Logfile of random's system information tool 1.06 (written by random/random)
Run by Brandon at 2010-01-21 22:23:33
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 107 GB (73%) free of 146 GB
Total RAM: 2045 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:24:08 PM, on 1/21/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Ventrilo\Ventrilo.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Brandon\Documents\RSIT.exe
C:\Program Files\trend micro\Brandon.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptopR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O13 - Gopher Prefix:
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
--
End of file - 3589 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-09 35840]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-01-30 13605408]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-01-30 92704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2006-11-28 46704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-17 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe -quiet []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-09 148888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WAWifiMessage]
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\READER~1.0\Reader\READER~1.EXE [2006-10-23 40048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE [2006-10-23 734872]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 3 months======
2010-01-21 22:23:35 ----D---- C:\Program Files\trend micro
2010-01-21 22:23:33 ----D---- C:\rsit
2010-01-21 13:00:31 ----D---- C:\ProgramData\vsosdk
2010-01-21 12:23:48 ----D---- C:\Users\Brandon\AppData\Roaming\Vso
2010-01-21 12:22:53 ----D---- C:\Program Files\ConvertX
2010-01-19 19:27:00 ----D---- C:\Windows\system32\?j???j?j?j?j?j?j
2010-01-19 13:42:58 ----A---- C:\Windows\IsUninst.exe
2010-01-18 00:14:29 ----A---- C:\Windows\system32\t2embed.dll
2010-01-18 00:14:29 ----A---- C:\Windows\system32\fontsub.dll
2010-01-07 02:56:56 ----D---- C:\Users\Brandon\AppData\Roaming\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
2010-01-07 02:23:03 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-01-07 02:23:03 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-01-07 02:23:02 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-01-07 02:23:02 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-01-07 02:23:01 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-01-07 02:22:53 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-01-07 02:20:05 ----D---- C:\Program Files\Riot Games
2010-01-04 21:30:35 ----D---- C:\Users\Brandon\AppData\Roaming\TeamViewer
2009-12-30 21:49:33 ----A---- C:\Windows\system32\lssexp.dll
2009-12-23 14:52:34 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-23 14:52:33 ----A---- C:\Windows\system32\httpapi.dll
2009-12-23 14:51:04 ----A---- C:\Windows\system32\mshtml.dll
2009-12-23 14:51:04 ----A---- C:\Windows\system32\ieframe.dll
2009-12-23 14:51:02 ----A---- C:\Windows\system32\wininet.dll
2009-12-23 14:51:02 ----A---- C:\Windows\system32\urlmon.dll
2009-12-23 14:51:02 ----A---- C:\Windows\system32\occache.dll
2009-12-23 14:51:02 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-23 14:51:02 ----A---- C:\Windows\system32\iertutil.dll
2009-12-23 14:51:02 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-23 14:51:01 ----A---- C:\Windows\system32\msfeedssync.exe
2009-12-23 14:51:01 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-12-23 14:51:01 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-23 14:51:01 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-23 14:51:01 ----A---- C:\Windows\system32\ieui.dll
2009-12-23 14:51:01 ----A---- C:\Windows\system32\iesysprep.dll
2009-12-23 14:51:01 ----A---- C:\Windows\system32\iesetup.dll
2009-12-23 14:51:01 ----A---- C:\Windows\system32\iernonce.dll
2009-12-23 14:51:01 ----A---- C:\Windows\system32\iepeers.dll
2009-12-23 14:51:01 ----A---- C:\Windows\system32\ie4uinit.exe
2009-12-23 14:51:00 ----A---- C:\Windows\system32\winhttp.dll
2009-12-23 14:50:00 ----A---- C:\Windows\system32\rastls.dll
2009-12-23 14:41:48 ----D---- C:\Program Files\CCleaner
2009-12-11 22:48:05 ----D---- C:\Windows\system32\ErrorLogs
2009-12-11 21:35:57 ----D---- C:\Users\Brandon\AppData\Roaming\Uniblue
2009-12-04 22:59:33 ----A---- C:\Windows\system32\tzres.dll
2009-12-04 22:59:08 ----A---- C:\Windows\system32\msxml6.dll
2009-12-04 22:59:07 ----A---- C:\Windows\system32\msxml3.dll
2009-12-02 14:52:54 ----D---- C:\Users\Brandon\AppData\Roaming\Mozilla
2009-11-25 17:38:29 ----D---- C:\ProgramData\Avira
2009-11-25 17:38:29 ----D---- C:\Program Files\Avira
2009-11-21 15:43:25 ----D---- C:\Users\Brandon\AppData\Roaming\LAIM
2009-11-21 15:43:20 ----D---- C:\Program Files\AIM Lite
2009-11-16 19:50:43 ----D---- C:\Windows\Minidump
2009-11-15 10:01:50 ----D---- C:\ProgramData\TuneUp Software
2009-11-15 10:01:41 ----SHD---- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2009-11-14 14:52:48 ----A---- C:\Windows\system32\wups2.dll
2009-11-14 14:52:48 ----A---- C:\Windows\system32\wucltux.dll
2009-11-14 14:52:48 ----A---- C:\Windows\system32\wuaueng.dll
2009-11-14 14:52:48 ----A---- C:\Windows\system32\wuauclt.exe
2009-11-14 14:52:33 ----A---- C:\Windows\system32\wups.dll
2009-11-14 14:52:33 ----A---- C:\Windows\system32\wudriver.dll
2009-11-14 14:52:33 ----A---- C:\Windows\system32\wuapi.dll
2009-11-14 14:52:26 ----A---- C:\Windows\system32\wuwebv.dll
2009-11-14 14:52:26 ----A---- C:\Windows\system32\wuapp.exe
2009-11-11 11:09:54 ----D---- C:\Program Files\Windows Portable Devices
2009-11-11 11:09:34 ----A---- C:\Windows\system32\UIAnimation.dll
2009-11-11 11:09:33 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-11-11 11:09:33 ----A---- C:\Windows\system32\UIRibbon.dll
2009-11-11 11:09:19 ----A---- C:\Windows\system32\WMPhoto.dll
2009-11-11 11:09:19 ----A---- C:\Windows\system32\cdd.dll
2009-11-11 11:09:18 ----A---- C:\Windows\system32\xpsservices.dll
2009-11-11 11:09:18 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-11-11 11:09:18 ----A---- C:\Windows\system32\XpsPrint.dll
2009-11-11 11:09:18 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-11-11 11:09:18 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-11-11 11:09:18 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-11-11 11:09:18 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-11-11 11:09:18 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-11-11 11:09:18 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-11-11 11:09:18 ----A---- C:\Windows\system32\OpcServices.dll
2009-11-11 11:09:18 ----A---- C:\Windows\system32\FntCache.dll
2009-11-11 11:09:18 ----A---- C:\Windows\system32\dxdiagn.dll
2009-11-11 11:09:18 ----A---- C:\Windows\system32\dxdiag.exe
2009-11-11 11:09:18 ----A---- C:\Windows\system32\DWrite.dll
2009-11-11 11:09:18 ----A---- C:\Windows\system32\d3d10warp.dll
2009-11-11 11:09:18 ----A---- C:\Windows\system32\d2d1.dll
2009-11-11 11:09:17 ----A---- C:\Windows\system32\dxgi.dll
2009-11-11 11:09:17 ----A---- C:\Windows\system32\d3d11.dll
2009-11-11 11:09:17 ----A---- C:\Windows\system32\d3d10level9.dll
2009-11-11 11:09:17 ----A---- C:\Windows\system32\d3d10core.dll
2009-11-11 11:09:17 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-11-11 11:09:17 ----A---- C:\Windows\system32\d3d10_1.dll
2009-11-11 11:09:17 ----A---- C:\Windows\system32\d3d10.dll
2009-11-11 11:09:04 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-11-11 11:09:04 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-11-11 11:09:04 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-11-11 11:09:03 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-11-11 11:09:02 ----A---- C:\Windows\system32\WPDSp.dll
2009-11-11 11:09:02 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-11-11 11:09:02 ----A---- C:\Windows\system32\wpdshext.dll
2009-11-11 11:09:02 ----A---- C:\Windows\system32\wpd_ci.dll
2009-11-11 11:09:02 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-11-11 11:09:02 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-11-11 11:09:02 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-11-11 11:09:02 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-11-11 11:08:30 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-11-11 11:08:30 ----A---- C:\Windows\system32\oleaccrc.dll
2009-11-11 11:08:30 ----A---- C:\Windows\system32\oleacc.dll
2009-11-11 10:58:04 ----D---- C:\Windows\system32\eu-ES
2009-11-11 10:58:04 ----D---- C:\Windows\system32\ca-ES
2009-11-11 10:58:03 ----D---- C:\Windows\system32\vi-VN
2009-11-11 10:11:41 ----D---- C:\Windows\system32\EventProviders
2009-11-11 10:11:19 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-11-11 10:11:16 ----A---- C:\Windows\system32\SLsvc.exe
2009-11-11 10:11:16 ----A---- C:\Windows\system32\SLCExt.dll
2009-11-11 10:11:14 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-11-11 10:11:14 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-11-11 10:11:13 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-11-11 10:11:11 ----A---- C:\Windows\system32\mssrch.dll
2009-11-11 10:11:09 ----A---- C:\Windows\system32\tquery.dll
2009-11-11 10:11:08 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-11-11 10:11:08 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-11-11 10:11:07 ----A---- C:\Windows\system32\scavenge.dll
2009-11-11 10:11:07 ----A---- C:\Windows\system32\RMActivate.exe
2009-11-11 10:11:06 ----A---- C:\Windows\system32\msi.dll
2009-11-11 10:11:06 ----A---- C:\Windows\system32\imapi2fs.dll
2009-11-11 10:11:05 ----A---- C:\Windows\system32\WscEapPr.dll
2009-11-11 10:11:05 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-11-11 10:11:05 ----A---- C:\Windows\system32\sysmain.dll
2009-11-11 10:11:05 ----A---- C:\Windows\system32\secproc_isv.dll
2009-11-11 10:11:03 ----A---- C:\Windows\system32\icardagt.exe
2009-11-11 10:11:03 ----A---- C:\Windows\system32\EhStorShell.dll
2009-11-11 10:11:03 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-11-11 10:11:02 ----A---- C:\Windows\system32\spreview.exe
2009-11-11 10:11:01 ----A---- C:\Windows\system32\spwizui.dll
2009-11-11 10:11:01 ----A---- C:\Windows\system32\spinstall.exe
2009-11-11 10:11:01 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-11-11 10:11:01 ----A---- C:\Windows\system32\drmv2clt.dll
2009-11-11 10:11:00 ----A---- C:\Windows\system32\shell32.dll
2009-11-11 10:11:00 ----A---- C:\Windows\system32\secproc.dll
2009-11-11 10:10:59 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-11-11 10:10:59 ----A---- C:\Windows\system32\p2psvc.dll
2009-11-11 10:10:59 ----A---- C:\Windows\system32\mssvp.dll
2009-11-11 10:10:58 ----A---- C:\Windows\system32\mssphtb.dll
2009-11-11 10:10:58 ----A---- C:\Windows\system32\mssph.dll
2009-11-11 10:10:58 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2009-11-11 10:10:58 ----A---- C:\Windows\system32\mscoree.dll
2009-11-11 10:10:58 ----A---- C:\Windows\system32\imapi2.dll
2009-11-11 10:10:57 ----A---- C:\Windows\system32\sdohlp.dll
2009-11-11 10:10:57 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-11-11 10:10:57 ----A---- C:\Windows\system32\esent.dll
2009-11-11 10:10:57 ----A---- C:\Windows\system32\DevicePairing.dll
2009-11-11 10:10:56 ----A---- C:\Windows\system32\wevtsvc.dll
2009-11-11 10:10:56 ----A---- C:\Windows\system32\sperror.dll
2009-11-11 10:10:56 ----A---- C:\Windows\system32\SLC.dll
2009-11-11 10:10:56 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-11-11 10:10:56 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-11-11 10:10:56 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-11-11 10:10:56 ----A---- C:\Windows\system32\korwbrkr.dll
2009-11-11 10:10:56 ----A---- C:\Windows\system32\IasMigReader.exe
2009-11-11 10:10:55 ----A---- C:\Windows\system32\msshsq.dll
2009-11-11 10:10:54 ----A---- C:\Windows\system32\msjet40.dll
2009-11-11 10:10:54 ----A---- C:\Windows\system32\MPSSVC.dll
2009-11-11 10:10:53 ----A---- C:\Windows\system32\Query.dll
2009-11-11 10:10:53 ----A---- C:\Windows\system32\qmgr.dll
2009-11-11 10:10:52 ----A---- C:\Windows\system32\P2PGraph.dll
2009-11-11 10:10:52 ----A---- C:\Windows\system32\ole32.dll
2009-11-11 10:10:52 ----A---- C:\Windows\system32\ntdll.dll
2009-11-11 10:10:52 ----A---- C:\Windows\system32\msexch40.dll
2009-11-11 10:10:52 ----A---- C:\Windows\system32\diagperf.dll
2009-11-11 10:10:51 ----A---- C:\Windows\system32\winload.exe
2009-11-11 10:10:51 ----A---- C:\Windows\system32\srchadmin.dll
2009-11-11 10:10:51 ----A---- C:\Windows\system32\mblctr.exe
2009-11-11 10:10:51 ----A---- C:\Windows\system32\EncDec.dll
2009-11-11 10:10:50 ----A---- C:\Windows\system32\uDWM.dll
2009-11-11 10:10:50 ----A---- C:\Windows\system32\riched20.dll
2009-11-11 10:10:50 ----A---- C:\Windows\system32\mmc.exe
2009-11-11 10:10:50 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-11-11 10:10:49 ----A---- C:\Windows\system32\RacEngn.dll
2009-11-11 10:10:49 ----A---- C:\Windows\system32\kernel32.dll
2009-11-11 10:10:49 ----A---- C:\Windows\system32\fdBth.dll
2009-11-11 10:10:48 ----A---- C:\Windows\system32\spoolss.dll
2009-11-11 10:10:48 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-11-11 10:10:48 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-11-11 10:10:48 ----A---- C:\Windows\system32\schedsvc.dll
2009-11-11 10:10:48 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-11-11 10:10:48 ----A---- C:\Windows\system32\milcore.dll
2009-11-11 10:10:48 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-11-11 10:10:48 ----A---- C:\Windows\system32\CertEnroll.dll
2009-11-11 10:10:47 ----A---- C:\Windows\system32\msvcp60.dll
2009-11-11 10:10:47 ----A---- C:\Windows\system32\msjtes40.dll
2009-11-11 10:10:47 ----A---- C:\Windows\system32\infocardapi.dll
2009-11-11 10:10:47 ----A---- C:\Windows\system32\gpedit.dll
2009-11-11 10:10:47 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-11-11 10:10:46 ----A---- C:\Windows\system32\WinSAT.exe
2009-11-11 10:10:46 ----A---- C:\Windows\system32\es.dll
2009-11-11 10:10:45 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-11-11 10:10:45 ----A---- C:\Windows\system32\mstext40.dll
2009-11-11 10:10:45 ----A---- C:\Windows\system32\Magnify.exe
2009-11-11 10:10:45 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-11-11 10:10:45 ----A---- C:\Windows\system32\advapi32.dll
2009-11-11 10:10:44 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-11-11 10:10:44 ----A---- C:\Windows\system32\WebClnt.dll
2009-11-11 10:10:44 ----A---- C:\Windows\system32\vssapi.dll
2009-11-11 10:10:44 ----A---- C:\Windows\system32\slwmi.dll
2009-11-11 10:10:44 ----A---- C:\Windows\system32\msxbde40.dll
2009-11-11 10:10:44 ----A---- C:\Windows\system32\msexcl40.dll
2009-11-11 10:10:44 ----A---- C:\Windows\system32\comsvcs.dll
2009-11-11 10:10:43 ----A---- C:\Windows\system32\PresentationHost.exe
2009-11-11 10:10:43 ----A---- C:\Windows\system32\NetProjW.dll
2009-11-11 10:10:43 ----A---- C:\Windows\system32\msrepl40.dll
2009-11-11 10:10:43 ----A---- C:\Windows\system32\authui.dll
2009-11-11 10:10:42 ----A---- C:\Windows\system32\propsys.dll
2009-11-11 10:10:42 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-11-11 10:10:42 ----A---- C:\Windows\system32\newdev.dll
2009-11-11 10:10:42 ----A---- C:\Windows\system32\iasrecst.dll
2009-11-11 10:10:42 ----A---- C:\Windows\system32\gpsvc.dll
2009-11-11 10:10:42 ----A---- C:\Windows\system32\eudcedit.exe
2009-11-11 10:10:42 ----A---- C:\Windows\system32\crypt32.dll
2009-11-11 10:10:42 ----A---- C:\Windows\explorer.exe
2009-11-11 10:10:41 ----A---- C:\Windows\system32\setupapi.dll
2009-11-11 10:10:41 ----A---- C:\Windows\system32\rpcss.dll
2009-11-11 10:10:41 ----A---- C:\Windows\system32\mspbde40.dll
2009-11-11 10:10:41 ----A---- C:\Windows\system32\davclnt.dll
2009-11-11 10:10:41 ----A---- C:\Windows\system32\d3d9.dll
2009-11-11 10:10:40 ----A---- C:\Windows\system32\shlwapi.dll
2009-11-11 10:10:40 ----A---- C:\Windows\system32\msrd3x40.dll
2009-11-11 10:10:40 ----A---- C:\Windows\system32\msltus40.dll
2009-11-11 10:10:40 ----A---- C:\Windows\system32\msdtctm.dll
2009-11-11 10:10:40 ----A---- C:\Windows\system32\mfc42.dll
2009-11-11 10:10:40 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-11-11 10:10:40 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-11-11 10:10:40 ----A---- C:\Windows\system32\browseui.dll
2009-11-11 10:10:39 ----A---- C:\Windows\system32\wevtapi.dll
2009-11-11 10:10:39 ----A---- C:\Windows\system32\user32.dll
2009-11-11 10:10:39 ----A---- C:\Windows\system32\photowiz.dll
2009-11-11 10:10:39 ----A---- C:\Windows\system32\nlhtml.dll
2009-11-11 10:10:38 ----A---- C:\Windows\system32\win32spl.dll
2009-11-11 10:10:38 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-11-11 10:10:38 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-11-11 10:10:38 ----A---- C:\Windows\system32\samsrv.dll
2009-11-11 10:10:38 ----A---- C:\Windows\system32\quartz.dll
2009-11-11 10:10:38 ----A---- C:\Windows\system32\oleaut32.dll
2009-11-11 10:10:38 ----A---- C:\Windows\system32\ci.dll
2009-11-11 10:10:37 ----A---- C:\Windows\system32\netshell.dll
2009-11-11 10:10:37 ----A---- C:\Windows\system32\mswstr10.dll
2009-11-11 10:10:37 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-11-11 10:10:37 ----A---- C:\Windows\system32\compcln.exe
2009-11-11 10:10:37 ----A---- C:\Windows\system32\apds.dll
2009-11-11 10:10:36 ----A---- C:\Windows\system32\xmlfilter.dll
2009-11-11 10:10:36 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-11-11 10:10:36 ----A---- C:\Windows\system32\msvcrt.dll
2009-11-11 10:10:36 ----A---- C:\Windows\system32\msctf.dll
2009-11-11 10:10:36 ----A---- C:\Windows\system32\gdi32.dll
2009-11-11 10:10:36 ----A---- C:\Windows\system32\emdmgmt.dll
2009-11-11 10:10:36 ----A---- C:\Windows\system32\audiosrv.dll
2009-11-11 10:10:35 ----A---- C:\Windows\system32\VSSVC.exe
2009-11-11 10:10:35 ----A---- C:\Windows\system32\mfc42u.dll
2009-11-11 10:10:35 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-11-11 10:10:34 ----A---- C:\Windows\system32\SLUI.exe
2009-11-11 10:10:34 ----A---- C:\Windows\system32\eapphost.dll
2009-11-11 10:10:33 ----A---- C:\Windows\system32\winresume.exe
2009-11-11 10:10:33 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-11-11 10:10:33 ----A---- C:\Windows\system32\shdocvw.dll
2009-11-11 10:10:33 ----A---- C:\Windows\system32\propdefs.dll
2009-11-11 10:10:33 ----A---- C:\Windows\system32\odbc32.dll
2009-11-11 10:10:33 ----A---- C:\Windows\system32\msrd2x40.dll
2009-11-11 10:10:32 ----A---- C:\Windows\system32\wevtutil.exe
2009-11-11 10:10:32 ----A---- C:\Windows\system32\mssitlb.dll
2009-11-11 10:10:32 ----A---- C:\Windows\system32\dbgeng.dll
2009-11-11 10:10:31 ----A---- C:\Windows\system32\WsmSvc.dll
2009-11-11 10:10:31 ----A---- C:\Windows\system32\swprv.dll
2009-11-11 10:10:31 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-11-11 10:10:30 ----A---- C:\Windows\system32\vds.exe
2009-11-11 10:10:30 ----A---- C:\Windows\system32\usp10.dll
2009-11-11 10:10:30 ----A---- C:\Windows\system32\netlogon.dll
2009-11-11 10:10:30 ----A---- C:\Windows\system32\msctfp.dll
2009-11-11 10:10:30 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-11-11 10:10:30 ----A---- C:\Windows\system32\drvinst.exe
2009-11-11 10:10:30 ----A---- C:\Windows\system32\devmgr.dll
2009-11-11 10:10:29 ----A---- C:\Windows\system32\Wldap32.dll
2009-11-11 10:10:29 ----A---- C:\Windows\system32\wcnwiz.dll
2009-11-11 10:10:29 ----A---- C:\Windows\system32\msscb.dll
2009-11-11 10:10:29 ----A---- C:\Windows\system32\evr.dll
2009-11-11 10:10:29 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-11-11 10:10:29 ----A---- C:\Windows\system32\BFE.DLL
2009-11-11 10:10:29 ----A---- C:\Windows\system32\adsldpc.dll
2009-11-11 10:10:28 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-11-11 10:10:28 ----A---- C:\Windows\system32\wercon.exe
2009-11-11 10:10:28 ----A---- C:\Windows\system32\wcncsvc.dll
2009-11-11 10:10:28 ----A---- C:\Windows\system32\services.exe
2009-11-11 10:10:28 ----A---- C:\Windows\system32\mimefilt.dll
2009-11-11 10:10:28 ----A---- C:\Windows\system32\comdlg32.dll
2009-11-11 10:10:28 ----A---- C:\Windows\system32\adtschema.dll
2009-11-11 10:10:27 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-11-11 10:10:27 ----A---- C:\Windows\system32\w32time.dll
2009-11-11 10:10:27 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-11-11 10:10:27 ----A---- C:\Windows\system32\taskeng.exe
2009-11-11 10:10:27 ----A---- C:\Windows\system32\rtffilt.dll
2009-11-11 10:10:27 ----A---- C:\Windows\system32\reg.exe
2009-11-11 10:10:27 ----A---- C:\Windows\system32\mswdat10.dll
2009-11-11 10:10:27 ----A---- C:\Windows\system32\msshooks.dll
2009-11-11 10:10:27 ----A---- C:\Windows\system32\msscntrs.dll
2009-11-11 10:10:27 ----A---- C:\Windows\system32\msjter40.dll
2009-11-11 10:10:27 ----A---- C:\Windows\system32\msdtcprx.dll
2009-11-11 10:10:27 ----A---- C:\Windows\system32\msdrm.dll
2009-11-11 10:10:27 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-11-11 10:10:27 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-11-11 10:10:27 ----A---- C:\Windows\system32\dnsapi.dll
2009-11-11 10:10:27 ----A---- C:\Windows\system32\certutil.exe
2009-11-11 10:10:27 ----A---- C:\Windows\system32\certcli.dll
2009-11-11 10:10:27 ----A---- C:\Windows\system32\bthserv.dll
2009-11-11 10:10:27 ----A---- C:\Windows\system32\bcrypt.dll
2009-11-11 10:10:26 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-11-11 10:10:26 ----A---- C:\Windows\system32\rsaenh.dll
2009-11-11 10:10:26 ----A---- C:\Windows\system32\netapi32.dll
2009-11-11 10:10:26 ----A---- C:\Windows\system32\mtxclu.dll
2009-11-11 10:10:26 ----A---- C:\Windows\system32\msstrc.dll
2009-11-11 10:10:26 ----A---- C:\Windows\system32\msihnd.dll
2009-11-11 10:10:26 ----A---- C:\Windows\system32\mscories.dll
2009-11-11 10:10:26 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-11-11 10:10:26 ----A---- C:\Windows\system32\inetpp.dll
2009-11-11 10:10:26 ----A---- C:\Windows\system32\inetcomm.dll
2009-11-11 10:10:26 ----A---- C:\Windows\system32\hidserv.dll
2009-11-11 10:10:26 ----A---- C:\Windows\system32\fundisc.dll
2009-11-11 10:10:26 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-11-11 10:10:26 ----A---- C:\Windows\system32\dfshim.dll
2009-11-11 10:10:26 ----A---- C:\Windows\system32\cryptsvc.dll
2009-11-11 10:10:25 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-11-11 10:10:25 ----A---- C:\Windows\system32\wdc.dll
2009-11-11 10:10:25 ----A---- C:\Windows\system32\termsrv.dll
2009-11-11 10:10:25 ----A---- C:\Windows\system32\shsvcs.dll
2009-11-11 10:10:25 ----A---- C:\Windows\system32\rasmans.dll
2009-11-11 10:10:25 ----A---- C:\Windows\system32\profsvc.dll
2009-11-11 10:10:25 ----A---- C:\Windows\system32\msiexec.exe
2009-11-11 10:10:25 ----A---- C:\Windows\system32\imapi.dll
2009-11-11 10:10:25 ----A---- C:\Windows\system32\iassdo.dll
2009-11-11 10:10:25 ----A---- C:\Windows\system32\chsbrkr.dll
2009-11-11 10:10:24 ----A---- C:\Windows\system32\wersvc.dll
2009-11-11 10:10:24 ----A---- C:\Windows\system32\spoolsv.exe
2009-11-11 10:10:24 ----A---- C:\Windows\system32\slmgr.vbs
2009-11-11 10:10:24 ----A---- C:\Windows\system32\scrrun.dll
2009-11-11 10:10:24 ----A---- C:\Windows\system32\PSHED.DLL
2009-11-11 10:10:24 ----A---- C:\Windows\system32\pnidui.dll
2009-11-11 10:10:24 ----A---- C:\Windows\system32\pdh.dll
2009-11-11 10:10:24 ----A---- C:\Windows\system32\icardres.dll
2009-11-11 10:10:24 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-11-11 10:10:24 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-11-11 10:10:24 ----A---- C:\Windows\system32\azroles.dll
2009-11-11 10:10:24 ----A---- C:\Windows\system32\autofmt.exe
2009-11-11 10:10:23 ----A---- C:\Windows\system32\wmpmde.dll
2009-11-11 10:10:23 ----A---- C:\Windows\system32\winlogon.exe
2009-11-11 10:10:23 ----A---- C:\Windows\system32\SyncCenter.dll
2009-11-11 10:10:23 ----A---- C:\Windows\system32\pidgenx.dll
2009-11-11 10:10:22 ----A---- C:\Windows\system32\SLUINotify.dll
2009-11-11 10:10:22 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-11-11 10:10:22 ----A---- C:\Windows\system32\comuid.dll
2009-11-11 10:10:21 ----A---- C:\Windows\system32\wisptis.exe
2009-11-11 10:10:21 ----A---- C:\Windows\system32\untfs.dll
2009-11-11 10:10:21 ----A---- C:\Windows\system32\taskcomp.dll
2009-11-11 10:10:21 ----A---- C:\Windows\system32\spp.dll
2009-11-11 10:10:21 ----A---- C:\Windows\system32\sethc.exe
2009-11-11 10:10:21 ----A---- C:\Windows\system32\scrobj.dll
2009-11-11 10:10:21 ----A---- C:\Windows\system32\rtutils.dll
2009-11-11 10:10:21 ----A---- C:\Windows\system32\ncrypt.dll
2009-11-11 10:10:21 ----A---- C:\Windows\system32\kd1394.dll
2009-11-11 10:10:21 ----A---- C:\Windows\system32\iassam.dll
2009-11-11 10:10:21 ----A---- C:\Windows\system32\dwm.exe
2009-11-11 10:10:21 ----A---- C:\Windows\system32\certmgr.dll
2009-11-11 10:10:20 ----A---- C:\Windows\system32\winsrv.dll
2009-11-11 10:10:20 ----A---- C:\Windows\system32\printui.dll
2009-11-11 10:10:20 ----A---- C:\Windows\system32\onex.dll
2009-11-11 10:10:20 ----A---- C:\Windows\system32\kdcom.dll
2009-11-11 10:10:20 ----A---- C:\Windows\system32\iasnap.dll
2009-11-11 10:10:20 ----A---- C:\Windows\system32\cscript.exe
2009-11-11 10:10:20 ----A---- C:\Windows\system32\basecsp.dll
2009-11-11 10:10:20 ----A---- C:\Windows\system32\autoconv.exe
2009-11-11 10:10:20 ----A---- C:\Windows\system32\autochk.exe
2009-11-11 10:10:19 ----A---- C:\Windows\system32\wow32.dll
2009-11-11 10:10:19 ----A---- C:\Windows\system32\WinSCard.dll
2009-11-11 10:10:19 ----A---- C:\Windows\system32\winmm.dll
2009-11-11 10:10:19 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-11-11 10:10:19 ----A---- C:\Windows\system32\userenv.dll
2009-11-11 10:10:19 ----A---- C:\Windows\system32\spcmsg.dll
2009-11-11 10:10:19 ----A---- C:\Windows\system32\RelMon.dll
2009-11-11 10:10:19 ----A---- C:\Windows\system32\rdpencom.dll
2009-11-11 10:10:19 ----A---- C:\Windows\system32\osk.exe
2009-11-11 10:10:19 ----A---- C:\Windows\system32\offfilt.dll
2009-11-11 10:10:19 ----A---- C:\Windows\system32\mswsock.dll
2009-11-11 10:10:19 ----A---- C:\Windows\system32\msftedit.dll
2009-11-11 10:10:19 ----A---- C:\Windows\system32\kdusb.dll
2009-11-11 10:10:19 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-11-11 10:10:19 ----A---- C:\Windows\system32\audiodg.exe
2009-11-11 10:10:17 ----A---- C:\Windows\system32\wsepno.dll
2009-11-11 10:10:17 ----A---- C:\Windows\system32\wscript.exe
2009-11-11 10:10:17 ----A---- C:\Windows\system32\wiaservc.dll
2009-11-11 10:10:17 ----A---- C:\Windows\system32\WerFault.exe
2009-11-11 10:10:17 ----A---- C:\Windows\system32\Utilman.exe
2009-11-11 10:10:17 ----A---- C:\Windows\system32\ulib.dll
2009-11-11 10:10:17 ----A---- C:\Windows\system32\sysclass.dll
2009-11-11 10:10:17 ----A---- C:\Windows\system32\stobject.dll
2009-11-11 10:10:17 ----A---- C:\Windows\system32\SndVol.exe
2009-11-11 10:10:17 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-11-11 10:10:17 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-11-11 10:10:17 ----A---- C:\Windows\system32\prnntfy.dll
2009-11-11 10:10:17 ----A---- C:\Windows\system32\odbccp32.dll
2009-11-11 10:10:17 ----A---- C:\Windows\system32\msnetobj.dll
2009-11-11 10:10:17 ----A---- C:\Windows\system32\mscms.dll
2009-11-11 10:10:17 ----A---- C:\Windows\system32\mfplat.dll
2009-11-11 10:10:17 ----A---- C:\Windows\system32\mcmde.dll
2009-11-11 10:10:17 ----A---- C:\Windows\system32\iasdatastore.dll
2009-11-11 10:10:17 ----A---- C:\Windows\system32\dsound.dll
2009-11-11 10:10:17 ----A---- C:\Windows\system32\diskraid.exe
2009-11-11 10:10:17 ----A---- C:\Windows\system32\apphelp.dll
2009-11-11 10:10:17 ----A---- C:\Windows\system32\adsmsext.dll
2009-11-11 10:10:16 ----A---- C:\Windows\system32\wscsvc.dll
2009-11-11 10:10:16 ----A---- C:\Windows\system32\wscntfy.dll
2009-11-11 10:10:16 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-11-11 10:10:16 ----A---- C:\Windows\system32\wlangpui.dll
2009-11-11 10:10:16 ----A---- C:\Windows\system32\vdsdyn.dll
2009-11-11 10:10:16 ----A---- C:\Windows\system32\regsvc.dll
2009-11-11 10:10:16 ----A---- C:\Windows\system32\rastapi.dll
2009-11-11 10:10:16 ----A---- C:\Windows\system32\rasapi32.dll
2009-11-11 10:10:16 ----A---- C:\Windows\system32\pnpsetup.dll
2009-11-11 10:10:16 ----A---- C:\Windows\system32\ntprint.dll
2009-11-11 10:10:16 ----A---- C:\Windows\system32\logman.exe
2009-11-11 10:10:16 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-11-11 10:10:16 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-11-11 10:10:16 ----A---- C:\Windows\system32\iashlpr.dll
2009-11-11 10:10:16 ----A---- C:\Windows\system32\gpapi.dll
2009-11-11 10:10:16 ----A---- C:\Windows\system32\fdProxy.dll
2009-11-11 10:10:16 ----A---- C:\Windows\system32\diskpart.exe
2009-11-11 10:10:16 ----A---- C:\Windows\system32\cryptui.dll
2009-11-11 10:10:16 ----A---- C:\Windows\system32\brcpl.dll
2009-11-11 10:10:15 ----A---- C:\Windows\system32\zipfldr.dll
2009-11-11 10:10:15 ----A---- C:\Windows\system32\wusa.exe
2009-11-11 10:10:15 ----A---- C:\Windows\system32\wsnmp32.dll
2009-11-11 10:10:15 ----A---- C:\Windows\system32\wshext.dll
2009-11-11 10:10:15 ----A---- C:\Windows\system32\wpccpl.dll
2009-11-11 10:10:15 ----A---- C:\Windows\system32\wer.dll
2009-11-11 10:10:15 ----A---- C:\Windows\system32\themecpl.dll
2009-11-11 10:10:15 ----A---- C:\Windows\system32\rasdlg.dll
2009-11-11 10:10:15 ----A---- C:\Windows\system32\netcenter.dll
2009-11-11 10:10:15 ----A---- C:\Windows\system32\mscorier.dll
2009-11-11 10:10:15 ----A---- C:\Windows\system32\iassvcs.dll
2009-11-11 10:10:15 ----A---- C:\Windows\system32\iasrad.dll
2009-11-11 10:10:15 ----A---- C:\Windows\system32\findstr.exe
2009-11-11 10:10:14 ----A---- C:\Windows\system32\uxsms.dll
2009-11-11 10:10:14 ----A---- C:\Windows\system32\tsbyuv.dll
2009-11-11 10:10:14 ----A---- C:\Windows\system32\srvsvc.dll
2009-11-11 10:10:14 ----A---- C:\Windows\system32\slcc.dll
2009-11-11 10:10:14 ----A---- C:\Windows\system32\scansetting.dll
2009-11-11 10:10:14 ----A---- C:\Windows\system32\powrprof.dll
2009-11-11 10:10:14 ----A---- C:\Windows\system32\ntmarta.dll
2009-11-11 10:10:14 ----A---- C:\Windows\system32\msutb.dll
2009-11-11 10:10:14 ----A---- C:\Windows\system32\mstsc.exe
2009-11-11 10:10:14 ----A---- C:\Windows\system32\mstlsapi.dll
2009-11-11 10:10:14 ----A---- C:\Windows\system32\mssprxy.dll
2009-11-11 10:10:14 ----A---- C:\Windows\system32\iasads.dll
2009-11-11 10:10:13 ----A---- C:\Windows\system32\sud.dll
2009-11-11 10:10:13 ----A---- C:\Windows\system32\powercpl.dll
2009-11-11 10:10:13 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-11-11 10:10:13 ----A---- C:\Windows\system32\newdev.exe
2009-11-11 10:10:13 ----A---- C:\Windows\system32\networkmap.dll
2009-11-11 10:10:13 ----A---- C:\Windows\system32\iasacct.dll
2009-11-11 10:10:13 ----A---- C:\Windows\system32\dot3svc.dll
2009-11-11 10:10:13 ----A---- C:\Windows\system32\connect.dll
2009-11-11 10:10:13 ----A---- C:\Windows\system32\authz.dll
2009-11-11 10:10:12 ----A---- C:\Windows\system32\wlanpref.dll
2009-11-11 10:10:12 ----A---- C:\Windows\system32\usercpl.dll
2009-11-11 10:10:12 ----A---- C:\Windows\system32\themeui.dll
2009-11-11 10:10:12 ----A---- C:\Windows\system32\systemcpl.dll
2009-11-11 10:10:12 ----A---- C:\Windows\system32\samlib.dll
2009-11-11 10:10:12 ----A---- C:\Windows\system32\rpchttp.dll
2009-11-11 10:10:12 ----A---- C:\Windows\system32\qdvd.dll
2009-11-11 10:10:12 ----A---- C:\Windows\system32\pcaui.dll
2009-11-11 10:10:12 ----A---- C:\Windows\system32\mmci.dll
2009-11-11 10:10:12 ----A---- C:\Windows\system32\autoplay.dll
2009-11-11 10:10:12 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-11-11 10:10:11 ----A---- C:\Windows\system32\wscisvif.dll
2009-11-11 10:10:11 ----A---- C:\Windows\system32\wpcao.dll
2009-11-11 10:10:11 ----A---- C:\Windows\system32\vdsutil.dll
2009-11-11 10:10:11 ----A---- C:\Windows\system32\tapisrv.dll
2009-11-11 10:10:11 ----A---- C:\Windows\system32\sdclt.exe
2009-11-11 10:10:11 ----A---- C:\Windows\system32\scksp.dll
2009-11-11 10:10:11 ----A---- C:\Windows\system32\scesrv.dll
2009-11-11 10:10:11 ----A---- C:\Windows\system32\scecli.dll
2009-11-11 10:10:11 ----A---- C:\Windows\system32\rekeywiz.exe
2009-11-11 10:10:11 ----A---- C:\Windows\system32\regapi.dll
2009-11-11 10:10:11 ----A---- C:\Windows\system32\rasgcw.dll
2009-11-11 10:10:11 ----A---- C:\Windows\system32\qedit.dll
2009-11-11 10:10:11 ----A---- C:\Windows\system32\psisdecd.dll
2009-11-11 10:10:11 ----A---- C:\Windows\system32\pnpui.dll
2009-11-11 10:10:11 ----A---- C:\Windows\system32\perfdisk.dll
2009-11-11 10:10:11 ----A---- C:\Windows\system32\oleprn.dll
2009-11-11 10:10:11 ----A---- C:\Windows\system32\ncryptui.dll
2009-11-11 10:10:11 ----A---- C:\Windows\system32\msinfo32.exe
2009-11-11 10:10:11 ----A---- C:\Windows\system32\mpr.dll
2009-11-11 10:10:11 ----A---- C:\Windows\system32\imm32.dll
2009-11-11 10:10:11 ----A---- C:\Windows\system32\iaspolcy.dll
2009-11-11 10:10:11 ----A---- C:\Windows\system32\hdwwiz.exe
2009-11-11 10:10:11 ----A---- C:\Windows\system32\feclient.dll
2009-11-11 10:10:11 ----A---- C:\Windows\system32\Faultrep.dll
2009-11-11 10:10:11 ----A---- C:\Windows\system32\dpapimig.exe
2009-11-11 10:10:11 ----A---- C:\Windows\system32\dot3msm.dll
2009-11-11 10:10:11 ----A---- C:\Windows\system32\DeviceEject.exe
2009-11-11 10:10:11 ----A---- C:\Windows\system32\certreq.exe
2009-11-11 10:10:11 ----A---- C:\Windows\system32\AudioSes.dll
2009-11-11 10:10:10 ----A---- C:\Windows\system32\whealogr.dll
2009-11-11 10:10:10 ----A---- C:\Windows\system32\TSTheme.exe
2009-11-11 10:10:10 ----A---- C:\Windows\system32\tcpmon.dll
2009-11-11 10:10:10 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-11-11 10:10:10 ----A---- C:\Windows\system32\spwinsat.dll
2009-11-11 10:10:10 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-11-11 10:10:10 ----A---- C:\Windows\system32\rasplap.dll
2009-11-11 10:10:10 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-11-11 10:10:10 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-11-11 10:10:10 ----A---- C:\Windows\system32\fdWSD.dll
2009-11-11 10:10:10 ----A---- C:\Windows\system32\cmmon32.exe
2009-11-11 10:10:09 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-11-11 10:10:09 ----A---- C:\Windows\system32\wlanui.dll
2009-11-11 10:10:09 ----A---- C:\Windows\system32\wiaaut.dll
2009-11-11 10:10:09 ----A---- C:\Windows\system32\srcore.dll
2009-11-11 10:10:09 ----A---- C:\Windows\system32\SnippingTool.exe
2009-11-11 10:10:09 ----A---- C:\Windows\system32\shwebsvc.dll
2009-11-11 10:10:09 ----A---- C:\Windows\system32\shsetup.dll
2009-11-11 10:10:09 ----A---- C:\Windows\system32\SCardSvr.dll
2009-11-11 10:10:09 ----A---- C:\Windows\system32\rasppp.dll
2009-11-11 10:10:09 ----A---- C:\Windows\system32\rasmontr.dll
2009-11-11 10:10:09 ----A---- C:\Windows\system32\raschap.dll
2009-11-11 10:10:09 ----A---- C:\Windows\system32\PnPutil.exe
2009-11-11 10:10:09 ----A---- C:\Windows\system32\oobefldr.dll
2009-11-11 10:10:09 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-11-11 10:10:09 ----A---- C:\Windows\system32\mscandui.dll
2009-11-11 10:10:09 ----A---- C:\Windows\system32\modemui.dll
2009-11-11 10:10:09 ----A---- C:\Windows\system32\fontext.dll
2009-11-11 10:10:09 ----A---- C:\Windows\system32\dsprop.dll
2009-11-11 10:10:09 ----A---- C:\Windows\system32\dimsroam.dll
2009-11-11 10:10:09 ----A---- C:\Windows\system32\conime.exe
2009-11-11 10:10:09 ----A---- C:\Windows\system32\cmdial32.dll
2009-11-11 10:10:09 ----A---- C:\Windows\system32\chtbrkr.dll
2009-11-11 10:10:08 ----A---- C:\Windows\system32\WSDMon.dll
2009-11-11 10:10:08 ----A---- C:\Windows\system32\wscapi.dll
2009-11-11 10:10:08 ----A---- C:\Windows\system32\wpcsvc.dll
2009-11-11 10:10:08 ----A---- C:\Windows\system32\wmpeffects.dll
2009-11-11 10:10:08 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-11-11 10:10:08 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-11-11 10:10:08 ----A---- C:\Windows\system32\smss.exe
2009-11-11 10:10:08 ----A---- C:\Windows\system32\rdpwsx.dll
2009-11-11 10:10:08 ----A---- C:\Windows\system32\networkexplorer.dll
2009-11-11 10:10:08 ----A---- C:\Windows\system32\netplwiz.dll
2009-11-11 10:10:08 ----A---- C:\Windows\system32\msscp.dll
2009-11-11 10:10:08 ----A---- C:\Windows\system32\msimtf.dll
2009-11-11 10:10:08 ----A---- C:\Windows\system32\logagent.exe
2009-11-11 10:10:08 ----A---- C:\Windows\system32\InkEd.dll
2009-11-11 10:10:08 ----A---- C:\Windows\system32\ifmon.dll
2009-11-11 10:10:08 ----A---- C:\Windows\system32\gpresult.exe
2009-11-11 10:10:08 ----A---- C:\Windows\system32\dataclen.dll
2009-11-11 10:10:08 ----A---- C:\Windows\system32\credui.dll
2009-11-11 10:10:08 ----A---- C:\Windows\system32\cipher.exe
2009-11-11 10:10:08 ----A---- C:\Windows\system32\certprop.dll
2009-11-11 10:10:08 ----A---- C:\Windows\system32\blackbox.dll
2009-11-11 10:10:07 ----A---- C:\Windows\system32\wshbth.dll
2009-11-11 10:10:07 ----A---- C:\Windows\system32\version.dll
2009-11-11 10:10:07 ----A---- C:\Windows\system32\thawbrkr.dll
2009-11-11 10:10:07 ----A---- C:\Windows\system32\softkbd.dll
2009-11-11 10:10:07 ----A---- C:\Windows\system32\SLLUA.exe
2009-11-11 10:10:07 ----A---- C:\Windows\system32\sendmail.dll
2009-11-11 10:10:07 ----A---- C:\Windows\system32\puiapi.dll
2009-11-11 10:10:07 ----A---- C:\Windows\system32\olepro32.dll
2009-11-11 10:10:07 ----A---- C:\Windows\system32\msjint40.dll
2009-11-11 10:10:07 ----A---- C:\Windows\system32\msisip.dll
2009-11-11 10:10:07 ----A---- C:\Windows\system32\msctfui.dll
2009-11-11 10:10:07 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-11-11 10:10:07 ----A---- C:\Windows\system32\mprapi.dll
2009-11-11 10:10:07 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-11-11 10:10:07 ----A---- C:\Windows\system32\l2nacp.dll
2009-11-11 10:10:07 ----A---- C:\Windows\system32\input.dll
2009-11-11 10:10:07 ----A---- C:\Windows\system32\fdSSDP.dll
2009-11-11 10:10:07 ----A---- C:\Windows\system32\fc.exe
2009-11-11 10:10:07 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-11-11 10:10:07 ----A---- C:\Windows\system32\eapp3hst.dll
2009-11-11 10:10:07 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-11-11 10:10:07 ----A---- C:\Windows\system32\dmusic.dll
2009-11-11 10:10:07 ----A---- C:\Windows\system32\dmsynth.dll
2009-11-11 10:10:07 ----A---- C:\Windows\system32\cscapi.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\wsdchngr.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\winrnr.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\vdmdbg.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\tscupgrd.exe
2009-11-11 10:10:06 ----A---- C:\Windows\system32\Storprop.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\slwga.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\slcinst.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\rasdial.exe
2009-11-11 10:10:06 ----A---- C:\Windows\system32\rasdiag.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\odbcconf.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\ocsetup.exe
2009-11-11 10:10:06 ----A---- C:\Windows\system32\nslookup.exe
2009-11-11 10:10:06 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\NcdProp.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\mmcico.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\midimap.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\iscsilog.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\ipconfig.exe
2009-11-11 10:10:06 ----A---- C:\Windows\system32\inetppui.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\hbaapi.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\gpupdate.exe
2009-11-11 10:10:06 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\ftp.exe
2009-11-11 10:10:06 ----A---- C:\Windows\system32\fdWCN.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\fdeploy.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\eappgnui.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\eappcfg.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\dot3cfg.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\csrstub.exe
2009-11-11 10:10:06 ----A---- C:\Windows\system32\cscdll.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\cbsra.exe
2009-11-11 10:10:06 ----A---- C:\Windows\system32\bthudtask.exe
2009-11-11 10:10:06 ----A---- C:\Windows\system32\bthci.dll
2009-11-11 10:10:06 ----A---- C:\Windows\system32\bitsigd.dll
2009-11-11 10:10:05 ----A---- C:\Windows\system32\msimsg.dll
2009-11-11 10:10:05 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-11-11 10:09:58 ----A---- C:\Windows\system32\SmiEngine.dll
2009-11-11 10:09:57 ----A---- C:\Windows\system32\wdscore.dll
2009-11-11 10:09:57 ----A---- C:\Windows\system32\PkgMgr.exe
2009-11-11 10:09:56 ----A---- C:\Windows\system32\drvstore.dll
2009-11-11 09:46:30 ----A---- C:\Windows\system32\wmp.dll
2009-11-11 09:46:26 ----A---- C:\Windows\system32\unregmp2.exe
2009-11-11 09:46:25 ----A---- C:\Windows\system32\wmploc.DLL
2009-11-11 09:46:11 ----A---- C:\Windows\system32\WSDApi.dll
2009-11-06 21:22:43 ----A---- C:\Windows\system32\GEARAspi.dll
2009-11-06 21:22:16 ----D---- C:\Program Files\iPod
2009-11-06 21:22:12 ----D---- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-11-06 21:21:01 ----D---- C:\Program Files\QuickTime
2009-10-23 02:24:20 ----A---- C:\Windows\system32\msv1_0.dll
2009-10-23 02:24:19 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-10-23 02:24:18 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-10-23 02:23:42 ----A---- C:\Windows\system32\msasn1.dll
2009-10-23 02:23:31 ----A---- C:\Windows\system32\WMSPDMOD.DLL
======List of files/folders modified in the last 3 months======
2010-01-21 22:23:58 ----D---- C:\Windows\Prefetch
2010-01-21 22:23:35 ----RD---- C:\Program Files
2010-01-21 22:16:00 ----D---- C:\Program Files\Mozilla Firefox
2010-01-21 21:32:16 ----SHD---- C:\Windows\Installer
2010-01-21 20:23:11 ----D---- C:\Windows\System32
2010-01-21 20:23:11 ----D---- C:\Windows\inf
2010-01-21 20:23:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-01-21 20:18:13 ----D---- C:\Windows\Temp
2010-01-21 20:16:15 ----D---- C:\Program Files\Warcraft III
2010-01-21 13:00:31 ----HD---- C:\ProgramData
2010-01-21 12:21:27 ----D---- C:\Users\Brandon\AppData\Roaming\uTorrent
2010-01-20 18:51:10 ----D---- C:\WINDOWS
2010-01-19 13:51:59 ----A---- C:\Windows\win.ini
2010-01-18 13:27:37 ----D---- C:\Windows\Debug
2010-01-18 11:34:43 ----D---- C:\Users\Brandon\AppData\Roaming\Apple Computer
2010-01-18 00:21:07 ----D---- C:\Windows\winsxs
2010-01-18 00:15:40 ----D---- C:\Windows\system32\catroot
2010-01-18 00:15:36 ----D---- C:\Program Files\Windows Mail
2010-01-18 00:14:22 ----D---- C:\Windows\system32\catroot2
2010-01-15 12:59:07 ----D---- C:\Program Files\WC3Banlist
2010-01-11 20:21:04 ----D---- C:\Program Files\World of Warcraft
2010-01-07 06:28:18 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-01-07 02:22:56 ----D---- C:\Users\Brandon\AppData\Roaming\Adobe
2010-01-07 02:22:56 ----D---- C:\ProgramData\Adobe
2010-01-07 02:22:53 ----D---- C:\Program Files\Common Files
2010-01-07 02:20:05 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-06 04:18:52 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-01-04 21:28:54 ----D---- C:\Windows\system32\drivers
2010-01-04 19:17:46 ----A---- C:\Windows\system32\mrt.exe
2009-12-28 14:43:29 ----D---- C:\Program Files\Hewlett-Packard
2009-12-24 17:21:18 ----SHD---- C:\System Volume Information
2009-12-24 17:21:17 ----D---- C:\Windows\Logs
2009-12-23 20:32:44 ----D---- C:\ProgramData\NVIDIA
2009-12-23 15:20:29 ----D---- C:\Windows\rescache
2009-12-23 14:59:14 ----D---- C:\Windows\system32\migration
2009-12-23 14:59:14 ----D---- C:\Program Files\Internet Explorer
2009-12-23 14:53:16 ----D---- C:\Windows\system32\en-US
2009-12-23 14:43:08 ----D---- C:\Windows\system32\LogFiles
2009-12-09 05:46:12 ----D---- C:\Windows\LiveKernelReports
2009-12-02 15:41:02 ----D---- C:\Windows\Tasks
2009-12-01 19:36:45 ----D---- C:\Windows\system32\Tasks
2009-11-25 17:09:52 ----SD---- C:\Users\Brandon\AppData\Roaming\Microsoft
2009-11-21 15:46:46 ----D---- C:\Program Files\Common Files\AOL
2009-11-21 15:46:27 ----SD---- C:\Windows\Downloaded Program Files
2009-11-18 23:16:56 ----A---- C:\Windows\system32\nvuninst.exe
2009-11-15 19:28:35 ----D---- C:\Windows\HPCPCUninstall-6811507
2009-11-15 10:02:25 ----D---- C:\Program Files\Windows Sidebar
2009-11-11 11:30:33 ----D---- C:\Windows\system32\wbem
2009-11-11 11:10:00 ----D---- C:\Windows\Microsoft.NET
2009-11-11 11:09:59 ----RSD---- C:\Windows\assembly
2009-11-11 11:09:53 ----D---- C:\Windows\system32\zh-TW
2009-11-11 11:09:53 ----D---- C:\Windows\system32\zh-HK
2009-11-11 11:09:53 ----D---- C:\Windows\system32\zh-CN
2009-11-11 11:09:53 ----D---- C:\Windows\system32\uk-UA
2009-11-11 11:09:53 ----D---- C:\Windows\system32\tr-TR
2009-11-11 11:09:53 ----D---- C:\Windows\system32\th-TH
2009-11-11 11:09:53 ----D---- C:\Windows\system32\sv-SE
2009-11-11 11:09:53 ----D---- C:\Windows\system32\sr-Latn-CS
2009-11-11 11:09:53 ----D---- C:\Windows\system32\sl-SI
2009-11-11 11:09:53 ----D---- C:\Windows\system32\sk-SK
2009-11-11 11:09:53 ----D---- C:\Windows\system32\ru-RU
2009-11-11 11:09:53 ----D---- C:\Windows\system32\ro-RO
2009-11-11 11:09:53 ----D---- C:\Windows\system32\pt-PT
2009-11-11 11:09:53 ----D---- C:\Windows\system32\pt-BR
2009-11-11 11:09:53 ----D---- C:\Windows\system32\pl-PL
2009-11-11 11:09:53 ----D---- C:\Windows\system32\nl-NL
2009-11-11 11:09:53 ----D---- C:\Windows\system32\nb-NO
2009-11-11 11:09:53 ----D---- C:\Windows\system32\lv-LV
2009-11-11 11:09:53 ----D---- C:\Windows\system32\lt-LT
2009-11-11 11:09:53 ----D---- C:\Windows\system32\ko-KR
2009-11-11 11:09:53 ----D---- C:\Windows\system32\ja-JP
2009-11-11 11:09:53 ----D---- C:\Windows\system32\it-IT
2009-11-11 11:09:53 ----D---- C:\Windows\system32\hu-HU
2009-11-11 11:09:53 ----D---- C:\Windows\system32\hr-HR
2009-11-11 11:09:53 ----D---- C:\Windows\system32\he-IL
2009-11-11 11:09:53 ----D---- C:\Windows\system32\fr-FR
2009-11-11 11:09:53 ----D---- C:\Windows\system32\fi-FI
2009-11-11 11:09:53 ----D---- C:\Windows\system32\et-EE
2009-11-11 11:09:53 ----D---- C:\Windows\system32\es-ES
2009-11-11 11:09:53 ----D---- C:\Windows\system32\el-GR
2009-11-11 11:09:53 ----D---- C:\Windows\system32\de-DE
2009-11-11 11:09:53 ----D---- C:\Windows\system32\da-DK
2009-11-11 11:09:53 ----D---- C:\Windows\system32\cs-CZ
2009-11-11 11:09:53 ----D---- C:\Windows\system32\bg-BG
2009-11-11 11:09:53 ----D---- C:\Windows\system32\ar-SA
2009-11-11 11:04:29 ----SHD---- C:\boot
2009-11-11 10:58:22 ----D---- C:\Program Files\Windows Calendar
2009-11-11 10:58:21 ----D---- C:\Program Files\Windows Photo Gallery
2009-11-11 10:58:21 ----D---- C:\Program Files\Windows Media Player
2009-11-11 10:58:21 ----D---- C:\Program Files\Windows Journal
2009-11-11 10:58:21 ----D---- C:\Program Files\Windows Collaboration
2009-11-11 10:58:21 ----D---- C:\Program Files\Movie Maker
2009-11-11 10:58:21 ----D---- C:\Program Files\Common Files\System
2009-11-11 10:58:20 ----D---- C:\Windows\servicing
2009-11-11 10:58:20 ----D---- C:\Windows\ehome
2009-11-11 10:58:20 ----D---- C:\Program Files\Windows Defender
2009-11-11 10:58:19 ----D---- C:\Windows\system32\XPSViewer
2009-11-11 10:58:19 ----D---- C:\Windows\IME
2009-11-11 10:58:18 ----D---- C:\Windows\system32\oobe
2009-11-11 10:58:16 ----D---- C:\Windows\system32\SLUI
2009-11-11 10:58:16 ----D---- C:\Windows\system32\setup
2009-11-11 10:58:16 ----D---- C:\Windows\system32\AdvancedInstallers
2009-11-11 10:58:15 ----D---- C:\Windows\system32\manifeststore
2009-11-11 10:58:15 ----D---- C:\Windows\system32\en
2009-11-11 10:58:14 ----D---- C:\Windows\system32\migwiz
2009-11-11 10:58:07 ----RSD---- C:\Windows\Fonts
2009-11-11 10:58:07 ----D---- C:\Windows\AppPatch
2009-11-11 10:58:03 ----D---- C:\Windows\system32\Boot
2009-11-08 11:45:19 ----D---- C:\Program Files\Common Files\microsoft shared
2009-11-06 21:22:43 ----DC---- C:\Windows\system32\DRVSTORE
2009-11-06 21:22:43 ----D---- C:\Program Files\iTunes
2009-11-06 21:22:15 ----D---- C:\Program Files\Common Files\Apple
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-07 56816]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-16 32256]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-15 43520]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-15 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-07-10 8704]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-03 182272]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-12-05 217728]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-20 984064]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-06-20 208896]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-01-30 7544832]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-10 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-20 660480]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S1 NetworkX;NetworkX; C:\Windows\system32\ckldrv.sys []
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-06-28 8192]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2006-11-19 145920]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-18 1380864]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-09 1786880]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2007-11-06 34064]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2009-11-09 25088]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 xnacc;XBOX 360 Controller For Windows Driver Service; C:\Windows\system32\DRIVERS\xnacc.sys [2008-01-19 521216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-01-30 203296]
S3 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
S3 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
S4 BthServ;Bluetooth Support Service; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S4 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2006-11-28 63080]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
S4 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S4 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-07-10 386560]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2010-01-21 22:24:13
======Uninstall list======
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A80000000002}
AIM Lite 0.33-->C:\Program Files\AIM Lite\laim-uninst.exe
Apple Application Support-->MsiExec.exe /I{B607C354-CD79-4D22-86D1-92DC94153F42}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ASL_HS_Installer32-->MsiExec.exe /I{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_HDAUDIO\UIU32a.exe -U -IwisR30B7.INF
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDA_HSF\UIU32m.exe -U -IwqcVenz.inf
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{21E62565-8639-457C-B64C-A3FF0A8B4D80}\setup.exe -runfromtemp -l0x0409
HP Easy Setup - Core-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}\setup.exe" -l0x9
HP Pavilion Webcam Driver for Vista v061.001.00005-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CA81D12-9EC2-4082-972B-43ECA63F41F2}\setup.exe" -l0x9 -removeonly
HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HP User Guide 0049-->MsiExec.exe /I{3E3A110A-7FAE-4DC0-8E39-BAFFE89724B6}
HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
Intel(R) Network Connections Drivers-->Prounstl.exe
iTunes-->MsiExec.exe /I{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
League of Legends-->"C:\Program Files\InstallShield Installation Information\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\setup.exe" -runfromtemp -l0x0409 -removeonly
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft VC9 runtime libraries-->MsiExec.exe /I{C4124E95-5061-4776-8D5D-E3D931C778E1}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
OpenOffice.org 3.1-->MsiExec.exe /I{E6B87DC4-2B3D-4483-ADFF-E483BF718991}
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Sonic Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Warcraft III-->C:\Windows\War3Unin.exe C:\Windows\War3Unin.dat
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinPcap 4.0.2-->C:\Program Files\WinPcap\uninstall.exe
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
======Security center information======
AS: Windows Defender
======System event log======
Computer Name: Brandon-PC
Event Code: 7031
Message: The Software Licensing service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
Record Number: 110919
Source Name: Service Control Manager
Time Written: 20091111170334.000000-000
Event Type: Error
User:
Computer Name: Brandon-PC
Event Code: 7031
Message: The Software Licensing service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Record Number: 110909
Source Name: Service Control Manager
Time Written: 20091111164330.000000-000
Event Type: Error
User:
Computer Name: Brandon-PC
Event Code: 7034
Message: The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
Record Number: 110908
Source Name: Service Control Manager
Time Written: 20091111164321.000000-000
Event Type: Error
User:
Computer Name: Brandon-PC
Event Code: 7023
Message: The Diagnostic Service Host service terminated with the following error:
The requested control is not valid for this service.
Record Number: 110896
Source Name: Service Control Manager
Time Written: 20091111164320.000000-000
Event Type: Error
User:
Computer Name: Brandon-PC
Event Code: 7000
Message: The Parallel port driver service failed to start due to the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Record Number: 110890
Source Name: Service Control Manager
Time Written: 20091111164320.000000-000
Event Type: Error
User:
=====Application event log=====
Computer Name: Brandon-PC
Event Code: 1101
Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Failed to compile: System.Web.Extensions.Design, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80131522
Record Number: 101
Source Name: .NET Runtime Optimization Service
Time Written: 20090417181943.000000-000
Event Type: Error
User:
Computer Name: Brandon-PC
Event Code: 1101
Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Failed to compile: System.ServiceModel.Web, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80131522
Record Number: 100
Source Name: .NET Runtime Optimization Service
Time Written: 20090417181910.000000-000
Event Type: Error
User:
Computer Name: Brandon-PC
Event Code: 1101
Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Failed to compile: System.Data.Services, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131522
Record Number: 99
Source Name: .NET Runtime Optimization Service
Time Written: 20090417181834.000000-000
Event Type: Error
User:
Computer Name: Brandon-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.
DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-1710116063-2711787288-2888440707-1000:
Process 552 (\Device\HarddiskVolume1\WINDOWS\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-1710116063-2711787288-2888440707-1000
Record Number: 26
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090417180144.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Brandon-PC
Event Code: 11720
Message: Product: ActiveCheck component for HP Active Support Library -- Error 1720. There is a problem with this Windows Installer package. A script required for this install to complete could not be run. Contact your support personnel or package vendor. Custom action DiscoverSysID script error -2146828212, Microsoft JScript runtime error: Path not found Line 557, Column 3,
Record Number: 10
Source Name: MsiInstaller
Time Written: 20090417180133.000000-000
Event Type: Error
User: NT AUTHORITY\SYSTEM
=====Security event log=====
Computer Name: Brandon-PC
Event Code: 4647
Message: User initiated logoff:
Subject:
Security ID: S-1-5-21-1710116063-2711787288-2888440707-1000
Account Name: Brandon
Account Domain: Brandon-PC
Logon ID: 0xebf0a
This event is generated when a logoff is initiated but the token reference count is not zero and the logon session cannot be destroyed. No further user-initiated activity can occur. This event can be interpreted as a logoff event.
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090417180144.179322-000
Event Type: Audit Success
User:
Computer Name: Brandon-PC
Event Code: 4672
Message: Special privileges assigned to new logon.
Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090417180122.843122-000
Event Type: Audit Success
User:
Computer Name: Brandon-PC
Event Code: 4624
Message: An account was successfully logged on.
Subject:
Security ID: S-1-5-18
Account Name: LH-EH21Y8KN8PXZ$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon Type: 5
New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x244
Process Name: C:\WINDOWS\System32\services.exe
Network Information:
Workstation Name:
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090417180122.843122-000
Event Type: Audit Success
User:
Computer Name: Brandon-PC
Event Code: 4648
Message: A logon was attempted using explicit credentials.
Subject:
Security ID: S-1-5-18
Account Name: LH-EH21Y8KN8PXZ$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Account Whose Credentials Were Used:
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon GUID: {00000000-0000-0000-0000-000000000000}
Target Server:
Target Server Name: localhost
Additional Information: localhost
Process Information:
Process ID: 0x244
Process Name: C:\WINDOWS\System32\services.exe
Network Information:
Network Address: -
Port: -
This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090417180122.843122-000
Event Type: Audit Success
User:
Computer Name: Brandon-PC
Event Code: 1102
Message: The audit log was cleared.
Subject:
Security ID: S-1-5-21-1710116063-2711787288-2888440707-1000
Account Name: Brandon
Domain Name: Brandon-PC
Logon ID: 0xebc0a
Record Number: 1
Source Name: Microsoft-Windows-Eventlog
Time Written: 20090417175829.591722-000
Event Type: Audit Success
User:
======Environment variables======
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OnlineServices"=Online Services
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PCBRAND"=Pavilion
"PLATFORM"=MCD
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 2, GenuineIntel
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=0f02
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
-----------------EOF-----------------