Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

critical error message

Started by islandcat , Nov 27 2007 02:05 PM

  • Please log in to reply

#1
islandcat
Posted 27 November 2007 - 02:05 PM

islandcat

    Member

  • Member
  • PipPipPip
  • 239 posts
Now that I am an XP user here I am in this forum. Few kinks yet, but keep getting message that tells me critical error message, registry damaged and corrupted (the dreaded words) tells me to fix it to download www.registrycleanerxp.com and when I do that asks for money?? Do I really have a problem or is this a pop up? Can you recommend a good free program that will stop this?
  • 0

Advertisements

#2
Neil Jones
Posted 27 November 2007 - 05:23 PM

Neil Jones

    Member 5k

  • Member
  • PipPipPipPipPipPipPipPip
  • 8,476 posts
If your registry was corrupt or damaged your compute wouldn't even boot up.
These sound like web advertisements or more likely Malware infections.
  • 0

#3
islandcat
Posted 27 November 2007 - 05:55 PM

islandcat

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 239 posts
Yup think you are right, just ran avast and brought up 4 viruses. I think I should move into the virus forum with this. First time ever had a virus. Yuk
  • 0

#4
Reactor
Posted 27 November 2007 - 07:32 PM

Reactor

    Member

  • Banned
  • PipPipPip
  • 110 posts
Download some anti-spyware softwares as well. Spybot Search & Destroy and Ad-Aware 2007 are freely downloadable, and they will not screw up your hard drive.
  • 0

#5
123Runner
Posted 27 November 2007 - 07:40 PM

123Runner

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,527 posts
And please head to our malware/virus forum to get a clean bill of health. Please be patient because they a quite busy. After getting clean, they will suggest ways to stay that way. Good luck.
  • 0

#6
Reactor
Posted 27 November 2007 - 07:42 PM

Reactor

    Member

  • Banned
  • PipPipPip
  • 110 posts
If everything else fails, try to a Windows repair. I assume y'still have the Windows CD.
Setting back to the last known good configurations will also help. Save your necessary files though.
  • 0

#7
islandcat
Posted 27 November 2007 - 09:17 PM

islandcat

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 239 posts
Yes I posted in virus forum , did the hyjack thing, just havent heard back yet. This is a new program just put programs on the desk top today so nervous about reloading the disc so soon. Also put virus protection, clean up, ad aware etc on.
  • 0

#8
Reactor
Posted 28 November 2007 - 09:33 AM

Reactor

    Member

  • Banned
  • PipPipPip
  • 110 posts
It's okay island kitty, don't be so hard on yourself.

I STRONGLY recommend you to obtain "File monitor" from Internet. By operatin' it, y'can view what files are doin' what, and what causes the error. If y'can't find File monitor in the internet, report back to me, I shall send it to ya.
  • 0

#9
islandcat
Posted 28 November 2007 - 02:10 PM

islandcat

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 239 posts
I downloaded File Monitor but then it asks me what file do I want it to check so lost me there.
  • 0

#10
Reactor
Posted 28 November 2007 - 03:16 PM

Reactor

    Member

  • Banned
  • PipPipPip
  • 110 posts
Hm...that File Monitor seem to be malfunctioning. It should open a big window with all file activities listed.
No sweat, I upload mine.

Try this one. Simply run it, should work fine.

http://www.speedysha.../204970813.html
  • 0

#11
islandcat
Posted 28 November 2007 - 05:38 PM

islandcat

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 239 posts
And this now tells me what???

3:26:31 PM EXPLORER.EXE:1560 OPEN C:\Documents and Settings\Lynda\Local Settings\Temporary Internet Files\Content.IE5\0BBED3L3\Filemon[1].exe SUCCESS Options: Open Access: Read-Attributes
3:26:31 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\Documents and Settings\Lynda\Local Settings\Temporary Internet Files\Content.IE5\0BBED3L3\Filemon[1].exe SUCCESS Attributes: A
3:26:31 PM EXPLORER.EXE:1560 CLOSE C:\Documents and Settings\Lynda\Local Settings\Temporary Internet Files\Content.IE5\0BBED3L3\Filemon[1].exe SUCCESS
3:26:31 PM EXPLORER.EXE:1560 OPEN C:\Documents and Settings\Lynda\Local Settings\Temporary Internet Files\Content.IE5\0BBED3L3\Filemon[1].exe SUCCESS Options: Open Access: Read-Attributes
3:26:31 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\Documents and Settings\Lynda\Local Settings\Temporary Internet Files\Content.IE5\0BBED3L3\Filemon[1].exe SUCCESS Attributes: A
3:26:31 PM EXPLORER.EXE:1560 CLOSE C:\Documents and Settings\Lynda\Local Settings\Temporary Internet Files\Content.IE5\0BBED3L3\Filemon[1].exe SUCCESS
3:26:31 PM EXPLORER.EXE:1560 OPEN C:\Documents and Settings\Lynda\Local Settings\Temporary Internet Files\Content.IE5\0BBED3L3\Filemon[1].exe SUCCESS Options: Open Access: Read-Attributes
3:26:31 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\Documents and Settings\Lynda\Local Settings\Temporary Internet Files\Content.IE5\0BBED3L3\Filemon[1].exe SUCCESS Attributes: A
3:26:31 PM EXPLORER.EXE:1560 CLOSE C:\Documents and Settings\Lynda\Local Settings\Temporary Internet Files\Content.IE5\0BBED3L3\Filemon[1].exe SUCCESS
3:26:31 PM EXPLORER.EXE:1560 OPEN C:\Documents and Settings\Lynda\Local Settings\Temporary Internet Files\Content.IE5\0BBED3L3\Filemon[1].exe SUCCESS Options: Open Access: 00100020
3:26:31 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\Documents and Settings\Lynda\Local Settings\Temporary Internet Files\Content.IE5\0BBED3L3\Filemon[1].exe SUCCESS Length: 748344
3:26:31 PM EXPLORER.EXE:1560 CLOSE C:\Documents and Settings\Lynda\Local Settings\Temporary Internet Files\Content.IE5\0BBED3L3\Filemon[1].exe SUCCESS
3:26:31 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: Read-Attributes
3:26:31 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Attributes: A
3:26:31 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:31 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: 00100020
3:26:31 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Length: 180224
3:26:31 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:31 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: Read-Attributes
3:26:31 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Attributes: A
3:26:31 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:31 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: 00100020
3:26:31 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Length: 180224
3:26:31 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:31 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: Read-Attributes
3:26:31 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Attributes: A
3:26:31 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:31 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: 00100020
3:26:31 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Length: 180224
3:26:31 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:31 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: Read-Attributes
3:26:31 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Attributes: A
3:26:31 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:31 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: 00100020
3:26:31 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Length: 180224
3:26:31 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:31 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: Read-Attributes
3:26:31 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Attributes: A
3:26:31 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:31 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: 00100020
3:26:31 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Length: 180224
3:26:31 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_en-US_580a28ff\ NOT FOUND Options: Open Directory Access: 00100001
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\Assembly\GAC\Policy.6.0.Microsoft.Windows.Common-Controls\ NOT FOUND Options: Open Directory Access: 00100001
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\System32\en-US NOT FOUND Options: Open Access: Read-Attributes
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\System32\en NOT FOUND Options: Open Access: Read-Attributes
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\System32\ SUCCESS Options: Open Access: Read-Attributes
3:26:31 PM CSRSS.EXE:472 QUERY INFORMATION C:\WINDOWS\System32\ SUCCESS Attributes: D
3:26:31 PM CSRSS.EXE:472 CLOSE C:\WINDOWS\System32\ SUCCESS
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\System32\ SUCCESS Options: Open Access: Read-Attributes
3:26:31 PM CSRSS.EXE:472 QUERY INFORMATION C:\WINDOWS\System32\ SUCCESS Attributes: D
3:26:31 PM CSRSS.EXE:472 CLOSE C:\WINDOWS\System32\ SUCCESS
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_en-US_f6b1e800.Manifest NOT FOUND Options: Open Access: Read-Attributes
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\assembly\GAC\Microsoft.Windows.Common-Controls\6.0.0.0_en-US_6595b64144ccf1df\Microsoft.Windows.Common-Controls.DLL PATH NOT FOUND Options: Open Access: Read-Attributes
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_en_66c5eee6\ NOT FOUND Options: Open Directory Access: 00100001
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\Assembly\GAC\Policy.6.0.Microsoft.Windows.Common-Controls\ NOT FOUND Options: Open Directory Access: 00100001
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_en_5cce9bd9.Manifest NOT FOUND Options: Open Access: Read-Attributes
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\assembly\GAC\Microsoft.Windows.Common-Controls\6.0.0.0_en_6595b64144ccf1df\Microsoft.Windows.Common-Controls.DLL PATH NOT FOUND Options: Open Access: Read-Attributes
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\ SUCCESS Options: Open Directory Access: 00100001
3:26:31 PM CSRSS.EXE:472 DIRECTORY C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\ SUCCESS FileBothDirectoryInformation: *.policy
3:26:31 PM CSRSS.EXE:472 DIRECTORY C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\ NO MORE FILES FileBothDirectoryInformation
3:26:31 PM CSRSS.EXE:472 CLOSE C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\ SUCCESS
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.10.0.Policy SUCCESS Options: Open Sequential Access: Read
3:26:31 PM CSRSS.EXE:472 QUERY INFORMATION C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.10.0.Policy SUCCESS FileFsVolumeInformation
3:26:31 PM CSRSS.EXE:472 QUERY INFORMATION C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.10.0.Policy BUFFER OVERFLOW FileAllInformation
3:26:31 PM CSRSS.EXE:472 READ C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.10.0.Policy SUCCESS Offset: 0 Length: 4095
3:26:31 PM CSRSS.EXE:472 READ C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.10.0.Policy END OF FILE Offset: 606 Length: 8178
3:26:31 PM CSRSS.EXE:472 CLOSE C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.10.0.Policy SUCCESS
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\Assembly\GAC\Policy.6.0.Microsoft.Windows.Common-Controls\ NOT FOUND Options: Open Directory Access: 00100001
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805.Manifest SUCCESS Options: Open Access: Read-Attributes
3:26:31 PM CSRSS.EXE:472 QUERY INFORMATION C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805.Manifest SUCCESS Attributes:
3:26:31 PM CSRSS.EXE:472 CLOSE C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805.Manifest SUCCESS
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805.Manifest SUCCESS Options: Open Access: Read-Attributes
3:26:31 PM CSRSS.EXE:472 QUERY INFORMATION C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805.Manifest SUCCESS Attributes:
3:26:31 PM CSRSS.EXE:472 CLOSE C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805.Manifest SUCCESS
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls.mui_6595b64144ccf1df_en-US_186470ec\ NOT FOUND Options: Open Directory Access: 00100001
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\Assembly\GAC\Policy.6.0.Microsoft.Windows.Common-Controls.mui\ NOT FOUND Options: Open Directory Access: 00100001
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls.mui_6595b64144ccf1df_6.0.10.0_en-US_e0908a4e.Manifest NOT FOUND Options: Open Access: Read-Attributes
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\assembly\GAC\Microsoft.Windows.Common-Controls.mui\6.0.10.0_en-US_6595b64144ccf1df\Microsoft.Windows.Common-Controls.mui.DLL PATH NOT FOUND Options: Open Access: Read-Attributes
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls.mui_6595b64144ccf1df_en_272036d3\ NOT FOUND Options: Open Directory Access: 00100001
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\Assembly\GAC\Policy.6.0.Microsoft.Windows.Common-Controls.mui\ NOT FOUND Options: Open Directory Access: 00100001
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls.mui_6595b64144ccf1df_6.0.10.0_en_46ad3e27.Manifest NOT FOUND Options: Open Access: Read-Attributes
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\assembly\GAC\Microsoft.Windows.Common-Controls.mui\6.0.10.0_en_6595b64144ccf1df\Microsoft.Windows.Common-Controls.mui.DLL PATH NOT FOUND Options: Open Access: Read-Attributes
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805.Manifest SUCCESS Options: Open Sequential Access: Read
3:26:31 PM CSRSS.EXE:472 READ C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805.Manifest SUCCESS Offset: 0 Length: 2
3:26:31 PM CSRSS.EXE:472 CLOSE C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805.Manifest SUCCESS
3:26:31 PM CSRSS.EXE:472 OPEN C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805.Manifest SUCCESS Options: Open Sequential Access: Read
3:26:31 PM CSRSS.EXE:472 QUERY INFORMATION C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805.Manifest SUCCESS FileFsVolumeInformation
3:26:31 PM CSRSS.EXE:472 QUERY INFORMATION C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805.Manifest BUFFER OVERFLOW FileAllInformation
3:26:31 PM CSRSS.EXE:472 READ C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805.Manifest SUCCESS Offset: 0 Length: 4095
3:26:31 PM CSRSS.EXE:472 READ C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805.Manifest END OF FILE Offset: 1807 Length: 8178
3:26:31 PM CSRSS.EXE:472 CLOSE C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805.Manifest SUCCESS
3:26:31 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: Read-Attributes
3:26:31 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Attributes: A
3:26:31 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:31 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: 00100020
3:26:31 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Length: 180224
3:26:31 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:32 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: Read-Attributes
3:26:32 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Attributes: A
3:26:32 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:32 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: 00100020
3:26:32 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Length: 180224
3:26:32 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:32 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: Read-Attributes
3:26:32 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Attributes: A
3:26:32 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:32 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: 00100020
3:26:32 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Length: 180224
3:26:32 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:32 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: Read-Attributes
3:26:32 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Attributes: A
3:26:32 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:32 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: 00100020
3:26:32 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Length: 180224
3:26:32 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:32 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: Read-Attributes
3:26:32 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Attributes: A
3:26:32 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:32 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: 00100020
3:26:32 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Length: 180224
3:26:32 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:32 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: Read-Attributes
3:26:32 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Attributes: A
3:26:32 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:32 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: 00100020
3:26:32 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Length: 180224
3:26:32 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:32 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: Read-Attributes
3:26:32 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Attributes: A
3:26:32 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:32 PM EXPLORER.EXE:1560 OPEN C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Options: Open Access: 00100020
3:26:32 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS Length: 180224
3:26:32 PM EXPLORER.EXE:1560 CLOSE C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\Prefetch\FILEMON[1].EXE-172AE33E.pf NOT FOUND Options: Open Access: Read
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\FONTS\SYMBOLE.FON SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\FONTS\SYMBOLE.FON SUCCESS Attributes: H
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\FONTS\SYMBOLE.FON SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\FONTS\SYMBOLE.FON SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\FONTS\SYMBOLE.FON SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\FONTS\SYMBOLE.FON SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\FONTS\TAHOMABD.TTF SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\FONTS\TAHOMABD.TTF SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\FONTS\TAHOMABD.TTF SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\FONTS\TAHOMABD.TTF SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\FONTS\TAHOMABD.TTF SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\FONTS\TAHOMABD.TTF SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\ADVAPI32.DLL SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\ADVAPI32.DLL SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\ADVAPI32.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\ADVAPI32.DLL SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\ADVAPI32.DLL SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\ADVAPI32.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\COMDLG32.DLL SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\COMDLG32.DLL SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\COMDLG32.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\COMDLG32.DLL SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\COMDLG32.DLL SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\COMDLG32.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\CTYPE.NLS SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\CTYPE.NLS SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\CTYPE.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\CTYPE.NLS SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\CTYPE.NLS SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\CTYPE.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\C_1250.NLS SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\C_1250.NLS SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\C_1250.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\C_1250.NLS SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\C_1250.NLS SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\C_1250.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\C_1251.NLS SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\C_1251.NLS SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\C_1251.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\C_1251.NLS SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\C_1251.NLS SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\C_1251.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\C_1253.NLS SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\C_1253.NLS SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\C_1253.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\C_1253.NLS SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\C_1253.NLS SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\C_1253.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\C_1254.NLS SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\C_1254.NLS SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\C_1254.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\C_1254.NLS SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\C_1254.NLS SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\C_1254.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\C_1255.NLS SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\C_1255.NLS SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\C_1255.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\C_1255.NLS SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\C_1255.NLS SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\C_1255.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\C_1256.NLS SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\C_1256.NLS SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\C_1256.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\C_1256.NLS SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\C_1256.NLS SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\C_1256.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\C_1257.NLS SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\C_1257.NLS SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\C_1257.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\C_1257.NLS SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\C_1257.NLS SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\C_1257.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\C_1258.NLS SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\C_1258.NLS SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\C_1258.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\C_1258.NLS SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\C_1258.NLS SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\C_1258.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\C_874.NLS SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\C_874.NLS SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\C_874.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\C_874.NLS SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\C_874.NLS SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\C_874.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\C_932.NLS SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\C_932.NLS SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\C_932.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\C_932.NLS SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\C_932.NLS SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\C_932.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\GDI32.DLL SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\GDI32.DLL SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\GDI32.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\GDI32.DLL SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\GDI32.DLL SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\GDI32.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\KERNEL32.DLL SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\KERNEL32.DLL SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\KERNEL32.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\KERNEL32.DLL SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\KERNEL32.DLL SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\KERNEL32.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\LOCALE.NLS SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\LOCALE.NLS SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\LOCALE.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\LOCALE.NLS SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\LOCALE.NLS SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\LOCALE.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\MSLS31.DLL SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\MSLS31.DLL SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\MSLS31.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\MSLS31.DLL SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\MSLS31.DLL SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\MSLS31.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\MSVCRT.DLL SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\MSVCRT.DLL SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\MSVCRT.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\MSVCRT.DLL SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\MSVCRT.DLL SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\MSVCRT.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\NTDLL.DLL SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\NTDLL.DLL SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\NTDLL.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\NTDLL.DLL SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\NTDLL.DLL SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\NTDLL.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\RICHED20.DLL SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\RICHED20.DLL SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\RICHED20.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\RICHED20.DLL SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\RICHED20.DLL SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\RICHED20.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\RICHED32.DLL SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\RICHED32.DLL SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\RICHED32.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\RICHED32.DLL SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\RICHED32.DLL SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\RICHED32.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\RPCRT4.DLL SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\RPCRT4.DLL SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\RPCRT4.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\RPCRT4.DLL SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\RPCRT4.DLL SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\RPCRT4.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\SHELL32.DLL SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\SHELL32.DLL SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\SHELL32.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\SHELL32.DLL SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\SHELL32.DLL SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\SHELL32.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\SHLWAPI.DLL SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\SHLWAPI.DLL SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\SHLWAPI.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\SHLWAPI.DLL SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\SHLWAPI.DLL SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\SHLWAPI.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\SORTKEY.NLS SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\SORTKEY.NLS SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\SORTKEY.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\SORTKEY.NLS SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\SORTKEY.NLS SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\SORTKEY.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\SORTTBLS.NLS SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\SORTTBLS.NLS SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\SORTTBLS.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\SORTTBLS.NLS SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\SORTTBLS.NLS SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\SORTTBLS.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\UNICODE.NLS SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\UNICODE.NLS SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\UNICODE.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\UNICODE.NLS SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\UNICODE.NLS SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\UNICODE.NLS SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\USER32.DLL SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\USER32.DLL SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\USER32.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\USER32.DLL SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\USER32.DLL SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\USER32.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\USP10.DLL SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\USP10.DLL SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\USP10.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\USP10.DLL SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\USP10.DLL SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\USP10.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\UXTHEME.DLL SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\UXTHEME.DLL SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\UXTHEME.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\UXTHEME.DLL SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\UXTHEME.DLL SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\UXTHEME.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\VERSION.DLL SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\VERSION.DLL SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\VERSION.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\VERSION.DLL SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\VERSION.DLL SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\VERSION.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\WIN.INI SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\WIN.INI SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\WIN.INI SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\WIN.INI SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\WIN.INI SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\WIN.INI SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\WINDOWSSHELL.MANIFEST SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\WINDOWSSHELL.MANIFEST SUCCESS Attributes: RHA
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\WINDOWSSHELL.MANIFEST SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\WINDOWSSHELL.MANIFEST SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\WINDOWSSHELL.MANIFEST SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\WINDOWSSHELL.MANIFEST SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.10.0_X-WW_F7FB5805\COMCTL32.DLL SUCCESS Options: Open Access: Read-Attributes
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.10.0_X-WW_F7FB5805\COMCTL32.DLL SUCCESS Attributes: A
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.10.0_X-WW_F7FB5805\COMCTL32.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.10.0_X-WW_F7FB5805\COMCTL32.DLL SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.10.0_X-WW_F7FB5805\COMCTL32.DLL SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.10.0_X-WW_F7FB5805\COMCTL32.DLL SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\ SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\ SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\ SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\ SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\ SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\ SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\FONTS\ SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\FONTS\ SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\FONTS\ SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\SYSTEM32\ SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\SYSTEM32\ SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\SYSTEM32\ SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\WINSXS\ SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\WINSXS\ SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\WINSXS\ SUCCESS
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.10.0_X-WW_F7FB5805\ SUCCESS Options: Open Access: 00020088
3:26:36 PM SVCHOST.EXE:776 QUERY INFORMATION C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.10.0_X-WW_F7FB5805\ SUCCESS FileInternalInformation
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.10.0_X-WW_F7FB5805\ SUCCESS
3:26:36 PM SVCHOST.EXE:776 CREATE C:\WINDOWS\Prefetch\FILEMON[1].EXE-172AE33E.pf SUCCESS Options: OverwriteIf Access: 0012019F
3:26:36 PM SVCHOST.EXE:776 OPEN C:\WINDOWS\Prefetch\ SUCCESS Options: Open Access: 00100000
3:26:36 PM SVCHOST.EXE:776 WRITE C:\WINDOWS\Prefetch\FILEMON[1].EXE-172AE33E.pf SUCCESS Offset: 0 Length: 12844
3:26:36 PM SVCHOST.EXE:776 CLOSE C:\WINDOWS\Prefetch\FILEMON[1].EXE-172AE33E.pf SUCCESS
3:27:08 PM ASHDISP.EXE:1904 OPEN C:\Program Files\Alwil Software\Avast4\DATA\Avast4.ini SUCCESS Options: Open Access: Read
3:27:08 PM ASHDISP.EXE:1904 LOCK C:\Program Files\Alwil Software\Avast4\DATA\Avast4.ini SUCCESS Excl: No Offset: 0 Length: -1
3:27:08 PM ASHDISP.EXE:1904 QUERY INFORMATION C:\Program Files\Alwil Software\Avast4\DATA\Avast4.ini SUCCESS Length: 9994
3:27:08 PM ASHDISP.EXE:1904 READ C:\Program Files\Alwil Software\Avast4\DATA\Avast4.ini SUCCESS Offset: 0 Length: 9994
3:27:08 PM ASHDISP.EXE:1904 UNLOCK C:\Program Files\Alwil Software\Avast4\DATA\Avast4.ini RANGE NOT LOCKED Offset: 0 Length: -1
3:27:08 PM ASHDISP.EXE:1904 CLOSE C:\Program Files\Alwil Software\Avast4\DATA\Avast4.ini SUCCESS
3:27:18 PM EXPLORER.EXE:1560 OPEN C:\ SUCCESS Options: Open Directory Access: 00100001
3:27:18 PM EXPLORER.EXE:1560 QUERY INFORMATION C:\ SUCCESS FileFsFullSizeInformation
3:27:18 PM EXPLORER.EXE:1560 CLOSE C:\ SUCCESS
3:27:48 PM ASHWEBSV.EXE:396 OPEN C:\ SUCCESS Options: Open Directory Access: 00100001
3:27:48 PM ASHWEBSV.EXE:396 QUERY INFORMATION C:\ SUCCESS FileNameInformation
3:27:48 PM ASHWEBSV.EXE:396 QUERY INFORMATION C:\ SUCCESS FileFsVolumeInformation
3:27:48 PM ASHWEBSV.EXE:396 QUERY INFORMATION C:\ SUCCESS FileFsAttributeInformation
3:27:48 PM ASHWEBSV.EXE:396 CLOSE C:\ SUCCESS
3:27:48 PM ASHWEBSV.EXE:396 OPEN C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Options: Open Access: Read
3:27:48 PM ASHWEBSV.EXE:396 LOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Excl: No Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 QUERY INFORMATION C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 READ C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Offset: 0 Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 UNLOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini RANGE NOT LOCKED Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 CLOSE C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS
3:27:48 PM ASHWEBSV.EXE:396 OPEN C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Options: Open Access: Read
3:27:48 PM ASHWEBSV.EXE:396 LOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Excl: No Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 QUERY INFORMATION C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 READ C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Offset: 0 Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 UNLOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini RANGE NOT LOCKED Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 CLOSE C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS
3:27:48 PM ASHWEBSV.EXE:396 OPEN C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Options: Open Access: Read
3:27:48 PM ASHWEBSV.EXE:396 LOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Excl: No Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 QUERY INFORMATION C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 READ C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Offset: 0 Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 UNLOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini RANGE NOT LOCKED Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 CLOSE C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS
3:27:48 PM ASHWEBSV.EXE:396 OPEN C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Options: Open Access: Read
3:27:48 PM ASHWEBSV.EXE:396 LOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Excl: No Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 QUERY INFORMATION C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 READ C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Offset: 0 Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 UNLOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini RANGE NOT LOCKED Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 CLOSE C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS
3:27:48 PM ASHWEBSV.EXE:396 OPEN C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Options: Open Access: Read
3:27:48 PM ASHWEBSV.EXE:396 LOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Excl: No Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 QUERY INFORMATION C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 READ C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Offset: 0 Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 UNLOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini RANGE NOT LOCKED Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 CLOSE C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS
3:27:48 PM ASHWEBSV.EXE:396 OPEN C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Options: Open Access: Read
3:27:48 PM ASHWEBSV.EXE:396 LOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Excl: No Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 QUERY INFORMATION C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 READ C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Offset: 0 Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 UNLOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini RANGE NOT LOCKED Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 CLOSE C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS
3:27:48 PM ASHWEBSV.EXE:396 OPEN C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Options: Open Access: Read
3:27:48 PM ASHWEBSV.EXE:396 LOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Excl: No Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 QUERY INFORMATION C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 READ C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Offset: 0 Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 UNLOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini RANGE NOT LOCKED Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 CLOSE C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS
3:27:48 PM ASHWEBSV.EXE:396 OPEN C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Options: Open Access: Read
3:27:48 PM ASHWEBSV.EXE:396 LOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Excl: No Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 QUERY INFORMATION C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 READ C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Offset: 0 Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 UNLOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini RANGE NOT LOCKED Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 CLOSE C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS
3:27:48 PM ASHWEBSV.EXE:396 OPEN C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Options: Open Access: Read
3:27:48 PM ASHWEBSV.EXE:396 LOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Excl: No Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 QUERY INFORMATION C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 READ C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Offset: 0 Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 UNLOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini RANGE NOT LOCKED Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 CLOSE C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS
3:27:48 PM ASHWEBSV.EXE:396 OPEN C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Options: Open Access: Read
3:27:48 PM ASHWEBSV.EXE:396 LOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Excl: No Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 QUERY INFORMATION C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 READ C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Offset: 0 Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 UNLOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini RANGE NOT LOCKED Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 CLOSE C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS
3:27:48 PM ASHWEBSV.EXE:396 OPEN C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Options: Open Access: Read
3:27:48 PM ASHWEBSV.EXE:396 LOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Excl: No Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 QUERY INFORMATION C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 READ C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Offset: 0 Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 UNLOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini RANGE NOT LOCKED Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 CLOSE C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS
3:27:48 PM ASHWEBSV.EXE:396 OPEN C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Options: Open Access: Read
3:27:48 PM ASHWEBSV.EXE:396 LOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Excl: No Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 QUERY INFORMATION C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 READ C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Offset: 0 Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 UNLOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini RANGE NOT LOCKED Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 CLOSE C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS
3:27:48 PM ASHWEBSV.EXE:396 OPEN C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Options: Open Access: Read
3:27:48 PM ASHWEBSV.EXE:396 LOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Excl: No Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 QUERY INFORMATION C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 READ C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Offset: 0 Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 UNLOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini RANGE NOT LOCKED Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 CLOSE C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS
3:27:48 PM ASHWEBSV.EXE:396 OPEN C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Options: Open Access: Read
3:27:48 PM ASHWEBSV.EXE:396 LOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Excl: No Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 QUERY INFORMATION C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 READ C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Offset: 0 Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 UNLOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini RANGE NOT LOCKED Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 CLOSE C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS
3:27:48 PM ASHWEBSV.EXE:396 OPEN C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Options: Open Access: Read
3:27:48 PM ASHWEBSV.EXE:396 LOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Excl: No Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 QUERY INFORMATION C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 READ C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Offset: 0 Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 UNLOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini RANGE NOT LOCKED Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 CLOSE C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS
3:27:48 PM ASHWEBSV.EXE:396 OPEN C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Options: Open Access: Read
3:27:48 PM ASHWEBSV.EXE:396 LOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Excl: No Offset: 0 Length: -1
3:27:48 PM ASHWEBSV.EXE:396 QUERY INFORMATION C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 READ C:\Program Files\Alwil Software\Avast4\setup\setup.ini SUCCESS Offset: 0 Length: 1339
3:27:48 PM ASHWEBSV.EXE:396 UNLOCK C:\Program Files\Alwil Software\Avast4\setup\setup.ini RANGE NOT LOCKED Offset: 0 Length: -1
3:27:48 P
  • 0

#12
Reactor
Posted 29 November 2007 - 07:41 AM

Reactor

    Member

  • Banned
  • PipPipPip
  • 110 posts
Great! I see mah version of File monitor works perfectly.

Now island kitty, pay attention. Here'z what y'need to do:

1: Run File monitor right after startup. It'll run in the background, do NOT close it under no circumstances.

2: It appears to be an extremely wise thing to try out that magnifying-glass button on the toolbar of File monitor. It shall stop the rolling of the files, if y'press it. Also note that the side scrolling on the File monitor window it's on the bottom, it means, the higher you scroll the File monitor window, the earlier processes you shall see. Keep this in mind.

3: Continue your work on your computer without fear. Let the File monitor run.

4: When the error message pops up again, IMMEDIATELY switch to File monitor, and press the magnifying glass. File monitor will stop.

5: Take a look at the files which were run at the most likely time of the error. I think it should not be too hard. Pay extremely high attention on the file names!

6: Write all file names here which are suspected to cause the malfunction.

7: Wait for me, I shall come and check your report as soon as I finish mah work here.


Just follow these seven steps, and everythin' will be fine. Do not worry, island kitty, I'll help you if I can :)
  • 0

#13
anzenketh
Posted 29 November 2007 - 07:54 AM

anzenketh

    BSOD Warrior/Computer Surgeon

  • Technician
  • 2,854 posts
Hello islandcat,

The only people authorized to work on the removal or give advice on malware is Geekstogo staff and GeekU senior under the supervision of Geekstogo staff.

If you would like to join us in the fight on malware you can apply to join GeekU. More information can be found about applying for geekU Here
  • 0
Back to Windows XP, 2000, 2003, NT · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Retired Forums
  3. Windows XP, 2000, 2003, NT

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP