also @ TechSpot: Leaked next generation iPhone casing photos validate multiple rumors

TechSpot

Desktop loading problem

Discussion in 'Windows OS' started by Caben, Jul 24, 2011.

  1. Caben Newcomer, in training

    Hi, I would appreciate help with my problem as I am stuck. When I run Windows XP Professional X64 Edition, my desktop doesn’t load up for about 10-15 seconds and only the wallpaper is displayed. I’ve had this problem for a few months, I remember that my antivirus software picked up a java virus around that time and deleted it.

    Eventually the desktop just stopped loading up completely and after eliminating startup programs as the cause, I found I could only get my desktop back up by using Task Manager to run MSConfig and ending “Marvell Yukon Service” process under the services tab. My antivirus found a kazy virus at that point as well, so I decided to delete my system drive partition, format and reinstall Windows.

    This seemed to work but after a few reboots the problem came back. This time when I ended the process “Marvell Yukon Service” it didn’t bring back the desktop. So, I thought maybe a virus infected my second hard disk drive. I had to use my system drive to backup D drive and then I deleted D’s partition and formatted it using Windows Disk Management in safe mode. I put all the files back onto D: in safe mode, wiped my system drive and reinstalled Windows again but the same problem has surfaced again.

    I’ve tried to find an answer by reading other people’s similar problems online, and followed a few suggestions given to them but they didn’t work for me. The other people who had this problem said they couldn’t get into safe mode but I can.

    Has anyone had this problem and solved it, or does anyone know what I can do to find the problem?

    Thanks for any replies.
    Caben, Jul 24, 2011
    #1

  2. Bobbye Helper on the Fringe

    Welcome to TechSpot! It would be good for you to check and see if the malware entries that have been found, have been completely removed.

    If your problem has gone on for months and followed a malware infection, it hasn't been removed. The Java malware is in the Java cache and that has to be emptied. What an AV programs does for this is only part of the process.
    ==================================
    If you would like us to check the system for malware, please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

    NOTE: If you already have any of the scanning programs on the computer, please remove them and download the versions in these links.

    When you have finished, leave the logs for review in your next reply .
    NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.
    ===============================================
    My Guidelines: please read and follow:
    • Be patient. Malware cleaning takes time and I am also working with other members while I am helping you.
    • Read my instructions carefully. If you don't understand or have a problem, ask me.
    • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
    • Follow the order of the tasks I give you. Order is crucial in cleaning process.
    • File sharing programs should be uninstalled or disabled during the cleaning process..
    • Observe these:
      [o] Don't use any other cleaning programs or scans while I'm helping you.
      [o] Don't use a Registry cleaner or make any changes in the Registry.
      [o] Don't download and install new programs- except those I give you.
    • Please let me know if there is any change in the system.
    If I have not replied for 2 days, you can send me a PM reminder. Include the URL of your thread. Please do not send me a PM to tell me your logs are up.
    If I don't get a reply from you in 5 days, the thread will be closed. If your problem persist, you can send a PM to reopen it.
    =====================================
    Bobbye, Jul 24, 2011
    #2

  3. Caben Newcomer, in training

    Malwarebytes' Anti-Malware 1.51.1.1800
    www.malwarebytes.org

    Database version: 7274

    Windows 5.2.3790 Service Pack 2
    Internet Explorer 7.0.5730.13

    25/07/2011 15:41:14
    mbam-log-2011-07-25 (15-41-14).txt

    Scan type: Quick scan
    Objects scanned: 161635
    Time elapsed: 2 minute(s), 19 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)


    GMER hasn't found any system modification.


    DDS
    This operating system is not supported!
    Caben, Jul 25, 2011
    #3

  4. Caben Newcomer, in training

    Hi again and thanks for helping me out. I just thought I should tell you that before I did any scans, I got a java message telling me to update it but I haven’t installed java on this Windows install. I have left it alone though, not sure if this helps.
    Caben, Jul 25, 2011
    #4

  5. Bobbye Helper on the Fringe

    You have Windows XP Professional x64 Edition 5.2.3790 Isn't this a server environment? Your description of the system is out of my area. And if you're getting a notice to update Java, then Java is somewhere in your system.

    I'm going to have your thread moved to the Windows OS Forum. The members there will be more experienced in the 64bit Win XP Pro.

    Please wait to post again until the thread has been moved.
    Bobbye, Jul 26, 2011
    #5

  6. Caben Newcomer, in training

    Sorry for posting in the wrong thread, I wasn’t sure which one to put it in. I don’t think it’s a server or at least I don’t use it as one anyway, I think that one is called server 2003. It’s just a 64 bit version of XP that was released in 2005 but as I believe, it is the first 64 bit personal operating system that was not very popular thus there is a lack of driver support for it. Anyway thanks again for your help.
    Caben, Jul 26, 2011
    #6

  7. superty12 TechSpot Enthusiast

    In Task Manager, see if "explorer.exe" is running. If not, start it.
    superty12, Jul 26, 2011
    #7

  8. Caben Newcomer, in training

    Yes I have checked that, it has always loaded when the desktop didn’t. I have however installed SuperAntispyware and ran it in safe mode. It picked up three tracking cookies: @ad.zanox[2].txt, @doubleclick[1].txt and @smartadserver[2].txt. After having quarantined them, my desktop now loads up normally again. I have done some reboots and a cold boot to see if it came back but seems fine. Do you think that they could cause this behaviour, or is something else on my machine responsible for placing those cookies there? Maybe the problem has hidden itself for now due to installing the anti-spyware?
    Caben, Jul 26, 2011
    #8

  9. gbhall TechSpot Chancellor

    Seems to me it is possible you still have an infection. Could be a rootkit virus or even a bios virus. Or are you making the mistake of installing the OS clean, then installing other applications from previously downloaded and compromised installers ?
    gbhall, Jul 27, 2011
    #9

  10. Caben Newcomer, in training

    Yes It could be from compromised installers, most of them have been downloaded after the new install of windows though, the ones I had was out of date versions. The only one I can think of that wasn’t replaced is Gmail Notifier installer. The rest of them came from Microsoft’s update website or hasn’t been installed yet or are installed from a CD like the motherboard drivers and software.

    As DDS dose not work on 64 bit, RSIT is meant to be an alternative and it did run. It gave me a log file and a info file, should I post them up here or is it just a waste of time?
    Caben, Jul 27, 2011
    #10

  11. gbhall TechSpot Chancellor

    certainly post the log file, it will get attention from somebody. If it shows a problem, you will probably be moved to the malware forum.
    gbhall, Jul 28, 2011
    #11

  12. Caben Newcomer, in training

    Logfile of random's system information tool 1.09 (written by random/random)
    Run by Administrator at 2011-07-29 00:52:28
    Microsoft(R) Windows(R) XP Professional x64 Edition Service Pack 2
    System drive C: has 223 GB (93%) free of 239 GB
    Total RAM: 2046 MB (73% free)

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 00:52:38, on 29/07/2011
    Platform: Windows 2003 SP2 (WinNT 5.02.3790)
    MSIE: Internet Explorer v7.00 (7.00.6000.17098)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
    C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
    C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
    C:\Program Files (x86)\Analog Devices\SoundMAX\Smax4.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
    C:\WINDOWS\SysWOW64\ctfmon.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Administrator\Desktop\RSIT\RSIT.exe
    C:\Program Files (x86)\trend micro\Administrator.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = astroburn-search.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://update.microsoft.com/
    F2 - REG:system.ini: UserInit=userinit
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files (x86)\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] "C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
    O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
    O15 - ESC Trusted Zone: http://runonce.msn.com
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1310777631078
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\SysWOW64\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\SysWOW64\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
    O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
    O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing)
    O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
    O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc64.exe (file missing)
    O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
    O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
    O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
    O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
    O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
    O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

    --
    End of file - 6506 bytes

    =========Mozilla firefox=========

    ProfilePath - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\do6mrd27.default

    prefs.js - "browser.startup.homepage" - "http://www.google.co.uk"

    "{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
    "Description"=Windows Presentation Foundation plug-in for Mozilla browsers
    "Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

    C:\Program Files (x86)\Mozilla Firefox\extensions\
    {972ce4c6-7e08-4474-a285-3208198ce6fd}

    C:\Program Files (x86)\Mozilla Firefox\components\
    binary.manifest
    browsercomps.dll

    C:\Program Files (x86)\Mozilla Firefox\searchplugins\
    amazon-en-GB.xml
    bing.xml
    chambers-en-GB.xml
    eBay-en-GB.xml
    google.xml
    wikipedia.xml
    yahoo-en-GB.xml

    C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\do6mrd27.default\extensions\
    DTToolbar@toolbarnet.com

    C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\do6mrd27.default\searchplugins\
    absearch-search.xml
    daemon-search.xml

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2007-10-09 1036288]
    "SoundMAX"=C:\Program Files (x86)\Analog Devices\SoundMAX\Smax4.exe [2007-10-08 864256]
    "avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2011-04-21 281768]
    "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"=C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe [2005-07-15 479232]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2005-03-25 15360]
    "DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\EFS]
    C:\WINDOWS\system32\sclgntfy.dll [2005-03-25 19968]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "system"=lsass.exe []

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wd.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vds]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoActiveDesktop"=1
    "NoActiveDesktopChanges"=1
    "ForceActiveDesktopOn"=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
    "midimapper"=midimap.dll
    "msacm.imaadpcm"=imaadp32.acm
    "msacm.msadpcm"=msadp32.acm
    "msacm.msg711"=msg711.acm
    "msacm.msgsm610"=msgsm32.acm
    "msacm.trspch"=tssoft32.acm
    "vidc.cvid"=iccvid.dll
    "vidc.I420"=msh263.drv
    "vidc.iv31"=ir32_32.dll
    "vidc.iv32"=ir32_32.dll
    "vidc.iv41"=ir41_32.ax
    "vidc.iv50"=C:\WINDOWS\SysWOW64\ir50_32.dll
    "vidc.iyuv"=iyuv_32.dll
    "vidc.mrle"=msrle32.dll
    "vidc.msvc"=msvidc32.dll
    "vidc.uyvy"=msyuv.dll
    "vidc.yuy2"=msyuv.dll
    "vidc.yvu9"=tsbyuv.dll
    "vidc.yvyu"=msyuv.dll
    "wavemapper"=msacm32.drv
    "msacm.msaudio1"=msaud32.acm
    "msacm.sl_anet"=sl_anet.acm
    "msacm.msg723"=msg723.acm
    "vidc.M263"=msh263.drv
    "vidc.M261"=msh261.drv
    "msacm.l3acm"=C:\WINDOWS\SysWOW64\l3codeca.acm
    "msacm.pspgru"=pspgru.acm

    ======List of files/folders created in the last 1 month======

    2011-07-28 18:47:33 ----D---- C:\Documents and Settings\Administrator\Application Data\Audacity
    2011-07-28 18:38:48 ----D---- C:\Program Files (x86)\Common Files\Philips Speech Shared
    2011-07-28 18:29:50 ----A---- C:\WINDOWS\SysWOW64\psplog.dll
    2011-07-28 18:29:50 ----A---- C:\WINDOWS\SysWOW64\msvcr71.dll
    2011-07-28 18:29:50 ----A---- C:\WINDOWS\SysWOW64\msvcp71.dll
    2011-07-28 18:29:50 ----A---- C:\WINDOWS\SysWOW64\MFC71.dll
    2011-07-28 18:29:50 ----A---- C:\WINDOWS\SysWOW64\DPMCtrl.dll
    2011-07-28 18:29:18 ----A---- C:\WINDOWS\unins000.exe
    2011-07-28 18:27:33 ----D---- C:\Program Files (x86)\AMR Player
    2011-07-27 20:08:12 ----D---- C:\rsit
    2011-07-27 20:08:12 ----D---- C:\Program Files (x86)\trend micro
    2011-07-27 19:55:05 ----D---- C:\Program Files (x86)\Astroburn Toolbar
    2011-07-27 19:55:03 ----D---- C:\Documents and Settings\All Users\Application Data\Astroburn Lite
    2011-07-27 19:55:01 ----D---- C:\Program Files (x86)\Astroburn Lite
    2011-07-27 19:49:38 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
    2011-07-27 19:49:32 ----D---- C:\Documents and Settings\Administrator\Application Data\DAEMON Tools Lite
    2011-07-27 18:06:33 ----A---- C:\WINDOWS\wininit.ini
    2011-07-27 17:46:33 ----D---- C:\Program Files (x86)\WinRAR
    2011-07-26 20:33:27 ----A---- C:\WINDOWS\ntbtlog.txt
    2011-07-26 20:28:42 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    2011-07-26 20:28:42 ----D---- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
    2011-07-26 20:28:34 ----D---- C:\Documents and Settings\All Users\Application Data\!SASCORE
    2011-07-25 15:34:17 ----D---- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
    2011-07-25 15:34:10 ----A---- C:\WINDOWS\SysWOW64\drivers\mbamswissarmy.sys
    2011-07-25 15:34:06 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-07-25 15:28:58 ----D---- C:\Documents and Settings\Administrator\Application Data\Avira
    2011-07-24 23:14:46 ----D---- C:\Program Files (x86)\Google
    2011-07-24 20:30:34 ----D---- C:\WINDOWS\pss
    2011-07-24 20:18:51 ----A---- C:\WINDOWS\ODBC.INI
    2011-07-24 20:17:52 ----D---- C:\Program Files (x86)\Microsoft ActiveSync
    2011-07-24 20:17:46 ----D---- C:\Program Files (x86)\Common Files\DESIGNER
    2011-07-24 20:17:30 ----D---- C:\WINDOWS\SHELLNEW
    2011-07-24 20:16:59 ----D---- C:\Program Files (x86)\Microsoft Office
    2011-07-24 16:30:33 ----D---- C:\Documents and Settings\Administrator\Application Data\OpenOffice.org
    2011-07-24 01:52:41 ----D---- C:\WINDOWS\SysWOW64\AGEIA
    2011-07-24 01:52:38 ----D---- C:\Program Files (x86)\AGEIA Technologies
    2011-07-24 01:52:27 ----D---- C:\Config.Msi
    2011-07-24 01:52:23 ----D---- C:\WINDOWS\nview
    2011-07-24 01:52:23 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
    2011-07-24 01:52:23 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles
    2011-07-24 01:31:55 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2011-07-24 01:10:05 ----D---- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
    2011-07-24 00:58:02 ----A---- C:\WINDOWS\unins000.dat
    2011-07-24 00:57:46 ----D---- C:\Program Files (x86)\Philips Speech
    2011-07-24 00:57:11 ----D---- C:\Program Files (x86)\DSS2Wave
    2011-07-24 00:49:50 ----SHD---- C:\RECYCLER
    2011-07-18 23:18:27 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar
    2011-07-18 23:18:13 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
    2011-07-16 16:49:48 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
    2011-07-16 16:49:40 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA
    2011-07-16 16:49:23 ----D---- C:\Program Files (x86)\NVIDIA Corporation
    2011-07-16 16:44:22 ----D---- C:\NVIDIA
    2011-07-16 16:36:36 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
    2011-07-16 16:35:13 ----A---- C:\WINDOWS\nsreg.dat
    2011-07-16 16:35:12 ----D---- C:\Documents and Settings\Administrator\Application Data\Mozilla
    2011-07-16 16:35:07 ----D---- C:\Program Files (x86)\Mozilla Firefox
    2011-07-16 16:31:57 ----D---- C:\Program Files (x86)\Avira
    2011-07-16 16:31:57 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2011-07-16 04:21:06 ----D---- C:\Program Files (x86)\Microsoft.NET
    2011-07-16 03:53:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM11x64$
    2011-07-16 03:42:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM11x64$
    2011-07-16 03:42:49 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM11x64$
    2011-07-16 03:42:42 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM11x64$
    2011-07-16 03:42:24 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
    2011-07-16 03:41:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM11x64$
    2011-07-16 03:41:31 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11x64$
    2011-07-16 03:41:27 ----HDC---- C:\WINDOWS\$NtUninstallKB941569_WM11$
    2011-07-16 03:41:21 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
    2011-07-16 03:41:12 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
    2011-07-16 03:26:28 ----SD---- C:\WINDOWS\SysWOW64\config
    2011-07-16 03:24:18 ----D---- C:\WINDOWS\SysWOW64\XPSViewer
    2011-07-16 03:24:15 ----D---- C:\Program Files (x86)\MSBuild
    2011-07-16 03:24:05 ----D---- C:\Program Files (x86)\Reference Assemblies
    2011-07-16 03:22:49 ----A---- C:\WINDOWS\SysWOW64\PerfStringBackup.INI
    2011-07-16 03:22:14 ----RSD---- C:\WINDOWS\assembly
    2011-07-16 03:21:29 ----D---- C:\WINDOWS\Microsoft.NET
    2011-07-16 03:20:36 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
    2011-07-16 03:20:29 ----D---- C:\Program Files (x86)\MSXML 6.0
    2011-07-16 03:19:36 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
    2011-07-16 03:19:06 ----HDC---- C:\WINDOWS\$NtUninstallwmp11-64$
    2011-07-16 03:18:39 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11-64$
    2011-07-16 03:18:25 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
    2011-07-16 03:06:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
    2011-07-16 03:06:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
    2011-07-16 03:06:05 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
    2011-07-16 03:05:58 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
    2011-07-16 02:59:46 ----A---- C:\WINDOWS\SysWOW64\wininet.dll
    2011-07-16 02:59:46 ----A---- C:\WINDOWS\SysWOW64\urlmon.dll
    2011-07-16 02:59:46 ----A---- C:\WINDOWS\SysWOW64\url.dll
    2011-07-16 02:59:46 ----A---- C:\WINDOWS\SysWOW64\mshtmled.dll
    2011-07-16 02:59:46 ----A---- C:\WINDOWS\SysWOW64\mshtml.dll
    2011-07-16 02:59:46 ----A---- C:\WINDOWS\SysWOW64\iepeers.dll
    2011-07-16 02:59:46 ----A---- C:\WINDOWS\SysWOW64\dxtrans.dll
    2011-07-16 02:59:46 ----A---- C:\WINDOWS\SysWOW64\dxtmsft.dll
    2011-07-16 02:59:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
    2011-07-16 02:59:09 ----D---- C:\WINDOWS\ie7updates
    2011-07-16 02:58:21 ----D---- C:\WINDOWS\WBEM
    2011-07-16 02:58:21 ----D---- C:\WINDOWS\SysWOW64\en-US
    2011-07-16 02:55:36 ----HDC---- C:\WINDOWS\ie7
    2011-07-16 02:55:27 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
    2011-07-16 02:55:17 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
    2011-07-16 02:46:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2544521$
    2011-07-16 02:45:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
    2011-07-16 02:45:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
    2011-07-16 02:45:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2530548$
    2011-07-16 02:45:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2503665$
    2011-07-16 02:45:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$
    2011-07-16 02:44:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276$
    2011-07-16 02:44:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
    2011-07-16 02:44:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893$
    2011-07-16 02:44:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$
    2011-07-16 02:44:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
    2011-07-16 02:44:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
    2011-07-16 02:44:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2510587$
    2011-07-16 02:44:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
    2011-07-16 02:44:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2508272$
    2011-07-16 02:44:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
    2011-07-16 02:44:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
    2011-07-16 02:44:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
    2011-07-16 02:44:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
    2011-07-16 02:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
    2011-07-16 02:43:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
    2011-07-16 02:43:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
    2011-07-16 02:43:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
    2011-07-16 02:43:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
    2011-07-16 02:43:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2419635$
    2011-07-16 02:43:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
    2011-07-16 02:43:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
    2011-07-16 02:43:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
    2011-07-16 02:43:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
    2011-07-16 02:43:06 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
    2011-07-16 02:43:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
    2011-07-16 02:42:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111$
    2011-07-16 02:42:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
    2011-07-16 02:42:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
    2011-07-16 02:42:38 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
    2011-07-16 02:42:34 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
    2011-07-16 02:42:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
    2011-07-16 02:42:27 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
    2011-07-16 02:42:23 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
    2011-07-16 02:42:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
    2011-07-16 02:42:13 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
    2011-07-16 02:42:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
    2011-07-16 02:42:05 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
    2011-07-16 02:42:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
    2011-07-16 02:41:57 ----HDC---- C:\WINDOWS\$NtUninstallKB978695$
    2011-07-16 02:41:53 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
    2011-07-16 02:41:48 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
    2011-07-16 02:41:44 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
    2011-07-16 02:41:36 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
    2011-07-16 02:41:33 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
    2011-07-16 02:41:29 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
    2011-07-16 02:41:26 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
    2011-07-16 02:41:22 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
    2011-07-16 02:41:18 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
    2011-07-16 02:41:12 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
    2011-07-16 02:41:07 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
    2011-07-16 02:41:02 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
    2011-07-16 02:40:58 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
    2011-07-16 02:40:52 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
    2011-07-16 02:40:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
    2011-07-16 02:40:44 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
    2011-07-16 02:40:38 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
    2011-07-16 02:40:34 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
    2011-07-16 02:40:29 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
    2011-07-16 02:40:26 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
    2011-07-16 02:40:22 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
    2011-07-16 02:40:18 ----HDC---- C:\WINDOWS\$NtUninstallKB954155$
    2011-07-16 02:40:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
    2011-07-16 02:40:11 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
    2011-07-16 02:40:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
    2011-07-16 02:40:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
    2011-07-16 02:40:00 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
    2011-07-16 02:39:56 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
    2011-07-16 02:39:48 ----HDC---- C:\WINDOWS\$NtUninstallKB958469$
    2011-07-16 02:39:42 ----HDC---- C:\WINDOWS\$NtUninstallKB973540$
    2011-07-16 02:39:34 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
    2011-07-16 02:39:25 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
    2011-07-16 02:39:15 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
    2011-07-16 02:39:10 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
    2011-07-16 02:39:07 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
    2011-07-16 02:38:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
    2011-07-16 02:38:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
    2011-07-16 02:38:40 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
    2011-07-16 02:38:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
    2011-07-16 02:38:32 ----HDC---- C:\WINDOWS\$NtUninstallKB952069$
    2011-07-16 02:38:28 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2011-07-16 02:38:24 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2011-07-16 02:38:20 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2011-07-16 02:38:17 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2011-07-16 02:38:14 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
    2011-07-16 02:38:11 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
    2011-07-16 02:38:08 ----HDC---- C:\WINDOWS\$NtUninstallKB946026$
    2011-07-16 02:38:05 ----HDC---- C:\WINDOWS\$NtUninstallKB944653$
    2011-07-16 02:38:02 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
    2011-07-16 02:37:58 ----HDC---- C:\WINDOWS\$NtUninstallKB925398_WMP64$
    2011-07-16 02:37:44 ----HDC---- C:\WINDOWS\$NtUninstallKB929123$
    2011-07-16 02:37:40 ----HDC---- C:\WINDOWS\$NtUninstallKB924667-v2$
    2011-07-16 02:37:34 ----HDC---- C:\WINDOWS\$NtUninstallKB927891$
    2011-07-16 02:37:30 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$
    2011-07-16 02:37:24 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
    2011-07-16 02:37:16 ----HDC---- C:\WINDOWS\$NtUninstallKB925902$
    2011-07-16 02:37:14 ----HD---- C:\WINDOWS\$hf_mig$
    2011-07-16 02:17:19 ----N---- C:\WINDOWS\SysWOW64\kbdukx.dll
    2011-07-16 02:17:19 ----N---- C:\WINDOWS\SysWOW64\kbdsmsno.dll
    2011-07-16 02:17:19 ----N---- C:\WINDOWS\SysWOW64\kbdsmsfi.dll
    2011-07-16 02:17:19 ----N---- C:\WINDOWS\SysWOW64\kbdpash.dll
    2011-07-16 02:17:19 ----N---- C:\WINDOWS\SysWOW64\kbdno1.dll
    2011-07-16 02:17:19 ----N---- C:\WINDOWS\SysWOW64\kbdnepr.dll
    2011-07-16 02:17:19 ----N---- C:\WINDOWS\SysWOW64\kbdmlt48.dll
    2011-07-16 02:17:19 ----N---- C:\WINDOWS\SysWOW64\kbdmlt47.dll
    2011-07-16 02:17:19 ----N---- C:\WINDOWS\SysWOW64\kbdmaori.dll
    2011-07-16 02:17:19 ----N---- C:\WINDOWS\SysWOW64\kbdiultn.dll
    2011-07-16 02:17:19 ----N---- C:\WINDOWS\SysWOW64\kbdfi1.dll
    2011-07-16 02:17:19 ----N---- C:\WINDOWS\SysWOW64\kbdbhc.dll
    2011-07-16 02:17:19 ----N---- C:\WINDOWS\SysWOW64\icacls.exe
    2011-07-16 02:17:18 ----N---- C:\WINDOWS\SysWOW64\xmllite.dll
    2011-07-16 02:17:18 ----N---- C:\WINDOWS\SysWOW64\w03a2409.dll
    2011-07-16 02:17:18 ----N---- C:\WINDOWS\SysWOW64\verclsid.exe
    2011-07-16 02:17:18 ----N---- C:\WINDOWS\SysWOW64\setupn.exe
    2011-07-16 02:17:17 ----D---- C:\WINDOWS\SysWOW64\en
    2011-07-16 02:17:17 ----D---- C:\WINDOWS\adfs
    2011-07-16 02:16:19 ----D---- C:\WINDOWS\ServicePackFiles
    2011-07-16 02:15:54 ----A---- C:\WINDOWS\explorer.exe
    2011-07-16 02:15:52 ----N---- C:\WINDOWS\SysWOW64\advpack.dll
    2011-07-16 02:15:52 ----A---- C:\WINDOWS\SysWOW64\apphelp.dll
    2011-07-16 02:15:51 ----A---- C:\WINDOWS\SysWOW64\cabinet.dll
    2011-07-16 02:15:49 ----A---- C:\WINDOWS\SysWOW64\comdlg32.dll
    2011-07-16 02:15:48 ----A---- C:\WINDOWS\SysWOW64\cryptui.dll
    2011-07-16 02:15:48 ----A---- C:\WINDOWS\SysWOW64\cryptnet.dll
    2011-07-16 02:15:48 ----A---- C:\WINDOWS\SysWOW64\crypt32.dll
    2011-07-16 02:15:48 ----A---- C:\WINDOWS\SysWOW64\corpol.dll
    2011-07-16 02:15:45 ----A---- C:\WINDOWS\SysWOW64\dsound.dll
    2011-07-16 02:15:42 ----A---- C:\WINDOWS\SysWOW64\hnetcfg.dll
    2011-07-16 02:15:41 ----A---- C:\WINDOWS\SysWOW64\imm32.dll
    2011-07-16 02:15:41 ----A---- C:\WINDOWS\SysWOW64\imagehlp.dll
    2011-07-16 02:15:40 ----A---- C:\WINDOWS\SysWOW64\iphlpapi.dll
    2011-07-16 02:15:38 ----A---- C:\WINDOWS\SysWOW64\mlang.dll
    2011-07-16 02:15:37 ----A---- C:\WINDOWS\SysWOW64\mpr.dll
    2011-07-16 02:15:36 ----A---- C:\WINDOWS\SysWOW64\msacm32.dll
    2011-07-16 02:15:34 ----A---- C:\WINDOWS\SysWOW64\msihnd.dll
    2011-07-16 02:15:34 ----A---- C:\WINDOWS\SysWOW64\msiexec.exe
    2011-07-16 02:15:32 ----A---- C:\WINDOWS\SysWOW64\msvcrt.dll
    2011-07-16 02:15:32 ----A---- C:\WINDOWS\SysWOW64\msv1_0.dll
    2011-07-16 02:15:27 ----A---- C:\WINDOWS\SysWOW64\olecnv32.dll
    2011-07-16 02:15:27 ----A---- C:\WINDOWS\SysWOW64\olecli32.dll
    2011-07-16 02:15:26 ----A---- C:\WINDOWS\SysWOW64\psapi.dll
    2011-07-16 02:15:25 ----A---- C:\WINDOWS\SysWOW64\rasman.dll
    2011-07-16 02:15:25 ----A---- C:\WINDOWS\SysWOW64\rasapi32.dll
    2011-07-16 02:15:25 ----A---- C:\WINDOWS\SysWOW64\rasadhlp.dll
    2011-07-16 02:15:24 ----A---- C:\WINDOWS\SysWOW64\rsaenh.dll
    2011-07-16 02:15:22 ----A---- C:\WINDOWS\SysWOW64\sfc_os.dll
    2011-07-16 02:15:22 ----A---- C:\WINDOWS\SysWOW64\setupapi.dll
    2011-07-16 02:15:22 ----A---- C:\WINDOWS\SysWOW64\sensapi.dll
    2011-07-16 02:15:19 ----A---- C:\WINDOWS\SysWOW64\tapi32.dll
    2011-07-16 02:15:19 ----A---- C:\WINDOWS\SysWOW64\sxs.dll
    2011-07-16 02:15:17 ----A---- C:\WINDOWS\SysWOW64\uxtheme.dll
    2011-07-16 02:15:17 ----A---- C:\WINDOWS\SysWOW64\userenv.dll
    2011-07-16 02:15:15 ----A---- C:\WINDOWS\SysWOW64\wldap32.dll
    2011-07-16 02:15:15 ----A---- C:\WINDOWS\SysWOW64\winrnr.dll
    2011-07-16 02:15:15 ----A---- C:\WINDOWS\SysWOW64\winmm.dll
    2011-07-16 02:15:12 ----A---- C:\WINDOWS\SysWOW64\wshtcpip.dll
    2011-07-16 02:15:12 ----A---- C:\WINDOWS\SysWOW64\ws2_32.dll
    2011-07-16 02:15:12 ----A---- C:\WINDOWS\SysWOW64\ws03res.dll
    2011-07-16 02:15:11 ----A---- C:\WINDOWS\SysWOW64\wups.dll
    2011-07-16 02:15:11 ----A---- C:\WINDOWS\SysWOW64\wuapi.dll
    2011-07-16 02:15:10 ----A---- C:\WINDOWS\SysWOW64\xpsp2res.dll
    2011-07-16 02:09:31 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
    2011-07-16 02:09:30 ----AD---- C:\WINDOWS\PolicyBackup
    2011-07-16 01:59:04 ----A---- C:\WINDOWS\imsins.BAK
    2011-07-16 01:59:01 ----D---- C:\Program Files (x86)\Common Files\ODBC
    2011-07-16 01:59:00 ----SHD---- C:\WINDOWS\Installer
    2011-07-16 01:58:59 ----A---- C:\WINDOWS\ODBCINST.INI
    2011-07-16 01:58:56 ----D---- C:\Program Files (x86)\Common Files\SpeechEngines
    2011-07-16 01:58:56 ----D---- C:\Program Files (x86)\Common Files\Microsoft Shared
    2011-07-16 01:58:55 ----RD---- C:\Program Files (x86)
    2011-07-16 01:58:55 ----RD---- C:\Program Files
    2011-07-16 01:58:55 ----D---- C:\Program Files (x86)\Common Files
    2011-07-16 01:58:54 ----A---- C:\WINDOWS\SysWOW64\kbdtuq.dll
    2011-07-16 01:58:54 ----A---- C:\WINDOWS\SysWOW64\kbdtuf.dll
    2011-07-16 01:58:54 ----A---- C:\WINDOWS\SysWOW64\kbdazel.dll
    2011-07-16 01:58:53 ----A---- C:\WINDOWS\SysWOW64\kbdycc.dll
    2011-07-16 01:58:53 ----A---- C:\WINDOWS\SysWOW64\kbduzb.dll
    2011-07-16 01:58:53 ----A---- C:\WINDOWS\SysWOW64\kbdur.dll
    2011-07-16 01:58:53 ----A---- C:\WINDOWS\SysWOW64\kbdtat.dll
    2011-07-16 01:58:53 ----A---- C:\WINDOWS\SysWOW64\kbdru1.dll
    2011-07-16 01:58:53 ----A---- C:\WINDOWS\SysWOW64\kbdru.dll
    2011-07-16 01:58:53 ----A---- C:\WINDOWS\SysWOW64\kbdmon.dll
    2011-07-16 01:58:53 ----A---- C:\WINDOWS\SysWOW64\kbdkyr.dll
    2011-07-16 01:58:53 ----A---- C:\WINDOWS\SysWOW64\kbdkaz.dll
    2011-07-16 01:58:53 ----A---- C:\WINDOWS\SysWOW64\kbdhept.dll
    2011-07-16 01:58:53 ----A---- C:\WINDOWS\SysWOW64\kbdhela3.dll
    2011-07-16 01:58:53 ----A---- C:\WINDOWS\SysWOW64\kbdhela2.dll
    2011-07-16 01:58:53 ----A---- C:\WINDOWS\SysWOW64\kbdhe319.dll
    2011-07-16 01:58:53 ----A---- C:\WINDOWS\SysWOW64\kbdhe220.dll
    2011-07-16 01:58:53 ----A---- C:\WINDOWS\SysWOW64\kbdhe.dll
    2011-07-16 01:58:53 ----A---- C:\WINDOWS\SysWOW64\kbdgkl.dll
    2011-07-16 01:58:53 ----A---- C:\WINDOWS\SysWOW64\kbdbu.dll
    2011-07-16 01:58:53 ----A---- C:\WINDOWS\SysWOW64\kbdblr.dll
    2011-07-16 01:58:53 ----A---- C:\WINDOWS\SysWOW64\kbdaze.dll
    2011-07-16 01:58:52 ----A---- C:\WINDOWS\SysWOW64\kbdycl.dll
    2011-07-16 01:58:52 ----A---- C:\WINDOWS\SysWOW64\kbdsl1.dll
    2011-07-16 01:58:52 ----A---- C:\WINDOWS\SysWOW64\kbdsl.dll
    2011-07-16 01:58:52 ----A---- C:\WINDOWS\SysWOW64\kbdro.dll
    2011-07-16 01:58:52 ----A---- C:\WINDOWS\SysWOW64\kbdpl1.dll
    2011-07-16 01:58:52 ----A---- C:\WINDOWS\SysWOW64\kbdpl.dll
    2011-07-16 01:58:52 ----A---- C:\WINDOWS\SysWOW64\kbdlv1.dll
    2011-07-16 01:58:52 ----A---- C:\WINDOWS\SysWOW64\kbdlv.dll
    2011-07-16 01:58:52 ----A---- C:\WINDOWS\SysWOW64\kbdlt1.dll
    2011-07-16 01:58:52 ----A---- C:\WINDOWS\SysWOW64\kbdlt.dll
    2011-07-16 01:58:52 ----A---- C:\WINDOWS\SysWOW64\kbdhu1.dll
    2011-07-16 01:58:52 ----A---- C:\WINDOWS\SysWOW64\kbdhu.dll
    2011-07-16 01:58:52 ----A---- C:\WINDOWS\SysWOW64\kbdest.dll
    2011-07-16 01:58:52 ----A---- C:\WINDOWS\SysWOW64\kbdcz2.dll
    2011-07-16 01:58:52 ----A---- C:\WINDOWS\SysWOW64\kbdcz1.dll
    2011-07-16 01:58:52 ----A---- C:\WINDOWS\SysWOW64\kbdcz.dll
    2011-07-16 01:58:52 ----A---- C:\WINDOWS\SysWOW64\kbdcr.dll
    2011-07-16 01:58:52 ----A---- C:\WINDOWS\SysWOW64\KBDAL.DLL
    2011-07-16 01:58:42 ----A---- C:\WINDOWS\SysWOW64\CONFIG.TMP
    2011-07-16 01:58:42 ----A---- C:\WINDOWS\SysWOW64\AUTOEXEC.TMP
    2011-07-16 01:58:42 ----A---- C:\WINDOWS\NOTEPAD.EXE
    2011-07-16 01:58:41 ----A---- C:\WINDOWS\system.ini
    2011-07-16 01:58:34 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
    2011-07-16 01:58:31 ----RA---- C:\WINDOWS\SET5.tmp
    2011-07-16 01:58:30 ----RA---- C:\WINDOWS\SET3.tmp
    2011-07-16 01:58:18 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2011-07-16 01:58:12 ----A---- C:\WINDOWS\setuplog.txt
    2011-07-16 01:58:10 ----SHD---- C:\System Volume Information
    2011-07-16 01:58:10 ----D---- C:\Documents and Settings
    2011-07-16 01:56:52 ----RSH---- C:\boot.ini
    2011-07-16 01:54:22 ----D---- C:\WINDOWS\SysWOW64\SoftwareDistribution
    2011-07-16 01:51:18 ----D---- C:\Program Files (x86)\Marvell
    2011-07-16 01:50:52 ----RSD---- C:\WINDOWS\Fonts
    2011-07-16 01:50:52 ----RD---- C:\WINDOWS\Web
    2011-07-16 01:50:52 ----HD---- C:\WINDOWS\inf
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\WinSxS
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\twain_32
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\Temp
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\SysWOW64\wbem
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\SysWOW64\usmt
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\SysWOW64\mui
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\SysWOW64\InstallShield
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\SysWOW64\ias
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\SysWOW64\export
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\SysWOW64\Drivers
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\SysWOW64\3076
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\SysWOW64\2052
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\SysWOW64\1054
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\SysWOW64\1042
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\SysWOW64\1041
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\SysWOW64\1037
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\SysWOW64\1033
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\SysWOW64\1031
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\SysWOW64\1028
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\SysWOW64\1025
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\SysWOW64
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\system32
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\system
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\srchasst
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\security
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\Resources
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\repair
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\Provisioning
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\mui
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\msapps
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\msagent64
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\msagent
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\Media
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\ime (x86)
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\ime
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\Help
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\Driver Cache
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\Debug
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\Cursors
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\Connection Wizard
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\Config
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\AppPatch
    2011-07-16 01:50:52 ----D---- C:\WINDOWS\addins
    2011-07-16 01:50:52 ----D---- C:\WINDOWS
    2011-07-16 01:50:51 ----ASH---- C:\pagefile.sys
    2011-07-16 01:33:12 ----N---- C:\WINDOWS\SysWOW64\wdmioctl.dll
    2011-07-16 01:33:12 ----N---- C:\WINDOWS\SysWOW64\SMMedia.dll
    2011-07-16 01:33:11 ----N---- C:\WINDOWS\SysWOW64\DSndUp.exe
    2011-07-16 01:33:11 ----N---- C:\WINDOWS\SysWOW64\CleanUp.exe
    2011-07-16 01:33:11 ----D---- C:\Program Files (x86)\Analog Devices
    2011-07-16 01:32:51 ----D---- C:\Program Files (x86)\Common Files\InstallShield
    2011-07-16 01:30:28 ----HDC---- C:\WINDOWS\$NtUninstallKB901105$
    2011-07-16 01:26:35 ----D---- C:\WINDOWS\AsusInstAll
    2011-07-16 01:24:10 ----D---- C:\WINDOWS\NV30523056.TMP
    2011-07-16 01:22:25 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
    2011-07-16 01:22:25 ----D---- C:\Program Files (x86)\AMD
    2011-07-16 01:22:21 ----D---- C:\Documents and Settings\Administrator\Application Data\InstallShield
    2011-07-16 01:22:00 ----A---- C:\WINDOWS\Ascd_log.ini
    2011-07-16 01:21:08 ----A---- C:\WINDOWS\Language_trs.ini
    2011-07-16 01:21:03 ----A---- C:\WINDOWS\SysWOW64\drivers\ASUSHWIO.SYS
    2011-07-16 01:21:03 ----A---- C:\WINDOWS\Ascd_tmp.ini
    2011-07-16 01:18:06 ----D---- C:\Documents and Settings\Administrator\Application Data\Identities
    2011-07-16 01:17:59 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
    2011-07-16 01:17:59 ----ASH---- C:\Documents and Settings\Administrator\Application Data\desktop.ini
    2011-07-16 01:17:55 ----D---- C:\WINDOWS\SoftwareDistribution
    2011-07-16 01:17:53 ----D---- C:\WINDOWS\Prefetch
    2011-07-16 01:16:30 ----AS---- C:\WINDOWS\bootstat.dat
    2011-07-16 01:13:45 ----D---- C:\WINDOWS\SysWOW64\inetsrv
    2011-07-16 01:13:45 ----D---- C:\WINDOWS\SysWOW64\ime
    2011-07-16 01:13:45 ----D---- C:\Program Files (x86)\system
    2011-07-16 01:13:45 ----D---- C:\Program Files (x86)\speechengines
    2011-07-16 01:13:45 ----D---- C:\Program Files (x86)\microsoft shared
    2011-07-16 01:13:28 ----RASH---- C:\MSDOS.SYS
    2011-07-16 01:13:28 ----RASH---- C:\IO.SYS
    2011-07-16 01:13:28 ----A---- C:\WINDOWS\control.ini
    2011-07-16 01:13:28 ----A---- C:\CONFIG.SYS
    2011-07-16 01:13:28 ----A---- C:\AUTOEXEC.BAT
    2011-07-16 01:13:18 ----A---- C:\WINDOWS\SysWOW64\mapi32.dll
    2011-07-16 01:13:12 ----A---- C:\WINDOWS\OEWABLog.txt
    2011-07-16 01:12:38 ----HD---- C:\Program Files (x86)\Uninstall Information
    2011-07-16 01:12:28 ----RAH---- C:\WINDOWS\SysWOW64\drivers\hfile.txt
    2011-07-16 01:11:53 ----A---- C:\WINDOWS\SysWOW64\nmevtmsg.dll
    2011-07-16 01:11:53 ----A---- C:\WINDOWS\SysWOW64\isrdbg32.dll
    2011-07-16 01:11:53 ----A---- C:\WINDOWS\SysWOW64\ils.dll
    2011-07-16 01:11:52 ----A---- C:\WINDOWS\SysWOW64\nmmkcert.dll
    2011-07-16 01:11:52 ----A---- C:\WINDOWS\SysWOW64\msconf.dll
    2011-07-16 01:11:52 ----A---- C:\WINDOWS\SysWOW64\mnmsrvc.exe
    2011-07-16 01:11:52 ----A---- C:\WINDOWS\SysWOW64\mnmdd.dll
    2011-07-16 01:11:49 ----D---- C:\Program Files (x86)\NetMeeting
    2011-07-16 01:11:46 ----SD---- C:\WINDOWS\Downloaded Program Files
    2011-07-16 01:11:46 ----RD---- C:\WINDOWS\Offline Web Pages
    2011-07-16 01:11:41 ----A---- C:\WINDOWS\SysWOW64\eula.txt
    2011-07-16 01:11:30 ----A---- C:\WINDOWS\win.ini
    2011-07-16 01:11:21 ----D---- C:\WINDOWS\SysWOW64\Macromed
    2011-07-16 01:11:19 ----A---- C:\WINDOWS\SysWOW64\wuweb.dll
    2011-07-16 01:11:19 ----A---- C:\WINDOWS\SysWOW64\wups2.dll
    2011-07-16 01:11:19 ----A---- C:\WINDOWS\SysWOW64\wuaueng.dll
    2011-07-16 01:11:18 ----A---- C:\WINDOWS\SysWOW64\qmgrprxy.dll
    2011-07-16 01:11:18 ----A---- C:\WINDOWS\SysWOW64\bitsprx3.dll
    2011-07-16 01:11:18 ----A---- C:\WINDOWS\SysWOW64\bitsprx2.dll
    2011-07-16 01:11:15 ----D---- C:\Program Files (x86)\Movie Maker
    2011-07-16 01:11:08 ----SH---- C:\Program Files (x86)\desktop.ini
    2011-07-16 01:11:08 ----A---- C:\WINDOWS\desktop.ini
    2011-07-16 01:11:03 ----A---- C:\WINDOWS\SysWOW64\srclient.dll
    2011-07-16 01:11:02 ----D---- C:\WINDOWS\PCHEALTH
    2011-07-16 01:11:02 ----A---- C:\WINDOWS\SysWOW64\msoert2.dll
    2011-07-16 01:11:02 ----A---- C:\WINDOWS\SysWOW64\acctres.dll
    2011-07-16 01:11:01 ----D---- C:\Program Files (x86)\Common Files\Services
    2011-07-16 01:11:01 ----A---- C:\WINDOWS\SysWOW64\msoeacct.dll
    2011-07-16 01:10:59 ----A---- C:\WINDOWS\SysWOW64\inetres.dll
    2011-07-16 01:10:59 ----A---- C:\WINDOWS\SysWOW64\inetcomm.dll
    2011-07-16 01:10:57 ----D---- C:\Program Files (x86)\Outlook Express
    2011-07-16 01:10:54 ----A---- C:\WINDOWS\SysWOW64\schedsvc.dll
    2011-07-16 01:10:54 ----A---- C:\WINDOWS\SysWOW64\mstinit.exe
    2011-07-16 01:10:54 ----A---- C:\WINDOWS\SysWOW64\mstask.dll
    2011-07-16 01:10:53 ----SD---- C:\WINDOWS\Tasks
    2011-07-16 01:10:53 ----A---- C:\WINDOWS\SysWOW64\isign32.dll
    2011-07-16 01:10:53 ----A---- C:\WINDOWS\SysWOW64\inetcfg.dll
    2011-07-16 01:10:53 ----A---- C:\WINDOWS\SysWOW64\icwphbk.dll
    2011-07-16 01:10:53 ----A---- C:\WINDOWS\SysWOW64\icwdial.dll
    2011-07-16 01:10:53 ----A---- C:\WINDOWS\SysWOW64\icfgnt5.dll
    2011-07-16 01:10:47 ----D---- C:\Program Files (x86)\Common Files\System
    2011-07-16 01:10:43 ----D---- C:\Program Files (x86)\Internet Explorer
    2011-07-16 01:10:13 ----A---- C:\WINDOWS\vbaddin.ini
    2011-07-16 01:10:13 ----A---- C:\WINDOWS\vb.ini
    2011-07-16 01:10:11 ----D---- C:\WINDOWS\Registration
    2011-07-16 01:09:52 ----D---- C:\Program Files (x86)\Windows Media Player
    2011-07-16 01:09:45 ----D---- C:\Program Files (x86)\MSN Gaming Zone
    2011-07-16 01:09:45 ----A---- C:\WINDOWS\SysWOW64\write.exe
    2011-07-16 01:09:43 ----D---- C:\Program Files (x86)\Windows NT
    2011-07-16 01:09:41 ----A---- C:\WINDOWS\SysWOW64\accwiz.exe
    2011-07-16 01:09:37 ----A---- C:\WINDOWS\SysWOW64\winchat.exe
    2011-07-16 01:09:35 ----A---- C:\WINDOWS\SysWOW64\mspaint.exe
    2011-07-16 01:09:29 ----A---- C:\WINDOWS\SysWOW64\clipbrd.exe
    2011-07-16 01:09:28 ----A---- C:\WINDOWS\SysWOW64\getuname.dll
    2011-07-16 01:09:28 ----A---- C:\WINDOWS\SysWOW64\charmap.exe
    2011-07-16 01:09:27 ----A---- C:\WINDOWS\SysWOW64\calc.exe
    2011-07-16 01:09:26 ----A---- C:\WINDOWS\SysWOW64\winmine.exe
    2011-07-16 01:09:26 ----A---- C:\WINDOWS\SysWOW64\spider.exe
    2011-07-16 01:09:26 ----A---- C:\WINDOWS\SysWOW64\sol.exe
    2011-07-16 01:09:25 ----A---- C:\WINDOWS\SysWOW64\mshearts.exe
    2011-07-16 01:09:25 ----A---- C:\WINDOWS\SysWOW64\freecell.exe
    2011-07-16 01:09:20 ----D---- C:\Program Files (x86)\MSN
    2011-07-16 01:09:18 ----A---- C:\WINDOWS\SysWOW64\qwinsta.exe
    2011-07-16 01:09:18 ----A---- C:\WINDOWS\SysWOW64\qprocess.exe
    2011-07-16 01:09:18 ----A---- C:\WINDOWS\SysWOW64\qappsrv.exe
    2011-07-16 01:09:18 ----A---- C:\WINDOWS\SysWOW64\mstscax.dll
    2011-07-16 01:09:16 ----D---- C:\WINDOWS\SysWOW64\Com
    2011-07-16 01:09:16 ----A---- C:\WINDOWS\SysWOW64\mtxlegih.dll
    2011-07-16 01:09:16 ----A---- C:\WINDOWS\SysWOW64\mtxex.dll
    2011-07-16 01:09:16 ----A---- C:\WINDOWS\SysWOW64\mtxdm.dll
    2011-07-16 01:09:16 ----A---- C:\WINDOWS\SysWOW64\comuid.dll
    2011-07-16 01:09:16 ----A---- C:\WINDOWS\SysWOW64\comsnap.dll
    2011-07-16 01:09:16 ----A---- C:\WINDOWS\SysWOW64\comadmin.dll
    2011-07-16 01:09:15 ----A---- C:\WINDOWS\SysWOW64\stclient.dll
    2011-07-16 01:09:15 ----A---- C:\WINDOWS\SysWOW64\comsvcs.dll
    2011-07-16 01:09:15 ----A---- C:\WINDOWS\SysWOW64\comaddin.dll
    2011-07-16 01:09:15 ----A---- C:\WINDOWS\SysWOW64\colbact.dll
    2011-07-16 01:09:15 ----A---- C:\WINDOWS\SysWOW64\clbcatq.dll
    2011-07-16 01:09:15 ----A---- C:\WINDOWS\SysWOW64\clbcatex.dll
    2011-07-16 01:09:15 ----A---- C:\WINDOWS\SysWOW64\catsrvut.dll
    2011-07-16 01:09:15 ----A---- C:\WINDOWS\SysWOW64\catsrvps.dll
    2011-07-16 01:09:15 ----A---- C:\WINDOWS\SysWOW64\catsrv.dll
    2011-07-16 01:09:12 ----A---- C:\WINDOWS\SysWOW64\xolehlp.dll
    2011-07-16 01:09:12 ----A---- C:\WINDOWS\SysWOW64\mtxoci.dll
    2011-07-16 01:09:11 ----A---- C:\WINDOWS\SysWOW64\msdtcuiu.dll
    2011-07-16 01:09:11 ----A---- C:\WINDOWS\SysWOW64\msdtcprx.dll
    2011-07-16 01:09:09 ----A---- C:\WINDOWS\SysWOW64\servdeps.dll
    2011-07-16 01:09:08 ----A---- C:\WINDOWS\SysWOW64\mmfutil.dll
    Caben, Jul 28, 2011
    #12

  13. Caben Newcomer, in training

    ======List of files/folders modified in the last 1 month======

    2011-07-16 01:13:03 ----ASH---- C:\WINDOWS\fonts\desktop.ini

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R0 crcdisk;CRC Disk Filter Driver; C:\WINDOWS\system32\DRIVERS\crcdisk.sys []
    R0 ohci1394;VIA OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys []
    R1 AmdPPM64;AMD HwPState Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdPPM64.sys []
    R1 avgio;avgio; \??\C:\Program Files (x86)\Avira\AntiVir Desktop\avgio64.sys []
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys []
    R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys []
    R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS []
    R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS []
    R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys []
    R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys []
    R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys []
    R2 CdaC15BA;CdaC15BA; C:\WINDOWS\system32\DRIVERS\CdaC15BA.sys []
    R2 CdaD10BA;CdaD10BA; C:\WINDOWS\system32\DRIVERS\CdaD10BA.sys []
    R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys []
    R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys []
    R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys []
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys []
    R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys []
    R3 ksthunk;Kernel Streaming WOW64 Thunk Service; C:\WINDOWS\system32\drivers\ksthunk.sys []
    R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys []
    R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys []
    R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys []
    R3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys []
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys []
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64.sys []
    R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys []
    R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys []
    R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys []
    R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys []
    R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS []
    R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys []
    R3 yukonx64;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x64.sys []
    S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys []
    S3 vga;vga; C:\WINDOWS\system32\DRIVERS\vgapnp.sys []
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys []
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys []
    S4 adpu320;adpu320; C:\WINDOWS\SysWOW64\drivers\adpu320.sys []
    S4 AmdIde;AmdIde; C:\WINDOWS\SysWOW64\drivers\AmdIde.sys []
    S4 arc;arc; C:\WINDOWS\SysWOW64\drivers\arc.sys []
    S4 iirsp;iirsp; C:\WINDOWS\SysWOW64\drivers\iirsp.sys []
    S4 symmpi;symmpi; C:\WINDOWS\SysWOW64\drivers\symmpi.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-05-04 128384]
    R2 AeLookupSvc;Application Experience Lookup Service; C:\WINDOWS\system32\svchost.exe [2007-02-18 14848]
    R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-07-24 269480]
    R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2008-09-08 726016]
    R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2008-09-08 221696]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc64.exe []
    R2 yksvc;Marvell Yukon Service; ykx64mpcoinst,serviceStartProc []
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe [2008-07-25 46088]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 IASJet;IAS Jet Database Access; C:\WINDOWS\SysWOW64\svchost.exe [2007-02-18 14848]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 859648]
    S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 vds;Virtual Disk Service; C:\WINDOWS\System32\vds.exe []
    S3 WinHttpAutoProxySvc;WinHTTP Web Proxy Auto-Discovery Service; C:\WINDOWS\system32\svchost.exe [2007-02-18 14848]
    S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files (x86)\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2007-02-18 14848]
    S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S4 clr_optimization_v2.0.50727_64;.NET Runtime Optimization Service v2.0.50727_x64; C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-07-25 93184]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 119808]

    -----------------EOF-----------------
    Caben, Jul 28, 2011
    #13

  14. Caben Newcomer, in training

    Just as an update, my desktop was loading fine for about a day after installing the anit-spyware. It is now back to stalling while loading up, so it didn’t get rid of it.
    Caben, Jul 28, 2011
    #14