 ----A---- C:\Windows\system32\VIDRESZR.DLL
2010-06-26 16:59:48 ----A---- C:\Windows\system32\verifier.dll
2010-06-26 16:59:48 ----A---- C:\Windows\system32\VAN.dll
2010-06-26 16:59:48 ----A---- C:\Windows\system32\uxtheme.dll
2010-06-26 16:59:48 ----A---- C:\Windows\system32\uudf.dll
2010-06-26 16:59:48 ----A---- C:\Windows\system32\utildll.dll
2010-06-26 16:59:48 ----A---- C:\Windows\system32\drivers\volmgr.sys
2010-06-26 16:59:48 ----A---- C:\Windows\system32\drivers\videoprt.sys
2010-06-26 16:59:47 ----A---- C:\Windows\system32\vfwwdm32.dll
2010-06-26 16:59:47 ----A---- C:\Windows\system32\verifier.exe
2010-06-26 16:59:47 ----A---- C:\Windows\system32\vdsldr.exe
2010-06-26 16:59:47 ----A---- C:\Windows\system32\vdsbas.dll
2010-06-26 16:59:47 ----A---- C:\Windows\system32\vds_ps.dll
2010-06-26 16:59:47 ----A---- C:\Windows\system32\vdmredir.dll
2010-06-26 16:59:47 ----A---- C:\Windows\system32\TSpkg.dll
2010-06-26 16:59:47 ----A---- C:\Windows\system32\trkwks.dll
2010-06-26 16:59:47 ----A---- C:\Windows\system32\tracerpt.exe
2010-06-26 16:59:47 ----A---- C:\Windows\system32\TpmInit.exe
2010-06-26 16:59:47 ----A---- C:\Windows\system32\TMM.dll
2010-06-26 16:59:46 ----A---- C:\Windows\system32\umb.dll
2010-06-26 16:59:46 ----A---- C:\Windows\system32\tsddd.dll
2010-06-26 16:59:46 ----A---- C:\Windows\system32\TimeDateMUICallback.dll
2010-06-26 16:59:46 ----A---- C:\Windows\system32\thumbcache.dll
2010-06-26 16:59:46 ----A---- C:\Windows\system32\termmgr.dll
2010-06-26 16:59:46 ----A---- C:\Windows\system32\drivers\umbus.sys
2010-06-26 16:59:46 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2010-06-26 16:59:45 ----A---- C:\Windows\system32\unlodctr.exe
2010-06-26 16:59:45 ----A---- C:\Windows\system32\unbcl.dll
2010-06-26 16:59:45 ----A---- C:\Windows\system32\unattendedjoin.exe
2010-06-26 16:59:45 ----A---- C:\Windows\system32\unattend.dll
2010-06-26 16:59:45 ----A---- C:\Windows\system32\UIHub.dll
2010-06-26 16:59:45 ----A---- C:\Windows\system32\ucsvc.exe
2010-06-26 16:59:45 ----A---- C:\Windows\system32\txfw32.dll
2010-06-26 16:59:45 ----A---- C:\Windows\system32\txflog.dll
2010-06-26 16:59:45 ----A---- C:\Windows\system32\drivers\umpass.sys
2010-06-26 16:59:44 ----A---- C:\Windows\system32\UI0Detect.exe
2010-06-26 16:59:44 ----A---- C:\Windows\system32\ufat.dll
2010-06-26 16:59:44 ----A---- C:\Windows\system32\uexfat.dll
2010-06-26 14:44:56 ----D---- C:\Windows\system32\EventProviders
2010-06-26 12:44:43 ----A---- C:\Windows\system32\winhttp.dll
2010-06-26 12:44:39 ----A---- C:\Windows\system32\vbscript.dll
2010-06-26 12:44:14 ----A---- C:\Windows\system32\jscript.dll
2010-06-26 12:31:40 ----D---- C:\Windows\system32\WindowsPowerShell
2010-06-26 12:28:02 ----D---- C:\Program Files\Microsoft ATS
2010-06-26 03:48:13 ----A---- C:\Windows\system32\mshtmled.dll
2010-06-26 03:48:12 ----A---- C:\Windows\system32\mshtmler.dll
2010-06-26 03:48:12 ----A---- C:\Windows\system32\icardie.dll
2010-06-26 03:48:12 ----A---- C:\Windows\system32\admparse.dll
2010-06-26 03:48:11 ----A---- C:\Windows\system32\msls31.dll
2010-06-26 03:48:11 ----A---- C:\Windows\system32\ieakeng.dll
2010-06-26 03:48:11 ----A---- C:\Windows\system32\corpol.dll
2010-06-26 03:48:10 ----A---- C:\Windows\system32\imgutil.dll
2010-06-26 03:48:10 ----A---- C:\Windows\system32\dxtrans.dll
2010-06-26 03:48:10 ----A---- C:\Windows\system32\dxtmsft.dll
2010-06-26 03:48:09 ----A---- C:\Windows\system32\licmgr10.dll
2010-06-26 03:48:08 ----A---- C:\Windows\system32\msrating.dll
2010-06-26 03:48:08 ----A---- C:\Windows\system32\inseng.dll
2010-06-26 03:48:08 ----A---- C:\Windows\system32\ieaksie.dll
2010-06-26 03:48:07 ----A---- C:\Windows\system32\wextract.exe
2010-06-26 03:48:07 ----A---- C:\Windows\system32\webcheck.dll
2010-06-26 03:48:07 ----A---- C:\Windows\system32\ieakui.dll
2010-06-26 03:48:06 ----A---- C:\Windows\system32\WinFXDocObj.exe
2010-06-26 03:48:05 ----A---- C:\Windows\system32\pngfilt.dll
2010-06-26 03:48:05 ----A---- C:\Windows\system32\advpack.dll
2010-06-26 03:48:03 ----A---- C:\Windows\system32\ieapfltr.dll
2010-06-26 03:48:02 ----A---- C:\Windows\system32\url.dll
2010-06-26 03:47:59 ----A---- C:\Windows\system32\mshta.exe
2010-06-26 03:47:59 ----A---- C:\Windows\system32\iexpress.exe
2010-06-26 03:47:58 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2010-06-26 03:47:58 ----A---- C:\Windows\system32\SetDepNx.exe
2010-06-26 03:47:58 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2010-06-26 03:47:57 ----A---- C:\Windows\system32\PDMSetup.exe
2010-06-26 03:47:02 ----D---- C:\Program Files\Microsoft
2010-06-26 03:46:47 ----D---- C:\Program Files\Microsoft Silverlight
2010-06-26 03:09:43 ----A---- C:\Windows\system32\kerberos.dll
2010-06-26 03:09:41 ----A---- C:\Windows\system32\schannel.dll
2010-06-26 00:53:27 ----A---- C:\Windows\system32\t2embed.dll
2010-06-26 00:53:26 ----A---- C:\Windows\system32\lpk.dll
2010-06-26 00:53:26 ----A---- C:\Windows\system32\fontsub.dll
2010-06-26 00:53:26 ----A---- C:\Windows\system32\dciman32.dll
2010-06-26 00:52:20 ----A---- C:\Windows\system32\rrinstaller.exe
2010-06-26 00:52:20 ----A---- C:\Windows\system32\mfps.dll
2010-06-26 00:52:20 ----A---- C:\Windows\system32\mferror.dll
2010-06-26 00:52:20 ----A---- C:\Windows\system32\mf.dll
2010-06-26 00:52:19 ----A---- C:\Windows\system32\mfpmp.exe
2010-06-26 00:52:18 ----A---- C:\Windows\system32\WMVCORE.DLL
2010-06-26 00:51:04 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-06-26 00:51:02 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-06-26 00:45:55 ----A---- C:\Windows\system32\atl.dll
2010-06-26 00:39:06 ----A---- C:\Windows\system32\wkssvc.dll
2010-06-26 00:38:08 ----A---- C:\Windows\system32\tsgqec.dll
2010-06-26 00:38:08 ----A---- C:\Windows\system32\aaclient.dll
2010-06-26 00:38:07 ----A---- C:\Windows\system32\mstscax.dll
2010-06-25 22:47:41 ----D---- C:\Program Files\Common Files\PX Storage Engine
2010-06-25 22:33:02 ----D---- C:\Users\James Raphael\AppData\Roaming\DivX
2010-06-25 22:24:40 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2010-06-25 22:24:40 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2010-06-25 22:24:40 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2010-06-25 22:24:39 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2010-06-25 22:24:39 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2010-06-25 22:24:38 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2010-06-25 22:24:38 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2010-06-25 22:24:37 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2010-06-25 22:24:36 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2010-06-25 22:24:35 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2010-06-25 22:24:34 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2010-06-25 22:24:33 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2010-06-25 22:24:33 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2010-06-25 22:24:32 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2010-06-25 22:24:31 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2010-06-25 22:24:28 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2010-06-25 22:24:27 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2010-06-25 22:24:27 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2010-06-25 22:24:26 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2010-06-25 22:24:24 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2010-06-25 22:24:23 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2010-06-25 22:24:23 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2010-06-25 22:24:22 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2010-06-25 22:24:22 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2010-06-25 22:24:21 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2010-06-25 22:24:20 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2010-06-25 22:24:19 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2010-06-25 22:24:19 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2010-06-25 22:24:18 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2010-06-25 22:24:16 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2010-06-25 22:24:15 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2010-06-25 22:24:14 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2010-06-25 22:24:14 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2010-06-25 22:24:13 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2010-06-25 22:24:13 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2010-06-25 22:24:12 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2010-06-25 22:24:11 ----A---- C:\Windows\system32\NlsModels0011.dll
2010-06-25 22:24:11 ----A---- C:\Windows\system32\NlsData0045.dll
2010-06-25 22:24:10 ----A---- C:\Windows\system32\NlsData0046.dll
2010-06-25 22:24:09 ----A---- C:\Windows\system32\NlsData0049.dll
2010-06-25 22:24:09 ----A---- C:\Windows\system32\NlsData0047.dll
2010-06-25 22:24:08 ----A---- C:\Windows\system32\NlsData0039.dll
2010-06-25 22:24:07 ----A---- C:\Windows\system32\NlsData0021.dll
2010-06-25 22:24:07 ----A---- C:\Windows\system32\NlsData0020.dll
2010-06-25 22:24:06 ----A---- C:\Windows\system32\NlsData0022.dll
2010-06-25 22:24:05 ----A---- C:\Windows\system32\NlsData0026.dll
2010-06-25 22:24:05 ----A---- C:\Windows\system32\NlsData0024.dll
2010-06-25 22:24:04 ----A---- C:\Windows\system32\NlsData0027.dll
2010-06-25 22:24:04 ----A---- C:\Windows\system32\NlsData0010.dll
2010-06-25 22:24:03 ----A---- C:\Windows\system32\NlsData0011.dll
2010-06-25 22:24:02 ----A---- C:\Windows\system32\NlsData0018.dll
2010-06-25 22:24:02 ----A---- C:\Windows\system32\NlsData0013.dll
2010-06-25 22:24:01 ----A---- C:\Windows\system32\NlsData0000.dll
2010-06-25 22:24:00 ----A---- C:\Windows\system32\NlsData0019.dll
2010-06-25 22:24:00 ----A---- C:\Windows\system32\NlsData0001.dll
2010-06-25 22:23:59 ----A---- C:\Windows\system32\NlsData0003.dll
2010-06-25 22:23:59 ----A---- C:\Windows\system32\NlsData0002.dll
2010-06-25 22:23:58 ----A---- C:\Windows\system32\NlsData0007.dll
2010-06-25 22:23:57 ----A---- C:\Windows\system32\NlsData0009.dll
2010-06-25 22:23:56 ----A---- C:\Windows\system32\NlsData004b.dll
2010-06-25 22:23:56 ----A---- C:\Windows\system32\NlsData004a.dll
2010-06-25 22:23:55 ----A---- C:\Windows\system32\NlsData004e.dll
2010-06-25 22:23:55 ----A---- C:\Windows\system32\NlsData004c.dll
2010-06-25 22:23:54 ----A---- C:\Windows\system32\NlsData003e.dll
2010-06-25 22:23:53 ----A---- C:\Windows\system32\NlsData002a.dll
2010-06-25 22:23:53 ----A---- C:\Windows\system32\NlsData001a.dll
2010-06-25 22:23:52 ----A---- C:\Windows\system32\NlsData001b.dll
2010-06-25 22:23:51 ----A---- C:\Windows\system32\NlsData001d.dll
2010-06-25 22:23:50 ----A---- C:\Windows\system32\NlsData000c.dll
2010-06-25 22:23:50 ----A---- C:\Windows\system32\NlsData000a.dll
2010-06-25 22:23:49 ----A---- C:\Windows\system32\NlsData000d.dll
2010-06-25 22:23:48 ----A---- C:\Windows\system32\NlsData0414.dll
2010-06-25 22:23:48 ----A---- C:\Windows\system32\NlsData000f.dll
2010-06-25 22:23:47 ----A---- C:\Windows\system32\NlsData0416.dll
2010-06-25 22:23:46 ----A---- C:\Windows\system32\NlsData0816.dll
2010-06-25 22:23:45 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2010-06-25 22:23:45 ----A---- C:\Windows\system32\NlsData081a.dll
2010-06-25 22:23:44 ----A---- C:\Windows\system32\NlsData0c1a.dll
2010-06-25 22:20:00 ----A---- C:\Windows\system32\kbd106n.dll
2010-06-25 22:19:47 ----D---- C:\Program Files\Common Files\DivX Shared
2010-06-25 22:15:50 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-06-25 22:15:49 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-06-25 22:15:49 ----A---- C:\Windows\system32\drivers\tunnel.sys
2010-06-25 22:15:48 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2010-06-25 22:15:45 ----A---- C:\Windows\system32\drivers\TUNMP.SYS
2010-06-25 22:06:31 ----D---- C:\Program Files\DivX
2010-06-25 22:03:12 ----D---- C:\ProgramData\DivX
2010-06-25 21:56:16 ----D---- C:\Program Files\GRETECH
2010-06-25 21:52:38 ----A---- C:\Windows\system32\unrar.dll
2010-06-25 21:52:37 ----A---- C:\Windows\avisplitter.ini
2010-06-25 21:52:23 ----A---- C:\Windows\system32\yv12vfw.dll
2010-06-25 21:52:21 ----A---- C:\Windows\system32\xvidvfw.dll
2010-06-25 21:52:21 ----A---- C:\Windows\system32\xvidcore.dll
2010-06-25 21:52:03 ----A---- C:\Windows\system32\ff_vfw.dll.manifest
2010-06-25 21:52:03 ----A---- C:\Windows\system32\ff_vfw.dll
2010-06-25 21:51:58 ----D---- C:\Program Files\K-Lite Codec Pack
2010-06-25 21:44:38 ----A---- C:\Windows\system32\uxtuneup.dll
2010-06-25 21:44:38 ----A---- C:\Windows\system32\authuitu.dll
2010-06-25 21:38:02 ----A---- C:\Windows\system32\TURegOpt.exe
2010-06-25 21:37:18 ----D---- C:\Users\James Raphael\AppData\Roaming\TuneUp Software
2010-06-25 21:36:56 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-06-25 21:36:01 ----D---- C:\ProgramData\TuneUp Software
2010-06-25 21:35:52 ----SHD---- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-06-25 21:33:23 ----D---- C:\Program Files\CCleaner
2010-06-25 21:24:11 ----A---- C:\Windows\system32\drivers\bfturboh.sys
2010-06-25 21:21:48 ----A---- C:\Windows\system32\drivers\bautopw.sys
2010-06-25 21:21:37 ----D---- C:\Program Files\BUFFALO
2010-06-25 14:33:49 ----D---- C:\ProgramData\Roaming
2010-06-25 14:33:41 ----A---- C:\Windows\system32\IHV_Install.bat
2010-06-25 14:33:29 ----D---- C:\ProgramData\Intel
2010-06-25 14:31:41 ----D---- C:\Program Files\ltmoh
2010-06-25 14:31:41 ----A---- C:\Windows\system32\tosmreg.ini
2010-06-25 14:31:41 ----A---- C:\Windows\system32\tosmreg.exe
2010-06-25 14:31:41 ----A---- C:\Windows\system32\cseltbl.ini
2010-06-25 14:31:41 ----A---- C:\Windows\system32\csellang.ini
2010-06-25 14:31:41 ----A---- C:\Windows\system32\csellang.dll
2010-06-25 14:31:41 ----A---- C:\Windows\system32\cselect.exe
2010-06-25 14:31:11 ----D---- C:\Windows\Options
2010-06-25 14:30:55 ----D---- C:\Program Files\Synaptics
2010-06-25 14:29:25 ----D---- C:\Windows\system32\RTCOM
2010-06-25 14:28:56 ----A---- C:\Windows\DIFxAPI.dll
2010-06-25 14:28:55 ----A---- C:\Windows\system32\SRSWOW.dll
2010-06-25 14:28:55 ----A---- C:\Windows\system32\SRSTSXT.dll
2010-06-25 14:28:55 ----A---- C:\Windows\system32\SRSTSHD.dll
2010-06-25 14:28:55 ----A---- C:\Windows\system32\SRSHP360.dll
2010-06-25 14:28:55 ----A---- C:\Windows\SkyTel.exe
2010-06-25 14:28:55 ----A---- C:\Windows\RtlUpd.exe
2010-06-25 14:28:54 ----A---- C:\Windows\system32\RtkPgExt.dll
2010-06-25 14:28:54 ----A---- C:\Windows\system32\RtkCoInst.dll
2010-06-25 14:28:54 ----A---- C:\Windows\system32\RtkApoApi.dll
2010-06-25 14:28:54 ----A---- C:\Windows\system32\RtkAPO.dll
2010-06-25 14:28:54 ----A---- C:\Windows\system32\drivers\RTKVHDA.sys
2010-06-25 14:28:53 ----A---- C:\Windows\RtHDVCpl.exe
2010-06-25 14:28:52 ----D---- C:\Program Files\Realtek
2010-06-25 14:28:38 ----A---- C:\Windows\HideWin.exe
2010-06-25 14:28:37 ----A---- C:\Windows\RtlExUpd.dll
2010-06-25 14:28:30 ----D---- C:\DOCS
2010-06-25 14:25:41 ----D---- C:\Windows\system32\ENU
2010-06-25 14:25:41 ----D---- C:\Windows\SoftwareDistribution
2010-06-25 14:25:40 ----D---- C:\Windows\system32\Lang
2010-06-25 14:25:40 ----A---- C:\Windows\system32\imsmudlg.exe
2010-06-25 14:25:39 ----A---- C:\Windows\system32\difxapi.dll
2010-06-25 14:25:37 ----A---- C:\Windows\system32\drivers\iaStor.sys
2010-06-25 14:19:43 ----SHD---- C:\System Volume Information
2010-06-25 14:19:43 ----ASH---- C:\pagefile.sys
2010-06-25 07:45:40 ----A---- C:\Windows\system32\winipsec.dll
2010-06-25 07:45:39 ----A---- C:\Windows\system32\polstore.dll
2010-06-25 07:42:37 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-06-25 07:42:37 ----A---- C:\Windows\system32\drivers\srv.sys
2010-06-25 07:36:01 ----A---- C:\Windows\system32\TCPSVCS.EXE
2010-06-25 07:36:01 ----A---- C:\Windows\system32\netiohlp.dll
2010-06-25 07:36:01 ----A---- C:\Windows\system32\netevent.dll
2010-06-25 07:36:01 ----A---- C:\Windows\system32\MRINFO.EXE
2010-06-25 07:36:01 ----A---- C:\Windows\system32\HOSTNAME.EXE
2010-06-25 07:36:01 ----A---- C:\Windows\system32\finger.exe
2010-06-25 07:36:00 ----A---- C:\Windows\system32\ROUTE.EXE
2010-06-25 07:36:00 ----A---- C:\Windows\system32\NETSTAT.EXE
2010-06-25 07:36:00 ----A---- C:\Windows\system32\ARP.EXE
2010-06-25 07:31:10 ----A---- C:\Windows\system32\L2SecHC.dll
2010-06-25 07:31:08 ----A---- C:\Windows\system32\wlansvc.dll
2010-06-25 07:31:08 ----A---- C:\Windows\system32\wlansec.dll
2010-06-25 07:31:08 ----A---- C:\Windows\system32\wlanmsm.dll
2010-06-25 07:31:08 ----A---- C:\Windows\system32\wlanhlp.dll
2010-06-25 07:31:08 ----A---- C:\Windows\system32\wlanapi.dll
2010-06-25 07:31:03 ----A---- C:\Windows\system32\gatherWirelessInfo.vbs
2010-06-25 07:29:42 ----A---- C:\Windows\system32\msxml3.dll
2010-06-25 07:29:40 ----A---- C:\Windows\system32\msxml6.dll
2010-06-25 07:29:39 ----A---- C:\Windows\system32\msxml3r.dll
2010-06-25 07:29:37 ----A---- C:\Windows\system32\msxml6r.dll
2010-06-25 07:28:15 ----A---- C:\Windows\system32\wdigest.dll
2010-06-25 07:28:15 ----A---- C:\Windows\system32\secur32.dll
2010-06-25 07:28:15 ----A---- C:\Windows\system32\msv1_0.dll
2010-06-25 07:28:15 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2010-06-25 07:28:14 ----A---- C:\Windows\system32\lsass.exe
2010-06-25 07:28:14 ----A---- C:\Windows\system32\lsasrv.dll
2010-06-25 07:26:41 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2010-06-25 07:26:41 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2010-06-25 07:26:40 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2010-06-25 07:01:07 ----A---- C:\Windows\system32\localspl.dll
2010-06-25 06:21:31 ----A---- C:\Windows\system32\INETRES.dll
2010-06-25 06:21:14 ----A---- C:\Windows\system32\msasn1.dll
2010-06-25 06:20:04 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2010-06-25 06:14:37 ----D---- C:\sa200f3v250
2010-06-25 06:12:11 ----D---- C:\Users\James Raphael\AppData\Roaming\WinBatch
2010-06-25 06:01:28 ----D---- C:\Windows\Minidump
2010-06-25 05:46:13 ----D---- C:\Users\James Raphael\AppData\Roaming\Uniblue
2010-06-25 05:17:18 ----D---- C:\Users\James Raphael\AppData\Roaming\SoftMaker
2010-06-25 05:17:15 ----D---- C:\Program Files\SoftMaker Office 2010
2010-06-25 05:11:47 ----N---- C:\Windows\system32\MpSigStub.exe
2010-06-25 04:56:50 ----A---- C:\Windows\system32\printcom.dll
2010-06-25 04:55:28 ----A---- C:\Windows\system32\wshrm.dll
2010-06-25 04:54:29 ----A---- C:\Windows\system32\wmpdxm.dll
2010-06-25 04:52:52 ----A---- C:\Windows\system32\msdrm.dll
2010-06-25 04:52:50 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-06-25 04:52:50 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-06-25 04:52:49 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-06-25 04:52:49 ----A---- C:\Windows\system32\secproc.dll
2010-06-25 04:52:49 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-06-25 04:52:49 ----A---- C:\Windows\system32\RMActivate.exe
2010-06-25 04:52:48 ----A---- C:\Windows\system32\secproc_isv.dll
2010-06-25 04:52:48 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-06-25 04:44:10 ----A---- C:\Windows\system32\rpcrt4.dll
2010-06-25 04:43:33 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-06-25 04:42:54 ----A---- C:\Windows\system32\rastls.dll
2010-06-25 04:39:49 ----A---- C:\Windows\system32\WSDApi.dll
2010-06-25 04:37:20 ----A---- C:\Windows\system32\msvidc32.dll
2010-06-25 04:37:20 ----A---- C:\Windows\system32\msvfw32.dll
2010-06-25 04:37:20 ----A---- C:\Windows\system32\mciavi32.dll
2010-06-25 04:37:20 ----A---- C:\Windows\system32\avifil32.dll
2010-06-25 04:37:20 ----A---- C:\Windows\system32\avicap32.dll
2010-06-25 04:37:19 ----A---- C:\Windows\system32\quartz.dll
2010-06-25 04:37:19 ----A---- C:\Windows\system32\msrle32.dll
2010-06-25 04:37:18 ----A---- C:\Windows\system32\tsbyuv.dll
2010-06-25 04:37:18 ----A---- C:\Windows\system32\msyuv.dll
2010-06-25 04:37:18 ----A---- C:\Windows\system32\iyuv_32.dll
2010-06-25 04:35:06 ----A---- C:\Windows\system32\unregmp2.exe
2010-06-25 04:35:02 ----A---- C:\Windows\system32\wmploc.DLL
2010-06-25 04:35:00 ----A---- C:\Windows\system32\wmp.dll
2010-06-25 04:34:59 ----A---- C:\Windows\system32\spwmp.dll
2010-06-25 04:34:58 ----A---- C:\Windows\system32\dxmasf.dll
2010-06-25 04:30:40 ----D---- C:\Users\James Raphael\AppData\Roaming\Malwarebytes
2010-06-25 04:30:28 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-06-25 04:30:19 ----D---- C:\ProgramData\Malwarebytes
2010-06-25 04:30:18 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-06-25 04:30:16 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-06-25 04:27:55 ----D---- C:\Program Files\DAEMON Tools Toolbar
2010-06-25 04:26:26 ----A---- C:\Windows\system32\drivers\sptd.sys
2010-06-25 04:25:54 ----D---- C:\Program Files\DAEMON Tools Lite
2010-06-25 04:25:41 ----D---- C:\Users\James Raphael\AppData\Roaming\DAEMON Tools Lite
2010-06-25 04:25:38 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-06-25 03:46:38 ----A---- C:\Windows\system32\nshhttp.dll
2010-06-25 03:46:38 ----A---- C:\Windows\system32\httpapi.dll
2010-06-25 03:46:38 ----A---- C:\Windows\system32\drivers\http.sys
2010-06-25 03:30:48 ----D---- C:\ProgramData\ESET
2010-06-25 03:30:48 ----D---- C:\Program Files\ESET
2010-06-25 00:36:19 ----A---- C:\Windows\system32\wintrust.dll
2010-06-25 00:35:46 ----A---- C:\Windows\system32\cabview.dll
2010-06-25 00:25:14 ----A---- C:\Windows\system32\wucltux.dll
2010-06-25 00:25:13 ----A---- C:\Windows\system32\wups2.dll
2010-06-25 00:25:13 ----A---- C:\Windows\system32\wuaueng.dll
2010-06-25 00:25:13 ----A---- C:\Windows\system32\wuauclt.exe
2010-06-25 00:24:53 ----A---- C:\Windows\system32\wups.dll
2010-06-25 00:24:53 ----A---- C:\Windows\system32\wudriver.dll
2010-06-25 00:24:53 ----A---- C:\Windows\system32\wuapi.dll
2010-06-25 00:24:36 ----A---- C:\Windows\system32\wuwebv.dll
2010-06-25 00:24:36 ----A---- C:\Windows\system32\wuapp.exe
2010-06-25 00:20:28 ----D---- C:\Users\James Raphael\AppData\Roaming\Adobe
2010-06-25 00:12:00 ----A---- C:\Windows\system32\capicom.dll
2010-06-25 00:11:51 ----D---- C:\ProgramData\Symantec
2010-06-25 00:10:37 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-06-24 23:58:59 ----D---- C:\Users\James Raphael\AppData\Roaming\ATI
2010-06-24 23:52:47 ----A---- C:\Windows\system32\drivers\UVCFTR_S.SYS
2010-06-24 23:52:44 ----D---- C:\Program Files\Camera Assistant Software for Toshiba
2010-06-24 23:51:33 ----D---- C:\Program Files\Common Files\Toshiba Shared
2010-06-24 23:51:17 ----A---- C:\Windows\system32\drivers\tos_sps32.sys
2010-06-24 23:51:16 ----D---- C:\Users\James Raphael\AppData\Roaming\InstallShield
2010-06-24 23:47:48 ----D---- C:\Users\James Raphael\AppData\Roaming\toshiba
2010-06-24 23:45:55 ----D---- C:\Program Files\Protector Suite QL
2010-06-24 23:45:16 ----D---- C:\ProgramData\UIB
2010-06-24 23:40:52 ----D---- C:\Program Files\ATI Technologies
2010-06-24 23:39:55 ----D---- C:\Program Files\ATI
2010-06-24 23:38:32 ----D---- C:\Users\James Raphael\AppData\Roaming\Identities
2010-06-24 23:38:10 ----D---- C:\Users\James Raphael\AppData\Roaming\Media Center Programs
2010-06-24 23:38:09 ----SD---- C:\Users\James Raphael\AppData\Roaming\Microsoft

======List of files/folders modified in the last 3 months======

2010-07-19 16:10:18 ----D---- C:\Windows\Temp
2010-07-19 16:10:00 ----D---- C:\Windows\Prefetch
2010-07-19 15:47:03 ----AD---- C:\Windows\System32
2010-07-19 15:47:02 ----D---- C:\Windows\inf
2010-07-19 15:47:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-18 21:08:41 ----D---- C:\Windows
2010-07-16 03:03:13 ----SHD---- C:\Windows\Installer
2010-07-16 03:03:13 ----SD---- C:\ProgramData\Microsoft
2010-07-16 02:57:04 ----RD---- C:\Program Files
2010-07-16 01:26:29 ----D---- C:\Windows\Debug
2010-07-15 03:14:31 ----D---- C:\Windows\winsxs
2010-07-15 03:01:20 ----D---- C:\Windows\system32\catroot
2010-07-15 03:01:05 ----D---- C:\Program Files\Windows Mail
2010-07-14 20:58:01 ----D---- C:\Windows\system32\catroot2
2010-07-14 00:35:11 ----D---- C:\Windows\rescache
2010-07-14 00:31:59 ----D---- C:\Windows\Microsoft.NET
2010-07-14 00:15:30 ----RSD---- C:\Windows\assembly
2010-07-14 00:01:17 ----D---- C:\Windows\system32\drivers
2010-07-14 00:00:32 ----D---- C:\Windows\system32\en-US
2010-07-14 00:00:32 ----D---- C:\Windows\PolicyDefinitions
2010-07-13 03:57:55 ----D---- C:\Windows\system32\drivers\UMDF
2010-07-13 03:52:02 ----D---- C:\Windows\system32\drivers\en-US
2010-07-13 03:52:01 ----D---- C:\Windows\system32\wbem
2010-07-12 21:32:35 ----HD---- C:\Windows\msdownld.tmp
2010-07-12 21:32:34 ----D---- C:\Program Files\Internet Explorer
2010-07-12 18:53:37 ----HD---- C:\ProgramData
2010-07-12 18:31:02 ----D---- C:\Program Files\Common Files\microsoft shared
2010-07-12 18:27:20 ----D---- C:\Program Files\Common Files
2010-07-12 02:30:52 ----D---- C:\Windows\system32\Tasks
2010-07-11 22:38:09 ----D---- C:\Windows\system32\LogFiles
2010-07-05 03:04:44 ----SD---- C:\Windows\Downloaded Program Files
2010-07-05 03:04:24 ----RSD---- C:\Windows\Fonts
2010-07-05 00:17:42 ----D---- C:\Program Files\Common Files\InstallShield
2010-07-04 09:03:43 ----D---- C:\Windows\system32\config
2010-07-04 09:03:35 ----D---- C:\Windows\Tasks
2010-07-04 09:03:35 ----D---- C:\Windows\system32\spool
2010-07-04 09:03:34 ----D---- C:\Windows\system32\Msdtc
2010-07-04 09:03:28 ----D---- C:\Windows\registration
2010-07-02 17:00:58 ----D---- C:\Windows\system32\WDI
2010-07-02 12:39:06 ----A---- C:\Windows\system32\mrt.exe
2010-06-30 09:58:22 ----D---- C:\Windows\system32\CodeIntegrity
2010-06-29 18:38:53 ----D---- C:\Windows\system32\uk-UA
2010-06-29 18:38:53 ----D---- C:\Windows\system32\pt-PT
2010-06-29 18:38:53 ----D---- C:\Windows\system32\pt-BR
2010-06-29 18:38:53 ----D---- C:\Windows\system32\pl-PL
2010-06-29 18:38:53 ----D---- C:\Windows\system32\ko-KR
2010-06-29 18:38:53 ----D---- C:\Windows\system32\it-IT
2010-06-29 18:38:53 ----D---- C:\Windows\system32\hu-HU
2010-06-29 18:38:53 ----D---- C:\Windows\system32\hr-HR
2010-06-29 18:38:53 ----D---- C:\Windows\system32\he-IL
2010-06-29 18:38:53 ----D---- C:\Windows\system32\bg-BG
2010-06-29 18:38:52 ----D---- C:\Windows\system32\zh-TW
2010-06-29 18:38:52 ----D---- C:\Windows\system32\zh-HK
2010-06-29 18:38:52 ----D---- C:\Windows\system32\zh-CN
2010-06-29 18:38:52 ----D---- C:\Windows\system32\tr-TR
2010-06-29 18:38:52 ----D---- C:\Windows\system32\th-TH
2010-06-29 18:38:52 ----D---- C:\Windows\system32\sv-SE
2010-06-29 18:38:52 ----D---- C:\Windows\system32\sr-Latn-CS
2010-06-29 18:38:52 ----D---- C:\Windows\system32\sl-SI
2010-06-29 18:38:52 ----D---- C:\Windows\system32\sk-SK
2010-06-29 18:38:52 ----D---- C:\Windows\system32\nl-NL
2010-06-29 18:38:52 ----D---- C:\Windows\system32\lv-LV
2010-06-29 18:38:52 ----D---- C:\Windows\system32\lt-LT
2010-06-29 18:38:52 ----D---- C:\Windows\system32\fr-FR
2010-06-29 18:38:52 ----D---- C:\Windows\system32\fi-FI
2010-06-29 18:38:52 ----D---- C:\Windows\system32\et-EE
2010-06-29 18:38:52 ----D---- C:\Windows\system32\es-ES
2010-06-29 18:38:52 ----D---- C:\Windows\system32\el-GR
2010-06-29 18:38:52 ----D---- C:\Windows\system32\de-DE
2010-06-29 18:38:52 ----D---- C:\Windows\system32\cs-CZ
2010-06-29 18:38:51 ----D---- C:\Windows\system32\ru-RU
2010-06-29 18:38:51 ----D---- C:\Windows\system32\ro-RO
2010-06-29 18:38:51 ----D---- C:\Windows\system32\nb-NO
2010-06-29 18:38:51 ----D---- C:\Windows\system32\ja-JP
2010-06-29 18:38:51 ----D---- C:\Windows\system32\da-DK
2010-06-29 18:38:51 ----D---- C:\Windows\system32\ar-SA
2010-06-26 23:24:15 ----D---- C:\Windows\Logs
2010-06-26 20:12:55 ----D---- C:\Windows\AppPatch
2010-06-26 20:12:53 ----D---- C:\Windows\ehome
2010-06-26 20:12:50 ----D---- C:\Windows\system32\migration
2010-06-26 19:29:10 ----SHD---- C:\Boot
2010-06-26 19:21:08 ----D---- C:\Program Files\Windows Calendar
2010-06-26 19:21:07 ----D---- C:\Program Files\Movie Maker
2010-06-26 19:21:05 ----D---- C:\Program Files\Windows Sidebar
2010-06-26 19:21:04 ----D---- C:\Program Files\Windows Media Player
2010-06-26 19:21:04 ----D---- C:\Program Files\Windows Collaboration
2010-06-26 19:21:03 ----D---- C:\Program Files\Windows Journal
2010-06-26 19:21:01 ----D---- C:\Program Files\Windows Photo Gallery
2010-06-26 19:21:01 ----D---- C:\Program Files\Common Files\System
2010-06-26 19:20:57 ----D---- C:\Windows\servicing
2010-06-26 19:20:57 ----D---- C:\Program Files\Windows Defender
2010-06-26 19:20:33 ----D---- C:\Windows\system32\XPSViewer
2010-06-26 19:20:33 ----D---- C:\Windows\IME
2010-06-26 19:20:24 ----AD---- C:\Windows\system32\oobe
2010-06-26 19:20:21 ----D---- C:\Windows\system32\AdvancedInstallers
2010-06-26 19:20:20 ----D---- C:\Windows\system32\setup
2010-06-26 19:20:19 ----D---- C:\Windows\system32\SLUI
2010-06-26 19:20:18 ----D---- C:\Windows\system32\manifeststore
2010-06-26 19:20:18 ----D---- C:\Windows\system32\en
2010-06-26 19:20:09 ----D---- C:\Windows\system32\migwiz
2010-06-26 19:18:54 ----D---- C:\Windows\system32\Boot
2010-06-26 19:08:05 ----A---- C:\Windows\fonts\GlobalUserInterface.CompositeFont
2010-06-26 18:10:14 ----ASH---- C:\Program Files\desktop.ini
2010-06-26 17:57:20 ----D---- C:\Windows\MSAgent
2010-06-26 17:57:10 ----D---- C:\Windows\L2Schemas
2010-06-26 17:57:10 ----D---- C:\Windows\DigitalLocker
2010-06-26 17:57:06 ----D---- C:\Windows\system32\com
2010-06-26 17:56:30 ----D---- C:\Windows\system32\sysprep
2010-06-26 17:56:17 ----D---- C:\Windows\system32\ias
2010-06-26 17:52:40 ----D---- C:\Windows\Boot
2010-06-26 17:36:57 ----A---- C:\Windows\system32\ifxcardm.dll
2010-06-26 17:36:51 ----A---- C:\Windows\system32\axaltocm.dll
2010-06-25 20:29:11 ----D---- C:\Windows\system32\ras
2010-06-25 20:29:09 ----D---- C:\Windows\system32\icsxml
2010-06-25 14:33:22 ----D---- C:\Program Files\Intel
2010-06-25 14:28:38 ----D---- C:\Windows\system32\restore
2010-06-25 14:26:02 ----D---- C:\Windows\Panther
2010-06-25 06:12:20 ----AD---- C:\TOSHIBA
2010-06-25 06:12:19 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-25 04:18:19 ----D---- C:\ProgramData\Microsoft Help
2010-06-25 04:17:08 ----D---- C:\Windows\ShellNew
2010-06-25 04:05:35 ----A---- C:\Windows\win.ini
2010-06-25 02:55:25 ----D---- C:\Windows\system32\NDF
2010-06-24 23:53:33 ----AD---- C:\TOSAPINS
2010-06-24 23:51:34 ----D---- C:\ProgramData\Toshiba
2010-06-24 23:51:32 ----D---- C:\Program Files\Toshiba
2010-06-24 23:38:50 ----SHD---- C:\$Recycle.Bin
2010-06-24 23:38:09 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-02-13 277784]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-06-10 45648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-06-25 691696]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2007-04-27 285184]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2005-08-02 64896]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2009-02-06 92800]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-05-16 2602496]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-04-25 1771944]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2010-04-29 20952]
R3 NETw4v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-18 8192]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-10 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-08-14 203312]
R3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys [2006-12-03 39056]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-19 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-01-24 290304]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-11 41600]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2009-06-01 9728]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-04-16 11776]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-01-10 221696]
S3 ah5ghaz3;ah5ghaz3; C:\Windows\system32\drivers\ah5ghaz3.sys []
S3 bautopw;BUFFALO eco manager for HD Filter; C:\Windows\system32\drivers\bautopw.sys [2009-02-27 8960]
S3 bfturboh;BUFFALO TurboUSB for HD Filter; C:\Windows\system32\drivers\bfturboh.sys [2008-02-12 17152]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb.sys [2008-05-20 22784]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2007-02-23 113920]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2006-11-21 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2007-03-02 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2007-01-23 53376]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-03-01 41344]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbser;Nokia USB Serial Port; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-10 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-05-16 602112]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-15 40960]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-03-07 643072]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
R2 pinger;pinger; C:\TOSHIBA\IVP\ISM\pinger.exe [2007-01-25 136816]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-03-07 327680]
R2 Swupdtmr;Swupdtmr; c:\TOSHIBA\IVP\swupdate\swupdtmr.exe [2007-10-23 66928]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2007-05-17 114688]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-26 114688]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2007-03-29 427576]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-26 125048]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-06-14 1051976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-24 49152]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-12-06 362992]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2009-07-08 313840]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2009-07-08 170480]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-02-06 20680]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-02-12 355096]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-12-06 88560]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2009-07-08 1108464]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-04-27 611840]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-06-25 435016]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0. 30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCac he_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------


Thanks for replying to my post, Jintan. I really need some help regarding this problem that's been a bother to me since 3 months ago. I followed all your instructions, but there is a problem while using GMER. During scans, sometimes the program was not responding, the computer freezes, or blue screen appeared. I also run it as an admininstrator but still no good. I dont know what happened, but if you said that no program must be running, I have this tuneup utilites 2010 that can't be closed. Please help..

[James2010]

info.txt logfile of random's system information tool 1.08 2010-07-19 16:11:03

======Uninstall list======

-->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\ Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\ Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x9
Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A80000000002}
BlackBerry Desktop Software 5.0.1-->MsiExec.exe /i{CE86E2F5-850C-4207-94A3-A58D647B1733}
BlackBerry Desktop Software 5.0.1-->MsiExec.exe /I{CE86E2F5-850C-4207-94A3-A58D647B1733}
BlackBerry Device Software Updater-->MsiExec.exe /X{B2F3FB19-D848-479C-818E-130ABC9366DB}
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
BUFFALO eco Manager for HD-->C:\Windows\UN080616.EXE /U
BUFFALO TurboUSB for FLASH/HDD-->C:\Windows\UN070618.EXE /U
Camera Assistant Software for Toshiba-->C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\SETUP.exe -runfromtemp -l0x0009
ccc-Branding-->MsiExec.exe /I{7B601689-E7E0-4923-ADAC-C959249E1C5D}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CD/DVD Drive Acoustic Silencer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32 \Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\SETUP.EXE" -l0x9
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
DVD MovieFactory for TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\ Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\SETUP.EXE" -l0x9
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Intel Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
Intel(R) PROSet/Wireless Software-->C:\Windows\Installer\iProInst.exe
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
K-Lite Codec Pack 5.9.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
mCore-->MsiExec.exe /I{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}
mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Cl ient\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{1B9B5B3B-28E7-4E59-A80D-D670AA984514}
Nokia PC Suite-->C:\ProgramData\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_eng_web.exe
Nokia PC Suite-->MsiExec.exe /I{19DC9559-9C20-4A46-A67D-7ECBA52A2788}
Nokia Software Updater-->MsiExec.exe /X{09C468CA-2940-466A-AAE8-DCC0C6E9323C}
PC Connectivity Solution-->MsiExec.exe /I{DCD22647-6D31-479D-8F97-16D0AA934D9E}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Roxio Media Manager-->MsiExec.exe /X{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
Security Update for Windows Media Encoder (KB979332)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={950E24CA-CA7E-4606-8F0D-DEDBC94F2A1E} /qb
SoftMaker Office 2010-->MsiExec.exe /X{8EBB8452-274B-465D-8324-00B0832FBB00}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\Program Files\InstallShield Installation Information\{DB780B85-B4B5-4864-A49C-9B706B169C93}\setup.exe -runfromtemp -l0x0409
TOSHIBA Assist-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32 \Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\SETUP.EXE" -l0x9
TOSHIBA ConfigFree-->C:\Program Files\InstallShield Installation Information\{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}\setup.exe -runfromtemp -l0x0009 uninstall -removeonly
TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}
TOSHIBA DVD PLAYER-->C:\Program Files\InstallShield Installation Information\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}\setup.exe -runfromtemp -l0x0009 -ADDREMOVE -removeonly
TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\SETUP.EXE -runfromtemp -l0x0409
TOSHIBA Hardware Setup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32 \Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BFC85CDC-BD7C-4FDD-9507-8D74B5A79404}\setup.exe" -l0x9
TOSHIBA Recovery Disc Creator-->MsiExec.exe /X{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}
TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}
TOSHIBA Software Modem-->Tosmreg -U
TOSHIBA Software Upgrades-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32 \Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{425A2BC2-AA64-4107-9C29-484245BBEA05}\setup.exe" -l0x9 -removeonly
TOSHIBA Speech System Applications-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,Lau nchSetup "C:\Program Files\InstallShield Installation Information\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}\Setup.exe" -l0x9
TOSHIBA Speech System SR Engine(U.S.) Version1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,Lau nchSetup "C:\Program Files\InstallShield Installation Information\{008D69EB-70FF-46AB-9C75-924620DF191A}\Setup.exe" -l0x9 UNINSTALL
TOSHIBA Speech System TTS Engine(U.S.) Version1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,Lau nchSetup "C:\Program Files\InstallShield Installation Information\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}\Setup.exe" -l0x9
TOSHIBA Supervisor Password-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32 \Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BDF38E0-1A7F-4220-B4B7-118DD45E5E13}\setup.exe" -l0x9
TOSHIBA Value Added Package-->C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x0409
TuneUp Utilities-->C:\Program Files\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.4)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_ 3a2e1afb\nokbtmdm.inf
Windows Driver Package - Nokia Modem (10/05/2009 4.2)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetoo th.inf_d5bc047a\nokia_bluetooth.inf
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218 321B27B044D3B18294\pccsmcfd.inf
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}

======Security center information======

AV: ESET NOD32 Antivirus 4.0
AS: ESET NOD32 Antivirus 4.0
AS: Windows Defender

======System event log======

Computer Name: JamesRaphael-PC
Event Code: 4374
Message: Windows Servicing identified that package KB936330(Service Pack) is not applicable for this system
Record Number: 48419
Source Name: Microsoft-Windows-Servicing
Time Written: 20100626055230.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: JamesRaphael-PC
Event Code: 4374
Message: Windows Servicing identified that package KB936330(Service Pack) is not applicable for this system
Record Number: 48418
Source Name: Microsoft-Windows-Servicing
Time Written: 20100626055230.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: JamesRaphael-PC
Event Code: 4374
Message: Windows Servicing identified that package KB936330(Service Pack) is not applicable for this system
Record Number: 48417
Source Name: Microsoft-Windows-Servicing
Time Written: 20100626055229.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: JamesRaphael-PC
Event Code: 4374
Message: Windows Servicing identified that package KB936330(Service Pack) is not applicable for this system
Record Number: 48415
Source Name: Microsoft-Windows-Servicing
Time Written: 20100626055229.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: JamesRaphael-PC
Event Code: 4374
Message: Windows Servicing identified that package KB936330(Service Pack) is not applicable for this system
Record Number: 48411
Source Name: Microsoft-Windows-Servicing
Time Written: 20100626055228.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: JamesRaphael-PC
Event Code: 8194
Message: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005. This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {4ee2b7e6-fc7f-453d-8298-57c05d680ca0}
Record Number: 760
Source Name: VSS
Time Written: 20100624155119.000000-000
Event Type: Error
User:

Computer Name: JamesRaphael-PC
Event Code: 8194
Message: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005. This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {4ee2b7e6-fc7f-453d-8298-57c05d680ca0}
Record Number: 744
Source Name: VSS
Time Written: 20100624154635.000000-000
Event Type: Error
User:

Computer Name: JamesRaphael-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
9 user registry handles leaked from \Registry\User\S-1-5-21-413216974-2798007561-2290988551-1000:
Process 516 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-413216974-2798007561-2290988551-1000
Process 372 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-413216974-2798007561-2290988551-1000
Process 372 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-413216974-2798007561-2290988551-1000
Process 372 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-413216974-2798007561-2290988551-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 372 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-413216974-2798007561-2290988551-1000\Software\Microsoft\SystemCertificates\trust
Process 372 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-413216974-2798007561-2290988551-1000\Software\Microsoft\SystemCertificates\Root
Process 372 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-413216974-2798007561-2290988551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer
Process 372 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-413216974-2798007561-2290988551-1000\Software\Policies\Microsoft\SystemCertificates
Process 372 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-413216974-2798007561-2290988551-1000\Software\Microsoft\SystemCertificates\CA

Record Number: 715
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20100624154400.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: JamesRaphael-PC
Event Code: 1008
Message: The Windows Search Service is attempting to remove the old catalog.

Record Number: 541
Source Name: Microsoft-Windows-Search
Time Written: 20100625063513.000000-000
Event Type: Warning
User:

Computer Name: TOSHIBA-UDV4XA9
Event Code: 1036
Message: InitializePrintProvider failed for provider inetpp.dll. This can occur because of system instability or a lack of system resources.
Record Number: 523
Source Name: Microsoft-Windows-SpoolerSpoolss
Time Written: 20100625062528.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: TOSHIBA-UDV4XA9
Event Code: 4608
Message: Windows is starting up.

This event is logged when LSASS.EXE starts and the auditing subsystem is initialized.
Record Number: 639
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100625062153.685349-000
Event Type: Audit Success
User:

Computer Name: TOSHIBA-UDV4XA9
Event Code: 4634
Message: An account was logged off.

Subject:
Security ID: S-1-5-7
Account Name: ANONYMOUS LOGON
Account Domain: NT AUTHORITY
Logon ID: 0x1b7f1

Logon Type: 3

This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.
Record Number: 638
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20070529004424.935400-000
Event Type: Audit Success
User:

Computer Name: TOSHIBA-UDV4XA9
Event Code: 4616
Message: The system time was changed.

Subject:
Security ID: S-1-5-19
Account Name: LOCAL SERVICE
Account Domain: NT AUTHORITY
Logon ID: 0x3e5

Process Information:
Process ID: 0x43c
Name: C:\Windows\System32\svchost.exe

Previous Time: 5:44:24 PM 5/28/2007
New Time: 5:44:24 PM 5/28/2007

This event is generated when the system time is changed. It is normal for the Windows Time Service, which runs with System privilege, to change the system time on a regular basis. Other system time changes may be indicative of attempts to tamper with the computer.
Record Number: 637
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20070529004424.639000-000
Event Type: Audit Success
User:

Computer Name: TOSHIBA-UDV4XA9
Event Code: 1100
Message: The event logging service has shut down.
Record Number: 636
Source Name: Microsoft-Windows-Eventlog
Time Written: 20070529004424.717000-000
Event Type: Audit Success
User:

Computer Name: TOSHIBA-UDV4XA9
Event Code: 1102
Message: The audit log was cleared.
Subject:
Security ID: S-1-5-21-1360841613-3868712250-1679091415-500
Account Name: Administrator
Domain Name: TOSHIBA-UDV4XA9
Logon ID: 0x2271f
Record Number: 635
Source Name: Microsoft-Windows-Eventlog
Time Written: 20070529004318.043462-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\PC Connectivity Solution\;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System3 2\Wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Prog ram Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;. MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=2
"configsetroot"=%SystemRoot%\ConfigSetRoot
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\ Modules\

-----------------EOF-----------------

Thanks for replying to my post, Jintan. I really need some help regarding this problem that's been a bother to me since 3 months ago. I followed all your instructions, but there is a problem while using GMER. During scans, sometimes the program was not responding, the computer freezes, or blue screen appeared. I also run it as an admininstrator but still no good. I dont know what happened, but if you said that no program must be running, I have this tuneup utilites 2010 that can't be closed. Please help..

[Jintan]

Lately problems like you experienced running Gmer suggest a type of rootkit that is difficult to pick up. One other scan please:


Download Gmer's mbr.exe from here and place it on your C drive (so the file is then C:\mbr.exe).

Go to Start Search, type cmd.exe in the Start Search box. Cmd.exe will appear at the top of the Menu. Rightclick on it and choose "Run as administrator". At the prompt copy/paste the following, pressing Enter after:

cd\

mbr.exe -t

Then type exit and press Enter to close the command window.

The report created in the command window will have been saved to C:\mbr.log. Locate that and post it here please.

[James2010]

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys spqa.sys >>UNKNOWN [0x855D6938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\atapi -> 0x8561f1f8
Warning: possible MBR rootkit infection !
user & kernel MBR OK
Use "Recovery Console" command "fixmbr" to clear infection !


Is my computer infected?

[Jintan]

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys spqa.sys >>UNKNOWN [0x855D6938]<<

Daemon Tools. It uses a type of rootkit function that appears in some of our scans similar to TDSS rootkit variants. We will need it out of the way in order to verify if there really is any malicious rootkits installed.

Please download DeFogger to your desktop.

Double click DeFogger to run the tool.

Click the Disable button to disable your CD Emulation drivers, then click Yes to continue.

When the 'Finished!' message appears just click OK.

DeFogger will now ask to reboot the machine - click OK.

DeFogger will create a defogger_disable log on your desktop - post this in your next reply please.

Note: Do not re-enable these drivers until otherwise instructed.

-----------

Run the same mbr.exe -t command, and post that new log please.

[James2010]

Lately, the random shutdown problems becomes much worse. Always during a cold start.., at toshiba loading screen, it shutdown and then starts up again., sometimes 2 consecutive times, sometimes even more until it can load upto Windows completely. Can you tell me what is happenning to my computer?, can it be fix? and what will the worst that will happen if that continues?, I really need an advise.. Thanks..

---------

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys
kernel: MBR read successfully
user & kernel MBR OK


-------

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:28 on 21/07/2010 (James Raphael)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-

[Jintan]

It was necessary to do that mbr.exe check, so we can eliminate a certain type of rootkit, that alters a boot level driver file. And causes errors similar to hardware issues very often. The mbr.log looks clear though.

Your scenario about the shutdowns is almost reverse of what would be expected. More often these occur under heavy load, when things like cpu cooling are involved. Yes, unexpected shutdowns can cause other issues, like file system corruption on the hard drive, so needs to be addressed. In web checking for similar problems this discussion of others with the same laptop and problem Shows some of the different methods they have tried. I tend to lean towards this being some power related issue, so this info from that thread may be what you should check on for now:

After a bit of head scratching, I went into control panel/power options.There I went to .... change plan settings/change advanced power settings. Scroll down to Toshiba power saver settings ( mine was version V8.02.00) and clicked cooling method, the Plugged in setting I changed from maximum performance to Battery Optimized.

[James2010]

It took me 9 times to finish this reply, those unexpected freezes keeps bothering me. It becomes more frequent now. I'll make it quick before another freeze happens.. you said about files being left after uninstall, especially norton.. Is that causing problems to my system? How can I remove it? What causes those bothersome freezes? Any programs or something involved? Any tips how to rid of my computer of them completely? Many thanks for the help..