# PC infected, using over 270gb/mo bandwidth



## destin (Jan 8, 2012)

Hi,
Sorry for the long post.
Please let me know the next step, 
I am looking forward to your response,
Thank you very much for your help.*
*

*My system info:*
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: AMD Phenom(tm) II X4 810 Processor, AMD64 Family 16 Model 4 Stepping 2
Processor Count: 4
RAM: 7927 Mb
Graphics Card: ATI Radeon HD 4200, 256 Mb
Hard Drives: C: Total - 702672 MB, Free - 458763 MB; D: Total - 12628 MB, Free - 2284 MB;
Motherboard: FOXCONN, ALOE
Antivirus: Kaspersky PURE, Updated and Enabled

*The problem:*
I have been exceeding bandwidth on my internet plan(data usage allowance as the cox.net calls it)
About 3 months ago my internet was cutoff due to the above and that is when I found out my 200gb/mo allowance was being overused. I was shocked but upgraded to the higher plan with 250gb/mo allowance.
That did not help much, the following month same thing happen, I was exceeding new threshold..

When I looked at the stats (provided by cox) I noticed sudden jump, from about going steady at max.50gb/mo for most of the year and only 15gb in July to 300gb/mo in August 2011. 
Then after that it I am going steady at around 260-270gb/mo every month which is 5X more than my highest usage from before the infection.










My internet connection does not seem to be slow or anything, running 2 laptops and 1 pc on my 18Mbps plan did not feel slow at all, the only problem is the bandwidth usage. I dont play online games, watch few streaming movies per week, that's all.
I have ruled out the router being compromised , is set to WPA2 and on top of that, I have limited access by MAC number to it, allowing only machines I know including printer and magic-jack phone line( already checked with ISP, magicjack does not take lot of bandwidth).

*So, I have pretty much narrowed it down to my desktop PC being infected.*
The reason being that, whenever my PC is shut down and all other machines are up, my usage is low ( at 1-3 gb/day) when I turn my PC back up, statistics show the usage shoot up to 10-17gb/day. Tested it over course of few days each time.
*So it got to be the PC *
On that infected PC I have malwarebytes and Kaspersky Pure running. I even tried scanning in safe mode. Nothing comes up in the scans.

*Here is the hijackthis.log content:*
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:27:02 PM, on 1/8/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Windows\System32\PrintDisp.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Freecorder\FLVSrvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Owner\Downloads\SysInfo.exe
C:\Windows\syswow64\MsiExec.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Users\Owner\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://67.192.11.163:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: VIO1 Toolbar - {01188d35-daf3-4a43-90aa-f1bf150207e6} - C:\Program Files (x86)\VIO1\tbVIO1.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: VIO1 Toolbar - {01188d35-daf3-4a43-90aa-f1bf150207e6} - C:\Program Files (x86)\VIO1\tbVIO1.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll
O2 - BHO: Freecorder Toolbar - {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files (x86)\freecordertoolbar\vmntemplateX.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: HelloWorldBHO - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Owner\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
O3 - Toolbar: FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.80.dll (file missing)
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: VIO1 Toolbar - {01188d35-daf3-4a43-90aa-f1bf150207e6} - C:\Program Files (x86)\VIO1\tbVIO1.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)
O3 - Toolbar: Freecorder Toolbar - {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files (x86)\freecordertoolbar\vmntemplateX.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Run: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Download All By FlashGet3 - C:\Users\Owner\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download By FlashGet3 - C:\Users\Owner\AppData\Roaming\FlashGetBHO\GetUrl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: iOpus iMacros - {0483894E-2422-45E0-8384-021AFF1AF3CD} - C:\Program Files (x86)\iMacros\imacros.dll
O9 - Extra 'Tools' menuitem: iMacros Web Automation - {0483894E-2422-45E0-8384-021AFF1AF3CD} - C:\Program Files (x86)\iMacros\imacros.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll, C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
O23 - Service: Acunetix WVS Scheduler v6 (AcuWVSSchedulerv6) - Acunetix Ltd. - C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 6\WVSScheduler.exe
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD RAIDXpert (AMD_RAIDXpert) - AMD - C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
O23 - Service: Kaspersky PURE (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe
O23 - Service: Printer Control - Unknown owner - C:\Windows\system32\PrintCtrl.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WinAutomation Service - Softomotive - C:\Program Files\WinAutomation\WinAutomation.ServiceAgent.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 18234 bytes

*Here it is the contents of the DDS.txt file:*

.
DDS (Ver_2011-08-26.01) - NTFSAMD64 
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_29
Run by Owner at 13:28:38 on 2012-01-08
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7928.5468 [GMT -6:00]
.
AV: Kaspersky PURE *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky PURE *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
FW: Kaspersky PURE *Enabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 6\WVSScheduler.exe
C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files\WinAutomation\WinAutomation.ServiceAgent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Windows\System32\PrintDisp.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Freecorder\FLVSrvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\SysWOW64\WinMsgBalloonServer.exe
C:\Windows\SysWOW64\WinMsgBalloonClient.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\explorer.exe
C:\Users\Owner\Downloads\SysInfo.exe
C:\Windows\explorer.exe
C:\Windows\System32\msiexec.exe
C:\Windows\system32\msiexec.exe
C:\Windows\syswow64\MsiExec.exe
C:\Windows\explorer.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com
uSearch Bar = Preserve
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
uInternet Settings,ProxyOverride = local
uInternet Settings,ProxyServer = hxxp://67.192.11.163:80
uURLSearchHooks: VIO1 Toolbar: {01188d35-daf3-4a43-90aa-f1bf150207e6} - C:\Program Files (x86)\VIO1\tbVIO1.dll
mURLSearchHooks: VIO1 Toolbar: {01188d35-daf3-4a43-90aa-f1bf150207e6} - C:\Program Files (x86)\VIO1\tbVIO1.dll
mWinlogon: Userinit=userinit.exe,
BHO: VIO1 Toolbar: {01188d35-daf3-4a43-90aa-f1bf150207e6} - C:\Program Files (x86)\VIO1\tbVIO1.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll
BHO: Freecorder Toolbar: {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files (x86)\freecordertoolbar\vmntemplateX.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: hpBHO Class: {abd3b5e1-b268-407b-a150-2641dab8d898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Owner\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
TB: FireShot: {6e6e744e-4d20-4ce3-9a7a-26dfffe22f68} - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.80.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: VIO1 Toolbar: {01188d35-daf3-4a43-90aa-f1bf150207e6} - C:\Program Files (x86)\VIO1\tbVIO1.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Freecorder Toolbar: {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files (x86)\freecordertoolbar\vmntemplateX.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
EB: iOpus iMacros: {0483894e-2422-45e0-8384-021aff1af3cd} - C:\Program Files (x86)\iMacros\imacros.dll
EB: {A310506F-6BA4-48C4-8887-1F462277AA12} - No File
uRun: [IBP] 
uRun: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>] 
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe"
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm
IE: Append to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download All By FlashGet3 - C:\Users\Owner\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download By FlashGet3 - C:\Users\Owner\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {0483894E-2422-45E0-8384-021AFF1AF3CD} - {0483894E-2422-45E0-8384-021AFF1AF3CD} - C:\Program Files (x86)\iMacros\imacros.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
Trusted Zone: intuit.com\ttlc
Trusted Zone: kuaiche.com\software
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{54F9BA21-92AF-467D-BCD0-E71F53A0AA3E} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{54F9BA21-92AF-467D-BCD0-E71F53A0AA3E}\34A71627E616027557C6B616 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{54F9BA21-92AF-467D-BCD0-E71F53A0AA3E}\56A73716E6F64716C6 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{54F9BA21-92AF-467D-BCD0-E71F53A0AA3E}\E4544574541425 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{54F9BA21-92AF-467D-BCD0-E71F53A0AA3E}\E45445745414250343 : DhcpNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll, C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
BHO-X64: VIO1 Toolbar: {01188d35-daf3-4a43-90aa-f1bf150207e6} - C:\Program Files (x86)\VIO1\tbVIO1.dll
BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll
BHO-X64: IEVkbdBHO - No File
BHO-X64: Freecorder Toolbar: {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files (x86)\freecordertoolbar\vmntemplateX.dll
BHO-X64: Freecorder Toolbar - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: hpBHO Class: {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
BHO-X64: HelloWorldBHO - No File
BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
BHO-X64: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Owner\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
BHO-X64: FlashGetBHO - No File
BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
BHO-X64: link filter bho - No File
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
TB-X64: FireShot: {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.80.dll
TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: VIO1 Toolbar: {01188d35-daf3-4a43-90aa-f1bf150207e6} - C:\Program Files (x86)\VIO1\tbVIO1.dll
TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB-X64: Freecorder Toolbar: {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files (x86)\freecordertoolbar\vmntemplateX.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
EB-X64: {0483894E-2422-45E0-8384-021AFF1AF3CD} - No File
EB-X64: {A310506F-6BA4-48C4-8887-1F462277AA12} - No File
mRun-x64: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun-x64: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)] 
mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun-x64: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe"
AppInit_DLLs-X64: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll, C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.askfrank.net/contact_form.php
FF - prefs.js: keyword.URL - hxxp://search.toolbars.alexa.com/?ver=alxf-2.14&src=ab&aid=rbgeb18lJP00gs&q=
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected]\components\abhelperxpcom.dll
FF - component: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected]\components\kavlinkfilter.dll
FF - component: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected]\components\ffvkplugin.dll
FF - component: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll
FF - component: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}\components\dtTransparency.dll
FF - component: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\components\FlashgetXpi.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npWebLaunch.dll
FF - plugin: C:\Program Files (x86)\Opera\program\plugins\np_gp.dll
FF - plugin: C:\Program Files (x86)\thriXXX\WebLaunch\Binaries\npWebLaunch.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http - 
user_pref(network.proxy.http_port,);
FF - user.js: network.proxy.no_proxies_on - 
.
============= SERVICES / DRIVERS ===============
.
R0 ahcix64s;ahcix64s;C:\Windows\system32\DRIVERS\ahcix64s.sys --> C:\Windows\system32\DRIVERS\ahcix64s.sys [?]
R0 CSCrySec;InfoWatch Encrypt Sector Library driver;C:\Windows\system32\DRIVERS\CSCrySec.sys --> C:\Windows\system32\DRIVERS\CSCrySec.sys [?]
R0 KLBG;Kaspersky Lab Boot Guard Driver;C:\Windows\system32\DRIVERS\klbg.sys --> C:\Windows\system32\DRIVERS\klbg.sys [?]
R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys --> C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [?]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AcuWVSSchedulerv6;Acunetix WVS Scheduler v6;C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 6\WVSScheduler.exe [2010-3-3 671368]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AMD_RAIDXpert;AMD RAIDXpert;C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-3-16 122880]
R2 AVP;Kaspersky PURE;C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe [2010-10-1 348760]
R2 CSObjectsSrv;CryptoStorage control service;C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2009-12-21 743992]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-29 652872]
R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-2-5 2253688]
R2 WinAutomation Service;WinAutomation Service;C:\Program Files\WinAutomation\WinAutomation.ServiceAgent.exe [2009-12-11 147128]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\system32\drivers\LVUSBS64.sys --> C:\Windows\system32\drivers\LVUSBS64.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 teamviewervpn;TeamViewer VPN Adapter;C:\Windows\system32\DRIVERS\teamviewervpn.sys --> C:\Windows\system32\DRIVERS\teamviewervpn.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-4-16 136176]
S2 Printer Control;Printer Control;C:\Windows\system32\PrintCtrl.exe --> C:\Windows\system32\PrintCtrl.exe [?]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-8-15 284016]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe [2009-12-30 1527900]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-1-12 1038088]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-4-16 136176]
S3 lvpopf64;Logitech POP Suppression Filter;C:\Windows\system32\DRIVERS\lvpopf64.sys --> C:\Windows\system32\DRIVERS\lvpopf64.sys [?]
S3 LVUVC64;Logitech QuickCam Fusion(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 V0060VID;Creative WebCam Live! Ultra;C:\Windows\system32\DRIVERS\V0060Vid.sys --> C:\Windows\system32\DRIVERS\V0060Vid.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-01-08 19:17:12 388096 ----a-r- C:\Users\Owner\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-08 19:17:12 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-01-08 19:11:33 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DA113235-3D7E-47C3-9B63-3FF9DFA1B036}\offreg.dll
2012-01-08 00:11:15 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DA113235-3D7E-47C3-9B63-3FF9DFA1B036}\mpengine.dll
2012-01-06 02:37:32 -------- d-----w- C:\Program Files (x86)\Market Samurai
2011-12-27 00:24:32 162392 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]\components\KavLinkFilter.dll
2011-12-27 00:24:06 85048 ----a-w- C:\Windows\System32\drivers\CSCrySec.sys
2011-12-27 00:24:06 66104 ----a-w- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
2011-12-27 00:22:51 -------- d-----w- C:\Program Files (x86)\Common Files\InfoWatch
2011-12-27 00:22:49 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2011-12-14 07:18:59 723456 ----a-w- C:\Windows\System32\EncDec.dll
2011-12-14 07:18:59 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-12-14 07:18:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-12-14 07:18:53 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-12-11 00:49:52 -------- d-----w- C:\Users\Owner\AppData\Roaming\com.springbox.mobilizer
2011-12-11 00:49:49 -------- d-----w- C:\Program Files (x86)\Mobilizer
.
==================== Find3M ====================
.
2011-12-10 21:24:08 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-11-25 02:07:41 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-11-17 15:32:18 186576 ----a-w- C:\Windows\Submitter Uninstaller.exe
2011-11-06 02:37:30 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-11-05 05:41:43 1188864 ----a-w- C:\Windows\System32\wininet.dll
2011-11-05 04:35:00 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-05 03:32:47 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-05 02:48:51 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-10-26 05:21:20 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2011-10-24 19:29:02 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2011-10-24 19:29:02 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2011-10-18 21:38:26 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-10-18 21:38:26 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
.
============= FINISH: 13:30:08.89 ===============

I have also attached *Attach.txt *file, and since my infected system is 64bit , i dont have the *ark.txt file
*
Thanks very much!


----------



## destin (Jan 8, 2012)

bump


----------



## destin (Jan 8, 2012)

Just checking,
bump


----------



## destin (Jan 8, 2012)

bump bump


----------



## jeffce (May 10, 2011)

Hi and Welcome!!  My name is *Jeff*. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:
 I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
 Please subscribe to this topic, if you haven't already. 
 The fixes are specific to your problem and should only be used for the issues on this machine.
 Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
 It's often worth reading through these instructions and printing them for ease of reference.
 If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
 Please reply to this thread. Do not start a new topic.

IMPORTANT NOTE : Please do not delete anything unless instructed to.
*DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision*.
Doing so could make your system inoperable and could require a full reinstall of your OS losing all your programs and data.

*Vista and Windows 7 users:*
These tools MUST be run from the executable (.exe) every time you run them
with Admin Rights (Right click, choose "Run as Administrator")

_*Stay with this topic until I give you the all clean post.*_
----------

I apologize for your wait. As you can see we are quite busy here. 
----------

Is your system set up to run on a proxy server by chance?
---------
Please download *aswMBR* to your desktop.


Right click and Run as Administrator the aswMBR icon to run it.
Click the *Scan* button to start scan.
When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.


_Click the image to enlarge it_
----------


----------



## destin (Jan 8, 2012)

Hi Jeff,
and thanks for taking my case.I appreciate it.
I am not sure if I understand the proxy server question, I do have the HMA Pro VPN installed on my PC, but I am not sure if it has anything to do with your question , sorry.

I just wanted to point out ( in case report or log does not reveal much) that I kept my infected PC off line ( shut down) in last few days and using my laptop for now. 
If yo uwant me to keep infected PC running for some reason,let me know.

Here is the aswMBR report.

aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-10 22:21:51
-----------------------------
22:21:51.593 OS Version: Windows x64 6.1.7601 Service Pack 1
22:21:51.593 Number of processors: 4 586 0x402
22:21:51.594 ComputerName: OWNER-PC UserName: Owner
22:21:55.718 Initialize success
22:22:26.174 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000067
22:22:26.177 Disk 0 Vendor: Seagate_ HP22 Size: 715404MB BusType: 8
22:22:26.262 Disk 0 MBR read successfully
22:22:26.264 Disk 0 MBR scan
22:22:26.265 Disk 0 unknown MBR code
22:22:26.317 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
22:22:26.370 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 702673 MB offset 206848
22:22:26.438 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 12629 MB offset 1439281152
22:22:26.441 Service scanning
22:22:46.360 Modules scanning
22:22:46.383 Disk 0 trace - called modules:
22:22:46.397 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll ahcix64s.sys 
22:22:46.400 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007413060]
22:22:46.404 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> \Device\00000067[0xfffffa80072259c0]
22:22:46.408 Scan finished successfully
22:23:39.578 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\111 virus scan 2012\MBR.dat"
22:23:39.584 The log file has been saved successfully to "C:\Users\Owner\Desktop\111 virus scan 2012\aswMBR.txt"


----------



## jeffce (May 10, 2011)

Hi destin,

Download *Combofix* from either of the links below, and save it to your desktop. 
*Link 1*
*Link 2*

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------

IMPORTANT - *Disable your AntiVirus and AntiSpyware applications*, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here 

--------------------------------------------------------------------

Right-Click and Run as Administrator on *ComboFix.exe* & follow the prompts. 
When finished, it will produce a report for you. 
Please post the *C:\ComboFix.txt * for further review.
----------


----------



## destin (Jan 8, 2012)

Hi Jeff,
Here it is:

ComboFix 12-01-10.02 - Owner 01/11/2012 8:52.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7928.5474 [GMT -6:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
AV: Kaspersky PURE *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky PURE *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky PURE *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\Search Toolbar
c:\program files (x86)\Search Toolbar\basis.xml
c:\program files (x86)\Search Toolbar\bg.bmp
c:\program files (x86)\Search Toolbar\bing_logo.png
c:\program files (x86)\Search Toolbar\celebrity.png
c:\program files (x86)\Search Toolbar\drop_images.png
c:\program files (x86)\Search Toolbar\drop_maps.png
c:\program files (x86)\Search Toolbar\drop_news.png
c:\program files (x86)\Search Toolbar\drop_videos.png
c:\program files (x86)\Search Toolbar\drop_web.png
c:\program files (x86)\Search Toolbar\facebook.png
c:\program files (x86)\Search Toolbar\favicon.png
c:\program files (x86)\Search Toolbar\games.png
c:\program files (x86)\Search Toolbar\hotmail.png
c:\program files (x86)\Search Toolbar\images.png
c:\program files (x86)\Search Toolbar\include.xml
c:\program files (x86)\Search Toolbar\info.txt
c:\program files (x86)\Search Toolbar\lifestyle.png
c:\program files (x86)\Search Toolbar\maps.png
c:\program files (x86)\Search Toolbar\messenger.png
c:\program files (x86)\Search Toolbar\msn.png
c:\program files (x86)\Search Toolbar\news.png
c:\program files (x86)\Search Toolbar\tbcore3.dll
c:\program files (x86)\Search Toolbar\twitter.png
c:\program files (x86)\Search Toolbar\version.txt
c:\program files (x86)\Search Toolbar\video.png
c:\program files (x86)\Search Toolbar\videos.png
c:\program files (x86)\Search Toolbar\weather.png
c:\program files (x86)\Search Toolbar\web.png
c:\users\Owner\AppData\Local\Xenocode\Sandbox\UBot_Standalone
c:\users\Owner\AppData\Local\Xenocode\Sandbox\UBot_Standalone\1.0.0.0\2009.12.29T12.28\Native\STUBEXE\@[email protected]\Microsoft.NET\Framework\v2.0.50727\csc.exe
c:\users\Owner\AppData\Local\Xenocode\Sandbox\UBot_Standalone\1.0.0.0\2009.12.29T12.28\Native\STUBEXE\@[email protected]\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
c:\users\Owner\AppData\Local\Xenocode\Sandbox\UBot_Standalone\1.0.0.0\2009.12.29T12.28\Virtual\MODIFIED\@[email protected]\ubotcompile2330168\Interop.SHDocVw.dll
c:\users\Owner\AppData\Local\Xenocode\Sandbox\UBot_Standalone\1.0.0.0\2009.12.29T12.28\Virtual\MODIFIED\@[email protected]\ubotcompile397979\Interop.SHDocVw.dll
c:\users\Owner\AppData\Local\Xenocode\Sandbox\UBot_Standalone\1.0.0.0\2009.12.29T12.28\Virtual\MODIFIED\@[email protected]\ubotcompile4379463\Interop.SHDocVw.dll
c:\users\Owner\AppData\Local\Xenocode\Sandbox\UBot_Standalone\1.0.0.0\2009.12.29T12.28\Virtual\MODIFIED\@[email protected]\ubotcompile7917143\Interop.SHDocVw.dll
c:\users\Owner\AppData\Local\Xenocode\Sandbox\UBot_Standalone\1.0.0.0\2009.12.29T12.28\Virtual\MODIFIED\@[email protected]\ubotcompile9655215\Interop.SHDocVw.dll
c:\users\Owner\AppData\Local\Xenocode\Sandbox\UBot_Standalone\1.0.0.0\2009.12.29T12.28\Virtual\SXS\Manifests\compile.exe_0xCFCEE93F42B6B4C8AF29D06B20029096.1.manifest
c:\users\Owner\AppData\Local\Xenocode\Sandbox\UBot_Standalone\1.0.0.0\2009.12.29T12.28\Virtual\SXS\Manifests\VmX.dll_0x708E180A6A058DCDE2E1F8586DD2BA4A.2.manifest
c:\users\Owner\AppData\Local\Xenocode\Sandbox\UBot_Standalone\1.0.0.0\2009.12.29T12.28\Virtual\SXS\[email protected]\MyApplication.app.manifest
c:\users\Owner\AppData\Local\Xenocode\Sandbox\UBot_Standalone\1.0.0.0\2009.12.29T12.28\Virtual\SXS\[email protected]\[email protected]
c:\users\Owner\AppData\Local\Xenocode\Sandbox\UBot_Standalone\1.0.0.0\2009.12.29T12.28\Virtual\SXS\[email protected]\Xenocode.VMX.manifest
c:\users\Owner\AppData\Local\Xenocode\Sandbox\UBot_Standalone\1.0.0.0\2009.12.29T12.28\Virtual\SXS\[email protected]\[email protected]
c:\users\Owner\AppData\Local\Xenocode\Sandbox\UBot_Standalone\1.0.0.0\2009.12.29T12.28\Virtual\XRegistry.tmp
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\searchplugins\bing-zugo.xml
c:\users\Owner\AppData\Roaming\ubot
c:\users\Owner\Documents\u-bot
c:\users\Owner\Documents\u-bot\friendpos.txt
c:\users\Owner\Documents\u-bot\mailpos.txt
c:\users\Owner\Documents\u-bot\urls.txt
c:\windows\Driver Cache\i386\Temp\program.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-12-11 to 2012-01-11 )))))))))))))))))))))))))))))))
.
.
2012-01-11 15:10 . 2012-01-11 15:10 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5EF7A33C-F449-444E-BFEC-7FA709D65DCE}\offreg.dll
2012-01-11 04:27 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 04:27 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 04:27 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-01-11 04:27 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2012-01-11 04:27 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 04:27 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-01-11 04:27 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-01-11 04:27 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-01-11 04:25 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5EF7A33C-F449-444E-BFEC-7FA709D65DCE}\mpengine.dll
2012-01-08 19:17 . 2012-01-08 19:17 388096 ----a-r- c:\users\Owner\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-08 19:17 . 2012-01-08 19:17 -------- d-----w- c:\program files (x86)\Trend Micro
2012-01-06 02:37 . 2012-01-06 02:37 -------- d-----w- c:\program files (x86)\Market Samurai
2011-12-27 00:24 . 2010-10-02 04:05 162392 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\[email protected]\components\KavLinkFilter.dll
2011-12-27 00:24 . 2009-12-14 18:44 85048 ----a-w- c:\windows\system32\drivers\CSCrySec.sys
2011-12-27 00:24 . 2009-12-14 18:44 66104 ----a-w- c:\windows\system32\drivers\CSVirtualDiskDrv.sys
2011-12-27 00:22 . 2011-12-27 00:22 -------- d-----w- c:\program files (x86)\Common Files\InfoWatch
2011-12-27 00:22 . 2011-12-27 00:22 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2011-12-14 07:18 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2011-12-14 07:18 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-14 07:18 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 07:18 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-10 21:24 . 2011-05-08 14:36 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-25 02:07 . 2011-08-21 19:56 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-17 15:32 . 2011-11-17 15:32 186576 ----a-w- c:\windows\Submitter Uninstaller.exe
2011-11-06 02:37 . 2010-05-18 17:15 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-10-24 19:29 . 2011-10-24 19:29 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 19:29 . 2011-10-24 19:29 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2011-10-18 21:38 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-10-18 21:38 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{01188d35-daf3-4a43-90aa-f1bf150207e6}"= "c:\program files (x86)\VIO1\tbVIO1.dll" [2008-11-24 1784856]
.
[HKEY_CLASSES_ROOT\clsid\{01188d35-daf3-4a43-90aa-f1bf150207e6}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{01188d35-daf3-4a43-90aa-f1bf150207e6}]
2008-11-24 05:03 1784856 ----a-w- c:\program files (x86)\VIO1\tbVIO1.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}]
2011-06-24 15:04 81920 ----a-w- c:\program files (x86)\freecordertoolbar\vmntemplateX.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}]
2009-06-08 21:41 120104 ----a-w- c:\program files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{01188d35-daf3-4a43-90aa-f1bf150207e6}"= "c:\program files (x86)\VIO1\tbVIO1.dll" [2008-11-24 1784856]
"{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}"= "c:\program files (x86)\freecordertoolbar\vmntemplateX.dll" [2011-06-24 81920]
.
[HKEY_CLASSES_ROOT\clsid\{01188d35-daf3-4a43-90aa-f1bf150207e6}]
.
[HKEY_CLASSES_ROOT\clsid\{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2010-10-02 04:05 129624 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE\shellex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-10-06 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-05-26 656896]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-05-13 581480]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Freecorder FLV Service"="c:\program files (x86)\Freecorder\FLVSrvc.exe" [2011-03-24 167936]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe" [2010-10-02 348760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~2\KASPER~1\KASPER~1\sbhook.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Printer Control;Printer Control;c:\windows\system32\PrintCtrl.exe [x]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-01-13 1038088]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 136176]
R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [x]
R3 LVUVC64;Logitech QuickCam Fusion(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 V0060VID;Creative WebCam Live! Ultra;c:\windows\system32\DRIVERS\V0060Vid.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 ahcix64s;ahcix64s;c:\windows\system32\DRIVERS\ahcix64s.sys [x]
S0 CSCrySec;InfoWatch Encrypt Sector Library driver;c:\windows\system32\DRIVERS\CSCrySec.sys [x]
S0 KLBG;Kaspersky Lab Boot Guard Driver;c:\windows\system32\DRIVERS\klbg.sys [x]
S1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;c:\windows\system32\DRIVERS\CSVirtualDiskDrv.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AcuWVSSchedulerv6;Acunetix WVS Scheduler v6;c:\program files (x86)\Acunetix\Web Vulnerability Scanner 6\WVSScheduler.exe [2010-03-03 671368]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD_RAIDXpert;AMD RAIDXpert;c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-03-16 122880]
S2 CSObjectsSrv;CryptoStorage control service;c:\program files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2009-12-21 743992]
S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 136176]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-27 2253688]
S2 WinAutomation Service;WinAutomation Service;c:\program files\WinAutomation\WinAutomation.ServiceAgent.exe [2009-12-11 147128]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
2010-11-20 12:17 302592 ----a-w- c:\windows\System32\cmd.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 20:45]
.
2012-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 20:45]
.
2012-01-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1496317490-1307526022-1011991264-1000Core.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-13 16:10]
.
2012-01-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1496317490-1307526022-1011991264-1000UA.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-13 16:10]
.
2012-01-11 c:\windows\Tasks\HPCeeScheduleForOwner.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 09:22]
.
2011-12-31 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-06-10 11:04]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2010-10-02 04:06 170584 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE\x64\ShellEx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-08 610360]
"PrintDisp"="c:\windows\system32\PrintDisp.exe" [2009-08-21 878080]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-11 689488]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-04 2114376]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\x64\kloehk.dll c:\progra~2\KASPER~1\KASPER~1\x64\sbhook64.dll
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = local
uInternet Settings,ProxyServer = hxxp://67.192.11.163:80
IE: Append to existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert link target to existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download All By FlashGet3 - c:\users\Owner\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download By FlashGet3 - c:\users\Owner\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: intuit.com\ttlc
Trusted Zone: kuaiche.com\software
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.askfrank.net/contact_form.php
FF - prefs.js: keyword.URL - hxxp://search.toolbars.alexa.com/?ver=alxf-2.14&src=ab&aid=rbgeb18lJP00gs&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http - 
user_pref(network.proxy.http_port,);
FF - user.js: network.proxy.no_proxies_on - 
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
Wow6432Node-HKCU-Run-IBP - (no file)
WebBrowser-{01188D35-DAF3-4A43-90AA-F1BF150207E6} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-Keyword Tracking Tool_is1 - c:\program files (x86)\Adolix\Keyword Tracking Tool\unins000.exe
AddRemove-Link Popularity Check_is1 - c:\program files (x86)\Link Popularity Check\unins000.exe
AddRemove-{B60DCA15-56A3-4D2D-8747-22CF7D7B588B} - c:\program files (x86)\InstallShield Installation Information\{B60DCA15-56A3-4D2D-8747-22CF7D7B588B}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\SysWOW64\WinMsgBalloonServer.exe
c:\windows\SysWOW64\WinMsgBalloonClient.exe
c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
.
**************************************************************************
.
Completion time: 2012-01-11 09:29:49 - machine was rebooted
ComboFix-quarantined-files.txt 2012-01-11 15:29
.
Pre-Run: 490,649,989,120 bytes free
Post-Run: 495,694,843,904 bytes free
.
- - End Of File - - 1DBA686804E5E3FF8B2C7FDB6CD7EE5B


----------



## jeffce (May 10, 2011)

Hi destin,

Good job getting that log.  Do you recognized this by chance? >> uInternet Settings,ProxyServer = hxxp://67.192.11.163:80


----------



## destin (Jan 8, 2012)

Looks like IP from Key West FL but I have no idea what it does.
Is my PC being used as proxy?


----------



## jeffce (May 10, 2011)

Ok thats what I wanted to know. I am at work right now but will get more instructions to your later this afternoon.


----------



## destin (Jan 8, 2012)

ok,great, thanks Jeff!


----------



## jeffce (May 10, 2011)

Hi destin,


Please open *Notepad* (Start -> Run -> type *notepad* in the Open field -> OK) and copy and paste the text present _*inside*_ the code box below:

```
DDS::
uInternet Settings,ProxyServer = hxxp://67.192.11.163:80
uURLSearchHooks: VIO1 Toolbar: {01188d35-daf3-4a43-90aa-f1bf150207e6} - C:\Program Files (x86)\VIO1\tbVIO1.dll
mURLSearchHooks: VIO1 Toolbar: {01188d35-daf3-4a43-90aa-f1bf150207e6} - C:\Program Files (x86)\VIO1\tbVIO1.dll
BHO: VIO1 Toolbar: {01188d35-daf3-4a43-90aa-f1bf150207e6} - C:\Program Files (x86)\VIO1\tbVIO1.dll
BHO: Freecorder Toolbar: {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files (x86)\freecordertoolbar\vmntemplateX.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: VIO1 Toolbar: {01188d35-daf3-4a43-90aa-f1bf150207e6} - C:\Program Files (x86)\VIO1\tbVIO1.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Freecorder Toolbar: {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files (x86)\freecordertoolbar\vmntemplateX.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
EB: {A310506F-6BA4-48C4-8887-1F462277AA12} - No File
Trusted Zone: intuit.com\ttlc
Trusted Zone: kuaiche.com\software
BHO-X64: VIO1 Toolbar: {01188d35-daf3-4a43-90aa-f1bf150207e6} - C:\Program Files (x86)\VIO1\tbVIO1.dll
BHO-X64: Freecorder Toolbar: {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files (x86)\freecordertoolbar\vmntemplateX.dll
BHO-X64: Freecorder Toolbar - No File
BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
TB-X64: VIO1 Toolbar: {01188d35-daf3-4a43-90aa-f1bf150207e6} - C:\Program Files (x86)\VIO1\tbVIO1.dll
TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB-X64: Freecorder Toolbar: {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files (x86)\freecordertoolbar\vmntemplateX.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
EB-X64: {0483894E-2422-45E0-8384-021AFF1AF3CD} - No File
EB-X64: {A310506F-6BA4-48C4-8887-1F462277AA12} - No File

Firefox::
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.askfrank.net/contact_form.php
FF - prefs.js: keyword.URL - hxxp://search.toolbars.alexa.com/?ver=alxf-2.14&src=ab&aid=rbgeb18lJP00gs&q=
FF - component: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\ex tensions\{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}\components\dtTransparency.dll
FF - plugin: C:\Program Files (x86)\thriXXX\WebLaunch\Binaries\npWebLaunch.dll

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{01188d35-daf3-4a43-90aa-f1bf150207e6}"=-
"{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}"=-
```

Save this as *CFScript.txt* and change the *"Save as type"* to *"All Files"* and place it on your desktop.










*Very Important!* Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Referring to the screenshot above, *drag CFScript.txt into ComboFix.exe.*
ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
*When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.*
CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
----------


----------



## destin (Jan 8, 2012)

Hi Jeff,
here it is :

ComboFix 12-01-10.02 - Owner 01/11/2012 18:18:17.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7928.5855 [GMT -6:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
Command switches used :: c:\users\Owner\Desktop\CFScript.txt
AV: Kaspersky PURE *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky PURE *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky PURE *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\freecordertoolbar\vmntemplateX.dll
c:\program files (x86)\thriXXX\WebLaunch\Binaries\npWebLaunch.dll
c:\program files (x86)\VIO1\tbVIO1.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-12-12 to 2012-01-12 )))))))))))))))))))))))))))))))
.
.
2012-01-12 00:35 . 2012-01-12 00:35 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5EF7A33C-F449-444E-BFEC-7FA709D65DCE}\offreg.dll
2012-01-12 00:30 . 2012-01-12 00:30 -------- d-----w- c:\users\inne\AppData\Local\temp
2012-01-12 00:30 . 2012-01-12 00:30 -------- d-----w- c:\users\gaby\AppData\Local\temp
2012-01-12 00:30 . 2012-01-12 00:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-11 04:27 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 04:27 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 04:27 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-01-11 04:27 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2012-01-11 04:27 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 04:27 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-01-11 04:27 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-01-11 04:27 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-01-11 04:25 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5EF7A33C-F449-444E-BFEC-7FA709D65DCE}\mpengine.dll
2012-01-08 19:17 . 2012-01-08 19:17 388096 ----a-r- c:\users\Owner\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-08 19:17 . 2012-01-08 19:17 -------- d-----w- c:\program files (x86)\Trend Micro
2012-01-06 02:37 . 2012-01-06 02:37 -------- d-----w- c:\program files (x86)\Market Samurai
2011-12-27 00:24 . 2010-10-02 04:05 162392 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\[email protected]\components\KavLinkFilter.dll
2011-12-27 00:24 . 2009-12-14 18:44 85048 ----a-w- c:\windows\system32\drivers\CSCrySec.sys
2011-12-27 00:24 . 2009-12-14 18:44 66104 ----a-w- c:\windows\system32\drivers\CSVirtualDiskDrv.sys
2011-12-27 00:22 . 2011-12-27 00:22 -------- d-----w- c:\program files (x86)\Common Files\InfoWatch
2011-12-27 00:22 . 2011-12-27 00:22 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2011-12-14 07:18 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2011-12-14 07:18 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-14 07:18 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 07:18 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-10 21:24 . 2011-05-08 14:36 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-25 02:07 . 2011-08-21 19:56 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-17 15:32 . 2011-11-17 15:32 186576 ----a-w- c:\windows\Submitter Uninstaller.exe
2011-11-06 02:37 . 2010-05-18 17:15 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-10-24 19:29 . 2011-10-24 19:29 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 19:29 . 2011-10-24 19:29 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2011-10-18 21:38 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-10-18 21:38 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
.
.
((((((((((((((((((((((((((((( [email protected]_15.12.12 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-01-11 14:25 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-01-11 15:26 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-01-11 15:26 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-11 14:25 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-11 14:25 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-11 15:26 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-08-18 10:47 . 2012-01-11 23:57 65930 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-01-11 23:57 32332 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-12-19 19:57 . 2012-01-11 23:57 14176 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1496317490-1307526022-1011991264-1000_UserData.bin
- 2009-12-19 19:55 . 2012-01-11 14:26 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-19 19:55 . 2012-01-11 16:24 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-19 19:55 . 2012-01-11 16:24 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-19 19:55 . 2012-01-11 14:26 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-11 16:24 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-11 14:26 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-25 02:00 . 2012-01-11 23:55 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-25 02:00 . 2012-01-11 15:10 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2012-01-11 23:58 94000 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2009-12-25 02:00 . 2012-01-11 15:10 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-25 02:00 . 2012-01-11 23:55 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-25 02:00 . 2012-01-11 15:10 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-25 02:00 . 2012-01-11 23:55 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-19 20:03 . 2012-01-11 15:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-19 20:03 . 2012-01-12 00:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-19 20:03 . 2012-01-11 15:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-19 20:03 . 2012-01-12 00:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-01-11 15:07 . 2012-01-11 15:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-01-12 00:32 . 2012-01-12 00:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-01-11 15:07 . 2012-01-11 15:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-01-12 00:32 . 2012-01-12 00:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2012-01-11 15:06 641180 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-01-12 00:31 641180 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-12-20 08:10 . 2012-01-11 15:06 3741254 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1496317490-1307526022-1011991264-1000-8192.dat
+ 2009-12-20 08:10 . 2012-01-12 00:31 3741254 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1496317490-1307526022-1011991264-1000-8192.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}]
2009-06-08 21:41 120104 ----a-w- c:\program files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2010-10-02 04:05 129624 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE\shellex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-10-06 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-05-26 656896]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-05-13 581480]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Freecorder FLV Service"="c:\program files (x86)\Freecorder\FLVSrvc.exe" [2011-03-24 167936]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe" [2010-10-02 348760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~2\KASPER~1\KASPER~1\sbhook.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 136176]
R2 Printer Control;Printer Control;c:\windows\system32\PrintCtrl.exe [x]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-01-13 1038088]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 136176]
R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [x]
R3 LVUVC64;Logitech QuickCam Fusion(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 V0060VID;Creative WebCam Live! Ultra;c:\windows\system32\DRIVERS\V0060Vid.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 ahcix64s;ahcix64s;c:\windows\system32\DRIVERS\ahcix64s.sys [x]
S0 CSCrySec;InfoWatch Encrypt Sector Library driver;c:\windows\system32\DRIVERS\CSCrySec.sys [x]
S0 KLBG;Kaspersky Lab Boot Guard Driver;c:\windows\system32\DRIVERS\klbg.sys [x]
S1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;c:\windows\system32\DRIVERS\CSVirtualDiskDrv.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AcuWVSSchedulerv6;Acunetix WVS Scheduler v6;c:\program files (x86)\Acunetix\Web Vulnerability Scanner 6\WVSScheduler.exe [2010-03-03 671368]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD_RAIDXpert;AMD RAIDXpert;c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-03-16 122880]
S2 CSObjectsSrv;CryptoStorage control service;c:\program files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2009-12-21 743992]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-27 2253688]
S2 WinAutomation Service;WinAutomation Service;c:\program files\WinAutomation\WinAutomation.ServiceAgent.exe [2009-12-11 147128]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
2010-11-20 12:17 302592 ----a-w- c:\windows\System32\cmd.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 20:45]
.
2012-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 20:45]
.
2012-01-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1496317490-1307526022-1011991264-1000Core.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-13 16:10]
.
2012-01-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1496317490-1307526022-1011991264-1000UA.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-13 16:10]
.
2012-01-11 c:\windows\Tasks\HPCeeScheduleForOwner.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 09:22]
.
2011-12-31 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-06-10 11:04]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2010-10-02 04:06 170584 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE\x64\ShellEx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-08 610360]
"PrintDisp"="c:\windows\system32\PrintDisp.exe" [2009-08-21 878080]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-11 689488]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-04 2114376]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\x64\kloehk.dll c:\progra~2\KASPER~1\KASPER~1\x64\sbhook64.dll
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = local
IE: Append to existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert link target to existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download All By FlashGet3 - c:\users\Owner\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download By FlashGet3 - c:\users\Owner\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http - 
user_pref(network.proxy.http_port,);
FF - user.js: network.proxy.no_proxies_on - 
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files (x86)\TeamViewer\Version6\TeamViewer.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
.
**************************************************************************
.
Completion time: 2012-01-11 18:48:45 - machine was rebooted
ComboFix-quarantined-files.txt 2012-01-12 00:48
ComboFix2.txt 2012-01-11 15:29
.
Pre-Run: 495,764,013,056 bytes free
Post-Run: 495,454,060,544 bytes free
.
- - End Of File - - 88FA10D24A480DA8023BE54D086207ED


----------



## jeffce (May 10, 2011)

Hi destin,

I see that you have *Malwarebytes* on your system. Please open Malwarebytes, update it and then run a _Quick Scan_. Please save the log that is created for your next reply. 
----------

*ESET Online Scanner*
*I'd like us to scan your machine with ESET Online Scan*

*Note:* *It is recommended to disable on-board anti-virus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your anti-virus along with your anti-spyware programs.*


As a Vista/Win7 user you will need to right click your browser icon and select "Run as Administrator" in order to run this scan.

Do not use this instance of your browser for anything besides doing this scan
When the scan is complete and the results saved, close that instance of your browser
Open a new one the usual way and post the results in this topic.


Right-click and Run as Administartor on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
Click the







button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
Click on







to download the ESET Smart Installer. *Save* it to your desktop.
Double click on the







icon on your desktop.

Check








Click the *Start* button.
Accept any security warnings from your browser.
Check








Make sure that the option "Remove found threats" is Unchecked
Push the *Start* button.
ESET will then download updates for itself, install itself, and begin
scanning your computer. Please be patient as this can take some time.
When the scan completes, push








Push







, and save the file to your desktop using a unique name, such as
ESETScan. Include the contents of this report in your next reply.
Push the *Back* button.
Push *Finish*
http://www.eset.com/onlinescan/
----------

In your next reply please post the logs created by Malwarebytes and ESET online scanner.


----------



## destin (Jan 8, 2012)

Hi Jeff,
Her are the scans:

Malwarebytes Anti-Malware (PRO) 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.12.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Owner :: OWNER-PC [administrator]

Protection: Enabled

1/11/2012 9:59:54 PM
mbam-log-2012-01-11 (21-59-54).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 225486
Time elapsed: 4 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Owner\Downloads\cnet2_colorpicker_exe.exe (PUP.CNET.Adware.Bundle) -> Quarantined and deleted successfully.

(end)

---------------------------------

C:\Users\gaby\Desktop\LAPTOP FIX\PI__CRD_Double_Trouble.rar a variant of Win32/Keygen.AK application
C:\Users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\49e03e00-398cafb4 Java/Agent.AC trojan
C:\Users\Owner\Desktop\from CRUISER\ARTUR\rapidshare\www.softarchive.net_Flash.Slideshow.Maker.Pro.v4.77.rar probably a variant of Win32/Agent.MMXBBOW trojan
C:\Users\Owner\Desktop\XXXX BLAST\imacros_scripting.rar a variant of Win32/Pacex.BD virus
C:\Users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_1\index.htm HTML/Iframe.B.Gen virus
C:\Users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_2\index.htm HTML/Iframe.B.Gen virus
C:\Users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_3\index.htm HTML/Iframe.B.Gen virus
C:\Users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_4\index.htm HTML/Iframe.B.Gen virus
C:\Users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_5\index.htm HTML/Iframe.B.Gen virus
C:\Users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_6\index.htm HTML/Iframe.B.Gen virus
C:\Users\Owner\Downloads\3D SexVilla 2.093-White Rabbit.rar Win32/TrojanDownloader.Autoit.NCR trojan
C:\Users\Owner\Downloads\Hide.IP.Platinum.v3.43.Incl.Keymaker-CORE.rar probably a variant of Win32/Agent.FHNLIHS trojan
C:\Users\Owner\Downloads\Universal_Forum_Poster_1.0.0.13.rar probably a variant of Win32/Agent.MVUZMJK trojan
C:\Users\Owner\Downloads\Ygoow.rar probably a variant of MSIL/Injector.EY trojan
C:\Users\Owner\Downloads\3D SexVilla 2.093-White Rabbit\Sexvilla2\3DSexVilla2-Everlust-Install.exe Win32/TrojanDownloader.Autoit.NCR trojan
C:\Users\Owner\Downloads\projects\seo\adobe\Adobe.Creative.Suite.4.Web.Premium.part01\Adobe.CS4.All.Products Crack.rar probably a variant of Win32/Agent.GOGHCID trojan
C:\Users\Owner\Downloads\projects\seo\adobe\Adobe.Creative.Suite.4.Web.Premium.part01\Adobe.CS4.All.Products Crack\CS4Crack\Adobe.CS4.All.Products.Keymaker.v1.02.rar probably a variant of Win32/Agent.GOGHCID trojan
C:\Users\Owner\Downloads\Ygoow\Ygoow\MailClients\BolClient.dll probably a variant of MSIL/Injector.EY trojan
C:\Users\Owner\Downloads\Ygoow\Ygoow\MailClients\Care2Client.dll probably a variant of MSIL/Injector.EY trojan
C:\Users\Owner\Downloads\Ygoow\Ygoow\MailClients\CaulvClient.dll probably a variant of MSIL/Injector.EY trojan
C:\Users\Owner\Downloads\Ygoow\Ygoow\MailClients\HotmailClient.dll probably a variant of MSIL/Injector.EY trojan
C:\Users\Owner\Downloads\Ygoow\Ygoow\MailClients\LavabitClient.dll probably a variant of MSIL/Injector.EY trojan
C:\Users\Owner\Downloads\Ygoow\Ygoow\MailClients\MakToobClient.dll probably a variant of MSIL/Injector.EY trojan
C:\Users\Owner\Downloads\Ygoow\Ygoow\MailClients\ObozClient.dll probably a variant of MSIL/Injector.EY trojan
C:\Users\Owner\Downloads\Ygoow\Ygoow\MailClients\TheFreeSiteClient.dll probably a variant of MSIL/Injector.EY trojan
C:\Users\Owner\Downloads\Ygoow\Ygoow\MailClients\TomClient.dll probably a variant of MSIL/Injector.EY trojan
C:\Users\Owner\Downloads\Ygoow\Ygoow\MailClients\VoilaClient.dll probably a variant of MSIL/Injector.EY trojan


----------



## jeffce (May 10, 2011)

Hi destin,

Download *CKScanner* by askey127 from *Here* & *save it to your Desktop*. 
 Right-click and Run as Administrator *CKScanner.exe* then click *Search For Files*
 When the cursor hourglass disappears, click *Save List To File*
 A message box will verify the file saved
 Double-click the *CKFiles.txt* icon on your desktop then copy/paste the contents in your next reply


----------



## destin (Jan 8, 2012)

there you go:

CKScanner - Additional Security Risks - These are not necessarily bad
c:\users\gaby\desktop\downloads\infixpropdf\iceni.technology.infixpro.pdf.editor.v4.05.cracked-eat\eat.nfo
c:\users\gaby\desktop\downloads\infixpropdf\iceni.technology.infixpro.pdf.editor.v4.05.cracked-eat\file_id.diz
c:\users\gaby\desktop\downloads\infixpropdf\iceni.technology.infixpro.pdf.editor.v4.05.cracked-eat\infix.exe
c:\users\gaby\desktop\downloads\infixpropdf\iceni.technology.infixpro.pdf.editor.v4.05.cracked-eat\infixsetup_405.exe
c:\users\gaby\desktop\downloads\infixpropdf\iceni.technology.infixpro.pdf.editor.v4.05.cracked-eat\rapidshare premium.url
c:\users\gaby\desktop\downloads\infixpropdf\iceni.technology.infixpro.pdf.editor.v4.05.cracked-eat\warezsfx.com.nfo
c:\users\owner\desktop\folders\gaby-rosetta\learning-polish\rosetta.stone v3.4.5\crack\fninterface_libfnp.dll
c:\users\owner\desktop\folders\seo projects\http-askfrank.net\downloads\keyword.taffy.keygen.zip
c:\users\owner\desktop\folders\seo projects\http-askfrank.net\downloads\av voice changer v 6.0.10 dr afndeenaa\av voice changer v 6.0.10 dr afndeenaa\keygen.exe
c:\users\owner\desktop\folders\seo projects\http-askfrank.net\downloads\keyword.taffy.keygen\keygen.exe
c:\users\owner\desktop\folders\swish max 2.0 2008.08.12\kreskowki flash\trzesacy_ekran\screen-crack.swf
c:\users\owner\desktop\folders\swish max 2.0 2008.08.12\kreskowki flash\trzesacy_ekran\screen-crack.swi
c:\users\owner\desktop\from cruiser\ftp hack\frontpage-cracks.txt
c:\users\owner\desktop\from cruiser\ftp hack\swflashe\adobe_cs4_crack.rar
c:\users\owner\desktop\from cruiser\ping sites\alldaysucker[1].full\keygen.exe
c:\users\owner\desktop\gaby-rosetta\learning-polish\rosetta.stone v3.4.5\crack\fninterface_libfnp.dll
c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\link to download more free softwares and apps.url
c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\read me.txt
c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\setup.exe
c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\how to.txt
c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\license.lic
c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\winautomation.serviceagent.exe
c:\users\owner\downloads\digital.media.group.facebook.blaster.pro.v7.1.3.incl.keygen-lz0.rar
c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks.rar
c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 crack [h33t] [mahasonaz].torrent
c:\users\owner\downloads\3d sexvilla 2.093-white rabbit\sexvilla2\crack\3dsexvilla2-093.001.exe
c:\users\owner\downloads\3d sexvilla 2.093-white rabbit\sexvilla2\crack\3dsexvilla2.archives.txx
c:\users\owner\downloads\alexa booster 3.4 + key\alexa booster 3.4 + key\keygen.exe
c:\users\owner\downloads\drv.che.rar\driver.checker\driver checker 2.7.4.15.10.2010\key\keygen driverchecker v2.7.4.exe
c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\flstudio_9.0.exe
c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\cracks\plugin cracks (vsti)\hardcore.dll
c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\cracks\plugin cracks (vsti)\poizone.dll
c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\cracks\plugin cracks (vsti)\sawer.dll
c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\cracks\plugin cracks (vsti)\toxic biohazard.dll
c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\cracks\program crack\flengine.dll
c:\users\owner\downloads\imageconverter_plus_7.1.54.90602_akhilesh910_deaftunes.org\imageconverter plus 7.1.54.90602\crack\icpcore.dll
c:\users\owner\downloads\mjp1.1\cracked\readme.txt
c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\link to download more free softwares and apps.url
c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\read me.txt
c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\setup.exe
c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\how to.txt
c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\license.lic
c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\winautomation.serviceagent.exe
c:\users\owner\downloads\projects\11-adobe-light\keygen.exe
c:\users\owner\downloads\projects\11-infix-pdf-editor\crack\infix.exe
c:\users\owner\downloads\projects\11-pdf to jpg converter\universal.document.converter.v5.0.909.4130\crack\udceng.exe
c:\users\owner\downloads\projects\11-software removal\care_windows_software_remove_master_v5.0.1.2\crack\arrmd12.dll
c:\users\owner\downloads\projects\11-software removal\care_windows_software_remove_master_v5.0.1.2\crack\softwareremovemaster.exe
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.2\documentation\get garmin product id.pdf
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.2\documentation\how to.pdf
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.2\documentation\how to.txt
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.2\documentation\map ids.txt
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.3\keygen v1.3.exe
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.3\documentation\original readme.txt
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\original downloads\garmin keygen v1.2.rar
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\original downloads\garminkeygen_v1.3+ imei converter v1.0.rar
c:\users\owner\downloads\projects\magix.music.maker.14.producer.edition.d-version.v13.0.2.1-te\crack\musicmaker.exe
c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.premium.part01\adobe.cs4.all.products crack.rar
c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.premium.part01\adobe.cs4.all.products crack\all adobe cs4 products and suites crack.txt
c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.premium.part01\adobe.cs4.all.products crack\cs4crack\adobe.cs4.all.products.keymaker.v1.02.rar
c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.premium.part01\adobe.cs4.all.products crack\cs4crack\amtlib.dll
c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.premium.part01\adobe.cs4.all.products crack\cs4crack\instructions.txt
c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.premium.part01\adobe.cs4.all.products crack\cs4crack\read me first.txt
c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.premium.part01\adobe.cs4.all.products crack\cs4crack\acrobat crack\adobelm.dll
c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.premium.part01\adobe.cs4.all.products crack\cs4crack\acrobat crack\instructions.txt
c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.premium.part01\adobe.cs4.all.products crack\cs4crack\acrobat crack\serial.txt
c:\users\owner\downloads\projects\seo\rosetta-stone-new\rosetta.stone_v3.4.5\rosetta.stone v3.4.5\crack\fninterface_libfnp.dll
c:\users\owner\downloads\projects\winzip\winzip.pro.v14.0.8688.incl.keygen.rar
c:\users\owner\downloads\projects\winzip\winzip.pro.v14.0.8688.incl.keygen\winzip140.exe
c:\users\owner\downloads\rosetta stone 3.4.5\crack\readme.txt
c:\users\owner\downloads\rosetta stone 3.4.5\crack\mac\mdm.dat
c:\users\owner\downloads\rosetta stone 3.4.5\crack\win\rosettastoneversion3.exe
c:\users\owner\downloads\universal_forum_poster_1.0.0.13\universal_forum_poster_1.0.0.13\cracked\bookviet4a.org.txt
c:\users\owner\downloads\universal_forum_poster_1.0.0.13\universal_forum_poster_1.0.0.13\cracked\bookviet4a.org.url
c:\users\owner\downloads\universal_forum_poster_1.0.0.13\universal_forum_poster_1.0.0.13\cracked\revenge.key
c:\users\owner\downloads\www.blackhatteam.com.link.farm.evolution.1.8.7\captchabot\captchacracker.inc.php
c:\users\owner\downloads\www.blackhatteam.com.link.farm.evolution.1.8.7\v1.8.7\includes\captchacracker.inc.php
c:\users\owner\favorites\wireless network crack - google search.url
c:\users\owner\favorites\craks\crackway.com.url
c:\users\owner\favorites\inne\- punkcracks.nl.nu -.url
scanner sequence 3.ZZ.11.EDNACG
----- EOF -----


----------



## jeffce (May 10, 2011)

Hi destin,

CKScanner has detected illegal software on your system. Besides being illegal, it's the number one way of infecting your system as all cracked/keygen software is infected. This forum, as well as all the other malware removal forums, do not support the use of illegal software except for their removal. If I were to continue helping you with illegal software installed, it could be construed in the eyes of the law as aiding and abetting a crime.

I have worked up a fix for their removal. If you do not agree to this then this thread will be closed and no further help will be offered. Please let me know if you wish to continue.


----------



## destin (Jan 8, 2012)

Please continue, I agree, please remove it all.thanks


----------



## jeffce (May 10, 2011)

Hi destin,


Please open *Notepad* (Start -> Run -> type *notepad* in the Open field -> OK) and copy and paste the text present _*inside*_ the code box below:

```
File::
c:\users\gaby\desktop\downloads\infixpropdf\iceni.technology.infixpro.pdf.e ditor.v4.05.cracked-eat\eat.nfo
c:\users\gaby\desktop\downloads\infixpropdf\iceni.technology.infixpro.pdf.e ditor.v4.05.cracked-eat\file_id.diz
c:\users\gaby\desktop\downloads\infixpropdf\iceni.technology.infixpro.pdf.e ditor.v4.05.cracked-eat\infix.exe
c:\users\gaby\desktop\downloads\infixpropdf\iceni.technology.infixpro.pdf.e ditor.v4.05.cracked-eat\infixsetup_405.exe
c:\users\gaby\desktop\downloads\infixpropdf\iceni.technology.infixpro.pdf.e ditor.v4.05.cracked-eat\rapidshare premium.url
c:\users\gaby\desktop\downloads\infixpropdf\iceni.technology.infixpro.pdf.e ditor.v4.05.cracked-eat\warezsfx.com.nfo
c:\users\owner\desktop\folders\gaby-rosetta\learning-polish\rosetta.stone v3.4.5\crack\fninterface_libfnp.dll
c:\users\owner\desktop\folders\seo projects\http-askfrank.net\downloads\keyword.taffy.keygen.zip
c:\users\owner\desktop\folders\seo projects\http-askfrank.net\downloads\av voice changer v 6.0.10 dr afndeenaa\av voice changer v 6.0.10 dr afndeenaa\keygen.exe
c:\users\owner\desktop\folders\seo projects\http-askfrank.net\downloads\keyword.taffy.keygen\keygen.exe
c:\users\owner\desktop\folders\swish max 2.0 2008.08.12\kreskowki flash\trzesacy_ekran\screen-crack.swf
c:\users\owner\desktop\folders\swish max 2.0 2008.08.12\kreskowki flash\trzesacy_ekran\screen-crack.swi
c:\users\owner\desktop\from cruiser\ftp hack\frontpage-cracks.txt
c:\users\owner\desktop\from cruiser\ftp hack\swflashe\adobe_cs4_crack.rar
c:\users\owner\desktop\from cruiser\ping sites\alldaysucker[1].full\keygen.exe
c:\users\owner\desktop\gaby-rosetta\learning-polish\rosetta.stone v3.4.5\crack\fninterface_libfnp.dll
c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\link to download more free softwares and apps.url
c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\read me.txt
c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\setup.exe
c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\how to.txt
c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\license.lic
c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\winautomation.serviceagent.exe
c:\users\owner\downloads\digital.media.group.facebook.blaster.pro.v7.1.3.in cl.keygen-lz0.rar
c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks.rar
c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 crack [h33t] [mahasonaz].torrent
c:\users\owner\downloads\3d sexvilla 2.093-white rabbit\sexvilla2\crack\3dsexvilla2-093.001.exe
c:\users\owner\downloads\3d sexvilla 2.093-white rabbit\sexvilla2\crack\3dsexvilla2.archives.txx
c:\users\owner\downloads\alexa booster 3.4 + key\alexa booster 3.4 + key\keygen.exe
c:\users\owner\downloads\drv.che.rar\driver.checker\driver checker 2.7.4.15.10.2010\key\keygen driverchecker v2.7.4.exe
c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\flstudio_9.0.exe
c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\cracks\plugin cracks (vsti)\hardcore.dll
c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\cracks\plugin cracks (vsti)\poizone.dll
c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\cracks\plugin cracks (vsti)\sawer.dll
c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\cracks\plugin cracks (vsti)\toxic biohazard.dll
c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\cracks\program crack\flengine.dll
c:\users\owner\downloads\imageconverter_plus_7.1.54.90602_akhilesh910_deaft unes.org\imageconverter plus 7.1.54.90602\crack\icpcore.dll
c:\users\owner\downloads\mjp1.1\cracked\readme.txt
c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\link to download more free softwares and apps.url
c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\read me.txt
c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\setup.exe
c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\how to.txt
c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\license.lic
c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\winautomation.serviceagent.exe
c:\users\owner\downloads\projects\11-adobe-light\keygen.exe
c:\users\owner\downloads\projects\11-infix-pdf-editor\crack\infix.exe
c:\users\owner\downloads\projects\11-pdf to jpg converter\universal.document.converter.v5.0.909.4130\crack\udceng.exe
c:\users\owner\downloads\projects\11-software removal\care_windows_software_remove_master_v5.0.1.2\crack\arrmd12.dll
c:\users\owner\downloads\projects\11-software removal\care_windows_software_remove_master_v5.0.1.2\crack\softwareremovema ster.exe
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.2\documentation\get garmin product id.pdf
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.2\documentation\how to.pdf
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.2\documentation\how to.txt
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.2\documentation\map ids.txt
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.3\keygen v1.3.exe
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.3\documentation\original readme.txt
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\original downloads\garmin keygen v1.2.rar
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\original downloads\garminkeygen_v1.3+ imei converter v1.0.rar
c:\users\owner\downloads\projects\magix.music.maker.14.producer.edition.d-version.v13.0.2.1-te\crack\musicmaker.exe
c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.prem ium.part01\adobe.cs4.all.products crack.rar
c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.prem ium.part01\adobe.cs4.all.products crack\all adobe cs4 products and suites crack.txt
c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.prem ium.part01\adobe.cs4.all.products crack\cs4crack\adobe.cs4.all.products.keymaker.v1.02.rar
c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.prem ium.part01\adobe.cs4.all.products crack\cs4crack\amtlib.dll
c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.prem ium.part01\adobe.cs4.all.products crack\cs4crack\instructions.txt
c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.prem ium.part01\adobe.cs4.all.products crack\cs4crack\read me first.txt
c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.prem ium.part01\adobe.cs4.all.products crack\cs4crack\acrobat crack\adobelm.dll
c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.prem ium.part01\adobe.cs4.all.products crack\cs4crack\acrobat crack\instructions.txt
c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.prem ium.part01\adobe.cs4.all.products crack\cs4crack\acrobat crack\serial.txt
c:\users\owner\downloads\projects\seo\rosetta-stone-new\rosetta.stone_v3.4.5\rosetta.stone v3.4.5\crack\fninterface_libfnp.dll
c:\users\owner\downloads\projects\winzip\winzip.pro.v14.0.8688.incl.keygen. rar
c:\users\owner\downloads\projects\winzip\winzip.pro.v14.0.8688.incl.keygen\ winzip140.exe
c:\users\owner\downloads\rosetta stone 3.4.5\crack\readme.txt
c:\users\owner\downloads\rosetta stone 3.4.5\crack\mac\mdm.dat
c:\users\owner\downloads\rosetta stone 3.4.5\crack\win\rosettastoneversion3.exe
c:\users\owner\downloads\universal_forum_poster_1.0.0.13\universal_forum_po ster_1.0.0.13\cracked\bookviet4a.org.txt
c:\users\owner\downloads\universal_forum_poster_1.0.0.13\universal_forum_po ster_1.0.0.13\cracked\bookviet4a.org.url
c:\users\owner\downloads\universal_forum_poster_1.0.0.13\universal_forum_po ster_1.0.0.13\cracked\revenge.key
c:\users\owner\downloads\http://www.blackhatteam.com.link.far...racker.inc.php
c:\users\owner\downloads\http://www.blackhatteam.com.link.far...racker.inc.php
c:\users\owner\favorites\wireless network crack - google search.url
c:\users\owner\favorites\craks\crackway.com.url
c:\users\owner\favorites\inne\- punkcracks.nl.nu -.url
C:\Users\gaby\Desktop\LAPTOP FIX\PI__CRD_Double_Trouble.rar 
C:\Users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\49e03e00-398cafb4 
C:\Users\Owner\Desktop\from CRUISER\ARTUR\rapidshare\http://www.softarchive.net_Flash.Sli....Pro.v4.77.rar 
C:\Users\Owner\Desktop\XXXX BLAST\imacros_scripting.rar 
C:\Users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_1\index.htm 
C:\Users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_2\index.htm 
C:\Users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_3\index.htm 
C:\Users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_4\index.htm 
C:\Users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_5\index.htm 
C:\Users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_6\index.htm 
C:\Users\Owner\Downloads\3D SexVilla 2.093-White Rabbit.rar 
C:\Users\Owner\Downloads\Hide.IP.Platinum.v3.43.Incl.Keymaker-CORE.rar 
C:\Users\Owner\Downloads\Universal_Forum_Poster_1.0.0.13.rar 
C:\Users\Owner\Downloads\Ygoow.rar 
C:\Users\Owner\Downloads\3D SexVilla 2.093-White Rabbit\Sexvilla2\3DSexVilla2-Everlust-Install.exe 
C:\Users\Owner\Downloads\projects\seo\adobe\Adobe.Creative.Suite.4.Web.Prem ium.part01\Adobe.CS4.All.Products Crack.rar
C:\Users\Owner\Downloads\projects\seo\adobe\Adobe.Creative.Suite.4.Web.Prem ium.part01\Adobe.CS4.All.Products Crack\CS4Crack\Adobe.CS4.All.Products.Keymaker.v1.02.rar 
C:\Users\Owner\Downloads\Ygoow\Ygoow\MailClients\BolClient.dll 
C:\Users\Owner\Downloads\Ygoow\Ygoow\MailClients\Care2Client.dll
C:\Users\Owner\Downloads\Ygoow\Ygoow\MailClients\CaulvClient.dll 
C:\Users\Owner\Downloads\Ygoow\Ygoow\MailClients\HotmailClient.dll 
C:\Users\Owner\Downloads\Ygoow\Ygoow\MailClients\LavabitClient.dll 
C:\Users\Owner\Downloads\Ygoow\Ygoow\MailClients\MakToobClient.dll 
C:\Users\Owner\Downloads\Ygoow\Ygoow\MailClients\ObozClient.dll 
C:\Users\Owner\Downloads\Ygoow\Ygoow\MailClients\TheFreeSiteClient.dll 
C:\Users\Owner\Downloads\Ygoow\Ygoow\MailClients\TomClient.dll 
C:\Users\Owner\Downloads\Ygoow\Ygoow\MailClients\VoilaClient.dll
```

Save this as *CFScript.txt* and change the *"Save as type"* to *"All Files"* and place it on your desktop.










*Very Important!* Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Referring to the screenshot above, *drag CFScript.txt into ComboFix.exe.*
ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
*When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.*
CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
----------


----------



## destin (Jan 8, 2012)

Hi Jeff,
Here is the Log content ( right after I dragged the content in to combofix, it asked to update to newer ver , which I did) hope thid did not messed up the scan.

ComboFix 12-01-12.04 - Owner 01/12/2012 13:49:07.5.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7928.6019 [GMT -6:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
Command switches used :: c:\users\Owner\Desktop\CFScript.txt
AV: Kaspersky PURE *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky PURE *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky PURE *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\gaby\desktop\downloads\infixpropdf\iceni.technology.infixpro.pdf.e ditor.v4.05.cracked-eat\eat.nfo"
"c:\users\gaby\desktop\downloads\infixpropdf\iceni.technology.infixpro.pdf.e ditor.v4.05.cracked-eat\file_id.diz"
"c:\users\gaby\desktop\downloads\infixpropdf\iceni.technology.infixpro.pdf.e ditor.v4.05.cracked-eat\infix.exe"
"c:\users\gaby\desktop\downloads\infixpropdf\iceni.technology.infixpro.pdf.e ditor.v4.05.cracked-eat\infixsetup_405.exe"
"c:\users\gaby\desktop\downloads\infixpropdf\iceni.technology.infixpro.pdf.e ditor.v4.05.cracked-eat\rapidshare premium.url"
"c:\users\gaby\desktop\downloads\infixpropdf\iceni.technology.infixpro.pdf.e ditor.v4.05.cracked-eat\warezsfx.com.nfo"
"c:\users\gaby\Desktop\LAPTOP FIX\PI__CRD_Double_Trouble.rar"
"c:\users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\49e03e00-398cafb4"
"c:\users\owner\desktop\folders\gaby-rosetta\learning-polish\rosetta.stone v3.4.5\crack\fninterface_libfnp.dll"
"c:\users\owner\desktop\folders\seo projects\http-askfrank.net\downloads\av voice changer v 6.0.10 dr afndeenaa\av voice changer v 6.0.10 dr afndeenaa\keygen.exe"
"c:\users\owner\desktop\folders\seo projects\http-askfrank.net\downloads\keyword.taffy.keygen.zip"
"c:\users\owner\desktop\folders\seo projects\http-askfrank.net\downloads\keyword.taffy.keygen\keygen.exe"
"c:\users\owner\desktop\folders\swish max 2.0 2008.08.12\kreskowki flash\trzesacy_ekran\screen-crack.swf"
"c:\users\owner\desktop\folders\swish max 2.0 2008.08.12\kreskowki flash\trzesacy_ekran\screen-crack.swi"
"c:\users\Owner\Desktop\from CRUISER\ARTUR\rapidshare\http://www.softarchive.net_Flash.Sli....Pro.v4.77.rar"
"c:\users\owner\desktop\from cruiser\ftp hack\frontpage-cracks.txt"
"c:\users\owner\desktop\from cruiser\ftp hack\swflashe\adobe_cs4_crack.rar"
"c:\users\owner\desktop\from cruiser\ping sites\alldaysucker[1].full\keygen.exe"
"c:\users\owner\desktop\gaby-rosetta\learning-polish\rosetta.stone v3.4.5\crack\fninterface_libfnp.dll"
"c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\link to download more free softwares and apps.url"
"c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\read me.txt"
"c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\how to.txt"
"c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\license.lic"
"c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\winautomation.serviceagent.exe"
"c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\setup.exe"
"c:\users\Owner\Desktop\XXXX BLAST\imacros_scripting.rar"
"c:\users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_1\index.htm"
"c:\users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_2\index.htm"
"c:\users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_3\index.htm"
"c:\users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_4\index.htm"
"c:\users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_5\index.htm"
"c:\users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_6\index.htm"
"c:\users\Owner\Downloads\3D SexVilla 2.093-White Rabbit.rar"
"c:\users\Owner\Downloads\3D SexVilla 2.093-White Rabbit\Sexvilla2\3DSexVilla2-Everlust-Install.exe"
"c:\users\owner\downloads\3d sexvilla 2.093-white rabbit\sexvilla2\crack\3dsexvilla2-093.001.exe"
"c:\users\owner\downloads\3d sexvilla 2.093-white rabbit\sexvilla2\crack\3dsexvilla2.archives.txx"
"c:\users\owner\downloads\alexa booster 3.4 + key\alexa booster 3.4 + key\keygen.exe"
"c:\users\owner\downloads\digital.media.group.facebook.blaster.pro.v7.1.3.in cl.keygen-lz0.rar"
"c:\users\owner\downloads\drv.che.rar\driver.checker\driver checker 2.7.4.15.10.2010\key\keygen driverchecker v2.7.4.exe"
"c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks.rar"
"c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\cracks\plugin cracks (vsti)\hardcore.dll"
"c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\cracks\plugin cracks (vsti)\poizone.dll"
"c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\cracks\plugin cracks (vsti)\sawer.dll"
"c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\cracks\plugin cracks (vsti)\toxic biohazard.dll"
"c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\cracks\program crack\flengine.dll"
"c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\flstudio_9.0.exe"
"c:\users\Owner\Downloads\Hide.IP.Platinum.v3.43.Incl.Keymaker-CORE.rar"
"c:\users\owner\downloads\http://www.blackhatteam.com.link.far...racker.inc.php"
"c:\users\owner\downloads\imageconverter_plus_7.1.54.90602_akhilesh910_deaft unes.org\imageconverter plus 7.1.54.90602\crack\icpcore.dll"
"c:\users\owner\downloads\mjp1.1\cracked\readme.txt"
"c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\link to download more free softwares and apps.url"
"c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\read me.txt"
"c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\how to.txt"
"c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\license.lic"
"c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\winautomation.serviceagent.exe"
"c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\setup.exe"
"c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 crack [h33t] [mahasonaz].torrent"
"c:\users\owner\downloads\projects\11-adobe-light\keygen.exe"
"c:\users\owner\downloads\projects\11-infix-pdf-editor\crack\infix.exe"
"c:\users\owner\downloads\projects\11-pdf to jpg converter\universal.document.converter.v5.0.909.4130\crack\udceng.exe"
"c:\users\owner\downloads\projects\11-software removal\care_windows_software_remove_master_v5.0.1.2\crack\arrmd12.dll"
"c:\users\owner\downloads\projects\11-software removal\care_windows_software_remove_master_v5.0.1.2\crack\softwareremovema ster.exe"
"c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.2\documentation\get garmin product id.pdf"
"c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.2\documentation\how to.pdf"
"c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.2\documentation\how to.txt"
"c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.2\documentation\map ids.txt"
"c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.3\documentation\original readme.txt"
"c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.3\keygen v1.3.exe"
"c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\original downloads\garmin keygen v1.2.rar"
"c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\original downloads\garminkeygen_v1.3+ imei converter v1.0.rar"
"c:\users\owner\downloads\projects\magix.music.maker.14.producer.edition.d-version.v13.0.2.1-te\crack\musicmaker.exe"
"c:\users\Owner\Downloads\projects\seo\adobe\Adobe.Creative.Suite.4.Web.Prem ium.part01\Adobe.CS4.All.Products Crack.rar"
"c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.prem ium.part01\adobe.cs4.all.products crack\all adobe cs4 products and suites crack.txt"
"c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.prem ium.part01\adobe.cs4.all.products crack\cs4crack\acrobat crack\adobelm.dll"
"c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.prem ium.part01\adobe.cs4.all.products crack\cs4crack\acrobat crack\instructions.txt"
"c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.prem ium.part01\adobe.cs4.all.products crack\cs4crack\acrobat crack\serial.txt"
"c:\users\Owner\Downloads\projects\seo\adobe\Adobe.Creative.Suite.4.Web.Prem ium.part01\Adobe.CS4.All.Products Crack\CS4Crack\Adobe.CS4.All.Products.Keymaker.v1.02.rar"
"c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.prem ium.part01\adobe.cs4.all.products crack\cs4crack\amtlib.dll"
"c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.prem ium.part01\adobe.cs4.all.products crack\cs4crack\instructions.txt"
"c:\users\owner\downloads\projects\seo\adobe\adobe.creative.suite.4.web.prem ium.part01\adobe.cs4.all.products crack\cs4crack\read me first.txt"
"c:\users\owner\downloads\projects\seo\rosetta-stone-new\rosetta.stone_v3.4.5\rosetta.stone v3.4.5\crack\fninterface_libfnp.dll"
"c:\users\owner\downloads\projects\winzip\winzip.pro.v14.0.8688.incl.keygen. rar"
"c:\users\owner\downloads\projects\winzip\winzip.pro.v14.0.8688.incl.keygen\ winzip140.exe"
"c:\users\owner\downloads\rosetta stone 3.4.5\crack\mac\mdm.dat"
"c:\users\owner\downloads\rosetta stone 3.4.5\crack\readme.txt"
"c:\users\owner\downloads\rosetta stone 3.4.5\crack\win\rosettastoneversion3.exe"
"c:\users\Owner\Downloads\Universal_Forum_Poster_1.0.0.13.rar"
"c:\users\owner\downloads\universal_forum_poster_1.0.0.13\universal_forum_po ster_1.0.0.13\cracked\bookviet4a.org.txt"
"c:\users\owner\downloads\universal_forum_poster_1.0.0.13\universal_forum_po ster_1.0.0.13\cracked\bookviet4a.org.url"
"c:\users\owner\downloads\universal_forum_poster_1.0.0.13\universal_forum_po ster_1.0.0.13\cracked\revenge.key"
"c:\users\Owner\Downloads\Ygoow.rar"
"c:\users\Owner\Downloads\Ygoow\Ygoow\MailClients\BolClient.dll"
"c:\users\Owner\Downloads\Ygoow\Ygoow\MailClients\Care2Client.dll"
"c:\users\Owner\Downloads\Ygoow\Ygoow\MailClients\CaulvClient.dll"
"c:\users\Owner\Downloads\Ygoow\Ygoow\MailClients\HotmailClient.dll"
"c:\users\Owner\Downloads\Ygoow\Ygoow\MailClients\LavabitClient.dll"
"c:\users\Owner\Downloads\Ygoow\Ygoow\MailClients\MakToobClient.dll"
"c:\users\Owner\Downloads\Ygoow\Ygoow\MailClients\ObozClient.dll"
"c:\users\Owner\Downloads\Ygoow\Ygoow\MailClients\TheFreeSiteClient.dll"
"c:\users\Owner\Downloads\Ygoow\Ygoow\MailClients\TomClient.dll"
"c:\users\Owner\Downloads\Ygoow\Ygoow\MailClients\VoilaClient.dll"
"c:\users\owner\favorites\craks\crackway.com.url"
"c:\users\owner\favorites\inne\- punkcracks.nl.nu -.url"
"c:\users\owner\favorites\wireless network crack - google search.url"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\gaby\Desktop\LAPTOP FIX\PI__CRD_Double_Trouble.rar
c:\users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\49e03e00-398cafb4
c:\users\owner\desktop\folders\gaby-rosetta\learning-polish\rosetta.stone v3.4.5\crack\fninterface_libfnp.dll
c:\users\owner\desktop\folders\seo projects\http-askfrank.net\downloads\av voice changer v 6.0.10 dr afndeenaa\av voice changer v 6.0.10 dr afndeenaa\keygen.exe
c:\users\owner\desktop\folders\seo projects\http-askfrank.net\downloads\keyword.taffy.keygen.zip
c:\users\owner\desktop\folders\seo projects\http-askfrank.net\downloads\keyword.taffy.keygen\keygen.exe
c:\users\owner\desktop\folders\swish max 2.0 2008.08.12\kreskowki flash\trzesacy_ekran\screen-crack.swf
c:\users\owner\desktop\folders\swish max 2.0 2008.08.12\kreskowki flash\trzesacy_ekran\screen-crack.swi
c:\users\owner\desktop\from cruiser\ftp hack\frontpage-cracks.txt
c:\users\owner\desktop\from cruiser\ftp hack\swflashe\adobe_cs4_crack.rar
c:\users\owner\desktop\from cruiser\ping sites\alldaysucker[1].full\keygen.exe
c:\users\owner\desktop\gaby-rosetta\learning-polish\rosetta.stone v3.4.5\crack\fninterface_libfnp.dll
c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\link to download more free softwares and apps.url
c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\read me.txt
c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\how to.txt
c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\license.lic
c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\winautomation.serviceagent.exe
c:\users\owner\desktop\xxxx blast\aaadrip feed blast\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\setup.exe
c:\users\Owner\Desktop\XXXX BLAST\imacros_scripting.rar
c:\users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_1\index.htm
c:\users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_2\index.htm
c:\users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_3\index.htm
c:\users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_4\index.htm
c:\users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_5\index.htm
c:\users\Owner\Documents\My Web Sites\nationallibrary.az\el\q\qarabag_6\index.htm
c:\users\Owner\Downloads\3D SexVilla 2.093-White Rabbit.rar
c:\users\Owner\Downloads\3D SexVilla 2.093-White Rabbit\Sexvilla2\3DSexVilla2-Everlust-Install.exe
c:\users\owner\downloads\3d sexvilla 2.093-white rabbit\sexvilla2\crack\3dsexvilla2-093.001.exe
c:\users\owner\downloads\3d sexvilla 2.093-white rabbit\sexvilla2\crack\3dsexvilla2.archives.txx
c:\users\owner\downloads\alexa booster 3.4 + key\alexa booster 3.4 + key\keygen.exe
c:\users\owner\downloads\drv.che.rar\driver.checker\driver checker 2.7.4.15.10.2010\key\keygen driverchecker v2.7.4.exe
c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks.rar
c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\cracks\plugin cracks (vsti)\hardcore.dll
c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\cracks\plugin cracks (vsti)\poizone.dll
c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\cracks\plugin cracks (vsti)\sawer.dll
c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\cracks\plugin cracks (vsti)\toxic biohazard.dll
c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\cracks\program crack\flengine.dll
c:\users\owner\downloads\fruity loops fl studio producer edition [2010] + cracks\fruity loops fl studio producer edition [2010] + cracks\flstudio_9.0.exe
c:\users\Owner\Downloads\Hide.IP.Platinum.v3.43.Incl.Keymaker-CORE.rar
c:\users\owner\downloads\mjp1.1\cracked\readme.txt
c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\link to download more free softwares and apps.url
c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\read me.txt
c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\how to.txt
c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\license.lic
c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\crack\winautomation.serviceagent.exe
c:\users\owner\downloads\personal task manager software - softomotive winautomation v3.0.3.410 + crack [h33t] [mahasonaz]\your software here\setup.exe
c:\users\owner\downloads\projects\11-adobe-light\keygen.exe
c:\users\owner\downloads\projects\11-infix-pdf-editor\crack\infix.exe
c:\users\owner\downloads\projects\11-pdf to jpg converter\universal.document.converter.v5.0.909.4130\crack\udceng.exe
c:\users\owner\downloads\projects\11-software removal\care_windows_software_remove_master_v5.0.1.2\crack\arrmd12.dll
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.2\documentation\get garmin product id.pdf
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.2\documentation\how to.pdf
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.2\documentation\how to.txt
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.2\documentation\map ids.txt
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.3\documentation\original readme.txt
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\02 - garmin keygen v1.3\keygen v1.3.exe
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\original downloads\garmin keygen v1.2.rar
c:\users\owner\downloads\projects\garmini-maps -unlock\garmin unlock utility\original downloads\garminkeygen_v1.3+ imei converter v1.0.rar
c:\users\owner\downloads\projects\magix.music.maker.14.producer.edition.d-version.v13.0.2.1-te\crack\musicmaker.exe
c:\users\owner\downloads\projects\seo\rosetta-stone-new\rosetta.stone_v3.4.5\rosetta.stone v3.4.5\crack\fninterface_libfnp.dll
c:\users\owner\downloads\rosetta stone 3.4.5\crack\mac\mdm.dat
c:\users\owner\downloads\rosetta stone 3.4.5\crack\readme.txt
c:\users\owner\downloads\rosetta stone 3.4.5\crack\win\rosettastoneversion3.exe
c:\users\Owner\Downloads\Universal_Forum_Poster_1.0.0.13.rar
c:\users\Owner\Downloads\Ygoow.rar
c:\users\Owner\Downloads\Ygoow\Ygoow\MailClients\BolClient.dll
c:\users\Owner\Downloads\Ygoow\Ygoow\MailClients\Care2Client.dll
c:\users\Owner\Downloads\Ygoow\Ygoow\MailClients\CaulvClient.dll
c:\users\Owner\Downloads\Ygoow\Ygoow\MailClients\HotmailClient.dll
c:\users\Owner\Downloads\Ygoow\Ygoow\MailClients\LavabitClient.dll
c:\users\Owner\Downloads\Ygoow\Ygoow\MailClients\MakToobClient.dll
c:\users\Owner\Downloads\Ygoow\Ygoow\MailClients\ObozClient.dll
c:\users\Owner\Downloads\Ygoow\Ygoow\MailClients\TheFreeSiteClient.dll
c:\users\Owner\Downloads\Ygoow\Ygoow\MailClients\TomClient.dll
c:\users\Owner\Downloads\Ygoow\Ygoow\MailClients\VoilaClient.dll
c:\users\owner\favorites\craks\crackway.com.url
c:\users\owner\favorites\inne\- punkcracks.nl.nu -.url
c:\users\owner\favorites\wireless network crack - google search.url
.
.
((((((((((((((((((((((((( Files Created from 2011-12-12 to 2012-01-12 )))))))))))))))))))))))))))))))
.
.
2012-01-12 20:03 . 2012-01-12 20:03 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5EF7A33C-F449-444E-BFEC-7FA709D65DCE}\offreg.dll
2012-01-12 19:59 . 2012-01-12 19:59 -------- d-----w- c:\users\inne\AppData\Local\temp
2012-01-12 19:59 . 2012-01-12 19:59 -------- d-----w- c:\users\gaby\AppData\Local\temp
2012-01-12 19:59 . 2012-01-12 19:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-12 04:20 . 2012-01-12 04:20 -------- d-----w- c:\program files (x86)\ESET
2012-01-11 04:27 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 04:27 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 04:27 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-01-11 04:27 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2012-01-11 04:27 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 04:27 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-01-11 04:27 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-01-11 04:27 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-01-11 04:25 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5EF7A33C-F449-444E-BFEC-7FA709D65DCE}\mpengine.dll
2012-01-08 19:17 . 2012-01-08 19:17 388096 ----a-r- c:\users\Owner\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-08 19:17 . 2012-01-08 19:17 -------- d-----w- c:\program files (x86)\Trend Micro
2012-01-06 02:37 . 2012-01-06 02:37 -------- d-----w- c:\program files (x86)\Market Samurai
2011-12-27 00:24 . 2010-10-02 04:05 162392 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\[email protected]\components\KavLinkFilter.dll
2011-12-27 00:24 . 2009-12-14 18:44 85048 ----a-w- c:\windows\system32\drivers\CSCrySec.sys
2011-12-27 00:24 . 2009-12-14 18:44 66104 ----a-w- c:\windows\system32\drivers\CSVirtualDiskDrv.sys
2011-12-27 00:22 . 2011-12-27 00:22 -------- d-----w- c:\program files (x86)\Common Files\InfoWatch
2011-12-27 00:22 . 2011-12-27 00:22 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2011-12-14 07:18 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2011-12-14 07:18 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-14 07:18 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 07:18 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-10 21:24 . 2011-05-08 14:36 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-25 02:07 . 2011-08-21 19:56 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-17 15:32 . 2011-11-17 15:32 186576 ----a-w- c:\windows\Submitter Uninstaller.exe
2011-11-06 02:37 . 2010-05-18 17:15 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-10-24 19:29 . 2011-10-24 19:29 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 19:29 . 2011-10-24 19:29 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2011-10-18 21:38 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-10-18 21:38 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
.
.
((((((((((((((((((((((((((((( [email protected]_15.12.12 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-01-11 14:25 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-01-11 15:26 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-01-11 15:26 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-11 14:25 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-11 14:25 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-11 15:26 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-08-18 10:47 . 2012-01-12 20:05 66366 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-01-12 20:05 32372 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-12-19 19:57 . 2012-01-12 20:05 14366 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1496317490-1307526022-1011991264-1000_UserData.bin
+ 2009-12-19 19:55 . 2012-01-12 19:58 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-19 19:55 . 2012-01-11 14:26 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-19 19:55 . 2012-01-11 14:26 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-19 19:55 . 2012-01-12 19:58 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-12 19:58 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-11 14:26 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-25 02:00 . 2012-01-11 15:10 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-25 02:00 . 2012-01-12 20:02 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2012-01-11 23:58 94000 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2009-12-25 02:00 . 2012-01-12 20:02 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-25 02:00 . 2012-01-11 15:10 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-25 02:00 . 2012-01-11 15:10 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-25 02:00 . 2012-01-12 20:02 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-19 20:03 . 2012-01-11 15:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-19 20:03 . 2012-01-12 20:02 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-19 20:03 . 2012-01-12 20:02 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-19 20:03 . 2012-01-11 15:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-01-11 15:07 . 2012-01-11 15:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-01-12 20:00 . 2012-01-12 20:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-01-11 15:07 . 2012-01-11 15:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-01-12 20:00 . 2012-01-12 20:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:12 . 2011-10-20 08:44 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:12 . 2012-01-12 19:58 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:01 . 2012-01-11 15:06 641180 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-01-12 19:59 641180 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-11-25 02:19 . 2012-01-12 14:16 641948 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1496317490-1307526022-1011991264-1000-12288.dat
- 2011-11-25 02:19 . 2011-11-25 02:19 641948 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1496317490-1307526022-1011991264-1000-12288.dat
+ 2009-12-20 08:10 . 2012-01-12 19:59 3741254 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1496317490-1307526022-1011991264-1000-8192.dat
- 2009-12-20 08:10 . 2012-01-11 15:06 3741254 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1496317490-1307526022-1011991264-1000-8192.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}]
2009-06-08 21:41 120104 ----a-w- c:\program files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2010-10-02 04:05 129624 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE\shellex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-10-06 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-05-26 656896]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Freecorder FLV Service"="c:\program files (x86)\Freecorder\FLVSrvc.exe" [2011-03-24 167936]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe" [2010-10-02 348760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~2\KASPER~1\KASPER~1\sbhook.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 136176]
R2 Printer Control;Printer Control;c:\windows\system32\PrintCtrl.exe [x]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-01-13 1038088]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 136176]
R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [x]
R3 LVUVC64;Logitech QuickCam Fusion(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 V0060VID;Creative WebCam Live! Ultra;c:\windows\system32\DRIVERS\V0060Vid.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-27 2253688]
S0 ahcix64s;ahcix64s;c:\windows\system32\DRIVERS\ahcix64s.sys [x]
S0 CSCrySec;InfoWatch Encrypt Sector Library driver;c:\windows\system32\DRIVERS\CSCrySec.sys [x]
S0 KLBG;Kaspersky Lab Boot Guard Driver;c:\windows\system32\DRIVERS\klbg.sys [x]
S1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;c:\windows\system32\DRIVERS\CSVirtualDiskDrv.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AcuWVSSchedulerv6;Acunetix WVS Scheduler v6;c:\program files (x86)\Acunetix\Web Vulnerability Scanner 6\WVSScheduler.exe [2010-03-03 671368]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD_RAIDXpert;AMD RAIDXpert;c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-03-16 122880]
S2 CSObjectsSrv;CryptoStorage control service;c:\program files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2009-12-21 743992]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 WinAutomation Service;WinAutomation Service;c:\program files\WinAutomation\WinAutomation.ServiceAgent.exe [2009-12-11 147128]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
2010-11-20 12:17 302592 ----a-w- c:\windows\System32\cmd.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 20:45]
.
2012-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 20:45]
.
2012-01-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1496317490-1307526022-1011991264-1000Core.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-13 16:10]
.
2012-01-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1496317490-1307526022-1011991264-1000UA.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-13 16:10]
.
2012-01-11 c:\windows\Tasks\HPCeeScheduleForOwner.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 09:22]
.
2011-12-31 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-06-10 11:04]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2010-10-02 04:06 170584 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE\x64\ShellEx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-08 610360]
"PrintDisp"="c:\windows\system32\PrintDisp.exe" [2009-08-21 878080]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-11 689488]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-04 2114376]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\x64\kloehk.dll c:\progra~2\KASPER~1\KASPER~1\x64\sbhook64.dll
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = local
IE: Append to existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert link target to existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download All By FlashGet3 - c:\users\Owner\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download By FlashGet3 - c:\users\Owner\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http - 
user_pref(network.proxy.http_port,);
FF - user.js: network.proxy.no_proxies_on - 
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\SysWOW64\WinMsgBalloonServer.exe
c:\windows\SysWOW64\WinMsgBalloonClient.exe
c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
.
**************************************************************************
.
Completion time: 2012-01-12 14:10:04 - machine was rebooted
ComboFix-quarantined-files.txt 2012-01-12 20:10
ComboFix2.txt 2012-01-12 00:48
ComboFix3.txt 2012-01-11 15:29
.
Pre-Run: 495,132,270,592 bytes free
Post-Run: 495,067,308,032 bytes free
.
- - End Of File - - DF3031D3DC7DAAC433DAEA501BC8EA77


----------



## jeffce (May 10, 2011)

Hi destin,

How is your system running?


----------



## destin (Jan 8, 2012)

Besides booting on startup kind of long everything else seems same.
Dont know about bandwidth usage for another 2 days because my ISP traffic data is always 2 days behind.
Also as I mentioned earlier, I have been keeping this PC turned off, and starting it only to do all the scans and then back off again so I was not able to use it for longer period of time in last few days.
Do you think the infection maybe gone?


----------



## jeffce (May 10, 2011)

Things are looking better. 

Download *TFC* to your *desktop*

Close any open windows.
Right-click and Run as Administrator the *TFC* icon to run the program
TFC *will close all open programs itself* in order to run,
Click the *Start* button to begin the process.
Allow *TFC* to run uninterrupted.
The program should not take long to finish it's job
Once its finished it should automatically *reboot your machine,*
if it doesn't, manually reboot to ensure a complete clean
----------

*Please do the following:*

Hold down the *Windows key* and press *R* to open a run box
type the following text into the run box

*appwiz.cpl*

This will open your *Programs And Features*. A list of installed programs will populate

Remove the following programs:

*Ask Toolbar
thriXXX 3DSexVilla2-093.001
thriXXX WebLaunch*
----------


Download *OTL* to your desktop.
Right-click and Run as Administrator on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath *Output* at the top change it to *Minimal Output*.
Check the boxes beside *LOP Check* and *Purity Check*.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. *OTL.Txt* and *Extras.Txt*.
Note:These logs can be located in the *OTL.* folder on you C:\ drive if they fail to open automatically.
Please copy *(Edit->Select All, Edit->Copy)* the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.


----------



## destin (Jan 8, 2012)

Here is the OTL.txt:

OTL logfile created on: 1/12/2012 8:03:47 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Owner\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.74 Gb Total Physical Memory | 5.84 Gb Available Physical Memory | 75.39% Memory free
15.48 Gb Paging File | 13.44 Gb Available in Paging File | 86.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.20 Gb Total Space | 467.84 Gb Free Space | 68.18% Space Free | Partition Type: NTFS
Drive D: | 12.33 Gb Total Space | 2.23 Gb Free Space | 18.09% Space Free | Partition Type: NTFS
Drive K: | 100.19 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Users\Owner\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
PRC - C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
PRC - C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 6\WVSScheduler.exe (Acunetix Ltd.)
PRC - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe ()
PRC - C:\Windows\SysWOW64\WinMsgBalloonServer.exe ()
PRC - C:\Windows\SysWOW64\WinMsgBalloonClient.exe ()
PRC - C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe (AMD)
PRC - C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()

========== Modules (No Company Name) ==========

MOD - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe ()

========== Win32 Services (SafeList) ==========

SRV:*64bit:* - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV:*64bit:* - (WinAutomation Service) -- C:\Program Files\WinAutomation\WinAutomation.ServiceAgent.exe (Softomotive)
SRV:*64bit:* - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:*64bit:* - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:*64bit:* - (Printer Control) -- C:\Windows\SysNative\PrintCtrl.exe (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (OpenVPNService) -- C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe ()
SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
SRV - (IntuitUpdateService) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AcuWVSSchedulerv6) -- C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 6\WVSScheduler.exe (Acunetix Ltd.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (CSObjectsSrv) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (AMD_RAIDXpert) -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe (AMD)
SRV - (Adobe Version Cue CS4) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)

========== Driver Services (SafeList) ==========

DRV:*64bit:* - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:*64bit:* - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:*64bit:* - (NuidFltr) -- C:\Windows\SysNative\drivers\nuidfltr.sys (Microsoft Corporation)
DRV:*64bit:* - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:*64bit:* - (dc3d) MS Hardware Device Detection Driver (USB) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:*64bit:* - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:*64bit:* - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:*64bit:* - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:*64bit:* - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:*64bit:* - (teamviewervpn) -- C:\Windows\SysNative\drivers\teamviewervpn.sys (TeamViewer GmbH)
DRV:*64bit:* - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:*64bit:* - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:*64bit:* - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:*64bit:* - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:*64bit:* - (CSCrySec) -- C:\Windows\SysNative\drivers\CSCrySec.sys (Infowatch)
DRV:*64bit:* - (CSVirtualDiskDrv) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys (Infowatch)
DRV:*64bit:* - (KLBG) -- C:\Windows\SysNative\drivers\klbg.sys (Kaspersky Lab)
DRV:*64bit:* - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:*64bit:* - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab)
DRV:*64bit:* - (kl1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab)
DRV:*64bit:* - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:*64bit:* - (ahcix64s) -- C:\Windows\SysNative\drivers\ahcix64s.sys (Advanced Micro Devices, Inc)
DRV:*64bit:* - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:*64bit:* - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:*64bit:* - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:*64bit:* - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:*64bit:* - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:*64bit:* - (61883) -- C:\Windows\SysNative\drivers\61883.sys (Microsoft Corporation)
DRV:*64bit:* - (Avc) -- C:\Windows\SysNative\drivers\avc.sys (Microsoft Corporation)
DRV:*64bit:* - (MSDV) -- C:\Windows\SysNative\drivers\msdv.sys (Microsoft Corporation)
DRV:*64bit:* - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:*64bit:* - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:*64bit:* - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:*64bit:* - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:*64bit:* - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:*64bit:* - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:*64bit:* - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:*64bit:* - (mcdbus) -- C:\Windows\SysNative\drivers\mcdbus.sys (MagicISO, Inc.)
DRV:*64bit:* - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV:*64bit:* - (LVUVC64) Logitech QuickCam Fusion(UVC) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:*64bit:* - (LVUSBS64) -- C:\Windows\SysNative\drivers\LVUSBS64.sys (Logitech Inc.)
DRV:*64bit:* - (lvpopf64) -- C:\Windows\SysNative\drivers\lvpopf64.sys (Logitech Inc.)
DRV:*64bit:* - (V0060VID) -- C:\Windows\SysNative\drivers\V0060Vid.sys (Creative Technology Ltd.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (mcdbus) -- C:\Windows\SysWOW64\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
IE - HKLM\..\URLSearchHook: {01188d35-daf3-4a43-90aa-f1bf150207e6} - No CLSID value found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

========== FireFox ==========

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: [email protected]:1.54
FF - prefs.js..extensions.enabledItems: {563e4790-7e70-11da-a72b-0800200c9a66}:0.9c
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.88
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:0.8
FF - prefs.js..extensions.enabledItems: [email protected]:2.1.43
FF - prefs.js..extensions.enabledItems: {896642E4-C556-4ED3-85D1-9AC431603E7D}:1.0.4
FF - prefs.js..extensions.enabledItems: {d57c9ff1-6389-48fc-b770-f78bd89b6e8a}:1.34
FF - prefs.js..extensions.enabledItems: {dd3d7613-0246-469d-bc65-2a3cc1668adc}:0.7.1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]i:1.0.43
FF - prefs.js..extensions.enabledItems: {06997db0-c027-4d5f-bd37-b0d9230226ea}:0.62
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3
FF - prefs.js..extensions.enabledItems: [email protected]:11.0.2.579
FF - prefs.js..extensions.enabledItems: [email protected]:11.0.2.579
FF - prefs.js..extensions.enabledItems: [email protected]:11.0.2.579
FF - prefs.js..extensions.enabledItems: {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}:5.0.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.8
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0

FF - user.js..network.proxy.type: 0
FF - user.js..network.proxy.http: ""
FF - user.js..network.proxy.http_port: 
FF - user.js..network.proxy.no_proxies_on: ""

FF:*64bit:* - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:*64bit:* - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/12 14:08:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/11/02 15:26:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\THBExt [2011/12/26 18:23:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Windows\vf_hip\ [2010/07/24 20:01:01 | 000,000,000 | ---D | M]

[2009/12/26 01:07:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2011/12/16 21:07:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions
[2011/03/18 21:45:27 | 000,000,000 | ---D | M] (Remove Cookies for Site) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{06997db0-c027-4d5f-bd37-b0d9230226ea}
[2011/12/15 22:30:33 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2011/12/16 21:07:10 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2011/08/05 14:25:49 | 000,000,000 | ---D | M] (Freecorder Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}
[2010/06/12 22:39:26 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{896642E4-C556-4ED3-85D1-9AC431603E7D}
[2010/07/21 12:40:17 | 000,000,000 | ---D | M] (BlockSite) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2011/01/11 18:30:30 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011/02/05 01:25:20 | 000,000,000 | ---D | M] (Acunetix Web Scanner) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\[email protected]
[2010/02/18 13:52:55 | 000,000,000 | ---D | M] ("LinkDiagnosis 2.0") -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\[email protected]
[2011/01/30 18:13:47 | 000,000,000 | ---D | M] (Super Hide IP) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\[email protected]
[2010/04/10 15:24:42 | 000,001,828 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\searchplugins\bing.xml
[2010/04/12 17:11:03 | 000,001,337 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\searchplugins\ezinearticles.xml
[2011/09/07 21:30:20 | 000,001,490 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\searchplugins\web-search-powered-by-google.xml
[2011/12/26 18:24:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/11/05 20:37:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011/04/16 02:22:03 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]_bak
[2011/12/26 18:24:33 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2011/04/16 02:22:02 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]_bak
() (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OC4VKF64.DEFAULT\EXTENSIONS\{563E4790-7E70-11DA-A72B-0800200C9A66}.XPI
() (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OC4VKF64.DEFAULT\EXTENSIONS\{D57C9FF1-6389-48FC-B770-F78BD89B6E8A}.XPI
() (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OC4VKF64.DEFAULT\EXTENSIONS\[email protected]
[2011/11/12 14:08:08 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/05 20:37:30 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2006/08/09 04:16:08 | 000,030,408 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npWebLaunch.dll
[2011/10/05 11:44:15 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/12 14:08:08 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: thriXXX WebLaunch (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npWebLaunch.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2012/01/12 14:03:43 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:*64bit:* - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\ievkbd.dll (Kaspersky Lab)
O2:*64bit:* - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:*64bit:* - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
O2:*64bit:* - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Owner\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:*64bit:* - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (FireShot) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.80.dll File not found
O3:*64bit:* - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:*64bit:* - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:*64bit:* - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:*64bit:* - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:*64bit:* - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:*64bit:* - HKLM..\Run: [PrintDisp] C:\Windows\SysNative\PrintDisp.exe (ActMask Co.,Ltd - http://www.all2pdf.com)
O4:*64bit:* - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files (x86)\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe ()
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:*64bit:* - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:*64bit:* - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:*64bit:* - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:*64bit:* - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:*64bit:* - Extra context menu item: Download All By FlashGet3 - C:\Users\Owner\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8:*64bit:* - Extra context menu item: Download By FlashGet3 - C:\Users\Owner\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Download All By FlashGet3 - C:\Users\Owner\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download By FlashGet3 - C:\Users\Owner\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O9:*64bit:* - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
O9:*64bit:* - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: iOpus iMacros - {0483894E-2422-45E0-8384-021AFF1AF3CD} - C:\Program Files (x86)\iMacros\imacros.dll (iOpus Software GmbH)
O9 - Extra 'Tools' menuitem : iMacros Web Automation - {0483894E-2422-45E0-8384-021AFF1AF3CD} - Reg Error: Value error. File not found
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54F9BA21-92AF-467D-BCD0-E71F53A0AA3E}: DhcpNameServer = 192.168.1.1
O18:*64bit:* - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:*64bit:* - Protocol\Handler\livecall - No CLSID value found
O18:*64bit:* - Protocol\Handler\msdaipp - No CLSID value found
O18:*64bit:* - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:*64bit:* - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:*64bit:* - Protocol\Handler\ms-help - No CLSID value found
O18:*64bit:* - Protocol\Handler\ms-itss - No CLSID value found
O18:*64bit:* - Protocol\Handler\msnim - No CLSID value found
O18:*64bit:* - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:*64bit:* - Protocol\Handler\skype4com - No CLSID value found
O18:*64bit:* - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:*64bit:* - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:*64bit:* - Protocol\Filter\text/xml - No CLSID value found
O20:*64bit:* - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\kloehk.dll (Kaspersky Lab)
O20:*64bit:* - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\sbhook64.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) -C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) -C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\sbhook.dll (Kaspersky Lab)
O20:*64bit:* - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:*64bit:* - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:*64bit:* - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:*64bit:* - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:*64bit:* - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:*64bit:* - HKLM\..comfile [open] -- "%1" %*
O35:*64bit:* - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:*64bit:* - HKLM\...com [@ = ComFile] -- "%1" %*
O37:*64bit:* - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/12 20:00:30 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/01/12 19:43:17 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\TFC.exe
[2012/01/12 18:58:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\market-samurai market-samurai-2012
[2012/01/12 14:43:33 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/01/11 22:20:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/01/11 22:19:31 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Owner\Desktop\esetsmartinstaller_enu.exe
[2012/01/11 08:36:21 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/01/11 08:36:21 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/01/11 08:36:21 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/01/11 08:36:14 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/01/11 08:35:00 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/11 08:34:22 | 004,381,975 | R--- | C] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe
[2012/01/10 22:27:12 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/01/10 22:27:12 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/01/10 22:27:12 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/01/10 22:27:12 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/01/10 22:27:11 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/01/10 22:27:11 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/01/10 22:27:08 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/01/10 22:27:07 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/01/10 22:27:07 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/01/08 13:19:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\111 virus scan 2012
[2012/01/08 13:17:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012/01/08 13:17:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/01/05 20:37:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Market Samurai
[2011/12/26 18:24:06 | 000,085,048 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSCrySec.sys
[2011/12/26 18:24:06 | 000,066,104 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys
[2011/12/26 18:22:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InfoWatch
[2011/12/26 18:22:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE
[2011/12/26 18:22:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2011/12/26 18:22:17 | 000,353,296 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2011/12/14 01:19:25 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011/12/14 01:19:11 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/12/14 01:19:11 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/12/14 01:19:11 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/12/14 01:19:10 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/12/14 01:19:10 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/12/14 01:19:08 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/12/14 01:19:08 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/12/14 01:18:59 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/12/14 01:18:59 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2 C:\Users\Owner\Desktop\*.tmp files -> C:\Users\Owner\Desktop\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/12 19:59:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/01/12 19:55:47 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/12 19:55:47 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/12 19:48:23 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/12 19:48:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/12 19:43:01 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\TFC.exe
[2012/01/12 19:29:03 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1496317490-1307526022-1011991264-1000UA.job
[2012/01/12 19:25:03 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/12 18:59:55 | 000,303,560 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/01/12 18:26:08 | 000,174,698 | ---- | M] () -- C:\Users\Owner\Desktop\wso-refund-1-12-2012.PNG
[2012/01/12 14:03:43 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/01/12 13:47:29 | 004,381,975 | R--- | M] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe
[2012/01/12 10:44:51 | 000,458,240 | ---- | M] () -- C:\Users\Owner\Desktop\CKScanner.exe
[2012/01/12 00:29:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1496317490-1307526022-1011991264-1000Core.job
[2012/01/11 22:19:07 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Owner\Desktop\esetsmartinstaller_enu.exe
[2012/01/11 08:25:34 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForOwner.job
[2012/01/10 23:04:15 | 000,772,990 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/10 23:04:15 | 000,660,280 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/01/10 23:04:15 | 000,121,208 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/01/10 23:04:06 | 000,772,990 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/01/10 22:42:42 | 000,199,933 | ---- | M] () -- C:\Users\Owner\Desktop\agata-adwords-2012.PNG
[2012/01/08 13:34:09 | 000,282,707 | ---- | M] () -- C:\Users\Owner\Desktop\111 virus scan 2012.zip
[2012/01/08 13:30:28 | 000,002,405 | ---- | M] () -- C:\Users\Owner\Desktop\Google Chrome.lnk
[2012/01/08 13:17:12 | 000,002,975 | ---- | M] () -- C:\Users\Owner\Desktop\HiJackThis.lnk
[2012/01/07 18:14:07 | 000,055,200 | ---- | M] () -- C:\Users\Owner\Desktop\cox-usage-jan2012.PNG
[2012/01/05 22:15:29 | 000,000,600 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\winscp.rnd
[2012/01/05 21:03:48 | 001,034,240 | ---- | M] () -- C:\Users\Owner\Desktop\studioelevenone.com.msam
[2012/01/05 20:37:46 | 000,000,933 | ---- | M] () -- C:\Users\Public\Desktop\Market Samurai.lnk
[2011/12/31 10:45:39 | 000,000,552 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2011/12/30 21:38:20 | 000,083,231 | ---- | M] () -- C:\Users\Owner\Desktop\500-error-12-30-2011.PNG
[2011/12/29 10:46:53 | 000,001,139 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2011/12/29 10:46:53 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/26 18:34:49 | 000,152,233 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2011/12/26 18:34:49 | 000,107,177 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2011/12/26 18:22:17 | 000,353,296 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2011/12/20 14:25:07 | 000,030,092 | ---- | M] () -- C:\Users\Owner\Desktop\matrix coastal grove way.pdf
[2011/12/19 20:33:24 | 000,035,512 | ---- | M] () -- C:\Users\Owner\Desktop\blue-mobile-site-footer.PNG
[2011/12/19 18:28:24 | 000,340,579 | ---- | M] () -- C:\Users\Owner\Desktop\blue-mobile-site.PNG
[2011/12/18 11:39:15 | 000,250,411 | ---- | M] () -- C:\Users\Owner\Desktop\europeana-broken-link-dec-18-2011.PNG
[2011/12/14 03:31:16 | 003,241,096 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2 C:\Users\Owner\Desktop\*.tmp files -> C:\Users\Owner\Desktop\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/12 18:26:08 | 000,174,698 | ---- | C] () -- C:\Users\Owner\Desktop\wso-refund-1-12-2012.PNG
[2012/01/12 10:45:08 | 000,458,240 | ---- | C] () -- C:\Users\Owner\Desktop\CKScanner.exe
[2012/01/11 08:36:21 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/01/11 08:36:21 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/01/11 08:36:21 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/01/11 08:36:21 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/01/11 08:36:21 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/01/10 22:42:42 | 000,199,933 | ---- | C] () -- C:\Users\Owner\Desktop\agata-adwords-2012.PNG
[2012/01/08 13:34:09 | 000,282,707 | ---- | C] () -- C:\Users\Owner\Desktop\111 virus scan 2012.zip
[2012/01/08 13:17:12 | 000,002,975 | ---- | C] () -- C:\Users\Owner\Desktop\HiJackThis.lnk
[2012/01/07 18:09:40 | 000,055,200 | ---- | C] () -- C:\Users\Owner\Desktop\cox-usage-jan2012.PNG
[2012/01/05 20:37:46 | 000,000,945 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Market Samurai.lnk
[2012/01/05 20:37:46 | 000,000,933 | ---- | C] () -- C:\Users\Public\Desktop\Market Samurai.lnk
[2011/12/30 21:38:19 | 000,083,231 | ---- | C] () -- C:\Users\Owner\Desktop\500-error-12-30-2011.PNG
[2011/12/29 10:46:53 | 000,001,139 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2011/12/29 10:46:53 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/26 18:24:27 | 000,152,233 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat
[2011/12/26 18:24:27 | 000,107,177 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat
[2011/12/20 14:25:06 | 000,030,092 | ---- | C] () -- C:\Users\Owner\Desktop\matrix coastal grove way.pdf
[2011/12/19 20:33:24 | 000,035,512 | ---- | C] () -- C:\Users\Owner\Desktop\blue-mobile-site-footer.PNG
[2011/12/19 18:28:23 | 000,340,579 | ---- | C] () -- C:\Users\Owner\Desktop\blue-mobile-site.PNG
[2011/12/18 11:39:15 | 000,250,411 | ---- | C] () -- C:\Users\Owner\Desktop\europeana-broken-link-dec-18-2011.PNG
[2011/11/17 09:32:18 | 000,186,576 | ---- | C] () -- C:\Windows\Submitter Uninstaller.exe
[2011/07/27 08:12:20 | 000,000,212 | ---- | C] () -- C:\Windows\SysWow64\winiog_019.dat
[2011/05/16 22:02:35 | 000,303,560 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/05/08 19:57:36 | 000,000,600 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\winscp.rnd
[2011/05/07 17:28:12 | 000,000,600 | ---- | C] () -- C:\Users\Owner\AppData\Local\PUTTY.RND
[2011/04/18 18:57:21 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010/12/03 19:52:16 | 000,000,193 | ---- | C] () -- C:\Users\Owner\AppData\Local\TheBestSpinner_Export.dat
[2010/10/12 20:51:48 | 000,057,016 | ---- | C] () -- C:\Windows\SysWow64\imsys.dll
[2010/10/12 20:51:46 | 000,367,800 | ---- | C] () -- C:\Windows\SysWow64\iimds.dll
[2010/10/12 20:51:46 | 000,233,144 | ---- | C] () -- C:\Windows\SysWow64\IMImage.dll
[2010/10/12 20:51:46 | 000,014,848 | ---- | C] () -- C:\Windows\SysWow64\iimir.dll
[2010/08/03 13:17:08 | 000,772,990 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/08/01 12:29:19 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\ptlx55.dat.{5728B11F-B697-47AA-9C1B-8ECB545B5193}
[2010/07/24 19:01:04 | 000,000,074 | ---- | C] () -- C:\Windows\MyProg.ini
[2010/06/29 23:12:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2010/02/09 19:09:10 | 000,000,868 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\wklnhst.dat
[2010/01/12 00:30:10 | 000,003,584 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/11 14:19:06 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/06 18:17:09 | 000,395,665 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpTWOJ PTASZEK.2
[2010/01/06 18:17:07 | 000,393,922 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpTWOJ PTASZEK.1
[2010/01/06 18:17:06 | 000,690,492 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpTWOJ PTASZEK.0
[2010/01/06 18:17:06 | 000,396,821 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpTWOJ PTASZEK.JPG
[2010/01/06 18:16:49 | 000,190,851 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpJA.3
[2010/01/06 18:16:46 | 000,182,813 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpJA.2
[2010/01/06 18:16:45 | 000,183,816 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpJA.1
[2010/01/06 18:16:43 | 000,358,949 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpJA.JPG
[2010/01/06 18:16:43 | 000,358,949 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpJA.0
[2010/01/06 17:49:15 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2010/01/06 17:47:21 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/12/30 22:41:00 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2009/12/30 22:39:06 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2009/12/30 22:38:32 | 000,005,937 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009/12/25 20:51:46 | 001,391,616 | ---- | C] () -- C:\Windows\SysWow64\ActPDF.dll
[2009/12/24 20:22:08 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/08/18 04:37:59 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/07/13 23:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 20:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 20:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 18:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 15:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/03/16 01:47:28 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\WinMsgBalloonServer.exe
[2009/03/16 01:47:24 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\WinMsgBalloonClient.exe
[2009/03/05 20:00:36 | 000,532,480 | ---- | C] () -- C:\Windows\SysWow64\libxml2.dll

========== LOP Check ==========

[2012/01/07 18:09:14 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\afterbeep
[2011/11/26 11:59:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\BacklinkOptimizerToolPLUS
[2011/11/05 20:39:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\BITS
[2011/11/28 14:14:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Canon
[2010/07/22 15:35:02 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\CherryPickerLive
[2011/12/10 18:49:52 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\com.springbox.mobilizer
[2011/05/08 11:04:52 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FileZilla
[2009/12/27 17:54:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FireShot
[2011/04/18 18:57:12 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FlashGet
[2011/04/18 18:57:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FlashGetBHO
[2010/08/30 18:18:38 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Free Monitor for Google
[2011/05/26 13:03:12 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GARMIN
[2011/05/13 19:46:24 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Gzegzolka XP
[2010/02/13 22:05:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\IBP
[2009/12/31 17:09:23 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Iceni
[2011/09/28 00:35:42 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\IMBuzz Creators
[2011/07/24 08:48:06 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\JonathanLeger.com
[2011/10/11 22:23:46 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\KeywordOptimizerPro
[2010/01/02 22:23:52 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\LPC
[2009/12/30 22:42:30 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\MAGIX
[2011/03/30 16:23:07 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2010/01/12 00:55:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\muvee Technologies
[2011/08/05 14:25:50 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\OpenCandy
[2010/01/07 17:51:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Opera
[2009/12/19 13:59:49 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PictureMover
[2011/01/16 22:40:43 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Power YouTube to MP3 Converter
[2011/08/05 14:28:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Sammsoft
[2010/10/08 09:17:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ScrapeBox Link Checker Free Edition
[2011/11/17 09:32:17 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Sick Marketing
[2010/06/13 13:39:54 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Smart PDF Converter
[2010/08/19 13:37:05 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Stylus Studio
[2011/01/30 18:12:26 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SuperHideIP
[2010/02/09 19:09:12 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Template
[2011/01/30 20:50:41 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\thriXXX
[2009/12/30 23:28:24 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TurboFTP
[2012/01/05 22:55:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\UBot Studio
[2010/01/06 20:41:29 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\UDC Profiles
[2009/12/30 16:30:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\VitySoft
[2010/04/18 15:54:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WinBatch
[2010/01/12 00:03:19 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WinPatrol
[2011/12/31 10:45:39 | 000,000,552 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2011/01/23 17:07:46 | 000,032,552 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >


----------



## destin (Jan 8, 2012)

And here is the other one, Extras.txt

OTL Extras logfile created on: 1/12/2012 8:03:47 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Owner\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.74 Gb Total Physical Memory | 5.84 Gb Available Physical Memory | 75.39% Memory free
15.48 Gb Paging File | 13.44 Gb Available in Paging File | 86.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.20 Gb Total Space | 467.84 Gb Free Space | 68.18% Space Free | Partition Type: NTFS
Drive D: | 12.33 Gb Total Space | 2.23 Gb Free Space | 18.09% Space Free | Partition Type: NTFS
Drive K: | 100.19 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP240_series" = Canon MP240 series MP Drivers
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26280024-DFB7-4967-90DB-7F9C6660D01E}" = HP MediaSmart SmartMenu
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{67F5E390-8E09-4AE4-B7F2-705AFD23D86D}" = WinAutomation
"{7371196E-FA5B-43AE-1AE2-875E98869B47}" = ccc-utility64
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{88882852-5C7D-A48B-15F3-8D13CABDA7A3}" = ATI Catalyst Install Manager
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Creative VF0060" = Creative WebCam Live! Ultra Driver (1.11.02.00)
"Form Pilot Home_is1" = Form Pilot Home version 2.30
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"OfficeTrial" = Microsoft Office Home and Student 60 day trial
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"Smart PDF Converter_is1" = Smart PDF Converter 5.0.1.335

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00107ED7-7DB8-47CD-A50F-E2422D13298F}" = Serif WebPlus Starter Edition 3.0
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{0284181F-355D-C4E1-B483-41992C48490E}" = CCC Help German
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{07FF3AA8-0BC6-8861-F27F-2ED442F5C03E}" = CCC Help English
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14A4957E-46DB-4821-528D-8381B4376FE2}" = CCC Help Korean
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1896E712-2B3D-45eb-BCE9-542742A51032}" = PictureMover
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1B868720-ED88-4531-8892-3A35A76E48FE}" = TurboTax 2010 wfliper
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{22139F5D-9405-455A-BDEB-658B1A4E4861}" = Catalyst Control Center - Branding
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2E4BEAC4-FB73-9657-A5B2-42F508AF98FE}" = CCC Help Finnish
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{36B90A24-CE03-79C6-3DEE-1EFEE456377F}" = Catalyst Control Center Graphics Full Existing
"{3712BB20-EAA2-012B-AD56-000000000000}" = TurboTax 2009 wfliper
"{3732AF18-9C3C-428D-B944-F7E3FADEE3F3}" = Adobe Setup
"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset
"{37D59F62-2FC7-412D-AA55-3D0E6A9BD9C7}" = Microsoft Live Search Toolbar
"{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset
"{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine
"{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B18BAAA-1734-8CA1-1A04-B68A06A1F9C9}" = Catalyst Control Center Graphics Full New
"{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8D1C7-3E1C-4A5D-A5C0-A02049556878}" = TweetAttacks AC
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3DD66600-791E-4A11-8E6C-2AB6AFB9C809}" = Tukanas Hits Generator
"{3E450CF1-F8C4-C8D6-29D1-87AD090E8F2A}" = Catalyst Control Center InstallProxy
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{4377068C-A88F-53F7-EDAF-DBD7990AEB93}" = CCC Help Swedish
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4907BDCE-4DF2-350C-24B2-9C509F004F1D}" = CCC Help Chinese Traditional
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper
"{50427B19-DC13-EBBF-C44A-42DED9C8DD54}" = muvee Reveal
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AC54C83-060F-9610-CC29-9310CBDF80CB}" = Mobilizer
"{5B0D4B33-FB4C-CB95-38D3-66F4B942661E}" = CCC Help Japanese
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{628690B9-A523-B37A-E001-D8E4581D573D}" = Catalyst Control Center Localization All
"{62AD5F7F-9CFC-4523-AF83-C58F02836635}" = Geek Squad 24 Hour Computer Support
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AC35F19-C3DF-6455-C9E2-1E77BA42D3BC}" = Catalyst Control Center Graphics Previews Vista
"{6D1A44ED-3D15-9BB3-43AE-91A077AE9212}" = CCC Help Chinese Standard
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83907548-56BB-D892-1CAC-2F5EC0939B37}" = CCC Help Czech
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{87B2EBAC-86B0-41A3-AF06-BB3A0A87E2AB}" = Stylus Studio 2010 XML Enterprise Suite
"{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B525929-3543-4DA4-8910-E165B663FA8E}" = SocialExposureSystem
"{8B76B8E9-F773-4B75-A08C-120079EB765E}" = RAIDXpert
"{8BF748D3-66DF-4FA9-932B-514E8AFC7C6B}" = GreyHatSoftware TestBot
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9062CED6-AECC-E6C6-E6A0-A654CE167554}" = CCC Help Portuguese
"{91170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92EAE2BD-48D8-52FA-FBE7-FB6ADCCBCB89}" = Market Samurai
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95A36786-E9A6-4CC8-AE28-29D038DDBDC6}" = Opera 11.52
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}" = Driver Whiz
"{97E32194-C626-92E1-9AB9-64AA00CC7380}" = CCC Help Russian
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{99011A6E-5200-11DE-BDB8-7ACD56D89593}" = Rosetta Stone Version 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}" = HP MediaSmart Demo
"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine
"{A531FA0F-D3BC-4DB9-ACF9-8BE647FE39D2}" = Sick Submitter
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper
"{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B60DCA15-56A3-4D2D-8747-22CF7D7B588B}" = HP Support Assistant
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{B9F47E93-4F7B-4CB5-A21B-C5214F39E087}_is1" = InstantPhotoSketch 1.0
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CE924-DD9E-3A0D-EA16-9931D21FB3F5}" = CCC Help Turkish
"{C285CFAB-889A-47C9-2959-A9B71B5E0BFB}" = CCC Help Hungarian
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Activate Norton Online Backup
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C88256B0-1182-C1B2-FE22-C1BAC6BB0E83}" = CCC Help Norwegian
"{CA1A637B-5BFD-A325-BC4B-15D3D10B861C}" = Catalyst Control Center Core Implementation
"{CACBE764-2E09-5D88-E496-78F7B1E9FFAE}" = CCC Help Greek
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}" = WinZip 14.0
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEF9A199-8652-B2A0-8C82-5491CB57AC3A}" = CCC Help French
"{D4134B0B-EA9B-4835-A77A-60BEE6277101}" = Lightroom
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D4A771D8-9FF1-4AAB-89A1-3E43CAE66634}" = Facebook fan page creator
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D781BE32-516F-957C-C080-8365111CAC18}" = CCC Help Danish
"{D9B24980-6777-425B-97D2-CE735F964C4C}_is1" = guru's URL Grabber 3.0
"{DC2841DC-5ADC-8FDD-C3FD-5FD223426F38}" = CCC Help Polish
"{DCC8DA46-5386-1941-7065-3FDB3C7BD0F6}" = CherryPicker
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DF802C05-4660-418c-970C-B988ADB1D316}" = Microsoft Live Search Toolbar
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E60BFE17-F44C-4A28-9ACF-1DD7362B0278}_is1" = Acunetix Web Vulnerability Scanner 6.5
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype 5.0
"{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EB04773A-005D-3A2E-43C2-CEDE2645F1C3}" = ccc-core-static
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1F24DF6-37BB-9905-9EB4-5C1E4D32B664}" = Catalyst Control Center Graphics Light
"{F20A4D6F-88ED-32BA-0C6D-BD6A692EFF29}" = CCC Help Italian
"{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4DA32EA-B9F2-4B22-87E2-E8937DA4F6A8}" = Adobe Creative Suite 4 Web Premium
"{F5AC7E52-BDF6-9948-73CD-BCE3C23632F3}" = CCC Help Dutch
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F6FA1416-ABCF-3559-1ACA-CEAADD6AF3E8}" = CCC Help Thai
"{F86145F7-BF40-33F0-F07B-D10BE04F98AA}" = CCC Help Spanish
"{F8E2838E-AA8B-5BCF-D8F5-5645EB13B798}" = KeywordOptimizerPro
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FD9C31B6-F572-414D-81E3-89368C97A125}_is1" = CamStudio OSS Desktop Recorder
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"123 PDF to Image_is1" = 123 PDF to Image v1.5
"43442AE9-6512-4392-B5DD-9167BECD1114_is1" = Infix 4.08
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe_6f2ce928cc3187358f216191905bbea" = Adobe Creative Suite 4 Web Premium
"Alexa Booster" = Alexa Booster
"A-PDF Text Extractor_is1" = A-PDF Text Extractor 1.3
"ARO 2011_is1" = ARO 2011
"Backlink Optimizer Tool Plus 1.0.0.3" = Backlink Optimizer Tool Plus 1.0.0.3
"Bass Audio Decoder" = Bass Audio Decoder (remove only)
"Canon MP240 series User Registration" = Canon MP240 series User Registration
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)
"CherryPickerLive" = CherryPicker
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.springbox.mobilizer" = Mobilizer
"Cool MP3 Splitter_is1" = Cool MP3 Splitter 2.02
"DCoder Image Source" = DCoder Image Source (remove only)
"Digital Editions" = Adobe Digital Editions
"DirectVobSub" = DirectVobSub (remove only)
"Driver Checker_is1" = Driver Checker v2.7.4
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"eCover Engineer_is1" = eCover Engineer 5.41
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"ffdshow_is1" = ffdshow [rev 3124] [2009-11-03]
"FFMPEG Core Files" = FFMPEG Core Files (remove only)
"FileExpress_is1" = FileExpress 1.2
"Firebird SQL Server US" = Firebird SQL Server - MAGIX Edition
"FlashGet 3.3" = FlashGet 3.3
"Forum Poster 3_is1" = Forum Poster 3.30
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.2
"Free Monitor for Google_is1" = Free Monitor for Google 2.5
"Freecorder5.02" = Freecorder 5
"freecordertoolbar" = Freecorder Toolbar
"Gabest MPEG Splitter" = Gabest MPEG Splitter (remove only)
"HaaliMkx" = Haali Media Splitter
"Hide IP Platinum_is1" = Hide IP Platinum 3.43
"HMA! Pro VPN" = HMA! Pro VPN 2.6.9
"Homepage Protection" = Homepage Protection
"HP Remote Solution" = HP Remote Solution
"IBP11_is1" = IBP 11.6.5
"IIM5_is1" = iMacros V6.50
"ImageConverter Plus_is1" = ImageConverter Plus 7.1
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}" = RAIDXpert
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallWIX_{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
"Instant Video Articles_is1" = Instant Video Articles v1.03
"Keyword Tracking Tool_is1" = Keyword Tracking Tool 1.0
"KeywordOptimizerPro" = KeywordOptimizerPro
"Link Popularity Check_is1" = Link Popularity Check 3.0.3
"Magic ISO Maker v5.5 (build 0276)" = Magic ISO Maker v5.5 (build 0276)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"MAGIX Music Maker 14 Producer Edition Trial US" = MAGIX Music Maker 14 Producer Edition Trial 13.0.2.1 (US)
"MAGIX Screenshare US" = MAGIX Screenshare 4.3.6.1987 (US)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800
"MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1" = Market Samurai
"Micro Niche Finder 5.0_is1" = Micro Niche Finder 5.0
"Micro Niche Finder_is1" = Micro Niche Finder
"MONOGRAM AMR Splitter/Decoder" = MONOGRAM AMR Splitter/Decoder (remove only)
"Mozilla Firefox 8.0 (x86 en-US)" = Mozilla Firefox 8.0 (x86 en-US)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"OpenSource AVI Splitter" = OpenSource AVI Splitter (remove only)
"OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only)
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter (remove only)
"Random Sentence Generator Using Text Files Software_is1" = Random Sentence Generator Using Text Files Software
"RealMedia" = RealMedia (remove only)
"Screaming Frog SEO Spider" = Screaming Frog SEO Spider
"SHOUTcast Source" = SHOUTcast Source (remove only)
"Software Remove Master_is1" = Software Remove Master v5.0.1.2
"Submitter" = Submitter
"SuperHideIP" = Super Hide IP
"TeamViewer 6" = TeamViewer 6
"TheBestSpinner" = TheBestSpinner
"TheBestSpinner3" = TheBestSpinner3
"TurboTax 2008" = TurboTax 2008
"TurboTax 2009" = TurboTax 2009
"TurboTax 2010" = TurboTax 2010
"Universal Document Converter_is1" = Universal Document Converter (Demo)
"Universal Forum Poster1.0.0.13" = Universal Forum Poster
"VIO1 Toolbar" = VIO1 Toolbar
"VioVideoConverter" = Vio Video Converter 2.1
"VirtualCloneDrive" = VirtualCloneDrive
"WildTangent hp Master Uninstall" = HP Games
"WinAutomation" = WinAutomation
"WinLiveSuite" = Windows Live Essentials
"WinMerge_is1" = WinMerge 2.12.4
"WinPatrol" = WinPatrol 2009
"winscp3_is1" = WinSCP 4.3.2
"Xenu's Link Sleuth" = Xenu's Link Sleuth

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.8.0.723

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >


----------



## jeffce (May 10, 2011)

Hi destin,

Please download and run ERUNT (Emergency Recovery Utility NT). This program allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed. **Remember if you are using Windows Vista as your operating system right-click the executable and *Run as Administrator*.
----------

Run *OTL.exe*

Copy/paste the following text written *inside of the code box* into the *Custom Scans/Fixes* box located at the bottom of OTL


```
:Services

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...estbuy&pf=cndt
IE - HKLM\..\URLSearchHook: {01188d35-daf3-4a43-90aa-f1bf150207e6} - No CLSID value found
FF - prefs.js..extensions.enabledItems: {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}:5.0.0.0
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
[2011/08/05 14:25:49 | 000,000,000 | ---D | M] (Freecorder Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\ex tensions\{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}
[2010/06/12 22:39:26 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\ex tensions\{896642E4-C556-4ED3-85D1-9AC431603E7D}
() (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OC4VKF64.DEFAULT\EX TENSIONS\[email protected]
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
[2 C:\Users\Owner\Desktop\*.tmp files -> C:\Users\Owner\Desktop\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[2010/01/12 00:30:10 | 000,003,584 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/06 18:17:09 | 000,395,665 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpTWOJ PTASZEK.2
[2010/01/06 18:17:07 | 000,393,922 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpTWOJ PTASZEK.1
[2010/01/06 18:17:06 | 000,690,492 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpTWOJ PTASZEK.0
[2010/01/06 18:17:06 | 000,396,821 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpTWOJ PTASZEK.JPG
[2010/01/06 18:16:49 | 000,190,851 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpJA.3
[2010/01/06 18:16:46 | 000,182,813 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpJA.2
[2010/01/06 18:16:45 | 000,183,816 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpJA.1
[2010/01/06 18:16:43 | 000,358,949 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpJA.JPG
[2010/01/06 18:16:43 | 000,358,949 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpJA.0


:Files
ipconfig /flushdns /c

:Commands
[purity]
[resethosts]
[emptyjava]
[emptyflash]
[emptytemp]
[clearallrestorepoints]
[start explorer]
[Reboot]
```

Then click the *Run Fix* button at the top
Let the program run unhindered, reboot when it is done
Then run a new scan and post a new OTL log ( *don't check* the boxes beside LOP Check or Purity this time )

In your next reply please post both of the logs that will be created by OTL.


----------



## destin (Jan 8, 2012)

*OTL Logs:*

All processes killed
========== SERVICES/DRIVERS ==========
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{01188d35-daf3-4a43-90aa-f1bf150207e6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01188d35-daf3-4a43-90aa-f1bf150207e6}\ not found.
Prefs.js: {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}:5.0.0.0 removed from extensions.enabledItems
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Folder C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\ex tensions\{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}\ not found.
Folder C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\ex tensions\{896642E4-C556-4ED3-85D1-9AC431603E7D}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found.
File Protocol\Handler\msdaipp\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found.
File Protocol\Handler\msdaipp\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ deleted successfully.
File Protocol\Handler\ms-itss - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap11\ deleted successfully.
File Protocol\Handler\mso-offdap11 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
C:\Users\Owner\Desktop\Upload.tmp deleted successfully.
C:\Users\Owner\Desktop\~WRL3349.tmp deleted successfully.
C:\Windows\SysNative\drivers\SET11B.tmp deleted successfully.
C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Users\Owner\AppData\Local\tmpTWOJ PTASZEK.2 moved successfully.
C:\Users\Owner\AppData\Local\tmpTWOJ PTASZEK.1 moved successfully.
C:\Users\Owner\AppData\Local\tmpTWOJ PTASZEK.0 moved successfully.
C:\Users\Owner\AppData\Local\tmpTWOJ PTASZEK.JPG moved successfully.
C:\Users\Owner\AppData\Local\tmpJA.3 moved successfully.
C:\Users\Owner\AppData\Local\tmpJA.2 moved successfully.
C:\Users\Owner\AppData\Local\tmpJA.1 moved successfully.
C:\Users\Owner\AppData\Local\tmpJA.JPG moved successfully.
C:\Users\Owner\AppData\Local\tmpJA.0 moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Owner\Downloads\cmd.bat deleted successfully.
C:\Users\Owner\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYJAVA]

User: All Users

User: AppData

User: Default

User: Default User

User: gaby
->Java cache emptied: 0 bytes

User: inne

User: Owner
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0.00 mb

[EMPTYFLASH]

User: All Users

User: AppData

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: gaby
->Flash cache emptied: 0 bytes

User: inne

User: Owner
->Flash cache emptied: 470 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

[EMPTYTEMP]

User: All Users

User: AppData
->Temp folder emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: gaby
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: inne
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Owner
->Temp folder emptied: 446725 bytes
->Temporary Internet Files folder emptied: 20624278 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 39968581 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 26611046 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 84.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.31.0 log created on 01132012_093224

Files\Folders moved on Reboot...
C:\Users\Owner\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Windows\temp\hsperfdata_OWNER-PC$\1760 not found!

Registry entries deleted on Reboot...

*And another one:*

OTL logfile created on: 1/13/2012 9:44:35 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Owner\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.74 Gb Total Physical Memory | 5.42 Gb Available Physical Memory | 70.06% Memory free
15.48 Gb Paging File | 13.05 Gb Available in Paging File | 84.28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.20 Gb Total Space | 467.26 Gb Free Space | 68.09% Space Free | Partition Type: NTFS
Drive D: | 12.33 Gb Total Space | 2.23 Gb Free Space | 18.09% Space Free | Partition Type: NTFS
Drive K: | 100.19 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Users\Owner\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
PRC - C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
PRC - C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 6\WVSScheduler.exe (Acunetix Ltd.)
PRC - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe ()
PRC - C:\Windows\SysWOW64\WinMsgBalloonServer.exe ()
PRC - C:\Windows\SysWOW64\WinMsgBalloonClient.exe ()
PRC - C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe (AMD)
PRC - C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()

========== Modules (No Company Name) ==========

MOD - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\gecko8\WINNT_x86-msvc\SSSLauncher.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\QtGui4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\QtCore4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\localization_manager.dll ()
MOD - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\dblite.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe ()

========== Win32 Services (SafeList) ==========

SRV:*64bit:* - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV:*64bit:* - (WinAutomation Service) -- C:\Program Files\WinAutomation\WinAutomation.ServiceAgent.exe (Softomotive)
SRV:*64bit:* - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:*64bit:* - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:*64bit:* - (Printer Control) -- C:\Windows\SysNative\PrintCtrl.exe (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (OpenVPNService) -- C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe ()
SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
SRV - (IntuitUpdateService) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AcuWVSSchedulerv6) -- C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 6\WVSScheduler.exe (Acunetix Ltd.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (CSObjectsSrv) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (AMD_RAIDXpert) -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe (AMD)
SRV - (Adobe Version Cue CS4) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)

========== Driver Services (SafeList) ==========

DRV:*64bit:* - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:*64bit:* - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:*64bit:* - (NuidFltr) -- C:\Windows\SysNative\drivers\nuidfltr.sys (Microsoft Corporation)
DRV:*64bit:* - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:*64bit:* - (dc3d) MS Hardware Device Detection Driver (USB) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:*64bit:* - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:*64bit:* - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:*64bit:* - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:*64bit:* - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:*64bit:* - (teamviewervpn) -- C:\Windows\SysNative\drivers\teamviewervpn.sys (TeamViewer GmbH)
DRV:*64bit:* - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:*64bit:* - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:*64bit:* - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:*64bit:* - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:*64bit:* - (CSCrySec) -- C:\Windows\SysNative\drivers\CSCrySec.sys (Infowatch)
DRV:*64bit:* - (CSVirtualDiskDrv) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys (Infowatch)
DRV:*64bit:* - (KLBG) -- C:\Windows\SysNative\drivers\klbg.sys (Kaspersky Lab)
DRV:*64bit:* - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:*64bit:* - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab)
DRV:*64bit:* - (kl1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab)
DRV:*64bit:* - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:*64bit:* - (ahcix64s) -- C:\Windows\SysNative\drivers\ahcix64s.sys (Advanced Micro Devices, Inc)
DRV:*64bit:* - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:*64bit:* - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:*64bit:* - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:*64bit:* - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:*64bit:* - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:*64bit:* - (61883) -- C:\Windows\SysNative\drivers\61883.sys (Microsoft Corporation)
DRV:*64bit:* - (Avc) -- C:\Windows\SysNative\drivers\avc.sys (Microsoft Corporation)
DRV:*64bit:* - (MSDV) -- C:\Windows\SysNative\drivers\msdv.sys (Microsoft Corporation)
DRV:*64bit:* - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:*64bit:* - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:*64bit:* - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:*64bit:* - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:*64bit:* - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:*64bit:* - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:*64bit:* - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:*64bit:* - (mcdbus) -- C:\Windows\SysNative\drivers\mcdbus.sys (MagicISO, Inc.)
DRV:*64bit:* - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV:*64bit:* - (LVUVC64) Logitech QuickCam Fusion(UVC) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:*64bit:* - (LVUSBS64) -- C:\Windows\SysNative\drivers\LVUSBS64.sys (Logitech Inc.)
DRV:*64bit:* - (lvpopf64) -- C:\Windows\SysNative\drivers\lvpopf64.sys (Logitech Inc.)
DRV:*64bit:* - (V0060VID) -- C:\Windows\SysNative\drivers\V0060Vid.sys (Creative Technology Ltd.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (mcdbus) -- C:\Windows\SysWOW64\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..network.proxy.type: 0

FF - user.js..network.proxy.type: 0
FF - user.js..network.proxy.http: ""
FF - user.js..network.proxy.http_port: 
FF - user.js..network.proxy.no_proxies_on: ""

FF:*64bit:* - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/12 14:08:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/11/02 15:26:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\THBExt [2011/12/26 18:23:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Windows\vf_hip\ [2010/07/24 20:01:01 | 000,000,000 | ---D | M]

[2009/12/26 01:07:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2011/12/16 21:07:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions
[2011/03/18 21:45:27 | 000,000,000 | ---D | M] (Remove Cookies for Site) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{06997db0-c027-4d5f-bd37-b0d9230226ea}
[2011/12/15 22:30:33 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2011/12/16 21:07:10 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2011/08/05 14:25:49 | 000,000,000 | ---D | M] (Freecorder Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}
[2010/06/12 22:39:26 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{896642E4-C556-4ED3-85D1-9AC431603E7D}
[2010/07/21 12:40:17 | 000,000,000 | ---D | M] (BlockSite) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2011/01/11 18:30:30 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011/02/05 01:25:20 | 000,000,000 | ---D | M] (Acunetix Web Scanner) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\[email protected]
[2010/02/18 13:52:55 | 000,000,000 | ---D | M] ("LinkDiagnosis 2.0") -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\[email protected]
[2011/01/30 18:13:47 | 000,000,000 | ---D | M] (Super Hide IP) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\[email protected]
[2010/04/10 15:24:42 | 000,001,828 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\searchplugins\bing.xml
[2010/04/12 17:11:03 | 000,001,337 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\searchplugins\ezinearticles.xml
[2011/09/07 21:30:20 | 000,001,490 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\searchplugins\web-search-powered-by-google.xml
[2011/12/26 18:24:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/11/05 20:37:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011/04/16 02:22:03 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]_bak
[2011/12/26 18:24:33 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2011/04/16 02:22:02 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]_bak
() (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OC4VKF64.DEFAULT\EXTENSIONS\{563E4790-7E70-11DA-A72B-0800200C9A66}.XPI
() (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OC4VKF64.DEFAULT\EXTENSIONS\{D57C9FF1-6389-48FC-B770-F78BD89B6E8A}.XPI
() (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OC4VKF64.DEFAULT\EXTENSIONS\[email protected]
[2011/11/12 14:08:08 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/05 20:37:30 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2006/08/09 04:16:08 | 000,030,408 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npWebLaunch.dll
[2011/10/05 11:44:15 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/12 14:08:08 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: thriXXX WebLaunch (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npWebLaunch.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2012/01/13 09:32:26 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:*64bit:* - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\ievkbd.dll (Kaspersky Lab)
O2:*64bit:* - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:*64bit:* - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
O2:*64bit:* - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Owner\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:*64bit:* - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (FireShot) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.80.dll File not found
O3:*64bit:* - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:*64bit:* - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:*64bit:* - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:*64bit:* - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:*64bit:* - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:*64bit:* - HKLM..\Run: [PrintDisp] C:\Windows\SysNative\PrintDisp.exe (ActMask Co.,Ltd - http://www.all2pdf.com)
O4:*64bit:* - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files (x86)\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe ()
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:*64bit:* - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
O8:*64bit:* - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:*64bit:* - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:*64bit:* - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:*64bit:* - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:*64bit:* - Extra context menu item: Download All By FlashGet3 - C:\Users\Owner\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8:*64bit:* - Extra context menu item: Download By FlashGet3 - C:\Users\Owner\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
O8 - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Download All By FlashGet3 - C:\Users\Owner\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download By FlashGet3 - C:\Users\Owner\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O9:*64bit:* - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
O9:*64bit:* - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: iOpus iMacros - {0483894E-2422-45E0-8384-021AFF1AF3CD} - C:\Program Files (x86)\iMacros\imacros.dll (iOpus Software GmbH)
O9 - Extra 'Tools' menuitem : iMacros Web Automation - {0483894E-2422-45E0-8384-021AFF1AF3CD} - Reg Error: Value error. File not found
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54F9BA21-92AF-467D-BCD0-E71F53A0AA3E}: DhcpNameServer = 192.168.1.1
O18:*64bit:* - Protocol\Filter\text/xml - No CLSID value found
O20:*64bit:* - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\kloehk.dll (Kaspersky Lab)
O20:*64bit:* - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\sbhook64.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) -C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) -C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\sbhook.dll (Kaspersky Lab)
O20:*64bit:* - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:*64bit:* - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:*64bit:* - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:*64bit:* - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:*64bit:* - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:*64bit:* - HKLM\..comfile [open] -- "%1" %*
O35:*64bit:* - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:*64bit:* - HKLM\...com [@ = ComFile] -- "%1" %*
O37:*64bit:* - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/13 09:32:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/13 09:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012/01/13 09:29:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2012/01/13 09:27:18 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/01/13 09:27:17 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/01/13 09:27:17 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/01/13 09:27:16 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/01/13 09:27:16 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/01/13 09:27:16 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/01/12 20:00:30 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/01/12 19:43:17 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\TFC.exe
[2012/01/12 18:58:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\market-samurai market-samurai-2012
[2012/01/12 14:43:33 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/01/11 22:20:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/01/11 22:19:31 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Owner\Desktop\esetsmartinstaller_enu.exe
[2012/01/11 08:36:21 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/01/11 08:36:21 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/01/11 08:36:21 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/01/11 08:36:14 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/01/11 08:35:00 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/11 08:34:22 | 004,381,975 | R--- | C] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe
[2012/01/10 22:27:12 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/01/10 22:27:12 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/01/10 22:27:12 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/01/10 22:27:12 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/01/10 22:27:11 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/01/10 22:27:11 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/01/10 22:27:08 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/01/10 22:27:07 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/01/10 22:27:07 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/01/08 13:19:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\111 virus scan 2012
[2012/01/08 13:17:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012/01/08 13:17:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/01/05 20:37:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Market Samurai
[2011/12/26 18:24:06 | 000,085,048 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSCrySec.sys
[2011/12/26 18:24:06 | 000,066,104 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys
[2011/12/26 18:22:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InfoWatch
[2011/12/26 18:22:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE
[2011/12/26 18:22:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2011/12/26 18:22:17 | 000,353,296 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys

========== Files - Modified Within 30 Days ==========

[2012/01/13 09:42:07 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/13 09:42:07 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/13 09:34:53 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/13 09:34:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/13 09:32:26 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/01/13 09:29:39 | 000,001,110 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/01/13 09:29:15 | 000,000,930 | ---- | M] () -- C:\Users\Owner\Desktop\NTREGOPT.lnk
[2012/01/13 09:29:15 | 000,000,911 | ---- | M] () -- C:\Users\Owner\Desktop\ERUNT.lnk
[2012/01/13 09:29:04 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1496317490-1307526022-1011991264-1000UA.job
[2012/01/13 09:25:04 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/12 19:59:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/01/12 19:43:01 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\TFC.exe
[2012/01/12 18:59:55 | 000,303,560 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/01/12 18:26:08 | 000,174,698 | ---- | M] () -- C:\Users\Owner\Desktop\wso-refund-1-12-2012.PNG
[2012/01/12 13:47:29 | 004,381,975 | R--- | M] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe
[2012/01/12 10:44:51 | 000,458,240 | ---- | M] () -- C:\Users\Owner\Desktop\CKScanner.exe
[2012/01/12 00:29:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1496317490-1307526022-1011991264-1000Core.job
[2012/01/11 22:19:07 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Owner\Desktop\esetsmartinstaller_enu.exe
[2012/01/11 08:25:34 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForOwner.job
[2012/01/10 23:04:15 | 000,772,990 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/10 23:04:15 | 000,660,280 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/01/10 23:04:15 | 000,121,208 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/01/10 23:04:06 | 000,772,990 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/01/10 22:42:42 | 000,199,933 | ---- | M] () -- C:\Users\Owner\Desktop\agata-adwords-2012.PNG
[2012/01/08 13:34:09 | 000,282,707 | ---- | M] () -- C:\Users\Owner\Desktop\111 virus scan 2012.zip
[2012/01/08 13:30:28 | 000,002,405 | ---- | M] () -- C:\Users\Owner\Desktop\Google Chrome.lnk
[2012/01/08 13:17:12 | 000,002,975 | ---- | M] () -- C:\Users\Owner\Desktop\HiJackThis.lnk
[2012/01/07 18:14:07 | 000,055,200 | ---- | M] () -- C:\Users\Owner\Desktop\cox-usage-jan2012.PNG
[2012/01/05 22:15:29 | 000,000,600 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\winscp.rnd
[2012/01/05 21:03:48 | 001,034,240 | ---- | M] () -- C:\Users\Owner\Desktop\studioelevenone.com.msam
[2012/01/05 20:37:46 | 000,000,933 | ---- | M] () -- C:\Users\Public\Desktop\Market Samurai.lnk
[2011/12/31 10:45:39 | 000,000,552 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2011/12/30 21:38:20 | 000,083,231 | ---- | M] () -- C:\Users\Owner\Desktop\500-error-12-30-2011.PNG
[2011/12/29 10:46:53 | 000,001,139 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2011/12/29 10:46:53 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/26 18:34:49 | 000,152,233 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2011/12/26 18:34:49 | 000,107,177 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2011/12/26 18:22:17 | 000,353,296 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2011/12/20 14:25:07 | 000,030,092 | ---- | M] () -- C:\Users\Owner\Desktop\matrix coastal grove way.pdf
[2011/12/19 20:33:24 | 000,035,512 | ---- | M] () -- C:\Users\Owner\Desktop\blue-mobile-site-footer.PNG
[2011/12/19 18:28:24 | 000,340,579 | ---- | M] () -- C:\Users\Owner\Desktop\blue-mobile-site.PNG
[2011/12/18 11:39:15 | 000,250,411 | ---- | M] () -- C:\Users\Owner\Desktop\europeana-broken-link-dec-18-2011.PNG

========== Files Created - No Company Name ==========

[2012/01/13 09:29:39 | 000,001,110 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/01/13 09:29:15 | 000,000,930 | ---- | C] () -- C:\Users\Owner\Desktop\NTREGOPT.lnk
[2012/01/13 09:29:15 | 000,000,911 | ---- | C] () -- C:\Users\Owner\Desktop\ERUNT.lnk
[2012/01/12 18:26:08 | 000,174,698 | ---- | C] () -- C:\Users\Owner\Desktop\wso-refund-1-12-2012.PNG
[2012/01/12 10:45:08 | 000,458,240 | ---- | C] () -- C:\Users\Owner\Desktop\CKScanner.exe
[2012/01/11 08:36:21 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/01/11 08:36:21 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/01/11 08:36:21 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/01/11 08:36:21 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/01/11 08:36:21 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/01/10 22:42:42 | 000,199,933 | ---- | C] () -- C:\Users\Owner\Desktop\agata-adwords-2012.PNG
[2012/01/08 13:34:09 | 000,282,707 | ---- | C] () -- C:\Users\Owner\Desktop\111 virus scan 2012.zip
[2012/01/08 13:17:12 | 000,002,975 | ---- | C] () -- C:\Users\Owner\Desktop\HiJackThis.lnk
[2012/01/07 18:09:40 | 000,055,200 | ---- | C] () -- C:\Users\Owner\Desktop\cox-usage-jan2012.PNG
[2012/01/05 20:37:46 | 000,000,945 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Market Samurai.lnk
[2012/01/05 20:37:46 | 000,000,933 | ---- | C] () -- C:\Users\Public\Desktop\Market Samurai.lnk
[2011/12/30 21:38:19 | 000,083,231 | ---- | C] () -- C:\Users\Owner\Desktop\500-error-12-30-2011.PNG
[2011/12/29 10:46:53 | 000,001,139 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2011/12/29 10:46:53 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/26 18:24:27 | 000,152,233 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat
[2011/12/26 18:24:27 | 000,107,177 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat
[2011/12/20 14:25:06 | 000,030,092 | ---- | C] () -- C:\Users\Owner\Desktop\matrix coastal grove way.pdf
[2011/12/19 20:33:24 | 000,035,512 | ---- | C] () -- C:\Users\Owner\Desktop\blue-mobile-site-footer.PNG
[2011/12/19 18:28:23 | 000,340,579 | ---- | C] () -- C:\Users\Owner\Desktop\blue-mobile-site.PNG
[2011/12/18 11:39:15 | 000,250,411 | ---- | C] () -- C:\Users\Owner\Desktop\europeana-broken-link-dec-18-2011.PNG
[2011/11/17 09:32:18 | 000,186,576 | ---- | C] () -- C:\Windows\Submitter Uninstaller.exe
[2011/07/27 08:12:20 | 000,000,212 | ---- | C] () -- C:\Windows\SysWow64\winiog_019.dat
[2011/05/16 22:02:35 | 000,303,560 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/05/08 19:57:36 | 000,000,600 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\winscp.rnd
[2011/05/07 17:28:12 | 000,000,600 | ---- | C] () -- C:\Users\Owner\AppData\Local\PUTTY.RND
[2011/04/18 18:57:21 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010/12/03 19:52:16 | 000,000,193 | ---- | C] () -- C:\Users\Owner\AppData\Local\TheBestSpinner_Export.dat
[2010/10/12 20:51:48 | 000,057,016 | ---- | C] () -- C:\Windows\SysWow64\imsys.dll
[2010/10/12 20:51:46 | 000,367,800 | ---- | C] () -- C:\Windows\SysWow64\iimds.dll
[2010/10/12 20:51:46 | 000,233,144 | ---- | C] () -- C:\Windows\SysWow64\IMImage.dll
[2010/10/12 20:51:46 | 000,014,848 | ---- | C] () -- C:\Windows\SysWow64\iimir.dll
[2010/08/03 13:17:08 | 000,772,990 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/08/01 12:29:19 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\ptlx55.dat.{5728B11F-B697-47AA-9C1B-8ECB545B5193}
[2010/07/24 19:01:04 | 000,000,074 | ---- | C] () -- C:\Windows\MyProg.ini
[2010/06/29 23:12:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2010/02/09 19:09:10 | 000,000,868 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\wklnhst.dat
[2010/01/11 14:19:06 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/06 17:49:15 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2010/01/06 17:47:21 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/12/30 22:41:00 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2009/12/30 22:39:06 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2009/12/30 22:38:32 | 000,005,937 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009/12/25 20:51:46 | 001,391,616 | ---- | C] () -- C:\Windows\SysWow64\ActPDF.dll
[2009/12/24 20:22:08 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/08/18 04:37:59 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/07/13 23:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 20:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 20:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 18:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 15:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/03/16 01:47:28 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\WinMsgBalloonServer.exe
[2009/03/16 01:47:24 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\WinMsgBalloonClient.exe
[2009/03/05 20:00:36 | 000,532,480 | ---- | C] () -- C:\Windows\SysWow64\libxml2.dll

< End of report >


----------



## jeffce (May 10, 2011)

Looking better...how is your system running? 

If you are having problems still can you describe exactly what is happening?


----------



## destin (Jan 8, 2012)

Hi Jeff,
Well, the main reason I signed up for help was because the enormous ISP bandwidth usage I was experiencing.
The only way ( that I know of ) to check gb usage, is my ISP stats available online, but ISP usage panel is 2 days off, meaning today it shows stats from Jan 11th, I would have to keep this PC running for min.2 days straight before I would show today's usage.
Do you think I should go ahead and give it a try?

Besides it , I could not really complain about anything else. I mean it takes about up to 2 minutes from the time I press power button to the moment all processes finish loading.
I thought that was kind of long in comparison to my laptop, but I also have much more stuff on this hard drive. I don't know.
Is there anything else I should do to double check if the infection was still there?

So far I have only turned this PC "on" to run your tests, and kept it "off " in between tests, including all night.

Perhaps living it "on" for tonight and running test tomorrow would reveal some unusual activity if there is anything left? What do you think Jeff?
BTW, thank you so much for being patient and following trough with this task. I know you are all volunteers and it just amuses me how consistent you are and can not imagine how do you stand so many requests for help. One thing for sure , you must really like what you do.
Anyways, I appreciate your help, let me know the next step if any.
BTW , do you take paypal donations yourself?


----------



## destin (Jan 8, 2012)

Hi Jeff,
One other thing I meant to ask you is this:
I have a program I use quite often, it is not installed on this PC .
It is ubot from http://ubotstudio.com, not sure if you are familiar with it.

Anyway, contractor from that forum created a bot for me. It basically helps creating posts on my wife's real estate blogs by pulling data from her main website and posting it on her other niche blogs.

I was searching on their forum and read that it gives false positive when scanned with antivirus.

When I scan it gives me : malicious software found message and shows it as Backdoor.bot










Is there any way to double check Malwarebytes scan if it is false positive or not with another tool?
thanks


----------



## jeffce (May 10, 2011)

Hi destin,



> Do you think I should go ahead and give it a try?


You can go ahead and leave the computer on and play around with it. See how it runs for a couple of days...I can leave this topic open.  I probably wouldn't do any banking on it yet just to be on the safe side, but I am not seeing anything left in the logs either. 
----------



> Is there anything else I should do to double check if the infection was still there?


 No not right now. Let's see how it runs.
----------



> thank you so much for being patient and following trough with this task


You are more than welcome. 
----------



> do you take paypal donations yourself?


Your kind words are payment enough. Thank you. 
----------

Download the latest version of *Kaspersky Virus Removal Tool*
Close all other applications and double-click and run the installer.
When the Kaspersky Virus Removal Tool starts, to the right of Security Level click *Recommended*, and select *Settings*.
In the window that opens (Autoscan), in the *Scope* tab place a checkmark to the left of *Parse email formats.*
 Click the *Additional* tab and click to place a checkmark to the left of *Deep scan*, and click *OK*.
 Select all the scanable items except for CD-ROM drives and click the *Start scan* button.








If malware is detected, place a checkmark in the* Apply to all* box, and click the *Delete* button (or *Disinfect* if the button is active).
After the scan finishes, if any threat remains in the Scan window (Red exclamation point), click the *Neutralize all* button
In the window that opens, place a checkmark in the *Apply to all* box, and click the *Delete* button (or *Disinfect* if the button is active).
If advised that a special disinfection procedure is required which demands system reboot: click the *Ok* button to close the window.
In the Scan window click the *Reports* button and select *Save to file*.
Name the report *AVPT.txt*, and save it to the Desktop.
Close AVPTool.
You will be prompted if you want to uninstall the program; click *Yes*.
You will then be prompted that to complete the uninstallation, the computer must be restarted. Select *Yes* to restart the system.
Copy and paste the *first part* of the report (*Detected*) that you saved in your next reply.


----------



## destin (Jan 8, 2012)

Hi Jeff,
So far ISP stats show low usage for the 13th of January, the 1st day I kept the PC on.










But since stats are 2 days behind , I cant confirm 100% if its permanent yet, need couple more days to see yesterdays and day before stats. 
Other than that PC runs good.
I will run Kaspersky Virus Removal Tool later today and post the result, thanks


----------



## jeffce (May 10, 2011)

Alright destin. Thanks for letting me know.


----------



## destin (Jan 8, 2012)

Hi Jeff,
I will post the AVPT.txt content in the next post, the report did not show any critical threats .To be honest I am not sure if I ran the program correctly because it had different interface.. It did not ask me to reboot or if I wanted to uninstall it, but I got the text file.

Anyway, just wanted to let you know the gb usage went back up

It was low for 2 days after I kept the PC "ON" 24/7 and then picked up usage on the 15th..
Its like is manually operated.. That is why at first, I though it was a router, because back in December, it was running high and slowed down for the week of Christmas as if somebody was away from the PC for Holidays or something. 
And now it took 2 days before it came back.. I dont know.. I mena I know usage is low with the router on if my PC is shut down so its not a router..
Anyway , I will be splitting the AVPT.txt content in to 2 or 3 parts because it does not go in one post.


----------



## destin (Jan 8, 2012)

*there is going to be more than 8 parts I guess...*

Automatic Scan: completed 2 minutes ago (events: 24652, objects: 20057, time: 00:06:03) 
1/18/2012 9:31:27 PM Task started 
1/18/2012 9:31:28 PM OK System Memory 
1/18/2012 9:31:28 PM OK taskeng.exe\user32.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\kernel32.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\ntdll.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\taskeng.exe 
1/18/2012 9:31:28 PM OK taskeng.exe\ktmw32.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\TSChannel.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\xmllite.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\dwmapi.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\uxtheme.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\rsaenh.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\cryptsp.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\wevtapi.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\user32.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\sspicli.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\ntdll.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\kernel32.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\apphelp.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\cryptbase.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\RpcRtRemote.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\KernelBase.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\ktmw32.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\TSChannel.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\taskeng.exe 
1/18/2012 9:31:28 PM OK taskeng.exe\advapi32.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\usp10.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\imm32.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\sechost.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\shlwapi.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\gdi32.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\xmllite.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\ole32.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\clbcatq.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\rpcrt4.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\lpk.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\msvcrt.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\uxtheme.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\dwmapi.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\oleaut32.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\rsaenh.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\msctf.dll 
1/18/2012 9:31:28 PM OK taskeng.exe\apisetschema.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\cryptsp.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\wevtapi.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\sspicli.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\apphelp.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\cryptbase.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\RpcRtRemote.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\KernelBase.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\imm32.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\sechost.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\advapi32.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\usp10.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\shlwapi.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\gdi32.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\clbcatq.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\lpk.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\rpcrt4.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\ole32.dll 
1/18/2012 9:31:28 PM OK C:\Windows\System32\msvcrt.dll 
1/18/2012 9:31:29 PM OK C:\Windows\System32\oleaut32.dll 
1/18/2012 9:31:29 PM OK C:\Windows\System32\apisetschema.dll 
1/18/2012 9:31:29 PM OK C:\Windows\System32\msctf.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\apisetschema.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\4505774.exe 
1/18/2012 9:31:29 PM OK 4505774.exe\GdiPlus.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\shdocvw.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\ntmarta.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\dwmapi.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\uxtheme.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\devrtl.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\cabinet.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\SensApi.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\cryptnet.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\shdocvw.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\gpapi.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\bcryptprimitives.dll 
1/18/2012 9:31:29 PM OK C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\ntmarta.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\bcrypt.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\dwmapi.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\uxtheme.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\ncrypt.dll 
1/18/2012 9:31:29 PM OK C:\Users\Owner\AppData\Local\Temp\RarSFX0\4505774.exe/# 
1/18/2012 9:31:29 PM OK C:\Users\Owner\AppData\Local\Temp\RarSFX0\4505774.exe 
1/18/2012 9:31:29 PM OK 4505774.exe\comctl32.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\devrtl.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\cabinet.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\SensApi.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\rsaenh.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\cryptnet.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\cryptsp.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\gpapi.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\srvcli.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\bcryptprimitives.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\bcrypt.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\profapi.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\ncrypt.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\userenv.dll 
1/18/2012 9:31:29 PM OK C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\cryptsp.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\rsaenh.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\fltLib.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\srvcli.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\apphelp.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\profapi.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\userenv.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\fltLib.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\wow64cpu.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\apphelp.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\wow64win.dll 
1/18/2012 9:31:29 PM OK C:\Windows\System32\wow64cpu.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\wow64.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\ntshrui.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\WindowsCodecs.dll 
1/18/2012 9:31:29 PM OK C:\Windows\System32\wow64win.dll 
1/18/2012 9:31:29 PM OK C:\Windows\System32\wow64.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\slc.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\ntshrui.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\linkinfo.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\propsys.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\cscapi.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\spfileq.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\SPInf.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\cryptbase.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\linkinfo.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\slc.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\sspicli.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\shell32.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\usp10.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\WindowsCodecs.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\user32.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\msvcrt.dll 
1/18/2012 9:31:29 PM OK C:\Windows\SysWOW64\cscapi.dll 
1/18/2012 9:31:29 PM OK 4505774.exe\KernelBase.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\propsys.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\imm32.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\SPInf.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\spfileq.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\cryptbase.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\oleaut32.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\sspicli.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\ole32.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\shlwapi.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\setupapi.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\lpk.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\imagehlp.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\usp10.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\user32.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\advapi32.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\rpcrt4.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\KernelBase.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\msvcrt.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\crypt32.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\imm32.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\devobj.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\oleaut32.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\cfgmgr32.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\ole32.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\shlwapi.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\sechost.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\lpk.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\msctf.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\setupapi.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\psapi.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\imagehlp.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\Wldap32.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\shell32.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\advapi32.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\rpcrt4.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\gdi32.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\devobj.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\kernel32.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\crypt32.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\clbcatq.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\cfgmgr32.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\sechost.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\wintrust.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\psapi.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\Wldap32.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\ntdll.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\msasn1.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\msctf.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\gdi32.dll 
1/18/2012 9:31:30 PM OK 4505774.exe\ntdll.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\clbcatq.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\wintrust.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\kernel32.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\msasn1.dll 
1/18/2012 9:31:30 PM OK C:\Windows\SysWOW64\ntdll.dll 
1/18/2012 9:31:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\apisetschema.dll 
1/18/2012 9:31:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\setup_11.0.0.1245.x01_2012_01_19_06_41.exe 
1/18/2012 9:31:31 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe:Zone.Identifier 
1/18/2012 9:31:31 PM Archive: RAR C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe 
1/18/2012 9:31:31 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/archive comment 
1/18/2012 9:31:31 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/4505774.exe Object was not changed (iChecker) 
1/18/2012 9:31:31 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/4505774.prg 
1/18/2012 9:31:53 PM Archive: RAR C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/4505774rar.exe 
1/18/2012 9:31:53 PM Password protected C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/4505774rar.exe 
1/18/2012 9:31:55 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/4505774rar.prg 
1/18/2012 9:31:55 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/background.png 
1/18/2012 9:31:55 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/Drivers/Win32/1/kl1.cat 
1/18/2012 9:31:56 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/Drivers/Win32/1/kl1.inf 
1/18/2012 9:31:56 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/Drivers/Win32/1/kl1.sys 
1/18/2012 9:31:57 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/Drivers/Win32/2/501/4505774drv.cat 
1/18/2012 9:31:57 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/Drivers/Win32/2/501/4505774drv.inf 
1/18/2012 9:31:59 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/Drivers/Win32/2/501/4505774drv.sys 
1/18/2012 9:31:59 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/Drivers/Win32/2/600/4505774drv.cat 
1/18/2012 9:31:59 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/Drivers/Win32/2/600/4505774drv.inf 
1/18/2012 9:32:00 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/Drivers/Win32/2/600/4505774drv.sys 
1/18/2012 9:32:01 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/Drivers/Win64/1/kl1.cat 
1/18/2012 9:32:01 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/Drivers/Win64/1/kl1.inf 
1/18/2012 9:32:02 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/Drivers/Win64/1/kl1.sys 
1/18/2012 9:32:02 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/Drivers/Win64/2/501/4505774drv.cat 
1/18/2012 9:32:03 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/Drivers/Win64/2/501/4505774drv.inf 
1/18/2012 9:32:04 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/Drivers/Win64/2/501/4505774drv.sys 
1/18/2012 9:32:04 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/Drivers/Win64/2/600/4505774drv.cat 
1/18/2012 9:32:05 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/Drivers/Win64/2/600/4505774drv.inf 
1/18/2012 9:32:06 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/Drivers/Win64/2/600/4505774drv.sys 
1/18/2012 9:32:06 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/helper64.exe 
1/18/2012 9:32:07 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/helper64.prg 
1/18/2012 9:32:10 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/# 
1/18/2012 9:32:10 PM OK C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/# 
1/18/2012 9:32:25 PM Archive: RAR C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/# 
1/18/2012 9:32:25 PM Password protected C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe/# 
1/18/2012 9:32:26 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\riched32.dll 
1/18/2012 9:32:26 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\riched20.dll 
1/18/2012 9:32:26 PM OK C:\Windows\SysWOW64\riched32.dll 
1/18/2012 9:32:26 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\shdocvw.dll 
1/18/2012 9:32:27 PM OK C:\Windows\SysWOW64\riched20.dll 
1/18/2012 9:32:27 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\ntmarta.dll 
1/18/2012 9:32:27 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\dwmapi.dll 
1/18/2012 9:32:27 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\uxtheme.dll 
1/18/2012 9:32:27 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\comctl32.dll 
1/18/2012 9:32:28 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\profapi.dll 
1/18/2012 9:32:28 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\apphelp.dll 
1/18/2012 9:32:28 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\wow64cpu.dll 
1/18/2012 9:32:28 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\wow64win.dll 
1/18/2012 9:32:29 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\wow64.dll 
1/18/2012 9:32:29 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\propsys.dll 
1/18/2012 9:32:29 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\cryptbase.dll 
1/18/2012 9:32:29 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\sspicli.dll 
1/18/2012 9:32:30 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\shell32.dll 
1/18/2012 9:32:30 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\urlmon.dll 
1/18/2012 9:32:30 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\usp10.dll 
1/18/2012 9:32:30 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\user32.dll 
1/18/2012 9:32:30 PM OK C:\Windows\SysWOW64\urlmon.dll 
1/18/2012 9:32:30 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\msvcrt.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\KernelBase.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\imm32.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\oleaut32.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\wininet.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\ole32.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\shlwapi.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\setupapi.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\lpk.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\advapi32.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\rpcrt4.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\crypt32.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\devobj.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\cfgmgr32.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\sechost.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\comdlg32.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\msctf.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\iertutil.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\Wldap32.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\gdi32.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\kernel32.dll 
1/18/2012 9:32:31 PM OK C:\Windows\SysWOW64\wininet.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\clbcatq.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\ntdll.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\msasn1.dll 
1/18/2012 9:32:31 PM OK setup_11.0.0.1245.x01_2012_01_19_06_41.exe\ntdll.dll 
1/18/2012 9:32:31 PM OK C:\Windows\SysWOW64\comdlg32.dll 
1/18/2012 9:32:31 PM OK C:\Windows\SysWOW64\iertutil.dll 
1/18/2012 9:32:31 PM OK plugin-container.exe\apisetschema.dll 
1/18/2012 9:32:31 PM OK plugin-container.exe\plugin-container.exe 
1/18/2012 9:32:31 PM OK plugin-container.exe\FLVSrvLib.dll 
1/18/2012 9:32:31 PM OK C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe 
1/18/2012 9:32:31 PM OK plugin-container.exe\xul.dll 
1/18/2012 9:32:31 PM OK C:\Users\Owner\AppData\Local\FLVService\lib\FLVSrvLib.dll 
1/18/2012 9:32:31 PM OK plugin-container.exe\msvcr100.dll 
1/18/2012 9:32:31 PM OK plugin-container.exe\msvcp100.dll 
1/18/2012 9:32:31 PM OK C:\Program Files (x86)\Mozilla Firefox\xul.dll 
1/18/2012 9:32:31 PM OK C:\Windows\SysWOW64\msvcr100.dll 
1/18/2012 9:32:31 PM OK plugin-container.exe\npgeplugin.dll 
1/18/2012 9:32:31 PM OK C:\Windows\SysWOW64\msvcp100.dll 
1/18/2012 9:32:31 PM OK plugin-container.exe\mozjs.dll 
1/18/2012 9:32:31 PM OK C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll 
1/18/2012 9:32:31 PM OK plugin-container.exe\nss3.dll 
1/18/2012 9:32:31 PM OK C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 
1/18/2012 9:32:31 PM OK plugin-container.exe\mozsqlite3.dll 
1/18/2012 9:32:31 PM OK C:\Program Files (x86)\Mozilla Firefox\nss3.dll 
1/18/2012 9:32:31 PM OK plugin-container.exe\dwmapi.dll 
1/18/2012 9:32:31 PM OK plugin-container.exe\uxtheme.dll 
1/18/2012 9:32:31 PM OK plugin-container.exe\comctl32.dll 
1/18/2012 9:32:31 PM OK plugin-container.exe\wsock32.dll 
1/18/2012 9:32:31 PM OK plugin-container.exe\winspool.drv 
1/18/2012 9:32:31 PM OK C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll 
1/18/2012 9:32:31 PM OK plugin-container.exe\msvcr80.dll 
1/18/2012 9:32:31 PM OK C:\Windows\SysWOW64\wsock32.dll 
1/18/2012 9:32:31 PM OK plugin-container.exe\msvcp80.dll 
1/18/2012 9:32:31 PM OK C:\Windows\SysWOW64\winspool.drv 
1/18/2012 9:32:31 PM OK plugin-container.exe\winmm.dll 
1/18/2012 9:32:31 PM OK plugin-container.exe\version.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\wow64cpu.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\wow64win.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\wow64.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\msvcr90.dll 
1/18/2012 9:32:32 PM OK C:\Windows\SysWOW64\winmm.dll 
1/18/2012 9:32:32 PM OK C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\AudioSes.dll 
1/18/2012 9:32:32 PM OK C:\Windows\SysWOW64\version.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\MMDevAPI.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\smime3.dll 
1/18/2012 9:32:32 PM OK C:\Windows\SysWOW64\AudioSes.dll 
1/18/2012 9:32:32 PM OK C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll 
1/18/2012 9:32:32 PM OK C:\Windows\SysWOW64\MMDevAPI.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\ssl3.dll 
1/18/2012 9:32:32 PM OK C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll 
1/18/2012 9:32:32 PM OK C:\Program Files (x86)\Mozilla Firefox\smime3.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\nssutil3.dll 
1/18/2012 9:32:32 PM OK C:\Program Files (x86)\Mozilla Firefox\ssl3.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\nspr4.dll 
1/18/2012 9:32:32 PM OK C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\mozalloc.dll 
1/18/2012 9:32:32 PM OK C:\Program Files (x86)\Mozilla Firefox\nspr4.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\plds4.dll 
1/18/2012 9:32:32 PM OK C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\msimg32.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\propsys.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\plc4.dll 
1/18/2012 9:32:32 PM OK C:\Program Files (x86)\Mozilla Firefox\plds4.dll 
1/18/2012 9:32:32 PM OK C:\Windows\SysWOW64\msimg32.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\mozutils.dll 
1/18/2012 9:32:32 PM OK C:\Program Files (x86)\Mozilla Firefox\plc4.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\cryptbase.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\sspicli.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\shell32.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\usp10.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\user32.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\nsi.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\msvcrt.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\KernelBase.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\imm32.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\oleaut32.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\ws2_32.dll 
1/18/2012 9:32:32 PM OK C:\Program Files (x86)\Mozilla Firefox\mozutils.dll 
1/18/2012 9:32:32 PM OK C:\Windows\SysWOW64\nsi.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\ole32.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\shlwapi.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\setupapi.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\lpk.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\advapi32.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\rpcrt4.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\devobj.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\cfgmgr32.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\sechost.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\comdlg32.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\msctf.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\psapi.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\gdi32.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\kernel32.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\clbcatq.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\ntdll.dll 
1/18/2012 9:32:32 PM OK plugin-container.exe\ntdll.dll 
1/18/2012 9:32:32 PM OK C:\Windows\SysWOW64\ws2_32.dll 
1/18/2012 9:32:32 PM OK spoolsv.exe\AdobePDF.dll 
1/18/2012 9:32:32 PM OK spoolsv.exe\ActPrint.dll 
1/18/2012 9:32:32 PM OK C:\Windows\System32\AdobePDF.dll 
1/18/2012 9:32:32 PM OK spoolsv.exe\CNMLM9H.DLL 
1/18/2012 9:32:32 PM OK C:\Windows\System32\spool\prtprocs\x64\ActPrint.dll 
1/18/2012 9:32:32 PM OK spoolsv.exe\CNMUI9H.DLL 
1/18/2012 9:32:32 PM OK C:\Windows\System32\CNMLM9H.DLL 
1/18/2012 9:32:32 PM OK spoolsv.exe\CNMDR9H.DLL 
1/18/2012 9:32:32 PM OK spoolsv.exe\CNMPD9H.DLL 
1/18/2012 9:32:32 PM OK C:\Windows\System32\spool\drivers\x64\3\CNMUI9H.DLL 
1/18/2012 9:32:32 PM OK C:\Windows\System32\spool\drivers\x64\3\CNMDR9H.DLL 
1/18/2012 9:32:32 PM OK spoolsv.exe\FXSRESM.dll 
1/18/2012 9:32:32 PM OK C:\Windows\System32\spool\prtprocs\x64\CNMPD9H.DLL 
1/18/2012 9:32:32 PM OK spoolsv.exe\user32.dll 
1/18/2012 9:32:32 PM OK spoolsv.exe\kernel32.dll 
1/18/2012 9:32:32 PM OK spoolsv.exe\ntdll.dll 
1/18/2012 9:32:32 PM OK spoolsv.exe\psapi.dll 
1/18/2012 9:32:32 PM OK spoolsv.exe\spoolsv.exe 
1/18/2012 9:32:32 PM OK C:\Windows\System32\psapi.dll 
1/18/2012 9:32:32 PM OK spoolsv.exe\win32spl.dll 
1/18/2012 9:32:32 PM OK C:\Windows\System32\FXSRESM.dll 
1/18/2012 9:32:32 PM OK C:\Windows\System32\spoolsv.exe 
1/18/2012 9:32:32 PM OK spoolsv.exe\mscms.dll 
1/18/2012 9:32:32 PM OK C:\Windows\System32\win32spl.dll 
1/18/2012 9:32:32 PM OK spoolsv.exe\browcli.dll 
1/18/2012 9:32:32 PM OK C:\Windows\System32\mscms.dll 
1/18/2012 9:32:32 PM OK spoolsv.exe\localspl.dll 
1/18/2012 9:32:32 PM OK C:\Windows\System32\browcli.dll 
1/18/2012 9:32:32 PM OK spoolsv.exe\webservices.dll 
1/18/2012 9:32:32 PM OK spoolsv.exe\WSDApi.dll 
1/18/2012 9:32:32 PM OK C:\Windows\System32\localspl.dll 
1/18/2012 9:32:32 PM OK spoolsv.exe\inetpp.dll 
1/18/2012 9:32:32 PM OK C:\Windows\System32\webservices.dll 
1/18/2012 9:32:32 PM OK spoolsv.exe\winprint.dll 
1/18/2012 9:32:32 PM OK C:\Windows\System32\WSDApi.dll 
1/18/2012 9:32:32 PM OK C:\Windows\System32\inetpp.dll 
1/18/2012 9:32:32 PM OK spoolsv.exe\WSDPrintProxy.DLL 
1/18/2012 9:32:32 PM OK C:\Windows\System32\spool\prtprocs\x64\winprint.dll 
1/18/2012 9:32:32 PM OK spoolsv.exe\WSDMon.dll 
1/18/2012 9:32:32 PM OK C:\Windows\System32\WSDPrintProxy.DLL 
1/18/2012 9:32:32 PM OK spoolsv.exe\usbmon.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\WSDMon.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\udcpm.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\usbmon.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\wsnmp32.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\udcpm.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\snmpapi.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\wsnmp32.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\tcpmon.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\snmpapi.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\fphopm.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\tcpmon.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\rasadhlp.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\fphopm.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\WLIDNSP.DLL 
1/18/2012 9:32:33 PM OK C:\Windows\System32\rasadhlp.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\cscapi.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\winspool.drv 
1/18/2012 9:32:33 PM OK C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL 
1/18/2012 9:32:33 PM OK C:\Windows\System32\cscapi.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\fdPnp.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\winspool.drv 
1/18/2012 9:32:33 PM OK spoolsv.exe\fundisc.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\fdPnp.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\wsdchngr.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\fundisc.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\httpapi.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\wsdchngr.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\webio.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\httpapi.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\winhttp.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\webio.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\WlS0WndH.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\FXSMON.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\WlS0WndH.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\winhttp.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\PrintIsolationProxy.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\FXSMON.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\msxml6.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\PrintIsolationProxy.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\spoolss.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\umb.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\dhcpcsvc6.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\spoolss.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\dhcpcsvc.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\umb.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\msxml6.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\dhcpcsvc6.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\FWPUCLNT.DLL 
1/18/2012 9:32:33 PM OK spoolsv.exe\winnsi.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\dhcpcsvc.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\IPHLPAPI.DLL 
1/18/2012 9:32:33 PM OK C:\Windows\System32\FWPUCLNT.DLL 
1/18/2012 9:32:33 PM OK C:\Windows\System32\winnsi.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\slc.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\dsrole.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\IPHLPAPI.DLL 
1/18/2012 9:32:33 PM OK spoolsv.exe\atl.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\slc.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\samcli.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\dsrole.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\atl.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\wkscli.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\netutils.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\samcli.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\wkscli.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\netapi32.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\xmllite.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\comctl32.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\msimg32.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\netutils.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\netapi32.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\version.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\msimg32.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\FirewallAPI.dll 
1/18/2012 9:32:33 PM OK  spoolsv.exe\powrprof.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\version.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\wtsapi32.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\WSHTCPIP.DLL 
1/18/2012 9:32:33 PM OK spoolsv.exe\gpapi.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\userenv.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\devrtl.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\powrprof.dll 
1/18/2012 9:32:33 PM OK C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\FirewallAPI.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\SPInf.dll 
1/18/2012 9:32:33 PM OK C:\Windows\System32\WSHTCPIP.DLL 
1/18/2012 9:32:33 PM OK C:\Windows\System32\wtsapi32.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\credssp.dll 
1/18/2012 9:32:33 PM OK spoolsv.exe\pcwum.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\winsta.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\gpapi.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\devrtl.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\userenv.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\rsaenh.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\dnsapi.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\credssp.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\pcwum.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\SPInf.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\wship6.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\winsta.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\dnsapi.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\mswsock.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\cryptsp.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\srvcli.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\secur32.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\wship6.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\mswsock.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\srvcli.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\sspicli.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\cryptbase.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\RpcRtRemote.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\profapi.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\secur32.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\msasn1.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\KernelBase.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\crypt32.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\wintrust.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\profapi.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\cfgmgr32.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\msasn1.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\devobj.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\advapi32.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\usp10.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\nsi.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\ws2_32.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\imm32.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\sechost.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\setupapi.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\wintrust.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\shlwapi.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\gdi32.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\ole32.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\clbcatq.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\cfgmgr32.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\rpcrt4.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\lpk.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\msvcrt.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\oleaut32.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\msctf.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\shell32.dll 
1/18/2012 9:32:34 PM OK spoolsv.exe\apisetschema.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\nsi.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\devobj.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\crypt32.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\ws2_32.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\setupapi.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\shell32.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\user32.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\kernel32.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\ntdll.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\taskmgr.exe 
1/18/2012 9:32:34 PM OK taskmgr.exe\browcli.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\utildll.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\winnsi.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\IPHLPAPI.DLL 
1/18/2012 9:32:34 PM OK taskmgr.exe\slc.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\samcli.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\wkscli.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\netutils.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\netapi32.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\credui.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\dwmapi.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\uxtheme.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\comctl32.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\propsys.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\utildll.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\taskmgr.exe 
1/18/2012 9:32:34 PM OK C:\Windows\System32\credui.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\version.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\pcwum.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\winsta.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\logoncli.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\wevtapi.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\srvcli.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\secur32.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\sspicli.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\cryptbase.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\KernelBase.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\cfgmgr32.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\devobj.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\advapi32.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\usp10.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\nsi.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\imm32.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\sechost.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\setupapi.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\shlwapi.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\gdi32.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\ole32.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\rpcrt4.dll 
1/18/2012 9:32:34 PM OK  taskmgr.exe\lpk.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\msvcrt.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\oleaut32.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\msctf.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\shell32.dll 
1/18/2012 9:32:34 PM OK taskmgr.exe\apisetschema.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\propsys.dll 
1/18/2012 9:32:34 PM OK C:\Windows\System32\logoncli.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\apisetschema.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\plugin-container.exe 
1/18/2012 9:32:34 PM OK plugin-container.exe\NPSWF32.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\FLVSrvLib.dll Object was not changed (iChecker) 
1/18/2012 9:32:34 PM OK plugin-container.exe\xul.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\msacm32.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\mozjs.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\nss3.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\wdmaud.drv 
1/18/2012 9:32:34 PM OK plugin-container.exe\schannel.dll 
1/18/2012 9:32:34 PM OK C:\Windows\SysWOW64\msacm32.dll 
1/18/2012 9:32:34 PM OK C:\Windows\SysWOW64\wdmaud.drv 
1/18/2012 9:32:34 PM OK plugin-container.exe\powrprof.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\dsound.dll 
1/18/2012 9:32:34 PM OK C:\Windows\SysWOW64\schannel.dll 
1/18/2012 9:32:34 PM OK C:\Windows\SysWOW64\powrprof.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\mlang.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\mozsqlite3.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\midimap.dll 
1/18/2012 9:32:34 PM OK C:\Windows\SysWOW64\dsound.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\msacm32.drv 
1/18/2012 9:32:34 PM OK plugin-container.exe\dwmapi.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\uxtheme.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\comctl32.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\wsock32.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\winspool.drv 
1/18/2012 9:32:34 PM OK plugin-container.exe\rsaenh.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\cryptsp.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\profapi.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\userenv.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\msvcr80.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\msvcp80.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\winmm.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\version.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\wow64cpu.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\wow64win.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\wow64.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\mscms.dll 
1/18/2012 9:32:34 PM OK C:\Windows\SysWOW64\mlang.dll 
1/18/2012 9:32:34 PM OK C:\Windows\SysWOW64\midimap.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\msvcr90.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\avrt.dll 
1/18/2012 9:32:34 PM OK C:\Windows\SysWOW64\msacm32.drv 
1/18/2012 9:32:34 PM OK plugin-container.exe\ksuser.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\AudioSes.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\MMDevAPI.dll 
1/18/2012 9:32:34 PM OK plugin-container.exe\credssp.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\smime3.dll 
1/18/2012 9:32:35 PM OK C:\Windows\SysWOW64\avrt.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\ssl3.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\nssutil3.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\nspr4.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\mozalloc.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\plds4.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\icm32.dll 
1/18/2012 9:32:35 PM OK C:\Windows\SysWOW64\mscms.dll 
1/18/2012 9:32:35 PM OK C:\Windows\SysWOW64\ksuser.dll 
1/18/2012 9:32:35 PM OK C:\Windows\SysWOW64\credssp.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\msimg32.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\propsys.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\plc4.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\mozutils.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\cryptbase.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\sspicli.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\shell32.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\urlmon.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\usp10.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\user32.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\nsi.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\msvcrt.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\KernelBase.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\imm32.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\oleaut32.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\ws2_32.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\wininet.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\ole32.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\shlwapi.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\setupapi.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\lpk.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\advapi32.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\rpcrt4.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\crypt32.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\devobj.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\cfgmgr32.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\sechost.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\comdlg32.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\msctf.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\iertutil.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\psapi.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\gdi32.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\kernel32.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\clbcatq.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\ntdll.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\msasn1.dll 
1/18/2012 9:32:35 PM OK plugin-container.exe\ntdll.dll 
1/18/2012 9:32:35 PM OK C:\Windows\SysWOW64\icm32.dll 
1/18/2012 9:32:35 PM OK C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\HPSA_Service.exe 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\HP.ActiveCheckLocalMode.ServiceFacade.dll 
1/18/2012 9:32:35 PM Not processed C:\Windows\assembly\tmp\NQO14TTP\HP.ActiveCheckLocalMode.ServiceFacade.dll Object not found 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\HP.ActiveCheckLocalMode.SessionManager.dll 
1/18/2012 9:32:35 PM Not processed C:\Windows\assembly\tmp\BLT5QSD6\HP.ActiveCheckLocalMode.SessionManager.dll Object not found 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\HP.SupportAssistant.ServiceManager.dll 
1/18/2012 9:32:35 PM Not processed C:\Windows\assembly\tmp\SRY4C7LE\HP.SupportAssistant.ServiceManager.dll Object not found 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\HP.SupportAssistant.ServiceManager.dll 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\HP.SupportAssistant.Common.dll 
1/18/2012 9:32:35 PM Not processed C:\Windows\assembly\tmp\W4IM1J33\HP.SupportAssistant.Common.dll Object not found 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\HP.SupportAssistant.Common.dll 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\interop.Scheduler.dll 
1/18/2012 9:32:35 PM OK C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\HP.SupportFramework.Logging.dll 
1/18/2012 9:32:35 PM Not processed C:\Windows\assembly\tmp\OZ3H14MH\HP.SupportFramework.Logging.dll Object not found 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\HP.SupportFramework.Logging.dll 
1/18/2012 9:32:35 PM OK C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\interop.Scheduler.dll 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\System.dll 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\System.XML.dll 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\System.XML.dll 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\System.dll 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\msvcr80.dll 
1/18/2012 9:32:35 PM OK C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\HP.ActiveCheckLocalMode.SessionManager.dll 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\HP.ActiveCheckLocalMode.ServiceFacade.dll 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\interop.Scheduler.dll 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\user32.dll 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\kernel32.dll 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\ntdll.dll 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\psapi.dll 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\normaliz.dll 
1/18/2012 9:32:35 PM OK C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll 
1/18/2012 9:32:35 PM OK C:\Windows\System32\normaliz.dll 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\diasymreader.dll 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\mscorsec.dll 
1/18/2012 9:32:35 PM OK C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\System.Web.ni.dll 
1/18/2012 9:32:35 PM OK C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll 
1/18/2012 9:32:35 PM OK C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll 
1/18/2012 9:32:35 PM OK HPSA_Service.exe\System.Runtime.Serialization.Formatters.Soap.ni.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\pnrpnsp.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\NapiNSP.dll 
1/18/2012 9:32:36 PM OK C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b3b42692707c0f555807def0c4acefe3\System.Runtime.Serialization.Formatters.Soap.ni.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\winrnr.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\System.Xml.ni.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\System.Runtime.Remoting.ni.dll 
1/18/2012 9:32:36 PM OK C:\Windows\System32\NapiNSP.dll 
1/18/2012 9:32:36 PM OK C:\Windows\System32\pnrpnsp.dll 
1/18/2012 9:32:36 PM OK C:\Windows\System32\winrnr.dll 
1/18/2012 9:32:36 PM OK C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\ab920a032a9b63aa07f26c5592d7c72c\System.Web.ni.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\rasadhlp.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\WLIDNSP.DLL 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\System.ServiceProcess.ni.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\System.ni.dll 
1/18/2012 9:32:36 PM OK C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\372dfe1a5b9ed9217b0f491ba07745d2\System.Xml.ni.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\mscorjit.dll 
1/18/2012 9:32:36 PM OK C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\8428a82fd82a1ef1d3dab07be67dd78f\System.ServiceProcess.ni.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\cabinet.dll 
1/18/2012 9:32:36 PM OK C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\SensApi.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\cryptnet.dll 
1/18/2012 9:32:36 PM OK C:\Windows\System32\cabinet.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\comctl32.dll 
1/18/2012 9:32:36 PM OK C:\Windows\System32\SensApi.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\mscorlib.ni.dll 
1/18/2012 9:32:36 PM OK C:\Windows\System32\cryptnet.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\mscorwks.dll 
1/18/2012 9:32:36 PM OK C:\Windows\assembly\NativeImages_v2.0.50727_64\System\8c862eb9bcba031e1479974a7d62aa0b\System.ni.dll 
1/18/2012 9:32:36 PM OK C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll 
1/18/2012 9:32:36 PM OK C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\d12c2299179cb05591cf08c8712a6495\System.Runtime.Remoting.ni.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\mscoreei.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\mscoree.dll 
1/18/2012 9:32:36 PM OK C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\webio.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\winhttp.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\taskschd.dll 
1/18/2012 9:32:36 PM OK C:\Windows\System32\mscoree.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\dhcpcsvc6.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\dhcpcsvc.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\FWPUCLNT.DLL 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\winnsi.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\IPHLPAPI.DLL 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\nlaapi.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\ntmarta.dll 
1/18/2012 9:32:36 PM OK C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\rtutils.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\rasman.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\rasapi32.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\xmllite.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\comctl32.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\propsys.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\version.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\WSHTCPIP.DLL 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\gpapi.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\userenv.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\devrtl.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\credssp.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\bcryptprimitives.dll 
1/18/2012 9:32:36 PM OK C:\Windows\System32\nlaapi.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\rsaenh.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\dnsapi.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\wship6.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\mswsock.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\cryptsp.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\bcrypt.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\ncrypt.dll 
1/18/2012 9:32:36 PM OK C:\Windows\System32\ntmarta.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\sspicli.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\apphelp.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\cryptbase.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\RpcRtRemote.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\profapi.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\msasn1.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\KernelBase.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\crypt32.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\wintrust.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\cfgmgr32.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\devobj.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\iertutil.dll 
1/18/2012 9:32:36 PM OK C:\Windows\System32\rtutils.dll 
1/18/2012 9:32:36 PM OK C:\Windows\System32\taskschd.dll 
1/18/2012 9:32:36 PM OK C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\1d2d3e57724bcacaea5e41063dc565c1\mscorlib.ni.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\advapi32.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\usp10.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\imagehlp.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\nsi.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\urlmon.dll 
1/18/2012 9:32:36 PM OK C:\Windows\System32\rasman.dll 
1/18/2012 9:32:36 PM OK C:\Windows\System32\rasapi32.dll 
1/18/2012 9:32:36 PM OK C:\Windows\System32\bcryptprimitives.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\ws2_32.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\imm32.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\sechost.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\setupapi.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\shlwapi.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\gdi32.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\ole32.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\clbcatq.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\rpcrt4.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\Wldap32.dll 
1/18/2012 9:32:36 PM OK C:\Windows\System32\bcrypt.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\lpk.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\msvcrt.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\oleaut32.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\msctf.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\wininet.dll 
1/18/2012 9:32:36 PM OK C:\Windows\System32\ncrypt.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\shell32.dll 
1/18/2012 9:32:36 PM OK HPSA_Service.exe\apisetschema.dll 
1/18/2012 9:32:36 PM OK C:\Windows\System32\imagehlp.dll 
1/18/2012 9:32:36 PM OK C:\Windows\System32\Wldap32.dll 
1/18/2012 9:32:36 PM OK C:\Windows\System32\iertutil.dll 
1/18/2012 9:32:36 PM OK C:\Windows\System32\urlmon.dll 
1/18/2012 9:32:36 PM OK C:\Windows\System32\wininet.dll 
1/18/2012 9:32:36 PM OK HPDrvMntSvc.exe\apisetschema.dll 
1/18/2012 9:32:36 PM OK HPDrvMntSvc.exe\HPDrvMntSvc.exe 
1/18/2012 9:32:37 PM OK HPDrvMntSvc.exe\wow64cpu.dll 
1/18/2012 9:32:37 PM OK HPDrvMntSvc.exe\wow64win.dll 
1/18/2012 9:32:37 PM OK HPDrvMntSvc.exe\wow64.dll 
1/18/2012 9:32:37 PM OK HPDrvMntSvc.exe\cryptbase.dll 
1/18/2012 9:32:37 PM OK HPDrvMntSvc.exe\sspicli.dll 
1/18/2012 9:32:37 PM OK HPDrvMntSvc.exe\shell32.dll 
1/18/2012 9:32:37 PM OK HPDrvMntSvc.exe\usp10.dll 
1/18/2012 9:32:37 PM OK HPDrvMntSvc.exe\user32.dll 
1/18/2012 9:32:37 PM OK HPDrvMntSvc.exe\msvcrt.dll 
1/18/2012 9:32:37 PM OK HPDrvMntSvc.exe\KernelBase.dll 
1/18/2012 9:32:37 PM OK HPDrvMntSvc.exe\imm32.dll 
1/18/2012 9:32:37 PM OK HPDrvMntSvc.exe\ole32.dll 
1/18/2012 9:32:37 PM OK HPDrvMntSvc.exe\shlwapi.dll 
1/18/2012 9:32:37 PM OK HPDrvMntSvc.exe\lpk.dll 
1/18/2012 9:32:37 PM OK HPDrvMntSvc.exe\advapi32.dll 
1/18/2012 9:32:37 PM OK HPDrvMntSvc.exe\rpcrt4.dll 
1/18/2012 9:32:37 PM OK HPDrvMntSvc.exe\sechost.dll 
1/18/2012 9:32:37 PM OK HPDrvMntSvc.exe\msctf.dll 
1/18/2012 9:32:37 PM OK HPDrvMntSvc.exe\gdi32.dll 
1/18/2012 9:32:37 PM OK HPDrvMntSvc.exe\kernel32.dll 
1/18/2012 9:32:37 PM OK HPDrvMntSvc.exe\ntdll.dll 
1/18/2012 9:32:37 PM OK HPDrvMntSvc.exe\ntdll.dll 
1/18/2012 9:32:37 PM OK C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\apisetschema.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\hpqWmiEx.exe 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\fastprox.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\wbemcomn.dll 
1/18/2012 9:32:37 PM OK C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe 
1/18/2012 9:32:37 PM OK C:\Windows\SysWOW64\wbem\fastprox.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\ntdsapi.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\wbemsvc.dll 
1/18/2012 9:32:37 PM OK C:\Windows\SysWOW64\wbemcomn.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\wbemprox.dll 
1/18/2012 9:32:37 PM OK C:\Windows\SysWOW64\ntdsapi.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\ntmarta.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\RpcRtRemote.dll 
1/18/2012 9:32:37 PM OK C:\Windows\SysWOW64\wbem\wbemsvc.dll 
1/18/2012 9:32:37 PM OK C:\Windows\SysWOW64\wbem\wbemprox.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\rsaenh.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\cryptsp.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\version.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\wow64cpu.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\wow64win.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\wow64.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\sxs.dll 
1/18/2012 9:32:37 PM OK C:\Windows\SysWOW64\RpcRtRemote.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\cryptbase.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\sspicli.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\shell32.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\usp10.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\user32.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\nsi.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\msvcrt.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\KernelBase.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\imm32.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\oleaut32.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\ws2_32.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\ole32.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\shlwapi.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\setupapi.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\lpk.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\advapi32.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\rpcrt4.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\devobj.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\cfgmgr32.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\sechost.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\msctf.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\Wldap32.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\gdi32.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\kernel32.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\clbcatq.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\ntdll.dll 
1/18/2012 9:32:37 PM OK hpqWmiEx.exe\ntdll.dll 
1/18/2012 9:32:37 PM OK C:\Windows\SysWOW64\sxs.dll 
1/18/2012 9:32:37 PM OK firefox.exe\apisetschema.dll 
1/18/2012 9:32:37 PM OK firefox.exe\firefox.exe 
1/18/2012 9:32:37 PM OK firefox.exe\SSSLauncher.dll 
1/18/2012 9:32:37 PM OK C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
1/18/2012 9:32:37 PM OK firefox.exe\FLVSrvLib.dll Object was not changed (iChecker) 
1/18/2012 9:32:37 PM OK firefox.exe\Wpc.dll 
1/18/2012 9:32:37 PM OK C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\gecko9\WINNT_x86-msvc\SSSLauncher.dll 
1/18/2012 9:32:37 PM OK firefox.exe\nio.dll 
1/18/2012 9:32:37 PM OK C:\Windows\SysWOW64\Wpc.dll 
1/18/2012 9:32:37 PM OK firefox.exe\net.dll 
1/18/2012 9:32:37 PM OK C:\Program Files (x86)\Java\jre6\bin\nio.dll 
1/18/2012 9:32:37 PM OK firefox.exe\wevtapi.dll 
1/18/2012 9:32:37 PM OK C:\Program Files (x86)\Java\jre6\bin\net.dll 
1/18/2012 9:32:37 PM OK firefox.exe\msvcr71.dll 
1/18/2012 9:32:37 PM OK C:\Windows\SysWOW64\wevtapi.dll 
1/18/2012 9:32:37 PM OK firefox.exe\regutils.dll 
1/18/2012 9:32:37 PM OK C:\Program Files (x86)\Java\jre6\bin\msvcr71.dll 
1/18/2012 9:32:37 PM OK firefox.exe\xul.dll 
1/18/2012 9:32:37 PM OK firefox.exe\networkexplorer.dll 
1/18/2012 9:32:37 PM OK C:\Program Files (x86)\Java\jre6\bin\regutils.dll 
1/18/2012 9:32:37 PM OK firefox.exe\ieframe.dll 
1/18/2012 9:32:37 PM OK firefox.exe\zipfldr.dll 
1/18/2012 9:32:37 PM OK firefox.exe\ieproxy.dll 
1/18/2012 9:32:37 PM OK firefox.exe\oleacc.dll 
1/18/2012 9:32:37 PM OK C:\Windows\SysWOW64\zipfldr.dll 
1/18/2012 9:32:38 PM OK firefox.exe\msacm32.dll 
1/18/2012 9:32:38 PM OK firefox.exe\actxprxy.dll 
1/18/2012 9:32:38 PM OK C:\Program Files (x86)\Internet Explorer\ieproxy.dll 
1/18/2012 9:32:38 PM OK firefox.exe\tiptsf.dll 
1/18/2012 9:32:38 PM OK C:\Windows\SysWOW64\oleacc.dll 
1/18/2012 9:32:38 PM OK C:\Windows\SysWOW64\actxprxy.dll 
1/18/2012 9:32:38 PM OK firefox.exe\StructuredQuery.dll 
1/18/2012 9:32:38 PM OK C:\Windows\SysWOW64\networkexplorer.dll 
1/18/2012 9:32:38 PM OK C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll 
1/18/2012 9:32:38 PM OK firefox.exe\dfscli.dll 
1/18/2012 9:32:38 PM OK C:\Windows\SysWOW64\StructuredQuery.dll 
1/18/2012 9:32:38 PM OK firefox.exe\deploy.dll 
1/18/2012 9:32:38 PM OK C:\Windows\SysWOW64\dfscli.dll 
1/18/2012 9:32:38 PM OK C:\Windows\SysWOW64\ieframe.dll 
1/18/2012 9:32:38 PM OK firefox.exe\java.dll 
1/18/2012 9:32:38 PM OK C:\Program Files (x86)\Java\jre6\bin\deploy.dll 
1/18/2012 9:32:38 PM OK firefox.exe\jp2native.dll 
1/18/2012 9:32:38 PM OK C:\Program Files (x86)\Java\jre6\bin\java.dll 
1/18/2012 9:32:38 PM OK firefox.exe\mozjs.dll 
1/18/2012 9:32:38 PM OK firefox.exe\nss3.dll 
1/18/2012 9:32:38 PM OK C:\Program Files (x86)\Java\jre6\bin\jp2native.dll 
1/18/2012 9:32:38 PM OK firefox.exe\verify.dll 
1/18/2012 9:32:38 PM OK firefox.exe\zip.dll 
1/18/2012 9:32:38 PM OK C:\Program Files (x86)\Java\jre6\bin\verify.dll 
1/18/2012 9:32:38 PM OK firefox.exe\jvm.dll 
1/18/2012 9:32:38 PM OK C:\Program Files (x86)\Java\jre6\bin\zip.dll 
1/18/2012 9:32:38 PM OK firefox.exe\npjp2.dll 
1/18/2012 9:32:38 PM OK C:\Program Files (x86)\Java\jre6\bin\client\jvm.dll 
1/18/2012 9:32:38 PM OK firefox.exe\prloader.dll 
1/18/2012 9:32:38 PM OK C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll 
1/18/2012 9:32:38 PM OK firefox.exe\prremote.dll 
1/18/2012 9:32:38 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\prloader.dll 
1/18/2012 9:32:38 PM OK firefox.exe\wdmaud.drv 
1/18/2012 9:32:38 PM OK firefox.exe\shellex.dll 
1/18/2012 9:32:38 PM OK firefox.exe\ExplorerFrame.dll 
1/18/2012 9:32:38 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\prremote.dll 
1/18/2012 9:32:38 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\shellex.dll 
1/18/2012 9:32:38 PM OK firefox.exe\GrooveShellExtensions.dll 
1/18/2012 9:32:38 PM OK firefox.exe\mlang.dll 
1/18/2012 9:32:38 PM OK firefox.exe\shdocvw.dll 
1/18/2012 9:32:38 PM OK firefox.exe\dui70.dll 
1/18/2012 9:32:38 PM OK firefox.exe\GrooveUtil.dll 
1/18/2012 9:32:38 PM OK firefox.exe\mozsqlite3.dll 
1/18/2012 9:32:38 PM OK firefox.exe\DWrite.dll 
1/18/2012 9:32:38 PM OK C:\Windows\SysWOW64\ExplorerFrame.dll 
1/18/2012 9:32:38 PM OK C:\Windows\SysWOW64\dui70.dll 
1/18/2012 9:32:38 PM OK firefox.exe\davclnt.dll 
1/18/2012 9:32:38 PM OK C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll 
1/18/2012 9:32:38 PM OK firefox.exe\davhlpr.dll 
1/18/2012 9:32:38 PM OK firefox.exe\ntlanman.dll 
1/18/2012 9:32:38 PM OK C:\Windows\SysWOW64\DWrite.dll 
1/18/2012 9:32:38 PM OK C:\Windows\SysWOW64\davclnt.dll 
1/18/2012 9:32:38 PM OK firefox.exe\drprov.dll 
1/18/2012 9:32:38 PM OK C:\Windows\SysWOW64\davhlpr.dll 
1/18/2012 9:32:38 PM OK C:\Windows\SysWOW64\ntlanman.dll 
1/18/2012 9:32:38 PM OK firefox.exe\midimap.dll 
1/18/2012 9:32:38 PM OK firefox.exe\msacm32.drv 
1/18/2012 9:32:38 PM OK firefox.exe\ntmarta.dll 
1/18/2012 9:32:38 PM OK firefox.exe\dwmapi.dll 
1/18/2012 9:32:38 PM OK firefox.exe\uxtheme.dll 
1/18/2012 9:32:38 PM OK firefox.exe\winsta.dll 
1/18/2012 9:32:38 PM OK C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll 
1/18/2012 9:32:38 PM OK C:\Windows\SysWOW64\drprov.dll 
1/18/2012 9:32:38 PM OK firefox.exe\SensApi.dll 
1/18/2012 9:32:38 PM OK firefox.exe\comctl32.dll 
1/18/2012 9:32:38 PM OK firefox.exe\dhcpcsvc6.dll 
1/18/2012 9:32:38 PM OK C:\Windows\SysWOW64\winsta.dll 
1/18/2012 9:32:38 PM OK firefox.exe\dhcpcsvc.dll 
1/18/2012 9:32:38 PM OK C:\Windows\SysWOW64\dhcpcsvc6.dll 
1/18/2012 9:32:38 PM OK firefox.exe\wsock32.dll 
1/18/2012 9:32:38 PM OK firefox.exe\rasman.dll 
1/18/2012 9:32:38 PM OK C:\Windows\SysWOW64\dhcpcsvc.dll 
1/18/2012 9:32:38 PM OK firefox.exe\rasapi32.dll 
1/18/2012 9:32:38 PM OK firefox.exe\FWPUCLNT.DLL 
1/18/2012 9:32:38 PM OK C:\Windows\SysWOW64\rasman.dll 
1/18/2012 9:32:38 PM OK firefox.exe\rasadhlp.dll 
1/18/2012 9:32:38 PM OK C:\Windows\SysWOW64\rasapi32.dll 
1/18/2012 9:32:38 PM OK firefox.exe\winrnr.dll 
1/18/2012 9:32:38 PM OK C:\Windows\SysWOW64\FWPUCLNT.DLL 
1/18/2012 9:32:38 PM OK C:\Windows\SysWOW64\rasadhlp.dll 
1/18/2012 9:32:39 PM OK firefox.exe\dnsapi.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\winrnr.dll 
1/18/2012 9:32:39 PM OK firefox.exe\WLIDNSP.DLL 
1/18/2012 9:32:39 PM OK firefox.exe\pnrpnsp.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\dnsapi.dll 
1/18/2012 9:32:39 PM OK firefox.exe\NapiNSP.dll 
1/18/2012 9:32:39 PM OK firefox.exe\nlaapi.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\pnrpnsp.dll 
1/18/2012 9:32:39 PM OK C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL 
1/18/2012 9:32:39 PM OK firefox.exe\wship6.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\NapiNSP.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\nlaapi.dll 
1/18/2012 9:32:39 PM OK firefox.exe\WSHTCPIP.DLL 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\wship6.dll 
1/18/2012 9:32:39 PM OK firefox.exe\mswsock.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\WSHTCPIP.DLL 
1/18/2012 9:32:39 PM OK firefox.exe\samcli.dll 
1/18/2012 9:32:39 PM OK firefox.exe\winnsi.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\mswsock.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\samcli.dll 
1/18/2012 9:32:39 PM OK firefox.exe\IPHLPAPI.DLL 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\winnsi.dll 
1/18/2012 9:32:39 PM OK firefox.exe\mpr.dll 
1/18/2012 9:32:39 PM OK firefox.exe\winspool.drv 
1/18/2012 9:32:39 PM OK firefox.exe\RpcRtRemote.dll 
1/18/2012 9:32:39 PM OK firefox.exe\rsaenh.dll 
1/18/2012 9:32:39 PM OK firefox.exe\cryptsp.dll 
1/18/2012 9:32:39 PM OK  firefox.exe\secur32.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\IPHLPAPI.DLL 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\mpr.dll 
1/18/2012 9:32:39 PM OK firefox.exe\wkscli.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\secur32.dll 
1/18/2012 9:32:39 PM OK firefox.exe\srvcli.dll 
1/18/2012 9:32:39 PM OK firefox.exe\netutils.dll 
1/18/2012 9:32:39 PM OK firefox.exe\profapi.dll 
1/18/2012 9:32:39 PM OK firefox.exe\userenv.dll 
1/18/2012 9:32:39 PM OK firefox.exe\msvcr80.dll 
1/18/2012 9:32:39 PM OK firefox.exe\msvcp80.dll 
1/18/2012 9:32:39 PM OK firefox.exe\winmm.dll 
1/18/2012 9:32:39 PM OK firefox.exe\apphelp.dll 
1/18/2012 9:32:39 PM OK firefox.exe\version.dll 
1/18/2012 9:32:39 PM OK firefox.exe\wow64cpu.dll 
1/18/2012 9:32:39 PM OK firefox.exe\wow64win.dll 
1/18/2012 9:32:39 PM OK firefox.exe\wow64.dll 
1/18/2012 9:32:39 PM OK firefox.exe\duser.dll 
1/18/2012 9:32:39 PM OK firefox.exe\mscms.dll 
1/18/2012 9:32:39 PM OK firefox.exe\IconCodecService.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\wkscli.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\netutils.dll 
1/18/2012 9:32:39 PM OK firefox.exe\msvcr90.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\duser.dll 
1/18/2012 9:32:39 PM OK firefox.exe\avrt.dll 
1/18/2012 9:32:39 PM OK firefox.exe\ntshrui.dll 
1/18/2012 9:32:39 PM OK firefox.exe\ksuser.dll 
1/18/2012 9:32:39 PM OK firefox.exe\AudioSes.dll 
1/18/2012 9:32:39 PM OK firefox.exe\WindowsCodecs.dll 
1/18/2012 9:32:39 PM OK firefox.exe\dbghelp.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\IconCodecService.dll 
1/18/2012 9:32:39 PM OK firefox.exe\MMDevAPI.dll 
1/18/2012 9:32:39 PM OK firefox.exe\EhStorShell.dll 
1/18/2012 9:32:39 PM OK firefox.exe\ATL80.dll 
1/18/2012 9:32:39 PM OK firefox.exe\slc.dll 
1/18/2012 9:32:39 PM OK firefox.exe\sxs.dll 
1/18/2012 9:32:39 PM OK firefox.exe\GrooveNew.dll 
1/18/2012 9:32:39 PM OK firefox.exe\t2embed.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\EhStorShell.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\dbghelp.dll 
1/18/2012 9:32:39 PM OK C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll 
1/18/2012 9:32:39 PM OK C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll 
1/18/2012 9:32:39 PM OK firefox.exe\rtutils.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\t2embed.dll 
1/18/2012 9:32:39 PM OK firefox.exe\nssckbi.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\rtutils.dll 
1/18/2012 9:32:39 PM OK firefox.exe\browsercomps.dll 
1/18/2012 9:32:39 PM OK C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll 
1/18/2012 9:32:39 PM OK firefox.exe\smime3.dll 
1/18/2012 9:32:39 PM OK firefox.exe\ssl3.dll 
1/18/2012 9:32:39 PM OK firefox.exe\softokn3.dll 
1/18/2012 9:32:39 PM OK C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll 
1/18/2012 9:32:39 PM OK firefox.exe\nssutil3.dll 
1/18/2012 9:32:39 PM OK firefox.exe\nspr4.dll 
1/18/2012 9:32:39 PM OK firefox.exe\xpcom.dll 
1/18/2012 9:32:39 PM OK C:\Program Files (x86)\Mozilla Firefox\softokn3.dll 
1/18/2012 9:32:39 PM OK firefox.exe\mozalloc.dll 
1/18/2012 9:32:39 PM OK firefox.exe\plds4.dll 
1/18/2012 9:32:39 PM OK firefox.exe\icm32.dll 
1/18/2012 9:32:39 PM OK firefox.exe\freebl3.dll 
1/18/2012 9:32:39 PM OK C:\Program Files (x86)\Mozilla Firefox\xpcom.dll 
1/18/2012 9:32:39 PM OK firefox.exe\msimg32.dll 
1/18/2012 9:32:39 PM OK firefox.exe\browcli.dll 
1/18/2012 9:32:39 PM OK firefox.exe\linkinfo.dll 
1/18/2012 9:32:39 PM OK firefox.exe\xmllite.dll 
1/18/2012 9:32:39 PM OK C:\Program Files (x86)\Mozilla Firefox\freebl3.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\browcli.dll 
1/18/2012 9:32:39 PM OK firefox.exe\propsys.dll 
1/18/2012 9:32:39 PM OK firefox.exe\cscapi.dll 
1/18/2012 9:32:39 PM OK firefox.exe\thumbcache.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\xmllite.dll 
1/18/2012 9:32:39 PM OK firefox.exe\nssdbm3.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\thumbcache.dll 
1/18/2012 9:32:39 PM OK firefox.exe\plc4.dll 
1/18/2012 9:32:39 PM OK firefox.exe\msls31.dll 
1/18/2012 9:32:39 PM OK firefox.exe\feclient.dll 
1/18/2012 9:32:39 PM OK C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\msls31.dll 
1/18/2012 9:32:39 PM OK firefox.exe\mozutils.dll 
1/18/2012 9:32:39 PM OK firefox.exe\samlib.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\feclient.dll 
1/18/2012 9:32:39 PM OK firefox.exe\cryptbase.dll 
1/18/2012 9:32:39 PM OK firefox.exe\sspicli.dll 
1/18/2012 9:32:39 PM OK firefox.exe\shell32.dll 
1/18/2012 9:32:39 PM OK firefox.exe\urlmon.dll 
1/18/2012 9:32:39 PM OK firefox.exe\usp10.dll 
1/18/2012 9:32:39 PM OK firefox.exe\user32.dll 
1/18/2012 9:32:39 PM OK firefox.exe\nsi.dll 
1/18/2012 9:32:39 PM OK firefox.exe\msvcrt.dll 
1/18/2012 9:32:39 PM OK firefox.exe\KernelBase.dll 
1/18/2012 9:32:39 PM OK firefox.exe\imm32.dll 
1/18/2012 9:32:39 PM OK firefox.exe\oleaut32.dll 
1/18/2012 9:32:39 PM OK firefox.exe\ws2_32.dll 
1/18/2012 9:32:39 PM OK firefox.exe\wininet.dll 
1/18/2012 9:32:39 PM OK firefox.exe\ole32.dll 
1/18/2012 9:32:39 PM OK firefox.exe\shlwapi.dll 
1/18/2012 9:32:39 PM OK firefox.exe\setupapi.dll  
1/18/2012 9:32:39 PM OK firefox.exe\lpk.dll 
1/18/2012 9:32:39 PM OK firefox.exe\advapi32.dll 
1/18/2012 9:32:39 PM OK firefox.exe\rpcrt4.dll 
1/18/2012 9:32:39 PM OK firefox.exe\crypt32.dll 
1/18/2012 9:32:39 PM OK firefox.exe\devobj.dll 
1/18/2012 9:32:39 PM OK firefox.exe\cfgmgr32.dll 
1/18/2012 9:32:39 PM OK firefox.exe\sechost.dll 
1/18/2012 9:32:39 PM OK firefox.exe\normaliz.dll 
1/18/2012 9:32:39 PM OK C:\Windows\SysWOW64\samlib.dll 
1/18/2012 9:32:39 PM OK firefox.exe\comdlg32.dll 
1/18/2012 9:32:39 PM OK firefox.exe\msctf.dll 
1/18/2012 9:32:39 PM OK firefox.exe\iertutil.dll 
1/18/2012 9:32:39 PM OK firefox.exe\psapi.dll 
1/18/2012 9:32:39 PM OK firefox.exe\Wldap32.dll 
1/18/2012 9:32:39 PM OK firefox.exe\gdi32.dll 
1/18/2012 9:32:39 PM OK firefox.exe\kernel32.dll 
1/18/2012 9:32:39 PM OK firefox.exe\clbcatq.dll 
1/18/2012 9:32:39 PM OK firefox.exe\wintrust.dll 
1/18/2012 9:32:39 PM OK firefox.exe\ntdll.dll 
1/18/2012 9:32:39 PM OK firefox.exe\msasn1.dll 
1/18/2012 9:32:39 PM OK firefox.exe\ntdll.dll 
1/18/2012 9:32:40 PM OK C:\Windows\SysWOW64\normaliz.dll 
1/18/2012 9:32:40 PM OK firefox.exe\msvcr71.dll 
1/18/2012 9:32:40 PM OK C:\Windows\SysWOW64\msvcr71.dll Object was not changed (iChecker) 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\PresentationFontCache.exe 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\wpfgfx_v0300.dll 
1/18/2012 9:32:40 PM OK C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\msvcr80.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\user32.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\kernel32.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\ntdll.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\PresentationCore.ni.dll 
1/18/2012 9:32:40 PM OK C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\WindowsBase.ni.dll 
1/18/2012 9:32:40 PM OK C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\11214511a256f136b8425bdd316b47c9\PresentationCore.ni.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\shfolder.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\System.ServiceProcess.ni.dll Object was not changed (iChecker) 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\System.ni.dll Object was not changed (iChecker) 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\mscorjit.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\mscorlib.ni.dll Object was not changed (iChecker) 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\mscorwks.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\mscoreei.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\mscoree.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\rsaenh.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\cryptsp.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\cryptbase.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\profapi.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\KernelBase.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\advapi32.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\usp10.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\imm32.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\sechost.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\shlwapi.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\gdi32.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\ole32.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\rpcrt4.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\lpk.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\msvcrt.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\oleaut32.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\msctf.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\shell32.dll 
1/18/2012 9:32:40 PM OK PresentationFontCache.exe\apisetschema.dll 
1/18/2012 9:32:40 PM OK C:\Windows\System32\shfolder.dll 
1/18/2012 9:32:40 PM OK C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\bb70e6c85f728c359f1853e2d994dbae\WindowsBase.ni.dll 
1/18/2012 9:32:40 PM OK svchost.exe\caddisnt.dll 
1/18/2012 9:32:40 PM OK svchost.exe\CNC240L.DLL 
1/18/2012 9:32:40 PM OK C:\Windows\twain_32\MP240 series\caddisnt.dll 
1/18/2012 9:32:40 PM OK svchost.exe\user32.dll 
1/18/2012 9:32:40 PM OK svchost.exe\kernel32.dll 
1/18/2012 9:32:40 PM OK svchost.exe\ntdll.dll 
1/18/2012 9:32:40 PM OK svchost.exe\svchost.exe 
1/18/2012 9:32:40 PM OK C:\Windows\System32\CNC240L.DLL 
1/18/2012 9:32:40 PM OK C:\Windows\System32\svchost.exe 
1/18/2012 9:32:40 PM OK svchost.exe\CNC240C.DLL 
1/18/2012 9:32:40 PM OK svchost.exe\wiaservc.dll 
1/18/2012 9:32:40 PM OK C:\Windows\System32\CNC240C.DLL 
1/18/2012 9:32:40 PM OK svchost.exe\sti.dll 
1/18/2012 9:32:40 PM OK C:\Windows\System32\wiaservc.dll 
1/18/2012 9:32:40 PM OK svchost.exe\winspool.drv 
1/18/2012 9:32:40 PM OK svchost.exe\fdPnp.dll 
1/18/2012 9:32:40 PM OK svchost.exe\fundisc.dll 
1/18/2012 9:32:40 PM OK svchost.exe\wsdchngr.dll 
1/18/2012 9:32:40 PM OK svchost.exe\msxml6.dll 
1/18/2012 9:32:40 PM OK svchost.exe\wiatrace.dll 
1/18/2012 9:32:40 PM OK C:\Windows\System32\sti.dll 
1/18/2012 9:32:40 PM OK svchost.exe\atl.dll 
1/18/2012 9:32:40 PM OK svchost.exe\comctl32.dll 
1/18/2012 9:32:40 PM OK svchost.exe\version.dll 
1/18/2012 9:32:40 PM OK svchost.exe\credssp.dll 
1/18/2012 9:32:40 PM OK svchost.exe\rsaenh.dll 
1/18/2012 9:32:40 PM OK svchost.exe\msv1_0.dll 
1/18/2012 9:32:40 PM OK C:\Windows\System32\wiatrace.dll 
1/18/2012 9:32:40 PM OK svchost.exe\cryptsp.dll 
1/18/2012 9:32:40 PM OK svchost.exe\cryptdll.dll 
1/18/2012 9:32:40 PM OK svchost.exe\secur32.dll 
1/18/2012 9:32:40 PM OK svchost.exe\sspicli.dll 
1/18/2012 9:32:40 PM OK svchost.exe\cryptbase.dll 
1/18/2012 9:32:40 PM OK svchost.exe\RpcRtRemote.dll 
1/18/2012 9:32:40 PM OK svchost.exe\msasn1.dll 
1/18/2012 9:32:40 PM OK svchost.exe\KernelBase.dll 
1/18/2012 9:32:40 PM OK svchost.exe\crypt32.dll 
1/18/2012 9:32:40 PM OK C:\Windows\System32\msv1_0.dll 
1/18/2012 9:32:40 PM OK svchost.exe\wintrust.dll 
1/18/2012 9:32:40 PM OK svchost.exe\cfgmgr32.dll 
1/18/2012 9:32:40 PM OK svchost.exe\devobj.dll  
1/18/2012 9:32:40 PM OK svchost.exe\advapi32.dll 
1/18/2012 9:32:40 PM OK svchost.exe\usp10.dll 
1/18/2012 9:32:40 PM OK svchost.exe\imm32.dll 
1/18/2012 9:32:40 PM OK svchost.exe\sechost.dll 
1/18/2012 9:32:40 PM OK svchost.exe\setupapi.dll 
1/18/2012 9:32:40 PM OK svchost.exe\shlwapi.dll 
1/18/2012 9:32:40 PM OK svchost.exe\gdi32.dll 
1/18/2012 9:32:40 PM OK svchost.exe\ole32.dll 
1/18/2012 9:32:40 PM OK svchost.exe\clbcatq.dll 
1/18/2012 9:32:40 PM OK svchost.exe\rpcrt4.dll 
1/18/2012 9:32:40 PM OK svchost.exe\lpk.dll 
1/18/2012 9:32:40 PM OK svchost.exe\msvcrt.dll 
1/18/2012 9:32:40 PM OK svchost.exe\oleaut32.dll 
1/18/2012 9:32:40 PM OK svchost.exe\msctf.dll 
1/18/2012 9:32:40 PM OK svchost.exe\apisetschema.dll 
1/18/2012 9:32:40 PM OK C:\Windows\System32\cryptdll.dll 
1/18/2012 9:32:40 PM OK svchost.exe\user32.dll 
1/18/2012 9:32:40 PM OK svchost.exe\kernel32.dll 
1/18/2012 9:32:40 PM OK svchost.exe\ntdll.dll 
1/18/2012 9:32:40 PM OK svchost.exe\svchost.exe 
1/18/2012 9:32:40 PM OK svchost.exe\swprv.dll 
1/18/2012 9:32:40 PM OK svchost.exe\vss_ps.dll 
1/18/2012 9:32:40 PM OK C:\Windows\System32\swprv.dll 
1/18/2012 9:32:40 PM OK svchost.exe\vsstrace.dll 
1/18/2012 9:32:40 PM OK C:\Windows\System32\vss_ps.dll 
1/18/2012 9:32:41 PM OK svchost.exe\vssapi.dll 
1/18/2012 9:32:41 PM OK C:\Windows\System32\vsstrace.dll 
1/18/2012 9:32:41 PM OK svchost.exe\fltLib.dll 
1/18/2012 9:32:41 PM OK svchost.exe\virtdisk.dll 
1/18/2012 9:32:41 PM OK C:\Windows\System32\vssapi.dll 
1/18/2012 9:32:41 PM OK C:\Windows\System32\fltLib.dll 
1/18/2012 9:32:41 PM OK svchost.exe\atl.dll 
1/18/2012 9:32:41 PM OK svchost.exe\rsaenh.dll 
1/18/2012 9:32:41 PM OK svchost.exe\cryptsp.dll 
1/18/2012 9:32:41 PM OK svchost.exe\cryptbase.dll 
1/18/2012 9:32:41 PM OK svchost.exe\RpcRtRemote.dll 
1/18/2012 9:32:41 PM OK svchost.exe\KernelBase.dll 
1/18/2012 9:32:41 PM OK svchost.exe\advapi32.dll 
1/18/2012 9:32:41 PM OK svchost.exe\usp10.dll 
1/18/2012 9:32:41 PM OK svchost.exe\imm32.dll 
1/18/2012 9:32:41 PM OK svchost.exe\sechost.dll 
1/18/2012 9:32:41 PM OK svchost.exe\gdi32.dll 
1/18/2012 9:32:41 PM OK svchost.exe\ole32.dll 
1/18/2012 9:32:41 PM OK svchost.exe\clbcatq.dll 
1/18/2012 9:32:41 PM OK svchost.exe\rpcrt4.dll 
1/18/2012 9:32:41 PM OK svchost.exe\lpk.dll 
1/18/2012 9:32:41 PM OK svchost.exe\msvcrt.dll 
1/18/2012 9:32:41 PM OK C:\Windows\System32\virtdisk.dll 
1/18/2012 9:32:41 PM OK svchost.exe\oleaut32.dll 
1/18/2012 9:32:41 PM OK svchost.exe\msctf.dll 
1/18/2012 9:32:41 PM OK svchost.exe\apisetschema.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\user32.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\kernel32.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\ntdll.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\VSSVC.exe 
1/18/2012 9:32:41 PM OK VSSVC.exe\catsrvut.dll 
1/18/2012 9:32:41 PM OK C:\Windows\System32\VSSVC.exe 
1/18/2012 9:32:41 PM OK VSSVC.exe\vss_ps.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\mfcsubs.dll 
1/18/2012 9:32:41 PM OK C:\Windows\System32\catsrvut.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\resutils.dll 
1/18/2012 9:32:41 PM OK C:\Windows\System32\mfcsubs.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\clusapi.dll 
1/18/2012 9:32:41 PM OK C:\Windows\System32\resutils.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\xolehlp.dll 
1/18/2012 9:32:41 PM OK C:\Windows\System32\clusapi.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\msxml3.dll 
1/18/2012 9:32:41 PM OK C:\Windows\System32\xolehlp.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\vsstrace.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\vssapi.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\fltLib.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\virtdisk.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\es.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\atl.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\samcli.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\wkscli.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\netutils.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\netapi32.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\samlib.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\propsys.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\version.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\rsaenh.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\cryptsp.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\authz.dll 
1/18/2012 9:32:41 PM OK C:\Windows\System32\samlib.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\cryptdll.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\srvcli.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\cryptbase.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\sxs.dll 
1/18/2012 9:32:41 PM OK C:\Windows\System32\es.dll 
1/18/2012 9:32:41 PM OK C:\Windows\System32\authz.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\RpcRtRemote.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\msasn1.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\KernelBase.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\crypt32.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\wintrust.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\cfgmgr32.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\devobj.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\advapi32.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\usp10.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\imm32.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\sechost.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\setupapi.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\shlwapi.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\gdi32.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\ole32.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\clbcatq.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\rpcrt4.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\lpk.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\msvcrt.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\oleaut32.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\msctf.dll 
1/18/2012 9:32:41 PM OK VSSVC.exe\apisetschema.dll 
1/18/2012 9:32:41 PM OK C:\Windows\System32\msxml3.dll 
1/18/2012 9:32:41 PM OK C:\Windows\System32\sxs.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\user32.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\kernel32.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\ntdll.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\rundll32.exe 
1/18/2012 9:32:41 PM OK rundll32.exe\sdengin2.dll 
1/18/2012 9:32:41 PM OK C:\Windows\System32\rundll32.exe 
1/18/2012 9:32:41 PM OK rundll32.exe\spp.dll 
1/18/2012 9:32:41 PM OK C:\Windows\System32\sdengin2.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\msi.dll 
1/18/2012 9:32:41 PM OK C:\Windows\System32\spp.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\mpr.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\sxproxy.dll 
1/18/2012 9:32:41 PM OK C:\Windows\System32\mpr.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\wer.dll 
1/18/2012 9:32:41 PM OK C:\Windows\System32\sxproxy.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\vsstrace.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\vssapi.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\slc.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\atl.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\credui.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\comctl32.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\rsaenh.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\cryptsp.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\cryptbase.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\RpcRtRemote.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\msasn1.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\KernelBase.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\crypt32.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\cfgmgr32.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\devobj.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\advapi32.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\usp10.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\imagehlp.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\imm32.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\sechost.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\setupapi.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\shlwapi.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\gdi32.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\ole32.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\clbcatq.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\rpcrt4.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\lpk.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\msvcrt.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\oleaut32.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\msctf.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\shell32.dll 
1/18/2012 9:32:41 PM OK rundll32.exe\apisetschema.dll 
1/18/2012 9:32:41 PM OK C:\Windows\System32\wer.dll 
1/18/2012 9:32:41 PM OK C:\Windows\System32\msi.dll 
1/18/2012 9:32:41 PM OK AfterBeep.exe\apisetschema.dll 
1/18/2012 9:32:41 PM OK AfterBeep.exe\wavdest.ax 
1/18/2012 9:32:41 PM OK AfterBeep.exe\AfterBeep.exe 
1/18/2012 9:32:41 PM OK C:\Users\Owner\AppData\Roaming\afterbeep\wavdest.ax 
1/18/2012 9:32:41 PM OK AfterBeep.exe\FLVSrvLib.dll Object was not changed (iChecker) 
1/18/2012 9:32:41 PM OK AfterBeep.exe\inetmib1.dll 
1/18/2012 9:32:42 PM OK C:\ProgramData\Skype\Plugins\Plugins\F6978F4ED0EB4A2B957D08E37B29E951\AfterBeep.exe/# 
1/18/2012 9:32:42 PM OK AfterBeep.exe\oledlg.dll 
1/18/2012 9:32:42 PM OK C:\Windows\SysWOW64\inetmib1.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\riched32.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\snmpapi.dll 
1/18/2012 9:32:42 PM OK C:\ProgramData\Skype\Plugins\Plugins\F6978F4ED0EB4A2B957D08E37B29E951\AfterBeep.exe 
1/18/2012 9:32:42 PM OK C:\Windows\SysWOW64\oledlg.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\devenum.dll 
1/18/2012 9:32:42 PM OK C:\Windows\SysWOW64\snmpapi.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\msdmo.dll 
1/18/2012 9:32:42 PM OK C:\Windows\SysWOW64\devenum.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\riched20.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\olepro32.dll 
1/18/2012 9:32:42 PM OK C:\Windows\SysWOW64\msdmo.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\ntmarta.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\dwmapi.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\uxtheme.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\SensApi.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\comctl32.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\wsock32.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\rasman.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\rasapi32.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\FWPUCLNT.DLL 
1/18/2012 9:32:42 PM OK AfterBeep.exe\rasadhlp.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\winrnr.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\dnsapi.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\WLIDNSP.DLL 
1/18/2012 9:32:42 PM OK AfterBeep.exe\pnrpnsp.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\NapiNSP.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\nlaapi.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\wship6.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\WSHTCPIP.DLL 
1/18/2012 9:32:42 PM OK AfterBeep.exe\mswsock.dll 
1/18/2012 9:32:42 PM OK C:\Windows\SysWOW64\olepro32.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\winnsi.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\IPHLPAPI.DLL 
1/18/2012 9:32:42 PM OK AfterBeep.exe\winspool.drv 
1/18/2012 9:32:42 PM OK AfterBeep.exe\profapi.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\winmm.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\apphelp.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\version.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\wow64cpu.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\wow64win.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\wow64.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\msvcr90.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\rtutils.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\propsys.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\cryptbase.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\sspicli.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\shell32.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\urlmon.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\usp10.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\user32.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\nsi.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\msvcrt.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\KernelBase.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\imm32.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\oleaut32.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\ws2_32.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\wininet.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\ole32.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\shlwapi.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\setupapi.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\lpk.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\advapi32.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\rpcrt4.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\crypt32.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\devobj.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\cfgmgr32.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\sechost.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\normaliz.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\comdlg32.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\msctf.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\iertutil.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\psapi.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\Wldap32.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\gdi32.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\kernel32.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\clbcatq.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\wintrust.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\ntdll.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\msasn1.dll 
1/18/2012 9:32:42 PM OK AfterBeep.exe\ntdll.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\apisetschema.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\skypePM.exe 
1/18/2012 9:32:42 PM OK skypePM.exe\ezPMUtils.dll 
1/18/2012 9:32:42 PM OK C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe 
1/18/2012 9:32:42 PM OK skypePM.exe\skGamesUpdate.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\FLVSrvLib.dll Object was not changed (iChecker) 
1/18/2012 9:32:42 PM OK skypePM.exe\msxml4.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\olepro32.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\schannel.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\ntmarta.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\FirewallAPI.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\dwmapi.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\uxtheme.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\SensApi.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\bcryptprimitives.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\bcrypt.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\ncrypt.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\comctl32.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\wsock32.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\rasman.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\rasapi32.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\FWPUCLNT.DLL 
1/18/2012 9:32:42 PM OK skypePM.exe\rasadhlp.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\dnsapi.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\WLIDNSP.DLL 
1/18/2012 9:32:42 PM OK skypePM.exe\nlaapi.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\wship6.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\WSHTCPIP.DLL 
1/18/2012 9:32:42 PM OK skypePM.exe\mswsock.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\winnsi.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\IPHLPAPI.DLL 
1/18/2012 9:32:42 PM OK skypePM.exe\winspool.drv 
1/18/2012 9:32:42 PM OK skypePM.exe\rsaenh.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\cryptsp.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\wkscli.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\netutils.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\profapi.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\userenv.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\winmm.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\apphelp.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\version.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\wow64cpu.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\wow64win.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\wow64.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\msvcr90.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\rtutils.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\cryptbase.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\sspicli.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\shell32.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\urlmon.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\usp10.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\user32.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\nsi.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\msvcrt.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\KernelBase.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\imm32.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\oleaut32.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\ws2_32.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\wininet.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\ole32.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\shlwapi.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\lpk.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\imagehlp.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\advapi32.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\rpcrt4.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\crypt32.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\sechost.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\comdlg32.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\msctf.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\iertutil.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\psapi.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\Wldap32.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\gdi32.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\kernel32.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\clbcatq.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\wintrust.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\ntdll.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\msasn1.dll 
1/18/2012 9:32:42 PM OK skypePM.exe\ntdll.dll 
1/18/2012 9:32:42 PM OK C:\ProgramData\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\53F537B72987463CB06D78F5541A3239\skGamesUpdate.dll


----------



## destin (Jan 8, 2012)

*2nd part*

1/18/2012 9:32:42 PM OK C:\Windows\SysWOW64\msxml4.dll 
1/18/2012 9:32:42 PM OK C:\Windows\SysWOW64\FirewallAPI.dll 
1/18/2012 9:32:42 PM OK C:\Program Files (x86)\Skype\Plugin Manager\ezPMUtils.dll 
1/18/2012 9:32:42 PM OK svchost.exe\sfc.dll 
1/18/2012 9:32:43 PM OK svchost.exe\user32.dll 
1/18/2012 9:32:43 PM OK svchost.exe\kernel32.dll 
1/18/2012 9:32:43 PM OK svchost.exe\ntdll.dll 
1/18/2012 9:32:43 PM OK svchost.exe\svchost.exe 
1/18/2012 9:32:43 PM OK C:\Windows\System32\sfc.dll 
1/18/2012 9:32:43 PM OK svchost.exe\AdobeDriveCS4_NP.dll 
1/18/2012 9:32:43 PM OK svchost.exe\clr.dll 
1/18/2012 9:32:43 PM OK C:\Program Files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll 
1/18/2012 9:32:43 PM OK svchost.exe\msvcr100_clr0400.dll 
1/18/2012 9:32:43 PM OK C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll 
1/18/2012 9:32:43 PM OK svchost.exe\sdengin2.dll 
1/18/2012 9:32:43 PM OK svchost.exe\spp.dll 
1/18/2012 9:32:43 PM OK svchost.exe\msi.dll 
1/18/2012 9:32:43 PM OK svchost.exe\davclnt.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\msvcr100_clr0400.dll 
1/18/2012 9:32:43 PM OK svchost.exe\ntlanman.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\davclnt.dll 
1/18/2012 9:32:43 PM OK svchost.exe\mpr.dll 
1/18/2012 9:32:43 PM OK svchost.exe\networkexplorer.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\ntlanman.dll 
1/18/2012 9:32:43 PM OK svchost.exe\davhlpr.dll 
1/18/2012 9:32:43 PM OK svchost.exe\sxproxy.dll 
1/18/2012 9:32:43 PM OK svchost.exe\sxshared.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\davhlpr.dll 
1/18/2012 9:32:43 PM OK svchost.exe\drprov.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\sxshared.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\networkexplorer.dll 
1/18/2012 9:32:43 PM OK svchost.exe\fusion.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\drprov.dll 
1/18/2012 9:32:43 PM OK svchost.exe\sdrsvc.dll 
1/18/2012 9:32:43 PM OK C:\Windows\Microsoft.NET\Framework64\v4.0.30319\fusion.dll 
1/18/2012 9:32:43 PM OK svchost.exe\vss_ps.dll 
1/18/2012 9:32:43 PM OK svchost.exe\msxml3.dll 
1/18/2012 9:32:43 PM OK svchost.exe\wer.dll 
1/18/2012 9:32:43 PM OK svchost.exe\mscoreei.dll 
1/18/2012 9:32:43 PM OK svchost.exe\mscoree.dll 
1/18/2012 9:32:43 PM OK svchost.exe\linkinfo.dll 
1/18/2012 9:32:43 PM OK svchost.exe\sfc_os.dll 
1/18/2012 9:32:43 PM OK svchost.exe\vsstrace.dll 
1/18/2012 9:32:43 PM OK svchost.exe\vssapi.dll 
1/18/2012 9:32:43 PM OK svchost.exe\fvecerts.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\linkinfo.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\sdrsvc.dll 
1/18/2012 9:32:43 PM OK svchost.exe\tbs.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\sfc_os.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\fvecerts.dll 
1/18/2012 9:32:43 PM OK svchost.exe\fveapi.dll 
1/18/2012 9:32:43 PM OK svchost.exe\slc.dll 
1/18/2012 9:32:43 PM OK svchost.exe\dsrole.dll 
1/18/2012 9:32:43 PM OK svchost.exe\es.dll 
1/18/2012 9:32:43 PM OK svchost.exe\atl.dll 
1/18/2012 9:32:43 PM OK svchost.exe\ntmarta.dll 
1/18/2012 9:32:43 PM OK svchost.exe\samcli.dll 
1/18/2012 9:32:43 PM OK svchost.exe\wkscli.dll 
1/18/2012 9:32:43 PM OK svchost.exe\netutils.dll 
1/18/2012 9:32:43 PM OK svchost.exe\netapi32.dll 
1/18/2012 9:32:43 PM OK svchost.exe\credui.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\tbs.dll 
1/18/2012 9:32:43 PM OK svchost.exe\xmllite.dll 
1/18/2012 9:32:43 PM OK svchost.exe\samlib.dll 
1/18/2012 9:32:43 PM OK svchost.exe\comctl32.dll 
1/18/2012 9:32:43 PM OK svchost.exe\propsys.dll 
1/18/2012 9:32:43 PM OK svchost.exe\version.dll 
1/18/2012 9:32:43 PM OK svchost.exe\winsta.dll 
1/18/2012 9:32:43 PM OK svchost.exe\rsaenh.dll 
1/18/2012 9:32:43 PM OK svchost.exe\logoncli.dll 
1/18/2012 9:32:43 PM OK svchost.exe\cryptsp.dll 
1/18/2012 9:32:43 PM OK svchost.exe\srvcli.dll 
1/18/2012 9:32:43 PM OK svchost.exe\apphelp.dll 
1/18/2012 9:32:43 PM OK svchost.exe\cryptbase.dll 
1/18/2012 9:32:43 PM OK svchost.exe\sxs.dll 
1/18/2012 9:32:43 PM OK svchost.exe\RpcRtRemote.dll 
1/18/2012 9:32:43 PM OK svchost.exe\profapi.dll 
1/18/2012 9:32:43 PM OK svchost.exe\msasn1.dll 
1/18/2012 9:32:43 PM OK svchost.exe\KernelBase.dll 
1/18/2012 9:32:43 PM OK svchost.exe\crypt32.dll 
1/18/2012 9:32:43 PM OK svchost.exe\wintrust.dll 
1/18/2012 9:32:43 PM OK svchost.exe\cfgmgr32.dll 
1/18/2012 9:32:43 PM OK svchost.exe\devobj.dll 
1/18/2012 9:32:43 PM OK svchost.exe\advapi32.dll 
1/18/2012 9:32:43 PM OK svchost.exe\usp10.dll 
1/18/2012 9:32:43 PM OK svchost.exe\imm32.dll 
1/18/2012 9:32:43 PM OK svchost.exe\sechost.dll 
1/18/2012 9:32:43 PM OK svchost.exe\setupapi.dll 
1/18/2012 9:32:43 PM OK svchost.exe\shlwapi.dll 
1/18/2012 9:32:43 PM OK svchost.exe\gdi32.dll 
1/18/2012 9:32:43 PM OK svchost.exe\ole32.dll 
1/18/2012 9:32:43 PM OK svchost.exe\clbcatq.dll 
1/18/2012 9:32:43 PM OK svchost.exe\rpcrt4.dll 
1/18/2012 9:32:43 PM OK svchost.exe\Wldap32.dll 
1/18/2012 9:32:43 PM OK svchost.exe\lpk.dll 
1/18/2012 9:32:43 PM OK svchost.exe\msvcrt.dll 
1/18/2012 9:32:43 PM OK svchost.exe\oleaut32.dll 
1/18/2012 9:32:43 PM OK svchost.exe\msctf.dll 
1/18/2012 9:32:43 PM OK svchost.exe\shell32.dll 
1/18/2012 9:32:43 PM OK svchost.exe\apisetschema.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\fveapi.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\user32.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\kernel32.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\ntdll.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\psapi.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\dllhost.exe 
1/18/2012 9:32:43 PM OK dllhost.exe\wlidcli.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\dllhost.exe 
1/18/2012 9:32:43 PM OK dllhost.exe\WLIDPROV.DLL 
1/18/2012 9:32:43 PM OK C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\IDStore.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\WinSCard.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\oleacc.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\actxprxy.dll 
1/18/2012 9:32:43 PM OK C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL 
1/18/2012 9:32:43 PM OK C:\Windows\System32\IDStore.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\WinSCard.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\propsys.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\version.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\userenv.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\rsaenh.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\cryptsp.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\cryptbase.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\RpcRtRemote.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\profapi.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\msasn1.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\KernelBase.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\crypt32.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\wintrust.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\iertutil.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\advapi32.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\usp10.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\urlmon.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\imm32.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\sechost.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\shlwapi.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\gdi32.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\ole32.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\clbcatq.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\rpcrt4.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\lpk.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\msvcrt.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\oleaut32.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\msctf.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\wininet.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\shell32.dll 
1/18/2012 9:32:43 PM OK dllhost.exe\apisetschema.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\oleacc.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\actxprxy.dll 
1/18/2012 9:32:43 PM OK svchost.exe\user32.dll 
1/18/2012 9:32:43 PM OK svchost.exe\kernel32.dll 
1/18/2012 9:32:43 PM OK svchost.exe\ntdll.dll 
1/18/2012 9:32:43 PM OK svchost.exe\psapi.dll 
1/18/2012 9:32:43 PM OK svchost.exe\svchost.exe 
1/18/2012 9:32:43 PM OK svchost.exe\drt.dll 
1/18/2012 9:32:43 PM OK svchost.exe\P2PGraph.dll 
1/18/2012 9:32:43 PM OK svchost.exe\p2psvc.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\drt.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\P2PGraph.dll 
1/18/2012 9:32:43 PM OK svchost.exe\drttransport.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\p2psvc.dll 
1/18/2012 9:32:43 PM OK svchost.exe\pnrpsvc.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\drttransport.dll 
1/18/2012 9:32:43 PM OK svchost.exe\esent.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\pnrpsvc.dll 
1/18/2012 9:32:43 PM OK svchost.exe\pnrpnsp.dll 
1/18/2012 9:32:43 PM OK svchost.exe\rasadhlp.dll 
1/18/2012 9:32:43 PM OK svchost.exe\sqmapi.dll 
1/18/2012 9:32:43 PM OK svchost.exe\ssdpapi.dll 
1/18/2012 9:32:43 PM OK svchost.exe\dhcpcsvc6.dll 
1/18/2012 9:32:43 PM OK svchost.exe\dhcpcsvc.dll 
1/18/2012 9:32:43 PM OK svchost.exe\winnsi.dll 
1/18/2012 9:32:43 PM OK svchost.exe\IPHLPAPI.DLL 
1/18/2012 9:32:43 PM OK svchost.exe\slc.dll 
1/18/2012 9:32:43 PM OK svchost.exe\ntmarta.dll 
1/18/2012 9:32:43 PM OK svchost.exe\xmllite.dll 
1/18/2012 9:32:43 PM OK svchost.exe\gpapi.dll 
1/18/2012 9:32:43 PM OK svchost.exe\userenv.dll 
1/18/2012 9:32:43 PM OK svchost.exe\credssp.dll 
1/18/2012 9:32:43 PM OK svchost.exe\pcwum.dll 
1/18/2012 9:32:43 PM OK svchost.exe\bcryptprimitives.dll 
1/18/2012 9:32:43 PM OK svchost.exe\rsaenh.dll 
1/18/2012 9:32:43 PM OK svchost.exe\schannel.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\ssdpapi.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\sqmapi.dll 
1/18/2012 9:32:43 PM OK C:\Windows\System32\esent.dll 
1/18/2012 9:32:43 PM OK svchost.exe\wship6.dll 
1/18/2012 9:32:43 PM OK svchost.exe\mswsock.dll 
1/18/2012 9:32:43 PM OK svchost.exe\cryptsp.dll 
1/18/2012 9:32:43 PM OK svchost.exe\bcrypt.dll 
1/18/2012 9:32:43 PM OK svchost.exe\ncrypt.dll 
1/18/2012 9:32:43 PM OK svchost.exe\authz.dll 
1/18/2012 9:32:43 PM OK svchost.exe\secur32.dll 
1/18/2012 9:32:43 PM OK svchost.exe\sspicli.dll 
1/18/2012 9:32:43 PM OK svchost.exe\cryptbase.dll 
1/18/2012 9:32:43 PM OK svchost.exe\RpcRtRemote.dll 
1/18/2012 9:32:44 PM OK svchost.exe\profapi.dll 
1/18/2012 9:32:44 PM OK svchost.exe\msasn1.dll 
1/18/2012 9:32:44 PM OK svchost.exe\KernelBase.dll 
1/18/2012 9:32:44 PM OK svchost.exe\crypt32.dll 
1/18/2012 9:32:44 PM OK svchost.exe\advapi32.dll 
1/18/2012 9:32:44 PM OK svchost.exe\usp10.dll 
1/18/2012 9:32:44 PM OK svchost.exe\nsi.dll 
1/18/2012 9:32:44 PM OK svchost.exe\ws2_32.dll 
1/18/2012 9:32:44 PM OK svchost.exe\imm32.dll 
1/18/2012 9:32:44 PM OK svchost.exe\sechost.dll 
1/18/2012 9:32:44 PM OK svchost.exe\shlwapi.dll 
1/18/2012 9:32:44 PM OK svchost.exe\gdi32.dll 
1/18/2012 9:32:44 PM OK svchost.exe\ole32.dll 
1/18/2012 9:32:44 PM OK svchost.exe\clbcatq.dll 
1/18/2012 9:32:44 PM OK svchost.exe\rpcrt4.dll 
1/18/2012 9:32:44 PM OK svchost.exe\Wldap32.dll 
1/18/2012 9:32:44 PM OK C:\Windows\System32\schannel.dll 
1/18/2012 9:32:44 PM OK svchost.exe\lpk.dll 
1/18/2012 9:32:44 PM OK svchost.exe\msvcrt.dll 
1/18/2012 9:32:44 PM OK svchost.exe\oleaut32.dll 
1/18/2012 9:32:44 PM OK svchost.exe\msctf.dll 
1/18/2012 9:32:44 PM OK svchost.exe\shell32.dll 
1/18/2012 9:32:44 PM OK svchost.exe\apisetschema.dll 
1/18/2012 9:32:44 PM OK avp.exe\apisetschema.dll 
1/18/2012 9:32:44 PM OK avp.exe\avp.exe 
1/18/2012 9:32:44 PM OK avp.exe\dblite.dll 
1/18/2012 9:32:44 PM OK avp.exe\shdocvw.dll 
1/18/2012 9:32:44 PM OK avp.exe\clbcatq.dll 
1/18/2012 9:32:44 PM OK avp.exe\localization_manager.dll 
1/18/2012 9:32:44 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\dblite.dll 
1/18/2012 9:32:44 PM OK avp.exe\GrooveShellExtensions.dll 
1/18/2012 9:32:44 PM OK avp.exe\GrooveUtil.dll 
1/18/2012 9:32:44 PM OK avp.exe\FLVSrvLib.dll Object was not changed (iChecker) 
1/18/2012 9:32:44 PM OK avp.exe\riched20.dll 
1/18/2012 9:32:44 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe 
1/18/2012 9:32:44 PM OK avp.exe\clldr.dll 
1/18/2012 9:32:44 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\localization_manager.dll 
1/18/2012 9:32:44 PM OK avp.exe\memmng.dll 
1/18/2012 9:32:44 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\clldr.dll 
1/18/2012 9:32:44 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\clldr.dll 
1/18/2012 9:32:45 PM OK avp.exe\prloader.dll Object was not changed (iChecker) 
1/18/2012 9:32:45 PM OK avp.exe\prremote.dll Object was not changed (iChecker) 
1/18/2012 9:32:45 PM OK avp.exe\QtCore4.dll 
1/18/2012 9:32:45 PM OK avp.exe\QtGui4.dll 
1/18/2012 9:32:45 PM OK avp.exe\shellex.dll Object was not changed (iChecker) 
1/18/2012 9:32:45 PM OK avp.exe\schannel.dll 
1/18/2012 9:32:45 PM OK avp.exe\ushata.dll 
1/18/2012 9:32:45 PM OK avp.exe\avpgui.ppl 
1/18/2012 9:32:45 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\QtCore4.dll 
1/18/2012 9:32:45 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ushata.dll 
1/18/2012 9:32:45 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\QtGui4.dll 
1/18/2012 9:32:45 PM OK avp.exe\basegui.ppl 
1/18/2012 9:32:45 PM OK avp.exe\FsDrvPlg.ppl 
1/18/2012 9:32:45 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avpgui.ppl 
1/18/2012 9:32:45 PM OK avp.exe\HASHMD5.PPL 
1/18/2012 9:32:45 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\basegui.ppl 
1/18/2012 9:32:45 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\FsDrvPlg.ppl 
1/18/2012 9:32:45 PM OK avp.exe\mkavio.ppl 
1/18/2012 9:32:45 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\HASHMD5.PPL 
1/18/2012 9:32:45 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\memmng.dll 
1/18/2012 9:32:45 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\memmng.dll 
1/18/2012 9:32:45 PM OK avp.exe\nfio.ppl 
1/18/2012 9:32:45 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\mkavio.ppl 
1/18/2012 9:32:45 PM OK avp.exe\ntmarta.dll 
1/18/2012 9:32:45 PM OK avp.exe\params.ppl 
1/18/2012 9:32:45 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\nfio.ppl 
1/18/2012 9:32:45 PM OK avp.exe\pxstub.ppl 
1/18/2012 9:32:45 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\params.ppl 
1/18/2012 9:32:45 PM OK avp.exe\sandbox.ppl 
1/18/2012 9:32:45 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\pxstub.ppl 
1/18/2012 9:32:45 PM OK avp.exe\thpimpl.ppl 
1/18/2012 9:32:45 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\sandbox.ppl 
1/18/2012 9:32:45 PM OK avp.exe\winlibhlpr.ppl 
1/18/2012 9:32:45 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\thpimpl.ppl 
1/18/2012 9:32:45 PM OK avp.exe\WinReg.ppl 
1/18/2012 9:32:45 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\winlibhlpr.ppl 
1/18/2012 9:32:45 PM OK avp.exe\dwmapi.dll 
1/18/2012 9:32:45 PM OK avp.exe\uxtheme.dll 
1/18/2012 9:32:45 PM OK avp.exe\winsta.dll 
1/18/2012 9:32:45 PM OK avp.exe\devrtl.dll 
1/18/2012 9:32:45 PM OK avp.exe\cabinet.dll 
1/18/2012 9:32:45 PM OK avp.exe\SensApi.dll 
1/18/2012 9:32:45 PM OK avp.exe\cryptnet.dll 
1/18/2012 9:32:45 PM OK avp.exe\gpapi.dll 
1/18/2012 9:32:45 PM OK avp.exe\bcryptprimitives.dll 
1/18/2012 9:32:45 PM OK avp.exe\bcrypt.dll 
1/18/2012 9:32:45 PM OK avp.exe\ncrypt.dll 
1/18/2012 9:32:45 PM OK avp.exe\comctl32.dll 
1/18/2012 9:32:45 PM OK avp.exe\rasman.dll 
1/18/2012 9:32:45 PM OK avp.exe\rasapi32.dll 
1/18/2012 9:32:45 PM OK avp.exe\FWPUCLNT.DLL 
1/18/2012 9:32:45 PM OK avp.exe\rasadhlp.dll 
1/18/2012 9:32:45 PM OK avp.exe\dnsapi.dll 
1/18/2012 9:32:45 PM OK avp.exe\WLIDNSP.DLL 
1/18/2012 9:32:45 PM OK avp.exe\nlaapi.dll 
1/18/2012 9:32:45 PM OK avp.exe\wship6.dll 
1/18/2012 9:32:45 PM OK avp.exe\WSHTCPIP.DLL 
1/18/2012 9:32:45 PM OK avp.exe\mswsock.dll 
1/18/2012 9:32:45 PM OK avp.exe\samcli.dll 
1/18/2012 9:32:45 PM OK avp.exe\winnsi.dll 
1/18/2012 9:32:45 PM OK avp.exe\IPHLPAPI.DLL 
1/18/2012 9:32:45 PM OK avp.exe\mpr.dll 
1/18/2012 9:32:45 PM OK avp.exe\winspool.drv 
1/18/2012 9:32:45 PM OK avp.exe\RpcRtRemote.dll 
1/18/2012 9:32:45 PM OK avp.exe\rsaenh.dll 
1/18/2012 9:32:45 PM OK avp.exe\cryptsp.dll 
1/18/2012 9:32:45 PM OK avp.exe\secur32.dll 
1/18/2012 9:32:45 PM OK avp.exe\wkscli.dll 
1/18/2012 9:32:45 PM OK avp.exe\srvcli.dll 
1/18/2012 9:32:45 PM OK avp.exe\netutils.dll 
1/18/2012 9:32:45 PM OK avp.exe\netapi32.dll 
1/18/2012 9:32:45 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\WinReg.ppl 
1/18/2012 9:32:45 PM OK avp.exe\profapi.dll 
1/18/2012 9:32:45 PM OK avp.exe\userenv.dll 
1/18/2012 9:32:45 PM OK avp.exe\fltLib.dll 
1/18/2012 9:32:45 PM OK avp.exe\fssync.dll 
1/18/2012 9:32:45 PM OK C:\Windows\SysWOW64\netapi32.dll 
1/18/2012 9:32:45 PM OK avp.exe\msvcr80.dll 
1/18/2012 9:32:45 PM OK avp.exe\msvcp80.dll 
1/18/2012 9:32:45 PM OK avp.exe\winmm.dll 
1/18/2012 9:32:45 PM OK avp.exe\apphelp.dll 
1/18/2012 9:32:45 PM OK avp.exe\wtsapi32.dll 
1/18/2012 9:32:45 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\fssync.dll 
1/18/2012 9:32:45 PM OK avp.exe\version.dll 
1/18/2012 9:32:45 PM OK avp.exe\wow64cpu.dll 
1/18/2012 9:32:45 PM OK avp.exe\wow64win.dll 
1/18/2012 9:32:45 PM OK avp.exe\wow64.dll 
1/18/2012 9:32:45 PM OK avp.exe\msvcr90.dll 
1/18/2012 9:32:45 PM OK avp.exe\ntshrui.dll 
1/18/2012 9:32:45 PM OK avp.exe\WindowsCodecs.dll 
1/18/2012 9:32:45 PM OK avp.exe\EhStorShell.dll 
1/18/2012 9:32:45 PM OK avp.exe\ATL80.dll 
1/18/2012 9:32:45 PM OK avp.exe\slc.dll 
1/18/2012 9:32:45 PM OK avp.exe\credssp.dll 
1/18/2012 9:32:45 PM OK avp.exe\GrooveNew.dll 
1/18/2012 9:32:45 PM OK avp.exe\rtutils.dll 
1/18/2012 9:32:45 PM OK avp.exe\msimg32.dll 
1/18/2012 9:32:45 PM OK avp.exe\browcli.dll 
1/18/2012 9:32:45 PM OK avp.exe\propsys.dll 
1/18/2012 9:32:45 PM OK avp.exe\cscapi.dll 
1/18/2012 9:32:45 PM OK avp.exe\cryptbase.dll 
1/18/2012 9:32:45 PM OK avp.exe\sspicli.dll 
1/18/2012 9:32:45 PM OK avp.exe\shell32.dll 
1/18/2012 9:32:45 PM OK avp.exe\urlmon.dll 
1/18/2012 9:32:45 PM OK avp.exe\usp10.dll 
1/18/2012 9:32:45 PM OK avp.exe\user32.dll 
1/18/2012 9:32:45 PM OK avp.exe\nsi.dll 
1/18/2012 9:32:45 PM OK avp.exe\msvcrt.dll 
1/18/2012 9:32:45 PM OK avp.exe\KernelBase.dll 
1/18/2012 9:32:45 PM OK avp.exe\imm32.dll 
1/18/2012 9:32:45 PM OK avp.exe\oleaut32.dll 
1/18/2012 9:32:45 PM OK avp.exe\ws2_32.dll 
1/18/2012 9:32:45 PM OK avp.exe\wininet.dll 
1/18/2012 9:32:45 PM OK avp.exe\ole32.dll 
1/18/2012 9:32:45 PM OK avp.exe\shlwapi.dll 
1/18/2012 9:32:45 PM OK avp.exe\setupapi.dll 
1/18/2012 9:32:45 PM OK avp.exe\lpk.dll 
1/18/2012 9:32:45 PM OK avp.exe\advapi32.dll 
1/18/2012 9:32:45 PM OK avp.exe\rpcrt4.dll 
1/18/2012 9:32:45 PM OK avp.exe\crypt32.dll 
1/18/2012 9:32:45 PM OK avp.exe\devobj.dll 
1/18/2012 9:32:45 PM OK avp.exe\cfgmgr32.dll 
1/18/2012 9:32:45 PM OK avp.exe\sechost.dll 
1/18/2012 9:32:45 PM OK avp.exe\comdlg32.dll 
1/18/2012 9:32:45 PM OK avp.exe\msctf.dll 
1/18/2012 9:32:45 PM OK avp.exe\iertutil.dll 
1/18/2012 9:32:45 PM OK avp.exe\psapi.dll 
1/18/2012 9:32:45 PM OK avp.exe\Wldap32.dll 
1/18/2012 9:32:45 PM OK avp.exe\gdi32.dll 
1/18/2012 9:32:45 PM OK avp.exe\kernel32.dll 
1/18/2012 9:32:45 PM OK avp.exe\wintrust.dll 
1/18/2012 9:32:45 PM OK avp.exe\ntdll.dll 
1/18/2012 9:32:45 PM OK avp.exe\msasn1.dll 
1/18/2012 9:32:45 PM OK avp.exe\ntdll.dll 
1/18/2012 9:32:45 PM OK C:\Windows\SysWOW64\wtsapi32.dll 
1/18/2012 9:32:46 PM OK jusched.exe\apisetschema.dll 
1/18/2012 9:32:46 PM OK jusched.exe\jusched.exe 
1/18/2012 9:32:46 PM OK jusched.exe\ntmarta.dll 
1/18/2012 9:32:46 PM OK jusched.exe\uxtheme.dll 
1/18/2012 9:32:46 PM OK jusched.exe\SensApi.dll 
1/18/2012 9:32:46 PM OK jusched.exe\comctl32.dll 
1/18/2012 9:32:46 PM OK jusched.exe\rasman.dll 
1/18/2012 9:32:46 PM OK jusched.exe\rasapi32.dll 
1/18/2012 9:32:46 PM OK jusched.exe\FWPUCLNT.DLL 
1/18/2012 9:32:46 PM OK jusched.exe\rasadhlp.dll 
1/18/2012 9:32:46 PM OK jusched.exe\dnsapi.dll 
1/18/2012 9:32:46 PM OK jusched.exe\WLIDNSP.DLL 
1/18/2012 9:32:46 PM OK jusched.exe\nlaapi.dll 
1/18/2012 9:32:46 PM OK jusched.exe\wship6.dll 
1/18/2012 9:32:46 PM OK jusched.exe\WSHTCPIP.DLL 
1/18/2012 9:32:46 PM OK jusched.exe\mswsock.dll 
1/18/2012 9:32:46 PM OK jusched.exe\winnsi.dll 
1/18/2012 9:32:46 PM OK jusched.exe\IPHLPAPI.DLL 
1/18/2012 9:32:46 PM OK jusched.exe\profapi.dll 
1/18/2012 9:32:46 PM OK jusched.exe\apphelp.dll 
1/18/2012 9:32:46 PM OK jusched.exe\version.dll 
1/18/2012 9:32:46 PM OK jusched.exe\wow64cpu.dll 
1/18/2012 9:32:46 PM OK jusched.exe\wow64win.dll 
1/18/2012 9:32:46 PM OK jusched.exe\wow64.dll 
1/18/2012 9:32:46 PM OK jusched.exe\rtutils.dll 
1/18/2012 9:32:46 PM OK jusched.exe\cryptbase.dll 
1/18/2012 9:32:46 PM OK jusched.exe\sspicli.dll 
1/18/2012 9:32:46 PM OK jusched.exe\shell32.dll 
1/18/2012 9:32:46 PM OK jusched.exe\urlmon.dll 
1/18/2012 9:32:46 PM OK jusched.exe\usp10.dll 
1/18/2012 9:32:46 PM OK jusched.exe\user32.dll 
1/18/2012 9:32:46 PM OK jusched.exe\nsi.dll 
1/18/2012 9:32:46 PM OK jusched.exe\msvcrt.dll 
1/18/2012 9:32:46 PM OK jusched.exe\KernelBase.dll 
1/18/2012 9:32:46 PM OK jusched.exe\imm32.dll 
1/18/2012 9:32:46 PM OK jusched.exe\oleaut32.dll 
1/18/2012 9:32:46 PM OK jusched.exe\ws2_32.dll 
1/18/2012 9:32:46 PM OK jusched.exe\wininet.dll 
1/18/2012 9:32:46 PM OK jusched.exe\ole32.dll 
1/18/2012 9:32:46 PM OK jusched.exe\shlwapi.dll 
1/18/2012 9:32:46 PM OK jusched.exe\lpk.dll 
1/18/2012 9:32:46 PM OK jusched.exe\advapi32.dll 
1/18/2012 9:32:46 PM OK jusched.exe\rpcrt4.dll 
1/18/2012 9:32:46 PM OK jusched.exe\crypt32.dll 
1/18/2012 9:32:46 PM OK jusched.exe\sechost.dll 
1/18/2012 9:32:46 PM OK jusched.exe\msctf.dll 
1/18/2012 9:32:46 PM OK jusched.exe\iertutil.dll 
1/18/2012 9:32:46 PM OK jusched.exe\psapi.dll 
1/18/2012 9:32:46 PM OK jusched.exe\Wldap32.dll 
1/18/2012 9:32:46 PM OK jusched.exe\gdi32.dll 
1/18/2012 9:32:46 PM OK jusched.exe\kernel32.dll 
1/18/2012 9:32:46 PM OK jusched.exe\ntdll.dll 
1/18/2012 9:32:46 PM OK jusched.exe\msasn1.dll 
1/18/2012 9:32:46 PM OK jusched.exe\ntdll.dll 
1/18/2012 9:32:46 PM OK C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe/# 
1/18/2012 9:32:46 PM OK C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 
1/18/2012 9:32:46 PM OK mbamgui.exe\apisetschema.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\mbamgui.exe 
1/18/2012 9:32:46 PM OK mbamgui.exe\FLVSrvLib.dll Object was not changed (iChecker) 
1/18/2012 9:32:46 PM OK mbamgui.exe\mbamnet.dll 
1/18/2012 9:32:46 PM OK C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe 
1/18/2012 9:32:46 PM OK mbamgui.exe\mbam.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\dwmapi.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\uxtheme.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\comctl32.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\winnsi.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\IPHLPAPI.DLL 
1/18/2012 9:32:46 PM OK mbamgui.exe\rsaenh.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\cryptsp.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\profapi.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\wtsapi32.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\version.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\wow64cpu.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\wow64win.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\wow64.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\msvcr90.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\cryptbase.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\sspicli.dll 
1/18/2012 9:32:46 PM  OK mbamgui.exe\shell32.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\usp10.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\user32.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\nsi.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\msvcrt.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\KernelBase.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\imm32.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\ws2_32.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\ole32.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\shlwapi.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\lpk.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\advapi32.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\rpcrt4.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\crypt32.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\sechost.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\msctf.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\gdi32.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\kernel32.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\ntdll.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\msasn1.dll 
1/18/2012 9:32:46 PM OK mbamgui.exe\ntdll.dll 
1/18/2012 9:32:46 PM OK C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll 
1/18/2012 9:32:46 PM OK C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\apisetschema.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\FLVSrvc.exe 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\FLVSrvLib.dll Object was not changed (iChecker) 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\dwmapi.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\uxtheme.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\wow64cpu.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\wow64win.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\wow64.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\msvcr90.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\cryptbase.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\sspicli.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\shell32.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\usp10.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\user32.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\msvcrt.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\KernelBase.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\imm32.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\ole32.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\shlwapi.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\lpk.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\advapi32.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\rpcrt4.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\sechost.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\msctf.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\gdi32.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\kernel32.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\ntdll.dll 
1/18/2012 9:32:46 PM OK FLVSrvc.exe\ntdll.dll 
1/18/2012 9:32:46 PM OK C:\Program Files (x86)\Freecorder\FLVSrvc.exe/data0000.res 
1/18/2012 9:32:46 PM OK C:\Program Files (x86)\Freecorder\FLVSrvc.exe 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\apisetschema.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\hpwuschd2.exe 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\FLVSrvLib.dll Object was not changed (iChecker) 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\dwmapi.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\uxtheme.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\wow64cpu.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\wow64win.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\wow64.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\msvcr90.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\cryptbase.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\sspicli.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\shell32.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\usp10.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\user32.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\msvcrt.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\KernelBase.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\imm32.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\shlwapi.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\lpk.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\advapi32.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\rpcrt4.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\sechost.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\msctf.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\gdi32.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\kernel32.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\ntdll.dll 
1/18/2012 9:32:46 PM OK hpwuschd2.exe\ntdll.dll 
1/18/2012 9:32:46 PM OK C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\apisetschema.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\HP_Remote_Solution.exe 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\FLVSrvLib.dll Object was not changed (iChecker) 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\dwmapi.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\uxtheme.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\comctl32.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\winmm.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\comctl32.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\version.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\wow64cpu.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\wow64win.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\wow64.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\msvcr90.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\hid.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\cryptbase.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\sspicli.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\shell32.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\usp10.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\user32.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\msvcrt.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\KernelBase.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\imm32.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\oleaut32.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\ole32.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\shlwapi.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\setupapi.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\lpk.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\advapi32.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\rpcrt4.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\crypt32.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\devobj.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\cfgmgr32.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\sechost.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\msctf.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\gdi32.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\kernel32.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\wintrust.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\ntdll.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\msasn1.dll 
1/18/2012 9:32:46 PM OK HP_Remote_Solution.exe\ntdll.dll 
1/18/2012 9:32:46 PM OK C:\Windows\SysWOW64\hid.dll 
1/18/2012 9:32:46 PM OK C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll 
1/18/2012 9:32:46 PM OK C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\apisetschema.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\hpsysdrv.exe 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\FLVSrvLib.dll Object was not changed (iChecker) 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\dwmapi.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\uxtheme.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\wow64cpu.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\wow64win.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\wow64.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\msvcr90.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\cryptbase.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\sspicli.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\shell32.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\usp10.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\user32.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\msvcrt.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\KernelBase.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\imm32.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\shlwapi.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\lpk.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\advapi32.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\rpcrt4.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\sechost.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\msctf.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\gdi32.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\kernel32.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\ntdll.dll 
1/18/2012 9:32:46 PM OK hpsysdrv.exe\ntdll.dll 
1/18/2012 9:32:46 PM OK C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe 
1/18/2012 9:32:46 PM OK dpupdchk.exe\user32.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\kernel32.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\ntdll.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\psapi.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\normaliz.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\dpupdchk.exe 
1/18/2012 9:32:46 PM OK dpupdchk.exe\msi.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\rasadhlp.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\WLIDNSP.DLL 
1/18/2012 9:32:46 PM OK dpupdchk.exe\SensApi.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\FWPUCLNT.DLL 
1/18/2012 9:32:46 PM OK dpupdchk.exe\winnsi.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\IPHLPAPI.DLL 
1/18/2012 9:32:46 PM OK dpupdchk.exe\nlaapi.dll 
1/18/2012 9:32:46 PM  OK dpupdchk.exe\ntmarta.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\rtutils.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\rasman.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\rasapi32.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\uxtheme.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\comctl32.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\version.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\WSHTCPIP.DLL 
1/18/2012 9:32:46 PM OK dpupdchk.exe\rsaenh.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\dnsapi.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\wship6.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\mswsock.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\cryptsp.dll 
1/18/2012 9:32:46 PM OK C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe 
1/18/2012 9:32:46 PM OK dpupdchk.exe\sspicli.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\cryptbase.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\profapi.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\msasn1.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\KernelBase.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\crypt32.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\wintrust.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\iertutil.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\advapi32.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\usp10.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\nsi.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\urlmon.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\ws2_32.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\imm32.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\sechost.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\shlwapi.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\gdi32.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\ole32.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\rpcrt4.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\Wldap32.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\lpk.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\msvcrt.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\oleaut32.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\msctf.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\wininet.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\shell32.dll 
1/18/2012 9:32:46 PM OK dpupdchk.exe\apisetschema.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\apisetschema.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\GoogleToolbarNotifier.exe 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\FLVSrvLib.dll Object was not changed (iChecker) 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\ntmarta.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\dwmapi.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\uxtheme.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\SensApi.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\bcryptprimitives.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\bcrypt.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\ncrypt.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\comctl32.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\rasman.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\rasapi32.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\FWPUCLNT.DLL 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\rasadhlp.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\dnsapi.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\WLIDNSP.DLL 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\nlaapi.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\wship6.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\WSHTCPIP.DLL 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\mswsock.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\winnsi.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\IPHLPAPI.DLL 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\RpcRtRemote.dll 
1/18/2012 9:32:47 PM OK C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\rsaenh.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\cryptsp.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\profapi.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\version.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\wow64cpu.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\wow64win.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\wow64.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\msvcr90.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\swg.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\sxs.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\gtn.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\rtutils.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\cryptbase.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\sspicli.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\shell32.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\urlmon.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\usp10.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\user32.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\nsi.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\msvcrt.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\KernelBase.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\imm32.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\oleaut32.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\ws2_32.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\wininet.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\ole32.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\shlwapi.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\setupapi.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\lpk.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\imagehlp.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\advapi32.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\rpcrt4.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\crypt32.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\devobj.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\cfgmgr32.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\sechost.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\normaliz.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\msctf.dll 
1/18/2012 9:32:47 PM OK C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\gtn.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\iertutil.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\psapi.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\Wldap32.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\gdi32.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\kernel32.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\clbcatq.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\wintrust.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\ntdll.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\msasn1.dll 
1/18/2012 9:32:47 PM OK GoogleToolbarNotifier.exe\ntdll.dll 
1/18/2012 9:32:47 PM OK C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll/data0000.res 
1/18/2012 9:32:47 PM OK C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\user32.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\kernel32.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\ntdll.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\psapi.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\ipoint.exe 
1/18/2012 9:32:47 PM OK ipoint.exe\dpgcmd.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\DPGHnt.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\dpgmkb.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\SQMAPI.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\msi.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\rasadhlp.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\WLIDNSP.DLL 
1/18/2012 9:32:47 PM OK ipoint.exe\msxml3.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\webio.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\winhttp.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\wsock32.dll 
1/18/2012 9:32:47 PM OK C:\Program Files\Microsoft IntelliPoint\Components\Commands\DPGHnt\DPGHnt.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\msxml6.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\oleacc.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\dhcpcsvc6.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\dhcpcsvc.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\FWPUCLNT.DLL 
1/18/2012 9:32:47 PM OK ipoint.exe\winmm.dll 
1/18/2012 9:32:47 PM OK C:\Program Files\Microsoft IntelliPoint\dpgcmd.dll 
1/18/2012 9:32:47 PM OK C:\Program Files\Microsoft IntelliPoint\ipoint.exe 
1/18/2012 9:32:47 PM OK ipoint.exe\winnsi.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\IPHLPAPI.DLL 
1/18/2012 9:32:47 PM OK ipoint.exe\ntmarta.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\dwmapi.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\hid.dll 
1/18/2012 9:32:47 PM OK C:\Program Files\Microsoft IntelliPoint\dpgmkb.dll 
1/18/2012 9:32:47 PM OK C:\Program Files\Microsoft IntelliPoint\SQMAPI.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\uxtheme.dll 
1/18/2012 9:32:47 PM OK C:\Windows\System32\wsock32.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\comctl32.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\propsys.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\msimg32.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\version.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\wtsapi32.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\WSHTCPIP.DLL 
1/18/2012 9:32:47 PM OK ipoint.exe\gpapi.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\userenv.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\credssp.dll 
1/18/2012 9:32:47 PM OK C:\Windows\System32\winmm.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\bcryptprimitives.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\winsta.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\rsaenh.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\schannel.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\dnsapi.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\wship6.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\mswsock.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\cryptsp.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\bcrypt.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\ncrypt.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\secur32.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\sspicli.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\apphelp.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\cryptbase.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\profapi.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\msasn1.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\KernelBase.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\crypt32.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\wintrust.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\cfgmgr32.dll 
1/18/2012 9:32:47 PM OK C:\Windows\System32\hid.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\devobj.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\iertutil.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\advapi32.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\usp10.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\nsi.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\comdlg32.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\urlmon.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\ws2_32.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\imm32.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\sechost.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\setupapi.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\shlwapi.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\gdi32.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\ole32.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\clbcatq.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\rpcrt4.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\Wldap32.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\lpk.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\msvcrt.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\oleaut32.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\msctf.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\wininet.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\shell32.dll 
1/18/2012 9:32:47 PM OK ipoint.exe\apisetschema.dll 
1/18/2012 9:32:47 PM OK C:\Windows\System32\comdlg32.dll 
1/18/2012 9:32:47 PM OK itype.exe\user32.dll 
1/18/2012 9:32:47 PM OK itype.exe\kernel32.dll 
1/18/2012 9:32:47 PM OK itype.exe\ntdll.dll 
1/18/2012 9:32:47 PM OK itype.exe\psapi.dll 
1/18/2012 9:32:47 PM OK itype.exe\itype.exe 
1/18/2012 9:32:47 PM OK itype.exe\DPGHnt.dll 
1/18/2012 9:32:47 PM OK itype.exe\ieframe.dll 
1/18/2012 9:32:47 PM OK itype.exe\msi.dll 
1/18/2012 9:32:47 PM OK itype.exe\dpgcmd.dll 
1/18/2012 9:32:47 PM OK itype.exe\dpgmkb.dll 
1/18/2012 9:32:47 PM OK itype.exe\SQMAPI.dll 
1/18/2012 9:32:47 PM OK C:\Program Files\Microsoft IntelliType Pro\Components\Commands\DPGHnt\DPGHnt.dll 
1/18/2012 9:32:47 PM OK itype.exe\rasadhlp.dll 
1/18/2012 9:32:47 PM  OK itype.exe\WLIDNSP.DLL 
1/18/2012 9:32:47 PM OK itype.exe\msxml3.dll 
1/18/2012 9:32:47 PM OK itype.exe\webio.dll 
1/18/2012 9:32:47 PM OK itype.exe\winhttp.dll 
1/18/2012 9:32:47 PM OK itype.exe\wsock32.dll 
1/18/2012 9:32:47 PM OK itype.exe\msxml6.dll 
1/18/2012 9:32:47 PM OK itype.exe\oleacc.dll 
1/18/2012 9:32:47 PM OK itype.exe\AudioSes.dll 
1/18/2012 9:32:47 PM OK C:\Program Files\Microsoft IntelliType Pro\itype.exe 
1/18/2012 9:32:47 PM OK itype.exe\dhcpcsvc6.dll 
1/18/2012 9:32:47 PM OK itype.exe\dhcpcsvc.dll 
1/18/2012 9:32:47 PM OK itype.exe\FWPUCLNT.DLL 
1/18/2012 9:32:47 PM OK itype.exe\winmm.dll 
1/18/2012 9:32:47 PM OK itype.exe\winnsi.dll 
1/18/2012 9:32:47 PM OK itype.exe\IPHLPAPI.DLL 
1/18/2012 9:32:47 PM OK itype.exe\ntmarta.dll 
1/18/2012 9:32:47 PM OK itype.exe\dwmapi.dll 
1/18/2012 9:32:47 PM OK itype.exe\hid.dll 
1/18/2012 9:32:47 PM OK itype.exe\uxtheme.dll 
1/18/2012 9:32:47 PM OK itype.exe\comctl32.dll 
1/18/2012 9:32:47 PM OK itype.exe\propsys.dll 
1/18/2012 9:32:47 PM OK itype.exe\MMDevAPI.dll 
1/18/2012 9:32:47 PM OK itype.exe\msimg32.dll 
1/18/2012 9:32:47 PM OK itype.exe\version.dll 
1/18/2012 9:32:47 PM OK itype.exe\wtsapi32.dll 
1/18/2012 9:32:47 PM OK itype.exe\WSHTCPIP.DLL 
1/18/2012 9:32:47 PM OK itype.exe\gpapi.dll 
1/18/2012 9:32:47 PM OK itype.exe\userenv.dll 
1/18/2012 9:32:47 PM OK itype.exe\credssp.dll 
1/18/2012 9:32:47 PM OK itype.exe\bcryptprimitives.dll 
1/18/2012 9:32:47 PM OK itype.exe\winsta.dll 
1/18/2012 9:32:47 PM OK itype.exe\rsaenh.dll 
1/18/2012 9:32:47 PM OK itype.exe\schannel.dll 
1/18/2012 9:32:47 PM OK itype.exe\dnsapi.dll 
1/18/2012 9:32:47 PM OK itype.exe\wship6.dll 
1/18/2012 9:32:47 PM OK itype.exe\mswsock.dll 
1/18/2012 9:32:47 PM OK itype.exe\cryptsp.dll 
1/18/2012 9:32:47 PM OK itype.exe\bcrypt.dll 
1/18/2012 9:32:47 PM OK itype.exe\ncrypt.dll 
1/18/2012 9:32:47 PM OK itype.exe\secur32.dll 
1/18/2012 9:32:47 PM OK itype.exe\sspicli.dll 
1/18/2012 9:32:47 PM OK itype.exe\apphelp.dll 
1/18/2012 9:32:47 PM OK itype.exe\cryptbase.dll 
1/18/2012 9:32:47 PM OK itype.exe\profapi.dll 
1/18/2012 9:32:47 PM OK itype.exe\msasn1.dll 
1/18/2012 9:32:47 PM OK itype.exe\KernelBase.dll 
1/18/2012 9:32:47 PM OK itype.exe\crypt32.dll 
1/18/2012 9:32:47 PM OK itype.exe\wintrust.dll 
1/18/2012 9:32:47 PM OK itype.exe\cfgmgr32.dll 
1/18/2012 9:32:47 PM OK itype.exe\devobj.dll 
1/18/2012 9:32:47 PM OK itype.exe\iertutil.dll 
1/18/2012 9:32:47 PM OK itype.exe\advapi32.dll 
1/18/2012 9:32:47 PM OK itype.exe\usp10.dll 
1/18/2012 9:32:47 PM OK itype.exe\nsi.dll 
1/18/2012 9:32:47 PM OK itype.exe\comdlg32.dll 
1/18/2012 9:32:47 PM OK itype.exe\urlmon.dll 
1/18/2012 9:32:47 PM OK itype.exe\ws2_32.dll 
1/18/2012 9:32:47 PM OK itype.exe\imm32.dll 
1/18/2012 9:32:47 PM OK itype.exe\sechost.dll 
1/18/2012 9:32:47 PM OK itype.exe\setupapi.dll 
1/18/2012 9:32:47 PM OK itype.exe\shlwapi.dll 
1/18/2012 9:32:47 PM OK itype.exe\gdi32.dll 
1/18/2012 9:32:47 PM OK itype.exe\ole32.dll 
1/18/2012 9:32:47 PM OK itype.exe\clbcatq.dll 
1/18/2012 9:32:47 PM OK itype.exe\rpcrt4.dll 
1/18/2012 9:32:47 PM OK itype.exe\Wldap32.dll 
1/18/2012 9:32:47 PM OK itype.exe\lpk.dll 
1/18/2012 9:32:47 PM OK itype.exe\msvcrt.dll 
1/18/2012 9:32:47 PM OK itype.exe\oleaut32.dll 
1/18/2012 9:32:47 PM OK itype.exe\msctf.dll 
1/18/2012 9:32:47 PM OK itype.exe\wininet.dll 
1/18/2012 9:32:47 PM OK itype.exe\shell32.dll 
1/18/2012 9:32:47 PM OK itype.exe\apisetschema.dll 
1/18/2012 9:32:47 PM OK C:\Program Files\Microsoft IntelliType Pro\dpgcmd.dll 
1/18/2012 9:32:47 PM OK C:\Program Files\Microsoft IntelliType Pro\dpgmkb.dll 
1/18/2012 9:32:47 PM OK C:\Program Files\Microsoft IntelliType Pro\SQMAPI.dll Object was not changed (iChecker) 
1/18/2012 9:32:47 PM OK C:\Windows\System32\AudioSes.dll 
1/18/2012 9:32:47 PM OK C:\Windows\System32\MMDevAPI.dll 
1/18/2012 9:32:47 PM OK C:\Windows\System32\ieframe.dll 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\BJMYRES.DLL 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\BJMYPRT.EXE 
1/18/2012 9:32:47 PM OK C:\Program Files\Canon\MyPrinter\BJMYRES.DLL 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\CNMPU.DLL 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\user32.dll 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\kernel32.dll 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\ntdll.dll 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\comctl32.dll 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\winspool.drv 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\dwmapi.dll 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\uxtheme.dll 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\version.dll 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\profapi.dll 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\KernelBase.dll 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\advapi32.dll 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\usp10.dll 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\imm32.dll 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\sechost.dll 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\shlwapi.dll 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\gdi32.dll 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\ole32.dll 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\rpcrt4.dll 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\lpk.dll 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\msvcrt.dll 
1/18/2012 9:32:47 PM OK C:\Program Files\Canon\MyPrinter\CNMPU.DLL 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\oleaut32.dll 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\msctf.dll 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\shell32.dll 
1/18/2012 9:32:47 PM OK BJMYPRT.EXE\apisetschema.dll 
1/18/2012 9:32:47 PM OK C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE 
1/18/2012 9:32:48 PM OK PrintDisp.exe\apisetschema.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\PrintDisp.exe 
1/18/2012 9:32:48 PM OK PrintDisp.exe\FLVSrvLib.dll Object was not changed (iChecker) 
1/18/2012 9:32:48 PM OK PrintDisp.exe\dwmapi.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\uxtheme.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\comctl32.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\wsock32.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\winspool.drv 
1/18/2012 9:32:48 PM OK PrintDisp.exe\comctl32.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\version.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\wow64cpu.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\wow64win.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\wow64.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\msvcr90.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\cryptbase.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\sspicli.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\shell32.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\usp10.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\user32.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\nsi.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\msvcrt.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\KernelBase.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\imm32.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\oleaut32.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\ws2_32.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\ole32.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\shlwapi.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\lpk.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\advapi32.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\rpcrt4.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\sechost.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\msctf.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\gdi32.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\kernel32.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\ntdll.dll 
1/18/2012 9:32:48 PM OK PrintDisp.exe\ntdll.dll 
1/18/2012 9:32:49 PM OK C:\Windows\System32\PrintDisp.exe 
1/18/2012 9:32:49 PM OK SmartMenu.exe\msvcr90.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\msvcp90.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\user32.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\kernel32.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\ntdll.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\psapi.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\SmartMenu.exe 
1/18/2012 9:32:49 PM OK SmartMenu.exe\d3d10warp.dll 
1/18/2012 9:32:49 PM OK C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll 
1/18/2012 9:32:49 PM OK C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe 
1/18/2012 9:32:49 PM OK C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\DWrite.dll 
1/18/2012 9:32:49 PM OK C:\Windows\System32\d3d10warp.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\d2d1.dll 
1/18/2012 9:32:49 PM OK C:\Windows\System32\DWrite.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\gameux.dll 
1/18/2012 9:32:49 PM OK C:\Windows\System32\d2d1.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\dxgi.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\cscapi.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\wer.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\linkinfo.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\msxml6.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\AudioSes.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\winmm.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\slc.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\ntmarta.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\UIAnimation.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\shdocvw.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\WindowsCodecs.dll 
1/18/2012 9:32:49 PM OK C:\Windows\System32\dxgi.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\xmllite.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\dwmapi.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\ntshrui.dll 
1/18/2012 9:32:49 PM OK C:\Windows\System32\UIAnimation.dll 
1/18/2012 9:32:49 PM OK SmartMenu.exe\GdiPlus.dll 
1/18/2012 9:32:50 PM OK C:\Windows\System32\shdocvw.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\uxtheme.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\comctl32.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\propsys.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\MMDevAPI.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\d3d10_1core.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\d3d10_1.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\version.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\rsaenh.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\cryptsp.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\srvcli.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\apphelp.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\cryptbase.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\profapi.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\msasn1.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\KernelBase.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\crypt32.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\wintrust.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\cfgmgr32.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\devobj.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\advapi32.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\usp10.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\imm32.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\sechost.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\setupapi.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\shlwapi.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\gdi32.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\ole32.dll  
1/18/2012 9:32:50 PM OK SmartMenu.exe\clbcatq.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\rpcrt4.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\Wldap32.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\lpk.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\msvcrt.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\oleaut32.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\msctf.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\shell32.dll 
1/18/2012 9:32:50 PM OK SmartMenu.exe\apisetschema.dll 
1/18/2012 9:32:50 PM OK C:\Windows\System32\ntshrui.dll 
1/18/2012 9:32:50 PM OK C:\Windows\System32\WindowsCodecs.dll 
1/18/2012 9:32:50 PM OK C:\Windows\System32\gameux.dll 
1/18/2012 9:32:50 PM OK C:\Windows\System32\d3d10_1core.dll 
1/18/2012 9:32:50 PM OK C:\Windows\System32\d3d10_1.dll 
1/18/2012 9:32:50 PM OK C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_2b24536c71ed437a\GdiPlus.dll 
1/18/2012 9:32:50 PM OK explorer.exe\ElbyVCDShell.dll 
1/18/2012 9:32:50 PM OK explorer.exe\ExplorerExt_x64.dll 
1/18/2012 9:32:50 PM OK explorer.exe\misosh64.dll 
1/18/2012 9:32:50 PM OK C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll 
1/18/2012 9:32:50 PM OK C:\Program Files\Smart PDF Converter\ExplorerExt_x64.dll 
1/18/2012 9:32:50 PM OK explorer.exe\AdobeDriveCS4_NP.dll 
1/18/2012 9:32:50 PM OK C:\Program Files (x86)\MagicISO\misosh64.dll 
1/18/2012 9:32:50 PM OK explorer.exe\ShellExtensionX64.dll 
1/18/2012 9:32:50 PM OK explorer.exe\atiamenu.dll 
1/18/2012 9:32:50 PM OK C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll 
1/18/2012 9:32:50 PM OK C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll 
1/18/2012 9:32:50 PM OK explorer.exe\prLoader.dll 
1/18/2012 9:32:50 PM OK explorer.exe\HPSFTaskbar.dll 
1/18/2012 9:32:50 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\prLoader.dll 
1/18/2012 9:32:50 PM OK explorer.exe\BIB.dll 
1/18/2012 9:32:50 PM OK C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFTaskbar.dll 
1/18/2012 9:32:50 PM OK explorer.exe\ContextMenu64.dll 
1/18/2012 9:32:50 PM OK C:\Program Files\Common Files\Adobe\Adobe Drive CS4\BIB.dll 
1/18/2012 9:32:50 PM OK explorer.exe\atiacm64.dll 
1/18/2012 9:32:50 PM OK C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu64.dll 
1/18/2012 9:32:50 PM OK explorer.exe\DragExt64.dll 
1/18/2012 9:32:50 PM OK C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll 
1/18/2012 9:32:50 PM OK explorer.exe\ADFSMenu.dll 
1/18/2012 9:32:50 PM OK C:\Program Files (x86)\WinSCP\DragExt64.dll 
1/18/2012 9:32:50 PM OK explorer.exe\msxml5.dll 
1/18/2012 9:32:50 PM OK C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll 
1/18/2012 9:32:50 PM OK explorer.exe\VersionCue.dll 
1/18/2012 9:32:50 PM OK C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll 
1/18/2012 9:32:50 PM OK explorer.exe\NlsLexicons0009.dll 
1/18/2012 9:32:50 PM OK explorer.exe\prremote.dll 
1/18/2012 9:32:50 PM OK C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Client\4.0.0\VersionCue.dll 
1/18/2012 9:32:50 PM OK explorer.exe\mfc90.dll 
1/18/2012 9:32:50 PM OK explorer.exe\msvcr80.dll  
1/18/2012 9:32:50 PM OK explorer.exe\sfc.dll 
1/18/2012 9:32:50 PM OK explorer.exe\FXSRESM.dll 
1/18/2012 9:32:50 PM OK explorer.exe\MSOHEVI.DLL 
1/18/2012 9:32:50 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\prremote.dll 
1/18/2012 9:32:50 PM OK explorer.exe\msvcr90.dll 
1/18/2012 9:32:50 PM OK explorer.exe\msvcp90.dll 
1/18/2012 9:32:50 PM OK explorer.exe\msvcp80.dll 
1/18/2012 9:32:50 PM OK explorer.exe\INETRES.dll 
1/18/2012 9:32:50 PM OK C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL 
1/18/2012 9:32:51 PM OK explorer.exe\MFC90ENU.DLL 
1/18/2012 9:32:51 PM OK explorer.exe\ksuser.dll 
1/18/2012 9:32:51 PM OK explorer.exe\user32.dll 
1/18/2012 9:32:51 PM OK explorer.exe\kernel32.dll 
1/18/2012 9:32:51 PM OK explorer.exe\ntdll.dll 
1/18/2012 9:32:51 PM OK explorer.exe\psapi.dll 
1/18/2012 9:32:51 PM OK explorer.exe\normaliz.dll 
1/18/2012 9:32:51 PM OK explorer.exe\explorer.exe 
1/18/2012 9:32:51 PM OK C:\Windows\System32\NlsLexicons0009.dll 
1/18/2012 9:32:51 PM OK C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll 
1/18/2012 9:32:51 PM OK C:\Windows\System32\INETRES.dll 
1/18/2012 9:32:51 PM OK explorer.exe\ShellEx.dll 
1/18/2012 9:32:51 PM OK C:\Windows\System32\ksuser.dll 
1/18/2012 9:32:51 PM OK C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL 
1/18/2012 9:32:51 PM OK C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90.dll 
1/18/2012 9:32:51 PM OK explorer.exe\Culture.dll 
1/18/2012 9:32:51 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\ShellEx.dll 
1/18/2012 9:32:51 PM OK C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll 
1/18/2012 9:32:51 PM OK explorer.exe\shfusion.dll 
1/18/2012 9:32:51 PM OK explorer.exe\msoert2.dll 
1/18/2012 9:32:51 PM OK C:\Windows\Microsoft.NET\Framework64\v2.0.50727\shfusion.dll 
1/18/2012 9:32:51 PM OK C:\Windows\explorer.exe 
1/18/2012 9:32:51 PM OK explorer.exe\inetcomm.dll 
1/18/2012 9:32:51 PM OK C:\Windows\System32\msoert2.dll 
1/18/2012 9:32:51 PM OK explorer.exe\mf.dll 
1/18/2012 9:32:51 PM OK C:\Windows\System32\inetcomm.dll 
1/18/2012 9:32:51 PM OK explorer.exe\NlsData0000.dll 
1/18/2012 9:32:51 PM OK C:\Windows\System32\mf.dll 
1/18/2012 9:32:51 PM OK explorer.exe\NlsData0009.dll 
1/18/2012 9:32:51 PM OK explorer.exe\printui.dll 
1/18/2012 9:32:51 PM OK C:\Windows\System32\NlsData0000.dll 
1/18/2012 9:32:51 PM OK C:\Windows\System32\NlsData0009.dll 
1/18/2012 9:32:51 PM OK explorer.exe\WindowsCodecsExt.dll 
1/18/2012 9:32:51 PM OK C:\Windows\System32\printui.dll 
1/18/2012 9:32:51 PM OK explorer.exe\msvcp60.dll 
1/18/2012 9:32:51 PM OK C:\Windows\System32\WindowsCodecsExt.dll 
1/18/2012 9:32:51 PM OK explorer.exe\sqmapi.dll 
1/18/2012 9:32:51 PM OK C:\Windows\System32\msvcp60.dll 
1/18/2012 9:32:51 PM OK explorer.exe\NaturalLanguage6.dll 
1/18/2012 9:32:51 PM OK C:\Program Files\Windows Portable Devices\sqmapi.dll Object was not changed (iChecker) 
1/18/2012 9:32:51 PM OK explorer.exe\werconcpl.dll 
1/18/2012 9:32:51 PM OK explorer.exe\wscui.cpl 
1/18/2012 9:32:51 PM OK C:\Windows\System32\NaturalLanguage6.dll 
1/18/2012 9:32:51 PM OK explorer.exe\SearchFolder.dll 
1/18/2012 9:32:51 PM OK explorer.exe\FXSST.dll 
1/18/2012 9:32:51 PM OK explorer.exe\QAGENT.DLL 
1/18/2012 9:32:51 PM OK C:\Windows\System32\werconcpl.dll 
1/18/2012 9:32:51 PM OK explorer.exe\FXSAPI.dll 
1/18/2012 9:32:51 PM OK C:\Windows\System32\wscui.cpl 
1/18/2012 9:32:51 PM OK explorer.exe\WWanAPI.dll 
1/18/2012 9:32:51 PM OK C:\Windows\System32\SearchFolder.dll 
1/18/2012 9:32:51 PM OK explorer.exe\wlanapi.dll 
1/18/2012 9:32:51 PM OK explorer.exe\hgcpl.dll 
1/18/2012 9:32:51 PM OK C:\Windows\System32\QAGENT.DLL 
1/18/2012 9:32:51 PM OK explorer.exe\imapi2.dll 
1/18/2012 9:32:51 PM OK C:\Windows\System32\FXSAPI.dll 
1/18/2012 9:32:51 PM OK explorer.exe\bthprops.cpl 
1/18/2012 9:32:51 PM OK C:\Windows\System32\WWanAPI.dll 
1/18/2012 9:32:51 PM OK explorer.exe\SyncCenter.dll 
1/18/2012 9:32:51 PM OK C:\Windows\System32\wlanapi.dll 
1/18/2012 9:32:51 PM OK C:\Windows\System32\hgcpl.dll 
1/18/2012 9:32:51 PM OK C:\Windows\System32\FXSST.dll 
1/18/2012 9:32:51 PM OK explorer.exe\pnidui.dll 
1/18/2012 9:32:51 PM OK C:\Windows\System32\imapi2.dll 
1/18/2012 9:32:51 PM OK explorer.exe\ActionCenter.dll 
1/18/2012 9:32:51 PM OK explorer.exe\batmeter.dll 
1/18/2012 9:32:51 PM OK explorer.exe\mssprxy.dll 
1/18/2012 9:32:51 PM OK explorer.exe\srchadmin.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\bthprops.cpl 
1/18/2012 9:32:52 PM OK explorer.exe\stobject.dll 
1/18/2012 9:32:52 PM OK explorer.exe\ieframe.dll 
1/18/2012 9:32:52 PM OK explorer.exe\msi.dll 
1/18/2012 9:32:52 PM OK explorer.exe\PhotoBase.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\SyncCenter.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\ActionCenter.dll 
1/18/2012 9:32:52 PM OK explorer.exe\DXP.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\pnidui.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\mssprxy.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\srchadmin.dll 
1/18/2012 9:32:52 PM OK explorer.exe\prnfldr.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\stobject.dll 
1/18/2012 9:32:52 PM OK C:\Program Files\Windows Photo Viewer\PhotoBase.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\batmeter.dll 
1/18/2012 9:32:52 PM OK explorer.exe\gameux.dll 
1/18/2012 9:32:52 PM OK explorer.exe\cryptui.dll 
1/18/2012 9:32:52 PM OK explorer.exe\authui.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\DXP.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\prnfldr.dll 
1/18/2012 9:32:52 PM OK explorer.exe\msftedit.dll 
1/18/2012 9:32:52 PM OK explorer.exe\ExplorerFrame.dll 
1/18/2012 9:32:52 PM OK explorer.exe\QUTIL.DLL 
1/18/2012 9:32:52 PM OK explorer.exe\wwapi.dll 
1/18/2012 9:32:52 PM OK explorer.exe\framedynos.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\msftedit.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\cryptui.dll 
1/18/2012 9:32:52 PM OK explorer.exe\wscinterop.dll 
1/18/2012 9:32:52 PM OK explorer.exe\wercplsupport.dll 
1/18/2012 9:32:52 PM OK  explorer.exe\wscapi.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\QUTIL.DLL 
1/18/2012 9:32:52 PM OK explorer.exe\davclnt.dll 
1/18/2012 9:32:52 PM OK explorer.exe\ntlanman.dll 
1/18/2012 9:32:52 PM OK explorer.exe\mpr.dll 
1/18/2012 9:32:52 PM OK explorer.exe\networkexplorer.dll 
1/18/2012 9:32:52 PM OK explorer.exe\WcnApi.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\wwapi.dll 
1/18/2012 9:32:52 PM OK explorer.exe\EhStorAPI.dll 
1/18/2012 9:32:52 PM OK explorer.exe\puiobj.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\authui.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\framedynos.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\ExplorerFrame.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\wercplsupport.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\wscinterop.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\wscapi.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\EhStorAPI.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\WcnApi.dll 
1/18/2012 9:32:52 PM OK explorer.exe\prnntfy.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\puiobj.dll 
1/18/2012 9:32:52 PM OK explorer.exe\puiapi.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\prnntfy.dll 
1/18/2012 9:32:52 PM OK explorer.exe\provsvc.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\puiapi.dll 
1/18/2012 9:32:52 PM OK explorer.exe\syncui.dll 
1/18/2012 9:32:52 PM OK explorer.exe\zipfldr.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\provsvc.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\syncui.dll 
1/18/2012 9:32:52 PM OK explorer.exe\fdWCN.dll 
1/18/2012 9:32:52 PM OK explorer.exe\davhlpr.dll 
1/18/2012 9:32:52 PM OK explorer.exe\drprov.dll 
1/18/2012 9:32:52 PM OK explorer.exe\ieproxy.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\zipfldr.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\fdWCN.dll 
1/18/2012 9:32:52 PM OK explorer.exe\fdProxy.dll 
1/18/2012 9:32:52 PM OK C:\Program Files\Internet Explorer\ieproxy.dll 
1/18/2012 9:32:52 PM OK explorer.exe\mlang.dll 
1/18/2012 9:32:52 PM OK explorer.exe\browcli.dll 
1/18/2012 9:32:52 PM OK explorer.exe\sbdrop.dll 
1/18/2012 9:32:52 PM OK explorer.exe\netshell.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\fdProxy.dll 
1/18/2012 9:32:52 PM OK explorer.exe\PortableDeviceApi.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\mlang.dll 
1/18/2012 9:32:52 PM OK C:\Program Files\Windows Sidebar\sbdrop.dll 
1/18/2012 9:32:52 PM OK explorer.exe\networkitemfactory.dll 
1/18/2012 9:32:52 PM OK explorer.exe\fdWNet.dll 
1/18/2012 9:32:52 PM OK explorer.exe\synceng.dll 
1/18/2012 9:32:52 PM OK explorer.exe\twext.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\networkitemfactory.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\PortableDeviceApi.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\fdWNet.dll 
1/18/2012 9:32:52 PM OK explorer.exe\dtsh.dll 
1/18/2012 9:32:52 PM OK explorer.exe\acppage.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\synceng.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\twext.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\dtsh.dll 
1/18/2012 9:32:52 PM OK explorer.exe\rasadhlp.dll 
1/18/2012 9:32:52 PM OK explorer.exe\WLIDNSP.DLL 
1/18/2012 9:32:52 PM OK explorer.exe\hcproviders.dll 
1/18/2012 9:32:52 PM OK explorer.exe\npmproxy.dll 
1/18/2012 9:32:52 PM OK explorer.exe\cscapi.dll 
1/18/2012 9:32:52 PM OK explorer.exe\wbemsvc.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\acppage.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\hcproviders.dll 
1/18/2012 9:32:52 PM OK explorer.exe\wbemprox.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\npmproxy.dll 
1/18/2012 9:32:52 PM OK explorer.exe\ntdsapi.dll 
1/18/2012 9:32:52 PM OK explorer.exe\wer.dll 
1/18/2012 9:32:52 PM OK explorer.exe\fastprox.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\wbem\wbemsvc.dll 
1/18/2012 9:32:52 PM OK C:\Windows\System32\wbem\wbemprox.dll 
1/18/2012 9:32:52 PM OK explorer.exe\wbemcomn.dll 
1/18/2012 9:32:53 PM OK explorer.exe\mscoreei.dll 
1/18/2012 9:32:53 PM OK explorer.exe\mscoree.dll 
1/18/2012 9:32:53 PM OK explorer.exe\winspool.drv 
1/18/2012 9:32:53 PM OK explorer.exe\fundisc.dll 
1/18/2012 9:32:53 PM OK explorer.exe\linkinfo.dll 
1/18/2012 9:32:53 PM OK explorer.exe\sfc_os.dll 
1/18/2012 9:32:53 PM OK explorer.exe\msxml6.dll 
1/18/2012 9:32:53 PM OK explorer.exe\wlanutil.dll 
1/18/2012 9:32:53 PM OK explorer.exe\mfplat.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\ntdsapi.dll 
1/18/2012 9:32:53 PM OK explorer.exe\dfscli.dll 
1/18/2012 9:32:53 PM OK explorer.exe\mbamext.dll 
1/18/2012 9:32:53 PM OK explorer.exe\StructuredQuery.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\netshell.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\wlanutil.dll 
1/18/2012 9:32:53 PM OK explorer.exe\WZSHLS64.DLL 
1/18/2012 9:32:53 PM OK C:\Windows\System32\wbemcomn.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\wbem\fastprox.dll 
1/18/2012 9:32:53 PM OK explorer.exe\AltTab.dll 
1/18/2012 9:32:53 PM OK explorer.exe\oleacc.dll 
1/18/2012 9:32:53 PM OK explorer.exe\actxprxy.dll 
1/18/2012 9:32:53 PM OK explorer.exe\AudioSes.dll 
1/18/2012 9:32:53 PM OK explorer.exe\PortableDeviceTypes.dll 
1/18/2012 9:32:53 PM OK explorer.exe\dhcpcsvc6.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\dfscli.dll 
1/18/2012 9:32:53 PM OK explorer.exe\dhcpcsvc.dll 
1/18/2012 9:32:53 PM OK explorer.exe\FWPUCLNT.DLL 
1/18/2012 9:32:53 PM OK explorer.exe\winmm.dll 
1/18/2012 9:32:53 PM OK explorer.exe\winnsi.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\mfplat.dll 
1/18/2012 9:32:53 PM OK explorer.exe\IPHLPAPI.DLL 
1/18/2012 9:32:53 PM OK explorer.exe\slc.dll 
1/18/2012 9:32:53 PM OK explorer.exe\dsrole.dll 
1/18/2012 9:32:53 PM OK explorer.exe\es.dll 
1/18/2012 9:32:53 PM OK explorer.exe\atl.dll 
1/18/2012 9:32:53 PM OK explorer.exe\nlaapi.dll 
1/18/2012 9:32:53 PM OK explorer.exe\ntmarta.dll 
1/18/2012 9:32:53 PM OK explorer.exe\wdmaud.drv 
1/18/2012 9:32:53 PM OK C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll 
1/18/2012 9:32:53 PM OK explorer.exe\WPDShServiceObj.dll 
1/18/2012 9:32:53 PM OK C:\Program Files (x86)\WinZip\WZSHLS64.DLL 
1/18/2012 9:32:53 PM OK explorer.exe\tiptsf.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\AltTab.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\StructuredQuery.dll 
1/18/2012 9:32:53 PM OK explorer.exe\samcli.dll 
1/18/2012 9:32:53 PM OK explorer.exe\wkscli.dll 
1/18/2012 9:32:53 PM OK explorer.exe\netutils.dll 
1/18/2012 9:32:53 PM OK explorer.exe\ehSSO.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\PortableDeviceTypes.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\WPDShServiceObj.dll 
1/18/2012 9:32:53 PM OK explorer.exe\msacm32.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\wdmaud.drv 
1/18/2012 9:32:53 PM OK explorer.exe\thumbcache.dll 
1/18/2012 9:32:53 PM OK explorer.exe\msls31.dll 
1/18/2012 9:32:53 PM OK C:\Windows\ehome\ehSSO.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\msacm32.dll 
1/18/2012 9:32:53 PM OK C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll 
1/18/2012 9:32:53 PM OK explorer.exe\shdocvw.dll 
1/18/2012 9:32:53 PM OK explorer.exe\winbrand.dll 
1/18/2012 9:32:53 PM OK explorer.exe\WindowsCodecs.dll 
1/18/2012 9:32:53 PM OK explorer.exe\xmllite.dll 
1/18/2012 9:32:53 PM OK explorer.exe\dwmapi.dll 
1/18/2012 9:32:53 PM OK explorer.exe\hid.dll 
1/18/2012 9:32:53 PM OK explorer.exe\timedate.cpl 
1/18/2012 9:32:53 PM OK C:\Windows\System32\winbrand.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\thumbcache.dll 
1/18/2012 9:32:53 PM OK explorer.exe\SndVolSSO.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\msls31.dll 
1/18/2012 9:32:53 PM OK explorer.exe\ntshrui.dll 
1/18/2012 9:32:53 PM OK explorer.exe\EhStorShell.dll 
1/18/2012 9:32:53 PM OK explorer.exe\GdiPlus.dll 
1/18/2012 9:32:53 PM OK explorer.exe\uxtheme.dll 
1/18/2012 9:32:53 PM OK explorer.exe\samlib.dll 
1/18/2012 9:32:53 PM OK explorer.exe\midimap.dll 
1/18/2012 9:32:53 PM OK explorer.exe\Syncreg.dll 
1/18/2012 9:32:53 PM OK explorer.exe\comctl32.dll 
1/18/2012 9:32:53 PM OK explorer.exe\msacm32.drv 
1/18/2012 9:32:53 PM OK C:\Windows\System32\timedate.cpl 
1/18/2012 9:32:53 PM OK explorer.exe\dui70.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\SndVolSSO.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\EhStorShell.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\midimap.dll 
1/18/2012 9:32:53 PM OK explorer.exe\avrt.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\msacm32.drv 
1/18/2012 9:32:53 PM OK C:\Windows\System32\Syncreg.dll 
1/18/2012 9:32:53 PM OK explorer.exe\propsys.dll 
1/18/2012 9:32:53 PM OK explorer.exe\MMDevAPI.dll 
1/18/2012 9:32:53 PM OK explorer.exe\shacct.dll 
1/18/2012 9:32:53 PM OK explorer.exe\duser.dll 
1/18/2012 9:32:53 PM OK explorer.exe\msiltcfg.dll 
1/18/2012 9:32:53 PM OK explorer.exe\IconCodecService.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\avrt.dll 
1/18/2012 9:32:53 PM OK explorer.exe\msimg32.dll 
1/18/2012 9:32:53 PM OK explorer.exe\version.dll 
1/18/2012 9:32:53 PM OK explorer.exe\FirewallAPI.dll 
1/18/2012 9:32:53 PM OK explorer.exe\powrprof.dll 
1/18/2012 9:32:53 PM OK explorer.exe\wtsapi32.dll 
1/18/2012 9:32:53 PM OK explorer.exe\WSHTCPIP.DLL 
1/18/2012 9:32:53 PM OK explorer.exe\userenv.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\shacct.dll 
1/18/2012 9:32:53 PM OK explorer.exe\devrtl.dll 
1/18/2012 9:32:53 PM OK explorer.exe\winsta.dll 
1/18/2012 9:32:53 PM OK explorer.exe\rsaenh.dll 
1/18/2012 9:32:53 PM OK explorer.exe\dnsapi.dll 
1/18/2012 9:32:53 PM OK explorer.exe\wship6.dll 
1/18/2012 9:32:53 PM OK explorer.exe\mswsock.dll 
1/18/2012 9:32:53 PM OK explorer.exe\cryptsp.dll 
1/18/2012 9:32:53 PM OK explorer.exe\wevtapi.dll 
1/18/2012 9:32:53 PM OK explorer.exe\srvcli.dll 
1/18/2012 9:32:53 PM OK explorer.exe\secur32.dll 
1/18/2012 9:32:53 PM OK explorer.exe\sspicli.dll 
1/18/2012 9:32:53 PM OK explorer.exe\apphelp.dll 
1/18/2012 9:32:53 PM OK explorer.exe\cryptbase.dll 
1/18/2012 9:32:53 PM OK explorer.exe\sxs.dll 
1/18/2012 9:32:53 PM OK explorer.exe\RpcRtRemote.dll 
1/18/2012 9:32:53 PM OK explorer.exe\profapi.dll 
1/18/2012 9:32:53 PM OK explorer.exe\msasn1.dll 
1/18/2012 9:32:53 PM OK explorer.exe\KernelBase.dll 
1/18/2012 9:32:53 PM OK explorer.exe\crypt32.dll 
1/18/2012 9:32:53 PM OK explorer.exe\wintrust.dll 
1/18/2012 9:32:53 PM OK explorer.exe\cfgmgr32.dll 
1/18/2012 9:32:53 PM OK explorer.exe\devobj.dll 
1/18/2012 9:32:53 PM OK explorer.exe\iertutil.dll 
1/18/2012 9:32:53 PM OK explorer.exe\advapi32.dll 
1/18/2012 9:32:53 PM OK explorer.exe\usp10.dll 
1/18/2012 9:32:53 PM OK explorer.exe\nsi.dll 
1/18/2012 9:32:53 PM OK explorer.exe\comdlg32.dll 
1/18/2012 9:32:53 PM OK explorer.exe\urlmon.dll 
1/18/2012 9:32:53 PM OK explorer.exe\ws2_32.dll 
1/18/2012 9:32:53 PM OK explorer.exe\imm32.dll 
1/18/2012 9:32:53 PM OK explorer.exe\sechost.dll 
1/18/2012 9:32:53 PM OK explorer.exe\setupapi.dll 
1/18/2012 9:32:53 PM OK explorer.exe\shlwapi.dll 
1/18/2012 9:32:53 PM OK explorer.exe\gdi32.dll 
1/18/2012 9:32:53 PM OK explorer.exe\ole32.dll 
1/18/2012 9:32:53 PM OK explorer.exe\clbcatq.dll 
1/18/2012 9:32:53 PM OK explorer.exe\rpcrt4.dll 
1/18/2012 9:32:53 PM OK explorer.exe\Wldap32.dll 
1/18/2012 9:32:53 PM OK explorer.exe\lpk.dll 
1/18/2012 9:32:53 PM OK explorer.exe\msvcrt.dll 
1/18/2012 9:32:53 PM OK explorer.exe\oleaut32.dll 
1/18/2012 9:32:53 PM OK explorer.exe\msctf.dll 
1/18/2012 9:32:53 PM OK explorer.exe\wininet.dll 
1/18/2012 9:32:53 PM OK explorer.exe\shell32.dll 
1/18/2012 9:32:53 PM OK explorer.exe\apisetschema.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\duser.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\msiltcfg.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\IconCodecService.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\dui70.dll 
1/18/2012 9:32:53 PM OK dwm.exe\atidxx64.dll 
1/18/2012 9:32:53 PM OK dwm.exe\user32.dll 
1/18/2012 9:32:53 PM OK dwm.exe\kernel32.dll 
1/18/2012 9:32:53 PM OK dwm.exe\ntdll.dll 
1/18/2012 9:32:53 PM OK dwm.exe\psapi.dll 
1/18/2012 9:32:53 PM OK dwm.exe\dwm.exe 
1/18/2012 9:32:53 PM OK dwm.exe\dwmcore.dll 
1/18/2012 9:32:53 PM OK dwm.exe\dxgi.dll 
1/18/2012 9:32:53 PM OK dwm.exe\slc.dll 
1/18/2012 9:32:53 PM OK dwm.exe\WindowsCodecs.dll 
1/18/2012 9:32:53 PM OK dwm.exe\dwmapi.dll 
1/18/2012 9:32:53 PM OK dwm.exe\uxtheme.dll 
1/18/2012 9:32:53 PM OK dwm.exe\comctl32.dll 
1/18/2012 9:32:53 PM OK dwm.exe\avrt.dll 
1/18/2012 9:32:53 PM OK dwm.exe\uDWM.dll 
1/18/2012 9:32:53 PM OK dwm.exe\d3d10_1core.dll 
1/18/2012 9:32:53 PM OK dwm.exe\d3d10_1.dll 
1/18/2012 9:32:53 PM OK dwm.exe\dwmredir.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\dwm.exe 
1/18/2012 9:32:53 PM OK dwm.exe\version.dll 
1/18/2012 9:32:53 PM OK dwm.exe\msasn1.dll 
1/18/2012 9:32:53 PM OK dwm.exe\KernelBase.dll 
1/18/2012 9:32:53 PM OK dwm.exe\crypt32.dll 
1/18/2012 9:32:53 PM OK dwm.exe\wintrust.dll 
1/18/2012 9:32:53 PM OK dwm.exe\advapi32.dll 
1/18/2012 9:32:53 PM OK dwm.exe\usp10.dll 
1/18/2012 9:32:53 PM OK dwm.exe\imm32.dll 
1/18/2012 9:32:53 PM OK dwm.exe\sechost.dll 
1/18/2012 9:32:53 PM OK dwm.exe\shlwapi.dll 
1/18/2012 9:32:53 PM OK dwm.exe\gdi32.dll 
1/18/2012 9:32:53 PM OK dwm.exe\ole32.dll 
1/18/2012 9:32:53 PM OK dwm.exe\rpcrt4.dll 
1/18/2012 9:32:53 PM OK dwm.exe\lpk.dll 
1/18/2012 9:32:53 PM OK dwm.exe\msvcrt.dll 
1/18/2012 9:32:53 PM OK dwm.exe\msctf.dll 
1/18/2012 9:32:53 PM OK dwm.exe\apisetschema.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\atidxx64.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\uDWM.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\dwmredir.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\dwmcore.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\ksuser.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\user32.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\kernel32.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\ntdll.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\taskhost.exe 
1/18/2012 9:32:53 PM OK taskhost.exe\HotStartUserAgent.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\taskhost.exe 
1/18/2012 9:32:53 PM OK taskhost.exe\dimsjob.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\msutb.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\HotStartUserAgent.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\PlaySndSrv.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\dimsjob.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\MsCtfMonitor.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\npmproxy.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\netprofm.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\msutb.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\taskschd.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\AudioSes.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\MsCtfMonitor.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\winmm.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\PlaySndSrv.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\slc.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\dsrole.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\nlaapi.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\wdmaud.drv 
1/18/2012 9:32:53 PM OK taskhost.exe\msacm32.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\dwmapi.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\uxtheme.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\midimap.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\msacm32.drv 
1/18/2012 9:32:53 PM OK taskhost.exe\avrt.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\propsys.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\MMDevAPI.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\wtsapi32.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\winsta.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\rsaenh.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\cryptsp.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\sspicli.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\cryptbase.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\RpcRtRemote.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\KernelBase.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\cfgmgr32.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\devobj.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\advapi32.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\usp10.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\nsi.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\imm32.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\sechost.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\setupapi.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\shlwapi.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\gdi32.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\ole32.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\clbcatq.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\rpcrt4.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\lpk.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\msvcrt.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\oleaut32.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\msctf.dll 
1/18/2012 9:32:53 PM OK taskhost.exe\apisetschema.dll 
1/18/2012 9:32:53 PM OK C:\Windows\System32\netprofm.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\NlsLexicons0009.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\user32.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\kernel32.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\ntdll.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\psapi.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\SearchIndexer.exe 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\Query.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\chsbrkr.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\NlsData0009.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\NaturalLanguage6.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\elslad.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\mssprxy.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\tquery.dll.mui 
1/18/2012 9:32:54 PM OK C:\Windows\System32\SearchIndexer.exe 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\mssrch.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\tquery.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\esent.dll 
1/18/2012 9:32:54 PM OK C:\Windows\System32\elslad.dll 
1/18/2012 9:32:54 PM OK C:\Windows\System32\chsbrkr.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\ELSCore.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\vss_ps.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\msxml3.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\msidle.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\vsstrace.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\vssapi.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\ktmw32.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\es.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\atl.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\ntmarta.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\samcli.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\netutils.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\samlib.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\comctl32.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\propsys.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\wtsapi32.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\userenv.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\credssp.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\winsta.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\rsaenh.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\cryptsp.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\secur32.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\sspicli.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\apphelp.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\cryptbase.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\sxs.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\RpcRtRemote.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\profapi.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\msasn1.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\KernelBase.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\crypt32.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\cfgmgr32.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\devobj.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\advapi32.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\usp10.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\imm32.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\sechost.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\setupapi.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\shlwapi.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\gdi32.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\ole32.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\clbcatq.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\rpcrt4.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\Wldap32.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\lpk.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\msvcrt.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\oleaut32.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\msctf.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\shell32.dll 
1/18/2012 9:32:54 PM OK SearchIndexer.exe\apisetschema.dll 
1/18/2012 9:32:54 PM OK C:\Windows\System32\en-US\tquery.dll.mui 
1/18/2012 9:32:54 PM OK C:\Windows\System32\Query.dll 
1/18/2012 9:32:54 PM OK C:\Windows\System32\ELSCore.dll 
1/18/2012 9:32:54 PM OK C:\Windows\System32\mssrch.dll 
1/18/2012 9:32:54 PM OK C:\Windows\System32\tquery.dll 
1/18/2012 9:32:54 PM OK C:\Windows\System32\msidle.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\Indiv01_64.key 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\wmploc.DLL 
1/18/2012 9:32:54 PM OK C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\user32.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\kernel32.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\ntdll.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\wmpnetwk.exe 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\AdobeDriveCS4_NP.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\davclnt.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\ntlanman.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\mpr.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\networkexplorer.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\upnphost.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\MSMPEG2ENC.DLL 
1/18/2012 9:32:54 PM OK  C:\Program Files\Windows Media Player\wmpnetwk.exe 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\dxgi.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\WinSATAPI.dll 
1/18/2012 9:32:54 PM OK C:\Windows\System32\upnphost.dll 
1/18/2012 9:32:54 PM OK C:\Windows\System32\WinSATAPI.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\wmpmde.dll 
1/18/2012 9:32:54 PM OK C:\Windows\System32\MSMPEG2ENC.DLL 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\wmpps.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\provsvc.dll 
1/18/2012 9:32:54 PM OK C:\Windows\System32\wmpmde.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\wmp.dll 
1/18/2012 9:32:54 PM OK C:\Windows\System32\wmpps.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\drmv2clt.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\davhlpr.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\wmdrmdev.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\drprov.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\devenum.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\ieproxy.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\upnp.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\npmproxy.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\wbemsvc.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\netprofm.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\wbemprox.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\ntdsapi.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\msxml3.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\fastprox.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\wbemcomn.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\linkinfo.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\httpapi.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\ssdpapi.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\webio.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\winhttp.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\wsock32.dll 
1/18/2012 9:32:54 PM OK C:\Windows\System32\drmv2clt.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\msdmo.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\msxml6.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\mfplat.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\dhcpcsvc6.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\dhcpcsvc.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\winmm.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\winnsi.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\IPHLPAPI.DLL 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\slc.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\dsrole.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\nlaapi.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\ntmarta.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\wkscli.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\netutils.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\netapi32.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\WindowsCodecs.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\xmllite.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\dwmapi.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\GdiPlus.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\samlib.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\comctl32.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\avrt.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\propsys.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\version.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\FirewallAPI.dll  
1/18/2012 9:32:54 PM OK wmpnetwk.exe\wtsapi32.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\WSHTCPIP.DLL 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\gpapi.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\userenv.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\credssp.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\pcwum.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\winsta.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\rsaenh.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\dnsapi.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\wship6.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\mswsock.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\cryptsp.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\authz.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\srvcli.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\sspicli.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\apphelp.dll 
1/18/2012 9:32:54 PM OK wmpnetwk.exe\cryptbase.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\sxs.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\RpcRtRemote.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\profapi.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\msasn1.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\KernelBase.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\crypt32.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\wintrust.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\cfgmgr32.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\devobj.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\iertutil.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\advapi32.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\usp10.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\nsi.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\urlmon.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\ws2_32.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\imm32.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\sechost.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\setupapi.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\shlwapi.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\gdi32.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\ole32.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\clbcatq.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\rpcrt4.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\Wldap32.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\lpk.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\msvcrt.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\oleaut32.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\msctf.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\wininet.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\shell32.dll 
1/18/2012 9:32:55 PM OK wmpnetwk.exe\apisetschema.dll 
1/18/2012 9:32:55 PM OK C:\Windows\System32\wmp.dll 
1/18/2012 9:32:55 PM OK C:\Windows\System32\wmdrmdev.dll 
1/18/2012 9:32:55 PM OK C:\Windows\System32\devenum.dll 
1/18/2012 9:32:55 PM OK C:\Windows\System32\msdmo.dll 
1/18/2012 9:32:55 PM OK C:\Windows\System32\upnp.dll 
1/18/2012 9:32:55 PM OK C:\Windows\System32\wmploc.DLL 
1/18/2012 9:32:55 PM OK svchost.exe\sfc.dll 
1/18/2012 9:32:55 PM OK svchost.exe\user32.dll 
1/18/2012 9:32:55 PM OK svchost.exe\kernel32.dll 
1/18/2012 9:32:55 PM OK svchost.exe\ntdll.dll 
1/18/2012 9:32:55 PM OK svchost.exe\psapi.dll 
1/18/2012 9:32:55 PM OK svchost.exe\svchost.exe 
1/18/2012 9:32:55 PM OK svchost.exe\mpengine.dll 
1/18/2012 9:32:55 PM OK svchost.exe\offreg.dll


----------



## destin (Jan 8, 2012)

*3rd part *

1/18/2012 9:32:55 PM OK C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F2DC0122-0E42-44E0-A653-4CBBBC874020}\mpengine.dll/data0000.res 
1/18/2012 9:32:55 PM OK C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F2DC0122-0E42-44E0-A653-4CBBBC874020}\mpengine.dll/data0001.res 
1/18/2012 9:32:55 PM OK svchost.exe\wscapi.dll 
1/18/2012 9:32:55 PM OK svchost.exe\tdh.dll 
1/18/2012 9:32:55 PM OK C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F2DC0122-0E42-44E0-A653-4CBBBC874020}\mpengine.dll/data0002.res 
1/18/2012 9:32:55 PM OK C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F2DC0122-0E42-44E0-A653-4CBBBC874020}\mpengine.dll 
1/18/2012 9:32:55 PM OK C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F2DC0122-0E42-44E0-A653-4CBBBC874020}\offreg.dll 
1/18/2012 9:32:55 PM OK svchost.exe\MpRTP.dll 
1/18/2012 9:32:55 PM OK svchost.exe\MpSvc.dll 
1/18/2012 9:32:55 PM OK C:\Windows\System32\tdh.dll 
1/18/2012 9:32:55 PM OK svchost.exe\cabinet.dll 
1/18/2012 9:32:55 PM OK svchost.exe\cryptnet.dll 
1/18/2012 9:32:55 PM OK svchost.exe\MpClient.dll 
1/18/2012 9:32:55 PM OK C:\Program Files\Windows Defender\MpRTP.dll 
1/18/2012 9:32:55 PM OK svchost.exe\sfc_os.dll 
1/18/2012 9:32:55 PM OK svchost.exe\ntmarta.dll 
1/18/2012 9:32:55 PM OK svchost.exe\wkscli.dll 
1/18/2012 9:32:55 PM OK svchost.exe\netutils.dll 
1/18/2012 9:32:55 PM OK svchost.exe\netapi32.dll 
1/18/2012 9:32:55 PM OK svchost.exe\xmllite.dll 
1/18/2012 9:32:55 PM OK svchost.exe\version.dll 
1/18/2012 9:32:55 PM OK svchost.exe\wtsapi32.dll 
1/18/2012 9:32:55 PM OK svchost.exe\gpapi.dll 
1/18/2012 9:32:55 PM OK svchost.exe\userenv.dll 
1/18/2012 9:32:55 PM OK svchost.exe\devrtl.dll 
1/18/2012 9:32:55 PM OK svchost.exe\credssp.dll 
1/18/2012 9:32:55 PM OK svchost.exe\bcryptprimitives.dll 
1/18/2012 9:32:55 PM OK svchost.exe\rsaenh.dll 
1/18/2012 9:32:55 PM OK svchost.exe\cryptsp.dll 
1/18/2012 9:32:55 PM OK svchost.exe\bcrypt.dll 
1/18/2012 9:32:55 PM OK svchost.exe\ncrypt.dll 
1/18/2012 9:32:55 PM OK svchost.exe\srvcli.dll 
1/18/2012 9:32:55 PM OK svchost.exe\secur32.dll 
1/18/2012 9:32:55 PM OK svchost.exe\sspicli.dll 
1/18/2012 9:32:55 PM OK svchost.exe\apphelp.dll 
1/18/2012 9:32:55 PM OK svchost.exe\cryptbase.dll 
1/18/2012 9:32:55 PM OK svchost.exe\RpcRtRemote.dll 
1/18/2012 9:32:55 PM OK svchost.exe\profapi.dll 
1/18/2012 9:32:55 PM OK svchost.exe\msasn1.dll 
1/18/2012 9:32:55 PM OK svchost.exe\KernelBase.dll 
1/18/2012 9:32:55 PM OK svchost.exe\crypt32.dll 
1/18/2012 9:32:55 PM OK svchost.exe\wintrust.dll 
1/18/2012 9:32:55 PM OK svchost.exe\cfgmgr32.dll 
1/18/2012 9:32:55 PM OK svchost.exe\devobj.dll 
1/18/2012 9:32:55 PM OK svchost.exe\iertutil.dll 
1/18/2012 9:32:55 PM OK svchost.exe\advapi32.dll 
1/18/2012 9:32:55 PM OK svchost.exe\usp10.dll 
1/18/2012 9:32:55 PM OK svchost.exe\imagehlp.dll 
1/18/2012 9:32:55 PM OK svchost.exe\nsi.dll 
1/18/2012 9:32:55 PM OK svchost.exe\urlmon.dll 
1/18/2012 9:32:55 PM OK svchost.exe\ws2_32.dll 
1/18/2012 9:32:55 PM OK svchost.exe\imm32.dll 
1/18/2012 9:32:55 PM OK svchost.exe\sechost.dll 
1/18/2012 9:32:55 PM OK svchost.exe\setupapi.dll 
1/18/2012 9:32:55 PM OK svchost.exe\shlwapi.dll 
1/18/2012 9:32:55 PM OK svchost.exe\gdi32.dll 
1/18/2012 9:32:55 PM OK svchost.exe\ole32.dll 
1/18/2012 9:32:55 PM OK svchost.exe\clbcatq.dll 
1/18/2012 9:32:55 PM OK svchost.exe\rpcrt4.dll 
1/18/2012 9:32:55 PM OK svchost.exe\Wldap32.dll 
1/18/2012 9:32:55 PM OK svchost.exe\lpk.dll 
1/18/2012 9:32:55 PM OK svchost.exe\msvcrt.dll 
1/18/2012 9:32:55 PM OK svchost.exe\oleaut32.dll 
1/18/2012 9:32:55 PM OK svchost.exe\msctf.dll 
1/18/2012 9:32:55 PM OK svchost.exe\wininet.dll 
1/18/2012 9:32:55 PM OK svchost.exe\shell32.dll 
1/18/2012 9:32:55 PM OK svchost.exe\apisetschema.dll 
1/18/2012 9:32:55 PM OK C:\Program Files\Windows Defender\MpSvc.dll 
1/18/2012 9:32:55 PM OK C:\Program Files\Windows Defender\MpClient.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\apisetschema.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\mbamservice.exe 
1/18/2012 9:32:55 PM OK mbamservice.exe\davclnt.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\mbamnet.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\mbamcore.dll 
1/18/2012 9:32:55 PM OK C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 
1/18/2012 9:32:55 PM OK mbamservice.exe\davhlpr.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\ntlanman.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\drprov.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\ntmarta.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\mbam.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\winsta.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\dhcpcsvc.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\FWPUCLNT.DLL 
1/18/2012 9:32:55 PM OK mbamservice.exe\rasadhlp.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\dnsapi.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\mswsock.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\winnsi.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\IPHLPAPI.DLL 
1/18/2012 9:32:55 PM OK mbamservice.exe\mpr.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\rsaenh.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\cryptsp.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\profapi.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\userenv.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\wtsapi32.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\version.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\wow64cpu.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\wow64win.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\wow64.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\cryptbase.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\sspicli.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\shell32.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\usp10.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\user32.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\nsi.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\msvcrt.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\KernelBase.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\imm32.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\ws2_32.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\ole32.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\shlwapi.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\lpk.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\advapi32.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\rpcrt4.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\crypt32.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\sechost.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\msctf.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\psapi.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\Wldap32.dll 
1/18/2012 9:32:55 PM OK C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll/data0000.res 
1/18/2012 9:32:55 PM OK mbamservice.exe\gdi32.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\kernel32.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\wintrust.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\ntdll.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\msasn1.dll 
1/18/2012 9:32:55 PM OK mbamservice.exe\ntdll.dll 
1/18/2012 9:32:55 PM OK C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll/data0001.res 
1/18/2012 9:32:55 PM OK C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll 
1/18/2012 9:32:55 PM OK IntuitUpdateService.exe\apisetschema.dll 
1/18/2012 9:32:55 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll 
1/18/2012 9:32:55 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll 
1/18/2012 9:32:55 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll 
1/18/2012 9:32:55 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll 
1/18/2012 9:32:55 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll 
1/18/2012 9:32:55 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Client.Common.dll 
1/18/2012 9:32:55 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\2.1.72.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Core.dll 
1/18/2012 9:32:56 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\2.1.72.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll 
1/18/2012 9:32:56 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.145.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\Intuit.Spc.Foundations.Primary.Logging.dll 
1/18/2012 9:32:56 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\2.1.72.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\IntuitUpdateService.exe 
1/18/2012 9:32:56 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Logging\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Logging.dll 
1/18/2012 9:32:56 PM OK C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\Intuit.Spc.Foundations.Primary.Config.dll 
1/18/2012 9:32:56 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.ExceptionHandling\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\Intuit.Spc.Foundations.Portability.dll 
1/18/2012 9:32:56 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Config\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Config.dll 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\System.configuration.dll 
1/18/2012 9:32:56 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Foundations.Portability\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Portability.dll 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Client.DataAccess.dll 
1/18/2012 9:32:56 PM OK C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.WinClient.Api.Net.dll 
1/18/2012 9:32:56 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\2.1.72.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Client.BusinessLogic.dll 
1/18/2012 9:32:56 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\2.1.72.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\System.dll Object was not changed (iChecker) 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\System.XML.dll Object was not changed (iChecker) 
1/18/2012 9:32:56 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\2.1.72.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\System.Transactions.dll 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\Intuit.Spc.Map.Reporter.dll 
1/18/2012 9:32:56 PM OK C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\System.Data.SQLite.DLL 
1/18/2012 9:32:56 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.95.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\System.EnterpriseServices.dll 
1/18/2012 9:32:56 PM OK C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.DLL 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\System.Runtime.Remoting.dll 
1/18/2012 9:32:56 PM OK C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\System.Data.dll 
1/18/2012 9:32:56 PM OK C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\System.ServiceProcess.dll 
1/18/2012 9:32:56 PM OK C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\CustomMarshalers.dll 
1/18/2012 9:32:56 PM OK C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll 
1/18/2012 9:32:56 PM OK C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\System.Drawing.dll 
1/18/2012 9:32:56 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll 
1/18/2012 9:32:56 PM OK C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll 
1/18/2012 9:32:56 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Client.Common.dll 
1/18/2012 9:32:57 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll 
1/18/2012 9:32:57 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Core.dll 
1/18/2012 9:32:57 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll 
1/18/2012 9:32:57 PM OK IntuitUpdateService.exe\log4net.dll 
1/18/2012 9:32:57 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.445.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll 
1/18/2012 9:32:57 PM OK C:\Windows\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll 
1/18/2012 9:32:57 PM OK IntuitUpdateService.exe\System.Windows.Forms.dll 
1/18/2012 9:32:57 PM OK IntuitUpdateService.exe\Intuit.Spc.Map.WindowsFirewallUtilities.dll 
1/18/2012 9:32:57 PM OK C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll 
1/18/2012 9:32:57 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Client.DataAccess.dll 
1/18/2012 9:32:57 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Client.BusinessLogic.dll 
1/18/2012 9:32:57 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\4.0.95.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll 
1/18/2012 9:32:57 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll 
1/18/2012 9:32:57 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.WinClient.Api.Net.dll 
1/18/2012 9:32:57 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll 
1/18/2012 9:32:57 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll 
1/18/2012 9:32:57 PM OK IntuitUpdateService.exe\System.Data.SQLite.DLL 
1/18/2012 9:32:57 PM OK IntuitUpdateService.exe\System.Data.SQLite.DLL 
1/18/2012 9:32:57 PM OK IntuitUpdateService.exe\Intuit.Spc.Map.Reporter.dll 
1/18/2012 9:32:57 PM OK C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.DLL 
1/18/2012 9:32:57 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll 
1/18/2012 9:32:57 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll 
1/18/2012 9:32:57 PM OK IntuitUpdateService.exe\Intuit.Spc.Map.WindowsFirewallUtilities.dll 
1/18/2012 9:32:57 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll 
1/18/2012 9:32:57 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll 
1/18/2012 9:32:57 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll 
1/18/2012 9:32:57 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Client.Common.dll 
1/18/2012 9:32:57 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll 
1/18/2012 9:32:57 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Core.dll 
1/18/2012 9:32:57 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Client.DataAccess.dll 
1/18/2012 9:32:58 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\3.1.26.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.WinClient.Api.Net.dll 
1/18/2012 9:32:58 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Client.BusinessLogic.dll 
1/18/2012 9:32:58 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Map.Reporter.dll 
1/18/2012 9:32:58 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Map.WindowsFirewallUtilities.dll 
1/18/2012 9:32:58 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\System.Data.SQLite.DLL 
1/18/2012 9:32:58 PM OK C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\diasymreader.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\CustomMarshalers.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\System.Data.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\System.Transactions.dll 
1/18/2012 9:32:58 PM OK C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Map.WindowsFirewallUtilities.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Map.Reporter.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Client.BusinessLogic.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Client.DataAccess.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.WinClient.Api.Net.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Core.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Client.Common.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Map.WindowsFirewallUtilities.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Map.Reporter.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Client.BusinessLogic.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\log4net.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Client.DataAccess.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.WinClient.Api.Net.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Core.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\FirewallAPI.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Map.WindowsFirewallUtilities.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\System.Drawing.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\System.Windows.Forms.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Map.Reporter.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Client.Common.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\CustomMarshalers.ni.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\System.Runtime.Remoting.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\System.EnterpriseServices.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\System.XML.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\System.ServiceProcess.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Client.BusinessLogic.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Client.DataAccess.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.WinClient.Api.Net.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\System.configuration.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Foundations.Primary.Config.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\System.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Foundations.Portability.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Foundations.Primary.Logging.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Core.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.Client.Common.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\System.ServiceProcess.ni.dll 
1/18/2012 9:32:58 PM OK C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\2c2215e99c21daeec6bf697cf7bcf103\CustomMarshalers.ni.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\System.ni.dll 
1/18/2012 9:32:58 PM OK C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6f2de1cb69aef1946760a70f355a3075\System.ServiceProcess.ni.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\mscorjit.dll 
1/18/2012 9:32:58 PM OK IntuitUpdateService.exe\mscorlib.ni.dll 
1/18/2012 9:32:58 PM OK C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll 
1/18/2012 9:32:58 PM OK C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\mscorwks.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\mscoreei.dll 
1/18/2012 9:32:59 PM OK C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\shfolder.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\mscoree.dll 
1/18/2012 9:32:59 PM OK C:\Windows\SysWOW64\shfolder.dll 
1/18/2012 9:32:59 PM OK C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll 
1/18/2012 9:32:59 PM OK C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\msi.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\wship6.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\WSHTCPIP.DLL 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\mswsock.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\RpcRtRemote.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\rsaenh.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\cryptsp.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\profapi.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\msvcr80.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\version.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\wow64cpu.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\wow64win.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\wow64.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\cryptbase.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\sspicli.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\shell32.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\usp10.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\user32.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\nsi.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\msvcrt.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\KernelBase.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\imm32.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\oleaut32.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\ws2_32.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\ole32.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\shlwapi.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\lpk.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\advapi32.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\rpcrt4.dll  
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\crypt32.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\sechost.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\msctf.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\gdi32.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\kernel32.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\clbcatq.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\ntdll.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\msasn1.dll 
1/18/2012 9:32:59 PM OK IntuitUpdateService.exe\ntdll.dll 
1/18/2012 9:32:59 PM OK C:\Windows\SysWOW64\mscoree.dll 
1/18/2012 9:32:59 PM OK C:\Windows\SysWOW64\msi.dll 
1/18/2012 9:32:59 PM OK svchost.exe\user32.dll 
1/18/2012 9:32:59 PM OK svchost.exe\kernel32.dll 
1/18/2012 9:32:59 PM OK svchost.exe\ntdll.dll 
1/18/2012 9:32:59 PM OK svchost.exe\svchost.exe 
1/18/2012 9:32:59 PM OK svchost.exe\wlanapi.dll 
1/18/2012 9:32:59 PM OK svchost.exe\FDResPub.dll 
1/18/2012 9:32:59 PM OK svchost.exe\udhisapi.dll 
1/18/2012 9:32:59 PM OK C:\Windows\System32\FDResPub.dll 
1/18/2012 9:32:59 PM OK svchost.exe\upnphost.dll 
1/18/2012 9:32:59 PM OK svchost.exe\wcncsvc.dll 
1/18/2012 9:32:59 PM OK C:\Windows\System32\udhisapi.dll 
1/18/2012 9:32:59 PM OK svchost.exe\FntCache.dll 
1/18/2012 9:32:59 PM OK C:\Windows\System32\wcncsvc.dll 
1/18/2012 9:32:59 PM OK svchost.exe\ssdpsrv.dll 
1/18/2012 9:32:59 PM OK C:\Windows\System32\FntCache.dll 
1/18/2012 9:32:59 PM OK svchost.exe\upnp.dll 
1/18/2012 9:32:59 PM OK svchost.exe\wlanhlp.dll 
1/18/2012 9:32:59 PM OK svchost.exe\webservices.dll 
1/18/2012 9:32:59 PM OK svchost.exe\WSDApi.dll 
1/18/2012 9:32:59 PM OK svchost.exe\msxml3.dll 
1/18/2012 9:32:59 PM OK C:\Windows\System32\ssdpsrv.dll 
1/18/2012 9:32:59 PM OK svchost.exe\fundisc.dll 
1/18/2012 9:32:59 PM OK svchost.exe\httpapi.dll 
1/18/2012 9:32:59 PM OK svchost.exe\ssdpapi.dll 
1/18/2012 9:32:59 PM OK svchost.exe\webio.dll 
1/18/2012 9:32:59 PM OK svchost.exe\winhttp.dll 
1/18/2012 9:32:59 PM OK svchost.exe\ktmw32.dll 
1/18/2012 9:32:59 PM OK svchost.exe\msxml6.dll 
1/18/2012 9:32:59 PM OK svchost.exe\wlanutil.dll 
1/18/2012 9:32:59 PM OK svchost.exe\eappcfg.dll 
1/18/2012 9:32:59 PM OK C:\Windows\System32\wlanhlp.dll 
1/18/2012 9:32:59 PM OK svchost.exe\eappprxy.dll 
1/18/2012 9:32:59 PM OK svchost.exe\onex.dll 
1/18/2012 9:32:59 PM OK C:\Windows\System32\eappcfg.dll 
1/18/2012 9:32:59 PM OK C:\Windows\System32\eappprxy.dll 
1/18/2012 9:32:59 PM OK svchost.exe\dhcpcsvc6.dll 
1/18/2012 9:32:59 PM OK svchost.exe\dhcpcsvc.dll 
1/18/2012 9:32:59 PM OK svchost.exe\winnsi.dll 
1/18/2012 9:32:59 PM OK svchost.exe\IPHLPAPI.DLL 
1/18/2012 9:32:59 PM OK svchost.exe\atl.dll 
1/18/2012 9:32:59 PM OK svchost.exe\ntmarta.dll 
1/18/2012 9:32:59 PM OK svchost.exe\wkscli.dll 
1/18/2012 9:32:59 PM OK svchost.exe\netutils.dll 
1/18/2012 9:32:59 PM OK svchost.exe\xmllite.dll 
1/18/2012 9:32:59 PM OK svchost.exe\comctl32.dll 
1/18/2012 9:32:59 PM OK svchost.exe\version.dll 
1/18/2012 9:32:59 PM OK svchost.exe\FirewallAPI.dll 
1/18/2012 9:32:59 PM OK svchost.exe\WSHTCPIP.DLL 
1/18/2012 9:32:59 PM OK svchost.exe\userenv.dll 
1/18/2012 9:32:59 PM OK svchost.exe\credssp.dll 
1/18/2012 9:32:59 PM OK svchost.exe\pcwum.dll 
1/18/2012 9:32:59 PM OK svchost.exe\bcryptprimitives.dll 
1/18/2012 9:32:59 PM OK svchost.exe\rsaenh.dll 
1/18/2012 9:32:59 PM OK svchost.exe\dnsapi.dll 
1/18/2012 9:32:59 PM OK svchost.exe\wship6.dll 
1/18/2012 9:32:59 PM OK svchost.exe\mswsock.dll 
1/18/2012 9:32:59 PM OK svchost.exe\cryptsp.dll 
1/18/2012 9:32:59 PM OK svchost.exe\bcrypt.dll 
1/18/2012 9:32:59 PM OK svchost.exe\secur32.dll 
1/18/2012 9:32:59 PM OK svchost.exe\sspicli.dll 
1/18/2012 9:32:59 PM OK svchost.exe\cryptbase.dll 
1/18/2012 9:32:59 PM OK svchost.exe\sxs.dll 
1/18/2012 9:32:59 PM OK svchost.exe\RpcRtRemote.dll 
1/18/2012 9:32:59 PM OK svchost.exe\profapi.dll 
1/18/2012 9:32:59 PM OK svchost.exe\KernelBase.dll 
1/18/2012 9:32:59 PM OK svchost.exe\advapi32.dll 
1/18/2012 9:32:59 PM OK svchost.exe\usp10.dll 
1/18/2012 9:32:59 PM OK svchost.exe\nsi.dll 
1/18/2012 9:32:59 PM OK svchost.exe\ws2_32.dll 
1/18/2012 9:32:59 PM OK svchost.exe\imm32.dll 
1/18/2012 9:32:59 PM OK svchost.exe\sechost.dll 
1/18/2012 9:32:59 PM OK svchost.exe\shlwapi.dll 
1/18/2012 9:32:59 PM OK svchost.exe\gdi32.dll 
1/18/2012 9:32:59 PM OK svchost.exe\ole32.dll 
1/18/2012 9:32:59 PM OK svchost.exe\clbcatq.dll 
1/18/2012 9:32:59 PM OK svchost.exe\rpcrt4.dll 
1/18/2012 9:32:59 PM OK svchost.exe\Wldap32.dll 
1/18/2012 9:32:59 PM OK svchost.exe\lpk.dll 
1/18/2012 9:32:59 PM OK svchost.exe\msvcrt.dll 
1/18/2012 9:32:59 PM OK svchost.exe\oleaut32.dll 
1/18/2012 9:32:59 PM OK svchost.exe\msctf.dll 
1/18/2012 9:32:59 PM OK svchost.exe\shell32.dll 
1/18/2012 9:32:59 PM OK svchost.exe\apisetschema.dll 
1/18/2012 9:32:59 PM OK C:\Windows\System32\onex.dll 
1/18/2012 9:32:59 PM OK WinMsgBalloonClient.exe\apisetschema.dll 
1/18/2012 9:32:59 PM OK WinMsgBalloonClient.exe\WinMsgBalloonClient.exe 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\dwmapi.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\uxtheme.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\winsta.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\wtsapi32.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\wow64cpu.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\wow64win.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\wow64.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\cryptbase.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\sspicli.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\shell32.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\usp10.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\user32.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\msvcrt.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\KernelBase.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\imm32.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\shlwapi.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\lpk.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\advapi32.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\rpcrt4.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\sechost.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\msctf.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\gdi32.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\kernel32.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\ntdll.dll 
1/18/2012 9:33:01 PM OK WinMsgBalloonClient.exe\ntdll.dll 
1/18/2012 9:33:04 PM OK C:\Windows\SysWOW64\WinMsgBalloonClient.exe 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\apisetschema.dll 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\WinMsgBalloonServer.exe 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\profapi.dll 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\userenv.dll 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\apphelp.dll 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\wow64cpu.dll 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\wow64win.dll 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\wow64.dll 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\cryptbase.dll 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\sspicli.dll 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\usp10.dll 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\user32.dll 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\msvcrt.dll 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\KernelBase.dll 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\imm32.dll 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\lpk.dll 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\advapi32.dll 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\rpcrt4.dll 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\sechost.dll 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\msctf.dll 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\gdi32.dll 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\kernel32.dll 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\ntdll.dll 
1/18/2012 9:33:04 PM OK WinMsgBalloonServer.exe\ntdll.dll 
1/18/2012 9:33:04 PM OK C:\Windows\SysWOW64\WinMsgBalloonServer.exe 
1/18/2012 9:33:04 PM OK svchost.exe\user32.dll 
1/18/2012 9:33:04 PM OK svchost.exe\kernel32.dll 
1/18/2012 9:33:04 PM OK svchost.exe\ntdll.dll 
1/18/2012 9:33:04 PM OK svchost.exe\svchost.exe 
1/18/2012 9:33:04 PM OK svchost.exe\FwRemoteSvr.dll 
1/18/2012 9:33:04 PM OK svchost.exe\IPSECSVC.DLL 
1/18/2012 9:33:04 PM OK C:\Windows\System32\FwRemoteSvr.dll 
1/18/2012 9:33:04 PM OK svchost.exe\dhcpcsvc6.dll 
1/18/2012 9:33:04 PM OK svchost.exe\dhcpcsvc.dll 
1/18/2012 9:33:04 PM OK svchost.exe\FWPUCLNT.DLL 
1/18/2012 9:33:04 PM OK svchost.exe\winnsi.dll 
1/18/2012 9:33:04 PM OK svchost.exe\IPHLPAPI.DLL 
1/18/2012 9:33:04 PM OK svchost.exe\version.dll 
1/18/2012 9:33:04 PM OK svchost.exe\FirewallAPI.dll 
1/18/2012 9:33:04 PM OK svchost.exe\WSHTCPIP.DLL 
1/18/2012 9:33:04 PM OK svchost.exe\credssp.dll 
1/18/2012 9:33:04 PM OK svchost.exe\wship6.dll 
1/18/2012 9:33:04 PM OK svchost.exe\mswsock.dll 
1/18/2012 9:33:04 PM OK svchost.exe\authz.dll 
1/18/2012 9:33:04 PM OK svchost.exe\secur32.dll 
1/18/2012 9:33:04 PM OK svchost.exe\sspicli.dll 
1/18/2012 9:33:04 PM OK svchost.exe\cryptbase.dll 
1/18/2012 9:33:04 PM OK svchost.exe\RpcRtRemote.dll 
1/18/2012 9:33:04 PM OK svchost.exe\KernelBase.dll 
1/18/2012 9:33:04 PM OK svchost.exe\advapi32.dll 
1/18/2012 9:33:04 PM OK svchost.exe\usp10.dll 
1/18/2012 9:33:04 PM OK svchost.exe\nsi.dll 
1/18/2012 9:33:04 PM OK svchost.exe\ws2_32.dll 
1/18/2012 9:33:04 PM OK svchost.exe\imm32.dll 
1/18/2012 9:33:04 PM OK svchost.exe\sechost.dll 
1/18/2012 9:33:04 PM OK svchost.exe\gdi32.dll 
1/18/2012 9:33:04 PM OK svchost.exe\ole32.dll 
1/18/2012 9:33:04 PM OK svchost.exe\clbcatq.dll 
1/18/2012 9:33:04 PM OK svchost.exe\rpcrt4.dll 
1/18/2012 9:33:04 PM OK svchost.exe\lpk.dll 
1/18/2012 9:33:04 PM OK svchost.exe\msvcrt.dll 
1/18/2012 9:33:04 PM OK svchost.exe\oleaut32.dll 
1/18/2012 9:33:04 PM OK svchost.exe\msctf.dll 
1/18/2012 9:33:04 PM OK svchost.exe\apisetschema.dll 
1/18/2012 9:33:04 PM OK C:\Windows\System32\IPSECSVC.DLL 
1/18/2012 9:33:04 PM OK WLIDSVCM.EXE\user32.dll 
1/18/2012 9:33:04 PM OK WLIDSVCM.EXE\kernel32.dll 
1/18/2012 9:33:04 PM OK WLIDSVCM.EXE\ntdll.dll 
1/18/2012 9:33:04 PM OK WLIDSVCM.EXE\psapi.dll 
1/18/2012 9:33:04 PM OK WLIDSVCM.EXE\WLIDSVCM.EXE 
1/18/2012 9:33:04 PM OK WLIDSVCM.EXE\KernelBase.dll 
1/18/2012 9:33:04 PM OK WLIDSVCM.EXE\advapi32.dll 
1/18/2012 9:33:04 PM OK WLIDSVCM.EXE\usp10.dll 
1/18/2012 9:33:04 PM OK WLIDSVCM.EXE\imm32.dll 
1/18/2012 9:33:04 PM OK WLIDSVCM.EXE\sechost.dll 
1/18/2012 9:33:04 PM OK WLIDSVCM.EXE\shlwapi.dll 
1/18/2012 9:33:04 PM OK WLIDSVCM.EXE\gdi32.dll 
1/18/2012 9:33:04 PM OK WLIDSVCM.EXE\rpcrt4.dll 
1/18/2012 9:33:04 PM OK WLIDSVCM.EXE\lpk.dll 
1/18/2012 9:33:04 PM OK WLIDSVCM.EXE\msvcrt.dll 
1/18/2012 9:33:04 PM OK WLIDSVCM.EXE\msctf.dll 
1/18/2012 9:33:04 PM OK WLIDSVCM.EXE\shell32.dll 
1/18/2012 9:33:04 PM OK WLIDSVCM.EXE\apisetschema.dll 
1/18/2012 9:33:04 PM OK C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\user32.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\kernel32.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\ntdll.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\psapi.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\WLIDSVC.EXE 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\dssenh.dll 
1/18/2012 9:33:04 PM OK C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\rasadhlp.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\WLIDNSP.DLL 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\wbemsvc.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\wbemprox.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\ntdsapi.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\msxml3.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\wer.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\SQMAPI.DLL 
1/18/2012 9:33:04 PM OK C:\Windows\System32\dssenh.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\fastprox.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\wbemcomn.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\SensApi.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\cryptnet.dll 
1/18/2012 9:33:04 PM OK C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL Object was not changed (iChecker) 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\webio.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\winhttp.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\WinSCard.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\dhcpcsvc6.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\dhcpcsvc.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\FWPUCLNT.DLL 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\winnsi.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\IPHLPAPI.DLL 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\samcli.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\wkscli.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\netutils.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\netapi32.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\version.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\wtsapi32.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\WSHTCPIP.DLL 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\gpapi.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\userenv.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\credssp.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\bcryptprimitives.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\winsta.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\rsaenh.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\schannel.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\dnsapi.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\wship6.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\mswsock.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\cryptsp.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\bcrypt.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\ncrypt.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\srvcli.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\secur32.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\sspicli.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\apphelp.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\cryptbase.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\RpcRtRemote.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\profapi.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\msasn1.dll 
1/18/2012 9:33:04 PM  OK WLIDSVC.EXE\KernelBase.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\crypt32.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\wintrust.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\advapi32.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\usp10.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\nsi.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\ws2_32.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\imm32.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\sechost.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\shlwapi.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\gdi32.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\ole32.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\clbcatq.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\rpcrt4.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\Wldap32.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\lpk.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\msvcrt.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\oleaut32.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\msctf.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\shell32.dll 
1/18/2012 9:33:04 PM OK WLIDSVC.EXE\apisetschema.dll 
1/18/2012 9:33:04 PM OK WinAutomation.ServiceAgent.exe\WinAutomation.Shared.dll 
1/18/2012 9:33:04 PM OK WinAutomation.ServiceAgent.exe\WinAutomation.JobRunner.dll 
1/18/2012 9:33:04 PM OK WinAutomation.ServiceAgent.exe\WinAutomation.Shared.Runtime.dll 
1/18/2012 9:33:04 PM OK C:\Program Files\WinAutomation\WinAutomation.Shared.dll 
1/18/2012 9:33:04 PM OK C:\Program Files\WinAutomation\WinAutomation.JobRunner.dll 
1/18/2012 9:33:04 PM OK WinAutomation.ServiceAgent.exe\WinAutomation.ServiceAgent.exe 
1/18/2012 9:33:04 PM OK C:\Program Files\WinAutomation\WinAutomation.Shared.Runtime.dll 
1/18/2012 9:33:04 PM OK WinAutomation.ServiceAgent.exe\System.Data.SQLite.DLL 
1/18/2012 9:33:04 PM OK C:\Program Files\WinAutomation\WinAutomation.ServiceAgent.exe 
1/18/2012 9:33:04 PM OK WinAutomation.ServiceAgent.exe\System.Data.dll 
1/18/2012 9:33:04 PM OK C:\Program Files\WinAutomation\System.Data.SQLite.DLL 
1/18/2012 9:33:04 PM OK WinAutomation.ServiceAgent.exe\System.Transactions.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\WinAutomation.JobRunner.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\WinAutomation.Shared.Runtime.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\WinAutomation.Shared.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\msvcr80.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\user32.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\kernel32.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\ntdll.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\System.Data.SQLite.DLL Object was not changed (iChecker) 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\diasymreader.dll Object was not changed (iChecker) 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\mscorsec.dll Object was not changed (iChecker) 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\System.Security.ni.dll 
1/18/2012 9:33:05 PM OK C:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll 
1/18/2012 9:33:05 PM OK C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\System.EnterpriseServices.ni.dll 
1/18/2012 9:33:05 PM OK C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Security\a3202e5eeb5c84ca6d5453b50c28e1af\System.Security.ni.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\System.Xml.ni.dll Object was not changed (iChecker) 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\System.Data.ni.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\System.Runtime.Remoting.ni.dll Object was not changed (iChecker) 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\System.Configuration.ni.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\System.Configuration.Install.ni.dll 
1/18/2012 9:33:05 PM OK C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\4cfb4616eb3af7f91c1ea7113465860b\System.Data.ni.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\System.Transactions.ni.dll 
1/18/2012 9:33:05 PM OK C:\Windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\4b0fd98f11e1e243efcfb810c170decf\System.EnterpriseServices.ni.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\System.Windows.Forms.ni.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\System.Drawing.ni.dll 
1/18/2012 9:33:05 PM OK C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\7d99138fb23b6c17aa205d49c6bfce9e\System.Configuration.Install.ni.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\shfolder.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\System.ServiceProcess.ni.dll Object was not changed (iChecker) 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\System.ni.dll Object was not changed (iChecker) 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\mscorjit.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\cabinet.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\SensApi.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\cryptnet.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\comctl32.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\mscorlib.ni.dll Object was not changed (iChecker) 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\mscorwks.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\mscoreei.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\mscoree.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\version.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\gpapi.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\userenv.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\devrtl.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\bcryptprimitives.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\rsaenh.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\cryptsp.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\bcrypt.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\ncrypt.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\cryptbase.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\RpcRtRemote.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\profapi.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\msasn1.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\KernelBase.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\crypt32.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\wintrust.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\advapi32.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\usp10.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\imagehlp.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\nsi.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\ws2_32.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\imm32.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\sechost.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\shlwapi.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\gdi32.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\ole32.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\rpcrt4.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\Wldap32.dll 
1/18/2012 9:33:05 PM OK  WinAutomation.ServiceAgent.exe\lpk.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\msvcrt.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\msctf.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\shell32.dll 
1/18/2012 9:33:05 PM OK WinAutomation.ServiceAgent.exe\apisetschema.dll 
1/18/2012 9:33:05 PM OK C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\fe860189c078d45125ca6366495fd414\System.Configuration.ni.dll 
1/18/2012 9:33:05 PM OK C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\bc4df91390f1b827ecb62a2edd0d1894\System.Windows.Forms.ni.dll 
1/18/2012 9:33:05 PM OK C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\7913f5c6b6fc7a75b2b8f558bb7b5568\System.Drawing.ni.dll 
1/18/2012 9:33:05 PM OK C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\f15a8af412d84b1fd14fc735fb5834f5\System.Transactions.ni.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\apisetschema.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\MDM.EXE 
1/18/2012 9:33:05 PM OK MDM.EXE\acwow64.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\RpcRtRemote.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\rsaenh.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\cryptsp.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\profapi.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\apphelp.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\version.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\wow64cpu.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\wow64win.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\wow64.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\cryptbase.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\sspicli.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\shell32.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\usp10.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\user32.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\msvcrt.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\KernelBase.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\imm32.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\oleaut32.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\ole32.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\shlwapi.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\lpk.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\advapi32.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\rpcrt4.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\sechost.dll 
1/18/2012 9:33:05 PM OK C:\Windows\AppPatch\acwow64.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\msctf.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\psapi.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\gdi32.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\kernel32.dll 
1/18/2012 9:33:05 PM OK C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE 
1/18/2012 9:33:05 PM OK MDM.EXE\clbcatq.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\ntdll.dll 
1/18/2012 9:33:05 PM OK MDM.EXE\ntdll.dll 
1/18/2012 9:33:05 PM OK LSSrvc.exe\apisetschema.dll 
1/18/2012 9:33:05 PM OK LSSrvc.exe\LSSrvc.exe 
1/18/2012 9:33:05 PM OK C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 
1/18/2012 9:33:05 PM OK LSSrvc.exe\LSSProxy.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\LSLog.dll 
1/18/2012 9:33:06 PM OK C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\profapi.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\msvcr80.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\msvcp80.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\wow64cpu.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\wow64win.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\wow64.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\cryptbase.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\sspicli.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\shell32.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\usp10.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\user32.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\msvcrt.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\KernelBase.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\imm32.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\ole32.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\shlwapi.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\lpk.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\advapi32.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\rpcrt4.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\sechost.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\msctf.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\psapi.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\gdi32.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\kernel32.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\ntdll.dll 
1/18/2012 9:33:06 PM OK LSSrvc.exe\ntdll.dll 
1/18/2012 9:33:06 PM OK C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\apisetschema.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\ijplmsvc.exe 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\winspool.drv 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\profapi.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\wow64cpu.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\wow64win.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\wow64.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\cryptbase.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\sspicli.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\shell32.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\usp10.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\user32.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\msvcrt.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\KernelBase.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\imm32.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\ole32.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\shlwapi.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\lpk.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\advapi32.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\rpcrt4.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\sechost.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\msctf.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\psapi.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\gdi32.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\kernel32.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\ntdll.dll 
1/18/2012 9:33:06 PM OK ijplmsvc.exe\ntdll.dll 
1/18/2012 9:33:06 PM OK C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\apisetschema.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\ProtectedObjectsSrv.exe 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\winsta.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\RpcRtRemote.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\rsaenh.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\cryptsp.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\secur32.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\wkscli.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\srvcli.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\netutils.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\netapi32.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\profapi.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\userenv.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\wow64cpu.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\wow64win.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\wow64.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\sxs.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\cryptbase.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\sspicli.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\usp10.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\user32.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\msvcrt.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\KernelBase.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\imm32.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\oleaut32.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\ole32.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\lpk.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\advapi32.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\rpcrt4.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\sechost.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\msctf.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\gdi32.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\kernel32.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\clbcatq.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\ntdll.dll 
1/18/2012 9:33:06 PM OK ProtectedObjectsSrv.exe\ntdll.dll 
1/18/2012 9:33:06 PM OK C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe 
1/18/2012 9:33:06 PM OK conhost.exe\user32.dll 
1/18/2012 9:33:06 PM OK conhost.exe\kernel32.dll 
1/18/2012 9:33:06 PM OK conhost.exe\ntdll.dll 
1/18/2012 9:33:06 PM OK conhost.exe\conhost.exe 
1/18/2012 9:33:06 PM OK conhost.exe\WlS0WndH.dll 
1/18/2012 9:33:06 PM OK conhost.exe\KernelBase.dll 
1/18/2012 9:33:06 PM OK conhost.exe\usp10.dll 
1/18/2012 9:33:06 PM OK conhost.exe\imm32.dll 
1/18/2012 9:33:06 PM OK conhost.exe\gdi32.dll 
1/18/2012 9:33:06 PM OK conhost.exe\ole32.dll 
1/18/2012 9:33:06 PM OK conhost.exe\rpcrt4.dll 
1/18/2012 9:33:06 PM OK conhost.exe\lpk.dll 
1/18/2012 9:33:06 PM OK conhost.exe\msvcrt.dll 
1/18/2012 9:33:06 PM OK conhost.exe\oleaut32.dll 
1/18/2012 9:33:06 PM OK conhost.exe\msctf.dll 
1/18/2012 9:33:06 PM OK conhost.exe\apisetschema.dll 
1/18/2012 9:33:06 PM OK C:\Windows\System32\conhost.exe 
1/18/2012 9:33:06 PM OK avp.exe\apisetschema.dll 
1/18/2012 9:33:06 PM OK avp.exe\avp.exe Object was not changed (iChecker) 
1/18/2012 9:33:06 PM OK avp.exe\ntmarta.dll 
1/18/2012 9:33:06 PM OK avp.exe\ManagerObject.dll 
1/18/2012 9:33:06 PM OK avp.exe\webav.kdl 
1/18/2012 9:33:06 PM OK C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ManagerObject.dll 
1/18/2012 9:33:06 PM OK C:\ProgramData\Kaspersky Lab\AVP9\Bases\webav.kdl 
1/18/2012 9:33:06 PM OK avp.exe\ManagerKey.dll 
1/18/2012 9:33:06 PM OK avp.exe\Arj.ppl 
1/18/2012 9:33:06 PM OK C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ManagerKey.dll 
1/18/2012 9:33:06 PM OK avp.exe\clbcatq.dll 
1/18/2012 9:33:06 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\Arj.ppl 
1/18/2012 9:33:06 PM OK avp.exe\ciwBaseLib.dll 
1/18/2012 9:33:06 PM OK avp.exe\basegui.ppl 
1/18/2012 9:33:06 PM OK avp.exe\localization_manager.dll 
1/18/2012 9:33:06 PM OK avp.exe\dblite.dll 
1/18/2012 9:33:06 PM OK avp.exe\kjim.kdl 
1/18/2012 9:33:06 PM OK C:\Windows\SysWOW64\ciwBaseLib.dll 
1/18/2012 9:33:06 PM OK avp.exe\klavemu.kdl 
1/18/2012 9:33:06 PM OK C:\ProgramData\Kaspersky Lab\AVP9\Bases\kjim.kdl 
1/18/2012 9:33:07 PM OK avp.exe\vlns.kdl 
1/18/2012 9:33:07 PM OK C:\ProgramData\Kaspersky Lab\AVP9\Bases\klavemu.kdl 
1/18/2012 9:33:07 PM OK C:\ProgramData\Kaspersky Lab\AVP9\Bases\vlns.kdl 
1/18/2012 9:33:07 PM OK avp.exe\mark.kdl 
1/18/2012 9:33:07 PM OK C:\ProgramData\Kaspersky Lab\AVP9\Bases\mark.kdl 
1/18/2012 9:33:07 PM OK avp.exe\qscan.kdl 
1/18/2012 9:33:07 PM OK C:\ProgramData\Kaspersky Lab\AVP9\Bases\qscan.kdl 
1/18/2012 9:33:07 PM OK avp.exe\kavsys.kdl 
1/18/2012 9:33:07 PM OK avp.exe\kavbase.kdl 
1/18/2012 9:33:07 PM OK C:\ProgramData\Kaspersky Lab\AVP9\Bases\kavsys.kdl 
1/18/2012 9:33:07 PM OK avp.exe\INETRES.dll 
1/18/2012 9:33:07 PM OK C:\ProgramData\Kaspersky Lab\AVP9\Bases\kavbase.kdl 
1/18/2012 9:33:07 PM OK avp.exe\inetcomm.dll 
1/18/2012 9:33:07 PM OK avp.exe\msoert2.dll 
1/18/2012 9:33:07 PM OK avp.exe\oleacc.dll 
1/18/2012 9:33:07 PM OK C:\Windows\SysWOW64\INETRES.dll 
1/18/2012 9:33:07 PM OK avp.exe\avzkrnl.dll 
1/18/2012 9:33:07 PM OK C:\Windows\SysWOW64\msoert2.dll 
1/18/2012 9:33:07 PM OK C:\Windows\SysWOW64\inetcomm.dll 
1/18/2012 9:33:07 PM OK avp.exe\ckahcomm.dll 
1/18/2012 9:33:07 PM OK avp.exe\ckahrule.dll 
1/18/2012 9:33:07 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ckahcomm.dll 
1/18/2012 9:33:07 PM OK avp.exe\ckahstat.dll 
1/18/2012 9:33:07 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avzkrnl.dll 
1/18/2012 9:33:08 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ckahrule.dll 
1/18/2012 9:33:08 PM OK avp.exe\ckahum.dll 
1/18/2012 9:33:08 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ckahstat.dll 
1/18/2012 9:33:08 PM OK avp.exe\clldr.dll Object was not changed (iChecker) 
1/18/2012 9:33:08 PM OK avp.exe\CryptoContainer.dll 
1/18/2012 9:33:08 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ckahum.dll 
1/18/2012 9:33:08 PM OK avp.exe\diffs.dll 
1/18/2012 9:33:08 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\CryptoContainer.dll 
1/18/2012 9:33:08 PM OK avp.exe\ICQprtc.dll 
1/18/2012 9:33:08 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\diffs.dll 
1/18/2012 9:33:08 PM OK avp.exe\IRCprtc.dll 
1/18/2012 9:33:08 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ICQprtc.dll 
1/18/2012 9:33:08 PM OK avp.exe\JBRprtc.dll 
1/18/2012 9:33:08 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\IRCprtc.dll 
1/18/2012 9:33:08 PM OK avp.exe\memmng.dll 
1/18/2012 9:33:08 PM OK avp.exe\MMPprtc.dll 
1/18/2012 9:33:08 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\JBRprtc.dll 
1/18/2012 9:33:08 PM OK avp.exe\MSNprtc.dll 
1/18/2012 9:33:08 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\MMPprtc.dll 
1/18/2012 9:33:08 PM OK avp.exe\prloader.dll Object was not changed (iChecker) 
1/18/2012 9:33:08 PM OK avp.exe\prremote.dll Object was not changed (iChecker) 
1/18/2012 9:33:08 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\MSNprtc.dll 
1/18/2012 9:33:08 PM OK avp.exe\QtCore4.dll Object was not changed (iChecker) 
1/18/2012 9:33:08 PM OK avp.exe\QtGui4.dll Object was not changed (iChecker) 
1/18/2012 9:33:08 PM OK avp.exe\updater.dll 
1/18/2012 9:33:08 PM OK avp.exe\ushata.dll Object was not changed (iChecker) 
1/18/2012 9:33:08 PM OK avp.exe\Yhoprtc.dll 
1/18/2012 9:33:08 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\updater.dll 
1/18/2012 9:33:08 PM OK avp.exe\ahids.ppl 
1/18/2012 9:33:08 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\Yhoprtc.dll 
1/18/2012 9:33:08 PM OK avp.exe\antispam.ppl 
1/18/2012 9:33:08 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ahids.ppl 
1/18/2012 9:33:08 PM OK avp.exe\avlib.ppl 
1/18/2012 9:33:08 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\antispam.ppl 
1/18/2012 9:33:08 PM OK avp.exe\avpgs.ppl 
1/18/2012 9:33:08 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avlib.ppl 
1/18/2012 9:33:08 PM OK avp.exe\mlang.dll 
1/18/2012 9:33:08 PM OK avp.exe\avs.ppl 
1/18/2012 9:33:08 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avpgs.ppl 
1/18/2012 9:33:08 PM OK avp.exe\avspm.ppl 
1/18/2012 9:33:08 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avs.ppl 
1/18/2012 9:33:08 PM OK avp.exe\avzscan.ppl 
1/18/2012 9:33:08 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avspm.ppl 
1/18/2012 9:33:09 PM OK avp.exe\backup.ppl 
1/18/2012 9:33:09 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avzscan.ppl 
1/18/2012 9:33:09 PM OK avp.exe\bl.ppl 
1/18/2012 9:33:09 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\backup.ppl 
1/18/2012 9:33:09 PM OK avp.exe\btdisk.ppl 
1/18/2012 9:33:09 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\bl.ppl 
1/18/2012 9:33:09 PM OK avp.exe\btimages.ppl 
1/18/2012 9:33:09 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\btdisk.ppl 
1/18/2012 9:33:09 PM OK avp.exe\buffer.ppl 
1/18/2012 9:33:09 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\btimages.ppl 
1/18/2012 9:33:09 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\buffer.ppl 
1/18/2012 9:33:09 PM OK avp.exe\CAB.ppl 
1/18/2012 9:33:09 PM OK avp.exe\ComStmIO.ppl 
1/18/2012 9:33:09 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\CAB.ppl 
1/18/2012 9:33:09 PM OK avp.exe\crpthlpr.ppl 
1/18/2012 9:33:09 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ComStmIO.ppl 
1/18/2012 9:33:09 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\crpthlpr.ppl 
1/18/2012 9:33:09 PM OK avp.exe\deflate.ppl 
1/18/2012 9:33:09 PM OK avp.exe\DMAP.ppl 
1/18/2012 9:33:09 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\deflate.ppl 
1/18/2012 9:33:09 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\DMAP.ppl 
1/18/2012 9:33:09 PM OK avp.exe\dtreg.ppl 
1/18/2012 9:33:09 PM OK avp.exe\extlprtc.ppl 
1/18/2012 9:33:09 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\dtreg.ppl 
1/18/2012 9:33:09 PM OK avp.exe\filemap.ppl 
1/18/2012 9:33:09 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\extlprtc.ppl 
1/18/2012 9:33:09 PM OK avp.exe\FsDrvPlg.ppl Object was not changed (iChecker) 
1/18/2012 9:33:09 PM OK avp.exe\HASHMD5.PPL Object was not changed (iChecker) 
1/18/2012 9:33:09 PM OK avp.exe\HashSha1.ppl 
1/18/2012 9:33:09 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\filemap.ppl 
1/18/2012 9:33:09 PM OK avp.exe\hips.ppl 
1/18/2012 9:33:09 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\HashSha1.ppl 
1/18/2012 9:33:09 PM OK avp.exe\httpanlz.ppl 
1/18/2012 9:33:09 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\hips.ppl 
1/18/2012 9:33:09 PM OK avp.exe\httpscan.ppl 
1/18/2012 9:33:09 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\httpanlz.ppl 
1/18/2012 9:33:09 PM OK avp.exe\icheck3.ppl 
1/18/2012 9:33:10 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\httpscan.ppl 
1/18/2012 9:33:10 PM OK avp.exe\IMAPprtc.ppl 
1/18/2012 9:33:10 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\icheck3.ppl 
1/18/2012 9:33:10 PM OK avp.exe\imc.ppl 
1/18/2012 9:33:10 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\IMAPprtc.ppl 
1/18/2012 9:33:10 PM OK avp.exe\Inflate.ppl 
1/18/2012 9:33:10 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\imc.ppl 
1/18/2012 9:33:10 PM OK avp.exe\inifile.ppl 
1/18/2012 9:33:10 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\Inflate.ppl 
1/18/2012 9:33:10 PM OK avp.exe\klsrlsvc.ppl 
1/18/2012 9:33:10 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\inifile.ppl 
1/18/2012 9:33:10 PM OK avp.exe\lha.ppl 
1/18/2012 9:33:10 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klsrlsvc.ppl 
1/18/2012 9:33:10 PM OK avp.exe\lic.ppl 
1/18/2012 9:33:10 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\lha.ppl 
1/18/2012 9:33:10 PM OK avp.exe\maildisp.ppl 
1/18/2012 9:33:10 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\lic.ppl 
1/18/2012 9:33:10 PM OK avp.exe\MailMsg.ppl 
1/18/2012 9:33:10 PM OK avp.exe\mc.ppl 
1/18/2012 9:33:10 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\maildisp.ppl 
1/18/2012 9:33:10 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\MailMsg.ppl 
1/18/2012 9:33:10 PM OK avp.exe\mdb.ppl 
1/18/2012 9:33:10 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\mc.ppl 
1/18/2012 9:33:10 PM OK avp.exe\MDMAP.ppl 
1/18/2012 9:33:10 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\mdb.ppl 
1/18/2012 9:33:10 PM OK avp.exe\MemModSc.ppl 
1/18/2012 9:33:10 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\MDMAP.ppl 
1/18/2012 9:33:10 PM OK avp.exe\MemScan.ppl 
1/18/2012 9:33:10 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\MemModSc.ppl 
1/18/2012 9:33:10 PM OK avp.exe\minizip.ppl 
1/18/2012 9:33:10 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\MemScan.ppl 
1/18/2012 9:33:10 PM OK avp.exe\mkavio.ppl Object was not changed (iChecker) 
1/18/2012 9:33:10 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\minizip.ppl 
1/18/2012 9:33:10 PM OK avp.exe\msoe.ppl 
1/18/2012 9:33:10 PM OK avp.exe\ndetect.ppl 
1/18/2012 9:33:10 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\msoe.ppl 
1/18/2012 9:33:10 PM OK avp.exe\netwatch.ppl 
1/18/2012 9:33:10 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ndetect.ppl 
1/18/2012 9:33:11 PM OK avp.exe\nfio.ppl Object was not changed (iChecker) 
1/18/2012 9:33:11 PM OK avp.exe\NNTPprtc.ppl 
1/18/2012 9:33:11 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\netwatch.ppl 
1/18/2012 9:33:11 PM OK avp.exe\NTFSstrm.ppl 
1/18/2012 9:33:11 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\NNTPprtc.ppl 
1/18/2012 9:33:11 PM OK avp.exe\oas.ppl 
1/18/2012 9:33:11 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\NTFSstrm.ppl 
1/18/2012 9:33:11 PM OK avp.exe\ods.ppl 
1/18/2012 9:33:11 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\oas.ppl 
1/18/2012 9:33:11 PM OK avp.exe\params.ppl Object was not changed (iChecker) 
1/18/2012 9:33:11 PM OK avp.exe\pdm2rt.ppl 
1/18/2012 9:33:11 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ods.ppl 
1/18/2012 9:33:11 PM OK avp.exe\POP3prtc.ppl 
1/18/2012 9:33:11 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\pdm2rt.ppl 
1/18/2012 9:33:11 PM OK avp.exe\procmon.ppl 
1/18/2012 9:33:11 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\POP3prtc.ppl 
1/18/2012 9:33:11 PM OK avp.exe\propmap.ppl 
1/18/2012 9:33:11 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\procmon.ppl 
1/18/2012 9:33:11 PM OK avp.exe\ProxyDet.ppl 
1/18/2012 9:33:11 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\propmap.ppl 
1/18/2012 9:33:11 PM OK avp.exe\prseqio.ppl 
1/18/2012 9:33:11 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ProxyDet.ppl 
1/18/2012 9:33:11 PM OK avp.exe\PrUpdate.ppl 
1/18/2012 9:33:11 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\prseqio.ppl 
1/18/2012 9:33:11 PM OK avp.exe\PrUtil.ppl 
1/18/2012 9:33:11 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\PrUpdate.ppl 
1/18/2012 9:33:11 PM OK avp.exe\pxstub.ppl 
1/18/2012 9:33:11 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\PrUtil.ppl 
1/18/2012 9:33:11 PM OK avp.exe\qb.ppl 
1/18/2012 9:33:11 PM OK avp.exe\quantum.ppl 
1/18/2012 9:33:11 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\qb.ppl 
1/18/2012 9:33:11 PM OK avp.exe\rar.ppl 
1/18/2012 9:33:11 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\quantum.ppl 
1/18/2012 9:33:11 PM OK avp.exe\regmap.ppl 
1/18/2012 9:33:11 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\rar.ppl 
1/18/2012 9:33:11 PM OK avp.exe\report.ppl 
1/18/2012 9:33:11 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\regmap.ppl 
1/18/2012 9:33:11 PM OK avp.exe\reportdb.ppl 
1/18/2012 9:33:11 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\report.ppl 
1/18/2012 9:33:11 PM OK avp.exe\sandbox.ppl Object was not changed (iChecker) 
1/18/2012 9:33:11 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\reportdb.ppl 
1/18/2012 9:33:11 PM OK avp.exe\sc.ppl 
1/18/2012 9:33:12 PM OK avp.exe\schedule.ppl 
1/18/2012 9:33:12 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\sc.ppl 
1/18/2012 9:33:12 PM OK avp.exe\SFDB.PPL 
1/18/2012 9:33:12 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\schedule.ppl 
1/18/2012 9:33:12 PM OK avp.exe\SMTPprtc.ppl 
1/18/2012 9:33:12 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\SFDB.PPL 
1/18/2012 9:33:12 PM OK avp.exe\stat.ppl 
1/18/2012 9:33:12 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\SMTPprtc.ppl 
1/18/2012 9:33:12 PM OK avp.exe\StdComp.ppl 
1/18/2012 9:33:12 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\stat.ppl 
1/18/2012 9:33:12 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\StdComp.ppl 
1/18/2012 9:33:12 PM OK avp.exe\StEnum2.ppl 
1/18/2012 9:33:12 PM OK avp.exe\syswatch.ppl 
1/18/2012 9:33:12 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\StEnum2.ppl 
1/18/2012 9:33:12 PM OK avp.exe\thpimpl.ppl Object was not changed (iChecker) 
1/18/2012 9:33:12 PM OK avp.exe\timer.ppl 
1/18/2012 9:33:12 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\syswatch.ppl 
1/18/2012 9:33:12 PM OK avp.exe\tm.ppl 
1/18/2012 9:33:12 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\timer.ppl 
1/18/2012 9:33:12 PM OK avp.exe\TrafMon2.ppl 
1/18/2012 9:33:12 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\tm.ppl 
1/18/2012 9:33:12 PM OK avp.exe\UniArc.ppl 
1/18/2012 9:33:12 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\TrafMon2.ppl 
1/18/2012 9:33:12 PM OK avp.exe\UnLZX.ppl 
1/18/2012 9:33:12 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\UniArc.ppl 
1/18/2012 9:33:12 PM OK avp.exe\UnStored.ppl 
1/18/2012 9:33:12 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\UnLZX.ppl 
1/18/2012 9:33:12 PM OK avp.exe\urlflt.ppl 
1/18/2012 9:33:12 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\UnStored.ppl 
1/18/2012 9:33:12 PM OK avp.exe\volenum.ppl 
1/18/2012 9:33:12 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\urlflt.ppl 
1/18/2012 9:33:12 PM OK avp.exe\WDiskIO.ppl 
1/18/2012 9:33:12 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\volenum.ppl 
1/18/2012 9:33:12 PM OK avp.exe\webnetstat.ppl 
1/18/2012 9:33:12 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\WDiskIO.ppl 
1/18/2012 9:33:12 PM OK avp.exe\WinReg.ppl Object was not changed (iChecker) 
1/18/2012 9:33:12 PM OK avp.exe\wmihlpr.ppl 
1/18/2012 9:33:12 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\webnetstat.ppl 
1/18/2012 9:33:12 PM OK avp.exe\pdm.kdl 
1/18/2012 9:33:12 PM OK avp.exe\winsta.dll 
1/18/2012 9:33:12 PM OK avp.exe\mapi32.dll 
1/18/2012 9:33:12 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\wmihlpr.ppl 
1/18/2012 9:33:12 PM OK avp.exe\msi.dll 
1/18/2012 9:33:12 PM OK C:\ProgramData\Kaspersky Lab\AVP9\Bases\pdm.kdl 
1/18/2012 9:33:12 PM OK avp.exe\devrtl.dll 
1/18/2012 9:33:12 PM OK avp.exe\cabinet.dll 
1/18/2012 9:33:12 PM OK avp.exe\SensApi.dll 
1/18/2012 9:33:12 PM OK avp.exe\cryptnet.dll 
1/18/2012 9:33:12 PM OK avp.exe\gpapi.dll 
1/18/2012 9:33:12 PM OK avp.exe\bcryptprimitives.dll 
1/18/2012 9:33:12 PM OK avp.exe\bcrypt.dll 
1/18/2012 9:33:12 PM OK avp.exe\ncrypt.dll 
1/18/2012 9:33:12 PM OK avp.exe\comctl32.dll 
1/18/2012 9:33:12 PM OK avp.exe\dhcpcsvc6.dll 
1/18/2012 9:33:12 PM OK avp.exe\dhcpcsvc.dll 
1/18/2012 9:33:12 PM OK avp.exe\wlanutil.dll 
1/18/2012 9:33:12 PM OK C:\Windows\SysWOW64\mapi32.dll 
1/18/2012 9:33:12 PM OK avp.exe\wlanapi.dll 
1/18/2012 9:33:13 PM OK avp.exe\wsock32.dll 
1/18/2012 9:33:13 PM OK avp.exe\rasman.dll 
1/18/2012 9:33:13 PM OK avp.exe\rasapi32.dll 
1/18/2012 9:33:13 PM OK avp.exe\FWPUCLNT.DLL 
1/18/2012 9:33:13 PM OK avp.exe\rasadhlp.dll 
1/18/2012 9:33:13 PM OK avp.exe\winrnr.dll 
1/18/2012 9:33:13 PM OK avp.exe\dnsapi.dll 
1/18/2012 9:33:13 PM OK avp.exe\WLIDNSP.DLL 
1/18/2012 9:33:13 PM OK avp.exe\pnrpnsp.dll 
1/18/2012 9:33:13 PM OK C:\Windows\SysWOW64\wlanutil.dll 
1/18/2012 9:33:13 PM OK avp.exe\NapiNSP.dll 
1/18/2012 9:33:13 PM OK avp.exe\nlaapi.dll 
1/18/2012 9:33:13 PM OK avp.exe\wship6.dll 
1/18/2012 9:33:13 PM OK avp.exe\WSHTCPIP.DLL 
1/18/2012 9:33:13 PM OK avp.exe\mswsock.dll 
1/18/2012 9:33:13 PM OK avp.exe\samcli.dll 
1/18/2012 9:33:13 PM OK avp.exe\winnsi.dll 
1/18/2012 9:33:13 PM OK avp.exe\IPHLPAPI.DLL 
1/18/2012 9:33:13 PM OK avp.exe\mpr.dll 
1/18/2012 9:33:13 PM OK avp.exe\winspool.drv 
1/18/2012 9:33:13 PM OK avp.exe\RpcRtRemote.dll 
1/18/2012 9:33:13 PM OK avp.exe\rsaenh.dll 
1/18/2012 9:33:13 PM OK avp.exe\cryptsp.dll 
1/18/2012 9:33:13 PM OK avp.exe\secur32.dll 
1/18/2012 9:33:13 PM OK avp.exe\wkscli.dll 
1/18/2012 9:33:13 PM OK avp.exe\srvcli.dll 
1/18/2012 9:33:13 PM OK C:\Windows\SysWOW64\wlanapi.dll 
1/18/2012 9:33:13 PM OK avp.exe\netutils.dll 
1/18/2012 9:33:13 PM OK avp.exe\netapi32.dll 
1/18/2012 9:33:13 PM OK avp.exe\profapi.dll 
1/18/2012 9:33:13 PM OK avp.exe\userenv.dll 
1/18/2012 9:33:13 PM OK avp.exe\fltLib.dll 
1/18/2012 9:33:13 PM OK avp.exe\fssync.dll 
1/18/2012 9:33:13 PM OK avp.exe\msvcr80.dll 
1/18/2012 9:33:13 PM OK avp.exe\msvcp80.dll 
1/18/2012 9:33:13 PM OK avp.exe\winmm.dll 
1/18/2012 9:33:13 PM OK avp.exe\apphelp.dll 
1/18/2012 9:33:13 PM OK avp.exe\wtsapi32.dll 
1/18/2012 9:33:13 PM OK avp.exe\version.dll 
1/18/2012 9:33:13 PM OK avp.exe\wow64cpu.dll 
1/18/2012 9:33:13 PM OK avp.exe\wow64win.dll 
1/18/2012 9:33:13 PM OK avp.exe\wow64.dll 
1/18/2012 9:33:13 PM OK avp.exe\credssp.dll 
1/18/2012 9:33:13 PM OK avp.exe\sxs.dll 
1/18/2012 9:33:13 PM OK avp.exe\rtutils.dll 
1/18/2012 9:33:13 PM OK avp.exe\msimg32.dll 
1/18/2012 9:33:13 PM OK avp.exe\linkinfo.dll 
1/18/2012 9:33:13 PM OK avp.exe\propsys.dll 
1/18/2012 9:33:13 PM OK avp.exe\cscapi.dll 
1/18/2012 9:33:13 PM OK avp.exe\samlib.dll 
1/18/2012 9:33:13 PM OK avp.exe\webio.dll 
1/18/2012 9:33:13 PM OK avp.exe\winhttp.dll 
1/18/2012 9:33:13 PM OK C:\Windows\SysWOW64\webio.dll 
1/18/2012 9:33:13 PM OK avp.exe\cryptbase.dll 
1/18/2012 9:33:13 PM OK avp.exe\sspicli.dll 
1/18/2012 9:33:13 PM OK avp.exe\shell32.dll 
1/18/2012 9:33:13 PM OK avp.exe\urlmon.dll 
1/18/2012 9:33:13 PM OK avp.exe\usp10.dll 
1/18/2012 9:33:13 PM OK avp.exe\user32.dll 
1/18/2012 9:33:13 PM OK avp.exe\nsi.dll 
1/18/2012 9:33:13 PM OK avp.exe\msvcrt.dll 
1/18/2012 9:33:13 PM OK avp.exe\KernelBase.dll 
1/18/2012 9:33:13 PM OK avp.exe\imm32.dll 
1/18/2012 9:33:13 PM OK avp.exe\oleaut32.dll 
1/18/2012 9:33:13 PM OK avp.exe\ws2_32.dll 
1/18/2012 9:33:13 PM OK avp.exe\wininet.dll 
1/18/2012 9:33:13 PM OK avp.exe\ole32.dll 
1/18/2012 9:33:13 PM OK avp.exe\shlwapi.dll 
1/18/2012 9:33:13 PM OK avp.exe\setupapi.dll 
1/18/2012 9:33:13 PM OK avp.exe\lpk.dll 
1/18/2012 9:33:13 PM OK avp.exe\imagehlp.dll 
1/18/2012 9:33:13 PM OK avp.exe\advapi32.dll 
1/18/2012 9:33:13 PM OK avp.exe\rpcrt4.dll 
1/18/2012 9:33:13 PM OK avp.exe\crypt32.dll 
1/18/2012 9:33:13 PM OK avp.exe\devobj.dll 
1/18/2012 9:33:13 PM OK avp.exe\cfgmgr32.dll 
1/18/2012 9:33:13 PM OK avp.exe\sechost.dll 
1/18/2012 9:33:13 PM OK avp.exe\comdlg32.dll 
1/18/2012 9:33:13 PM OK avp.exe\msctf.dll 
1/18/2012 9:33:13 PM OK avp.exe\iertutil.dll 
1/18/2012 9:33:13 PM OK avp.exe\psapi.dll 
1/18/2012 9:33:13 PM OK avp.exe\Wldap32.dll 
1/18/2012 9:33:13 PM OK avp.exe\gdi32.dll 
1/18/2012 9:33:13 PM OK avp.exe\kernel32.dll 
1/18/2012 9:33:13 PM OK avp.exe\wintrust.dll 
1/18/2012 9:33:13 PM OK avp.exe\ntdll.dll 
1/18/2012 9:33:13 PM OK avp.exe\msasn1.dll 
1/18/2012 9:33:13 PM OK avp.exe\ntdll.dll 
1/18/2012 9:33:13 PM OK C:\Windows\SysWOW64\winhttp.dll 
1/18/2012 9:33:13 PM OK RAIDXpert.exe\apisetschema.dll 
1/18/2012 9:33:13 PM OK RAIDXpert.exe\RAIDXpert.exe 
1/18/2012 9:33:13 PM OK RAIDXpert.exe\prerrlog.dll 
1/18/2012 9:33:13 PM OK C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe 
1/18/2012 9:33:13 PM OK RAIDXpert.exe\prdecode.dll 
1/18/2012 9:33:13 PM OK C:\Windows\SysWOW64\prerrlog.dll 
1/18/2012 9:33:13 PM OK RAIDXpert.exe\pri2plgnnapa.dll 
1/18/2012 9:33:13 PM OK C:\Windows\SysWOW64\prdecode.dll 
1/18/2012 9:33:13 PM OK C:\Windows\SysWOW64\pri2plgnnapa.dll 
1/18/2012 9:33:13 PM OK RAIDXpert.exe\libxml2.dll 
1/18/2012 9:33:13 PM OK RAIDXpert.exe\pmsjni.dll 
1/18/2012 9:33:13 PM OK C:\Windows\SysWOW64\libxml2.dll 
1/18/2012 9:33:13 PM OK RAIDXpert.exe\hpi.dll 
1/18/2012 9:33:13 PM OK C:\Windows\SysWOW64\pmsjni.dll 
1/18/2012 9:33:13 PM OK RAIDXpert.exe\java.dll 
1/18/2012 9:33:13 PM OK C:\Program Files (x86)\AMD\RAIDXpert\_jvm\bin\hpi.dll 
1/18/2012 9:33:13 PM OK C:\Program Files (x86)\AMD\RAIDXpert\_jvm\bin\java.dll 
1/18/2012 9:33:13 PM OK RAIDXpert.exe\management.dll 
1/18/2012 9:33:13 PM OK C:\Program Files (x86)\AMD\RAIDXpert\_jvm\bin\management.dll 
1/18/2012 9:33:13 PM OK RAIDXpert.exe\net.dll 
1/18/2012 9:33:13 PM OK C:\Program Files (x86)\AMD\RAIDXpert\_jvm\bin\net.dll 
1/18/2012 9:33:13 PM OK RAIDXpert.exe\nio.dll 
1/18/2012 9:33:13 PM OK RAIDXpert.exe\verify.dll 
1/18/2012 9:33:13 PM OK C:\Program Files (x86)\AMD\RAIDXpert\_jvm\bin\nio.dll 
1/18/2012 9:33:13 PM OK RAIDXpert.exe\zip.dll 
1/18/2012 9:33:13 PM OK C:\Program Files (x86)\AMD\RAIDXpert\_jvm\bin\verify.dll 
1/18/2012 9:33:13 PM OK C:\Program Files (x86)\AMD\RAIDXpert\_jvm\bin\zip.dll 
1/18/2012 9:33:13 PM OK RAIDXpert.exe\jvm.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\FWPUCLNT.DLL 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\rasadhlp.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\winrnr.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\dnsapi.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\WLIDNSP.DLL 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\pnrpnsp.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\NapiNSP.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\nlaapi.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\wship6.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\WSHTCPIP.DLL 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\mswsock.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\winnsi.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\IPHLPAPI.DLL 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\rsaenh.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\cryptsp.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\profapi.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\userenv.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\winmm.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\apphelp.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\wtsapi32.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\wow64cpu.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\wow64win.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\wow64.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\cryptbase.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\sspicli.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\shell32.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\usp10.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\user32.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\nsi.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\msvcrt.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\KernelBase.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\imm32.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\ws2_32.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\ole32.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\shlwapi.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\lpk.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\advapi32.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\rpcrt4.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\sechost.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\msctf.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\psapi.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\gdi32.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\kernel32.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\ntdll.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\ntdll.dll 
1/18/2012 9:33:14 PM OK RAIDXpert.exe\msvcr71.dll Object was not changed (iChecker) 
1/18/2012 9:33:14 PM OK C:\Program Files (x86)\AMD\RAIDXpert\_jvm\bin\client\jvm.dll 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\apisetschema.dll 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\RAIDXpertService.exe 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\apphelp.dll 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\wtsapi32.dll 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\wow64cpu.dll 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\wow64win.dll 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\wow64.dll 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\cryptbase.dll 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\sspicli.dll 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\usp10.dll 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\user32.dll 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\msvcrt.dll 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\KernelBase.dll 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\imm32.dll 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\lpk.dll 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\advapi32.dll 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\rpcrt4.dll 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\sechost.dll 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\msctf.dll 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\gdi32.dll 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\kernel32.dll 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\ntdll.dll 
1/18/2012 9:33:14 PM OK RAIDXpertService.exe\ntdll.dll 
1/18/2012 9:33:14 PM OK C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\apisetschema.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\WVSScheduler.exe 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\pcre.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\msxml4.dll Object was not changed (iChecker) 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\comctl32.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\version.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\wow64cpu.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\wow64win.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\wow64.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\cryptbase.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\sspicli.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\usp10.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\user32.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\msvcrt.dll 
1/18/2012 9:33:14 PM OK C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 6\WVSScheduler.exe 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\KernelBase.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\imm32.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\oleaut32.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\ole32.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\shlwapi.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\lpk.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\advapi32.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\rpcrt4.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\sechost.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\msctf.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\gdi32.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\kernel32.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\clbcatq.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\ntdll.dll 
1/18/2012 9:33:14 PM OK WVSScheduler.exe\ntdll.dll 
1/18/2012 9:33:14 PM OK C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 6\pcre.dll 
1/18/2012 9:33:14 PM OK svchost.exe\user32.dll 
1/18/2012 9:33:14 PM OK svchost.exe\kernel32.dll 
1/18/2012 9:33:14 PM OK svchost.exe\ntdll.dll 
1/18/2012 9:33:14 PM OK svchost.exe\svchost.exe 
1/18/2012 9:33:14 PM OK svchost.exe\radardt.dll 
1/18/2012 9:33:14 PM OK svchost.exe\diagperf.dll 
1/18/2012 9:33:14 PM OK C:\Windows\System32\radardt.dll 
1/18/2012 9:33:14 PM OK svchost.exe\wdiasqmmodule.dll 
1/18/2012 9:33:14 PM OK svchost.exe\wdi.dll 
1/18/2012 9:33:14 PM OK C:\Windows\System32\diagperf.dll 
1/18/2012 9:33:14 PM OK svchost.exe\npmproxy.dll 
1/18/2012 9:33:14 PM OK svchost.exe\netprofm.dll 
1/18/2012 9:33:14 PM OK C:\Windows\System32\wdiasqmmodule.dll 
1/18/2012 9:33:14 PM OK svchost.exe\taskschd.dll 
1/18/2012 9:33:14 PM OK svchost.exe\dps.dll 
1/18/2012 9:33:14 PM OK C:\Windows\System32\wdi.dll 
1/18/2012 9:33:14 PM OK svchost.exe\wfapigp.dll 
1/18/2012 9:33:14 PM OK C:\Windows\System32\dps.dll 
1/18/2012 9:33:14 PM OK svchost.exe\MPSSVC.dll 
1/18/2012 9:33:14 PM OK C:\Windows\System32\wfapigp.dll 
1/18/2012 9:33:14 PM OK svchost.exe\BFE.DLL 
1/18/2012 9:33:14 PM OK C:\Windows\System32\MPSSVC.dll 
1/18/2012 9:33:14 PM OK svchost.exe\dhcpcsvc6.dll 
1/18/2012 9:33:14 PM OK svchost.exe\dhcpcsvc.dll 
1/18/2012 9:33:14 PM OK svchost.exe\FWPUCLNT.DLL 
1/18/2012 9:33:14 PM OK svchost.exe\winnsi.dll 
1/18/2012 9:33:14 PM OK svchost.exe\IPHLPAPI.DLL 
1/18/2012 9:33:14 PM OK svchost.exe\slc.dll 
1/18/2012 9:33:14 PM OK svchost.exe\nlaapi.dll 
1/18/2012 9:33:14 PM OK svchost.exe\ntmarta.dll 
1/18/2012 9:33:14 PM OK svchost.exe\version.dll 
1/18/2012 9:33:14 PM OK svchost.exe\FirewallAPI.dll 
1/18/2012 9:33:14 PM OK svchost.exe\wtsapi32.dll 
1/18/2012 9:33:14 PM OK svchost.exe\WSHTCPIP.DLL 
1/18/2012 9:33:14 PM OK svchost.exe\gpapi.dll 
1/18/2012 9:33:14 PM OK svchost.exe\userenv.dll 
1/18/2012 9:33:14 PM OK svchost.exe\credssp.dll 
1/18/2012 9:33:14 PM OK svchost.exe\pcwum.dll 
1/18/2012 9:33:14 PM OK svchost.exe\winsta.dll 
1/18/2012 9:33:14 PM OK svchost.exe\rsaenh.dll 
1/18/2012 9:33:14 PM OK svchost.exe\wship6.dll 
1/18/2012 9:33:14 PM OK svchost.exe\mswsock.dll 
1/18/2012 9:33:14 PM OK svchost.exe\cryptsp.dll 
1/18/2012 9:33:14 PM OK svchost.exe\bcrypt.dll 
1/18/2012 9:33:14 PM OK svchost.exe\authz.dll 
1/18/2012 9:33:14 PM OK svchost.exe\secur32.dll 
1/18/2012 9:33:14 PM OK svchost.exe\sspicli.dll 
1/18/2012 9:33:14 PM OK svchost.exe\cryptbase.dll 
1/18/2012 9:33:14 PM OK svchost.exe\RpcRtRemote.dll 
1/18/2012 9:33:14 PM OK svchost.exe\profapi.dll 
1/18/2012 9:33:14 PM OK svchost.exe\KernelBase.dll 
1/18/2012 9:33:14 PM OK svchost.exe\cfgmgr32.dll 
1/18/2012 9:33:14 PM OK svchost.exe\advapi32.dll 
1/18/2012 9:33:14 PM OK svchost.exe\usp10.dll 
1/18/2012 9:33:14 PM OK svchost.exe\nsi.dll 
1/18/2012 9:33:14 PM OK svchost.exe\ws2_32.dll 
1/18/2012 9:33:14 PM OK svchost.exe\imm32.dll 
1/18/2012 9:33:14 PM OK svchost.exe\sechost.dll 
1/18/2012 9:33:14 PM OK svchost.exe\shlwapi.dll 
1/18/2012 9:33:14 PM OK svchost.exe\gdi32.dll 
1/18/2012 9:33:14 PM OK svchost.exe\ole32.dll 
1/18/2012 9:33:14 PM OK svchost.exe\clbcatq.dll 
1/18/2012 9:33:14 PM OK svchost.exe\rpcrt4.dll 
1/18/2012 9:33:14 PM OK svchost.exe\Wldap32.dll 
1/18/2012 9:33:14 PM OK svchost.exe\lpk.dll 
1/18/2012 9:33:14 PM OK svchost.exe\msvcrt.dll 
1/18/2012 9:33:14 PM OK svchost.exe\oleaut32.dll 
1/18/2012 9:33:14 PM OK svchost.exe\msctf.dll 
1/18/2012 9:33:14 PM OK svchost.exe\apisetschema.dll 
1/18/2012 9:33:14 PM OK C:\Windows\System32\BFE.DLL 
1/18/2012 9:33:14 PM OK atieclxx.exe\user32.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\kernel32.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\ntdll.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\atieclxx.exe 
1/18/2012 9:33:14 PM OK atieclxx.exe\atiadlxx.dll 
1/18/2012 9:33:14 PM OK C:\Windows\System32\atieclxx.exe 
1/18/2012 9:33:14 PM OK atieclxx.exe\dwmapi.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\uxtheme.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\powrprof.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\wtsapi32.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\userenv.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\winsta.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\profapi.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\msasn1.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\KernelBase.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\crypt32.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\wintrust.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\cfgmgr32.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\devobj.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\advapi32.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\usp10.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\imm32.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\sechost.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\setupapi.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\gdi32.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\ole32.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\rpcrt4.dll 
1/18/2012 9:33:14 PM OK C:\Windows\System32\atiadlxx.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\lpk.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\msvcrt.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\oleaut32.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\msctf.dll 
1/18/2012 9:33:14 PM OK atieclxx.exe\apisetschema.dll 
1/18/2012 9:33:14 PM OK svchost.exe\user32.dll 
1/18/2012 9:33:14 PM OK svchost.exe\kernel32.dll 
1/18/2012 9:33:14 PM OK svchost.exe\ntdll.dll 
1/18/2012 9:33:14 PM OK svchost.exe\psapi.dll 
1/18/2012 9:33:14 PM OK svchost.exe\svchost.exe 
1/18/2012 9:33:14 PM OK svchost.exe\termsrv.dll 
1/18/2012 9:33:14 PM OK svchost.exe\esent.dll 
1/18/2012 9:33:14 PM OK svchost.exe\vss_ps.dll 
1/18/2012 9:33:14 PM OK svchost.exe\rasadhlp.dll 
1/18/2012 9:33:14 PM OK svchost.exe\WLIDNSP.DLL 
1/18/2012 9:33:14 PM OK svchost.exe\hidphone.tsp 
1/18/2012 9:33:14 PM OK svchost.exe\ndptsp.tsp 
1/18/2012 9:33:14 PM OK C:\Windows\System32\hidphone.tsp 
1/18/2012 9:33:14 PM OK C:\Windows\System32\termsrv.dll 
1/18/2012 9:33:14 PM OK svchost.exe\kmddsp.tsp 
1/18/2012 9:33:14 PM OK C:\Windows\System32\ndptsp.tsp 
1/18/2012 9:33:14 PM OK svchost.exe\uniplat.dll 
1/18/2012 9:33:14 PM OK C:\Windows\System32\kmddsp.tsp 
1/18/2012 9:33:14 PM OK svchost.exe\unimdm.tsp 
1/18/2012 9:33:14 PM OK C:\Windows\System32\uniplat.dll 
1/18/2012 9:33:14 PM OK svchost.exe\msxml3.dll 
1/18/2012 9:33:14 PM OK svchost.exe\cabinet.dll 
1/18/2012 9:33:14 PM OK svchost.exe\SensApi.dll 
1/18/2012 9:33:14 PM OK svchost.exe\cryptnet.dll 
1/18/2012 9:33:14 PM OK svchost.exe\tapisrv.dll 
1/18/2012 9:33:14 PM OK C:\Windows\System32\unimdm.tsp 
1/18/2012 9:33:14 PM OK svchost.exe\ssdpapi.dll 
1/18/2012 9:33:14 PM OK svchost.exe\webio.dll 
1/18/2012 9:33:14 PM OK svchost.exe\winhttp.dll 
1/18/2012 9:33:14 PM OK svchost.exe\ncsi.dll 
1/18/2012 9:33:14 PM OK C:\Windows\System32\tapisrv.dll 
1/18/2012 9:33:14 PM OK svchost.exe\nlasvc.dll 
1/18/2012 9:33:14 PM OK svchost.exe\vsstrace.dll 
1/18/2012 9:33:14 PM OK svchost.exe\vssapi.dll 
1/18/2012 9:33:14 PM OK svchost.exe\cryptsvc.dll 
1/18/2012 9:33:14 PM OK C:\Windows\System32\ncsi.dll 
1/18/2012 9:33:14 PM OK C:\Windows\System32\nlasvc.dll 
1/18/2012 9:33:14 PM OK svchost.exe\wkssvc.dll 
1/18/2012 9:33:14 PM OK C:\Windows\System32\cryptsvc.dll 
1/18/2012 9:33:15 PM OK svchost.exe\icaapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\dhcpcsvc6.dll 
1/18/2012 9:33:15 PM OK svchost.exe\dhcpcsvc.dll 
1/18/2012 9:33:15 PM OK svchost.exe\dnsext.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\wkssvc.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\icaapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\FWPUCLNT.DLL 
1/18/2012 9:33:15 PM OK svchost.exe\dnsrslvr.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\dnsext.dll 
1/18/2012 9:33:15 PM OK svchost.exe\winmm.dll 
1/18/2012 9:33:15 PM OK svchost.exe\winnsi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\IPHLPAPI.DLL 
1/18/2012 9:33:15 PM OK svchost.exe\es.dll 
1/18/2012 9:33:15 PM OK svchost.exe\atl.dll 
1/18/2012 9:33:15 PM OK svchost.exe\rtutils.dll 
1/18/2012 9:33:15 PM OK svchost.exe\samcli.dll 
1/18/2012 9:33:15 PM OK svchost.exe\wkscli.dll 
1/18/2012 9:33:15 PM OK svchost.exe\netutils.dll 
1/18/2012 9:33:15 PM OK svchost.exe\hid.dll 
1/18/2012 9:33:15 PM OK svchost.exe\samlib.dll 
1/18/2012 9:33:15 PM OK svchost.exe\propsys.dll 
1/18/2012 9:33:15 PM OK svchost.exe\wtsapi32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\WSHTCPIP.DLL 
1/18/2012 9:33:15 PM OK svchost.exe\gpapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\userenv.dll 
1/18/2012 9:33:15 PM OK svchost.exe\devrtl.dll 
1/18/2012 9:33:15 PM OK svchost.exe\credssp.dll 
1/18/2012 9:33:15 PM OK svchost.exe\bcryptprimitives.dll 
1/18/2012 9:33:15 PM OK svchost.exe\winsta.dll 
1/18/2012 9:33:15 PM OK svchost.exe\rsaenh.dll 
1/18/2012 9:33:15 PM OK svchost.exe\dnsapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\wship6.dll 
1/18/2012 9:33:15 PM OK svchost.exe\mswsock.dll 
1/18/2012 9:33:15 PM OK svchost.exe\cryptsp.dll 
1/18/2012 9:33:15 PM OK svchost.exe\netjoin.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\dnsrslvr.dll 
1/18/2012 9:33:15 PM OK svchost.exe\bcrypt.dll 
1/18/2012 9:33:15 PM OK svchost.exe\ncrypt.dll 
1/18/2012 9:33:15 PM OK svchost.exe\wevtapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\secur32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\sspicli.dll 
1/18/2012 9:33:15 PM OK svchost.exe\cryptbase.dll 
1/18/2012 9:33:15 PM OK svchost.exe\sxs.dll 
1/18/2012 9:33:15 PM OK svchost.exe\RpcRtRemote.dll 
1/18/2012 9:33:15 PM OK svchost.exe\profapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\msasn1.dll 
1/18/2012 9:33:15 PM OK svchost.exe\KernelBase.dll 
1/18/2012 9:33:15 PM OK svchost.exe\crypt32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\wintrust.dll 
1/18/2012 9:33:15 PM OK svchost.exe\cfgmgr32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\devobj.dll 
1/18/2012 9:33:15 PM OK svchost.exe\advapi32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\usp10.dll 
1/18/2012 9:33:15 PM OK svchost.exe\nsi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\ws2_32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\imm32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\sechost.dll 
1/18/2012 9:33:15 PM OK svchost.exe\setupapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\shlwapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\gdi32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\ole32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\clbcatq.dll 
1/18/2012 9:33:15 PM OK svchost.exe\rpcrt4.dll 
1/18/2012 9:33:15 PM OK svchost.exe\Wldap32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\lpk.dll 
1/18/2012 9:33:15 PM OK svchost.exe\msvcrt.dll 
1/18/2012 9:33:15 PM OK svchost.exe\oleaut32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\msctf.dll 
1/18/2012 9:33:15 PM OK svchost.exe\apisetschema.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\netjoin.dll 
1/18/2012 9:33:15 PM OK svchost.exe\sfc.dll 
1/18/2012 9:33:15 PM OK svchost.exe\user32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\kernel32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\ntdll.dll 
1/18/2012 9:33:15 PM OK svchost.exe\psapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\svchost.exe 
1/18/2012 9:33:15 PM OK svchost.exe\w32time.dll 
1/18/2012 9:33:15 PM OK svchost.exe\ieproxy.dll 
1/18/2012 9:33:15 PM OK svchost.exe\fdProxy.dll 
1/18/2012 9:33:15 PM OK svchost.exe\fdSSDP.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\w32time.dll 
1/18/2012 9:33:15 PM OK svchost.exe\mlang.dll 
1/18/2012 9:33:15 PM OK svchost.exe\fdWSD.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\fdSSDP.dll 
1/18/2012 9:33:15 PM OK svchost.exe\fdPHost.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\fdWSD.dll 
1/18/2012 9:33:15 PM OK svchost.exe\pnrpnsp.dll 
1/18/2012 9:33:15 PM OK svchost.exe\NapiNSP.dll 
1/18/2012 9:33:15 PM OK svchost.exe\winrnr.dll 
1/18/2012 9:33:15 PM OK svchost.exe\perftrack.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\fdPHost.dll 
1/18/2012 9:33:15 PM OK svchost.exe\webservices.dll 
1/18/2012 9:33:15 PM OK svchost.exe\WSDApi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\rasadhlp.dll 
1/18/2012 9:33:15 PM OK svchost.exe\WLIDNSP.DLL 
1/18/2012 9:33:15 PM OK svchost.exe\wdi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\npmproxy.dll 
1/18/2012 9:33:15 PM OK svchost.exe\netprofm.dll 
1/18/2012 9:33:15 PM OK svchost.exe\wer.dll 
1/18/2012 9:33:15 PM OK svchost.exe\fundisc.dll 
1/18/2012 9:33:15 PM OK svchost.exe\httpapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\sstpsvc.dll 
1/18/2012 9:33:15 PM OK svchost.exe\ssdpapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\sfc_os.dll 
1/18/2012 9:33:15 PM OK svchost.exe\webio.dll 
1/18/2012 9:33:15 PM OK svchost.exe\winhttp.dll 
1/18/2012 9:33:15 PM OK svchost.exe\aepic.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\perftrack.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\sstpsvc.dll 
1/18/2012 9:33:15 PM OK svchost.exe\msxml6.dll 
1/18/2012 9:33:15 PM OK svchost.exe\dhcpcsvc6.dll 
1/18/2012 9:33:15 PM OK svchost.exe\dhcpcsvc.dll 
1/18/2012 9:33:15 PM OK svchost.exe\FWPUCLNT.DLL 
1/18/2012 9:33:15 PM OK svchost.exe\winnsi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\nsisvc.dll 
1/18/2012 9:33:15 PM OK svchost.exe\IPHLPAPI.DLL 
1/18/2012 9:33:15 PM OK svchost.exe\dsrole.dll 
1/18/2012 9:33:15 PM OK svchost.exe\es.dll 
1/18/2012 9:33:15 PM OK svchost.exe\atl.dll 
1/18/2012 9:33:15 PM OK svchost.exe\nlaapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\rtutils.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\aepic.dll 
1/18/2012 9:33:15 PM OK svchost.exe\xmllite.dll 
1/18/2012 9:33:15 PM OK svchost.exe\dwmapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\propsys.dll 
1/18/2012 9:33:15 PM OK svchost.exe\version.dll 
1/18/2012 9:33:15 PM OK svchost.exe\FirewallAPI.dll 
1/18/2012 9:33:15 PM OK svchost.exe\WSHTCPIP.DLL 
1/18/2012 9:33:15 PM OK svchost.exe\gpapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\userenv.dll 
1/18/2012 9:33:15 PM OK svchost.exe\credssp.dll 
1/18/2012 9:33:15 PM OK svchost.exe\bcryptprimitives.dll 
1/18/2012 9:33:15 PM OK svchost.exe\rsaenh.dll 
1/18/2012 9:33:15 PM OK svchost.exe\logoncli.dll 
1/18/2012 9:33:15 PM OK svchost.exe\dnsapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\msv1_0.dll 
1/18/2012 9:33:15 PM OK svchost.exe\wship6.dll 
1/18/2012 9:33:15 PM OK svchost.exe\mswsock.dll 
1/18/2012 9:33:15 PM OK svchost.exe\cryptsp.dll 
1/18/2012 9:33:15 PM OK svchost.exe\bcrypt.dll 
1/18/2012 9:33:15 PM OK svchost.exe\cryptdll.dll 
1/18/2012 9:33:15 PM OK svchost.exe\secur32.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\nsisvc.dll 
1/18/2012 9:33:15 PM OK svchost.exe\sspicli.dll 
1/18/2012 9:33:15 PM OK svchost.exe\cryptbase.dll 
1/18/2012 9:33:15 PM OK svchost.exe\sxs.dll 
1/18/2012 9:33:15 PM OK svchost.exe\RpcRtRemote.dll 
1/18/2012 9:33:15 PM OK svchost.exe\profapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\msasn1.dll 
1/18/2012 9:33:15 PM OK svchost.exe\KernelBase.dll 
1/18/2012 9:33:15 PM OK svchost.exe\crypt32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\advapi32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\usp10.dll 
1/18/2012 9:33:15 PM OK svchost.exe\nsi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\ws2_32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\imm32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\sechost.dll 
1/18/2012 9:33:15 PM OK svchost.exe\shlwapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\gdi32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\ole32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\clbcatq.dll 
1/18/2012 9:33:15 PM OK svchost.exe\rpcrt4.dll 
1/18/2012 9:33:15 PM OK svchost.exe\lpk.dll 
1/18/2012 9:33:15 PM OK svchost.exe\msvcrt.dll 
1/18/2012 9:33:15 PM OK svchost.exe\oleaut32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\msctf.dll 
1/18/2012 9:33:15 PM OK svchost.exe\apisetschema.dll 
1/18/2012 9:33:15 PM OK svchost.exe\user32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\kernel32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\ntdll.dll 
1/18/2012 9:33:15 PM OK svchost.exe\psapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\svchost.exe 
1/18/2012 9:33:15 PM OK svchost.exe\msi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\shsvcs.dll 
1/18/2012 9:33:15 PM OK svchost.exe\dssenh.dll 
1/18/2012 9:33:15 PM OK svchost.exe\mspatcha.dll 
1/18/2012 9:33:15 PM OK svchost.exe\wuaueng.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\shsvcs.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\mspatcha.dll 
1/18/2012 9:33:15 PM OK svchost.exe\mpr.dll 
1/18/2012 9:33:15 PM OK svchost.exe\advpack.dll 
1/18/2012 9:33:15 PM OK svchost.exe\esent.dll 
1/18/2012 9:33:15 PM OK svchost.exe\upnp.dll 
1/18/2012 9:33:15 PM OK svchost.exe\bitsperf.dll 
1/18/2012 9:33:15 PM OK svchost.exe\qmgr.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\advpack.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\bitsperf.dll 
1/18/2012 9:33:15 PM OK svchost.exe\spfileq.dll 
1/18/2012 9:33:15 PM OK svchost.exe\NCProv.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\wuaueng.dll 
1/18/2012 9:33:15 PM OK svchost.exe\nci.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\spfileq.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\qmgr.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\wbem\NCProv.dll 
1/18/2012 9:33:15 PM OK svchost.exe\wbemess.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\nci.dll 
1/18/2012 9:33:15 PM OK svchost.exe\ncobjapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\WmiPrvSD.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\wbem\wbemess.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\ncobjapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\rasadhlp.dll 
1/18/2012 9:33:15 PM OK svchost.exe\WLIDNSP.DLL 
1/18/2012 9:33:15 PM OK svchost.exe\resutils.dll 
1/18/2012 9:33:15 PM OK svchost.exe\clusapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\sscore.dll 
1/18/2012 9:33:15 PM OK svchost.exe\bitsigd.dll 
1/18/2012 9:33:15 PM OK svchost.exe\npmproxy.dll 
1/18/2012 9:33:15 PM OK svchost.exe\browser.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\sscore.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\wbem\WmiPrvSD.dll 
1/18/2012 9:33:15 PM OK svchost.exe\srvsvc.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\bitsigd.dll 
1/18/2012 9:33:15 PM OK svchost.exe\raschap.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\browser.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\srvsvc.dll 
1/18/2012 9:33:15 PM OK svchost.exe\repdrvfs.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\raschap.dll 
1/18/2012 9:33:15 PM OK svchost.exe\vpnike.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\wbem\repdrvfs.dll 
1/18/2012 9:33:15 PM OK svchost.exe\wmiutils.dll 
1/18/2012 9:33:15 PM OK svchost.exe\rasppp.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\vpnike.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\wbem\wmiutils.dll 
1/18/2012 9:33:15 PM OK svchost.exe\wbemsvc.dll 
1/18/2012 9:33:15 PM OK svchost.exe\esscli.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\rasppp.dll 
1/18/2012 9:33:15 PM OK svchost.exe\wbemcore.dll 
1/18/2012 9:33:15 PM OK svchost.exe\netprofm.dll 
1/18/2012 9:33:15 PM OK svchost.exe\wbemprox.dll 
1/18/2012 9:33:15 PM OK svchost.exe\ntdsapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\hnetcfg.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\wbem\esscli.dll 
1/18/2012 9:33:15 PM OK svchost.exe\tapi32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\msxml3.dll 
1/18/2012 9:33:15 PM OK svchost.exe\rastapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\rasmans.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\hnetcfg.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\wbem\wbemcore.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\tapi32.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\rastapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\wdscore.dll 
1/18/2012 9:33:15 PM OK svchost.exe\sqmapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\iphlpsvc.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\rasmans.dll 
1/18/2012 9:33:15 PM OK svchost.exe\wer.dll 
1/18/2012 9:33:15 PM OK svchost.exe\fastprox.dll 
1/18/2012 9:33:15 PM OK svchost.exe\wbemcomn.dll 
1/18/2012 9:33:15 PM OK svchost.exe\WMIsvc.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\wdscore.dll 
1/18/2012 9:33:15 PM OK svchost.exe\cabinet.dll 
1/18/2012 9:33:15 PM OK svchost.exe\winspool.drv 
1/18/2012 9:33:15 PM OK svchost.exe\ssdpapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\seclogon.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\iphlpsvc.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\wbem\WMIsvc.dll 
1/18/2012 9:33:15 PM OK svchost.exe\webio.dll 
1/18/2012 9:33:15 PM OK svchost.exe\winhttp.dll 
1/18/2012 9:33:15 PM OK svchost.exe\IKEEXT.DLL 
1/18/2012 9:33:15 PM OK C:\Windows\System32\seclogon.dll 
1/18/2012 9:33:15 PM OK svchost.exe\vsstrace.dll 
1/18/2012 9:33:15 PM OK svchost.exe\vssapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\wiarpc.dll 
1/18/2012 9:33:15 PM OK svchost.exe\taskcomp.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\wiarpc.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\IKEEXT.DLL 
1/18/2012 9:33:15 PM OK svchost.exe\fvecerts.dll 
1/18/2012 9:33:15 PM OK svchost.exe\tbs.dll 
1/18/2012 9:33:15 PM OK svchost.exe\fveapi.dll 
1/18/2012 9:33:15 PM OK svchost.exe\ktmw32.dll 
1/18/2012 9:33:15 PM OK svchost.exe\schedsvc.dll 
1/18/2012 9:33:15 PM OK C:\Windows\System32\taskcomp.dll 
1/18/2012 9:33:15 PM OK svchost.exe\eappcfg.dll 
1/18/2012 9:33:15 PM OK svchost.exe\eappprxy.dll 
1/18/2012 9:33:15 PM OK svchost.exe\appinfo.dll 
1/18/2012 9:33:16 PM OK svchost.exe\mmcss.dll 
1/18/2012 9:33:16 PM OK svchost.exe\TSChannel.dll 
1/18/2012 9:33:16 PM OK svchost.exe\aelupsvc.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\appinfo.dll 
1/18/2012 9:33:16 PM OK svchost.exe\umb.dll 
1/18/2012 9:33:16 PM OK svchost.exe\dhcpcsvc6.dll 
1/18/2012 9:33:16 PM OK svchost.exe\dhcpcsvc.dll 
1/18/2012 9:33:16 PM OK svchost.exe\FWPUCLNT.DLL 
1/18/2012 9:33:16 PM OK svchost.exe\eapphost.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\mmcss.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\schedsvc.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\aelupsvc.dll 
1/18/2012 9:33:16 PM OK svchost.exe\eapsvc.dll 
1/18/2012 9:33:16 PM OK svchost.exe\winnsi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\IPHLPAPI.DLL 
1/18/2012 9:33:16 PM OK svchost.exe\Sens.dll 
1/18/2012 9:33:16 PM OK svchost.exe\slc.dll 
1/18/2012 9:33:16 PM OK svchost.exe\dsrole.dll 
1/18/2012 9:33:16 PM OK svchost.exe\es.dll 
1/18/2012 9:33:16 PM OK svchost.exe\atl.dll 
1/18/2012 9:33:16 PM OK svchost.exe\profsvc.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\eapphost.dll 
1/18/2012 9:33:16 PM OK svchost.exe\themeservice.dll 
1/18/2012 9:33:16 PM OK  C:\Windows\System32\eapsvc.dll 
1/18/2012 9:33:16 PM OK svchost.exe\nlaapi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\ntmarta.dll 
1/18/2012 9:33:16 PM OK svchost.exe\rtutils.dll 
1/18/2012 9:33:16 PM OK svchost.exe\rasman.dll 
1/18/2012 9:33:16 PM OK svchost.exe\rasapi32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\gpsvc.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\Sens.dll 
1/18/2012 9:33:16 PM OK svchost.exe\samcli.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\themeservice.dll 
1/18/2012 9:33:16 PM OK svchost.exe\wkscli.dll 
1/18/2012 9:33:16 PM OK svchost.exe\netutils.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\profsvc.dll 
1/18/2012 9:33:16 PM OK svchost.exe\netapi32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\credui.dll 
1/18/2012 9:33:16 PM OK svchost.exe\xmllite.dll 
1/18/2012 9:33:16 PM OK svchost.exe\uxtheme.dll 
1/18/2012 9:33:16 PM OK svchost.exe\samlib.dll 
1/18/2012 9:33:16 PM OK svchost.exe\comctl32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\avrt.dll 
1/18/2012 9:33:16 PM OK svchost.exe\propsys.dll 
1/18/2012 9:33:16 PM OK svchost.exe\version.dll 
1/18/2012 9:33:16 PM OK svchost.exe\FirewallAPI.dll 
1/18/2012 9:33:16 PM OK svchost.exe\wtsapi32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\WSHTCPIP.DLL 
1/18/2012 9:33:16 PM OK svchost.exe\gpapi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\userenv.dll 
1/18/2012 9:33:16 PM OK svchost.exe\devrtl.dll 
1/18/2012 9:33:16 PM OK svchost.exe\SPInf.dll 
1/18/2012 9:33:16 PM OK svchost.exe\ubpm.dll 
1/18/2012 9:33:16 PM OK svchost.exe\credssp.dll 
1/18/2012 9:33:16 PM OK svchost.exe\pcwum.dll 
1/18/2012 9:33:16 PM OK svchost.exe\bcryptprimitives.dll 
1/18/2012 9:33:16 PM OK svchost.exe\winsta.dll 
1/18/2012 9:33:16 PM OK svchost.exe\rsaenh.dll 
1/18/2012 9:33:16 PM OK svchost.exe\schannel.dll 
1/18/2012 9:33:16 PM OK svchost.exe\logoncli.dll 
1/18/2012 9:33:16 PM OK svchost.exe\dnsapi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\wship6.dll 
1/18/2012 9:33:16 PM OK svchost.exe\mswsock.dll 
1/18/2012 9:33:16 PM OK svchost.exe\cryptsp.dll 
1/18/2012 9:33:16 PM OK svchost.exe\kerberos.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\ubpm.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\gpsvc.dll 
1/18/2012 9:33:16 PM OK svchost.exe\netjoin.dll 
1/18/2012 9:33:16 PM OK svchost.exe\bcrypt.dll 
1/18/2012 9:33:16 PM OK svchost.exe\ncrypt.dll 
1/18/2012 9:33:16 PM OK svchost.exe\authz.dll 
1/18/2012 9:33:16 PM OK svchost.exe\wmsgapi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\sysntfy.dll 
1/18/2012 9:33:16 PM OK svchost.exe\wevtapi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\cryptdll.dll 
1/18/2012 9:33:16 PM OK svchost.exe\srvcli.dll 
1/18/2012 9:33:16 PM OK svchost.exe\secur32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\sspicli.dll 
1/18/2012 9:33:16 PM OK svchost.exe\apphelp.dll 
1/18/2012 9:33:16 PM OK svchost.exe\cryptbase.dll 
1/18/2012 9:33:16 PM OK svchost.exe\sxs.dll 
1/18/2012 9:33:16 PM OK svchost.exe\RpcRtRemote.dll 
1/18/2012 9:33:16 PM OK svchost.exe\profapi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\msasn1.dll 
1/18/2012 9:33:16 PM OK svchost.exe\KernelBase.dll 
1/18/2012 9:33:16 PM OK svchost.exe\crypt32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\wintrust.dll 
1/18/2012 9:33:16 PM OK svchost.exe\cfgmgr32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\devobj.dll 
1/18/2012 9:33:16 PM OK svchost.exe\advapi32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\usp10.dll 
1/18/2012 9:33:16 PM OK svchost.exe\imagehlp.dll 
1/18/2012 9:33:16 PM OK svchost.exe\nsi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\ws2_32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\imm32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\sechost.dll 
1/18/2012 9:33:16 PM OK svchost.exe\setupapi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\shlwapi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\gdi32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\ole32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\clbcatq.dll 
1/18/2012 9:33:16 PM OK svchost.exe\rpcrt4.dll 
1/18/2012 9:33:16 PM OK svchost.exe\Wldap32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\lpk.dll 
1/18/2012 9:33:16 PM OK svchost.exe\msvcrt.dll 
1/18/2012 9:33:16 PM OK svchost.exe\oleaut32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\msctf.dll 
1/18/2012 9:33:16 PM OK svchost.exe\shell32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\apisetschema.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\wmsgapi.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\sysntfy.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\kerberos.dll 
1/18/2012 9:33:16 PM OK svchost.exe\sfc.dll 
1/18/2012 9:33:16 PM OK svchost.exe\user32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\kernel32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\ntdll.dll 
1/18/2012 9:33:16 PM OK svchost.exe\psapi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\svchost.exe 
1/18/2012 9:33:16 PM OK svchost.exe\hgprint.dll 
1/18/2012 9:33:16 PM OK svchost.exe\IdListen.dll 
1/18/2012 9:33:16 PM OK svchost.exe\ListSvc.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\hgprint.dll 
1/18/2012 9:33:16 PM OK svchost.exe\rasdlg.dll 
1/18/2012 9:33:16 PM OK svchost.exe\ieproxy.dll 
1/18/2012 9:33:16 PM OK svchost.exe\fdProxy.dll 
1/18/2012 9:33:16 PM OK svchost.exe\IPBusEnum.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\IdListen.dll 
1/18/2012 9:33:16 PM OK svchost.exe\netshell.dll 
1/18/2012 9:33:16 PM OK svchost.exe\mprapi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\PortableDeviceConnectApi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\PortableDeviceApi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\hidserv.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\ListSvc.dll 
1/18/2012 9:33:16 PM OK svchost.exe\cscapi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\wbemsvc.dll 
1/18/2012 9:33:16 PM OK svchost.exe\wbemprox.dll 
1/18/2012 9:33:16 PM OK svchost.exe\ntdsapi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\hnetcfg.dll 
1/18/2012 9:33:16 PM OK svchost.exe\fastprox.dll 
1/18/2012 9:33:16 PM OK svchost.exe\wbemcomn.dll 
1/18/2012 9:33:16 PM OK svchost.exe\comctl32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\winspool.drv 
1/18/2012 9:33:16 PM  OK svchost.exe\fundisc.dll 
1/18/2012 9:33:16 PM OK svchost.exe\trkwks.dll 
1/18/2012 9:33:16 PM OK svchost.exe\sysmain.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\IPBusEnum.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\mprapi.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\PortableDeviceConnectApi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\sfc_os.dll 
1/18/2012 9:33:16 PM OK svchost.exe\aepic.dll 
1/18/2012 9:33:16 PM OK svchost.exe\pcasvc.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\rasdlg.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\hidserv.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\trkwks.dll 
1/18/2012 9:33:16 PM OK svchost.exe\netman.dll 
1/18/2012 9:33:16 PM OK svchost.exe\netcfgx.dll 
1/18/2012 9:33:16 PM OK svchost.exe\msxml6.dll 
1/18/2012 9:33:16 PM OK svchost.exe\WinSCard.dll 
1/18/2012 9:33:16 PM OK svchost.exe\wlanutil.dll 
1/18/2012 9:33:16 PM OK svchost.exe\l2gpstore.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\pcasvc.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\netman.dll 
1/18/2012 9:33:16 PM OK svchost.exe\wlgpclnt.dll 
1/18/2012 9:33:16 PM OK svchost.exe\eappcfg.dll 
1/18/2012 9:33:16 PM OK svchost.exe\eappprxy.dll 
1/18/2012 9:33:16 PM OK svchost.exe\onex.dll 
1/18/2012 9:33:16 PM OK svchost.exe\wlansec.dll 
1/18/2012 9:33:16 PM OK svchost.exe\wlanmsm.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\netcfgx.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\l2gpstore.dll 
1/18/2012 9:33:16 PM OK svchost.exe\actxprxy.dll 
1/18/2012 9:33:16 PM OK svchost.exe\umb.dll 
1/18/2012 9:33:16 PM OK svchost.exe\dhcpcsvc.dll 
1/18/2012 9:33:16 PM OK svchost.exe\wlansvc.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\wlgpclnt.dll 
1/18/2012 9:33:16 PM OK svchost.exe\winnsi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\IPHLPAPI.DLL 
1/18/2012 9:33:16 PM OK svchost.exe\WUDFPlatform.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\wlansec.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\wlanmsm.dll 
1/18/2012 9:33:16 PM OK svchost.exe\WUDFSvc.dll 
1/18/2012 9:33:16 PM OK svchost.exe\uxsms.dll 
1/18/2012 9:33:16 PM OK svchost.exe\slc.dll 
1/18/2012 9:33:16 PM OK svchost.exe\dsrole.dll 
1/18/2012 9:33:16 PM OK svchost.exe\atl.dll 
1/18/2012 9:33:16 PM OK svchost.exe\nlaapi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\ntmarta.dll 
1/18/2012 9:33:16 PM OK svchost.exe\rtutils.dll 
1/18/2012 9:33:16 PM OK svchost.exe\rasman.dll 
1/18/2012 9:33:16 PM OK svchost.exe\rasapi32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\samcli.dll 
1/18/2012 9:33:16 PM OK svchost.exe\wkscli.dll 
1/18/2012 9:33:16 PM OK svchost.exe\netutils.dll 
1/18/2012 9:33:16 PM OK svchost.exe\netapi32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\xmllite.dll 
1/18/2012 9:33:16 PM OK svchost.exe\hid.dll 
1/18/2012 9:33:16 PM OK svchost.exe\samlib.dll 
1/18/2012 9:33:16 PM OK svchost.exe\comctl32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\TabSvc.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\WUDFPlatform.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\wlansvc.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\sysmain.dll 
1/18/2012 9:33:16 PM OK svchost.exe\avrt.dll 
1/18/2012 9:33:16 PM OK svchost.exe\propsys.dll 
1/18/2012 9:33:16 PM OK svchost.exe\MMDevAPI.dll 
1/18/2012 9:33:16 PM OK svchost.exe\audiosrv.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\WUDFSvc.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\uxsms.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\TabSvc.dll 
1/18/2012 9:33:16 PM OK svchost.exe\shacct.dll 
1/18/2012 9:33:16 PM OK svchost.exe\version.dll 
1/18/2012 9:33:16 PM OK svchost.exe\FirewallAPI.dll 
1/18/2012 9:33:16 PM OK svchost.exe\powrprof.dll 
1/18/2012 9:33:16 PM OK svchost.exe\wtsapi32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\gpapi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\userenv.dll 
1/18/2012 9:33:16 PM OK svchost.exe\devrtl.dll 
1/18/2012 9:33:16 PM OK svchost.exe\credssp.dll 
1/18/2012 9:33:16 PM OK svchost.exe\bcryptprimitives.dll 
1/18/2012 9:33:16 PM OK svchost.exe\winsta.dll 
1/18/2012 9:33:16 PM OK svchost.exe\rsaenh.dll 
1/18/2012 9:33:16 PM OK svchost.exe\cryptsp.dll 
1/18/2012 9:33:16 PM OK svchost.exe\kerberos.dll 
1/18/2012 9:33:16 PM OK svchost.exe\bcrypt.dll 
1/18/2012 9:33:16 PM OK svchost.exe\ncrypt.dll 
1/18/2012 9:33:16 PM OK svchost.exe\authz.dll 
1/18/2012 9:33:16 PM OK svchost.exe\sysntfy.dll 
1/18/2012 9:33:16 PM OK svchost.exe\wevtapi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\cryptdll.dll 
1/18/2012 9:33:16 PM OK svchost.exe\srvcli.dll 
1/18/2012 9:33:16 PM OK svchost.exe\secur32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\sspicli.dll 
1/18/2012 9:33:16 PM OK svchost.exe\apphelp.dll 
1/18/2012 9:33:16 PM OK svchost.exe\cryptbase.dll 
1/18/2012 9:33:16 PM OK svchost.exe\RpcRtRemote.dll 
1/18/2012 9:33:16 PM OK svchost.exe\profapi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\msasn1.dll 
1/18/2012 9:33:16 PM OK svchost.exe\KernelBase.dll 
1/18/2012 9:33:16 PM OK svchost.exe\crypt32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\wintrust.dll 
1/18/2012 9:33:16 PM OK svchost.exe\cfgmgr32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\devobj.dll 
1/18/2012 9:33:16 PM OK svchost.exe\advapi32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\usp10.dll 
1/18/2012 9:33:16 PM OK svchost.exe\nsi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\ws2_32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\imm32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\sechost.dll 
1/18/2012 9:33:16 PM OK svchost.exe\setupapi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\shlwapi.dll 
1/18/2012 9:33:16 PM OK svchost.exe\gdi32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\ole32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\clbcatq.dll 
1/18/2012 9:33:16 PM OK svchost.exe\rpcrt4.dll 
1/18/2012 9:33:16 PM OK svchost.exe\Wldap32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\lpk.dll 
1/18/2012 9:33:16 PM OK svchost.exe\msvcrt.dll 
1/18/2012 9:33:16 PM OK svchost.exe\oleaut32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\msctf.dll 
1/18/2012 9:33:16 PM OK svchost.exe\shell32.dll 
1/18/2012 9:33:16 PM OK svchost.exe\apisetschema.dll 
1/18/2012 9:33:16 PM OK C:\Windows\System32\audiosrv.dll 
1/18/2012 9:33:17 PM OK svchost.exe\winlogon.exe 
1/18/2012 9:33:17 PM OK svchost.exe\tquery.dll 
1/18/2012 9:33:17 PM OK svchost.exe\RtkAPO64.dll 
1/18/2012 9:33:17 PM OK svchost.exe\WinMgmtR.dll 
1/18/2012 9:33:17 PM OK C:\Windows\System32\winlogon.exe 
1/18/2012 9:33:17 PM OK svchost.exe\user32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\kernel32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\ntdll.dll 
1/18/2012 9:33:17 PM OK svchost.exe\psapi.dll 
1/18/2012 9:33:17 PM OK svchost.exe\svchost.exe 
1/18/2012 9:33:17 PM OK svchost.exe\winlogon.exe 
1/18/2012 9:33:17 PM OK svchost.exe\services.exe 
1/18/2012 9:33:17 PM OK svchost.exe\p2pcollab.dll 
1/18/2012 9:33:17 PM OK C:\Windows\System32\wbem\WinMgmtR.dll 
1/18/2012 9:33:17 PM OK svchost.exe\P2P.dll 
1/18/2012 9:33:17 PM OK svchost.exe\WMALFXGFXDSP.dll 
1/18/2012 9:33:17 PM OK svchost.exe\tquery.dll 
1/18/2012 9:33:17 PM OK svchost.exe\wuapi.dll 
1/18/2012 9:33:17 PM OK C:\Windows\System32\services.exe 
1/18/2012 9:33:17 PM OK svchost.exe\provsvc.dll 
1/18/2012 9:33:17 PM OK svchost.exe\dbghelp.dll 
1/18/2012 9:33:17 PM OK C:\Windows\System32\P2P.dll 
1/18/2012 9:33:17 PM OK C:\Windows\System32\p2pcollab.dll 
1/18/2012 9:33:17 PM OK svchost.exe\ieproxy.dll 
1/18/2012 9:33:17 PM OK svchost.exe\fdProxy.dll 
1/18/2012 9:33:17 PM OK svchost.exe\pnrpnsp.dll 
1/18/2012 9:33:17 PM OK svchost.exe\NapiNSP.dll 
1/18/2012 9:33:17 PM OK svchost.exe\winrnr.dll 
1/18/2012 9:33:17 PM OK svchost.exe\rasadhlp.dll 
1/18/2012 9:33:17 PM OK svchost.exe\WLIDNSP.DLL 
1/18/2012 9:33:17 PM OK svchost.exe\npmproxy.dll 
1/18/2012 9:33:17 PM OK svchost.exe\wbemsvc.dll 
1/18/2012 9:33:17 PM OK svchost.exe\wbemprox.dll 
1/18/2012 9:33:17 PM OK svchost.exe\ntdsapi.dll 
1/18/2012 9:33:17 PM OK svchost.exe\fastprox.dll 
1/18/2012 9:33:17 PM OK svchost.exe\wbemcomn.dll 
1/18/2012 9:33:17 PM OK svchost.exe\cabinet.dll 
1/18/2012 9:33:17 PM OK svchost.exe\fundisc.dll 
1/18/2012 9:33:17 PM OK svchost.exe\wscsvc.dll 
1/18/2012 9:33:17 PM OK C:\Windows\System32\RtkAPO64.dll 
1/18/2012 9:33:17 PM OK svchost.exe\msxml6.dll 
1/18/2012 9:33:17 PM OK svchost.exe\mfplat.dll 
1/18/2012 9:33:17 PM OK svchost.exe\actxprxy.dll 
1/18/2012 9:33:17 PM OK svchost.exe\AudioSes.dll 
1/18/2012 9:33:17 PM OK svchost.exe\dhcpcsvc6.dll 
1/18/2012 9:33:17 PM OK svchost.exe\dhcpcsvc.dll 
1/18/2012 9:33:17 PM OK svchost.exe\FWPUCLNT.DLL 
1/18/2012 9:33:17 PM OK svchost.exe\dhcpcore6.dll 
1/18/2012 9:33:17 PM OK svchost.exe\dhcpcore.dll 
1/18/2012 9:33:17 PM OK svchost.exe\nrpsrv.dll 
1/18/2012 9:33:17 PM OK svchost.exe\winnsi.dll 
1/18/2012 9:33:17 PM OK svchost.exe\IPHLPAPI.DLL 
1/18/2012 9:33:17 PM OK svchost.exe\lmhsvc.dll 
1/18/2012 9:33:17 PM OK svchost.exe\atl.dll 
1/18/2012 9:33:17 PM OK svchost.exe\nlaapi.dll 
1/18/2012 9:33:17 PM OK svchost.exe\wkscli.dll 
1/18/2012 9:33:17 PM OK svchost.exe\netutils.dll 
1/18/2012 9:33:17 PM OK svchost.exe\xmllite.dll 
1/18/2012 9:33:17 PM OK svchost.exe\avrt.dll 
1/18/2012 9:33:17 PM OK svchost.exe\propsys.dll 
1/18/2012 9:33:17 PM OK svchost.exe\MMDevAPI.dll 
1/18/2012 9:33:17 PM OK svchost.exe\audiosrv.dll 
1/18/2012 9:33:17 PM OK svchost.exe\wevtsvc.dll 
1/18/2012 9:33:17 PM OK svchost.exe\version.dll 
1/18/2012 9:33:17 PM OK svchost.exe\FirewallAPI.dll 
1/18/2012 9:33:17 PM OK svchost.exe\powrprof.dll 
1/18/2012 9:33:17 PM OK svchost.exe\WSHTCPIP.DLL 
1/18/2012 9:33:17 PM OK svchost.exe\gpapi.dll 
1/18/2012 9:33:17 PM OK svchost.exe\userenv.dll 
1/18/2012 9:33:17 PM OK svchost.exe\credssp.dll 
1/18/2012 9:33:17 PM OK svchost.exe\bcryptprimitives.dll 
1/18/2012 9:33:17 PM OK svchost.exe\winsta.dll 
1/18/2012 9:33:17 PM OK svchost.exe\rsaenh.dll 
1/18/2012 9:33:17 PM OK svchost.exe\dnsapi.dll 
1/18/2012 9:33:17 PM OK svchost.exe\wship6.dll 
1/18/2012 9:33:17 PM OK svchost.exe\mswsock.dll 
1/18/2012 9:33:17 PM OK svchost.exe\cryptsp.dll 
1/18/2012 9:33:17 PM OK svchost.exe\bcrypt.dll 
1/18/2012 9:33:17 PM OK svchost.exe\ncrypt.dll 
1/18/2012 9:33:17 PM OK svchost.exe\wevtapi.dll 
1/18/2012 9:33:17 PM OK svchost.exe\secur32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\sspicli.dll 
1/18/2012 9:33:17 PM OK svchost.exe\cryptbase.dll 
1/18/2012 9:33:17 PM OK svchost.exe\RpcRtRemote.dll 
1/18/2012 9:33:17 PM OK svchost.exe\profapi.dll 
1/18/2012 9:33:17 PM OK svchost.exe\msasn1.dll 
1/18/2012 9:33:17 PM OK svchost.exe\KernelBase.dll 
1/18/2012 9:33:17 PM OK svchost.exe\crypt32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\wintrust.dll 
1/18/2012 9:33:17 PM OK svchost.exe\cfgmgr32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\devobj.dll 
1/18/2012 9:33:17 PM OK svchost.exe\advapi32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\usp10.dll 
1/18/2012 9:33:17 PM OK svchost.exe\imagehlp.dll 
1/18/2012 9:33:17 PM OK svchost.exe\nsi.dll 
1/18/2012 9:33:17 PM OK svchost.exe\ws2_32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\imm32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\sechost.dll 
1/18/2012 9:33:17 PM OK svchost.exe\setupapi.dll 
1/18/2012 9:33:17 PM OK svchost.exe\shlwapi.dll 
1/18/2012 9:33:17 PM OK svchost.exe\gdi32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\ole32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\clbcatq.dll 
1/18/2012 9:33:17 PM OK svchost.exe\rpcrt4.dll 
1/18/2012 9:33:17 PM OK svchost.exe\lpk.dll 
1/18/2012 9:33:17 PM OK svchost.exe\msvcrt.dll 
1/18/2012 9:33:17 PM OK svchost.exe\oleaut32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\msctf.dll 
1/18/2012 9:33:17 PM OK svchost.exe\shell32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\apisetschema.dll 
1/18/2012 9:33:17 PM OK C:\Windows\System32\WMALFXGFXDSP.dll 
1/18/2012 9:33:17 PM OK C:\Windows\System32\dbghelp.dll 
1/18/2012 9:33:17 PM OK C:\Windows\System32\wuapi.dll 
1/18/2012 9:33:17 PM OK C:\Windows\System32\wscsvc.dll 
1/18/2012 9:33:17 PM OK C:\Windows\System32\dhcpcore6.dll 
1/18/2012 9:33:17 PM OK C:\Windows\System32\dhcpcore.dll 
1/18/2012 9:33:17 PM OK C:\Windows\System32\nrpsrv.dll 
1/18/2012 9:33:17 PM OK C:\Windows\System32\lmhsvc.dll 
1/18/2012 9:33:17 PM OK C:\Windows\System32\wevtsvc.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\user32.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\kernel32.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\ntdll.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\psapi.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\atiesrxx.exe 
1/18/2012 9:33:17 PM OK atiesrxx.exe\powrprof.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\wtsapi32.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\userenv.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\winsta.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\apphelp.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\profapi.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\KernelBase.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\cfgmgr32.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\devobj.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\advapi32.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\usp10.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\imm32.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\sechost.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\setupapi.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\gdi32.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\ole32.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\rpcrt4.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\lpk.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\msvcrt.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\oleaut32.dll 
1/18/2012 9:33:17 PM OK atiesrxx.exe\msctf.dll 
1/18/2012 9:33:17 PM OK C:\Windows\System32\atiesrxx.exe 
1/18/2012 9:33:17 PM OK atiesrxx.exe\apisetschema.dll 
1/18/2012 9:33:17 PM OK svchost.exe\sfc.dll 
1/18/2012 9:33:17 PM OK svchost.exe\user32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\kernel32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\ntdll.dll 
1/18/2012 9:33:17 PM OK svchost.exe\svchost.exe 
1/18/2012 9:33:17 PM OK svchost.exe\msi.dll 
1/18/2012 9:33:17 PM OK svchost.exe\sfc_os.dll 
1/18/2012 9:33:17 PM OK svchost.exe\FWPUCLNT.DLL 
1/18/2012 9:33:17 PM OK svchost.exe\msiltcfg.dll 
1/18/2012 9:33:17 PM OK svchost.exe\version.dll 
1/18/2012 9:33:17 PM OK svchost.exe\FirewallAPI.dll 
1/18/2012 9:33:17 PM OK svchost.exe\wtsapi32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\WSHTCPIP.DLL 
1/18/2012 9:33:17 PM OK svchost.exe\RpcEpMap.dll 
1/18/2012 9:33:17 PM OK svchost.exe\rpcss.dll 
1/18/2012 9:33:17 PM OK svchost.exe\credssp.dll 
1/18/2012 9:33:17 PM OK svchost.exe\winsta.dll 
1/18/2012 9:33:17 PM OK svchost.exe\rsaenh.dll 
1/18/2012 9:33:17 PM OK svchost.exe\wship6.dll 
1/18/2012 9:33:17 PM OK svchost.exe\mswsock.dll 
1/18/2012 9:33:17 PM OK svchost.exe\cryptsp.dll 
1/18/2012 9:33:17 PM OK svchost.exe\secur32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\sspicli.dll 
1/18/2012 9:33:17 PM OK svchost.exe\cryptbase.dll 
1/18/2012 9:33:17 PM OK svchost.exe\sxs.dll 
1/18/2012 9:33:17 PM OK svchost.exe\RpcRtRemote.dll 
1/18/2012 9:33:17 PM OK svchost.exe\KernelBase.dll 
1/18/2012 9:33:17 PM OK svchost.exe\advapi32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\usp10.dll 
1/18/2012 9:33:17 PM OK svchost.exe\nsi.dll 
1/18/2012 9:33:17 PM OK svchost.exe\ws2_32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\imm32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\sechost.dll 
1/18/2012 9:33:17 PM OK svchost.exe\shlwapi.dll 
1/18/2012 9:33:17 PM OK svchost.exe\gdi32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\ole32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\clbcatq.dll 
1/18/2012 9:33:17 PM OK svchost.exe\rpcrt4.dll 
1/18/2012 9:33:17 PM OK svchost.exe\lpk.dll 
1/18/2012 9:33:17 PM OK svchost.exe\msvcrt.dll 
1/18/2012 9:33:17 PM OK svchost.exe\oleaut32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\msctf.dll 
1/18/2012 9:33:17 PM OK svchost.exe\apisetschema.dll 
1/18/2012 9:33:17 PM OK C:\Windows\System32\RpcEpMap.dll 
1/18/2012 9:33:17 PM OK C:\Windows\System32\rpcss.dll 
1/18/2012 9:33:17 PM OK svchost.exe\sfc.dll 
1/18/2012 9:33:17 PM OK svchost.exe\user32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\kernel32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\ntdll.dll 
1/18/2012 9:33:17 PM OK svchost.exe\svchost.exe 
1/18/2012 9:33:17 PM OK svchost.exe\msi.dll 
1/18/2012 9:33:17 PM OK svchost.exe\wmiutils.dll 
1/18/2012 9:33:17 PM OK svchost.exe\wbemsvc.dll 
1/18/2012 9:33:17 PM OK svchost.exe\wbemprox.dll 
1/18/2012 9:33:17 PM OK svchost.exe\ntdsapi.dll 
1/18/2012 9:33:17 PM OK svchost.exe\fastprox.dll 
1/18/2012 9:33:17 PM OK svchost.exe\WmiDcPrv.dll 
1/18/2012 9:33:17 PM OK svchost.exe\wbemcomn.dll 
1/18/2012 9:33:17 PM OK svchost.exe\sfc_os.dll 
1/18/2012 9:33:17 PM OK svchost.exe\ntmarta.dll 
1/18/2012 9:33:17 PM OK svchost.exe\msiltcfg.dll 
1/18/2012 9:33:17 PM OK svchost.exe\version.dll 
1/18/2012 9:33:17 PM OK svchost.exe\wtsapi32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\rpcss.dll 
1/18/2012 9:33:17 PM OK svchost.exe\umpo.dll 
1/18/2012 9:33:17 PM OK C:\Windows\System32\wbem\WmiDcPrv.dll 
1/18/2012 9:33:17 PM OK svchost.exe\gpapi.dll 
1/18/2012 9:33:17 PM OK svchost.exe\userenv.dll 
1/18/2012 9:33:17 PM OK svchost.exe\devrtl.dll 
1/18/2012 9:33:17 PM OK svchost.exe\SPInf.dll 
1/18/2012 9:33:17 PM OK svchost.exe\umpnpmgr.dll 
1/18/2012 9:33:17 PM OK svchost.exe\credssp.dll 
1/18/2012 9:33:17 PM OK svchost.exe\pcwum.dll 
1/18/2012 9:33:17 PM OK svchost.exe\winsta.dll 
1/18/2012 9:33:17 PM OK svchost.exe\rsaenh.dll 
1/18/2012 9:33:17 PM OK svchost.exe\cryptsp.dll 
1/18/2012 9:33:17 PM OK svchost.exe\sspicli.dll 
1/18/2012 9:33:17 PM OK svchost.exe\apphelp.dll 
1/18/2012 9:33:17 PM OK svchost.exe\cryptbase.dll 
1/18/2012 9:33:17 PM OK svchost.exe\sxs.dll 
1/18/2012 9:33:17 PM OK svchost.exe\RpcRtRemote.dll 
1/18/2012 9:33:17 PM OK svchost.exe\profapi.dll 
1/18/2012 9:33:17 PM OK svchost.exe\msasn1.dll 
1/18/2012 9:33:17 PM OK svchost.exe\KernelBase.dll 
1/18/2012 9:33:17 PM OK svchost.exe\crypt32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\wintrust.dll 
1/18/2012 9:33:17 PM OK svchost.exe\cfgmgr32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\devobj.dll 
1/18/2012 9:33:17 PM OK svchost.exe\advapi32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\usp10.dll 
1/18/2012 9:33:17 PM OK svchost.exe\nsi.dll 
1/18/2012 9:33:17 PM OK svchost.exe\ws2_32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\imm32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\sechost.dll 
1/18/2012 9:33:17 PM OK svchost.exe\setupapi.dll 
1/18/2012 9:33:17 PM OK svchost.exe\shlwapi.dll 
1/18/2012 9:33:17 PM OK svchost.exe\gdi32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\ole32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\clbcatq.dll 
1/18/2012 9:33:17 PM OK svchost.exe\rpcrt4.dll 
1/18/2012 9:33:17 PM OK svchost.exe\Wldap32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\lpk.dll 
1/18/2012 9:33:17 PM OK svchost.exe\msvcrt.dll 
1/18/2012 9:33:17 PM OK svchost.exe\oleaut32.dll 
1/18/2012 9:33:17 PM OK svchost.exe\msctf.dll 
1/18/2012 9:33:17 PM OK svchost.exe\apisetschema.dll 
1/18/2012 9:33:17 PM OK C:\Windows\System32\umpo.dll 
1/18/2012 9:33:17 PM OK C:\Windows\System32\umpnpmgr.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\user32.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\kernel32.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\ntdll.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\winlogon.exe 
1/18/2012 9:33:17 PM OK winlogon.exe\AdobeDriveCS4_NP.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\davclnt.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\ntlanman.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\mpr.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\davhlpr.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\drprov.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\cscapi.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\UXInit.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\slc.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\wkscli.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\netutils.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\WindowsCodecs.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\uxtheme.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\winsta.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\rsaenh.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\cryptsp.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\netjoin.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\sspicli.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\apphelp.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\cryptbase.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\RpcRtRemote.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\profapi.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\KernelBase.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\advapi32.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\usp10.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\imm32.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\sechost.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\shlwapi.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\gdi32.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\ole32.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\rpcrt4.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\lpk.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\msvcrt.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\msctf.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\shell32.dll 
1/18/2012 9:33:17 PM OK winlogon.exe\apisetschema.dll 
1/18/2012 9:33:17 PM OK C:\Windows\System32\UXInit.dll 
1/18/2012 9:33:18 PM OK  lsm.exe\kernel32.dll 
1/18/2012 9:33:18 PM OK lsm.exe\ntdll.dll 
1/18/2012 9:33:18 PM OK lsm.exe\lsm.exe 
1/18/2012 9:33:18 PM OK lsm.exe\credssp.dll 
1/18/2012 9:33:18 PM OK lsm.exe\pcwum.dll 
1/18/2012 9:33:18 PM OK lsm.exe\wmsgapi.dll 
1/18/2012 9:33:18 PM OK lsm.exe\sysntfy.dll 
1/18/2012 9:33:18 PM OK lsm.exe\secur32.dll


----------



## destin (Jan 8, 2012)

*4th part*

1/18/2012 9:33:18 PM OK lsm.exe\sspicli.dll 
1/18/2012 9:33:18 PM OK lsm.exe\cryptbase.dll 
1/18/2012 9:33:18 PM OK lsm.exe\RpcRtRemote.dll 
1/18/2012 9:33:18 PM OK lsm.exe\KernelBase.dll 
1/18/2012 9:33:18 PM OK lsm.exe\advapi32.dll 
1/18/2012 9:33:18 PM OK lsm.exe\sechost.dll 
1/18/2012 9:33:18 PM OK lsm.exe\rpcrt4.dll 
1/18/2012 9:33:18 PM OK lsm.exe\msvcrt.dll 
1/18/2012 9:33:18 PM OK lsm.exe\apisetschema.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\lsm.exe 
1/18/2012 9:33:18 PM OK lsass.exe\msprivs.dll 
1/18/2012 9:33:18 PM OK lsass.exe\user32.dll 
1/18/2012 9:33:18 PM OK lsass.exe\kernel32.dll 
1/18/2012 9:33:18 PM OK lsass.exe\ntdll.dll 
1/18/2012 9:33:18 PM OK lsass.exe\psapi.dll 
1/18/2012 9:33:18 PM OK lsass.exe\lsass.exe 
1/18/2012 9:33:18 PM OK C:\Windows\System32\msprivs.dll 
1/18/2012 9:33:18 PM OK lsass.exe\dssenh.dll 
1/18/2012 9:33:18 PM OK lsass.exe\CertPolEng.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\lsass.exe 
1/18/2012 9:33:18 PM OK lsass.exe\cabinet.dll 
1/18/2012 9:33:18 PM OK lsass.exe\cryptnet.dll 
1/18/2012 9:33:18 PM OK lsass.exe\psbase.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\CertPolEng.dll 
1/18/2012 9:33:18 PM OK lsass.exe\pstorsvc.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\psbase.dll 
1/18/2012 9:33:18 PM OK lsass.exe\keyiso.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\pstorsvc.dll 
1/18/2012 9:33:18 PM OK lsass.exe\winnsi.dll 
1/18/2012 9:33:18 PM OK lsass.exe\IPHLPAPI.DLL 
1/18/2012 9:33:18 PM OK lsass.exe\wkscli.dll 
1/18/2012 9:33:18 PM OK lsass.exe\netutils.dll 
1/18/2012 9:33:18 PM OK lsass.exe\WSHTCPIP.DLL 
1/18/2012 9:33:18 PM OK lsass.exe\gpapi.dll 
1/18/2012 9:33:18 PM OK lsass.exe\userenv.dll 
1/18/2012 9:33:18 PM OK lsass.exe\devrtl.dll 
1/18/2012 9:33:18 PM OK lsass.exe\scecli.dll 
1/18/2012 9:33:18 PM OK lsass.exe\credssp.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\keyiso.dll  
1/18/2012 9:33:18 PM OK lsass.exe\efslsaext.dll 
1/18/2012 9:33:18 PM OK lsass.exe\bcryptprimitives.dll 
1/18/2012 9:33:18 PM OK lsass.exe\winsta.dll 
1/18/2012 9:33:18 PM OK lsass.exe\LIVESSP.DLL 
1/18/2012 9:33:18 PM OK C:\Windows\System32\scecli.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\efslsaext.dll 
1/18/2012 9:33:18 PM OK lsass.exe\pku2u.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\LIVESSP.DLL 
1/18/2012 9:33:18 PM OK lsass.exe\TSpkg.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\pku2u.dll 
1/18/2012 9:33:18 PM OK lsass.exe\rsaenh.dll 
1/18/2012 9:33:18 PM OK lsass.exe\wdigest.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\TSpkg.dll 
1/18/2012 9:33:18 PM OK lsass.exe\schannel.dll 
1/18/2012 9:33:18 PM OK lsass.exe\logoncli.dll 
1/18/2012 9:33:18 PM OK lsass.exe\dnsapi.dll 
1/18/2012 9:33:18 PM OK lsass.exe\netlogon.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\wdigest.dll 
1/18/2012 9:33:18 PM OK lsass.exe\msv1_0.dll 
1/18/2012 9:33:18 PM OK lsass.exe\wship6.dll 
1/18/2012 9:33:18 PM OK lsass.exe\mswsock.dll 
1/18/2012 9:33:18 PM OK lsass.exe\cryptsp.dll 
1/18/2012 9:33:18 PM OK lsass.exe\kerberos.dll 
1/18/2012 9:33:18 PM OK lsass.exe\negoexts.dll 
1/18/2012 9:33:18 PM OK lsass.exe\netjoin.dll 
1/18/2012 9:33:18 PM OK lsass.exe\bcrypt.dll 
1/18/2012 9:33:18 PM OK lsass.exe\ncrypt.dll 
1/18/2012 9:33:18 PM OK lsass.exe\authz.dll 
1/18/2012 9:33:18 PM OK lsass.exe\cngaudit.dll 
1/18/2012 9:33:18 PM OK lsass.exe\wevtapi.dll 
1/18/2012 9:33:18 PM OK lsass.exe\cryptdll.dll 
1/18/2012 9:33:18 PM OK lsass.exe\samsrv.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\negoexts.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\netlogon.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\cngaudit.dll 
1/18/2012 9:33:18 PM OK lsass.exe\secur32.dll 
1/18/2012 9:33:18 PM OK lsass.exe\lsasrv.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\samsrv.dll 
1/18/2012 9:33:18 PM OK lsass.exe\sspisrv.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\lsasrv.dll 
1/18/2012 9:33:18 PM OK lsass.exe\sspicli.dll 
1/18/2012 9:33:18 PM OK lsass.exe\cryptbase.dll 
1/18/2012 9:33:18 PM OK lsass.exe\RpcRtRemote.dll 
1/18/2012 9:33:18 PM OK lsass.exe\profapi.dll 
1/18/2012 9:33:18 PM OK lsass.exe\msasn1.dll 
1/18/2012 9:33:18 PM OK lsass.exe\KernelBase.dll 
1/18/2012 9:33:18 PM OK lsass.exe\crypt32.dll 
1/18/2012 9:33:18 PM OK lsass.exe\advapi32.dll 
1/18/2012 9:33:18 PM OK lsass.exe\usp10.dll 
1/18/2012 9:33:18 PM OK lsass.exe\nsi.dll 
1/18/2012 9:33:18 PM OK lsass.exe\ws2_32.dll 
1/18/2012 9:33:18 PM OK lsass.exe\imm32.dll 
1/18/2012 9:33:18 PM OK lsass.exe\sechost.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\sspisrv.dll 
1/18/2012 9:33:18 PM OK lsass.exe\shlwapi.dll 
1/18/2012 9:33:18 PM OK lsass.exe\gdi32.dll 
1/18/2012 9:33:18 PM OK lsass.exe\rpcrt4.dll 
1/18/2012 9:33:18 PM OK lsass.exe\Wldap32.dll 
1/18/2012 9:33:18 PM OK lsass.exe\lpk.dll 
1/18/2012 9:33:18 PM OK lsass.exe\msvcrt.dll 
1/18/2012 9:33:18 PM OK lsass.exe\msctf.dll 
1/18/2012 9:33:18 PM OK lsass.exe\apisetschema.dll 
1/18/2012 9:33:18 PM OK services.exe\user32.dll 
1/18/2012 9:33:18 PM OK services.exe\kernel32.dll 
1/18/2012 9:33:18 PM OK services.exe\ntdll.dll 
1/18/2012 9:33:18 PM OK services.exe\services.exe 
1/18/2012 9:33:18 PM OK services.exe\wtsapi32.dll 
1/18/2012 9:33:18 PM OK services.exe\WSHTCPIP.DLL 
1/18/2012 9:33:18 PM OK services.exe\ubpm.dll 
1/18/2012 9:33:18 PM OK services.exe\credssp.dll 
1/18/2012 9:33:18 PM OK services.exe\winsta.dll 
1/18/2012 9:33:18 PM OK services.exe\wship6.dll 
1/18/2012 9:33:18 PM OK services.exe\mswsock.dll 
1/18/2012 9:33:18 PM OK services.exe\authz.dll 
1/18/2012 9:33:18 PM OK services.exe\srvcli.dll 
1/18/2012 9:33:18 PM OK services.exe\scesrv.dll 
1/18/2012 9:33:18 PM OK services.exe\secur32.dll 
1/18/2012 9:33:18 PM OK services.exe\scext.dll 
1/18/2012 9:33:18 PM OK services.exe\sspicli.dll 
1/18/2012 9:33:18 PM OK services.exe\apphelp.dll 
1/18/2012 9:33:18 PM OK services.exe\cryptbase.dll 
1/18/2012 9:33:18 PM OK services.exe\RpcRtRemote.dll 
1/18/2012 9:33:18 PM OK services.exe\profapi.dll 
1/18/2012 9:33:18 PM OK services.exe\KernelBase.dll 
1/18/2012 9:33:18 PM OK services.exe\advapi32.dll 
1/18/2012 9:33:18 PM OK services.exe\usp10.dll 
1/18/2012 9:33:18 PM OK services.exe\nsi.dll 
1/18/2012 9:33:18 PM OK services.exe\ws2_32.dll 
1/18/2012 9:33:18 PM OK services.exe\imm32.dll 
1/18/2012 9:33:18 PM OK services.exe\sechost.dll 
1/18/2012 9:33:18 PM OK services.exe\gdi32.dll 
1/18/2012 9:33:18 PM OK services.exe\rpcrt4.dll 
1/18/2012 9:33:18 PM OK services.exe\lpk.dll 
1/18/2012 9:33:18 PM OK services.exe\msvcrt.dll 
1/18/2012 9:33:18 PM OK services.exe\msctf.dll 
1/18/2012 9:33:18 PM OK services.exe\apisetschema.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\scesrv.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\scext.dll 
1/18/2012 9:33:18 PM OK csrss.exe\csrss.exe 
1/18/2012 9:33:18 PM OK csrss.exe\user32.dll 
1/18/2012 9:33:18 PM OK csrss.exe\kernel32.dll 
1/18/2012 9:33:18 PM OK csrss.exe\ntdll.dll 
1/18/2012 9:33:18 PM OK csrss.exe\cryptbase.dll 
1/18/2012 9:33:18 PM OK csrss.exe\sxs.dll 
1/18/2012 9:33:18 PM OK csrss.exe\sxssrv.dll 
1/18/2012 9:33:18 PM OK csrss.exe\winsrv.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\csrss.exe 
1/18/2012 9:33:18 PM OK C:\Windows\System32\sxssrv.dll 
1/18/2012 9:33:18 PM OK csrss.exe\basesrv.dll 
1/18/2012 9:33:18 PM OK csrss.exe\csrsrv.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\winsrv.dll 
1/18/2012 9:33:18 PM OK csrss.exe\KernelBase.dll 
1/18/2012 9:33:18 PM OK csrss.exe\advapi32.dll 
1/18/2012 9:33:18 PM OK csrss.exe\usp10.dll 
1/18/2012 9:33:18 PM OK csrss.exe\sechost.dll 
1/18/2012 9:33:18 PM OK csrss.exe\gdi32.dll 
1/18/2012 9:33:18 PM OK csrss.exe\rpcrt4.dll 
1/18/2012 9:33:18 PM OK csrss.exe\lpk.dll 
1/18/2012 9:33:18 PM OK csrss.exe\msvcrt.dll 
1/18/2012 9:33:18 PM OK csrss.exe\apisetschema.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\basesrv.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\csrsrv.dll 
1/18/2012 9:33:18 PM OK wininit.exe\user32.dll 
1/18/2012 9:33:18 PM OK wininit.exe\kernel32.dll 
1/18/2012 9:33:18 PM OK wininit.exe\ntdll.dll 
1/18/2012 9:33:18 PM OK wininit.exe\wininit.exe 
1/18/2012 9:33:18 PM OK wininit.exe\WSHTCPIP.DLL 
1/18/2012 9:33:18 PM OK wininit.exe\credssp.dll 
1/18/2012 9:33:18 PM OK wininit.exe\wship6.dll 
1/18/2012 9:33:18 PM OK wininit.exe\mswsock.dll 
1/18/2012 9:33:18 PM OK wininit.exe\secur32.dll 
1/18/2012 9:33:18 PM OK wininit.exe\sspicli.dll 
1/18/2012 9:33:18 PM OK wininit.exe\apphelp.dll 
1/18/2012 9:33:18 PM OK wininit.exe\cryptbase.dll 
1/18/2012 9:33:18 PM OK wininit.exe\RpcRtRemote.dll 
1/18/2012 9:33:18 PM OK wininit.exe\profapi.dll 
1/18/2012 9:33:18 PM OK wininit.exe\KernelBase.dll 
1/18/2012 9:33:18 PM OK wininit.exe\advapi32.dll 
1/18/2012 9:33:18 PM OK wininit.exe\usp10.dll 
1/18/2012 9:33:18 PM OK wininit.exe\nsi.dll 
1/18/2012 9:33:18 PM OK wininit.exe\ws2_32.dll 
1/18/2012 9:33:18 PM OK wininit.exe\imm32.dll 
1/18/2012 9:33:18 PM OK wininit.exe\sechost.dll 
1/18/2012 9:33:18 PM OK wininit.exe\gdi32.dll 
1/18/2012 9:33:18 PM OK wininit.exe\rpcrt4.dll 
1/18/2012 9:33:18 PM OK wininit.exe\lpk.dll 
1/18/2012 9:33:18 PM OK wininit.exe\msvcrt.dll 
1/18/2012 9:33:18 PM OK wininit.exe\msctf.dll 
1/18/2012 9:33:18 PM OK wininit.exe\apisetschema.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\wininit.exe 
1/18/2012 9:33:18 PM OK csrss.exe\csrss.exe 
1/18/2012 9:33:18 PM OK csrss.exe\user32.dll 
1/18/2012 9:33:18 PM OK csrss.exe\kernel32.dll 
1/18/2012 9:33:18 PM OK csrss.exe\ntdll.dll 
1/18/2012 9:33:18 PM OK csrss.exe\cryptbase.dll 
1/18/2012 9:33:18 PM OK csrss.exe\sxs.dll 
1/18/2012 9:33:18 PM OK csrss.exe\sxssrv.dll 
1/18/2012 9:33:18 PM OK csrss.exe\winsrv.dll 
1/18/2012 9:33:18 PM OK csrss.exe\basesrv.dll 
1/18/2012 9:33:18 PM OK csrss.exe\csrsrv.dll 
1/18/2012 9:33:18 PM OK csrss.exe\KernelBase.dll 
1/18/2012 9:33:18 PM OK csrss.exe\advapi32.dll 
1/18/2012 9:33:18 PM OK csrss.exe\usp10.dll 
1/18/2012 9:33:18 PM OK csrss.exe\sechost.dll 
1/18/2012 9:33:18 PM OK csrss.exe\gdi32.dll 
1/18/2012 9:33:18 PM OK csrss.exe\rpcrt4.dll 
1/18/2012 9:33:18 PM OK csrss.exe\lpk.dll 
1/18/2012 9:33:18 PM OK csrss.exe\msvcrt.dll 
1/18/2012 9:33:18 PM OK csrss.exe\apisetschema.dll 
1/18/2012 9:33:18 PM OK smss.exe\smss.exe 
1/18/2012 9:33:18 PM OK smss.exe\ntdll.dll 
1/18/2012 9:33:18 PM OK smss.exe\apisetschema.dll 
1/18/2012 9:33:18 PM OK C:\Windows\System32\smss.exe 
1/18/2012 9:33:18 PM OK pid:4\ntdll.dll 
1/18/2012 9:33:18 PM OK pid:4\ntdll.dll 
1/18/2012 9:33:22 PM OK C:\Windows\win.ini 
1/18/2012 9:33:22 PM OK C:\Windows\system.ini 
1/18/2012 9:33:22 PM OK C:\Windows\SysWOW64\explorer.exe 
1/18/2012 9:33:22 PM OK C:\Windows\explorer.exe 
1/18/2012 9:33:22 PM OK C:\Windows\SysWOW64\userinit.exe 
1/18/2012 9:33:22 PM OK C:\Windows\System32\userinit.exe 
1/18/2012 9:33:23 PM OK C:\Windows\System32\klogon.dll 
1/18/2012 9:33:24 PM OK C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe 
1/18/2012 9:33:24 PM OK C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe 
1/18/2012 9:33:24 PM OK C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe 
1/18/2012 9:33:24 PM OK C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe 
1/18/2012 9:33:24 PM OK C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe 
1/18/2012 9:33:24 PM OK C:\Program Files (x86)\Freecorder\FLVSrvc.exe/data0000.res Object was not changed (iChecker) 
1/18/2012 9:33:24 PM OK C:\Program Files (x86)\Freecorder\FLVSrvc.exe 
1/18/2012 9:33:24 PM OK C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe 
1/18/2012 9:33:24 PM OK C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe/# 
1/18/2012 9:33:24 PM OK C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 
1/18/2012 9:33:25 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe 
1/18/2012 9:33:25 PM OK C:\Windows\SysWOW64\grpconv.exe 
1/18/2012 9:33:25 PM OK C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe 
1/18/2012 9:33:26 PM OK C:\Windows\System32\PrintDisp.exe 
1/18/2012 9:33:26 PM OK C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE 
1/18/2012 9:33:26 PM OK C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE 
1/18/2012 9:33:26 PM OK C:\Program Files\Microsoft IntelliType Pro\itype.exe 
1/18/2012 9:33:26 PM OK C:\Program Files\Microsoft IntelliPoint\ipoint.exe 
1/18/2012 9:33:27 PM OK C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 
1/18/2012 9:33:27 PM OK C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe 
1/18/2012 9:33:27 PM OK C:\Program Files\Windows Sidebar\sidebar.exe 
1/18/2012 9:33:27 PM OK C:\Windows\System32\mctadmin.exe 
1/18/2012 9:33:27 PM OK C:\Windows\System32\dpapimig.exe 
1/18/2012 9:33:27 PM OK C:\Program Files (x86)\Windows Mail\wab.exe 
1/18/2012 9:33:27 PM OK C:\Windows\System32\aelupsvc.dll 
1/18/2012 9:33:27 PM OK C:\Windows\System32\appidsvc.dll 
1/18/2012 9:33:27 PM OK C:\Windows\System32\appinfo.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\audiosrv.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\AxInstSv.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\bdesvc.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\BFE.DLL 
1/18/2012 9:33:28 PM OK C:\Windows\System32\qmgr.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\browser.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\bthserv.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\certprop.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\cryptsvc.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\rpcss.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\defragsvc.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\dhcpcore.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\dnsrslvr.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\dot3svc.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\dps.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\eapsvc.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\es.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\fdPHost.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\FDResPub.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\FntCache.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\gpsvc.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\hidserv.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\KMSVC.DLL 
1/18/2012 9:33:28 PM OK C:\Windows\System32\ListSvc.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\provsvc.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\IKEEXT.DLL 
1/18/2012 9:33:28 PM OK C:\Windows\System32\IPBusEnum.dll 
1/18/2012 9:33:28 PM OK C:\Windows\System32\iphlpsvc.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\msdtckrm.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\srvsvc.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\wkssvc.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\lltdsvc.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\lmhsvc.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\Mcx2Svc.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\mmcss.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\MPSSVC.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\iscsiexe.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\QAGENTRT.DLL 
1/18/2012 9:33:29 PM OK C:\Windows\System32\netman.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\netprofm.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\nlasvc.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\nsisvc.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\pnrpsvc.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\p2psvc.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\pcasvc.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\pla.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\umpnpmgr.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\pnrpauto.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\IPSECSVC.DLL 
1/18/2012 9:33:29 PM OK C:\Windows\System32\umpo.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\profsvc.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\qwave.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\rasauto.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\rasmans.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\mprdim.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\regsvc.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\RpcEpMap.dll 
1/18/2012 9:33:29 PM OK C:\Windows\System32\SCardSvr.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\schedsvc.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\sdrsvc.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\seclogon.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\Sens.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\sensrsvc.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\SessEnv.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\ipnathlp.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\shsvcs.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\sppuinotify.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\ssdpsrv.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\sstpsvc.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\wiaservc.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\swprv.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\sysmain.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\TabSvc.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\tapisrv.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\tbssvc.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\termsrv.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\themeservice.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\trkwks.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\upnphost.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\uxsms.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\w32time.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\wbiosrvc.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\wcncsvc.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\WcsPlugInService.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\wdi.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\WebClnt.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\wecsvc.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\wercplsupport.dll 
1/18/2012 9:33:30 PM OK C:\Windows\System32\wersvc.dll 
1/18/2012 9:33:30 PM OK C:\Program Files\Windows Defender\MpSvc.dll 
1/18/2012 9:33:31 PM OK C:\Windows\System32\winhttp.dll 
1/18/2012 9:33:31 PM OK C:\Windows\System32\wbem\WMIsvc.dll 
1/18/2012 9:33:31 PM OK C:\Windows\System32\WsmSvc.dll 
1/18/2012 9:33:31 PM OK C:\Windows\System32\wlansvc.dll 
1/18/2012 9:33:31 PM OK C:\Windows\System32\wpcsvc.dll 
1/18/2012 9:33:31 PM OK C:\Windows\System32\wpdbusenum.dll 
1/18/2012 9:33:31 PM OK C:\Windows\System32\wscsvc.dll 
1/18/2012 9:33:31 PM OK C:\Windows\System32\wuaueng.dll 
1/18/2012 9:33:31 PM OK C:\Windows\System32\WUDFSvc.dll 
1/18/2012 9:33:31 PM OK C:\Windows\System32\wwansvc.dll 
1/18/2012 9:33:31 PM OK C:\Windows\System32\drivers\1394ohci.sys 
1/18/2012 9:33:31 PM OK C:\Windows\System32\drivers\25103228.sys 
1/18/2012 9:33:31 PM OK C:\Windows\System32\drivers\61883.sys 
1/18/2012 9:33:32 PM OK C:\Windows\System32\drivers\acpi.sys 
1/18/2012 9:33:32 PM OK C:\Windows\System32\drivers\acpipmi.sys 
1/18/2012 9:33:32 PM OK C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 6\WVSScheduler.exe 
1/18/2012 9:33:32 PM OK C:\Windows\System32\drivers\adfs.sys 
1/18/2012 9:33:32 PM OK C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe 
1/18/2012 9:33:32 PM OK C:\Windows\System32\drivers\adp94xx.sys 
1/18/2012 9:33:32 PM OK C:\Windows\System32\drivers\adpahci.sys 
1/18/2012 9:33:32 PM OK C:\Windows\System32\drivers\adpu320.sys 
1/18/2012 9:33:32 PM OK C:\Windows\System32\svchost.exe 
1/18/2012 9:33:32 PM OK C:\Windows\System32\drivers\afd.sys 
1/18/2012 9:33:32 PM OK C:\Windows\System32\drivers\AGP440.sys 
1/18/2012 9:33:32 PM OK C:\Windows\System32\drivers\ahcix64s.sys 
1/18/2012 9:33:32 PM OK C:\Windows\System32\alg.exe 
1/18/2012 9:33:32 PM OK C:\Windows\System32\drivers\aliide.sys 
1/18/2012 9:33:32 PM OK C:\Windows\System32\atiesrxx.exe 
1/18/2012 9:33:32 PM OK C:\Windows\System32\drivers\amdide.sys 
1/18/2012 9:33:33 PM OK C:\Windows\System32\drivers\amdk8.sys 
1/18/2012 9:33:33 PM OK C:\Windows\System32\drivers\amdppm.sys 
1/18/2012 9:33:33 PM OK C:\Windows\System32\drivers\amdsata.sys 
1/18/2012 9:33:33 PM OK C:\Windows\System32\drivers\amdsbs.sys 
1/18/2012 9:33:33 PM OK C:\Windows\System32\drivers\amdxata.sys 
1/18/2012 9:33:33 PM OK C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe 
1/18/2012 9:33:33 PM OK C:\Windows\System32\drivers\appid.sys 
1/18/2012 9:33:33 PM OK C:\Windows\System32\drivers\arc.sys 
1/18/2012 9:33:33 PM OK C:\Windows\System32\drivers\arcsas.sys 
1/18/2012 9:33:33 PM OK C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 
1/18/2012 9:33:33 PM OK C:\Windows\System32\drivers\asyncmac.sys 
1/18/2012 9:33:33 PM OK C:\Windows\System32\drivers\atapi.sys 
1/18/2012 9:33:33 PM OK C:\Windows\System32\drivers\athrx.sys 
1/18/2012 9:33:33 PM OK C:\Windows\System32\drivers\atikmdag.sys 
1/18/2012 9:33:33 PM OK C:\Windows\System32\drivers\AtiPcie.sys 
1/18/2012 9:33:33 PM OK C:\Windows\System32\drivers\avc.sys 
1/18/2012 9:33:33 PM OK C:\Windows\System32\drivers\bxvbda.sys 
1/18/2012 9:33:33 PM OK C:\Windows\System32\drivers\b57nd60a.sys 
1/18/2012 9:33:33 PM OK C:\Windows\System32\drivers\beep.sys 
1/18/2012 9:33:34 PM OK C:\Windows\System32\drivers\blbdrive.sys 
1/18/2012 9:33:34 PM OK C:\Windows\System32\drivers\bowser.sys 
1/18/2012 9:33:34 PM OK C:\Windows\System32\drivers\BrFiltLo.sys 
1/18/2012 9:33:34 PM OK C:\Windows\System32\drivers\BrFiltUp.sys 
1/18/2012 9:33:34 PM OK C:\Windows\System32\drivers\bridge.sys 
1/18/2012 9:33:34 PM OK C:\Windows\System32\drivers\BrSerId.sys 
1/18/2012 9:33:34 PM OK C:\Windows\System32\drivers\BrSerWdm.sys 
1/18/2012 9:33:34 PM OK C:\Windows\System32\drivers\BrUsbMdm.sys 
1/18/2012 9:33:34 PM OK C:\Windows\System32\drivers\BrUsbSer.sys 
1/18/2012 9:33:34 PM OK C:\Windows\System32\drivers\bthmodem.sys 
1/18/2012 9:33:34 PM OK C:\Windows\System32\drivers\cdfs.sys 
1/18/2012 9:33:34 PM OK C:\Windows\System32\drivers\cdrom.sys 
1/18/2012 9:33:34 PM OK C:\Windows\System32\drivers\circlass.sys 
1/18/2012 9:33:34 PM OK C:\Windows\System32\clfs.sys 
1/18/2012 9:33:34 PM OK C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 
1/18/2012 9:33:34 PM OK C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 
1/18/2012 9:33:34 PM OK C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 
1/18/2012 9:33:34 PM OK C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 
1/18/2012 9:33:34 PM OK C:\Windows\System32\drivers\CmBatt.sys 
1/18/2012 9:33:34 PM OK C:\Windows\System32\drivers\cmdide.sys 
1/18/2012 9:33:34 PM OK C:\Windows\System32\drivers\cng.sys 
1/18/2012 9:33:34 PM OK C:\Windows\System32\drivers\compbatt.sys 
1/18/2012 9:33:34 PM OK C:\Windows\System32\drivers\CompositeBus.sys 
1/18/2012 9:33:34 PM OK C:\Windows\System32\dllhost.exe 
1/18/2012 9:33:35 PM OK C:\Windows\System32\drivers\crcdisk.sys 
1/18/2012 9:33:35 PM OK C:\Windows\System32\drivers\CSCrySec.sys 
1/18/2012 9:33:35 PM OK C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe 
1/18/2012 9:33:35 PM OK C:\Windows\System32\drivers\CSVirtualDiskDrv.sys 
1/18/2012 9:33:35 PM OK C:\Windows\System32\drivers\dc3d.sys 
1/18/2012 9:33:35 PM OK C:\Windows\System32\drivers\dfsc.sys 
1/18/2012 9:33:35 PM OK C:\Windows\System32\drivers\discache.sys 
1/18/2012 9:33:35 PM OK C:\Windows\System32\drivers\disk.sys 
1/18/2012 9:33:35 PM OK C:\Windows\System32\drivers\drmkaud.sys 
1/18/2012 9:33:35 PM OK C:\Windows\System32\drivers\dxgkrnl.sys 
1/18/2012 9:33:35 PM OK C:\Windows\System32\drivers\evbda.sys 
1/18/2012 9:33:35 PM OK C:\Windows\System32\lsass.exe 
1/18/2012 9:33:35 PM OK C:\Windows\ehome\ehrecvr.exe 
1/18/2012 9:33:35 PM OK C:\Windows\ehome\ehsched.exe 
1/18/2012 9:33:35 PM OK C:\Windows\System32\drivers\ElbyCDIO.sys 
1/18/2012 9:33:35 PM OK C:\Windows\System32\drivers\elxstor.sys 
1/18/2012 9:33:36 PM OK C:\Windows\System32\drivers\errdev.sys 
1/18/2012 9:33:36 PM OK C:\Windows\System32\drivers\exfat.sys 
1/18/2012 9:33:36 PM OK C:\Windows\System32\drivers\fastfat.sys 
1/18/2012 9:33:36 PM OK C:\Windows\System32\FXSSVC.exe 
1/18/2012 9:33:36 PM OK C:\Windows\System32\drivers\fdc.sys 
1/18/2012 9:33:36 PM OK C:\Windows\System32\drivers\fileinfo.sys 
1/18/2012 9:33:36 PM OK C:\Windows\System32\drivers\filetrace.sys 
1/18/2012 9:33:36 PM OK C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe 
1/18/2012 9:33:36 PM OK C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 
1/18/2012 9:33:36 PM OK C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe 
1/18/2012 9:33:36 PM OK C:\Windows\System32\drivers\flpydisk.sys 
1/18/2012 9:33:36 PM OK C:\Windows\System32\drivers\fltMgr.sys 
1/18/2012 9:33:36 PM OK C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe 
1/18/2012 9:33:36 PM OK C:\Windows\System32\drivers\fsdepends.sys 
1/18/2012 9:33:36 PM OK C:\Windows\System32\drivers\fvevol.sys 
1/18/2012 9:33:36 PM OK C:\Windows\System32\drivers\GAGP30KX.SYS 
1/18/2012 9:33:36 PM OK C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe 
1/18/2012 9:33:36 PM OK C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 
1/18/2012 9:33:37 PM OK C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 
1/18/2012 9:33:37 PM OK C:\Windows\System32\drivers\hcw85cir.sys 
1/18/2012 9:33:37 PM OK C:\Windows\System32\drivers\hdaudbus.sys 
1/18/2012 9:33:37 PM OK C:\Windows\System32\drivers\hidbatt.sys 
1/18/2012 9:33:37 PM OK C:\Windows\System32\drivers\hidbth.sys 
1/18/2012 9:33:37 PM OK C:\Windows\System32\drivers\hidir.sys 
1/18/2012 9:33:37 PM OK C:\Windows\System32\drivers\hidusb.sys 
1/18/2012 9:33:37 PM OK C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe 
1/18/2012 9:33:37 PM OK C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe 
1/18/2012 9:33:37 PM OK C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe 
1/18/2012 9:33:37 PM OK C:\Windows\System32\drivers\HpSAMD.sys 
1/18/2012 9:33:37 PM OK C:\Windows\System32\drivers\http.sys 
1/18/2012 9:33:37 PM OK C:\Windows\System32\drivers\hwpolicy.sys 
1/18/2012 9:33:37 PM OK C:\Windows\System32\drivers\i8042prt.sys 
1/18/2012 9:33:38 PM OK C:\Windows\System32\drivers\iaStorV.sys 
1/18/2012 9:33:38 PM OK C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 
1/18/2012 9:33:38 PM OK C:\Windows\System32\drivers\iirsp.sys 
1/18/2012 9:33:38 PM OK C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe 
1/18/2012 9:33:38 PM OK C:\Windows\System32\drivers\RTKVHD64.sys 
1/18/2012 9:33:38 PM OK C:\Windows\System32\drivers\intelide.sys 
1/18/2012 9:33:38 PM OK C:\Windows\System32\drivers\intelppm.sys 
1/18/2012 9:33:38 PM OK C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe 
1/18/2012 9:33:38 PM OK C:\Windows\System32\drivers\ipfltdrv.sys 
1/18/2012 9:33:38 PM OK C:\Windows\System32\drivers\IPMIDrv.sys 
1/18/2012 9:33:38 PM OK C:\Windows\System32\drivers\ipnat.sys 
1/18/2012 9:33:38 PM OK C:\Windows\System32\drivers\irenum.sys 
1/18/2012 9:33:38 PM OK C:\Windows\System32\drivers\isapnp.sys 
1/18/2012 9:33:38 PM OK C:\Windows\System32\drivers\msiscsi.sys 
1/18/2012 9:33:38 PM OK C:\Windows\System32\drivers\kbdclass.sys 
1/18/2012 9:33:38 PM OK C:\Windows\System32\drivers\kbdhid.sys 
1/18/2012 9:33:38 PM OK C:\Windows\System32\drivers\kl1.sys 
1/18/2012 9:33:38 PM OK C:\Windows\System32\drivers\klbg.sys 
1/18/2012 9:33:39 PM OK C:\Windows\System32\drivers\klif.sys 
1/18/2012 9:33:39 PM OK C:\Windows\System32\drivers\klim6.sys 
1/18/2012 9:33:39 PM OK C:\Windows\System32\drivers\klmouflt.sys 
1/18/2012 9:33:39 PM OK C:\Windows\System32\drivers\ksecdd.sys 
1/18/2012 9:33:39 PM OK C:\Windows\System32\drivers\ksecpkg.sys 
1/18/2012 9:33:39 PM OK C:\Windows\System32\drivers\ksthunk.sys 
1/18/2012 9:33:39 PM OK C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 
1/18/2012 9:33:39 PM OK C:\Windows\System32\drivers\lltdio.sys 
1/18/2012 9:33:39 PM OK C:\Windows\System32\drivers\lsi_fc.sys 
1/18/2012 9:33:39 PM OK C:\Windows\System32\drivers\lsi_sas.sys 
1/18/2012 9:33:39 PM OK C:\Windows\System32\drivers\lsi_sas2.sys 
1/18/2012 9:33:39 PM OK C:\Windows\System32\drivers\lsi_scsi.sys 
1/18/2012 9:33:39 PM OK C:\Windows\System32\drivers\luafv.sys 
1/18/2012 9:33:39 PM OK C:\Windows\System32\drivers\lvpopf64.sys 
1/18/2012 9:33:39 PM OK C:\Windows\System32\drivers\LVUSBS64.sys 
1/18/2012 9:33:39 PM OK C:\Windows\System32\drivers\lvuvc64.sys 
1/18/2012 9:33:39 PM OK C:\Windows\System32\drivers\mbam.sys 
1/18/2012 9:33:39 PM OK C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 
1/18/2012 9:33:39 PM OK C:\Windows\System32\drivers\mcdbus.sys 
1/18/2012 9:33:40 PM OK C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE 
1/18/2012 9:33:40 PM OK C:\Windows\System32\drivers\megasas.sys 
1/18/2012 9:33:40 PM OK C:\Windows\System32\drivers\MegaSR.sys  
1/18/2012 9:33:40 PM OK C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 
1/18/2012 9:33:40 PM OK C:\Windows\System32\drivers\modem.sys 
1/18/2012 9:33:40 PM OK C:\Windows\System32\drivers\monitor.sys 
1/18/2012 9:33:40 PM OK C:\Windows\System32\drivers\mouclass.sys 
1/18/2012 9:33:40 PM OK C:\Windows\System32\drivers\mouhid.sys 
1/18/2012 9:33:40 PM OK C:\Windows\System32\drivers\mountmgr.sys 
1/18/2012 9:33:40 PM OK C:\Windows\System32\drivers\mpio.sys 
1/18/2012 9:33:40 PM OK C:\Windows\System32\drivers\mpsdrv.sys 
1/18/2012 9:33:40 PM OK C:\Windows\System32\drivers\mrxdav.sys 
1/18/2012 9:33:40 PM OK C:\Windows\System32\drivers\mrxsmb.sys 
1/18/2012 9:33:40 PM OK C:\Windows\System32\drivers\mrxsmb10.sys 
1/18/2012 9:33:40 PM OK C:\Windows\System32\drivers\mrxsmb20.sys 
1/18/2012 9:33:40 PM OK C:\Windows\System32\drivers\msahci.sys 
1/18/2012 9:33:40 PM OK C:\Windows\System32\drivers\msdsm.sys 
1/18/2012 9:33:40 PM OK C:\Windows\System32\msdtc.exe 
1/18/2012 9:33:40 PM OK C:\Windows\System32\drivers\msdv.sys 
1/18/2012 9:33:40 PM OK C:\Windows\System32\drivers\msfs.sys 
1/18/2012 9:33:40 PM OK C:\Windows\System32\drivers\mshidkmdf.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\msisadrv.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\msiexec.exe 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\mskssrv.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\mspclock.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\mspqm.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\msrpc.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\mssmbios.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\mstee.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\MTConfig.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\mup.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\nwifi.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\ndis.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\ndiscap.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\ndistapi.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\ndisuio.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\ndiswan.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\ndproxy.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\netbios.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\netbt.sys 
1/18/2012 9:33:41 PM OK C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\nfrd960.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\npfs.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\nsiproxy.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\ntfs.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\nuidfltr.sys 
1/18/2012 9:33:41 PM OK C:\Windows\System32\drivers\null.sys 
1/18/2012 9:33:42 PM OK C:\Windows\System32\drivers\nvraid.sys 
1/18/2012 9:33:42 PM OK C:\Windows\System32\drivers\nvstor.sys 
1/18/2012 9:33:42 PM OK C:\Windows\System32\drivers\NV_AGP.SYS 
1/18/2012 9:33:42 PM OK C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\ODSERV.EXE 
1/18/2012 9:33:42 PM  OK C:\Windows\System32\drivers\ohci1394.sys 
1/18/2012 9:33:42 PM OK C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe 
1/18/2012 9:33:42 PM OK C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE 
1/18/2012 9:33:42 PM OK C:\Windows\System32\drivers\parport.sys 
1/18/2012 9:33:42 PM OK C:\Windows\System32\drivers\partmgr.sys 
1/18/2012 9:33:42 PM OK C:\Windows\System32\drivers\pci.sys 
1/18/2012 9:33:42 PM OK C:\Windows\System32\drivers\pciide.sys 
1/18/2012 9:33:42 PM OK C:\Windows\System32\drivers\pcmcia.sys 
1/18/2012 9:33:42 PM OK C:\Windows\System32\drivers\pcw.sys 
1/18/2012 9:33:42 PM OK C:\Windows\System32\drivers\PEAuth.sys 
1/18/2012 9:33:42 PM OK C:\Windows\SysWOW64\perfhost.exe 
1/18/2012 9:33:42 PM OK C:\Windows\System32\drivers\point64.sys 
1/18/2012 9:33:43 PM OK C:\Windows\System32\drivers\raspptp.sys 
1/18/2012 9:33:43 PM OK C:\Windows\System32\PrintCtrl.exe 
1/18/2012 9:33:43 PM OK C:\Windows\System32\drivers\processr.sys 
1/18/2012 9:33:43 PM OK C:\Windows\System32\drivers\pacer.sys 
1/18/2012 9:33:43 PM OK C:\Windows\System32\drivers\ql2300.sys 
1/18/2012 9:33:43 PM OK C:\Windows\System32\drivers\ql40xx.sys 
1/18/2012 9:33:43 PM OK C:\Windows\System32\drivers\qwavedrv.sys 
1/18/2012 9:33:43 PM OK C:\Windows\System32\drivers\rasacd.sys 
1/18/2012 9:33:43 PM OK C:\Windows\System32\drivers\agilevpn.sys 
1/18/2012 9:33:43 PM OK C:\Windows\System32\drivers\rasl2tp.sys 
1/18/2012 9:33:43 PM OK C:\Windows\System32\drivers\raspppoe.sys 
1/18/2012 9:33:43 PM OK C:\Windows\System32\drivers\rassstp.sys 
1/18/2012 9:33:43 PM OK C:\Windows\System32\drivers\rdbss.sys 
1/18/2012 9:33:43 PM OK C:\Windows\System32\drivers\rdpbus.sys 
1/18/2012 9:33:43 PM OK C:\Windows\System32\drivers\RDPCDD.sys 
1/18/2012 9:33:43 PM OK C:\Windows\System32\drivers\RDPENCDD.sys 
1/18/2012 9:33:43 PM OK C:\Windows\System32\drivers\RDPREFMP.sys 
1/18/2012 9:33:43 PM OK C:\Windows\System32\drivers\rdpwd.sys 
1/18/2012 9:33:43 PM OK C:\Windows\System32\drivers\rdyboost.sys 
1/18/2012 9:33:43 PM OK C:\Windows\System32\Locator.exe 
1/18/2012 9:33:43 PM OK C:\Windows\System32\drivers\rspndr.sys 
1/18/2012 9:33:43 PM OK C:\Windows\System32\drivers\RtsUStor.sys 
1/18/2012 9:33:44 PM OK C:\Windows\System32\drivers\Rt64win7.sys 
1/18/2012 9:33:44 PM OK C:\Windows\System32\drivers\sbp2port.sys 
1/18/2012 9:33:44 PM OK C:\Windows\System32\drivers\scfilter.sys 
1/18/2012 9:33:44 PM OK C:\Windows\System32\drivers\secdrv.sys 
1/18/2012 9:33:44 PM OK C:\Windows\System32\drivers\serenum.sys 
1/18/2012 9:33:44 PM OK C:\Windows\System32\drivers\serial.sys 
1/18/2012 9:33:44 PM OK C:\Windows\System32\drivers\sermouse.sys 
1/18/2012 9:33:44 PM OK C:\Windows\System32\drivers\sffdisk.sys 
1/18/2012 9:33:44 PM OK C:\Windows\System32\drivers\sffp_mmc.sys 
1/18/2012 9:33:44 PM OK C:\Windows\System32\drivers\sffp_sd.sys 
1/18/2012 9:33:44 PM OK C:\Windows\System32\drivers\sfloppy.sys 
1/18/2012 9:33:44 PM OK C:\Windows\System32\drivers\sisraid2.sys 
1/18/2012 9:33:44 PM OK C:\Windows\System32\drivers\sisraid4.sys 
1/18/2012 9:33:44 PM OK C:\Windows\System32\drivers\smb.sys 
1/18/2012 9:33:44 PM OK C:\Windows\System32\snmptrap.exe 
1/18/2012 9:33:44 PM OK C:\Windows\System32\drivers\spldr.sys 
1/18/2012 9:33:44 PM OK C:\Windows\System32\spoolsv.exe 
1/18/2012 9:33:44 PM OK C:\Windows\System32\sppsvc.exe 
1/18/2012 9:33:44 PM OK C:\Windows\System32\drivers\srv.sys 
1/18/2012 9:33:44 PM OK C:\Windows\System32\drivers\srv2.sys 
1/18/2012 9:33:44 PM OK C:\Windows\System32\drivers\srvnet.sys 
1/18/2012 9:33:44 PM OK C:\Windows\System32\drivers\stexstor.sys 
1/18/2012 9:33:44 PM OK C:\Windows\System32\drivers\swenum.sys 
1/18/2012 9:33:45 PM OK C:\Windows\System32\drivers\tap0901.sys 
1/18/2012 9:33:45 PM OK C:\Windows\System32\drivers\tcpip.sys 
1/18/2012 9:33:45 PM OK C:\Windows\System32\drivers\tcpipreg.sys 
1/18/2012 9:33:45 PM OK C:\Windows\System32\drivers\tdpipe.sys 
1/18/2012 9:33:45 PM OK C:\Windows\System32\drivers\tdtcp.sys 
1/18/2012 9:33:45 PM OK C:\Windows\System32\drivers\tdx.sys 
1/18/2012 9:33:46 PM OK C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe 
1/18/2012 9:33:46 PM OK C:\Windows\System32\drivers\teamviewervpn.sys 
1/18/2012 9:33:46 PM OK C:\Windows\System32\drivers\termdd.sys 
1/18/2012 9:33:46 PM OK C:\Windows\servicing\TrustedInstaller.exe 
1/18/2012 9:33:46 PM OK C:\Windows\System32\drivers\tssecsrv.sys 
1/18/2012 9:33:46 PM OK C:\Windows\System32\drivers\TsUsbFlt.sys 
1/18/2012 9:33:46 PM OK C:\Windows\System32\drivers\tunnel.sys 
1/18/2012 9:33:46 PM OK C:\Windows\System32\drivers\UAGP35.SYS 
1/18/2012 9:33:46 PM OK C:\Windows\System32\drivers\udfs.sys 
1/18/2012 9:33:46 PM OK C:\Windows\System32\UI0Detect.exe 
1/18/2012 9:33:46 PM OK C:\Windows\System32\drivers\ULIAGPKX.SYS 
1/18/2012 9:33:46 PM OK C:\Windows\System32\drivers\umbus.sys 
1/18/2012 9:33:46 PM OK C:\Windows\System32\drivers\umpass.sys 
1/18/2012 9:33:46 PM OK C:\Windows\System32\drivers\USBAUDIO.sys 
1/18/2012 9:33:47 PM OK C:\Windows\System32\drivers\usbccgp.sys 
1/18/2012 9:33:47 PM OK C:\Windows\System32\drivers\usbcir.sys 
1/18/2012 9:33:47 PM OK C:\Windows\System32\drivers\usbehci.sys 
1/18/2012 9:33:47 PM OK C:\Windows\System32\drivers\usbfilter.sys 
1/18/2012 9:33:47 PM OK C:\Windows\System32\drivers\usbhub.sys 
1/18/2012 9:33:47 PM OK C:\Windows\System32\drivers\usbohci.sys 
1/18/2012 9:33:47 PM OK C:\Windows\System32\drivers\usbprint.sys 
1/18/2012 9:33:47 PM OK C:\Windows\System32\drivers\usbscan.sys 
1/18/2012 9:33:47 PM OK C:\Windows\System32\drivers\USBSTOR.SYS 
1/18/2012 9:33:47 PM OK C:\Windows\System32\drivers\usbuhci.sys 
1/18/2012 9:33:47 PM OK C:\Windows\System32\drivers\V0060Vid.sys 
1/18/2012 9:33:47 PM OK C:\Windows\System32\drivers\VClone.sys 
1/18/2012 9:33:47 PM OK C:\Windows\System32\drivers\vdrvroot.sys 
1/18/2012 9:33:47 PM OK C:\Windows\System32\vds.exe 
1/18/2012 9:33:47 PM OK C:\Windows\System32\drivers\vgapnp.sys 
1/18/2012 9:33:47 PM OK C:\Windows\System32\drivers\vga.sys 
1/18/2012 9:33:48 PM OK C:\Windows\System32\drivers\vhdmp.sys 
1/18/2012 9:33:48 PM OK C:\Windows\System32\drivers\viaide.sys 
1/18/2012 9:33:48 PM OK C:\Windows\System32\drivers\volmgr.sys 
1/18/2012 9:33:48 PM OK C:\Windows\System32\drivers\volmgrx.sys 
1/18/2012 9:33:48 PM OK C:\Windows\System32\drivers\volsnap.sys 
1/18/2012 9:33:48 PM OK C:\Windows\System32\drivers\vsmraid.sys 
1/18/2012 9:33:48 PM OK C:\Windows\System32\VSSVC.exe 
1/18/2012 9:33:48 PM OK C:\Windows\System32\drivers\vwifibus.sys 
1/18/2012 9:33:48 PM OK C:\Windows\System32\drivers\vwififlt.sys 
1/18/2012 9:33:48 PM OK C:\Windows\System32\drivers\wacompen.sys 
1/18/2012 9:33:48 PM OK C:\Windows\System32\drivers\wanarp.sys 
1/18/2012 9:33:48 PM OK C:\Windows\System32\Wat\WatAdminSvc.exe 
1/18/2012 9:33:48 PM OK C:\Windows\System32\wbengine.exe 
1/18/2012 9:33:48 PM OK C:\Windows\System32\drivers\wd.sys 
1/18/2012 9:33:48 PM OK C:\Windows\System32\drivers\Wdf01000.sys 
1/18/2012 9:33:48 PM OK C:\Windows\System32\drivers\wfplwf.sys 
1/18/2012 9:33:48 PM OK C:\Windows\System32\drivers\wimmount.sys 
1/18/2012 9:33:48 PM OK C:\Program Files\WinAutomation\WinAutomation.ServiceAgent.exe 
1/18/2012 9:33:48 PM OK C:\Windows\System32\drivers\winusb.sys 
1/18/2012 9:33:48 PM OK C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 
1/18/2012 9:33:49 PM OK C:\Windows\System32\drivers\wmiacpi.sys 
1/18/2012 9:33:49 PM OK C:\Windows\System32\wbem\WmiApSrv.exe 
1/18/2012 9:33:49 PM OK C:\Program Files\Windows Media Player\wmpnetwk.exe 
1/18/2012 9:33:49 PM OK C:\Windows\System32\drivers\ws2ifsl.sys 
1/18/2012 9:33:49 PM OK C:\Windows\System32\drivers\WSDPrint.sys 
1/18/2012 9:33:49 PM OK C:\Windows\System32\SearchIndexer.exe 
1/18/2012 9:33:49 PM OK C:\Windows\System32\drivers\WUDFPf.sys 
1/18/2012 9:33:49 PM OK C:\Windows\System32\drivers\WUDFRd.sys 
1/18/2012 9:33:49 PM OK C:\Windows\System32\autochk.exe 
1/18/2012 9:33:50 PM OK C:\Windows\System32\scecli.dll 
1/18/2012 9:33:50 PM OK C:\Windows\SysWOW64\unregmp2.exe 
1/18/2012 9:33:50 PM OK C:\Windows\SysWOW64\ie4uinit.exe 
1/18/2012 9:33:50 PM OK C:\Windows\SysWOW64\rundll32.exe 
1/18/2012 9:33:50 PM OK C:\Windows\SysWOW64\iedkcs32.dll 
1/18/2012 9:33:50 PM OK C:\Windows\SysWOW64\regsvr32.exe 
1/18/2012 9:33:50 PM OK C:\Windows\SysWOW64\themeui.dll 
1/18/2012 9:33:50 PM OK C:\Windows\SysWOW64\cmd.exe 
1/18/2012 9:33:50 PM OK C:\Program Files (x86)\Windows Mail\WinMail.exe 
1/18/2012 9:33:50 PM OK C:\Windows\SysWOW64\shell32.dll 
1/18/2012 9:33:51 PM OK C:\Windows\SysWOW64\mscories.dll 
1/18/2012 9:33:51 PM OK C:\Windows\System32\unregmp2.exe 
1/18/2012 9:33:51 PM OK C:\Windows\System32\ie4uinit.exe 
1/18/2012 9:33:51 PM OK C:\Windows\System32\rundll32.exe 
1/18/2012 9:33:51 PM OK C:\Windows\System32\iedkcs32.dll 
1/18/2012 9:33:51 PM OK C:\Windows\System32\regsvr32.exe 
1/18/2012 9:33:51 PM OK C:\Windows\System32\themeui.dll 
1/18/2012 9:33:51 PM OK C:\Program Files\Windows Mail\WinMail.exe 
1/18/2012 9:33:51 PM OK C:\Windows\System32\shell32.dll 
1/18/2012 9:33:51 PM OK C:\Windows\System32\mscories.dll 
1/18/2012 9:33:52 PM OK C:\Windows\SysWOW64\msrle32.dll 
1/18/2012 9:33:52 PM OK C:\Windows\SysWOW64\msvidc32.dll 
1/18/2012 9:33:52 PM OK C:\Windows\SysWOW64\imaadp32.acm 
1/18/2012 9:33:52 PM OK C:\Windows\SysWOW64\msg711.acm 
1/18/2012 9:33:52 PM OK C:\Windows\SysWOW64\msgsm32.acm 
1/18/2012 9:33:52 PM OK C:\Windows\SysWOW64\msadp32.acm 
1/18/2012 9:33:52 PM OK C:\Windows\SysWOW64\midimap.dll 
1/18/2012 9:33:52 PM OK C:\Windows\SysWOW64\msacm32.drv 
1/18/2012 9:33:52 PM OK C:\Windows\SysWOW64\msyuv.dll 
1/18/2012 9:33:52 PM OK C:\Windows\System32\msyuv.dll 
1/18/2012 9:33:52 PM OK C:\Windows\SysWOW64\iyuv_32.dll 
1/18/2012 9:33:52 PM OK C:\Windows\SysWOW64\lvcodec2.dll 
1/18/2012 9:33:52 PM OK C:\Windows\SysWOW64\tsbyuv.dll 
1/18/2012 9:33:52 PM OK C:\Windows\SysWOW64\l3codeca.acm 
1/18/2012 9:33:52 PM OK C:\Windows\SysWOW64\iccvid.dll 
1/18/2012 9:33:52 PM OK C:\Windows\SysWOW64\l3codecp.acm 
1/18/2012 9:33:52 PM OK C:\Windows\SysWOW64\ff_vfw.dll 
1/18/2012 9:33:52 PM OK C:\Windows\SysWOW64\ac3filter.acm 
1/18/2012 9:33:52 PM OK C:\Windows\SysWOW64\wdmaud.drv 
1/18/2012 9:33:52 PM OK C:\Windows\System32\wdmaud.drv 
1/18/2012 9:33:52 PM OK C:\Windows\SysWOW64\sirenacm.dll 
1/18/2012 9:33:53 PM OK C:\Windows\System32\msrle32.dll 
1/18/2012 9:33:53 PM OK C:\Windows\System32\msvidc32.dll 
1/18/2012 9:33:53 PM OK C:\Windows\System32\imaadp32.acm 
1/18/2012 9:33:53 PM OK C:\Windows\System32\msg711.acm 
1/18/2012 9:33:53 PM OK C:\Windows\System32\msgsm32.acm 
1/18/2012 9:33:53 PM OK C:\Windows\System32\msadp32.acm 
1/18/2012 9:33:53 PM OK C:\Windows\System32\midimap.dll 
1/18/2012 9:33:53 PM OK C:\Windows\System32\msacm32.drv 
1/18/2012 9:33:53 PM OK C:\Windows\System32\iyuv_32.dll 
1/18/2012 9:33:53 PM OK C:\Windows\System32\lvcod64.dll 
1/18/2012 9:33:53 PM OK C:\Windows\System32\tsbyuv.dll 
1/18/2012 9:33:53 PM OK C:\Windows\System32\l3codeca.acm 
1/18/2012 9:33:53 PM OK C:\Windows\System32\ac3filter64.acm 
1/18/2012 9:33:53 PM OK C:\Windows\System32\vfwwdm32.dll 
1/18/2012 9:33:53 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\mzvkbd3.dll 
1/18/2012 9:33:53 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\sbhook.dll 
1/18/2012 9:33:53 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\kloehk.dll 
1/18/2012 9:33:53 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\sbhook64.dll 
1/18/2012 9:33:55 PM OK C:\Windows\SysWOW64\webcheck.dll 
1/18/2012 9:33:55 PM OK C:\Windows\System32\webcheck.dll 
1/18/2012 9:33:55 PM OK C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll 
1/18/2012 9:33:55 PM OK C:\Windows\System32\shdocvw.dll 
1/18/2012 9:33:55 PM OK C:\Windows\System32\mf.dll 
1/18/2012 9:33:56 PM OK C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll 
1/18/2012 9:33:56 PM OK C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\MSONSEXT.DLL 
1/18/2012 9:33:56 PM OK C:\Program Files (x86)\Microsoft Office\Office12\MSOHEVI.DLL 
1/18/2012 9:33:56 PM OK C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL 
1/18/2012 9:33:56 PM OK C:\Program Files (x86)\Microsoft Office\Office12\OLKFSTUB.DLL 
1/18/2012 9:33:56 PM OK C:\Program Files (x86)\Microsoft Office\Office12\MLSHEXT.DLL 
1/18/2012 9:33:56 PM OK C:\Program Files (x86)\Microsoft Office\Office12\ONFILTER.DLL 
1/18/2012 9:33:57 PM Packed: PE_Patch C:\Program Files (x86)\WinZip\WZSHLSTB.DLL 
1/18/2012 9:33:57 PM OK C:\Program Files (x86)\WinZip\WZSHLSTB.DLL/PE_Patch 
1/18/2012 9:33:57 PM OK C:\Program Files (x86)\WinZip\WZSHLSTB.DLL 
1/18/2012 9:33:57 PM OK C:\Program Files (x86)\WinZip\WZSHLS64.DLL 
1/18/2012 9:33:57 PM OK C:\Program Files (x86)\Haali\MatroskaSplitter\mmfinfo.dll 
1/18/2012 9:33:57 PM OK C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu.dll 
1/18/2012 9:33:58 PM OK C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu64.dll 
1/18/2012 9:33:58 PM Packed: UPX C:\Program Files (x86)\Free M4a to MP3 Converter\m4a_menu.dll 
1/18/2012 9:33:58 PM OK C:\Program Files (x86)\Free M4a to MP3 Converter\m4a_menu.dll/UPX 
1/18/2012 9:33:58 PM OK C:\Program Files (x86)\Free M4a to MP3 Converter\m4a_menu.dll 
1/18/2012 9:33:58 PM OK C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe 
1/18/2012 9:33:58 PM OK C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll 
1/18/2012 9:33:58 PM OK C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShimx64.dll 
1/18/2012 9:33:58 PM OK C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe 
1/18/2012 9:33:58 PM OK C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiama64.dll 
1/18/2012 9:33:58 PM OK C:\Program Files (x86)\Hewlett-Packard\Recovery\Protect.dll 
1/18/2012 9:33:59 PM OK C:\Program Files\Common Files\Microsoft Shared\OFFICE12\msoshext.dll 
1/18/2012 9:33:59 PM OK C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll 
1/18/2012 9:33:59 PM OK C:\Program Files\Microsoft IntelliType Pro\itcplKey.dll 
1/18/2012 9:33:59 PM OK C:\Program Files\Microsoft IntelliType Pro\itcplwhl.dll 
1/18/2012 9:33:59 PM OK C:\Program Files\Microsoft IntelliType Pro\itcplzm.dll 
1/18/2012 9:33:59 PM OK C:\Program Files\Microsoft IntelliType Pro\itcpltp.dll 
1/18/2012 9:33:59 PM OK C:\Program Files\Microsoft IntelliType Pro\itcplwir.dll 
1/18/2012 9:33:59 PM OK C:\Program Files\Microsoft IntelliPoint\ipcplact.dll 
1/18/2012 9:33:59 PM OK C:\Program Files\Microsoft IntelliPoint\ipcplbtn.dll 
1/18/2012 9:33:59 PM OK C:\Program Files\Microsoft IntelliPoint\ipcplsens.dll 
1/18/2012 9:34:00 PM OK C:\Program Files\Microsoft IntelliPoint\ipcplwhl.dll 
1/18/2012 9:34:00 PM OK C:\Program Files\Microsoft IntelliPoint\ipcplwir.dll 
1/18/2012 9:34:00 PM OK C:\Program Files\Microsoft IntelliPoint\ipcpltouch.dll 
1/18/2012 9:34:00 PM OK C:\Program Files\Microsoft IntelliPoint\ipcpltouchstrip.dll 
1/18/2012 9:34:00 PM OK C:\Program Files\Microsoft IntelliPoint\ipcpltouchmouse.dll 
1/18/2012 9:34:00 PM OK C:\Program Files (x86)\Serif\WebPlus Starter Edition\3.0\Program\ThumbnailProvider64.dll 
1/18/2012 9:34:00 PM OK C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin.dll 
1/18/2012 9:34:00 PM OK C:\Program Files (x86)\Adobe\Adobe Contribute CS4\contributeieplugin.dll 
1/18/2012 9:34:01 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm 
1/18/2012 9:34:01 PM OK C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll 
1/18/2012 9:34:01 PM OK C:\Users\Owner\AppData\Roaming\FlashGetBHO\GetAllUrl.htm 
1/18/2012 9:34:01 PM OK C:\Users\Owner\AppData\Roaming\FlashGetBHO\GetUrl.htm 
1/18/2012 9:34:01 PM OK C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE 
1/18/2012 9:34:01 PM OK C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll 
1/18/2012 9:34:01 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll 
1/18/2012 9:34:01 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\ievkbd.dll 
1/18/2012 9:34:02 PM OK C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll 
1/18/2012 9:34:02 PM OK C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
1/18/2012 9:34:02 PM OK C:\Program Files (x86)\Windows Live\Companion\companioncore.dll 
1/18/2012 9:34:02 PM OK C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll 
1/18/2012 9:34:02 PM OK C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll 
1/18/2012 9:34:02 PM OK C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll 
1/18/2012 9:34:02 PM OK C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll 
1/18/2012 9:34:02 PM OK C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll/data0000.res Object was not changed (iChecker) 
1/18/2012 9:34:02 PM OK C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll 
1/18/2012 9:34:02 PM OK C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll 
1/18/2012 9:34:03 PM OK C:\Users\Owner\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll 
1/18/2012 9:34:03 PM OK C:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll 
1/18/2012 9:34:03 PM OK C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll 
1/18/2012 9:34:03 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll 
1/18/2012 9:34:03 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll 
1/18/2012 9:34:03 PM OK C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe 
1/18/2012 9:34:03 PM OK C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcrobatInfo.exe 
1/18/2012 9:34:04 PM OK C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrodist.exe 
1/18/2012 9:34:04 PM OK C:\Program Files (x86)\Adobe\Adobe Soundbooth CS4\Adobe Soundbooth CS4.exe 
1/18/2012 9:34:04 PM OK C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Bridge.exe 
1/18/2012 9:34:04 PM OK C:\Windows\System32\cmcfg32.dll 
1/18/2012 9:34:04 PM OK C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNELMAIN.EXE 
1/18/2012 9:34:04 PM OK C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZMAIN.EXE 
1/18/2012 9:34:04 PM Packed: UPX C:\Users\Owner\Desktop\ComboFix.exe 
1/18/2012 9:34:04 PM Archive: NSIS C:\Users\Owner\Desktop\ComboFix.exe/UPX 
1/18/2012 9:34:04 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0001 
1/18/2012 9:34:04 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0002 
1/18/2012 9:34:04 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0003 
1/18/2012 9:34:04 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0004 
1/18/2012 9:34:04 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0005 
1/18/2012 9:34:04 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0006 
1/18/2012 9:34:04 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0007 
1/18/2012 9:34:04 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0008 
1/18/2012 9:34:04 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0009 
1/18/2012 9:34:04 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0010 
1/18/2012 9:34:04 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0011 
1/18/2012 9:34:04 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0012 
1/18/2012 9:34:04 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0013 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0014 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0015 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0016 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0017 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0018 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0019 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0020 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0021 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0022 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0023 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0024 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0025 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0026 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0027 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0028 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0029 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0030 
1/18/2012 9:34:05 PM Packed: UPX C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0031 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0031/UPX 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0031 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0032 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0033 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0034 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0035 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0036 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0037 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0038 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0039 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0040 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0041 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0042 
1/18/2012 9:34:05 PM Packed: UPX C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0043 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0043/UPX 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0043 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0044 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0045 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0046 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0047 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0048 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0049 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0050 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0051 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0052 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0053 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0054 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0055 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0056 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0057 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0058 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0059 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0060 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0061 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0062 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0063 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0064 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0065 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0066 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0067 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0068 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0069 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0070 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0071 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0072 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0073 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0074 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0075 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0076 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0077 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0078 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0079 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0080 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0081 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0082 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0083 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0084 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0085 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0086 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0087 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0088 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0089 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0090 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0091 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0092 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0093 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0094 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0095 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0096/JIM 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0096 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0097 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0098 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0099 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0100 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0101 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0102 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0103 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0104 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0105 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0106 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0107 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0108 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0109 
1/18/2012 9:34:05 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0110 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0111 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0112 
1/18/2012 9:34:06 PM Packed: UPX C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0113 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0113/UPX 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0113 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0114 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0115 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0116 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0117 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0118 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0119 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0120 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0121 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0122 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0123 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0124 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0125/data0000.res/data0001.res 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0125/data0000.res 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0125/data0002.res 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0125/data0003.res 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0125 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0126 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0127 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0128 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0129 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0130 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0131/JIM 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0131 
1/18/2012 9:34:06 PM Packed: PE_Patch C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0132/data0000.res 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0132/data0000.res/PE_Patch 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0132/data0000.res 
1/18/2012 9:34:06 PM Packed: PE_Patch C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0132/# 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0132/#/PE_Patch 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0132/# 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0132 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0133 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0134 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0135 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0136 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0138 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0139 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0140 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0141 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0142 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0143 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0144 
1/18/2012 9:34:06 PM Packed: PE_Patch.PECompact C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0145 
1/18/2012 9:34:06 PM Packed: PecBundle C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0145/PE_Patch.PECompact 
1/18/2012 9:34:06 PM Packed: PECompact C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0145/PE_Patch.PECompact/PecBundle 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0145/PE_Patch.PECompact/PecBundle/PECompact 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0145/PE_Patch.PECompact/PecBundle 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0145/PE_Patch.PECompact 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0145 
1/18/2012 9:34:06 PM Packed: PE_Patch.PECompact C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0146 
1/18/2012 9:34:06 PM Packed: PecBundle C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0146/PE_Patch.PECompact 
1/18/2012 9:34:06 PM Packed: PECompact C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0146/PE_Patch.PECompact/PecBundle 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0146/PE_Patch.PECompact/PecBundle/PECompact 
1/18/2012 9:34:06 PM  OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0146/PE_Patch.PECompact/PecBundle 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0146/PE_Patch.PECompact 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0146 
1/18/2012 9:34:06 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0147 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0148 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0149 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0150 
1/18/2012 9:34:07 PM Packed: PE_Patch C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0151/data0000.res 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0151/data0000.res/PE_Patch 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0151/data0000.res 
1/18/2012 9:34:07 PM Packed: PE_Patch C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0151/# 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0151/#/PE_Patch 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0151/# 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0151 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0152 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0153 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0154 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0155 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0156 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0157 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0158 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0159 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0160 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0161 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0162 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0163 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0164 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0165 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0166 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0167 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0168 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0169 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0170 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0171 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0172 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0173 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0174 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0175 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0176 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0177 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0178 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0179 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0180 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0181 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0182 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0183 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0184 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0185 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0186 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0187 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0188 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0189 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0190 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0191 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0192 
1/18/2012 9:34:07 PM Archive: ZIP C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0193 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0193/pv.exe 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0193/pv.txt 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0193 
1/18/2012 9:34:07 PM Archive: ZIP C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0194 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0194/FS.bat 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0194/RS.bat 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0194/CS.exe 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0194/DS.exe 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0194/LS.exe 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0194/readme.txt 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0194/SF.exe 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0194/SFs.bat 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0194 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0195 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0196 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX/data0197 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/UPX 
1/18/2012 9:34:07 PM Archive: NSIS C:\Users\Owner\Desktop\ComboFix.exe 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0001 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0002 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0003 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0004 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0005 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0006 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0007 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0008 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0009 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0010 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0011 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0012 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0013 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0014 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0015 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0016 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0017 
1/18/2012 9:34:07 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0018 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0019 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0020 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0021 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0022 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0023 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0024 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0025 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0026 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0027 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0028 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0029 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0030 
1/18/2012 9:34:08 PM Packed: UPX C:\Users\Owner\Desktop\ComboFix.exe/data0031 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0031/UPX 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0031 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0032 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0033 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0034 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0035 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0036 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0037 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0038 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0039 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0040 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0041 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0042 
1/18/2012 9:34:08 PM Packed: UPX C:\Users\Owner\Desktop\ComboFix.exe/data0043 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0043/UPX 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0043 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0044 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0045 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0046 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0047 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0048 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0049 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0050 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0051 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0052 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0053 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0054 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0055 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0056 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0057 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0058 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0059 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0060 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0061 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0062 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0063 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0064 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0065 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0066 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0067 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0068 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0069 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0070 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0071 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0072 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0073 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0074 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0075 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0076 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0077 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0078 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0079 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0080 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0081 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0082 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0083 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0084 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0085 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0086 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0087 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0088 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0089 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0090 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0091 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0092 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0093 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0094 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0095 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0096/JIM 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0096 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0097 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0098 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0099 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0100 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0101 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0102 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0103 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0104 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0105 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0106 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0107 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0108 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0109 
1/18/2012 9:34:08 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0110 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0111 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0112 
1/18/2012 9:34:09 PM Packed: UPX C:\Users\Owner\Desktop\ComboFix.exe/data0113 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0113/UPX 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0113 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0114 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0115 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0116 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0117 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0118 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0119 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0120 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0121 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0122 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0123 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0124 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0125/data0000.res Object was not changed (iChecker) 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0125/data0002.res Object was not changed (iChecker) 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0125/data0003.res Object was not changed (iChecker) 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0125 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0126 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0127 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0128 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0129 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0130 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0131/JIM 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0131 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0132/data0000.res Object was not changed (iChecker) 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0132/# Object was not changed (iChecker) 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0132 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0133 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0134 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0135 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0136 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0138 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0139 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0140 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0141 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0142 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0143 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0144 
1/18/2012 9:34:09 PM Packed: PE_Patch.PECompact C:\Users\Owner\Desktop\ComboFix.exe/data0145 
1/18/2012 9:34:09 PM Packed: PecBundle C:\Users\Owner\Desktop\ComboFix.exe/data0145/PE_Patch.PECompact 
1/18/2012 9:34:09 PM Packed: PECompact C:\Users\Owner\Desktop\ComboFix.exe/data0145/PE_Patch.PECompact/PecBundle 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0145/PE_Patch.PECompact/PecBundle/PECompact 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0145/PE_Patch.PECompact/PecBundle 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0145/PE_Patch.PECompact 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0145 
1/18/2012 9:34:09 PM Packed: PE_Patch.PECompact C:\Users\Owner\Desktop\ComboFix.exe/data0146 
1/18/2012 9:34:09 PM Packed: PecBundle C:\Users\Owner\Desktop\ComboFix.exe/data0146/PE_Patch.PECompact 
1/18/2012 9:34:09 PM Packed: PECompact C:\Users\Owner\Desktop\ComboFix.exe/data0146/PE_Patch.PECompact/PecBundle 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0146/PE_Patch.PECompact/PecBundle/PECompact 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0146/PE_Patch.PECompact/PecBundle 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0146/PE_Patch.PECompact 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0146 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0147 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0148 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0149 
1/18/2012 9:34:09 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0150 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0151/data0000.res Object was not changed (iChecker) 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0151/# Object was not changed (iChecker) 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0151 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0152 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0153 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0154 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0155 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0156 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0157 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0158 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0159 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0160 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0161 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0162 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0163 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0164 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0165 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0166 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0167 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0168 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0169 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0170 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0171 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0172 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0173 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0174 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0175 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0176 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0177 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0178 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0179 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0180 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0181 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0182 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0183 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0184 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0185 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0186 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0187 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0188 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0189 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0190 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0191 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0192 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0193 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0194 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0195 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0196 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe/data0197 
1/18/2012 9:34:10 PM OK C:\Users\Owner\Desktop\ComboFix.exe 
1/18/2012 9:34:10 PM OK C:\Program Files (x86)\Adobe\Adobe Contribute CS4\Contribute.exe 
1/18/2012 9:34:10 PM OK C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe 
1/18/2012 9:34:10 PM OK C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe 
1/18/2012 9:34:11 PM OK C:\Program Files\DVD Maker\DVDMaker.exe 
1/18/2012 9:34:11 PM OK C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyDVD.exe 
1/18/2012 9:34:11 PM OK C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
1/18/2012 9:34:11 PM OK C:\Program Files (x86)\Adobe\Adobe Fireworks CS4\Fireworks.exe 
1/18/2012 9:34:11 PM OK C:\Program Files (x86)\Adobe\Adobe Flash CS4\Flash.exe 
1/18/2012 9:34:11 PM OK C:\Program Files (x86)\Microsoft Office\OFFICE11\FRONTPG.EXE 
1/18/2012 9:34:11 PM Packed: PE_Patch C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.EXE 
1/18/2012 9:34:12 PM OK C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.EXE/PE_Patch 
1/18/2012 9:34:12 PM OK C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.EXE 
1/18/2012 9:34:12 PM OK C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe 
1/18/2012 9:34:12 PM OK C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe 
1/18/2012 9:34:12 PM OK C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe 
1/18/2012 9:34:12 PM OK C:\Program Files (x86)\ImageConverter Plus\icp.exe 
1/18/2012 9:34:12 PM OK C:\Program Files (x86)\ImageConverter Plus\icpcl.exe 
1/18/2012 9:34:12 PM OK C:\Program Files (x86)\Internet Explorer\iexplore.exe 
1/18/2012 9:34:12 PM OK C:\Program Files (x86)\Adobe\Adobe Illustrator CS4\Support Files\Contents\Windows\Illustrator.exe 
1/18/2012 9:34:12 PM OK C:\Program Files (x86)\Microsoft Office\Office12\INFOPATH.EXE 
1/18/2012 9:34:13 PM OK C:\Program Files (x86)\Java\jre6\bin\javaws.exe 
1/18/2012 9:34:13 PM OK C:\Program Files\Windows Journal\Journal.exe 
1/18/2012 9:34:13 PM OK C:\Program Files (x86)\Cyberlink\LabelPrint\LabelPrint.exe 
1/18/2012 9:34:13 PM OK C:\Program Files (x86)\Windows Live\Installer\LangSelector.exe 
1/18/2012 9:34:13 PM OK C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe 
1/18/2012 9:34:13 PM OK C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe 
1/18/2012 9:34:13 PM OK C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe 
1/18/2012 9:34:13 PM OK C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe 
1/18/2012 9:34:14 PM OK C:\Program Files\Microsoft IntelliPoint\mousinfo.exe 
1/18/2012 9:34:14 PM OK C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe 
1/18/2012 9:34:14 PM OK C:\Program Files (x86)\Windows Media Player\wmplayer.exe 
1/18/2012 9:34:14 PM OK C:\Program Files (x86)\Canon\MP Navigator EX 2.0\mpnex20.exe 
1/18/2012 9:34:14 PM OK C:\Program Files (x86)\Microsoft Office\Office12\MSACCESS.EXE 
1/18/2012 9:34:14 PM OK C:\Program Files\Microsoft IntelliType Pro\mskey.exe 
1/18/2012 9:34:14 PM OK C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe 
1/18/2012 9:34:15 PM OK C:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\MSOXMLED.EXE 
1/18/2012 9:34:15 PM OK C:\Program Files (x86)\Microsoft Office\Office12\MSPUB.EXE 
1/18/2012 9:34:15 PM OK C:\Program Files (x86)\Microsoft Works\MSWorks.exe 
1/18/2012 9:34:15 PM OK C:\Program Files (x86)\Microsoft Office\OFFICE11\OIS.EXE 
1/18/2012 9:34:15 PM OK C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE 
1/18/2012 9:34:15 PM OK C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE 
1/18/2012 9:34:15 PM OK C:\Windows\System32\mspaint.exe 
1/18/2012 9:34:16 PM OK C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe 
1/18/2012 9:34:19 PM Detected: http://www.securelist.com/en/advisories/39934 C:\Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\Photoshop.exe 
1/18/2012 9:34:19 PM OK C:\Program Files (x86)\QuickTime\PictureViewer.exe 
1/18/2012 9:34:19 PM OK C:\Program Files (x86)\Cyberlink\Power2Go\Power2Go.exe 
1/18/2012 9:34:19 PM OK C:\Program Files (x86)\Cyberlink\Power2Go\Power2GoExpress.exe 
1/18/2012 9:34:20 PM OK C:\Program Files (x86)\Cyberlink\PowerDirector\PDR.exe 
1/18/2012 9:34:20 PM OK C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE 
1/18/2012 9:34:20 PM OK C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe 
1/18/2012 9:34:20 PM OK C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe 
1/18/2012 9:34:20 PM OK C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe/# 
1/18/2012 9:34:20 PM OK C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe 
1/18/2012 9:34:20 PM OK C:\Windows\System32\SnippingTool.exe 
1/18/2012 9:34:20 PM OK C:\Program Files (x86)\Stylus Studio 2010 XML Enterprise Suite\bin\Struzzo.exe 
1/18/2012 9:34:20 PM OK C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe 
1/18/2012 9:34:20 PM OK C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe 
1/18/2012 9:34:20 PM OK C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDMount.exe 
1/18/2012 9:34:21 PM OK C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe 
1/18/2012 9:34:21 PM OK C:\Program Files\Windows Mail\wab.exe 
1/18/2012 9:34:21 PM OK C:\Program Files\Windows Mail\wabmig.exe 
1/18/2012 9:34:21 PM OK C:\Program Files (x86)\Windows Live\Photo Gallery\WindowsLivePhotoViewer.exe 
1/18/2012 9:34:21 PM OK C:\Program Files (x86)\WinMerge\WinMergeU.exe 
1/18/2012 9:34:21 PM OK C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE 
1/18/2012 9:34:21 PM OK C:\Program Files (x86)\WinZip\WINZIP32.EXE 
1/18/2012 9:34:21 PM OK C:\Program Files (x86)\Microsoft Works\wksab.exe 
1/18/2012 9:34:21 PM OK C:\Program Files (x86)\Microsoft Works\WksCal.exe 
1/18/2012 9:34:22 PM OK C:\Program Files (x86)\Microsoft Works\wksdb.exe 
1/18/2012 9:34:22 PM OK C:\Program Files (x86)\Microsoft Works\WksSb.exe 
1/18/2012 9:34:22 PM OK C:\Program Files (x86)\Microsoft Works\wksss.exe 
1/18/2012 9:34:22 PM OK C:\Program Files (x86)\Microsoft Works\WksWP.exe 
1/18/2012 9:34:22 PM OK C:\Program Files (x86)\Windows Live\Installer\wlarp.exe 
1/18/2012 9:34:22 PM OK C:\Program Files (x86)\Windows Live\Installer\wlsettings.exe 
1/18/2012 9:34:22 PM OK C:\Program Files (x86)\Windows Live\Installer\wlstartup.exe 
1/18/2012 9:34:22 PM OK C:\Program Files (x86)\Windows Live\Photo Gallery\WLXAlbumDownloadWizard.exe 
1/18/2012 9:34:22 PM OK C:\Program Files\Windows NT\Accessories\wordpad.exe 
1/18/2012 9:34:22 PM OK C:\Program Files (x86)\Xenu\Xenu.exe 
1/18/2012 9:34:23 PM OK C:\Program Files (x86)\Microsoft Office\Office12\IEAWSDC.DLL 
1/18/2012 9:34:23 PM OK C:\Windows\SysWOW64\unicows.dll 
1/18/2012 9:34:23 PM OK C:\Windows\Downloaded Program Files\MySpaceUploader2.ocx 
1/18/2012 9:34:23 PM OK C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe/# 
1/18/2012 9:34:23 PM OK C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe/# 
1/18/2012 9:34:23 PM OK C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe 
1/18/2012 9:34:23 PM OK C:\Windows\SysWOW64\atl.dll 
1/18/2012 9:34:23 PM OK C:\Program Files (x86)\Microsoft Office\OFFICE11\IEAWSDC.DLL 
1/18/2012 9:34:23 PM OK C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll 
1/18/2012 9:34:24 PM OK C:\Program Files (x86)\Java\jre6\bin\npjpi160_29.dll 
1/18/2012 9:34:24 PM OK C:\Windows\SysWOW64\Macromed\Flash\Flash11c.ocx 
1/18/2012 9:34:25 PM OK C:\Program Files (x86)\Common Files\muvee Technologies\MainConcept3(muvee)\muveempgdmx.ax 
1/18/2012 9:34:25 PM OK C:\Program Files (x86)\Cool MP3 Splitter\lame.ax 
1/18/2012 9:34:25 PM OK C:\Program Files (x86)\Common Files\muvee Technologies\MainConcept3(muvee)\muveemp4demux.ax 
1/18/2012 9:34:25 PM OK C:\Windows\System32\prnfldr.dll 
1/18/2012 9:34:25 PM OK C:\Program Files (x86)\iMacros\imacros.dll 
1/18/2012 9:34:26 PM OK C:\Windows\SysWOW64\ieframe.dll 
1/18/2012 9:34:26 PM OK C:\Windows\System32\ieframe.dll 
1/18/2012 9:34:26 PM OK C:\Windows\System32\mscoree.dll 
1/18/2012 9:34:26 PM OK C:\Windows\SysWOW64\urlmon.dll 
1/18/2012 9:34:26 PM OK C:\Windows\System32\urlmon.dll 
1/18/2012 9:34:27 PM OK C:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL 
1/18/2012 9:34:27 PM OK C:\Windows\SysWOW64\mshtml.dll 
1/18/2012 9:34:27 PM OK C:\Windows\System32\mshtml.dll 
1/18/2012 9:34:27 PM OK C:\Windows\SysWOW64\MSVidCtl.dll 
1/18/2012 9:34:27 PM OK C:\Windows\System32\MSVidCtl.dll 
1/18/2012 9:34:27 PM OK C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL/# 
1/18/2012 9:34:27 PM OK C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL/# 
1/18/2012 9:34:27 PM OK C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL 
1/18/2012 9:34:28 PM OK C:\Windows\System32\itss.dll 
1/18/2012 9:34:28 PM OK C:\Windows\System32\inetcomm.dll 
1/18/2012 9:34:28 PM OK C:\Windows\System32\EhStorShell.dll 
1/18/2012 9:34:28 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\shellex.dll 
1/18/2012 9:34:28 PM OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\ShellEx.dll 
1/18/2012 9:34:28 PM OK C:\Windows\System32\ntshrui.dll 
1/18/2012 9:34:28 PM OK C:\Windows\SysWOW64\SystemPropertiesPerformance.exe 
1/18/2012 9:34:28 PM OK C:\Windows\System32\SystemPropertiesPerformance.exe 
1/18/2012 9:34:28 PM OK C:\Windows\System32\cmd.exe 
1/18/2012 9:34:29 PM OK C:\Windows\SysWOW64\wlgpclnt.dll 
1/18/2012 9:34:29 PM OK C:\Windows\SysWOW64\fdeploy.dll 
1/18/2012 9:34:29 PM OK C:\Windows\SysWOW64\dskquota.dll 
1/18/2012 9:34:29 PM OK C:\Windows\SysWOW64\gptext.dll 
1/18/2012 9:34:29 PM OK C:\Windows\SysWOW64\srchadmin.dll 
1/18/2012 9:34:29 PM OK C:\Windows\SysWOW64\scecli.dll 
1/18/2012 9:34:29 PM OK C:\Windows\SysWOW64\gpprnext.dll 
1/18/2012 9:34:29 PM OK C:\Windows\SysWOW64\dot3gpclnt.dll 
1/18/2012 9:34:29 PM OK C:\Windows\System32\gptext.dll 
1/18/2012 9:34:29 PM OK C:\Windows\SysWOW64\polstore.dll 
1/18/2012 9:34:29 PM OK C:\Windows\System32\wlgpclnt.dll 
1/18/2012 9:34:29 PM OK C:\Windows\System32\fdeploy.dll 
1/18/2012 9:34:29 PM OK C:\Windows\System32\dskquota.dll 
1/18/2012 9:34:29 PM OK C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll 
1/18/2012 9:34:29 PM OK C:\Windows\System32\srchadmin.dll 
1/18/2012 9:34:29 PM OK C:\Windows\System32\gpprnext.dll 
1/18/2012 9:34:29 PM OK C:\Windows\System32\dot3gpclnt.dll 
1/18/2012 9:34:29 PM OK C:\Windows\System32\polstore.dll 
1/18/2012 9:34:30 PM OK C:\Windows\System32\auditcse.dll 
1/18/2012 9:34:30 PM OK C:\Program Files (x86)\FlashGet Network\FlashGet 3\Flashget3.exe 
1/18/2012 9:34:30 PM OK C:\Windows\System32\iprtrmgr.dll 
1/18/2012 9:34:30 PM OK C:\Windows\System32\KBDUS.DLL 
1/18/2012 9:34:30 PM OK C:\Windows\System32\KBDPL1.DLL 
1/18/2012 9:34:30 PM OK C:\Windows\System32\csrss.exe 
1/18/2012 9:34:30 PM OK C:\Windows\System32\basesrv.dll 
1/18/2012 9:34:30 PM OK C:\Windows\System32\winsrv.dll 
1/18/2012 9:34:30 PM OK C:\Windows\System32\sxssrv.dll 
1/18/2012 9:34:30 PM OK C:\Windows\System32\syncui.dll 
1/18/2012 9:34:31 PM OK C:\Windows\SysWOW64\cnvshell.dll 
1/18/2012 9:34:31 PM OK C:\Program Files (x86)\MagicISO\misosh64.dll 
1/18/2012 9:34:31 PM OK C:\Program Files\Smart PDF Converter\ExplorerExt.dll 
1/18/2012 9:34:31 PM OK C:\Program Files\Smart PDF Converter\ExplorerExt_x64.dll 
1/18/2012 9:34:31 PM OK C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll 
1/18/2012 9:34:31 PM OK C:\Windows\System32\cryptext.dll 
1/18/2012 9:34:31 PM OK C:\Windows\System32\rshx32.dll 
1/18/2012 9:34:31 PM OK C:\Windows\System32\docprop.dll 
1/18/2012 9:34:32 PM OK C:\Windows\System32\twext.dll 
1/18/2012 9:34:32 PM OK C:\Windows\System32\mydocs.dll 
1/18/2012 9:34:32 PM OK C:\Windows\System32\DfsShlEx.dll 
1/18/2012 9:34:32 PM OK C:\Program Files (x86)\WinSCP\DragExt64.dll 
1/18/2012 9:34:32 PM OK C:\Program Files\Windows Sidebar\sbdrop.dll 
1/18/2012 9:34:32 PM OK C:\Program Files (x86)\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll 
1/18/2012 9:34:32 PM OK C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll 
1/18/2012 9:34:33 PM OK C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll 
1/18/2012 9:34:33 PM OK C:\Windows\System32\zipfldr.dll 
1/18/2012 9:34:33 PM OK C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll 
1/18/2012 9:34:33 PM OK C:\Windows\System32\diskcopy.dll 
1/18/2012 9:34:33 PM OK C:\Windows\System32\wpdshext.dll 
1/18/2012 9:34:34 PM OK C:\Windows\SysWOW64\dskquoui.dll 
1/18/2012 9:34:34 PM OK C:\Windows\System32\dskquoui.dll 
1/18/2012 9:34:34 PM OK C:\Windows\SysWOW64\mshta.exe 
1/18/2012 9:34:34 PM OK C:\Windows\System32\notepad.exe 
1/18/2012 9:34:35 PM OK C:\Windows\regedit.exe 
1/18/2012 9:34:35 PM Packed: Swf2Exe C:\Program Files (x86)\Adobe\Adobe Digital Editions\digitaleditions.exe 
1/18/2012 9:34:35 PM OK C:\Program Files (x86)\Adobe\Adobe Digital Editions\digitaleditions.exe/Swf2Exe 
1/18/2012 9:34:35 PM OK C:\Program Files (x86)\Adobe\Adobe Digital Editions\digitaleditions.exe 
1/18/2012 9:34:36 PM OK C:\Windows\System32\url.dll 
1/18/2012 9:34:36 PM OK C:\Program Files (x86)\Java\jre6\bin\javaw.exe 
1/18/2012 9:34:37 PM OK C:\Windows\ehome\ehshell.exe 
1/18/2012 9:34:37 PM OK C:\Windows\System32\clbcatq.dll 
1/18/2012 9:34:37 PM OK C:\Windows\SysWOW64\clbcatq.dll 
1/18/2012 9:34:38 PM OK C:\Windows\System32\ole32.dll 
1/18/2012 9:34:38 PM OK C:\Windows\SysWOW64\ole32.dll 
1/18/2012 9:34:38 PM OK C:\Windows\System32\advapi32.dll 
1/18/2012 9:34:38 PM OK C:\Windows\SysWOW64\advapi32.dll 
1/18/2012 9:34:38 PM OK C:\Windows\System32\comdlg32.dll 
1/18/2012 9:34:38 PM OK C:\Windows\SysWOW64\comdlg32.dll 
1/18/2012 9:34:38 PM OK C:\Windows\System32\gdi32.dll 
1/18/2012 9:34:38 PM OK C:\Windows\SysWOW64\gdi32.dll 
1/18/2012 9:34:38 PM OK C:\Windows\System32\iertutil.dll 
1/18/2012 9:34:38 PM OK C:\Windows\SysWOW64\iertutil.dll 
1/18/2012 9:34:38 PM OK C:\Windows\System32\imagehlp.dll 
1/18/2012 9:34:38 PM OK C:\Windows\SysWOW64\imagehlp.dll 
1/18/2012 9:34:38 PM OK C:\Windows\System32\imm32.dll 
1/18/2012 9:34:38 PM OK C:\Windows\SysWOW64\imm32.dll 
1/18/2012 9:34:38 PM OK C:\Windows\System32\kernel32.dll 
1/18/2012 9:34:38 PM OK C:\Windows\SysWOW64\kernel32.dll 
1/18/2012 9:34:38 PM OK C:\Windows\System32\lpk.dll 
1/18/2012 9:34:38 PM OK C:\Windows\SysWOW64\lpk.dll 
1/18/2012 9:34:38 PM OK C:\Windows\System32\msctf.dll 
1/18/2012 9:34:38 PM OK C:\Windows\SysWOW64\msctf.dll 
1/18/2012 9:34:38 PM OK C:\Windows\System32\msvcrt.dll 
1/18/2012 9:34:38 PM OK C:\Windows\SysWOW64\msvcrt.dll 
1/18/2012 9:34:38 PM OK C:\Windows\System32\normaliz.dll 
1/18/2012 9:34:38 PM OK C:\Windows\SysWOW64\normaliz.dll 
1/18/2012 9:34:39 PM OK C:\Windows\System32\nsi.dll 
1/18/2012 9:34:39 PM OK C:\Windows\SysWOW64\nsi.dll 
1/18/2012 9:34:39 PM OK C:\Windows\System32\oleaut32.dll 
1/18/2012 9:34:39 PM OK C:\Windows\SysWOW64\oleaut32.dll 
1/18/2012 9:34:39 PM OK C:\Windows\System32\psapi.dll 
1/18/2012 9:34:39 PM OK C:\Windows\SysWOW64\psapi.dll 
1/18/2012 9:34:39 PM OK C:\Windows\System32\rpcrt4.dll 
1/18/2012 9:34:39 PM OK C:\Windows\SysWOW64\rpcrt4.dll 
1/18/2012 9:34:39 PM OK C:\Windows\System32\sechost.dll 
1/18/2012 9:34:39 PM OK C:\Windows\SysWOW64\sechost.dll 
1/18/2012 9:34:39 PM OK C:\Windows\System32\setupapi.dll 
1/18/2012 9:34:39 PM OK C:\Windows\SysWOW64\setupapi.dll 
1/18/2012 9:34:39 PM OK C:\Windows\System32\shlwapi.dll 
1/18/2012 9:34:39 PM OK C:\Windows\SysWOW64\shlwapi.dll 
1/18/2012 9:34:39 PM OK C:\Windows\System32\user32.dll 
1/18/2012 9:34:39 PM OK C:\Windows\SysWOW64\user32.dll 
1/18/2012 9:34:39 PM OK C:\Windows\System32\usp10.dll 
1/18/2012 9:34:39 PM OK C:\Windows\SysWOW64\usp10.dll 
1/18/2012 9:34:39 PM OK C:\Windows\System32\wininet.dll 
1/18/2012 9:34:39 PM OK C:\Windows\SysWOW64\wininet.dll 
1/18/2012 9:34:39 PM OK C:\Windows\System32\Wldap32.dll 
1/18/2012 9:34:39 PM OK C:\Windows\SysWOW64\Wldap32.dll 
1/18/2012 9:34:39 PM OK C:\Windows\System32\ws2_32.dll 
1/18/2012 9:34:39 PM OK C:\Windows\SysWOW64\ws2_32.dll 
1/18/2012 9:34:39 PM OK C:\Windows\System32\difxapi.dll 
1/18/2012 9:34:40 PM OK C:\Windows\SysWOW64\difxapi.dll 
1/18/2012 9:34:40 PM OK C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll 
1/18/2012 9:34:40 PM OK C:\Program Files (x86)\Microsoft Office\OFFICE11\REFIEBAR.DLL 
1/18/2012 9:34:41 PM OK C:\Windows\System32\pcalua.exe 
1/18/2012 9:34:41 PM Packed: UPX C:\Users\Owner\Downloads\jxpiinstall.exe 
1/18/2012 9:34:41 PM OK C:\Users\Owner\Downloads\jxpiinstall.exe/UPX/data0000.res 
1/18/2012 9:34:41 PM OK C:\Users\Owner\Downloads\jxpiinstall.exe/UPX/data0001.res 
1/18/2012 9:34:41 PM OK C:\Users\Owner\Downloads\jxpiinstall.exe/UPX/data0002.res 
1/18/2012 9:34:41 PM OK C:\Users\Owner\Downloads\jxpiinstall.exe/UPX/data0003.res 
1/18/2012 9:34:41 PM OK C:\Users\Owner\Downloads\jxpiinstall.exe/UPX/# 
1/18/2012 9:34:41 PM OK C:\Users\Owner\Downloads\jxpiinstall.exe/UPX/# 
1/18/2012 9:34:41 PM OK C:\Users\Owner\Downloads\jxpiinstall.exe/UPX 
1/18/2012 9:34:41 PM OK C:\Users\Owner\Downloads\jxpiinstall.exe/# 
1/18/2012 9:34:41 PM OK C:\Users\Owner\Downloads\jxpiinstall.exe/# 
1/18/2012 9:34:41 PM OK C:\Users\Owner\Downloads\jxpiinstall.exe 
1/18/2012 9:34:42 PM Archive: Inno C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe 
1/18/2012 9:34:42 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/exe/data0037.res 
1/18/2012 9:34:42 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/exe/data0038.res 
1/18/2012 9:34:42 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/exe/data0039.res 
1/18/2012 9:34:42 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/exe/data0040.res 
1/18/2012 9:34:42 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/exe 
1/18/2012 9:34:42 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/script 
1/18/2012 9:34:42 PM Packed: PE_Patch.Enigma C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0000 
1/18/2012 9:34:43 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0000/PE_Patch.Enigma 
1/18/2012 9:34:44 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0000/# 
1/18/2012 9:34:44 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0000/# 
1/18/2012 9:34:44 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0000/# 
1/18/2012 9:34:44 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0000/# 
1/18/2012 9:34:44 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0000/# 
1/18/2012 9:34:44 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0000/# 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0000 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0001 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0002 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0003 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0004 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0006 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0007 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0010/# 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0010/# 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0010/# 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0010/# 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0010/# 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0010 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0011 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0013 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0014 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0015 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0016 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0017 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0018 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0019 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0020 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/data0021 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/#/data0037.res Object was not changed (iChecker) 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/#/data0038.res 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/#/data0039.res Object was not changed (iChecker) 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/#/data0040.res Object was not changed (iChecker) 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/# 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/# 
1/18/2012 9:34:46 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe/# 
1/18/2012 9:34:47 PM OK C:\Users\Owner\Downloads\invisiblebrowsing\invisiblebrowsing\9471_invisiblebrowsing.exe 
1/18/2012 9:34:47 PM Packed: UPX C:\Users\Owner\Downloads\setup.exe 
1/18/2012 9:34:47 PM OK C:\Users\Owner\Downloads\setup.exe/UPX 
1/18/2012 9:34:47 PM OK C:\Users\Owner\Downloads\setup.exe 
1/18/2012 9:34:47 PM OK C:\Program Files (x86)\Hide IP Platinum\unins000.exe/data0034.res 
1/18/2012 9:34:47 PM OK C:\Program Files (x86)\Hide IP Platinum\unins000.exe 
1/18/2012 9:34:47 PM Archive: AdvancedInstaller C:\Users\Owner\Downloads\The+Platinum+Approach\The Platinum Approach\{3} - Facebook Fan Page Creator\Windows\setup.exe 
1/18/2012 9:34:47 PM OK C:\Users\Owner\Downloads\The+Platinum+Approach\The Platinum Approach\{3} - Facebook Fan Page Creator\Windows\setup.exe/setup.msi 
1/18/2012 9:34:47 PM OK C:\Users\Owner\Downloads\The+Platinum+Approach\The Platinum Approach\{3} - Facebook Fan Page Creator\Windows\setup.exe/disk1.cab 
1/18/2012 9:34:47 PM OK C:\Users\Owner\Downloads\The+Platinum+Approach\The Platinum Approach\{3} - Facebook Fan Page Creator\Windows\setup.exe/setup.ini 
1/18/2012 9:34:48 PM OK C:\Users\Owner\Downloads\The+Platinum+Approach\The Platinum Approach\{3} - Facebook Fan Page Creator\Windows\setup.exe 
1/18/2012 9:34:48 PM Packed: UPX C:\Program Files (x86)\MagicISO\MagicISO.exe 
1/18/2012 9:34:48 PM OK C:\Program Files (x86)\MagicISO\MagicISO.exe/UPX/data0000.res 
1/18/2012 9:34:48 PM OK C:\Program Files (x86)\MagicISO\MagicISO.exe/UPX/data0001.res 
1/18/2012 9:34:49 PM OK C:\Program Files (x86)\MagicISO\MagicISO.exe/UPX 
1/18/2012 9:34:49 PM OK C:\Program Files (x86)\MagicISO\MagicISO.exe 
1/18/2012 9:34:49 PM OK C:\Users\Owner\Desktop\GPS garmin\1garmin\Garmin.uif 
1/18/2012 9:34:52 PM OK C:\Program Files (x86)\Skype\Phone\Skype.exe 
1/18/2012 9:34:53 PM OK C:\Users\Owner\Desktop\XXXX BLAST\AAADRIP FEED BLAST\DripFeedLogin-v1\ProgramDoLogowania\ProfilKeepalive.exe 
1/18/2012 9:34:53 PM OK C:\Windows\System32\PortableDeviceApi.dll 
1/18/2012 9:34:53 PM OK C:\Program Files (x86)\Windows Live\SOXE\wlsoxe.dll 
1/18/2012 9:34:53 PM OK C:\Program Files\Windows Defender\MpCmdRun.exe 
1/18/2012 9:34:53 PM OK C:\Windows\System32\mscms.dll 
1/18/2012 9:34:53 PM OK C:\Windows\System32\sdclt.exe 
1/18/2012 9:34:53 PM OK C:\Windows\System32\sdengin2.dll 
1/18/2012 9:34:53 PM OK C:\Windows\System32\wermgr.exe 
1/18/2012 9:34:54 PM OK C:\Windows\System32\schtasks.exe 
1/18/2012 9:34:54 PM OK C:\Program Files\Windows Media Player\wmpnscfg.exe 
1/18/2012 9:34:54 PM OK C:\Windows\System32\sc.exe 
1/18/2012 9:34:54 PM OK C:\Windows\System32\MsCtfMonitor.dll 
1/18/2012 9:34:54 PM OK C:\Windows\System32\ndfapi.dll 
1/18/2012 9:34:54 PM OK C:\Windows\System32\wdc.dll 
1/18/2012 9:34:54 PM OK C:\Windows\System32\srrstr.dll 
1/18/2012 9:34:54 PM OK C:\Windows\System32\AuxiliaryDisplayServices.dll 
1/18/2012 9:34:54 PM OK C:\Windows\System32\wpcmig.dll 
1/18/2012 9:34:55 PM OK C:\Windows\System32\wpcumi.dll 
1/18/2012 9:34:55 PM OK C:\Windows\System32\raserver.exe 
1/18/2012 9:34:55 PM OK C:\Windows\System32\regidle.dll 
1/18/2012 9:34:55 PM OK C:\Windows\System32\rasmbmgr.dll 
1/18/2012 9:34:55 PM OK C:\Windows\System32\RacEngn.dll 
1/18/2012 9:34:55 PM OK C:\Windows\System32\powercfg.exe 
1/18/2012 9:34:55 PM OK C:\Windows\System32\energy.dll 
1/18/2012 9:34:55 PM OK C:\Windows\System32\perftrack.dll 
1/18/2012 9:34:55 PM OK C:\Windows\System32\gatherNetworkInfo.vbs/JIM 
1/18/2012 9:34:55 PM OK C:\Windows\System32\gatherNetworkInfo.vbs/JIM 
1/18/2012 9:34:55 PM OK C:\Windows\System32\gatherNetworkInfo.vbs/JIM 
1/18/2012 9:34:55 PM OK C:\Windows\System32\gatherNetworkInfo.vbs/JIM 
1/18/2012 9:34:55 PM OK C:\Windows\System32\gatherNetworkInfo.vbs 
1/18/2012 9:34:55 PM OK C:\Windows\System32\PlaySndSrv.dll 
1/18/2012 9:34:55 PM OK C:\Windows\System32\lpremove.exe 
1/18/2012 9:34:55 PM OK C:\Windows\System32\HotStartUserAgent.dll 
1/18/2012 9:34:56 PM OK C:\Windows\System32\memdiag.dll 
1/18/2012 9:34:56 PM OK C:\Windows\ehome\ehprivjob.exe 
1/18/2012 9:34:56 PM OK C:\Windows\ehome\ehrec.exe 
1/18/2012 9:34:56 PM OK C:\Windows\ehome\mcupdate.exe 
1/18/2012 9:34:56 PM OK C:\Windows\ehome\ehtrace.dll 
1/18/2012 9:34:56 PM OK C:\Windows\System32\WinSATAPI.dll 
1/18/2012 9:34:56 PM OK C:\Windows\System32\LocationNotifications.exe 
1/18/2012 9:34:56 PM OK C:\Windows\System32\DFDWiz.exe 
1/18/2012 9:34:56 PM OK C:\Windows\System32\dfdts.dll 
1/18/2012 9:34:56 PM OK C:\Windows\System32\sdiagschd.dll 
1/18/2012 9:34:57 PM OK C:\Windows\System32\Defrag.exe 
1/18/2012 9:34:57 PM OK C:\Windows\System32\usbceip.dll 
1/18/2012 9:34:57 PM OK C:\Windows\System32\kernelceip.dll 
1/18/2012 9:34:57 PM OK C:\Windows\System32\wsqmcons.exe 
1/18/2012 9:34:57 PM OK C:\Windows\System32\dimsjob.dll 
1/18/2012 9:34:57 PM OK C:\Windows\System32\bthudtask.exe 
1/18/2012 9:34:57 PM OK C:\Windows\System32\acproxy.dll 
1/18/2012 9:34:57 PM OK C:\Windows\System32\aepdu.dll 
1/18/2012 9:34:57 PM OK C:\Windows\System32\aitagent.exe 
1/18/2012 9:34:57 PM OK C:\Windows\System32\appidcertstorecheck.exe 
1/18/2012 9:34:57 PM OK C:\Windows\System32\appidpolicyconverter.exe 
1/18/2012 9:34:57 PM OK C:\Windows\System32\msdrm.dll 
1/18/2012 9:34:57 PM OK C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe 
1/18/2012 9:34:58 PM OK C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe 
1/18/2012 9:34:58 PM OK C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe 
1/18/2012 9:34:58 PM OK C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe 
1/18/2012 9:34:58 PM OK C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe 
1/18/2012 9:34:58 PM OK C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe 
1/18/2012 9:34:58 PM OK C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe Object was not changed (iChecker) 
1/18/2012 9:34:58 PM OK C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe 
1/18/2012 9:34:58 PM OK C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe 
1/18/2012 9:34:58 PM OK C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe 
1/18/2012 9:34:59 PM OK C:\Windows\SysWOW64\mswsock.dll 
1/18/2012 9:34:59 PM OK C:\Windows\System32\mswsock.dll 
1/18/2012 9:34:59 PM OK C:\Windows\SysWOW64\nlaapi.dll 
1/18/2012 9:34:59 PM OK C:\Windows\SysWOW64\NapiNSP.dll 
1/18/2012 9:34:59 PM OK C:\Windows\SysWOW64\pnrpnsp.dll 
1/18/2012 9:34:59 PM OK C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL 
1/18/2012 9:34:59 PM OK C:\Windows\SysWOW64\winrnr.dll 
1/18/2012 9:34:59 PM OK C:\Windows\System32\nlaapi.dll 
1/18/2012 9:34:59 PM OK C:\Windows\System32\NapiNSP.dll 
1/18/2012 9:34:59 PM OK C:\Windows\System32\pnrpnsp.dll 
1/18/2012 9:34:59 PM OK C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL 
1/18/2012 9:34:59 PM OK C:\Windows\System32\winrnr.dll 
1/18/2012 9:34:59 PM OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini 
1/18/2012 9:34:59 PM OK C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini 
1/18/2012 9:34:59 PM Packed: UPX C:\Program Files (x86)\ERUNT\AUTOBACK.EXE  
1/18/2012 9:34:59 PM OK C:\Program Files (x86)\ERUNT\AUTOBACK.EXE/UPX 
1/18/2012 9:34:59 PM OK C:\Program Files (x86)\ERUNT\AUTOBACK.EXE 
1/18/2012 9:34:59 PM OK C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk 
1/18/2012 9:35:00 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\4505774.exe 
1/18/2012 9:35:00 PM OK C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_25103228.lnk 
1/18/2012 9:35:00 PM OK C:\Users\Owner\AppData\Local\Temp\_uninst_25103228.bat 
1/18/2012 9:35:00 PM OK C:\Users\gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini 
1/18/2012 9:35:00 PM OK C:\Windows\System32\drivers\etc\Hosts 
1/18/2012 9:35:00 PM OK C:\Windows\System32\logoncli.dll 
1/18/2012 9:35:00 PM OK C:\Windows\System32\RpcRtRemote.dll 
1/18/2012 9:35:00 PM OK C:\Program Files (x86)\Common Files\System\MSMAPI\1033\MSMAPI32.DLL 
1/18/2012 9:35:00 PM OK C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSO.DLL 
1/18/2012 9:35:01 PM OK C:\Program Files (x86)\Google\Update\1.3.21.79\goopdate.dll 
1/18/2012 9:35:01 PM OK C:\Program Files (x86)\Microsoft Office\Office12\1033\MAPIR.DLL 
1/18/2012 9:35:01 PM OK C:\Program Files (x86)\Microsoft Office\Office12\1033\OUTLLIBR.DLL 
1/18/2012 9:35:01 PM OK C:\Program Files (x86)\Microsoft Office\Office12\CONTAB32.DLL 
1/18/2012 9:35:01 PM OK C:\Program Files (x86)\Microsoft Office\Office12\MSPST32.DLL 
1/18/2012 9:35:01 PM OK C:\Program Files (x86)\Microsoft Office\Office12\OLMAPI32.DLL 
1/18/2012 9:35:01 PM OK C:\Program Files (x86)\Microsoft Office\Office12\OUTLMIME.DLL 
1/18/2012 9:35:01 PM OK C:\Program Files (x86)\Microsoft Office\Office12\PSTPRX32.DLL 
1/18/2012 9:35:01 PM OK C:\Users\Owner\AppData\Local\FLVService\lib\FLVSrvLib.dll 
1/18/2012 9:35:01 PM OK C:\Users\Owner\AppData\Local\Google\Update\1.3.21.79\goopdate.dll Object was not changed (iChecker) 
1/18/2012 9:35:01 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\avlib.ppl 
1/18/2012 9:35:01 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\avpgui.ppl 
1/18/2012 9:35:01 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\avs.ppl 
1/18/2012 9:35:01 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\avspm.ppl 
1/18/2012 9:35:02 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\avzkrnl.dll 
1/18/2012 9:35:02 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\basegui.ppl 
1/18/2012 9:35:02 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\bases\avpcure.kdl 
1/18/2012 9:35:02 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\bases\kavbase.kdl 
1/18/2012 9:35:02 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\bases\kavsys.kdl 
1/18/2012 9:35:02 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\bases\kjim.kdl 
1/18/2012 9:35:02 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\bases\klavemu.kdl 
1/18/2012 9:35:02 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\bases\mark.kdl


----------



## destin (Jan 8, 2012)

*5th part*

1/18/2012 9:35:02 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\bases\pbs.kdl 
1/18/2012 9:35:02 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\bases\qscan.kdl 
1/18/2012 9:35:02 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\bases\vlns.kdl 
1/18/2012 9:35:02 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\bl.ppl 
1/18/2012 9:35:02 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\btdisk.ppl 
1/18/2012 9:35:02 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\clldr.dll 
1/18/2012 9:35:02 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\clldr.dll  
1/18/2012 9:35:02 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\crpthlpr.ppl 
1/18/2012 9:35:02 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\diffs.dll 
1/18/2012 9:35:02 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\dmap.ppl 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\dtreg.ppl 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\filemap.ppl 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\fsdrvplg.ppl 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\fssync.dll 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\hashmd5.ppl 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\hashsha1.ppl 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\icheck3.ppl 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\inflate.ppl 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\klsrlsvc.ppl 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\mailmsg.ppl 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\mdb.ppl 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\memmng.dll 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\memmng.dll 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\memmodsc.ppl 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\memscan.ppl 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\minizip.ppl 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\mkavio.ppl 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\msoe.ppl 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\ndetect.ppl 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\nfio.ppl 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\ods.ppl 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\params.ppl 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\prloader.dll 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\procmon.ppl 
1/18/2012 9:35:03 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\propmap.ppl 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\proxydet.ppl 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\prremote.dll 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\prseqio.ppl 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\prtransp.ppl 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\pxstub.ppl 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\qb.ppl 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\regmap.ppl 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\report.ppl 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\reportdb.ppl 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\schedule.ppl 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\sfdb.ppl 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\thpimpl.ppl 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\timer.ppl 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\tm.ppl 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\uniarc.ppl 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\updater.dll 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\ushata.dll 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\volenum.ppl 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\wdiskio.ppl 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\winreg.ppl 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\2597974\wmihlpr.ppl 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\RarSFX0\4505774rar.exe 
1/18/2012 9:35:04 PM OK C:\Users\Owner\AppData\Local\Temp\RarSFX0\helper64.exe 
1/18/2012 9:35:04 PM OK C:\Windows\AppPatch\AcLayers.dll 
1/18/2012 9:35:04 PM OK C:\Windows\AppPatch\acwow64.dll 
1/18/2012 9:35:04 PM OK C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll 
1/18/2012 9:35:04 PM OK C:\Windows\SysWOW64\AudioSes.dll 
1/18/2012 9:35:04 PM OK C:\Windows\SysWOW64\cryptbase.dll 
1/18/2012 9:35:04 PM OK C:\Windows\SysWOW64\FWPUCLNT.DLL 
1/18/2012 9:35:04 PM OK C:\Windows\SysWOW64\IPHLPAPI.DLL 
1/18/2012 9:35:04 PM OK C:\Windows\SysWOW64\KernelBase.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\MMDevAPI.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\RpcRtRemote.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\SensApi.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\WSHTCPIP.DLL 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\WindowsCodecs.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\apphelp.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\avrt.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\bcrypt.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\bcryptprimitives.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\browcli.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\cabinet.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\crypt32.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\cryptnet.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\cryptsp.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\cscapi.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\dbgeng.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\dbghelp.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\devrtl.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\dhcpcsvc.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\dhcpcsvc6.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\dnsapi.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\dsrole.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\dwmapi.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\fltLib.dll 
1/18/2012 9:35:05 PM OK C:\Windows\SysWOW64\gpapi.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\ksuser.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\linkinfo.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\loadperf.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\logoncli.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\mapi32.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\mpr.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\msacm32.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\msasn1.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\msi.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\msimg32.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\ncrypt.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\net.exe 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\net1.exe 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\netapi32.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\netmsg.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\netutils.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\ntdll.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\ntdsapi.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\ntmarta.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\ntshrui.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\profapi.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\propsys.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\rasadhlp.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\riched20.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\riched32.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\rsaenh.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\samcli.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\samlib.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\secur32.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\sfc.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\sfc_os.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\shdocvw.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\shfolder.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\slc.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\srvcli.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\sspicli.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\userenv.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\uxtheme.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\version.dll 
1/18/2012 9:35:06 PM OK C:\Windows\SysWOW64\wbem\fastprox.dll 
1/18/2012 9:35:07 PM OK C:\Windows\SysWOW64\wbem\wbemprox.dll 
1/18/2012 9:35:07 PM OK C:\Windows\SysWOW64\wbem\wbemsvc.dll 
1/18/2012 9:35:07 PM OK C:\Windows\SysWOW64\wbemcomn.dll 
1/18/2012 9:35:07 PM OK C:\Windows\SysWOW64\winmm.dll 
1/18/2012 9:35:07 PM OK C:\Windows\SysWOW64\winnsi.dll 
1/18/2012 9:35:07 PM OK C:\Windows\SysWOW64\winspool.drv 
1/18/2012 9:35:07 PM OK C:\Windows\SysWOW64\winsta.dll 
1/18/2012 9:35:07 PM OK C:\Windows\SysWOW64\wintrust.dll 
1/18/2012 9:35:07 PM OK C:\Windows\SysWOW64\wkscli.dll 
1/18/2012 9:35:07 PM OK C:\Windows\SysWOW64\wship6.dll 
1/18/2012 9:35:07 PM OK C:\Windows\SysWOW64\wsock32.dll 
1/18/2012 9:35:07 PM OK C:\Windows\SysWOW64\wtsapi32.dll 
1/18/2012 9:35:07 PM OK C:\Windows\System32\apisetschema.dll 
1/18/2012 9:35:07 PM OK C:\Windows\System32\AUDIOKSE.dll 
1/18/2012 9:35:07 PM OK C:\Windows\System32\AudioEng.dll 
1/18/2012 9:35:07 PM OK C:\Windows\System32\AudioSes.dll 
1/18/2012 9:35:07 PM OK C:\Windows\System32\cryptbase.dll 
1/18/2012 9:35:07 PM OK C:\Windows\System32\KernelBase.dll 
1/18/2012 9:35:07 PM OK C:\Windows\System32\MMDevAPI.dll 
1/18/2012 9:35:07 PM OK C:\Windows\System32\NlsData0009.dll 
1/18/2012 9:35:07 PM OK C:\Windows\System32\NlsLexicons0009.dll 
1/18/2012 9:35:07 PM OK C:\Windows\System32\RtkAPO64.dll 
1/18/2012 9:35:07 PM OK C:\Windows\System32\SPInf.dll 
1/18/2012 9:35:07 PM OK C:\Windows\System32\SearchFilterHost.exe 
1/18/2012 9:35:07 PM OK C:\Windows\System32\SearchProtocolHost.exe 
1/18/2012 9:35:07 PM OK C:\Windows\System32\SyncCenter.dll 
1/18/2012 9:35:07 PM OK C:\Windows\System32\TSChannel.dll 
1/18/2012 9:35:07 PM OK C:\Windows\System32\WMALFXGFXDSP.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\apphelp.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\appwiz.cpl 
1/18/2012 9:35:08 PM OK C:\Windows\System32\atl.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\audiodg.exe 
1/18/2012 9:35:08 PM OK C:\Windows\System32\authz.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\avrt.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\cfgmgr32.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\conhost.exe 
1/18/2012 9:35:08 PM OK C:\Windows\System32\crypt32.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\cryptsp.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\devobj.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\devrtl.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\diagperf.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\duser.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\dwmapi.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\grpconv.exe 
1/18/2012 9:35:08 PM OK C:\Windows\System32\ksuser.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\ktmw32.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\mapi32.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\mfplat.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\msasn1.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\msi.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\msidle.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\msshooks.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\mssph.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\mssprxy.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\mssvp.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\ntdll.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\ntmarta.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\osbaseln.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\profapi.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\propsys.dll 
1/18/2012 9:35:08 PM OK C:\Windows\System32\rsaenh.dll 
1/18/2012 9:35:09 PM OK C:\Windows\System32\runonce.exe 
1/18/2012 9:35:09 PM OK C:\Windows\System32\spfileq.dll 
1/18/2012 9:35:09 PM OK C:\Windows\System32\sspicli.dll 
1/18/2012 9:35:09 PM OK C:\Windows\System32\taskeng.exe 
1/18/2012 9:35:09 PM OK C:\Windows\System32\tquery.dll 
1/18/2012 9:35:09 PM OK C:\Windows\System32\uxtheme.dll 
1/18/2012 9:35:09 PM OK C:\Windows\System32\wevtapi.dll 
1/18/2012 9:35:09 PM OK C:\Windows\System32\wintrust.dll 
1/18/2012 9:35:09 PM OK C:\Windows\System32\wow64.dll 
1/18/2012 9:35:09 PM OK C:\Windows\System32\wow64cpu.dll 
1/18/2012 9:35:09 PM OK C:\Windows\System32\wow64win.dll 
1/18/2012 9:35:09 PM OK C:\Windows\System32\xmllite.dll 
1/18/2012 9:35:10 PM OK C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll 
1/18/2012 9:35:10 PM OK C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll 
1/18/2012 9:35:10 PM OK C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll 
1/18/2012 9:35:10 PM OK C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll 
1/18/2012 9:35:10 PM OK C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll 
1/18/2012 9:35:11 PM OK C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll 
1/18/2012 9:35:11 PM OK C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll 
1/18/2012 9:35:11 PM OK C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll 
1/18/2012 9:35:11 PM OK Unknown application 
1/18/2012 9:35:11 PM OK C 
1/18/2012 9:35:11 PM OK D 
1/18/2012 9:35:11 PM OK E 
1/18/2012 9:35:11 PM OK K 
1/18/2012 9:35:11 PM OK \Device\HarddiskVolume2 
1/18/2012 9:35:12 PM OK \Device\HarddiskVolume3 
1/18/2012 9:35:12 PM OK \Device\HarddiskVolume1 
1/18/2012 9:35:12 PM OK \Device\CdRom1 
1/18/2012 9:35:12 PM OK \Device\HarddiskVolumeShadowCopy3 
1/18/2012 9:35:12 PM OK \Device\HarddiskVolumeShadowCopy4 
1/18/2012 9:35:12 PM OK \Device\HarddiskVolumeShadowCopy5 
1/18/2012 9:35:12 PM OK \Device\HarddiskVolumeShadowCopy6 
1/18/2012 9:35:12 PM OK \Device\HarddiskVolumeShadowCopy7 
1/18/2012 9:35:12 PM OK \Device\HarddiskVolumeShadowCopy8 
1/18/2012 9:35:12 PM OK \Device\HarddiskVolumeShadowCopy9 
1/18/2012 9:35:12 PM OK \Device\HarddiskVolumeShadowCopy10 
1/18/2012 9:35:13 PM OK \Device\Harddisk0\DR0
1/18/2012 9:35:14 PM Task completed


----------



## destin (Jan 8, 2012)

This is it Jeff please let me know the next step
thanks


----------



## valis (Sep 24, 2004)

Let's start from the top.

1. How many machines are on this network?

2. How did you narrow it down to the one that is chewing up your bandwidth usage?

3. Do you store anything in the cloud, such as movies, pics, etc?

4. Do you have scheduled backups daily running on that rig?

5. Can you narrow it down to a time frame that this is occurring? Maybe leave it plugged in from 12-8 am for a few days, then 8-4 pm, etc?


----------



## destin (Jan 8, 2012)

Hi Valis,
Let's start from the top.

1. One desktop PC and 2 laptops

2. I kept desktop PC shut down for 3-4 days and during that time and that time only my ISP stats were showing low( normal ) usage. As son as I turned it back on, the usage skyrocket again.All other machines were in use both times.



3. You mean like online? 
I connect to my websites on DreamHost via ftp client.



4. No daily backups running


5. I can do that.Do you think the infection is not running 24/7?
All test I ran with Jeff, in between those tests this infected PC was kept off, so maybe those tests did not show the activity that mayhave come up if i kept PC on?

Also,I have external HD, it is old HD from previous PC but its set with USB cable so I can plugi it in. And I have used it 2 days ago to dig up some old emails I needed, maybe that HD is infected and i got it from it again?
I mean first 2 days after Jeff helped me, PC ran fine with low gb usage only later , high usage kicked in again.

So am just saying maybe I got reinfected and should run all those tests I did with Jeff all over again? and stay away from that 2nd HD
Thanks for your help


----------



## valis (Sep 24, 2004)

I'll let Jeff handle the infection side, but I think he verified it clean......if it is indeed clean, it should be a simple matter to figure out what is uploading. 

Once Jeff does verify it, the first thing I would do is begin to leave it unplugged 16 hours out of 8 for a few days, and see if it is relegated to a certain time of the day. Merely the pure amount of data is pointing away from something like a botnet, and somewhat pointing to a cloud backup. That said, if you state that you aren't doing that, the next step is to find out when, exactly, it's dumping all that up.

You may also want to take a look at your event logs (start > run > evenvwr.msc) and see if anything weird is cropping up in there. May also want to take a look at wireshark to see if you can track the bandwidth that way.


----------



## destin (Jan 8, 2012)

Thank you Valis, I just remembered my router should have some data about the traffic , I'll check it too.Thanks again.


----------



## valis (Sep 24, 2004)

de nada....we'll noodle this out one way or the other.


----------



## destin (Jan 8, 2012)

I have downloaded wireshark but to be hones it is way to complicated for me , I dont even know where to start, I mean I have it running, data is showing but have no clue what to look for ..


----------



## valis (Sep 24, 2004)

yeah, wireshark takes a bit to noodle out.

What did your router have to say?

Also, have you asked your ISP to narrow down the times that the uploading is going on?


----------



## destin (Jan 8, 2012)

Router has more of a traffic counter info,with global count per day/week/mo without source or any specifics so no much help there.
I have not asked my ISP about the uploading data, they were not very cooperative in that regard last time.
Cox is the only cable provider in my area if I go over my monthly usage limit all they do is,they cutoff my connection and there is no much help offered other than upgrading to the higher package, but I'll try again , maybe there is someone I can talk to..
Any chance Jeff helps me out scanning PC again?
thanks


----------



## valis (Sep 24, 2004)

Jeff? See anything you want to take a look at?


----------



## valis (Sep 24, 2004)

by the way, who has access to that computer? Anyone other than yourself?


----------



## destin (Jan 8, 2012)

Just me, but if there is a chance it is still infected I wanted to run more scans if that's possible ,thanks


----------



## jeffce (May 10, 2011)

Hi destin,

Please download *SystemLook* from one of the links below and save it to your Desktop.
*Download Mirror #1
Download Mirror #2*

Right-click and Run as Administrator *SystemLook.exe* to run it.
Copy the content of the following codebox into the main textfield:

```
:dir
C:\Users\Owner\AppData\Roaming\UBot Studio /s
C:\Users\Owner\AppData\Roaming\thriXXX /s
```

Click the *Look* button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
*Note:* The log can also be found on your Desktop entitled *SystemLook.txt*


----------



## destin (Jan 8, 2012)

Hi Jeff,
hope you are doing well 

SystemLook 30.07.11 by jpshortstuff
Log created at 15:27 on 23/01/2012 by Owner
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== dir ==========

C:\Users\Owner\AppData\Roaming\UBot Studio - Parameters: "/s"

---Files---
awesomium.log --a---- 24233 bytes [06:19 28/09/2011] [21:27 23/01/2012]
browser_log.txt --a---- 34075 bytes [06:19 28/09/2011] [20:29 23/01/2012]
ubot_compiled.txt --a---- 65 bytes [06:18 28/09/2011] [00:35 10/12/2011]

C:\Users\Owner\AppData\Roaming\UBot Studio\Browser d------ [06:18 28/09/2011]

C:\Users\Owner\AppData\Roaming\UBot Studio\Browser\4.0.66 d------ [06:18 28/09/2011]
avcodec-52.dll --a---- 703488 bytes [06:18 28/09/2011] [06:18 28/09/2011]
avformat-52.dll --a---- 104960 bytes [06:18 28/09/2011] [06:18 28/09/2011]
avutil-50.dll --a---- 63488 bytes [06:18 28/09/2011] [06:18 28/09/2011]
Awesomium.dll --a---- 21439288 bytes [06:18 28/09/2011] [06:18 28/09/2011]
icudt42.dll --a---- 10947384 bytes [06:18 28/09/2011] [06:18 28/09/2011]
msvcp100.dll --a---- 421200 bytes [06:18 28/09/2011] [06:18 28/09/2011]
msvcr100.dll --a---- 770384 bytes [06:18 28/09/2011] [06:18 28/09/2011]
opencv_core220.dll --a---- 2010624 bytes [06:18 28/09/2011] [06:18 28/09/2011]
opencv_imgproc220.dll --a---- 1242112 bytes [06:18 28/09/2011] [06:18 28/09/2011]
UBotBrowser.exe --a---- 549984 bytes [06:18 28/09/2011] [06:18 28/09/2011]
vcomp100.dll --a---- 51024 bytes [06:18 28/09/2011] [06:18 28/09/2011]

C:\Users\Owner\AppData\Roaming\UBot Studio\Browser\4.0.66\AwesomiumProcess.exe d------ [06:19 28/09/2011]

C:\Users\Owner\AppData\Roaming\UBot Studio\Browser\4.0.66\locales d------ [06:18 28/09/2011]
en-US.dll --a---- 110592 bytes [06:18 28/09/2011] [06:18 28/09/2011]

C:\Users\Owner\AppData\Roaming\UBot Studio\Browser\4.0.85 d------ [03:47 16/11/2011]
avcodec-52.dll --a---- 703488 bytes [03:47 16/11/2011] [06:18 28/09/2011]
avformat-52.dll --a---- 104960 bytes [03:47 16/11/2011] [06:18 28/09/2011]
avutil-50.dll --a---- 63488 bytes [03:47 16/11/2011] [06:18 28/09/2011]
Awesomium.dll --a---- 21406520 bytes [03:47 16/11/2011] [03:47 16/11/2011]
icudt42.dll --a---- 10947384 bytes [03:47 16/11/2011] [03:47 16/11/2011]
msvcp100.dll --a---- 421200 bytes [03:47 16/11/2011] [06:18 28/09/2011]
msvcr100.dll --a---- 770384 bytes [03:47 16/11/2011] [06:18 28/09/2011]
opencv_core220.dll --a---- 2010624 bytes [03:47 16/11/2011] [06:18 28/09/2011]
opencv_imgproc220.dll --a---- 1242112 bytes [03:47 16/11/2011] [06:18 28/09/2011]
UBotBrowser.exe --a---- 553056 bytes [03:47 16/11/2011] [03:47 16/11/2011]
vcomp100.dll --a---- 51024 bytes [03:47 16/11/2011] [06:18 28/09/2011]

C:\Users\Owner\AppData\Roaming\UBot Studio\Browser\4.0.85\AwesomiumProcess.exe d------ [03:48 16/11/2011]

C:\Users\Owner\AppData\Roaming\UBot Studio\Browser\4.0.85\locales d------ [03:47 16/11/2011]
en-US.dll --a---- 116536 bytes [03:47 16/11/2011] [03:47 16/11/2011]

C:\Users\Owner\AppData\Roaming\thriXXX - Parameters: "/s"

---Files---
None found.

C:\Users\Owner\AppData\Roaming\thriXXX\3DSexVilla2-Everlust d------ [02:50 31/01/2011]

C:\Users\Owner\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Archives d------ [02:50 31/01/2011]
3DSexVilla2.Archives.txx --a---- 84288 bytes [02:57 31/01/2011] [22:48 31/07/2010]

C:\Users\Owner\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Archives\2.093.001 d------ [02:50 31/01/2011]
3DSexVilla2.Boot.txx --a---- 1342176 bytes [07:59 16/06/2010] [16:50 17/05/2010]
3DSexVilla2.dl --a---- 3734 bytes [02:57 31/01/2011] [06:12 31/01/2011]
3DSexVilla2.Extra.txx --a---- 5552704 bytes [02:57 31/01/2011] [22:41 31/07/2010]
3DSexVilla2.Outfit.Shared.p001.txx --a---- 785440 bytes [02:57 31/01/2011] [04:07 19/05/2010]
3DSexVilla2.Outfit.Shared.Tex032M.p001.txx --a---- 258016 bytes [02:57 31/01/2011] [22:06 02/05/2010]
3DSexVilla2.Outfit.Shared.Tex032M.txx --a---- 4957088 bytes [02:57 31/01/2011] [22:06 02/05/2010]
3DSexVilla2.Outfit.Shared.txx --a---- 9003552 bytes [02:57 31/01/2011] [22:07 02/05/2010]
3DSexVilla2.Outfit0003.txx --a---- 117952 bytes [02:57 31/01/2011] [22:07 02/05/2010]
3DSexVilla2.Outfit0005.txx --a---- 72096 bytes [02:57 31/01/2011] [22:01 16/05/2010]
3DSexVilla2.Outfit0006.Tex032M.txx --a---- 13888 bytes [02:57 31/01/2011] [21:59 16/05/2010]
3DSexVilla2.Outfit0006.txx --a---- 44512 bytes [02:57 31/01/2011] [21:59 16/05/2010]
3DSexVilla2.Outfit0007.txx --a---- 51744 bytes [02:57 31/01/2011] [22:07 02/05/2010]
3DSexVilla2.Outfit0016.Tex032M.txx --a---- 12448 bytes [02:57 31/01/2011] [02:30 06/05/2010]
3DSexVilla2.Outfit0016.txx --a---- 298016 bytes [02:57 31/01/2011] [02:30 06/05/2010]
3DSexVilla2.Outfit0017.Tex032M.txx --a---- 120096 bytes [02:57 31/01/2011] [22:23 13/05/2010]
3DSexVilla2.Outfit0017.txx --a---- 471872 bytes [02:57 31/01/2011] [22:23 13/05/2010]
3DSexVilla2.Outfit0020.txx --a---- 73280 bytes [02:57 31/01/2011] [20:19 08/05/2010]
3DSexVilla2.Outfit0021.txx --a---- 98304 bytes [02:57 31/01/2011] [04:42 06/05/2010]
3DSexVilla2.Outfit0022.Tex032M.txx --a---- 65408 bytes [02:57 31/01/2011] [18:43 11/05/2010]
3DSexVilla2.Outfit0022.txx --a---- 179488 bytes [02:57 31/01/2011] [18:43 11/05/2010]
3DSexVilla2.Outfit0023.Tex032M.txx --a---- 9664 bytes [02:57 31/01/2011] [19:15 12/05/2010]
3DSexVilla2.Outfit0023.txx --a---- 184576 bytes [02:57 31/01/2011] [19:15 12/05/2010]
3DSexVilla2.Outfit0024.Tex032M.txx --a---- 33280 bytes [02:57 31/01/2011] [04:41 06/05/2010]
3DSexVilla2.Outfit0024.txx --a---- 187072 bytes [02:57 31/01/2011] [04:41 06/05/2010]
3DSexVilla2.Outfit0025.Tex032M.txx --a---- 33280 bytes [02:57 31/01/2011] [04:43 06/05/2010]
3DSexVilla2.Outfit0025.txx --a---- 130176 bytes [02:57 31/01/2011] [04:43 06/05/2010]
3DSexVilla2.Outfit0026.Tex032M.txx --a---- 95808 bytes [02:57 31/01/2011] [06:25 05/05/2010]
3DSexVilla2.Outfit0026.txx --a---- 314848 bytes [02:57 31/01/2011] [06:25 05/05/2010]
3DSexVilla2.Outfit0027.Tex032M.txx --a---- 36800 bytes [02:57 31/01/2011] [22:25 02/05/2010]
3DSexVilla2.Outfit0027.txx --a---- 213920 bytes [02:57 31/01/2011] [22:25 02/05/2010]
3DSexVilla2.Outfit0031.Tex032M.txx --a---- 65568 bytes [02:57 31/01/2011] [19:15 12/05/2010]
3DSexVilla2.Outfit0031.txx --a---- 218432 bytes [02:57 31/01/2011] [19:15 12/05/2010]
3DSexVilla2.Outfit0032.Tex032M.txx --a---- 33248 bytes [02:57 31/01/2011] [22:01 16/05/2010]
3DSexVilla2.Outfit0032.txx --a---- 95552 bytes [02:57 31/01/2011] [22:01 16/05/2010]
3DSexVilla2.Outfit0033.txx --a---- 127552 bytes [02:57 31/01/2011] [22:01 16/05/2010]
3DSexVilla2.Outfit0034.Tex032M.txx --a---- 63744 bytes [02:57 31/01/2011] [18:44 11/05/2010]
3DSexVilla2.Outfit0034.txx --a---- 82624 bytes [02:57 31/01/2011] [18:44 11/05/2010]
3DSexVilla2.Outfit0035.Tex032M.txx --a---- 33120 bytes [02:57 31/01/2011] [22:02 16/05/2010]
3DSexVilla2.Outfit0035.txx --a---- 93536 bytes [02:57 31/01/2011] [22:02 16/05/2010]
3DSexVilla2.Outfit0036.Tex032M.txx --a---- 128704 bytes [02:57 31/01/2011] [06:21 05/05/2010]
3DSexVilla2.Outfit0036.txx --a---- 188224 bytes [02:57 31/01/2011] [06:21 05/05/2010]
3DSexVilla2.Outfit0037.txx --a---- 84544 bytes [02:57 31/01/2011] [22:01 16/05/2010]
3DSexVilla2.Outfit0038.Tex032M.txx --a---- 167488 bytes [02:57 31/01/2011] [22:24 13/05/2010]
3DSexVilla2.Outfit0038.txx --a---- 430624 bytes [02:57 31/01/2011] [22:24 13/05/2010]
3DSexVilla2.Outfit0039.Tex032M.txx --a---- 117472 bytes [02:57 31/01/2011] [22:24 13/05/2010]
3DSexVilla2.Outfit0039.txx --a---- 338336 bytes [02:57 31/01/2011] [22:24 13/05/2010]
3DSexVilla2.Outfit0040.Tex032M.txx --a---- 17152 bytes [02:57 31/01/2011] [15:42 07/05/2010]
3DSexVilla2.Outfit0040.txx --a---- 129120 bytes [02:57 31/01/2011] [15:42 07/05/2010]
3DSexVilla2.Outfit0046.Tex032M.txx --a---- 74656 bytes [02:57 31/01/2011] [19:15 12/05/2010]
3DSexVilla2.Outfit0046.txx --a---- 203616 bytes [02:57 31/01/2011] [19:15 12/05/2010]
3DSexVilla2.Outfit0047.Tex032M.txx --a---- 32896 bytes [02:57 31/01/2011] [22:25 02/05/2010]
3DSexVilla2.Outfit0047.txx --a---- 75040 bytes [02:57 31/01/2011] [22:25 02/05/2010]
3DSexVilla2.Outfit0052.Tex032M.txx --a---- 33120 bytes [02:57 31/01/2011] [19:14 12/05/2010]
3DSexVilla2.Outfit0052.txx --a---- 78976 bytes [02:57 31/01/2011] [19:14 12/05/2010]
3DSexVilla2.Outfit0053.Tex032M.txx --a---- 32864 bytes [02:57 31/01/2011] [22:07 02/05/2010]
3DSexVilla2.Outfit0053.txx --a---- 54912 bytes [02:57 31/01/2011] [22:07 02/05/2010]
3DSexVilla2.Outfit0054.Tex032M.txx --a---- 36160 bytes [02:57 31/01/2011] [19:15 12/05/2010]
3DSexVilla2.Outfit0054.txx --a---- 42240 bytes [02:57 31/01/2011] [19:15 12/05/2010]
3DSexVilla2.Outfit0055.Tex032M.txx --a---- 65376 bytes [02:57 31/01/2011] [06:25 05/05/2010]
3DSexVilla2.Outfit0055.txx --a---- 171584 bytes [02:57 31/01/2011] [06:25 05/05/2010]
3DSexVilla2.Outfit0057.Tex032M.txx --a---- 85120 bytes [02:57 31/01/2011] [15:42 07/05/2010]
3DSexVilla2.Outfit0057.txx --a---- 45376 bytes [02:57 31/01/2011] [15:42 07/05/2010]
3DSexVilla2.Outfit0058.Tex032M.txx --a---- 112384 bytes [02:57 31/01/2011] [15:42 07/05/2010]
3DSexVilla2.Outfit0058.txx --a---- 90912 bytes [02:57 31/01/2011] [15:42 07/05/2010]
3DSexVilla2.Outfit0059.Tex032M.txx --a---- 43936 bytes [02:57 31/01/2011] [22:25 13/05/2010]
3DSexVilla2.Outfit0059.txx --a---- 34112 bytes [02:57 31/01/2011] [22:25 13/05/2010]
3DSexVilla2.Outfit0061.Tex032M.txx --a---- 76320 bytes [02:57 31/01/2011] [06:25 05/05/2010]
3DSexVilla2.Outfit0061.txx --a---- 138400 bytes [02:57 31/01/2011] [06:25 05/05/2010]
3DSexVilla2.Outfit0062.Tex032M.txx --a---- 85152 bytes [02:57 31/01/2011] [06:21 05/05/2010]
3DSexVilla2.Outfit0062.txx --a---- 211680 bytes [02:57 31/01/2011] [06:21 05/05/2010]
3DSexVilla2.Outfit0071.Tex032M.txx --a---- 32832 bytes [02:57 31/01/2011] [06:21 05/05/2010]
3DSexVilla2.Outfit0071.txx --a---- 119104 bytes [02:57 31/01/2011] [06:21 05/05/2010]
3DSexVilla2.Outfit0072.Tex032M.txx --a---- 161312 bytes [02:57 31/01/2011] [04:43 06/05/2010]
3DSexVilla2.Outfit0072.txx --a---- 112192 bytes [02:57 31/01/2011] [04:43 06/05/2010]
3DSexVilla2.Outfit0073.Tex032M.txx --a---- 276352 bytes [02:57 31/01/2011] [03:54 22/05/2010]
3DSexVilla2.Outfit0073.txx --a---- 170880 bytes [02:57 31/01/2011] [03:54 22/05/2010]
3DSexVilla2.Outfit0074.Tex032M.txx --a---- 65824 bytes [02:57 31/01/2011] [04:39 22/05/2010]
3DSexVilla2.Outfit0074.txx --a---- 137120 bytes [02:57 31/01/2011] [04:39 22/05/2010]
3DSexVilla2.Outfit0075.Tex032M.txx --a---- 33280 bytes [02:57 31/01/2011] [04:39 22/05/2010]
3DSexVilla2.Outfit0075.txx --a---- 107232 bytes [02:57 31/01/2011] [04:39 22/05/2010]
3DSexVilla2.Outfit0077.Tex032M.txx --a---- 160128 bytes [02:57 31/01/2011] [06:26 05/05/2010]
3DSexVilla2.Outfit0077.txx --a---- 214528 bytes [02:57 31/01/2011] [06:26 05/05/2010]
3DSexVilla2.Outfit0078.Tex032M.txx --a---- 65760 bytes [02:57 31/01/2011] [06:26 05/05/2010]
3DSexVilla2.Outfit0078.txx --a---- 224000 bytes [02:57 31/01/2011] [06:26 05/05/2010]
3DSexVilla2.Outfit0079.Tex032M.txx --a---- 71648 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Outfit0079.txx --a---- 146752 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Outfit0080.Tex032M.txx --a---- 109024 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Outfit0080.txx --a---- 158016 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Outfit0081.Tex032M.txx --a---- 33408 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Outfit0081.txx --a---- 148896 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Outfit0082.Tex032M.txx --a---- 9536 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Outfit0082.txx --a---- 24512 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Outfit0084.Tex032M.txx --a---- 33280 bytes [02:57 31/01/2011] [02:52 22/05/2010]
3DSexVilla2.Outfit0084.txx --a---- 80064 bytes [02:57 31/01/2011] [02:52 22/05/2010]
3DSexVilla2.Outfit0085.Tex032M.txx --a---- 76832 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Outfit0085.txx --a---- 166688 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Outfit0086.Tex032M.txx --a---- 40000 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Outfit0086.txx --a---- 119136 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Outfit0087.Tex032M.txx --a---- 127776 bytes [02:57 31/01/2011] [19:15 12/05/2010]
3DSexVilla2.Outfit0087.txx --a---- 342432 bytes [02:57 31/01/2011] [19:16 12/05/2010]
3DSexVilla2.Outfit0088.Tex032M.txx --a---- 133440 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Outfit0088.txx --a---- 325152 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Outfit0089.Tex032M.txx --a---- 44832 bytes [02:57 31/01/2011] [19:14 12/05/2010]
3DSexVilla2.Outfit0089.txx --a---- 68000 bytes [02:57 31/01/2011] [19:14 12/05/2010]
3DSexVilla2.Outfit0090.Tex032M.txx --a---- 215200 bytes [02:57 31/01/2011] [04:39 22/05/2010]
3DSexVilla2.Outfit0090.txx --a---- 265632 bytes [02:57 31/01/2011] [04:39 22/05/2010]
3DSexVilla2.Outfit0091.Tex032M.txx --a---- 224384 bytes [02:57 31/01/2011] [04:39 22/05/2010]
3DSexVilla2.Outfit0091.txx --a---- 289312 bytes [02:57 31/01/2011] [04:39 22/05/2010]
3DSexVilla2.Outfit0092.Tex032M.txx --a---- 217184 bytes [02:57 31/01/2011] [04:39 22/05/2010]
3DSexVilla2.Outfit0092.txx --a---- 359232 bytes [02:57 31/01/2011] [04:39 22/05/2010]
3DSexVilla2.Outfit0093.Tex032M.txx --a---- 525152 bytes [02:57 31/01/2011] [21:58 16/05/2010]
3DSexVilla2.Outfit0093.txx --a---- 350624 bytes [02:57 31/01/2011] [21:58 16/05/2010]
3DSexVilla2.Outfit0094.Tex032M.txx --a---- 135360 bytes [02:57 31/01/2011] [04:39 22/05/2010]
3DSexVilla2.Outfit0094.txx --a---- 267392 bytes [02:57 31/01/2011] [04:39 22/05/2010]
3DSexVilla2.Outfit0095.Tex032M.txx --a---- 215776 bytes [02:57 31/01/2011] [04:39 22/05/2010]
3DSexVilla2.Outfit0095.txx --a---- 261984 bytes [02:57 31/01/2011] [04:39 22/05/2010]
3DSexVilla2.Package0001.txx --a---- 4416 bytes [02:57 31/01/2011] [04:08 19/05/2010]
3DSexVilla2.Package0002.txx --a---- 2240 bytes [02:57 31/01/2011] [04:39 19/05/2010]
3DSexVilla2.Package0003.txx --a---- 832 bytes [02:57 31/01/2011] [22:25 02/05/2010]
3DSexVilla2.Package0004.txx --a---- 800 bytes [02:57 31/01/2011] [22:23 02/05/2010]
3DSexVilla2.Package0005.txx --a---- 992 bytes [02:57 31/01/2011] [20:16 08/05/2010]
3DSexVilla2.Package0006.txx --a---- 1056 bytes [02:57 31/01/2011] [01:14 04/05/2010]
3DSexVilla2.Package0007.txx --a---- 1696 bytes [02:57 31/01/2011] [22:25 02/05/2010]
3DSexVilla2.Package0008.txx --a---- 864 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Package0009.txx --a---- 896 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Package0010.txx --a---- 896 bytes [02:57 31/01/2011] [04:30 19/05/2010]
3DSexVilla2.Package0011.txx --a---- 800 bytes [02:57 31/01/2011] [02:32 06/05/2010]
3DSexVilla2.Package0012.txx --a---- 864 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Package0013.txx --a---- 896 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Package0014.txx --a---- 896 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Package0015.txx --a---- 896 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Package0016.txx --a---- 800 bytes [02:57 31/01/2011] [17:33 15/05/2010]
3DSexVilla2.Package0017.txx --a---- 896 bytes [02:57 31/01/2011] [21:57 16/05/2010]
3DSexVilla2.Package0018.txx --a---- 800 bytes [02:57 31/01/2011] [02:26 06/05/2010]
3DSexVilla2.Package0019.txx --a---- 800 bytes [02:57 31/01/2011] [17:34 15/05/2010]
3DSexVilla2.Package0020.txx --a---- 800 bytes [02:57 31/01/2011] [17:34 15/05/2010]
3DSexVilla2.Package0021.txx --a---- 800 bytes [02:57 31/01/2011] [17:34 15/05/2010]
3DSexVilla2.Package0022.txx --a---- 800 bytes [02:57 31/01/2011] [17:34 15/05/2010]
3DSexVilla2.Package0023.txx --a---- 896 bytes [02:57 31/01/2011] [21:58 16/05/2010]
3DSexVilla2.Package0024.txx --a---- 800 bytes [02:57 31/01/2011] [02:27 06/05/2010]
3DSexVilla2.Package0025.txx --a---- 800 bytes [02:57 31/01/2011] [17:33 15/05/2010]
3DSexVilla2.Package0026.txx --a---- 800 bytes [02:57 31/01/2011] [22:23 02/05/2010]
3DSexVilla2.Package0027.txx --a---- 800 bytes [02:57 31/01/2011] [17:33 15/05/2010]
3DSexVilla2.Package0028.txx --a---- 800 bytes [02:57 31/01/2011] [17:33 15/05/2010]
3DSexVilla2.Package0029.txx --a---- 800 bytes [02:57 31/01/2011] [04:44 04/05/2010]
3DSexVilla2.Package0030.txx --a---- 800 bytes [02:57 31/01/2011] [04:44 04/05/2010]
3DSexVilla2.Package0031.txx --a---- 800 bytes [02:57 31/01/2011] [22:23 02/05/2010]
3DSexVilla2.Package0032.txx --a---- 800 bytes [02:57 31/01/2011] [17:34 15/05/2010]
3DSexVilla2.Package0033.txx --a---- 800 bytes [02:57 31/01/2011] [02:31 06/05/2010]
3DSexVilla2.Package0034.txx --a---- 800 bytes [02:57 31/01/2011] [04:43 03/05/2010]
3DSexVilla2.Package0035.txx --a---- 800 bytes [02:57 31/01/2011] [17:34 15/05/2010]
3DSexVilla2.Package0036.txx --a---- 832 bytes [02:57 31/01/2011] [17:34 15/05/2010]
3DSexVilla2.Package0037.txx --a---- 832 bytes [02:57 31/01/2011] [16:29 07/05/2010]
3DSexVilla2.Package0038.txx --a---- 832 bytes [02:57 31/01/2011] [17:34 15/05/2010]
3DSexVilla2.Package0039.txx --a---- 1248 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Package0040.txx --a---- 1408 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Package0041.txx --a---- 1024 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Package0042.txx --a---- 992 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Package0043.txx --a---- 1152 bytes [02:57 31/01/2011] [17:32 15/05/2010]
3DSexVilla2.Package0044.txx --a---- 1184 bytes [02:57 31/01/2011] [17:32 15/05/2010]
3DSexVilla2.Package0045.txx --a---- 1152 bytes [02:57 31/01/2011] [17:32 15/05/2010]
3DSexVilla2.Package0046.txx --a---- 1120 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Package0047.txx --a---- 1088 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Package0048.txx --a---- 1312 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Package0049.txx --a---- 992 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Package0050.txx --a---- 1312 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Package0051.txx --a---- 960 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Package0052.txx --a---- 960 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Package0053.txx --a---- 960 bytes [02:57 31/01/2011] [04:31 19/05/2010]
3DSexVilla2.Package0054.txx --a---- 1024 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Package0055.txx --a---- 1152 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Package0056.txx --a---- 896 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Package0057.txx --a---- 928 bytes [02:57 31/01/2011] [04:30 19/05/2010]
3DSexVilla2.Package0058.txx --a---- 928 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Package0059.txx --a---- 1216 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Package0060.txx --a---- 1056 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Package0061.txx --a---- 992 bytes [02:57 31/01/2011] [04:30 19/05/2010]
3DSexVilla2.Package0062.txx --a---- 1024 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Package0063.txx --a---- 1088 bytes [02:57 31/01/2011] [04:39 19/05/2010]
3DSexVilla2.Package0064.txx --a---- 928 bytes [02:57 31/01/2011] [04:31 19/05/2010]
3DSexVilla2.Package0065.txx --a---- 800 bytes [02:57 31/01/2011] [21:59 16/05/2010]
3DSexVilla2.Package0066.txx --a---- 800 bytes [02:57 31/01/2011] [21:59 16/05/2010]
3DSexVilla2.Package0067.txx --a---- 832 bytes [02:57 31/01/2011] [04:41 06/05/2010]
3DSexVilla2.Package0068.txx --a---- 832 bytes [02:57 31/01/2011] [04:43 06/05/2010]
3DSexVilla2.Package0069.txx --a---- 800 bytes [02:57 31/01/2011] [22:01 16/05/2010]
3DSexVilla2.Package0070.txx --a---- 832 bytes [02:57 31/01/2011] [20:18 08/05/2010]
3DSexVilla2.Package0071.txx --a---- 800 bytes [02:57 31/01/2011] [22:01 16/05/2010]
3DSexVilla2.Package0072.txx --a---- 864 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Package0073.txx --a---- 832 bytes [02:57 31/01/2011] [22:01 16/05/2010]
3DSexVilla2.Package0074.txx --a---- 800 bytes [02:57 31/01/2011] [20:19 08/05/2010]
3DSexVilla2.Package0075.txx --a---- 928 bytes [02:57 31/01/2011] [22:23 02/05/2010]
3DSexVilla2.Package0076.txx --a---- 1056 bytes [02:57 31/01/2011] [04:39 03/05/2010]
3DSexVilla2.Package0077.txx --a---- 896 bytes [02:57 31/01/2011] [16:29 07/05/2010]
3DSexVilla2.Package0078.txx --a---- 960 bytes [02:57 31/01/2011] [16:56 10/05/2010]
3DSexVilla2.Package0079.txx --a---- 992 bytes [02:57 31/01/2011] [16:56 10/05/2010]
3DSexVilla2.Package0080.txx --a---- 992 bytes [02:57 31/01/2011] [22:23 02/05/2010]
3DSexVilla2.Package0081.txx --a---- 1056 bytes [02:57 31/01/2011] [16:56 10/05/2010]
3DSexVilla2.Package0082.txx --a---- 864 bytes [02:57 31/01/2011] [22:01 16/05/2010]
3DSexVilla2.Package0083.txx --a---- 832 bytes [02:57 31/01/2011] [22:01 16/05/2010]
3DSexVilla2.Package0084.txx --a---- 896 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Package0085.txx --a---- 864 bytes [02:57 31/01/2011] [22:02 16/05/2010]
3DSexVilla2.Package0086.txx --a---- 1024 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Package0087.txx --a---- 1120 bytes [02:57 31/01/2011] [04:25 07/05/2010]
3DSexVilla2.Package0088.txx --a---- 1120 bytes [02:57 31/01/2011] [04:25 07/05/2010]
3DSexVilla2.Package0089.txx --a---- 896 bytes [02:57 31/01/2011] [17:33 15/05/2010]
3DSexVilla2.Package0090.txx --a---- 928 bytes [02:57 31/01/2011] [17:33 15/05/2010]
3DSexVilla2.Package0091.txx --a---- 1056 bytes [02:57 31/01/2011] [04:32 19/05/2010]
3DSexVilla2.Package0092.txx --a---- 1344 bytes [02:57 31/01/2011] [16:55 10/05/2010]
3DSexVilla2.Package0093.txx --a---- 960 bytes [02:57 31/01/2011] [04:31 19/05/2010]
3DSexVilla2.Package0094.txx --a---- 1024 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Package0095.txx --a---- 1056 bytes [02:57 31/01/2011] [21:58 16/05/2010]
3DSexVilla2.Package0096.txx --a---- 992 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Package0097.txx --a---- 928 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Package0098.txx --a---- 864 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Package0099.txx --a---- 896 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Package0100.txx --a---- 1120 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Package0101.txx --a---- 960 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Package0102.txx --a---- 928 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Package0103.txx --a---- 832 bytes [02:57 31/01/2011] [22:23 02/05/2010]
3DSexVilla2.Package0104.txx --a---- 960 bytes [02:57 31/01/2011] [02:52 22/05/2010]
3DSexVilla2.Package0105.txx --a---- 864 bytes [02:57 31/01/2011] [22:02 16/05/2010]
3DSexVilla2.Package0106.txx --a---- 1056 bytes [02:57 31/01/2011] [16:55 10/05/2010]
3DSexVilla2.Package0107.txx --a---- 896 bytes [02:57 31/01/2011] [22:02 16/05/2010]
3DSexVilla2.Package0108.txx --a---- 928 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Package0109.txx --a---- 928 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Package0110.txx --a---- 928 bytes [02:57 31/01/2011] [02:52 22/05/2010]
3DSexVilla2.Package0111.txx --a---- 960 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Package0112.txx --a---- 800 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Package0113.txx --a---- 800 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Package0114.txx --a---- 832 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Package0115.txx --a---- 832 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Package0116.txx --a---- 1280 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Package0117.txx --a---- 1216 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Package0118.txx --a---- 1088 bytes [02:57 31/01/2011] [04:33 19/05/2010]
3DSexVilla2.Package0119.txx --a---- 800 bytes [02:57 31/01/2011] [22:02 16/05/2010]
3DSexVilla2.Package0120.txx --a---- 832 bytes [02:57 31/01/2011] [02:52 22/05/2010]
3DSexVilla2.Package0121.txx --a---- 832 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Package0122.txx --a---- 832 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Package0123.txx --a---- 864 bytes [02:57 31/01/2011] [04:30 19/05/2010]
3DSexVilla2.Package0124.txx --a---- 832 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Package0125.txx --a---- 832 bytes [02:57 31/01/2011] [20:16 08/05/2010]
3DSexVilla2.Package0126.txx --a---- 960 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Package0127.txx --a---- 1056 bytes [02:57 31/01/2011] [16:55 10/05/2010]
3DSexVilla2.Package0128.txx --a---- 896 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Package0129.txx --a---- 864 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Package0130.txx --a---- 1152 bytes [02:57 31/01/2011] [16:55 10/05/2010]
3DSexVilla2.Package0131.txx --a---- 1312 bytes [02:57 31/01/2011] [17:33 15/05/2010]
3DSexVilla2.Package0132.txx --a---- 1344 bytes [02:57 31/01/2011] [17:33 15/05/2010]
3DSexVilla2.Package0133.txx --a---- 1216 bytes [02:57 31/01/2011] [17:33 15/05/2010]
3DSexVilla2.Package0134.txx --a---- 864 bytes [02:57 31/01/2011] [17:33 15/05/2010]
3DSexVilla2.Package0135.txx --a---- 896 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Package0136.txx --a---- 960 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Package0137.txx --a---- 928 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Package0138.txx --a---- 928 bytes [02:57 31/01/2011] [02:44 03/05/2010]
3DSexVilla2.Package0139.txx --a---- 896 bytes [02:57 31/01/2011] [23:53 02/05/2010]
3DSexVilla2.Package0140.txx --a---- 864 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Package0141.txx --a---- 896 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Package0142.txx --a---- 800 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Package0143.txx --a---- 896 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Package0144.txx --a---- 864 bytes [02:57 31/01/2011] [04:32 19/05/2010]
3DSexVilla2.Package0145.txx --a---- 832 bytes [02:57 31/01/2011] [03:53 22/05/2010]
3DSexVilla2.Package0146.txx --a---- 832 bytes [02:57 31/01/2011] [22:24 02/05/2010]
3DSexVilla2.Package0147.txx --a---- 1056 bytes [02:57 31/01/2011] [22:24 02/05/2010]
3DSexVilla2.Package0148.txx --a---- 864 bytes [02:57 31/01/2011] [23:54 02/05/2010]
3DSexVilla2.Package0149.txx --a---- 832 bytes [02:57 31/01/2011] [23:52 02/05/2010]
3DSexVilla2.Package0150.txx --a---- 1152 bytes [02:57 31/01/2011] [16:55 10/05/2010]
3DSexVilla2.Package0151.txx --a---- 800 bytes [02:57 31/01/2011] [03:54 22/05/2010]
3DSexVilla2.Package0152.txx --a---- 864 bytes [02:57 31/01/2011] [03:54 22/05/2010]
3DSexVilla2.Package0153.txx --a---- 864 bytes [02:57 31/01/2011] [04:39 22/05/2010]
3DSexVilla2.Package0154.txx --a---- 800 bytes [02:57 31/01/2011] [04:39 22/05/2010]
3DSexVilla2.Package0159.txx --a---- 960 bytes [02:57 31/01/2011] [22:24 02/05/2010]
3DSexVilla2.Package0160.txx --a---- 864 bytes [02:57 31/01/2011] [22:08 02/05/2010]
3DSexVilla2.Package0161.txx --a---- 928 bytes [02:57 31/01/2011] [22:08 02/05/2010]
3DSexVilla2.Package0162.txx --a---- 800 bytes [02:57 31/01/2011] [23:52 02/05/2010]
3DSexVilla2.Package0163.txx --a---- 1760 bytes [02:57 31/01/2011] [04:39 19/05/2010]
3DSexVilla2.Package0164.txx --a---- 1440 bytes [02:57 31/01/2011] [04:39 19/05/2010]
3DSexVilla2.Package0169.txx --a---- 832 bytes [02:57 31/01/2011] [19:13 12/05/2010]
3DSexVilla2.Package0170.txx --a---- 864 bytes [02:57 31/01/2011] [04:39 22/05/2010]
3DSexVilla2.Package0171.txx --a---- 864 bytes [02:57 31/01/2011] [04:39 22/05/2010]
3DSexVilla2.Package0172.txx --a---- 864 bytes [02:57 31/01/2011] [22:26 13/05/2010]
3DSexVilla2.Package0173.txx --a---- 864 bytes [02:57 31/01/2011] [04:26 07/05/2010]
3DSexVilla2.Package0174.txx --a---- 864 bytes [02:57 31/01/2011] [20:15 08/05/2010]
3DSexVilla2.Package0175.txx --a---- 864 bytes [02:57 31/01/2011] [02:52 22/05/2010]
3DSexVilla2.Package0177.txx --a---- 864 bytes [02:57 31/01/2011] [04:47 04/05/2010]
3DSexVilla2.Package0178.txx --a---- 832 bytes [02:57 31/01/2011] [22:25 02/05/2010]
3DSexVilla2.Package0179.txx --a---- 800 bytes [02:57 31/01/2011] [22:24 02/05/2010]
3DSexVilla2.Package0180.txx --a---- 800 bytes [02:57 31/01/2011] [22:24 02/05/2010]
3DSexVilla2.Package0181.txx --a---- 832 bytes [02:57 31/01/2011] [17:34 15/05/2010]
3DSexVilla2.Package0182.txx --a---- 800 bytes [02:57 31/01/2011] [22:23 02/05/2010]
3DSexVilla2.Package0183.txx --a---- 800 bytes [02:57 31/01/2011] [22:24 02/05/2010]
3DSexVilla2.Package0184.txx --a---- 960 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Package0185.txx --a---- 960 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Package0186.txx --a---- 960 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Package0187.txx --a---- 960 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Package0194.txx --a---- 960 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Package0195.txx --a---- 960 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Package0196.txx --a---- 960 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Package0197.txx --a---- 960 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Package0198.txx --a---- 960 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Package0199.txx --a---- 800 bytes [02:57 31/01/2011] [23:52 02/05/2010]
3DSexVilla2.Package0200.txx --a---- 864 bytes [02:57 31/01/2011] [04:39 22/05/2010]
3DSexVilla2.Package0201.txx --a---- 864 bytes [02:57 31/01/2011] [21:58 16/05/2010]
3DSexVilla2.Package0202.txx --a---- 960 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Package0203.txx --a---- 832 bytes [02:57 31/01/2011] [02:52 22/05/2010]
3DSexVilla2.Package0204.txx --a---- 864 bytes [02:57 31/01/2011] [04:39 22/05/2010]
3DSexVilla2.Package0205.txx --a---- 864 bytes [02:57 31/01/2011] [04:39 22/05/2010]
3DSexVilla2.Package0209.txx --a---- 960 bytes [02:57 31/01/2011] [02:52 22/05/2010]
3DSexVilla2.Package0210.txx --a---- 960 bytes [02:57 31/01/2011] [02:52 22/05/2010]
3DSexVilla2.Package0211.txx --a---- 960 bytes [02:57 31/01/2011] [02:52 22/05/2010]
3DSexVilla2.Package0212.txx --a---- 960 bytes [02:57 31/01/2011] [02:52 22/05/2010]
3DSexVilla2.Package0213.txx --a---- 960 bytes [02:57 31/01/2011] [02:52 22/05/2010]
3DSexVilla2.Person.Shared.p001.txx --a---- 65504 bytes [02:57 31/01/2011] [22:12 02/05/2010]
3DSexVilla2.Person.Shared.p002.txx --a---- 243552 bytes [02:57 31/01/2011] [22:12 02/05/2010]
3DSexVilla2.Person.Shared.Tex032M.p001.txx --a---- 2816 bytes [02:57 31/01/2011] [22:10 02/05/2010]
3DSexVilla2.Person.Shared.Tex032M.p002.txx --a---- 81824 bytes [02:57 31/01/2011] [22:10 02/05/2010]
3DSexVilla2.Person.Shared.Tex032M.p003.txx --a---- 790848 bytes [02:57 31/01/2011] [22:10 02/05/2010]
3DSexVilla2.Person.Shared.Tex032M.p004.txx --a---- 53824 bytes [02:57 31/01/2011] [04:08 19/05/2010]
3DSexVilla2.Person.Shared.Tex032M.txx --a---- 19454848 bytes [02:57 31/01/2011] [22:48 02/05/2010]
3DSexVilla2.Person.Shared.txx --a---- 16094944 bytes [02:57 31/01/2011] [04:09 19/05/2010]
3DSexVilla2.Person0001.txx --a---- 7776 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0002.txx --a---- 9280 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0003.txx --a---- 6432 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Person0004.txx --a---- 10304 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0005.txx --a---- 9088 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0006.txx --a---- 7840 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0007.txx --a---- 10080 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0008.txx --a---- 11392 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Person0009.txx --a---- 11136 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Person0010.txx --a---- 8992 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0011.txx --a---- 9376 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0012.txx --a---- 11072 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Person0013.txx --a---- 10400 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0014.txx --a---- 7744 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0015.txx --a---- 7520 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0016.txx --a---- 10720 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Person0017.txx --a---- 11392 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Person0018.txx --a---- 7744 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Person0019.txx --a---- 7712 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0020.txx --a---- 8544 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0021.txx --a---- 7296 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0022.txx --a---- 11392 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Person0023.txx --a---- 13056 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Person0024.txx --a---- 10176 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0025.txx --a---- 13376 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0026.txx --a---- 13344 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0027.txx --a---- 13984 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0028.txx --a---- 13056 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Person0029.txx --a---- 13184 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Person0030.txx --a---- 10208 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0031.txx --a---- 10016 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0032.txx --a---- 12768 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0033.txx --a---- 10016 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Person0034.txx --a---- 9952 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0035.txx --a---- 11360 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Person0036.txx --a---- 11456 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Person0037.txx --a---- 7264 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Person0110.txx --a---- 9856 bytes [02:57 31/01/2011] [04:09 19/05/2010]
3DSexVilla2.Person0112.txx --a---- 10560 bytes [02:57 31/01/2011] [04:08 19/05/2010]
3DSexVilla2.Person0114.txx --a---- 10368 bytes [02:57 31/01/2011] [04:08 19/05/2010]
3DSexVilla2.Person0115.txx --a---- 10880 bytes [02:57 31/01/2011] [04:08 19/05/2010]
3DSexVilla2.Person0116.txx --a---- 10112 bytes [02:57 31/01/2011] [04:08 19/05/2010]
3DSexVilla2.Person0117.txx --a---- 11584 bytes [02:57 31/01/2011] [04:09 19/05/2010]
3DSexVilla2.Room.Shared.Audio.txx --a---- 508032 bytes [02:57 31/01/2011] [04:07 19/05/2010]
3DSexVilla2.Room.Shared.p001.txx --a---- 3232 bytes [02:57 31/01/2011] [04:07 19/05/2010]
3DSexVilla2.Room.Shared.p002.txx --a---- 1056 bytes [02:57 31/01/2011] [04:07 19/05/2010]
3DSexVilla2.Room.Shared.p003.txx --a---- 1056 bytes [02:57 31/01/2011] [04:07 19/05/2010]
3DSexVilla2.Room.Shared.p004.txx --a---- 1056 bytes [02:57 31/01/2011] [04:07 19/05/2010]
3DSexVilla2.Room.Shared.Tex032M.p001.txx --a---- 322016 bytes [02:57 31/01/2011] [04:07 19/05/2010]
3DSexVilla2.Room.Shared.Tex032M.txx --a---- 2224288 bytes [02:57 31/01/2011] [04:07 19/05/2010]
3DSexVilla2.Room.Shared.txx --a---- 348352 bytes [02:57 31/01/2011] [04:07 19/05/2010]
3DSexVilla2.Room0001.p001.txx --a---- 4928 bytes [02:57 31/01/2011] [04:30 19/05/2010]
3DSexVilla2.Room0001.p002.txx --a---- 1440 bytes [02:57 31/01/2011] [04:30 19/05/2010]
3DSexVilla2.Room0001.p003.txx --a---- 1056 bytes [02:57 31/01/2011] [04:30 19/05/2010]
3DSexVilla2.Room0001.Tex032M.txx --a---- 274176 bytes [02:57 31/01/2011] [04:30 19/05/2010]
3DSexVilla2.Room0001.txx --a---- 353952 bytes [02:57 31/01/2011] [04:30 19/05/2010]
3DSexVilla2.Room0002.p001.txx --a---- 1344 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Room0002.p002.txx --a---- 960 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Room0002.p003.txx --a---- 960 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Room0002.p004.txx --a---- 960 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Room0002.Tex032M.txx --a---- 412288 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Room0002.txx --a---- 193856 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Room0003.p001.txx --a---- 1344 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Room0003.p002.txx --a---- 992 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Room0003.p003.txx --a---- 7744 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Room0003.p004.txx --a---- 992 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Room0003.Tex032M.txx --a---- 487712 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Room0003.txx --a---- 383456 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Room0004.p001.txx --a---- 1280 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Room0004.p002.txx --a---- 960 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Room0004.p003.txx --a---- 928 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Room0004.p004.txx --a---- 960 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Room0004.Tex032M.txx --a---- 217792 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Room0004.txx --a---- 86272 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Room0005.p001.txx --a---- 1344 bytes [02:57 31/01/2011] [04:31 19/05/2010]
3DSexVilla2.Room0005.p002.txx --a---- 992 bytes [02:57 31/01/2011] [04:31 19/05/2010]
3DSexVilla2.Room0005.p003.txx --a---- 992 bytes [02:57 31/01/2011] [04:31 19/05/2010]
3DSexVilla2.Room0005.p004.txx --a---- 992 bytes [02:57 31/01/2011] [04:31 19/05/2010]
3DSexVilla2.Room0005.Tex032M.txx --a---- 1538368 bytes [02:57 31/01/2011] [04:31 19/05/2010]
3DSexVilla2.Room0005.txx --a---- 297312 bytes [02:57 31/01/2011] [04:31 19/05/2010]
3DSexVilla2.Room0006.Audio.txx --a---- 113472 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Room0006.p001.txx --a---- 1440 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Room0006.p002.txx --a---- 1024 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Room0006.p003.txx --a---- 1024 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Room0006.p004.txx --a---- 1024 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Room0006.Tex032M.txx --a---- 1115776 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Room0006.txx --a---- 307872 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Room0007.p001.txx --a---- 1504 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Room0007.p002.txx --a---- 1120 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Room0007.p003.txx --a---- 1152 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Room0007.p004.txx --a---- 1120 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Room0007.Tex032M.txx --a---- 891328 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Room0007.txx --a---- 663296 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Room0008.p001.txx --a---- 1344 bytes [02:57 31/01/2011] [04:30 19/05/2010]
3DSexVilla2.Room0008.p002.txx --a---- 992 bytes [02:57 31/01/2011] [04:30 19/05/2010]
3DSexVilla2.Room0008.p003.txx --a---- 992 bytes [02:57 31/01/2011] [04:30 19/05/2010]
3DSexVilla2.Room0008.p004.txx --a---- 992 bytes [02:57 31/01/2011] [04:30 19/05/2010]
3DSexVilla2.Room0008.Tex032M.txx --a---- 1463616 bytes [02:57 31/01/2011] [04:30 19/05/2010]
3DSexVilla2.Room0008.txx --a---- 533536 bytes [02:57 31/01/2011] [04:30 19/05/2010]
3DSexVilla2.Room0009.Audio.txx --a---- 145632 bytes [02:57 31/01/2011] [04:33 19/05/2010]
3DSexVilla2.Room0009.p001.txx --a---- 1408 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Room0009.p002.txx --a---- 1024 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Room0009.p003.txx --a---- 1024 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Room0009.p004.txx --a---- 1024 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Room0009.Tex032M.txx --a---- 846304 bytes [02:57 31/01/2011] [04:33 19/05/2010]
3DSexVilla2.Room0009.txx --a---- 484256 bytes [02:57 31/01/2011] [04:33 19/05/2010]
3DSexVilla2.Room0010.p001.txx --a---- 1344 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Room0010.p002.txx --a---- 992 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Room0010.p003.txx --a---- 14848 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Room0010.p004.txx --a---- 992 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Room0010.Tex032M.txx --a---- 912544 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Room0010.txx --a---- 443360 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Room0011.p001.txx --a---- 928 bytes [02:57 31/01/2011] [04:08 19/05/2010]
3DSexVilla2.Room0011.Tex032M.txx --a---- 4460768 bytes [02:57 31/01/2011] [04:08 19/05/2010]
3DSexVilla2.Room0011.txx --a---- 202304 bytes [02:57 31/01/2011] [04:08 19/05/2010]
3DSexVilla2.Room0012.p001.txx --a---- 1376 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Room0012.p002.txx --a---- 992 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Room0012.p003.txx --a---- 992 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Room0012.p004.txx --a---- 992 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Room0012.Tex032M.txx --a---- 713888 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Room0012.txx --a---- 449344 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Room0013.p001.txx --a---- 1344 bytes [02:57 31/01/2011] [04:30 19/05/2010]
3DSexVilla2.Room0013.p002.txx --a---- 1024 bytes [02:57 31/01/2011] [04:30 19/05/2010]
3DSexVilla2.Room0013.p003.txx --a---- 27008 bytes [02:57 31/01/2011] [04:30 19/05/2010]
3DSexVilla2.Room0013.p004.txx --a---- 1024 bytes [02:57 31/01/2011] [04:30 19/05/2010]
3DSexVilla2.Room0013.Tex032M.txx --a---- 858624 bytes [02:57 31/01/2011] [04:30 19/05/2010]
3DSexVilla2.Room0013.txx --a---- 421984 bytes [02:57 31/01/2011] [04:30 19/05/2010]
3DSexVilla2.Room0016.Audio.txx --a---- 31360 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Room0016.p001.txx --a---- 1408 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Room0016.p002.txx --a---- 1024 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Room0016.Tex032M.txx --a---- 582048 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Room0016.txx --a---- 535168 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Room0017.Audio.txx --a---- 15200 bytes [02:57 31/01/2011] [04:31 19/05/2010]
3DSexVilla2.Room0017.p001.txx --a---- 1312 bytes [02:57 31/01/2011] [04:31 19/05/2010]
3DSexVilla2.Room0017.p002.txx --a---- 992 bytes [02:57 31/01/2011] [04:31 19/05/2010]
3DSexVilla2.Room0017.p003.txx --a---- 992 bytes [02:57 31/01/2011] [04:31 19/05/2010]
3DSexVilla2.Room0017.p004.txx --a---- 992 bytes [02:57 31/01/2011] [04:31 19/05/2010]
3DSexVilla2.Room0017.Tex032M.txx --a---- 621312 bytes [02:57 31/01/2011] [04:31 19/05/2010]
3DSexVilla2.Room0017.txx --a---- 397216 bytes [02:57 31/01/2011] [04:31 19/05/2010]
3DSexVilla2.Room0018.p001.txx --a---- 5120 bytes [02:57 31/01/2011] [04:39 19/05/2010]
3DSexVilla2.Room0018.p002.txx --a---- 16864 bytes [02:57 31/01/2011] [04:39 19/05/2010]
3DSexVilla2.Room0018.p003.txx --a---- 960 bytes [02:57 31/01/2011] [04:39 19/05/2010]
3DSexVilla2.Room0018.p004.txx --a---- 30272 bytes [02:57 31/01/2011] [04:39 19/05/2010]
3DSexVilla2.Room0018.p005.txx --a---- 960 bytes [02:57 31/01/2011] [04:39 19/05/2010]
3DSexVilla2.Room0018.Tex032M.txx --a---- 559648 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Room0018.txx --a---- 352416 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Room0019.p001.txx --a---- 1280 bytes [02:57 31/01/2011] [04:32 19/05/2010]
3DSexVilla2.Room0019.p002.txx --a---- 928 bytes [02:57 31/01/2011] [04:32 19/05/2010]
3DSexVilla2.Room0019.p003.txx --a---- 928 bytes [02:57 31/01/2011] [04:32 19/05/2010]
3DSexVilla2.Room0019.p004.txx --a---- 928 bytes [02:57 31/01/2011] [04:32 19/05/2010]
3DSexVilla2.Room0019.Tex032M.txx --a---- 524064 bytes [02:57 31/01/2011] [04:32 19/05/2010]
3DSexVilla2.Room0019.txx --a---- 330816 bytes [02:57 31/01/2011] [04:32 19/05/2010]
3DSexVilla2.Room0020.p001.txx --a---- 1344 bytes [02:57 31/01/2011] [04:32 19/05/2010]
3DSexVilla2.Room0020.p002.txx --a---- 992 bytes  [02:57 31/01/2011] [04:32 19/05/2010]
3DSexVilla2.Room0020.p003.txx --a---- 992 bytes [02:57 31/01/2011] [04:32 19/05/2010]
3DSexVilla2.Room0020.p004.txx --a---- 992 bytes [02:57 31/01/2011] [04:32 19/05/2010]
3DSexVilla2.Room0020.Tex032M.txx --a---- 1042752 bytes [02:57 31/01/2011] [04:32 19/05/2010]
3DSexVilla2.Room0020.txx --a---- 503616 bytes [02:57 31/01/2011] [04:32 19/05/2010]
3DSexVilla2.Room0021.p001.txx --a---- 1280 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Room0021.p002.txx --a---- 960 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Room0021.p003.txx --a---- 960 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Room0021.p004.txx --a---- 960 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Room0021.Tex032M.txx --a---- 2235456 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Room0021.txx --a---- 446560 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Room0022.p001.txx --a---- 1408 bytes [02:57 31/01/2011] [04:31 19/05/2010]
3DSexVilla2.Room0022.p002.txx --a---- 1056 bytes [02:57 31/01/2011] [04:31 19/05/2010]
3DSexVilla2.Room0022.p003.txx --a---- 1056 bytes [02:57 31/01/2011] [04:31 19/05/2010]
3DSexVilla2.Room0022.p004.txx --a---- 1056 bytes [02:57 31/01/2011] [04:31 19/05/2010]
3DSexVilla2.Room0022.Tex032M.txx --a---- 1048160 bytes [02:57 31/01/2011] [04:31 19/05/2010]
3DSexVilla2.Room0022.txx --a---- 564864 bytes [02:57 31/01/2011] [04:31 19/05/2010]
3DSexVilla2.Room0023.p001.txx --a---- 1440 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Room0023.p002.txx --a---- 1088 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Room0023.p003.txx --a---- 1088 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Room0023.p004.txx --a---- 1088 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Room0023.Tex032M.txx --a---- 738656 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Room0023.txx --a---- 509088 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Room0024.p001.txx --a---- 1408 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Room0024.p002.txx --a---- 1024 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Room0024.p003.txx --a---- 1024 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Room0024.p004.txx --a---- 1024 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Room0024.Tex032M.txx --a---- 665184 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Room0024.txx --a---- 646400 bytes [02:57 31/01/2011] [04:35 19/05/2010]
3DSexVilla2.Room0026.p001.txx --a---- 1504 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Room0026.p002.txx --a---- 1152 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Room0026.p003.txx --a---- 32032 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Room0026.p004.txx --a---- 1152 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Room0026.Tex032M.txx --a---- 1202848 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Room0026.txx --a---- 735168 bytes [02:57 31/01/2011] [04:37 19/05/2010]
3DSexVilla2.Room0027.p001.txx --a---- 1376 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Room0027.p002.txx --a---- 1024 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Room0027.p003.txx --a---- 11104 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Room0027.p004.txx --a---- 1024 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Room0027.Tex032M.txx --a---- 985216 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Room0027.txx --a---- 460384 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Room0028.p001.txx --a---- 1344 bytes [02:57 31/01/2011] [04:33 19/05/2010]
3DSexVilla2.Room0028.p002.txx --a---- 992 bytes [02:57 31/01/2011] [04:33 19/05/2010]
3DSexVilla2.Room0028.p003.txx --a---- 992 bytes [02:57 31/01/2011] [04:33 19/05/2010]
3DSexVilla2.Room0028.p004.txx --a---- 992 bytes [02:57 31/01/2011] [04:33 19/05/2010]
3DSexVilla2.Room0028.Tex032M.txx --a---- 969152 bytes [02:57 31/01/2011] [04:33 19/05/2010]
3DSexVilla2.Room0028.txx --a---- 323520 bytes [02:57 31/01/2011] [04:33 19/05/2010]
3DSexVilla2.Room0029.p001.txx --a---- 1408 bytes [02:57 31/01/2011] [04:32 19/05/2010]
3DSexVilla2.Room0029.p002.txx --a---- 1024 bytes [02:57 31/01/2011] [04:32 19/05/2010]
3DSexVilla2.Room0029.p003.txx --a---- 1024 bytes [02:57 31/01/2011] [04:32 19/05/2010]
3DSexVilla2.Room0029.p004.txx --a---- 1024 bytes [02:57 31/01/2011] [04:32 19/05/2010]
3DSexVilla2.Room0029.Tex032M.txx --a---- 1025536 bytes [02:57 31/01/2011] [04:32 19/05/2010]
3DSexVilla2.Room0029.txx --a---- 448288 bytes [02:57 31/01/2011] [04:32 19/05/2010]
3DSexVilla2.Room0030.Tex032M.txx --a---- 156032 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Room0030.txx --a---- 91744 bytes [02:57 31/01/2011] [04:38 19/05/2010]
3DSexVilla2.Room0031.p001.txx --a---- 1440 bytes [02:57 31/01/2011] [04:33 19/05/2010]
3DSexVilla2.Room0031.Tex032M.txx --a---- 5081888 bytes [02:57 31/01/2011] [04:33 19/05/2010]
3DSexVilla2.Room0031.txx --a---- 650304 bytes [02:57 31/01/2011] [04:33 19/05/2010]
3DSexVilla2.Room0032.Tex032M.txx --a---- 6695520 bytes [02:57 31/01/2011] [02:52 22/05/2010]
3DSexVilla2.Room0032.txx --a---- 730880 bytes [02:57 31/01/2011] [02:52 22/05/2010]
3DSexVilla2.Runtime.Audio.p001.txx --a---- 896 bytes [02:57 31/01/2011] [04:05 19/05/2010]
3DSexVilla2.Runtime.Audio.txx --a---- 37075008 bytes [02:57 31/01/2011] [04:05 19/05/2010]
3DSexVilla2.Runtime.Tex032M.p001.txx --a---- 10048 bytes [02:57 31/01/2011] [04:06 19/05/2010]
3DSexVilla2.Runtime.Tex032M.p002.txx --a---- 277472 bytes [02:57 31/01/2011] [04:06 19/05/2010]
3DSexVilla2.Runtime.Tex032M.p003.txx --a---- 88736 bytes [02:57 31/01/2011] [04:06 19/05/2010]
3DSexVilla2.Runtime.Tex032M.p004.txx --a---- 141664 bytes [02:57 31/01/2011] [04:06 19/05/2010]
3DSexVilla2.Runtime.Tex032M.txx --a---- 9163424 bytes [02:57 31/01/2011] [04:06 19/05/2010]
3DSexVilla2.Runtime.txx --a---- 10876032 bytes [02:57 31/01/2011] [04:07 19/05/2010]
3DSexVilla2.Tool.Shared.Tex032M.txx --a---- 487584 bytes [02:57 31/01/2011] [04:09 19/05/2010]
3DSexVilla2.Tool.Shared.txx --a---- 36224 bytes [02:57 31/01/2011] [04:09 19/05/2010]
3DSexVilla2.Tool0001.Tex032M.p001.txx --a---- 3296 bytes [02:57 31/01/2011] [04:09 19/05/2010]
3DSexVilla2.Tool0001.Tex032M.txx --a---- 64192 bytes [02:57 31/01/2011] [04:09 19/05/2010]
3DSexVilla2.Tool0001.txx --a---- 26528 bytes [02:57 31/01/2011] [04:09 19/05/2010]
3DSexVilla2.Tool0002.Audio.txx --a---- 32800 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0002.Tex032M.txx --a---- 3776 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0002.txx --a---- 9888 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0003.Tex032M.txx --a---- 3776 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Tool0003.txx --a---- 21792 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Tool0004.txx --a---- 8288 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Tool0005.Tex032M.txx --a---- 3808 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0005.txx --a---- 7168 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0006.Tex032M.txx --a---- 5696 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Tool0006.txx --a---- 6720 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Tool0007.Tex032M.txx --a---- 5760 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Tool0007.txx --a---- 6784 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Tool0008.Tex032M.txx --a---- 5760 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Tool0008.txx --a---- 6272 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Tool0009.Tex032M.txx --a---- 9408 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Tool0009.txx --a---- 5952 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Tool0010.Tex032M.txx --a---- 3776 bytes [02:57 31/01/2011] [04:10 19/05/2010]
3DSexVilla2.Tool0010.txx --a---- 4768 bytes [02:57 31/01/2011] [04:10 19/05/2010]
3DSexVilla2.Tool0011.Tex032M.txx --a---- 13408 bytes [02:57 31/01/2011] [04:10 19/05/2010]
3DSexVilla2.Tool0011.txx --a---- 302976 bytes [02:57 31/01/2011] [04:10 19/05/2010]
3DSexVilla2.Tool0013.Tex032M.txx --a---- 9280 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0013.txx --a---- 10784 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0014.Tex032M.txx --a---- 9152 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Tool0014.txx --a---- 4544 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Tool0015.Tex032M.txx --a---- 9408 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Tool0015.txx --a---- 6016 bytes [02:57 31/01/2011] [04:27 19/05/2010]
3DSexVilla2.Tool0016.txx --a---- 9504 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Tool0017.Tex032M.txx --a---- 8128 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Tool0017.txx --a---- 20736 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Tool0018.Tex032M.txx --a---- 3776 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0018.txx --a---- 9888 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0019.Tex032M.txx --a---- 17792 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Tool0019.txx --a---- 21984 bytes [02:57 31/01/2011] [04:34 19/05/2010]
3DSexVilla2.Tool0021.Audio.txx --a---- 6720 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Tool0021.Tex032M.txx --a---- 9568 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Tool0021.txx --a---- 11200 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Tool0022.Audio.txx --a---- 8480 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Tool0022.Tex032M.txx --a---- 9600 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Tool0022.txx --a---- 25536 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Tool0023.Audio.txx --a---- 12544 bytes [02:57 31/01/2011] [04:09 19/05/2010]
3DSexVilla2.Tool0023.Tex032M.txx --a---- 3840 bytes [02:57 31/01/2011] [04:09 19/05/2010]
3DSexVilla2.Tool0023.txx --a---- 53920 bytes [02:57 31/01/2011] [04:09 19/05/2010]
3DSexVilla2.Tool0025.Tex032M.txx --a---- 15456 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Tool0025.txx --a---- 18432 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Tool0027.Tex032M.txx --a---- 3776 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Tool0027.txx --a---- 11872 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Tool0028.Tex032M.txx --a---- 17536 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Tool0028.txx --a---- 19264 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Tool0029.Tex032M.txx --a---- 17536 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Tool0029.txx --a---- 7648 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Tool0030.Tex032M.txx --a---- 17568 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Tool0030.txx --a---- 8640 bytes [02:57 31/01/2011] [04:36 19/05/2010]
3DSexVilla2.Tool0033.Tex032M.txx --a---- 52768 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0033.txx --a---- 11328 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0034.Tex032M.txx --a---- 50912 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0034.txx --a---- 8352 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0035.Tex032M.txx --a---- 9696 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0035.txx --a---- 21088 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0036.Tex032M.txx --a---- 2080 bytes [02:57 31/01/2011] [04:09 19/05/2010]
3DSexVilla2.Tool0036.txx --a---- 8896 bytes [02:57 31/01/2011] [04:09 19/05/2010]
3DSexVilla2.Tool0037.Tex032M.txx --a---- 50976 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Tool0037.txx --a---- 39392 bytes [02:57 31/01/2011] [04:29 19/05/2010]
3DSexVilla2.Tool0038.Tex032M.txx --a---- 13856 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0038.txx --a---- 44544 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0039.Tex032M.txx --a---- 2592 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0039.txx --a---- 42432 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0040.Tex032M.txx --a---- 29824 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0040.txx --a---- 44768 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0041.Tex032M.txx --a---- 4928 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0041.txx --a---- 9376 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0042.Tex032M.txx --a---- 13568 bytes [02:57 31/01/2011] [04:32 19/05/2010]
3DSexVilla2.Tool0042.txx --a---- 36416 bytes [02:57 31/01/2011] [04:32 19/05/2010]
3DSexVilla2.Tool0043.Tex032M.txx --a---- 62400 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0043.txx --a---- 20672 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0044.Tex032M.txx --a---- 47680 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Tool0044.txx --a---- 21920 bytes [02:57 31/01/2011] [04:28 19/05/2010]
3DSexVilla2.Voice0001.Audio.txx --a---- 2550720 bytes [02:57 31/01/2011] [04:16 19/05/2010]
3DSexVilla2.Voice0002.Audio.txx --a---- 2221248 bytes [02:57 31/01/2011] [04:15 19/05/2010]
3DSexVilla2.Voice0003.Audio.txx --a---- 2508416 bytes [02:57 31/01/2011] [04:14 19/05/2010]
3DSexVilla2.Voice0004.Audio.txx --a---- 1342240 bytes [02:57 31/01/2011] [04:13 19/05/2010]
3DSexVilla2.Voice0005.Audio.txx --a---- 1850048 bytes [02:57 31/01/2011] [04:12 19/05/2010]
3DSexVilla2.Voice0006.Audio.txx --a---- 1701408 bytes [02:57 31/01/2011] [04:11 19/05/2010]
3DSexVilla2.Voice0007.Audio.txx --a---- 1662880 bytes [02:57 31/01/2011] [04:26 19/05/2010]
3DSexVilla2.Voice0008.Audio.txx --a---- 4512000 bytes [02:57 31/01/2011] [04:24 19/05/2010]
3DSexVilla2.Voice0009.Audio.txx --a---- 4822016 bytes [02:57 31/01/2011] [04:21 19/05/2010]
3DSexVilla2.Voice0010.Audio.txx --a---- 2282240 bytes [02:57 31/01/2011] [04:21 19/05/2010]
3DSexVilla2.Voice0011.Audio.txx --a---- 2260000 bytes [02:57 31/01/2011] [04:17 19/05/2010]
3DSexVilla2.Voice0012.Audio.txx --a---- 1306016 bytes [02:57 31/01/2011] [04:16 19/05/2010]
3DSexVilla2.Voice0013.Audio.txx --a---- 1066816 bytes [02:57 31/01/2011] [04:15 19/05/2010]
3DSexVilla2.Voice0021.Audio.txx --a---- 1736032 bytes [02:57 31/01/2011] [04:19 19/05/2010]
3DSexVilla2.Voice0022.Audio.txx --a---- 1523648 bytes [02:57 31/01/2011] [04:17 19/05/2010]
3DSexVilla2.Voice0023.Audio.txx --a---- 1744672 bytes [02:57 31/01/2011] [04:17 19/05/2010]
3DSexVilla2.Voice0025.Audio.txx --a---- 1565216 bytes [02:57 31/01/2011] [04:14 19/05/2010]
3DSexVilla2.Voice0026.Audio.txx --a---- 2200800 bytes [02:57 31/01/2011] [04:13 19/05/2010]
3DSexVilla2.Voice0027.Audio.txx --a---- 2102816 bytes [02:57 31/01/2011] [04:11 19/05/2010]
3DSexVilla2.Voice0028.Audio.txx --a---- 1329440 bytes [02:57 31/01/2011] [04:11 19/05/2010]
3DSexVilla2.Voice0029.Audio.txx --a---- 1411552 bytes [02:57 31/01/2011] [04:26 19/05/2010]
3DSexVilla2.Voice0030.Audio.txx --a---- 9553472 bytes [02:57 31/01/2011] [04:25 19/05/2010]
3DSexVilla2.Voice0031.Audio.txx --a---- 10208768 bytes [02:57 31/01/2011] [04:23 19/05/2010]
3DSexVilla2.Voice0032.Audio.txx --a---- 11682752 bytes [02:57 31/01/2011] [04:20 19/05/2010]
3DSexVilla2.Voice0033.Audio.txx --a---- 12068832 bytes [02:57 31/01/2011] [04:19 19/05/2010]
3DSexVilla2.Voice0034.Audio.txx --a---- 12560320 bytes [02:57 31/01/2011] [04:17 19/05/2010]
3DSexVilla2.Voice0035.Audio.txx --a---- 6568096 bytes [02:57 31/01/2011] [04:15 19/05/2010]
3DSexVilla2.Voice0036.Audio.txx --a---- 7688544 bytes [02:57 31/01/2011] [04:14 19/05/2010]
3DSexVilla2.Voice0037.Audio.txx --a---- 8398848 bytes [02:57 31/01/2011] [04:13 19/05/2010]
3DSexVilla2.Voice0038.Audio.txx --a---- 7410240 bytes [02:57 31/01/2011] [04:12 19/05/2010]
3DSexVilla2.Voice0039.Audio.txx --a---- 7680608 bytes [02:57 31/01/2011] [04:11 19/05/2010]
3DSexVilla2.Voice0040.Audio.txx --a---- 7409600 bytes [02:57 31/01/2011] [04:10 19/05/2010]
3DSexVilla2.Voice0041.Audio.txx --a---- 7913760 bytes [02:57 31/01/2011] [04:26 19/05/2010]
3DSexVilla2.Voice0042.Audio.txx --a---- 7125408 bytes [02:57 31/01/2011] [04:23 19/05/2010]
3DSexVilla2.Voice0043.Audio.txx --a---- 8118464 bytes [02:57 31/01/2011] [04:22 19/05/2010]
3DSexVilla2.Voice0044.Audio.txx --a---- 8782848 bytes [02:57 31/01/2011] [04:18 19/05/2010]
3DSexVilla2.Voice0110.Audio.txx --a---- 1894048 bytes [02:57 31/01/2011] [04:19 19/05/2010]

C:\Users\Owner\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Community d------ [02:50 31/01/2011]

C:\Users\Owner\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Community\Customizer d------ [02:50 31/01/2011]

C:\Users\Owner\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Community\PoseEdit d------ [03:07 31/01/2011]

C:\Users\Owner\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Community\Sequencer d------ [02:50 31/01/2011]

C:\Users\Owner\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Community\ToyEdit d------ [03:07 31/01/2011]

C:\Users\Owner\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Logs d------ [02:50 31/01/2011]
3DSexVilla2.log --a---- 5175984 bytes [03:00 31/01/2011] [06:12 31/01/2011]

C:\Users\Owner\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Mod d------ [02:50 31/01/2011]

C:\Users\Owner\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Mod\ActiveMod d------ [02:50 31/01/2011]

C:\Users\Owner\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Mod\PoseEdit d------ [03:07 31/01/2011]

C:\Users\Owner\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Mod\ToyEdit d------ [02:50 31/01/2011]

C:\Users\Owner\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Movies d------ [02:50 31/01/2011]

C:\Users\Owner\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Save d------ [02:50 31/01/2011]
Config.cc --a---- 652 bytes [03:32 31/01/2011] [04:58 31/01/2011]
Config.txt --a---- 32 bytes [03:32 31/01/2011] [04:58 31/01/2011]
QuickBar.qs --a---- 1263 bytes [03:32 31/01/2011] [06:12 31/01/2011]
Room12Location.rf --a---- 932 bytes [05:35 31/01/2011] [05:35 31/01/2011]
Room32Location.rf --a---- 374 bytes [04:33 31/01/2011] [04:33 31/01/2011]

C:\Users\Owner\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Save\Models d------ [03:07 31/01/2011]

C:\Users\Owner\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Save\Models\Model0001 d------ [03:21 31/01/2011]
Accessories.cc --a---- 462 bytes [03:21 31/01/2011] [03:21 31/01/2011]
Base.id --a---- 10 bytes [03:21 31/01/2011] [03:21 31/01/2011]
Body.cc --a---- 1826 bytes [03:21 31/01/2011] [03:21 31/01/2011]
Brain.ai --a---- 400 bytes [03:22 31/01/2011] [04:53 31/01/2011]
Face.cf --a---- 387 bytes [03:21 31/01/2011] [03:21 31/01/2011]
Info.txt --a---- 18 bytes [03:21 31/01/2011] [03:21 31/01/2011]
Makeup.cc --a---- 907 bytes [03:21 31/01/2011] [03:21 31/01/2011]
Outfit.of --a---- 297 bytes [03:21 31/01/2011] [03:21 31/01/2011]
Outfit.txt --a---- 38 bytes [03:21 31/01/2011] [03:21 31/01/2011]
Personality.cc --a---- 337 bytes [03:21 31/01/2011] [03:21 31/01/2011]
Tattoo.cc --a---- 1226 bytes [03:21 31/01/2011] [03:21 31/01/2011]

C:\Users\Owner\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Save\Models\Model0005 d------ [04:48 31/01/2011]
Accessories.cc --a---- 462 bytes [04:48 31/01/2011] [04:59 31/01/2011]
Base.id --a---- 10 bytes [04:48 31/01/2011] [04:59 31/01/2011]
Body.cc --a---- 1826 bytes [04:48 31/01/2011] [04:59 31/01/2011]
Brain.ai --a---- 4 bytes [04:53 31/01/2011] [06:12 31/01/2011]
Face.cf --a---- 387 bytes [04:48 31/01/2011] [04:59 31/01/2011]
Icon.png --a---- 81636 bytes [04:52 31/01/2011] [04:59 31/01/2011]
Info.txt --a---- 15 bytes [04:48 31/01/2011] [04:59 31/01/2011]
Makeup.cc --a---- 907 bytes [04:48 31/01/2011] [04:59 31/01/2011]
Outfit.of --a---- 337 bytes [04:48 31/01/2011] [04:59 31/01/2011]
Outfit.txt --a---- 38 bytes [04:48 31/01/2011] [04:59 31/01/2011]
Personality.cc --a---- 321 bytes [04:48 31/01/2011] [04:59 31/01/2011]
Tattoo.cc --a---- 1226 bytes [04:48 31/01/2011] [04:59 31/01/2011]

C:\Users\Owner\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Save\Models\Model0015 d------ [04:54 31/01/2011]
Accessories.cc --a---- 292 bytes [04:54 31/01/2011] [04:56 31/01/2011]
Base.id --a---- 10 bytes [04:54 31/01/2011] [04:56 31/01/2011]
Body.cc --a---- 1428 bytes [04:54 31/01/2011] [04:56 31/01/2011]
Brain.ai --a---- 4 bytes [04:56 31/01/2011] [05:03 31/01/2011]
Face.cf --a---- 387 bytes [04:54 31/01/2011] [04:56 31/01/2011]
Icon.png --a---- 83679 bytes [04:56 31/01/2011] [04:56 31/01/2011]
Info.txt --a---- 17 bytes [04:54 31/01/2011] [04:56 31/01/2011]
Makeup.cc --a---- 268 bytes [04:54 31/01/2011] [04:56 31/01/2011]
Outfit.of --a---- 277 bytes [04:54 31/01/2011] [04:56 31/01/2011]
Outfit.txt --a---- 38 bytes [04:54 31/01/2011] [04:56 31/01/2011]
Personality.cc --a---- 331 bytes [04:54 31/01/2011] [04:56 31/01/2011]
Tattoo.cc --a---- 502 bytes [04:54 31/01/2011] [04:56 31/01/2011]

C:\Users\Owner\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Save\Models\Model0017 d------ [03:09 31/01/2011]
Accessories.cc --a---- 462 bytes [03:09 31/01/2011] [05:53 31/01/2011]
Base.id --a---- 10 bytes [03:09 31/01/2011] [05:53 31/01/2011]
Body.cc --a---- 1826 bytes [03:09 31/01/2011] [05:53 31/01/2011]
Brain.ai --a---- 1215 bytes [05:35 31/01/2011] [06:12 31/01/2011]
Face.cf --a---- 387 bytes [03:09 31/01/2011] [05:53 31/01/2011]
Icon.png --a---- 113686 bytes [03:21 31/01/2011] [05:53 31/01/2011]
Info.txt --a---- 18 bytes [03:09 31/01/2011] [05:53 31/01/2011]
Makeup.cc --a---- 907 bytes [03:09 31/01/2011] [05:53 31/01/2011]
Outfit.of --a---- 399 bytes [03:09 31/01/2011] [05:53 31/01/2011]
Outfit.txt --a---- 38 bytes [03:09 31/01/2011] [05:53 31/01/2011]
Personality.cc --a---- 331 bytes [03:09 31/01/2011] [05:53 31/01/2011]
Tattoo.cc --a---- 1226 bytes [03:09 31/01/2011] [05:53 31/01/2011]

C:\Users\Owner\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Save\Models\Model0029 d------ [03:22 31/01/2011]
Accessories.cc --a---- 462 bytes [03:22 31/01/2011] [04:30 31/01/2011]
Base.id --a---- 10 bytes [03:22 31/01/2011] [04:30 31/01/2011]
Body.cc --a---- 1826 bytes [03:22 31/01/2011] [04:30 31/01/2011]
Brain.ai --a---- 1181 bytes [03:22 31/01/2011] [04:46 31/01/2011]
Face.cf --a---- 387 bytes [03:22 31/01/2011] [04:30 31/01/2011]
Icon.png --a---- 103228 bytes [03:30 31/01/2011] [04:30 31/01/2011]
Info.txt --a---- 14 bytes [03:22 31/01/2011] [04:30 31/01/2011]
Makeup.cc --a---- 907 bytes [03:22 31/01/2011] [04:30 31/01/2011]
Outfit.of --a---- 379 bytes [03:22 31/01/2011] [04:30 31/01/2011]
Outfit.txt --a---- 38 bytes [03:22 31/01/2011] [04:30 31/01/2011]
Personality.cc --a---- 340 bytes [03:22 31/01/2011] [04:30 31/01/2011]
Tattoo.cc --a---- 1226 bytes [03:22 31/01/2011] [04:30 31/01/2011]

C:\Users\Owner\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Screenshots d------ [02:50 31/01/2011]

-= EOF =-


----------



## jeffce (May 10, 2011)

Hi destin,

I hope this finds you and yours well. 
----------
Run *OTL.exe*

Copy/paste the following text written *inside of the code box* into the *Custom Scans/Fixes* box located at the bottom of OTL


```
:Services

:OTL
[2011/01/30 20:50:41 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\thriXXX

:Files
ipconfig /flushdns /c

:Commands
[purity]
[emptyjava]
[emptyflash]
[emptytemp]
[resethosts]
[clearallrestorepoints]
[start explorer]
[Reboot]
```

Then click the *Run Fix* button at the top
Let the program run unhindered, reboot when it is done
Then run a new scan and post a new OTL log ( *don't check* the boxes beside LOP Check or Purity this time )


----------



## destin (Jan 8, 2012)

Hi Jeff, how are you
I have been running PC most part of the day( 12-14 hours) last week and disconnecting internet access for the nights.
Looking at the usage, its about 5-6 gb /day which is lower than 10-18gb/day I have been getting before, but still higher than 2-3gb/day I use when that PC is shut down 24/7.
So it looks like the whatever process is running, it is taking more gb at night i think.

Anyway,here is the OTL.txt content:

OTL logfile created on: 1/28/2012 6:58:09 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Owner\Desktop\111 virus scan 2012
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.74 Gb Total Physical Memory | 5.51 Gb Available Physical Memory | 71.20% Memory free
15.48 Gb Paging File | 13.26 Gb Available in Paging File | 85.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.20 Gb Total Space | 459.22 Gb Free Space | 66.92% Space Free | Partition Type: NTFS
Drive D: | 12.33 Gb Total Space | 2.23 Gb Free Space | 18.09% Space Free | Partition Type: NTFS
Drive K: | 100.19 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\Owner\Desktop\111 virus scan 2012\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
PRC - C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
PRC - C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 6\WVSScheduler.exe (Acunetix Ltd.)
PRC - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe ()
PRC - C:\Windows\SysWOW64\WinMsgBalloonServer.exe ()
PRC - C:\Windows\SysWOW64\WinMsgBalloonClient.exe ()
PRC - C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe (AMD)
PRC - C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\gecko9\WINNT_x86-msvc\SSSLauncher.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\QtGui4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\QtCore4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\localization_manager.dll ()
MOD - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\dblite.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe ()

========== Win32 Services (SafeList) ==========

SRV:*64bit:* - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV:*64bit:* - (WinAutomation Service) -- C:\Program Files\WinAutomation\WinAutomation.ServiceAgent.exe (Softomotive)
SRV:*64bit:* - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:*64bit:* - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:*64bit:* - (Printer Control) -- C:\Windows\SysNative\PrintCtrl.exe (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (OpenVPNService) -- C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe ()
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
SRV - (IntuitUpdateService) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AcuWVSSchedulerv6) -- C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 6\WVSScheduler.exe (Acunetix Ltd.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (CSObjectsSrv) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (AMD_RAIDXpert) -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe (AMD)
SRV - (Adobe Version Cue CS4) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)

========== Driver Services (SafeList) ==========

DRV:*64bit:* - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:*64bit:* - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:*64bit:* - (NuidFltr) -- C:\Windows\SysNative\drivers\nuidfltr.sys (Microsoft Corporation)
DRV:*64bit:* - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:*64bit:* - (dc3d) MS Hardware Device Detection Driver (USB) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:*64bit:* - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:*64bit:* - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:*64bit:* - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:*64bit:* - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:*64bit:* - (teamviewervpn) -- C:\Windows\SysNative\drivers\teamviewervpn.sys (TeamViewer GmbH)
DRV:*64bit:* - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:*64bit:* - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:*64bit:* - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:*64bit:* - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:*64bit:* - (CSCrySec) -- C:\Windows\SysNative\drivers\CSCrySec.sys (Infowatch)
DRV:*64bit:* - (CSVirtualDiskDrv) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys (Infowatch)
DRV:*64bit:* - (KLBG) -- C:\Windows\SysNative\drivers\klbg.sys (Kaspersky Lab)
DRV:*64bit:* - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:*64bit:* - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab)
DRV:*64bit:* - (kl1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab)
DRV:*64bit:* - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:*64bit:* - (ahcix64s) -- C:\Windows\SysNative\drivers\ahcix64s.sys (Advanced Micro Devices, Inc)
DRV:*64bit:* - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:*64bit:* - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:*64bit:* - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:*64bit:* - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:*64bit:* - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:*64bit:* - (61883) -- C:\Windows\SysNative\drivers\61883.sys (Microsoft Corporation)
DRV:*64bit:* - (Avc) -- C:\Windows\SysNative\drivers\avc.sys (Microsoft Corporation)
DRV:*64bit:* - (MSDV) -- C:\Windows\SysNative\drivers\msdv.sys (Microsoft Corporation)
DRV:*64bit:* - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:*64bit:* - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:*64bit:* - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:*64bit:* - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:*64bit:* - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:*64bit:* - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:*64bit:* - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:*64bit:* - (mcdbus) -- C:\Windows\SysNative\drivers\mcdbus.sys (MagicISO, Inc.)
DRV:*64bit:* - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV:*64bit:* - (LVUVC64) Logitech QuickCam Fusion(UVC) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:*64bit:* - (LVUSBS64) -- C:\Windows\SysNative\drivers\LVUSBS64.sys (Logitech Inc.)
DRV:*64bit:* - (lvpopf64) -- C:\Windows\SysNative\drivers\lvpopf64.sys (Logitech Inc.)
DRV:*64bit:* - (V0060VID) -- C:\Windows\SysNative\drivers\V0060Vid.sys (Creative Technology Ltd.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (mcdbus) -- C:\Windows\SysWOW64\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

========== FireFox ==========

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.askfrank.net/seo-tools/"
FF - prefs.js..network.proxy.type: 0

FF - user.js..network.proxy.type: 0
FF - user.js..network.proxy.http: ""
FF - user.js..network.proxy.http_port: 
FF - user.js..network.proxy.no_proxies_on: ""

FF:*64bit:* - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/01/14 11:37:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/11/02 15:26:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\THBExt [2011/12/26 18:23:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Windows\vf_hip\ [2010/07/24 20:01:01 | 000,000,000 | ---D | M]

[2009/12/26 01:07:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2011/12/16 21:07:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions
[2011/03/18 21:45:27 | 000,000,000 | ---D | M] (Remove Cookies for Site) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{06997db0-c027-4d5f-bd37-b0d9230226ea}
[2011/12/15 22:30:33 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2011/12/16 21:07:10 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2011/08/05 14:25:49 | 000,000,000 | ---D | M] (Freecorder Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}
[2010/06/12 22:39:26 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{896642E4-C556-4ED3-85D1-9AC431603E7D}
[2010/07/21 12:40:17 | 000,000,000 | ---D | M] (BlockSite) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2011/01/11 18:30:30 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011/02/05 01:25:20 | 000,000,000 | ---D | M] (Acunetix Web Scanner) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\[email protected]
[2010/02/18 13:52:55 | 000,000,000 | ---D | M] ("LinkDiagnosis 2.0") -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\[email protected]
[2011/01/30 18:13:47 | 000,000,000 | ---D | M] (Super Hide IP) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\[email protected]
[2010/04/10 15:24:42 | 000,001,828 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\searchplugins\bing.xml
[2010/04/12 17:11:03 | 000,001,337 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\searchplugins\ezinearticles.xml
[2011/09/07 21:30:20 | 000,001,490 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\searchplugins\web-search-powered-by-google.xml
[2012/01/22 08:41:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/01/22 08:41:09 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/04/16 02:22:03 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]_bak
[2011/12/26 18:24:33 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2011/04/16 02:22:02 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]_bak
() (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OC4VKF64.DEFAULT\EXTENSIONS\{563E4790-7E70-11DA-A72B-0800200C9A66}.XPI
() (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OC4VKF64.DEFAULT\EXTENSIONS\{D57C9FF1-6389-48FC-B770-F78BD89B6E8A}.XPI
() (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OC4VKF64.DEFAULT\EXTENSIONS\[email protected]
[2012/01/14 11:37:09 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/05 20:37:30 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2006/08/09 04:16:08 | 000,030,408 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npWebLaunch.dll
[2011/10/05 11:44:15 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/12 14:08:08 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: thriXXX WebLaunch (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npWebLaunch.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2012/01/28 18:39:10 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:*64bit:* - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\ievkbd.dll (Kaspersky Lab)
O2:*64bit:* - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:*64bit:* - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
O2:*64bit:* - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Owner\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:*64bit:* - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (FireShot) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\oc4vkf64.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.80.dll File not found
O3:*64bit:* - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:*64bit:* - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:*64bit:* - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:*64bit:* - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:*64bit:* - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:*64bit:* - HKLM..\Run: [PrintDisp] C:\Windows\SysNative\PrintDisp.exe (ActMask Co.,Ltd - http://www.all2pdf.com)
O4:*64bit:* - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files (x86)\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe ()
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:*64bit:* - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
O8:*64bit:* - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:*64bit:* - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:*64bit:* - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:*64bit:* - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:*64bit:* - Extra context menu item: Download All By FlashGet3 - C:\Users\Owner\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8:*64bit:* - Extra context menu item: Download By FlashGet3 - C:\Users\Owner\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
O8 - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Download All By FlashGet3 - C:\Users\Owner\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download By FlashGet3 - C:\Users\Owner\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O9:*64bit:* - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
O9:*64bit:* - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: iOpus iMacros - {0483894E-2422-45E0-8384-021AFF1AF3CD} - C:\Program Files (x86)\iMacros\imacros.dll (iOpus Software GmbH)
O9 - Extra 'Tools' menuitem : iMacros Web Automation - {0483894E-2422-45E0-8384-021AFF1AF3CD} - Reg Error: Value error. File not found
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54F9BA21-92AF-467D-BCD0-E71F53A0AA3E}: DhcpNameServer = 192.168.1.1
O18:*64bit:* - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:*64bit:* - Protocol\Filter\text/xml - No CLSID value found
O20:*64bit:* - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\kloehk.dll (Kaspersky Lab)
O20:*64bit:* - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\sbhook64.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) -C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) -C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\sbhook.dll (Kaspersky Lab)
O20:*64bit:* - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:*64bit:* - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:*64bit:* - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:*64bit:* - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:*64bit:* - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
O32 - HKLM CDRom: AutoRun - 0
O34 - HKLM BootExecute: (autocheck autochk *)
O35:*64bit:* - HKLM\..comfile [open] -- "%1" %*
O35:*64bit:* - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:*64bit:* - HKLM\...com [@ = ComFile] -- "%1" %*
O37:*64bit:* - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/26 18:24:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Market Samurai
[2012/01/23 16:59:30 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\agatas mobile search site
[2012/01/22 08:40:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/01/17 13:44:57 | 000,000,000 | ---D | C] -- C:\ProgramData\{D3B41B92-9BC2-43EB-916A-4FA9E8191837}
[2012/01/17 13:43:19 | 000,000,000 | -H-D | C] -- C:\System.sav
[2012/01/14 20:45:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\SEO rakings-keywords
[2012/01/14 20:18:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\11 polskie WP blogi
[2012/01/14 11:22:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\111 voltrank
[2012/01/13 09:32:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/13 09:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012/01/13 09:29:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2012/01/13 09:27:18 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/01/13 09:27:17 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/01/13 09:27:17 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/01/13 09:27:16 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/01/13 09:27:16 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/01/13 09:27:16 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/01/12 20:00:30 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/01/12 19:43:17 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\TFC.exe
[2012/01/12 18:58:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\market-samurai market-samurai-2012
[2012/01/12 14:43:33 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/01/11 22:20:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/01/11 22:19:31 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Owner\Desktop\esetsmartinstaller_enu.exe
[2012/01/11 08:36:21 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/01/11 08:36:21 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/01/11 08:36:21 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/01/11 08:36:14 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/01/11 08:35:00 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/11 08:34:22 | 004,381,975 | R--- | C] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe
[2012/01/10 22:27:12 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/01/10 22:27:12 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/01/10 22:27:12 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/01/10 22:27:12 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/01/10 22:27:11 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/01/10 22:27:11 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/01/10 22:27:08 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/01/10 22:27:07 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/01/10 22:27:07 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/01/08 13:19:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\111 virus scan 2012
[2012/01/08 13:17:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012/01/08 13:17:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

========== Files - Modified Within 30 Days ==========

[2012/01/28 18:49:09 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/28 18:49:09 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/28 18:46:55 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/28 18:41:34 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForOwner.job
[2012/01/28 18:41:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/28 18:39:10 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/01/28 18:29:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1496317490-1307526022-1011991264-1000UA.job
[2012/01/28 18:25:01 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/28 09:38:32 | 000,000,600 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\winscp.rnd
[2012/01/28 00:41:20 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1496317490-1307526022-1011991264-1000Core.job
[2012/01/27 11:09:44 | 000,335,345 | ---- | M] () -- C:\Users\Owner\Desktop\tlo_body.jpg
[2012/01/26 18:25:02 | 000,000,933 | ---- | M] () -- C:\Users\Public\Desktop\Market Samurai.lnk
[2012/01/26 17:50:58 | 000,001,969 | ---- | M] () -- C:\Users\Owner\Desktop\lido-qr180x180.png
[2012/01/26 17:50:05 | 000,001,949 | ---- | M] () -- C:\Users\Owner\Desktop\violett-qr180x180.png
[2012/01/26 17:47:12 | 000,000,353 | ---- | M] () -- C:\Users\Owner\Desktop\lido-qr.png
[2012/01/26 17:46:48 | 000,000,340 | ---- | M] () -- C:\Users\Owner\Desktop\violett-qr.png
[2012/01/26 11:31:09 | 000,002,405 | ---- | M] () -- C:\Users\Owner\Desktop\Google Chrome.lnk
[2012/01/25 21:43:41 | 000,073,343 | ---- | M] () -- C:\Users\Owner\Desktop\GEICO insurance cards2012.pdf
[2012/01/25 21:00:19 | 000,137,035 | ---- | M] () -- C:\Users\Owner\Desktop\kotonski-sftp.PNG
[2012/01/24 11:47:11 | 000,041,484 | ---- | M] () -- C:\Users\Owner\Desktop\mobile-websites-banner.PNG
[2012/01/24 11:35:47 | 000,002,103 | ---- | M] () -- C:\Users\Owner\Desktop\red-bck.jpg
[2012/01/24 11:26:28 | 000,046,844 | ---- | M] () -- C:\Users\Owner\Desktop\iphone.png
[2012/01/24 11:24:07 | 000,024,451 | ---- | M] () -- C:\Users\Owner\Desktop\100blue-mobile-site.png
[2012/01/24 11:23:21 | 000,015,269 | ---- | M] () -- C:\Users\Owner\Desktop\blue-mobile-site-70.png
[2012/01/24 11:18:33 | 000,007,168 | ---- | M] () -- C:\Users\Owner\Desktop\iphone.jpg
[2012/01/24 11:05:01 | 000,104,960 | ---- | M] () -- C:\Users\Owner\Desktop\blue-mobile-site-256x469.png
[2012/01/24 10:47:27 | 000,154,444 | ---- | M] () -- C:\Users\Owner\Desktop\agata-grudzinski-banner-336x280-eagle.png
[2012/01/23 23:54:14 | 000,000,381 | ---- | M] () -- C:\Users\Owner\Desktop\QR-mobileinvitations-org-25procentoff.png
[2012/01/23 23:49:51 | 000,000,304 | ---- | M] () -- C:\Users\Owner\Desktop\QR-askfrank-redirect.png
[2012/01/23 15:25:36 | 000,139,264 | ---- | M] () -- C:\Users\Owner\Desktop\SystemLook.exe
[2012/01/23 10:23:24 | 000,000,432 | ---- | M] () -- C:\Users\Owner\Desktop\QR-askfrank.png
[2012/01/22 22:54:17 | 000,783,354 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/01/22 22:54:17 | 000,663,222 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/01/22 22:54:17 | 000,122,090 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/01/22 09:43:16 | 000,099,127 | ---- | M] () -- C:\Users\Owner\Desktop\ecarmls123.PNG
[2012/01/22 08:40:47 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/01/21 12:43:40 | 000,109,284 | ---- | M] () -- C:\Users\Owner\Desktop\askfranknet-wp-error.PNG
[2012/01/21 10:13:46 | 000,022,987 | ---- | M] () -- C:\Users\Owner\Desktop\dh-new-pass.PNG
[2012/01/20 22:38:30 | 000,006,753 | ---- | M] () -- C:\Users\Owner\Desktop\blank-image-bg-askfrank.png
[2012/01/20 22:37:20 | 000,328,272 | ---- | M] () -- C:\Users\Owner\Desktop\image-bg-askfrank.png
[2012/01/20 21:53:36 | 000,064,996 | ---- | M] () -- C:\Users\Owner\Desktop\ecarmls-ftp.PNG
[2012/01/18 21:17:29 | 114,413,424 | ---- | M] () -- C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe
[2012/01/18 21:17:17 | 000,037,821 | ---- | M] () -- C:\Users\Owner\Desktop\cox-usage-1-18-2012.PNG
[2012/01/17 13:46:31 | 000,002,181 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2012/01/14 20:30:28 | 001,052,672 | ---- | M] () -- C:\Users\Owner\Desktop\studioelevenone.com.msam
[2012/01/14 11:37:45 | 000,002,058 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/01/13 15:08:33 | 000,283,655 | ---- | M] () -- C:\Users\Owner\Desktop\lido-mobile.PNG
[2012/01/13 09:29:39 | 000,001,110 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/01/13 09:29:15 | 000,000,930 | ---- | M] () -- C:\Users\Owner\Desktop\NTREGOPT.lnk
[2012/01/13 09:29:15 | 000,000,911 | ---- | M] () -- C:\Users\Owner\Desktop\ERUNT.lnk
[2012/01/12 19:59:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/01/12 19:43:01 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\TFC.exe
[2012/01/12 18:59:55 | 000,303,560 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/01/12 18:26:08 | 000,174,698 | ---- | M] () -- C:\Users\Owner\Desktop\wso-refund-1-12-2012.PNG
[2012/01/12 13:47:29 | 004,381,975 | R--- | M] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe
[2012/01/12 10:44:51 | 000,458,240 | ---- | M] () -- C:\Users\Owner\Desktop\CKScanner.exe
[2012/01/11 22:19:07 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Owner\Desktop\esetsmartinstaller_enu.exe
[2012/01/10 23:04:15 | 000,772,990 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/10 22:42:42 | 000,199,933 | ---- | M] () -- C:\Users\Owner\Desktop\agata-adwords-2012.PNG
[2012/01/08 13:34:09 | 000,282,707 | ---- | M] () -- C:\Users\Owner\Desktop\111 virus scan 2012.zip
[2012/01/08 13:17:12 | 000,002,975 | ---- | M] () -- C:\Users\Owner\Desktop\HiJackThis.lnk
[2012/01/07 18:14:07 | 000,055,200 | ---- | M] () -- C:\Users\Owner\Desktop\cox-usage-jan2012.PNG
[2011/12/31 10:45:39 | 000,000,552 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2011/12/30 21:38:20 | 000,083,231 | ---- | M] () -- C:\Users\Owner\Desktop\500-error-12-30-2011.PNG

========== Files Created - No Company Name ==========

[2012/01/27 11:09:41 | 000,335,345 | ---- | C] () -- C:\Users\Owner\Desktop\tlo_body.jpg
[2012/01/26 18:25:02 | 000,000,945 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Market Samurai.lnk
[2012/01/26 18:25:02 | 000,000,933 | ---- | C] () -- C:\Users\Public\Desktop\Market Samurai.lnk
[2012/01/26 17:50:58 | 000,001,969 | ---- | C] () -- C:\Users\Owner\Desktop\lido-qr180x180.png
[2012/01/26 17:50:05 | 000,001,949 | ---- | C] () -- C:\Users\Owner\Desktop\violett-qr180x180.png
[2012/01/26 17:47:10 | 000,000,353 | ---- | C] () -- C:\Users\Owner\Desktop\lido-qr.png
[2012/01/26 17:46:46 | 000,000,340 | ---- | C] () -- C:\Users\Owner\Desktop\violett-qr.png
[2012/01/25 21:43:41 | 000,073,343 | ---- | C] () -- C:\Users\Owner\Desktop\GEICO insurance cards2012.pdf
[2012/01/25 21:00:19 | 000,137,035 | ---- | C] () -- C:\Users\Owner\Desktop\kotonski-sftp.PNG
[2012/01/24 11:35:47 | 000,002,103 | ---- | C] () -- C:\Users\Owner\Desktop\red-bck.jpg
[2012/01/24 11:26:26 | 000,046,844 | ---- | C] () -- C:\Users\Owner\Desktop\iphone.png
[2012/01/24 11:24:05 | 000,024,451 | ---- | C] () -- C:\Users\Owner\Desktop\100blue-mobile-site.png
[2012/01/24 11:23:20 | 000,015,269 | ---- | C] () -- C:\Users\Owner\Desktop\blue-mobile-site-70.png
[2012/01/24 11:18:30 | 000,007,168 | ---- | C] () -- C:\Users\Owner\Desktop\iphone.jpg
[2012/01/24 11:05:00 | 000,104,960 | ---- | C] () -- C:\Users\Owner\Desktop\blue-mobile-site-256x469.png
[2012/01/24 10:47:26 | 000,154,444 | ---- | C] () -- C:\Users\Owner\Desktop\agata-grudzinski-banner-336x280-eagle.png
[2012/01/24 10:45:38 | 000,041,484 | ---- | C] () -- C:\Users\Owner\Desktop\mobile-websites-banner.PNG
[2012/01/23 23:54:12 | 000,000,381 | ---- | C] () -- C:\Users\Owner\Desktop\QR-mobileinvitations-org-25procentoff.png
[2012/01/23 23:49:46 | 000,000,304 | ---- | C] () -- C:\Users\Owner\Desktop\QR-askfrank-redirect.png
[2012/01/23 15:26:11 | 000,139,264 | ---- | C] () -- C:\Users\Owner\Desktop\SystemLook.exe
[2012/01/23 10:22:11 | 000,000,432 | ---- | C] () -- C:\Users\Owner\Desktop\QR-askfrank.png
[2012/01/22 09:43:15 | 000,099,127 | ---- | C] () -- C:\Users\Owner\Desktop\ecarmls123.PNG
[2012/01/22 08:40:47 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/01/21 12:43:40 | 000,109,284 | ---- | C] () -- C:\Users\Owner\Desktop\askfranknet-wp-error.PNG
[2012/01/21 10:13:45 | 000,022,987 | ---- | C] () -- C:\Users\Owner\Desktop\dh-new-pass.PNG
[2012/01/20 22:38:28 | 000,006,753 | ---- | C] () -- C:\Users\Owner\Desktop\blank-image-bg-askfrank.png
[2012/01/20 22:37:17 | 000,328,272 | ---- | C] () -- C:\Users\Owner\Desktop\image-bg-askfrank.png
[2012/01/20 21:53:36 | 000,064,996 | ---- | C] () -- C:\Users\Owner\Desktop\ecarmls-ftp.PNG
[2012/01/18 21:17:49 | 114,413,424 | ---- | C] () -- C:\Users\Owner\Desktop\setup_11.0.0.1245.x01_2012_01_19_06_41.exe
[2012/01/18 21:17:17 | 000,037,821 | ---- | C] () -- C:\Users\Owner\Desktop\cox-usage-1-18-2012.PNG
[2012/01/17 13:46:31 | 000,002,181 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2012/01/13 15:08:33 | 000,283,655 | ---- | C] () -- C:\Users\Owner\Desktop\lido-mobile.PNG
[2012/01/13 09:29:39 | 000,001,110 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/01/13 09:29:15 | 000,000,930 | ---- | C] () -- C:\Users\Owner\Desktop\NTREGOPT.lnk
[2012/01/13 09:29:15 | 000,000,911 | ---- | C] () -- C:\Users\Owner\Desktop\ERUNT.lnk
[2012/01/12 18:26:08 | 000,174,698 | ---- | C] () -- C:\Users\Owner\Desktop\wso-refund-1-12-2012.PNG
[2012/01/12 10:45:08 | 000,458,240 | ---- | C] () -- C:\Users\Owner\Desktop\CKScanner.exe
[2012/01/11 08:36:21 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/01/11 08:36:21 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/01/11 08:36:21 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/01/11 08:36:21 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/01/11 08:36:21 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/01/10 22:42:42 | 000,199,933 | ---- | C] () -- C:\Users\Owner\Desktop\agata-adwords-2012.PNG
[2012/01/08 13:34:09 | 000,282,707 | ---- | C] () -- C:\Users\Owner\Desktop\111 virus scan 2012.zip
[2012/01/08 13:17:12 | 000,002,975 | ---- | C] () -- C:\Users\Owner\Desktop\HiJackThis.lnk
[2012/01/07 18:09:40 | 000,055,200 | ---- | C] () -- C:\Users\Owner\Desktop\cox-usage-jan2012.PNG
[2011/12/30 21:38:19 | 000,083,231 | ---- | C] () -- C:\Users\Owner\Desktop\500-error-12-30-2011.PNG
[2011/11/17 09:32:18 | 000,186,576 | ---- | C] () -- C:\Windows\Submitter Uninstaller.exe
[2011/07/27 08:12:20 | 000,000,212 | ---- | C] () -- C:\Windows\SysWow64\winiog_019.dat
[2011/05/16 22:02:35 | 000,303,560 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/05/08 19:57:36 | 000,000,600 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\winscp.rnd
[2011/05/07 17:28:12 | 000,000,600 | ---- | C] () -- C:\Users\Owner\AppData\Local\PUTTY.RND
[2011/04/18 18:57:21 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010/12/03 19:52:16 | 000,000,193 | ---- | C] () -- C:\Users\Owner\AppData\Local\TheBestSpinner_Export.dat
[2010/10/12 20:51:48 | 000,057,016 | ---- | C] () -- C:\Windows\SysWow64\imsys.dll
[2010/10/12 20:51:46 | 000,367,800 | ---- | C] () -- C:\Windows\SysWow64\iimds.dll
[2010/10/12 20:51:46 | 000,233,144 | ---- | C] () -- C:\Windows\SysWow64\IMImage.dll
[2010/10/12 20:51:46 | 000,014,848 | ---- | C] () -- C:\Windows\SysWow64\iimir.dll
[2010/08/03 13:17:08 | 000,772,990 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/08/01 12:29:19 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\ptlx55.dat.{5728B11F-B697-47AA-9C1B-8ECB545B5193}
[2010/07/24 19:01:04 | 000,000,074 | ---- | C] () -- C:\Windows\MyProg.ini
[2010/06/29 23:12:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2010/02/09 19:09:10 | 000,000,868 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\wklnhst.dat
[2010/01/11 14:19:06 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/06 17:49:15 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2010/01/06 17:47:21 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/12/30 22:41:00 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2009/12/30 22:39:06 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2009/12/30 22:38:32 | 000,005,937 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009/12/25 20:51:46 | 001,391,616 | ---- | C] () -- C:\Windows\SysWow64\ActPDF.dll
[2009/12/24 20:22:08 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/08/18 04:37:59 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/07/13 23:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 20:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 20:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 18:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 15:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/03/16 01:47:28 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\WinMsgBalloonServer.exe
[2009/03/16 01:47:24 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\WinMsgBalloonClient.exe
[2009/03/05 20:00:36 | 000,532,480 | ---- | C] () -- C:\Windows\SysWow64\libxml2.dll

< End of report >

thanks for your help , I appreciate it


----------



## jeffce (May 10, 2011)

Hi destin,

Please download TDSSKiller.zip

Extract it to your desktop
Right-click and Run as Administrator *TDSSKiller.exe*
Press *Start Scan*
Only if *Malicious* objects are found then ensure *Cure* is selected
Then click *Continue* > *Reboot now*

Copy and paste the log in your next reply
_A copy of the log will be saved automatically to the root of the drive (typically C:\)_

----------


----------



## destin (Jan 8, 2012)

Hi Jeff,
Nothing was found, here is the log:

10:46:09.0942 2848 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27
10:46:10.0301 2848 ============================================================
10:46:10.0301 2848 Current date / time: 2012/01/29 10:46:10.0301
10:46:10.0301 2848 SystemInfo:
10:46:10.0301 2848 
10:46:10.0301 2848 OS Version: 6.1.7601 ServicePack: 1.0
10:46:10.0301 2848 Product type: Workstation
10:46:10.0301 2848 ComputerName: OWNER-PC
10:46:10.0302 2848 UserName: Owner
10:46:10.0302 2848 Windows directory: C:\Windows
10:46:10.0302 2848 System windows directory: C:\Windows
10:46:10.0302 2848 Running under WOW64
10:46:10.0302 2848 Processor architecture: Intel x64
10:46:10.0302 2848 Number of processors: 4
10:46:10.0302 2848 Page size: 0x1000
10:46:10.0302 2848 Boot type: Normal boot
10:46:10.0302 2848 ============================================================
10:46:11.0773 2848 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:46:11.0847 2848 Initialize success
10:46:23.0133 3680 ============================================================
10:46:23.0133 3680 Scan started
10:46:23.0133 3680 Mode: Manual; 
10:46:23.0133 3680 ============================================================
10:46:24.0466 3680 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
10:46:24.0503 3680 1394ohci - ok
10:46:24.0547 3680 61883 (e0a8525a951addb4655bc2068566407d) C:\Windows\system32\DRIVERS\61883.sys
10:46:24.0571 3680 61883 - ok
10:46:24.0606 3680 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
10:46:24.0608 3680 ACPI - ok
10:46:24.0643 3680 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
10:46:24.0652 3680 AcpiPmi - ok
10:46:24.0724 3680 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
10:46:24.0752 3680 adfs - ok
10:46:24.0809 3680 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
10:46:24.0817 3680 adp94xx - ok
10:46:24.0839 3680 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
10:46:24.0843 3680 adpahci - ok
10:46:24.0853 3680 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
10:46:24.0856 3680 adpu320 - ok
10:46:24.0927 3680 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
10:46:24.0934 3680 AFD - ok
10:46:24.0967 3680 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
10:46:24.0979 3680 agp440 - ok
10:46:25.0015 3680 ahcix64s (3327e85cadb3b65ee36016e35bcc0adc) C:\Windows\system32\DRIVERS\ahcix64s.sys
10:46:25.0016 3680 ahcix64s - ok
10:46:25.0036 3680 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
10:46:25.0048 3680 aliide - ok
10:46:25.0065 3680 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
10:46:25.0077 3680 amdide - ok
10:46:25.0112 3680 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
10:46:25.0119 3680 AmdK8 - ok
10:46:25.0138 3680 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
10:46:25.0144 3680 AmdPPM - ok
10:46:25.0179 3680 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
10:46:25.0194 3680 amdsata - ok
10:46:25.0227 3680 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
10:46:25.0234 3680 amdsbs - ok
10:46:25.0272 3680 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
10:46:25.0273 3680 amdxata - ok
10:46:25.0318 3680 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
10:46:25.0331 3680 AppID - ok
10:46:25.0384 3680 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
10:46:25.0392 3680 arc - ok
10:46:25.0409 3680 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
10:46:25.0416 3680 arcsas - ok
10:46:25.0462 3680 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:46:25.0468 3680 AsyncMac - ok
10:46:25.0485 3680 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
10:46:25.0485 3680 atapi - ok
10:46:25.0535 3680 athr (e0fabc10635c670bd7d89fd214a405d7) C:\Windows\system32\DRIVERS\athrx.sys
10:46:25.0575 3680 athr - ok
10:46:25.0704 3680 atikmdag (2db9047aac9d981f59ce06d04d70c4d8) C:\Windows\system32\DRIVERS\atikmdag.sys
10:46:25.0812 3680 atikmdag - ok
10:46:25.0832 3680 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
10:46:25.0832 3680 AtiPcie - ok
10:46:25.0871 3680 Avc (16fabe84916623d0607e4a975544032c) C:\Windows\system32\DRIVERS\avc.sys
10:46:25.0890 3680 Avc - ok
10:46:25.0931 3680 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
10:46:25.0936 3680 b06bdrv - ok
10:46:25.0959 3680 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:46:25.0967 3680 b57nd60a - ok
10:46:25.0989 3680 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:46:25.0994 3680 Beep - ok
10:46:26.0013 3680 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
10:46:26.0015 3680 blbdrive - ok
10:46:26.0056 3680 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
10:46:26.0057 3680 bowser - ok
10:46:26.0080 3680 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:46:26.0081 3680 BrFiltLo - ok
10:46:26.0116 3680 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:46:26.0116 3680 BrFiltUp - ok
10:46:26.0162 3680 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
10:46:26.0215 3680 BridgeMP - ok
10:46:26.0277 3680 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:46:26.0286 3680 Brserid - ok
10:46:26.0349 3680 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:46:26.0350 3680 BrSerWdm - ok
10:46:26.0379 3680 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:46:26.0380 3680 BrUsbMdm - ok
10:46:26.0387 3680 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:46:26.0387 3680 BrUsbSer - ok
10:46:26.0414 3680 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
10:46:26.0416 3680 BTHMODEM - ok
10:46:26.0434 3680 catchme - ok
10:46:26.0458 3680 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:46:26.0464 3680 cdfs - ok
10:46:26.0501 3680 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
10:46:26.0513 3680 cdrom - ok
10:46:26.0528 3680 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
10:46:26.0539 3680 circlass - ok
10:46:26.0576 3680 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:46:26.0581 3680 CLFS - ok
10:46:26.0606 3680 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
10:46:26.0611 3680 CmBatt - ok
10:46:26.0650 3680 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
10:46:26.0662 3680 cmdide - ok
10:46:26.0700 3680 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
10:46:26.0752 3680  CNG - ok
10:46:26.0797 3680 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
10:46:26.0803 3680 Compbatt - ok
10:46:26.0835 3680 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
10:46:26.0840 3680 CompositeBus - ok
10:46:26.0891 3680 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
10:46:26.0906 3680 crcdisk - ok
10:46:26.0970 3680 CSCrySec (ab1201f8de199e764da9a32abf71049c) C:\Windows\system32\DRIVERS\CSCrySec.sys
10:46:26.0984 3680 CSCrySec - ok
10:46:27.0028 3680 CSVirtualDiskDrv (a6eed705bb510fa6b0f9f097165a3395) C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys
10:46:27.0059 3680 CSVirtualDiskDrv - ok
10:46:27.0113 3680 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
10:46:27.0133 3680 dc3d - ok
10:46:27.0192 3680 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
10:46:27.0197 3680 DfsC - ok
10:46:27.0241 3680 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:46:27.0242 3680 discache - ok
10:46:27.0288 3680 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
10:46:27.0306 3680 Disk - ok
10:46:27.0342 3680 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:46:27.0354 3680 drmkaud - ok
10:46:27.0407 3680 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
10:46:27.0420 3680 DXGKrnl - ok
10:46:27.0509 3680 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
10:46:27.0569 3680 ebdrv - ok
10:46:27.0615 3680 ElbyCDIO (9a47ac3dfcf81d30922cdaaf1c2d579f) C:\Windows\system32\Drivers\ElbyCDIO.sys
10:46:27.0650 3680 ElbyCDIO - ok
10:46:27.0684 3680 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
10:46:27.0690 3680 elxstor - ok
10:46:27.0724 3680 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
10:46:27.0732 3680 ErrDev - ok
10:46:27.0774 3680 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:46:27.0798 3680 exfat - ok
10:46:27.0819 3680 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:46:27.0828 3680 fastfat - ok
10:46:27.0851 3680 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
10:46:27.0857 3680 fdc - ok
10:46:27.0878 3680 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:46:27.0901 3680 FileInfo - ok
10:46:27.0916 3680 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:46:27.0922 3680 Filetrace - ok
10:46:27.0977 3680 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
10:46:27.0983 3680 flpydisk - ok
10:46:28.0034 3680 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
10:46:28.0040 3680 FltMgr - ok
10:46:28.0055 3680 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:46:28.0061 3680 FsDepends - ok
10:46:28.0074 3680 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
10:46:28.0090 3680 Fs_Rec - ok
10:46:28.0131 3680 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:46:28.0137 3680 fvevol - ok
10:46:28.0159 3680 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:46:28.0166 3680 gagp30kx - ok
10:46:28.0240 3680 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:46:28.0246 3680 hcw85cir - ok
10:46:28.0299 3680 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
10:46:28.0331 3680 HDAudBus - ok
10:46:28.0366 3680 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
10:46:28.0373 3680 HidBatt - ok
10:46:28.0409 3680 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
10:46:28.0416 3680 HidBth - ok
10:46:28.0435 3680 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
10:46:28.0452 3680 HidIr - ok
10:46:28.0507 3680 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
10:46:28.0542 3680 HidUsb - ok
10:46:28.0627 3680 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
10:46:28.0645 3680 HpSAMD - ok
10:46:28.0714 3680 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
10:46:28.0724 3680 HTTP - ok
10:46:28.0764 3680 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
10:46:28.0777 3680 hwpolicy - ok
10:46:28.0819 3680 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
10:46:28.0853 3680 i8042prt - ok
10:46:28.0893 3680 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
10:46:28.0915 3680 iaStorV - ok
10:46:28.0929 3680 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
10:46:28.0936 3680 iirsp - ok
10:46:29.0015 3680 IntcAzAudAddService (3c4b4ee54febb09f7e9f58776de96dca) C:\Windows\system32\drivers\RTKVHD64.sys
10:46:29.0094 3680 IntcAzAudAddService - ok
10:46:29.0116 3680 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
10:46:29.0132 3680 intelide - ok
10:46:29.0157 3680 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
10:46:29.0165 3680 intelppm - ok
10:46:29.0206 3680 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:46:29.0213 3680 IpFilterDriver - ok
10:46:29.0264 3680 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
10:46:29.0279 3680 IPMIDRV - ok
10:46:29.0308 3680 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:46:29.0315 3680 IPNAT - ok
10:46:29.0329 3680 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:46:29.0334 3680 IRENUM - ok
10:46:29.0369 3680 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
10:46:29.0381 3680 isapnp - ok
10:46:29.0409 3680 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
10:46:29.0425 3680 iScsiPrt - ok
10:46:29.0456 3680 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
10:46:29.0469 3680 kbdclass - ok
10:46:29.0511 3680 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
10:46:29.0524 3680 kbdhid - ok
10:46:29.0590 3680 kl1 (db449f50e5141458eb58e64ffac4863f) C:\Windows\system32\DRIVERS\kl1.sys
10:46:29.0632 3680 kl1 - ok
10:46:29.0650 3680 KLBG (87200a8afe40532baa4d2b24a7ba0eea) C:\Windows\system32\DRIVERS\klbg.sys
10:46:29.0666 3680 KLBG - ok
10:46:29.0701 3680 KLIF (34d49307217b20e5a845b7db50cdd4fa) C:\Windows\system32\DRIVERS\klif.sys
10:46:29.0703 3680 KLIF - ok
10:46:29.0760 3680 KLIM6 (630f22545379437737cf4172f09fe449) C:\Windows\system32\DRIVERS\klim6.sys
10:46:29.0793 3680 KLIM6 - ok
10:46:29.0836 3680 klmouflt (786791291939abb11f6d0f040da23912) C:\Windows\system32\DRIVERS\klmouflt.sys
10:46:29.0849 3680 klmouflt - ok
10:46:29.0884 3680 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
10:46:29.0900 3680 KSecDD - ok
10:46:29.0914 3680 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
10:46:29.0930 3680 KSecPkg - ok
10:46:29.0956 3680 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:46:29.0962 3680 ksthunk - ok
10:46:30.0006 3680 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:46:30.0019 3680 lltdio - ok
10:46:30.0057 3680 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:46:30.0064 3680 LSI_FC - ok
10:46:30.0103 3680 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:46:30.0110 3680 LSI_SAS - ok
10:46:30.0136 3680 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:46:30.0143 3680 LSI_SAS2 - ok
10:46:30.0184 3680 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:46:30.0203 3680 LSI_SCSI - ok
10:46:30.0234 3680 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:46:30.0242 3680 luafv - ok
10:46:30.0332 3680 lvpopf64 (ce6e5146039d248feb991fbc9e2b6a7b) C:\Windows\system32\DRIVERS\lvpopf64.sys
10:46:30.0370 3680 lvpopf64 - ok
10:46:30.0413 3680 LVUSBS64 (6d5ea90f86f9b28cd44af6ba9be03bf9) C:\Windows\system32\drivers\LVUSBS64.sys
10:46:30.0416 3680 LVUSBS64 - ok
10:46:30.0510 3680 LVUVC64 (eb12688842ede30c843a123fa6855858) C:\Windows\system32\DRIVERS\lvuvc64.sys
10:46:30.0577 3680 LVUVC64 - ok
10:46:30.0639 3680 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
10:46:30.0641 3680 MBAMProtector - ok
10:46:30.0697 3680 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
10:46:30.0710 3680 mcdbus - ok
10:46:30.0759 3680 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
10:46:30.0770 3680 megasas - ok
10:46:30.0798 3680 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
10:46:30.0805 3680 MegaSR - ok
10:46:30.0842 3680 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:46:30.0847 3680 Modem - ok
10:46:30.0869 3680 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:46:30.0875 3680 monitor - ok
10:46:30.0927 3680 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
10:46:30.0939 3680 mouclass - ok
10:46:30.0978 3680 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
10:46:30.0984 3680 mouhid - ok
10:46:31.0023 3680 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
10:46:31.0028 3680 mountmgr - ok
10:46:31.0073 3680 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
10:46:31.0088 3680 mpio - ok
10:46:31.0123 3680 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:46:31.0138 3680 mpsdrv - ok
10:46:31.0174 3680 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
10:46:31.0180 3680 MRxDAV - ok
10:46:31.0208 3680 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:46:31.0211 3680 mrxsmb - ok
10:46:31.0258 3680 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:46:31.0270 3680 mrxsmb10 - ok
10:46:31.0301 3680 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:46:31.0307 3680 mrxsmb20 - ok
10:46:31.0343 3680 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
10:46:31.0381 3680 msahci - ok
10:46:31.0435 3680 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
10:46:31.0440 3680 msdsm - ok
10:46:31.0499 3680 MSDV (72949a24d37a20a54b3d4d3dadbb55e9) C:\Windows\system32\DRIVERS\msdv.sys
10:46:31.0543 3680 MSDV - ok
10:46:31.0563 3680 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:46:31.0568 3680 Msfs - ok
10:46:31.0584 3680 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:46:31.0589 3680 mshidkmdf - ok
10:46:31.0599 3680 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
10:46:31.0608 3680 msisadrv - ok
10:46:31.0639 3680 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:46:31.0646 3680 MSKSSRV - ok
10:46:31.0666 3680 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:46:31.0674 3680 MSPCLOCK - ok
10:46:31.0683 3680 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:46:31.0689 3680 MSPQM - ok
10:46:31.0734 3680 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
10:46:31.0741 3680 MsRPC - ok
10:46:31.0760 3680 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
10:46:31.0772 3680 mssmbios - ok
10:46:31.0795 3680 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:46:31.0800 3680 MSTEE - ok
10:46:31.0824 3680 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
10:46:31.0829 3680 MTConfig - ok
10:46:31.0851 3680 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:46:31.0856 3680 Mup - ok
10:46:31.0890 3680 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:46:31.0907 3680 NativeWifiP - ok
10:46:31.0961 3680 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
10:46:31.0974 3680 NDIS - ok
10:46:31.0995 3680 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:46:32.0000 3680 NdisCap - ok
10:46:32.0019 3680 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:46:32.0024 3680 NdisTapi - ok
10:46:32.0062 3680 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
10:46:32.0103 3680 Ndisuio - ok
10:46:32.0144 3680 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
10:46:32.0169 3680 NdisWan - ok
10:46:32.0210 3680 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
10:46:32.0229 3680 NDProxy - ok
10:46:32.0241 3680 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:46:32.0245 3680 NetBIOS - ok
10:46:32.0264 3680 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
10:46:32.0270 3680 NetBT - ok
10:46:32.0323 3680 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
10:46:32.0329 3680 nfrd960 - ok
10:46:32.0352 3680 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:46:32.0357 3680 Npfs - ok
10:46:32.0375 3680 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:46:32.0376 3680 nsiproxy - ok
10:46:32.0437 3680 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
10:46:32.0472 3680 Ntfs - ok
10:46:32.0519 3680 NuidFltr (317020d31f1696334679b9d0416eb62e) C:\Windows\system32\DRIVERS\NuidFltr.sys
10:46:32.0559 3680 NuidFltr - ok
10:46:32.0575 3680 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:46:32.0580 3680 Null - ok
10:46:32.0616 3680 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
10:46:32.0630 3680 nvraid - ok
10:46:32.0673 3680 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
10:46:32.0687 3680 nvstor - ok
10:46:32.0718 3680 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
10:46:32.0733 3680 nv_agp - ok
10:46:32.0765 3680 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
10:46:32.0777 3680 ohci1394 - ok
10:46:32.0842 3680 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
10:46:32.0848 3680 Parport - ok
10:46:32.0881 3680 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
10:46:32.0905 3680 partmgr - ok
10:46:32.0947 3680 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
10:46:32.0962 3680 pci - ok
10:46:33.0000 3680 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:46:33.0013 3680 pciide - ok
10:46:33.0041 3680 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
10:46:33.0049 3680 pcmcia - ok
10:46:33.0075 3680 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:46:33.0080 3680 pcw - ok
10:46:33.0106 3680 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:46:33.0116 3680 PEAUTH - ok
10:46:33.0182 3680 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
10:46:33.0195 3680 Point64 - ok
10:46:33.0266 3680 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
10:46:33.0284 3680 PptpMiniport - ok
10:46:33.0314 3680 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
10:46:33.0320 3680 Processor - ok
10:46:33.0366 3680 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
10:46:33.0370 3680 Psched - ok
10:46:33.0415 3680 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
10:46:33.0450 3680 ql2300 - ok
10:46:33.0478 3680 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
10:46:33.0484 3680 ql40xx - ok
10:46:33.0502 3680 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:46:33.0508 3680 QWAVEdrv - ok
10:46:33.0522 3680 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:46:33.0528 3680 RasAcd - ok
10:46:33.0553 3680 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:46:33.0558 3680 RasAgileVpn - ok
10:46:33.0599 3680 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:46:33.0618 3680 Rasl2tp - ok
10:46:33.0638 3680 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:46:33.0643 3680 RasPppoe - ok
10:46:33.0661 3680 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:46:33.0666 3680 RasSstp - ok
10:46:33.0711 3680 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
10:46:33.0737 3680 rdbss - ok
10:46:33.0752 3680 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
10:46:33.0757 3680 rdpbus - ok
10:46:33.0786 3680 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:46:33.0787 3680 RDPCDD - ok
10:46:33.0813 3680 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:46:33.0814 3680 RDPENCDD - ok
10:46:33.0831 3680 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:46:33.0831 3680 RDPREFMP - ok
10:46:33.0878 3680 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
10:46:33.0898 3680 RDPWD - ok
10:46:33.0953 3680 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
10:46:33.0998 3680 rdyboost - ok
10:46:34.0044 3680 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:46:34.0057 3680 rspndr - ok
10:46:34.0097 3680 RSUSBSTOR (79bad3e977966af21df982def5a99c76) C:\Windows\system32\Drivers\RtsUStor.sys
10:46:34.0121 3680 RSUSBSTOR - ok
10:46:34.0139 3680 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
10:46:34.0160 3680 RTL8167 - ok
10:46:34.0202 3680 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
10:46:34.0216 3680 sbp2port - ok
10:46:34.0256 3680 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
10:46:34.0272 3680 scfilter - ok
10:46:34.0290 3680 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:46:34.0294 3680 secdrv - ok
10:46:34.0320 3680 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
10:46:34.0326 3680 Serenum - ok
10:46:34.0360 3680 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
10:46:34.0367 3680 Serial - ok
10:46:34.0395 3680 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
10:46:34.0407 3680 sermouse - ok
10:46:34.0611 3680 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
10:46:34.0645 3680 sffdisk - ok
10:46:34.0680 3680 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
10:46:34.0695 3680 sffp_mmc - ok
10:46:34.0710 3680 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
10:46:34.0726 3680 sffp_sd - ok
10:46:34.0759 3680 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
10:46:34.0767 3680 sfloppy - ok
10:46:34.0857 3680 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:46:34.0881 3680 SiSRaid2 - ok
10:46:34.0916 3680 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
10:46:34.0923 3680 SiSRaid4 - ok
10:46:34.0951 3680 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:46:34.0956 3680 Smb - ok
10:46:34.0982 3680 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:46:34.0987 3680 spldr - ok
10:46:35.0036 3680 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
10:46:35.0043 3680 srv - ok
10:46:35.0054 3680 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
10:46:35.0060 3680 srv2 - ok
10:46:35.0075 3680 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
10:46:35.0079 3680 srvnet - ok
10:46:35.0097 3680 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
10:46:35.0103 3680 stexstor - ok
10:46:35.0154 3680 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
10:46:35.0165 3680 swenum - ok
10:46:35.0217 3680 tap0901 (3b73c849b41fb20d77b0e553214061a5) C:\Windows\system32\DRIVERS\tap0901.sys
10:46:35.0256 3680 tap0901 - ok
10:46:35.0329 3680 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
10:46:35.0364 3680 Tcpip - ok
10:46:35.0405 3680 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
10:46:35.0415 3680 TCPIP6 - ok
10:46:35.0532 3680 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
10:46:35.0550 3680 tcpipreg - ok
10:46:35.0569 3680 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:46:35.0574 3680 TDPIPE - ok
10:46:35.0591 3680 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
10:46:35.0596 3680 TDTCP - ok
10:46:35.0632 3680 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
10:46:35.0656 3680 tdx - ok
10:46:35.0709 3680 teamviewervpn (f5520dbb47c60ee83024b38720abda24) C:\Windows\system32\DRIVERS\teamviewervpn.sys
10:46:35.0725 3680 teamviewervpn - ok
10:46:35.0740 3680 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
10:46:35.0753 3680 TermDD - ok
10:46:35.0794 3680 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:46:35.0812 3680 tssecsrv - ok
10:46:35.0850 3680 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
10:46:35.0865 3680 TsUsbFlt - ok
10:46:35.0894 3680 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
10:46:35.0918 3680 tunnel - ok
10:46:35.0950 3680 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
10:46:35.0957 3680 uagp35 - ok
10:46:35.0990 3680 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
10:46:36.0013 3680 udfs - ok
10:46:36.0042 3680 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
10:46:36.0055 3680 uliagpkx - ok
10:46:36.0093 3680 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
10:46:36.0103 3680 umbus - ok
10:46:36.0133 3680 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
10:46:36.0138 3680 UmPass - ok
10:46:36.0186 3680 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
10:46:36.0201 3680 usbaudio - ok
10:46:36.0221 3680 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
10:46:36.0234 3680 usbccgp - ok
10:46:36.0271 3680 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
10:46:36.0308 3680 usbcir - ok
10:46:36.0348 3680 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
10:46:36.0361 3680 usbehci - ok
10:46:36.0386 3680 usbfilter (6648c6d7323a2ce0c4776c36cefbcb14) C:\Windows\system32\DRIVERS\usbfilter.sys
10:46:36.0398 3680 usbfilter - ok
10:46:36.0422 3680 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
10:46:36.0439 3680 usbhub - ok
10:46:36.0457 3680 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
10:46:36.0469 3680 usbohci - ok
10:46:36.0509 3680 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:46:36.0514 3680 usbprint - ok
10:46:36.0563 3680 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
10:46:36.0604 3680 usbscan - ok
10:46:36.0646 3680 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:46:36.0662 3680 USBSTOR - ok
10:46:36.0682 3680 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
10:46:36.0698 3680 usbuhci - ok
10:46:36.0738 3680 V0060VID (47321ecd0158cbaf8da28582c6b7b56f) C:\Windows\system32\DRIVERS\V0060Vid.sys
10:46:36.0747 3680 V0060VID - ok
10:46:36.0839 3680 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys
10:46:36.0871 3680 VClone - ok
10:46:36.0932 3680 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
10:46:36.0941 3680 vdrvroot - ok
10:46:36.0976 3680 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:46:36.0981 3680 vga - ok
10:46:37.0006 3680 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:46:37.0011 3680 VgaSave - ok
10:46:37.0044 3680 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
10:46:37.0059 3680 vhdmp - ok
10:46:37.0086 3680 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
10:46:37.0098 3680 viaide - ok
10:46:37.0123 3680 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
10:46:37.0136 3680 volmgr - ok
10:46:37.0180 3680 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
10:46:37.0188 3680 volmgrx - ok
10:46:37.0222 3680 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
10:46:37.0238 3680 volsnap - ok
10:46:37.0277 3680 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
10:46:37.0284 3680 vsmraid - ok
10:46:37.0302 3680 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
10:46:37.0308 3680 vwifibus - ok
10:46:37.0332 3680 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
10:46:37.0345 3680 vwififlt - ok
10:46:37.0377 3680 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
10:46:37.0383 3680 WacomPen - ok
10:46:37.0422 3680 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:46:37.0440 3680 WANARP - ok
10:46:37.0444 3680 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:46:37.0445 3680 Wanarpv6 - ok
10:46:37.0479 3680 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
10:46:37.0484 3680 Wd - ok
10:46:37.0519 3680 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:46:37.0529 3680 Wdf01000 - ok
10:46:37.0551 3680 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:46:37.0563 3680 WfpLwf - ok
10:46:37.0583 3680 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:46:37.0588 3680 WIMMount - ok
10:46:37.0660 3680 winusb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\drivers\WinUSB.SYS
10:46:37.0669 3680 winusb - ok
10:46:37.0704 3680 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
10:46:37.0715 3680 WmiAcpi - ok
10:46:37.0745 3680 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:46:37.0750 3680 ws2ifsl - ok
10:46:37.0797 3680 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
10:46:37.0847 3680 WSDPrintDevice - ok
10:46:37.0898 3680 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
10:46:37.0923 3680 WudfPf - ok
10:46:37.0936 3680 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:46:37.0961 3680 WUDFRd - ok
10:46:37.0988 3680 MBR (0x1B8) (2f59af64989ab7ea113f0c81b3259af7) \Device\Harddisk0\DR0
10:46:38.0138 3680 \Device\Harddisk0\DR0 - ok
10:46:38.0145 3680 Boot (0x1200) (51bf3f533f1a0522fab1ab470ef20460) \Device\Harddisk0\DR0\Partition0
10:46:38.0146 3680 \Device\Harddisk0\DR0\Partition0 - ok
10:46:38.0156 3680 Boot (0x1200) (7cffe5cef681df504725f58a3214f8c4) \Device\Harddisk0\DR0\Partition1
10:46:38.0157 3680 \Device\Harddisk0\DR0\Partition1 - ok
10:46:38.0183 3680 Boot (0x1200) (f033cb6fbc6b1fd13c4fb319257b02f2) \Device\Harddisk0\DR0\Partition2
10:46:38.0185 3680 \Device\Harddisk0\DR0\Partition2 - ok
10:46:38.0185 3680 ============================================================
10:46:38.0185 3680 Scan finished
10:46:38.0185 3680 ============================================================
10:46:38.0199 5112 Detected object count: 0
10:46:38.0199 5112 Actual detected object count: 0
10:48:28.0496 5576 Deinitialize success


----------



## jeffce (May 10, 2011)

Hi destin,

*Let's get on offline MBR dump*

You'll need a CD and a USB flashdrive that has some space on it. We *will not* be changing any of the data on the usb device just using it for a file.

You will also need to use *FireFox* to download a file as Internet Explorer seems to mangle the download.

If you have any problems with these steps please let me know. It may look complicated but it's fairly straight forward and for the most part automated.

Download *GETxPUD.exe* to your desktop 

Run *GETxPUD.exe* by double clicking it.
A new folder will appear on the desktop.
Open the *GETxPUD *folder and click on the* get&burn.bat*
The program will download xpud_0.9.2.iso, and when finished, it will open BurnCDCC which will be ready to burn the image.
Click on* Start* and follow the prompts to burn the image to your CD

Using *FireFox*, please download and save *dumpit* to your *usb device*.

You may want to print out this part as you will not be able to view these instructions once booted with the CD you just made.

Leave the usb device attached to the computer
Now boot your computer with the CD you just burned 
with the CD in the computer, restart the computer

The computer must be set to boot from the CD,depending on your computer you can either do this by pressing F12 and selecting the CD as the first boot option or it can be set in the BIOS
Once you have the computer set to boot from the CD allow it to boot
A Welcome to xPUD screen will appear
Click on *File *
Expand *mnt*
*sda1*,or *sda2*...usually corresponds to your HDD
*sdb1* is likely your *USB*
Click on the folder that represents your USB drive (sdb1 ?)
(you will be able to tell if it the right one as the screen will populate with your files)
Locate the file you downloaded and saved earlier, *dumpit*
double click it to run it
a black window will open, follow the instructions to close the window when it's finished
a file called *MBR.zip* should now be placed in the right hand panel
Click the *Home* icon at top
Remove the CD and click *Power off*
Click *restart*

Once the computer has rebooted open the usb device and attach the *MBR.zip* file to your next reply.
----------


----------



## destin (Jan 8, 2012)

thanks Jeff, 
I will do it over the weekend as I have family matters at the moment, please dont close the thread,thanks


----------



## valis (Sep 24, 2004)

it won't close unless untended for a couple months.


----------



## jeffce (May 10, 2011)

Hi destin,

Please take your time. Family matters come first. Thanks for letting me know.


----------

