Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Security Protection virus problem.


  • This topic is locked This topic is locked

#1
Down_with_malware

Down_with_malware

    Member

  • Member
  • PipPipPip
  • 152 posts
Hello, my Dad has a mini and one of our family members caught a rouge software called "Security protection." This thing is stubborn it won't let my father get on the internet,open task manager, or anything. Even safe mode with networking won't let us on our web browsers. The PCs virus protection was expired that was McAfee. So we cannot come to this site from that PC so we are doing this from here. What should we do now?
  • 0

Advertisements


#2
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hello Down_with_malware and welcome to G2G! :)

My nick is maliprog and I'll will be your technical support on this issue. Before we start please read my notes carefully:

NOTE:
  • Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
  • Absence of symptoms does not always mean the computer is clean
  • Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
  • Please DO NOT run any scans or fix on your own without my direction.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply.
  • You must reply within 3 days or your topic will be closed

Step 1

We will need clean PC and USB memory to download and transfer tools to infected PC. First we need to disinfect your USB memory so you can transfer files and not get infected. Do this step only once just to protect your USB memory.

Do this on the clean computer:

  • 1 - Flash Drive Disinfector
    Download Flash_Disinfector.exe by sUBs from here and save it to your desktop.
  • Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
  • The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.
  • Wait until it has finished scanning and then exit the program.
  • Reboot your computer when done.

    Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you run it. Don't delete this folder...it will help protect your drives from future infection.

Step 2

We need to disable malware processes on your system first
  • Download TheKiller to your Desktop
  • Note that TheKiller is renamed as explorer.exe
  • Run it by double click (If running Vista or Windows 7, right click on it and select "Run as an Administrator")
  • Press OK button after program finish
  • Do not restart your system after this step
NOTE: If malware blocks TheKiller from running please try to run it several more times

Step 3

Download OTL to your Desktop

  • Double click on the icon to run it (If running Vista or Windows 7, right click on it and select "Run as an Administrator")
    . Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them if you need to start a new topic.

Step 4

Please don't forget to include these items in your reply:

  • OTL log
  • OTL Extras log
It would be helpful if you could post each log in separate post
  • 0

#3
Down_with_malware

Down_with_malware

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 152 posts
First off I would like to say Thank You for your response. I will go through all these steps you described and I will post all the things you require. :)
  • 0

#4
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
OK. Waiting for your logs from infected PC :)
  • 0

#5
Down_with_malware

Down_with_malware

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 152 posts
Heres the OTL log. Extra will be in next post.

OTL logfile created on: 7/31/2011 11:52:47 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Jeanette\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.29 Mb Total Physical Memory | 457.12 Mb Available Physical Memory | 45.11% Memory free
2.38 Gb Paging File | 1.84 Gb Available in Paging File | 77.04% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 139.24 Gb Total Space | 123.70 Gb Free Space | 88.84% Space Free | Partition Type: NTFS
Drive D: | 1.87 Gb Total Space | 1.34 Gb Free Space | 71.59% Space Free | Partition Type: NTFS

Computer Name: FAMILYMINI | User Name: Jeanette | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/31 23:51:40 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeanette\My Documents\Downloads\OTL.scr
PRC - [2011/07/13 22:09:55 | 000,022,048 | ---- | M] (MindSpark) -- C:\Program Files\Guffins\bar\1.bin\u4medint.exe
PRC - [2011/05/05 15:44:48 | 001,195,408 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2011/04/14 14:01:38 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2011/04/14 14:01:38 | 000,171,168 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2011/04/14 14:01:38 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
PRC - [2011/03/06 12:46:09 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2008/04/14 05:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/07/31 23:51:40 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeanette\My Documents\Downloads\OTL.scr
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/07/13 22:09:52 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Stopped] -- C:\Program Files\Guffins\bar\1.bin\u4barsvc.exe -- (GuffinsService)
SRV - [2011/04/14 14:01:38 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2011/04/14 14:01:38 | 000,171,168 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/04/14 14:01:38 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2010/10/07 21:34:28 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - [2011/04/14 14:01:38 | 000,387,480 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/04/14 14:01:38 | 000,314,088 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/04/14 14:01:38 | 000,153,280 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/04/14 14:01:38 | 000,095,824 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/04/14 14:01:38 | 000,088,736 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2011/04/14 14:01:38 | 000,088,736 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2011/04/14 14:01:38 | 000,084,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/04/14 14:01:38 | 000,084,200 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2011/04/14 14:01:38 | 000,056,064 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2011/04/14 14:01:38 | 000,052,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/11/17 09:41:00 | 005,954,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/11/17 09:40:48 | 000,134,144 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OAO17Afx.sys -- (OAO17Afx)
DRV - [2009/11/17 09:40:46 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/17 09:40:42 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/09/22 09:40:48 | 000,174,592 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/07/28 09:55:00 | 000,143,360 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009/03/12 10:36:38 | 000,143,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2009/01/06 16:53:14 | 001,391,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/11/04 19:24:58 | 000,014,248 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\EMSC.SYS -- (EMSC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Help_Page = http://support.dell....c=us&l=en&s=gen
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://g.msn.com/USCON/1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mp3tubetoolba...49be219c0a6621c
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 73 BF EC 01 B8 88 6D 4E BA 6A 04 D1 40 33 B6 D8 [binary data]
IE - HKCU\..\URLSearchHook: {c3d3840c-12ea-4461-a61d-190555fecc82} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search..defaultengine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..defaultenginename: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..order.1: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..selectedEngine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.search.defaultengine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.defaultenginename: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.order.1: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.selectedEngine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://mp3tubetoolba...0a6621c&subid="
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..extensions.enabledItems: {d63c8b89-cf6c-4189-85b8-b93dd6853919}:1.0
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.5.0.8013
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.22.0
FF - prefs.js..keyword.URL: "http://search.mywebs...3a9&searchfor="

FF - user.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="
FF - user.js..keyword.enabled: 1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Guffins.com/Plugin: C:\Program Files\Guffins\bar\1.bin\NPu4Stub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Jeanette\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/05/29 11:18:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Guffins\bar\1.bin [2011/07/13 22:10:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\DealScout\FireFox [2011/07/31 16:55:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/04 14:47:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/06 12:46:44 | 000,000,000 | ---D | M]

[2010/07/24 10:08:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeanette\Application Data\Mozilla\Extensions
[2011/07/31 16:55:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeanette\Application Data\Mozilla\Firefox\Profiles\xspilbdx.default\extensions
[2010/07/27 18:41:03 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jeanette\Application Data\Mozilla\Firefox\Profiles\xspilbdx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/07/31 23:48:37 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\Jeanette\Application Data\Mozilla\Firefox\Profiles\xspilbdx.default\extensions\{d63c8b89-cf6c-4189-85b8-b93dd6853919}
[2011/07/14 09:58:07 | 000,010,001 | ---- | M] () -- C:\Documents and Settings\Jeanette\Application Data\Mozilla\Firefox\Profiles\xspilbdx.default\searchplugins\Guffins.xml
[2011/07/31 14:23:18 | 000,001,211 | ---- | M] () -- C:\Documents and Settings\Jeanette\Application Data\Mozilla\Firefox\Profiles\xspilbdx.default\searchplugins\Mp3Tube.xml
[2011/07/31 23:49:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/07/31 16:55:21 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010/04/29 20:24:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/01 21:29:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/05/29 11:18:54 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2011/07/31 16:55:18 | 000,000,000 | ---D | M] (DealScout) -- C:\PROGRAM FILES\DEALSCOUT\FIREFOX
[2011/07/13 22:10:02 | 000,000,000 | ---D | M] (Guffins) -- C:\PROGRAM FILES\GUFFINS\BAR\1.BIN
[2010/02/10 08:55:06 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/07/31 14:23:18 | 000,001,211 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Mp3Tube.xml

O1 HOSTS File: ([2008/04/14 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {01ECBF73-88B8-4E6D-BA6A-04D14033B6D8} - C:\WINDOWS\system32\basesrv32.dll (AIDEX Team)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110618182903.dll (McAfee, Inc.)
O2 - BHO: (Toolbar BHO) - {a916eefe-6a17-4d7d-a131-2738b260bb55} - C:\Program Files\Guffins\bar\1.bin\u4bar.dll (MindSpark)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Search Assistant BHO) - {d6a34acb-76fa-4a14-88ea-5d54797a2028} - C:\Program Files\Guffins\bar\1.bin\u4SrcAs.dll (COMPANYVERS_NAME)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Guffins) - {de2fdf7c-2637-4ba3-b427-3fce2d331db5} - C:\Program Files\Guffins\bar\1.bin\u4bar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {46897C77-E7A6-4C33-BFFB-E9C2E2718942} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Guffins) - {DE2FDF7C-2637-4BA3-B427-3FCE2D331DB5} - C:\Program Files\Guffins\bar\1.bin\u4bar.dll (MindSpark)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [BTMeter] C:\Program Files\Battery Meter\BTMeter.exe (Dell)
O4 - HKLM..\Run: [CapsLKNotify] C:\Program Files\CapsLKNotify\CapsLKNotify.exe (Compal Electronics, Inc)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [dellsupportcenter] File not found
O4 - HKLM..\Run: [FREEzeFrogSA] C:\Program Files\FREEzeFrog\bin\1.0.670.0\FREEzeFrogSA.exe ()
O4 - HKLM..\Run: [Guffins Browser Plugin Loader] C:\Program Files\Guffins\bar\1.bin\u4brmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WSED] C:\Program Files\WSED\WSED.exe (Dell)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Security Protection] C:\Documents and Settings\All Users\Application Data\defender.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Jeanette\My Documents\My Pictures\th_patrickeating.gif
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jeanette\Application Data\Mozilla\Firefox\Desktop Background.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/25 18:45:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{f7f0868e-a6ab-11e0-9369-701a04e0d9a3}\Shell - "" = AutoRun
O33 - MountPoints2\{f7f0868e-a6ab-11e0-9369-701a04e0d9a3}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f7f0868e-a6ab-11e0-9369-701a04e0d9a3}\Shell\AutoRun\command - "" = D:\AP.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/07/31 23:49:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2011/07/31 20:15:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/07/31 17:36:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2011/07/31 16:55:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2011/07/31 16:55:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2011/07/31 16:55:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeanette\Local Settings\Application Data\Temp
[2011/07/31 16:55:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2011/07/31 16:55:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2011/07/31 16:55:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeanette\Start Menu\Programs\blinkx beat
[2011/07/31 16:55:18 | 000,000,000 | ---D | C] -- C:\Program Files\FREEzeFrog
[2011/07/31 16:55:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeanette\Application Data\FREEzeFrog
[2011/07/31 11:31:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeanette\Application Data\Skype
[2011/07/31 11:31:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeanette\Local Settings\Application Data\Google
[2011/07/31 11:30:47 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011/07/31 11:29:19 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011/07/31 11:29:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2011/07/31 11:23:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeanette\Application Data\Mp3Tube Toolbar
[2011/07/31 11:22:57 | 000,000,000 | ---D | C] -- C:\Program Files\Blinkx
[2011/07/31 11:22:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FREEzeFrogSA
[2011/07/31 11:22:35 | 000,000,000 | ---D | C] -- C:\Program Files\DealScout
[2011/07/24 18:39:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeanette\Application Data\.minecraft
[2011/07/23 22:37:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeanette\Desktop\5 nude skins
[2011/07/19 15:42:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeanette\Application Data\Unity
[2011/07/18 20:12:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeanette\Local Settings\Application Data\Unity
[2011/07/15 15:24:54 | 000,348,672 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\basesrv32.dll
[2011/07/13 22:09:51 | 000,000,000 | ---D | C] -- C:\Program Files\Guffins
[2011/07/13 22:09:32 | 000,000,000 | ---D | C] -- C:\Program Files\GuffinsEI
[2011/07/10 12:24:32 | 000,044,544 | ---- | C] (Absolute Software Corp.) -- C:\WINDOWS\System32\agremove.exe
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Jeanette\Desktop\*.tmp files -> C:\Documents and Settings\Jeanette\Desktop\*.tmp -> ]
[1 C:\Documents and Settings\Jeanette\*.tmp files -> C:\Documents and Settings\Jeanette\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/31 23:57:00 | 000,000,564 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2011/07/31 23:52:53 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-552070401-851945994-2673825684-1007.job
[2011/07/31 23:52:53 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-552070401-851945994-2673825684-1007.job
[2011/07/31 23:51:04 | 000,464,526 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/07/31 23:51:04 | 000,079,636 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/07/31 23:48:00 | 000,000,422 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2011/07/31 23:46:44 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/31 23:46:25 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-552070401-851945994-2673825684-1006.job
[2011/07/31 23:46:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/31 23:46:11 | 1062,580,224 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/31 19:41:00 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/31 13:57:01 | 000,865,280 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\defender.exe
[2011/07/31 11:33:13 | 000,001,815 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/07/31 11:33:13 | 000,001,793 | ---- | M] () -- C:\Documents and Settings\Jeanette\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/07/31 11:29:22 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/07/31 11:22:59 | 000,001,333 | ---- | M] () -- C:\Documents and Settings\Jeanette\Desktop\blinkx beat.lnk
[2011/07/30 19:08:52 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/27 17:32:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/07/24 15:49:18 | 000,000,101 | ---- | M] () -- C:\WINDOWS\System32\610960705
[2011/07/23 15:21:44 | 000,011,309 | ---- | M] () -- C:\Documents and Settings\Jeanette\Desktop\patrick_nomnomnom_by_fyi_sus-d3gt4qo.gif
[2011/07/21 23:01:47 | 000,000,710 | -HS- | M] () -- C:\WINDOWS\System32\mmcshext32.dll
[2011/07/21 21:56:06 | 000,000,709 | -HS- | M] () -- C:\WINDOWS\System32\sigtab32.dll
[2011/07/21 20:50:28 | 000,000,709 | -HS- | M] () -- C:\WINDOWS\System32\mtxex32.dll
[2011/07/16 11:03:37 | 000,006,408 | ---- | M] () -- C:\Documents and Settings\Jeanette\Desktop\carothegirlytomboy.gif
[2011/07/15 21:18:33 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/07/15 19:02:47 | 001,496,772 | ---- | M] () -- C:\Documents and Settings\Jeanette\Desktop\8c4e4336-5c6b-453b-ada6-64108c813baa.gif
[2011/07/15 15:24:54 | 000,348,672 | ---- | M] (AIDEX Team) -- C:\WINDOWS\System32\basesrv32.dll
[2011/07/14 11:09:38 | 000,292,069 | ---- | M] () -- C:\Documents and Settings\Jeanette\Desktop\funny_jill_by_neon206-d3qmsrn.gif
[2011/07/13 09:42:56 | 000,182,632 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/12 21:23:13 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/07/10 12:24:39 | 000,044,544 | ---- | M] (Absolute Software Corp.) -- C:\WINDOWS\System32\agremove.exe
[2011/07/04 23:37:07 | 000,870,128 | ---- | M] () -- C:\Documents and Settings\Jeanette\Application Data\mcs.rma
[2011/07/04 23:37:07 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Jeanette\Application Data\8DF924
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Jeanette\Desktop\*.tmp files -> C:\Documents and Settings\Jeanette\Desktop\*.tmp -> ]
[1 C:\Documents and Settings\Jeanette\*.tmp files -> C:\Documents and Settings\Jeanette\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/31 20:47:54 | 1062,580,224 | -HS- | C] () -- C:\hiberfil.sys
[2011/07/31 13:57:00 | 000,865,280 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\defender.exe
[2011/07/31 11:33:13 | 000,001,793 | ---- | C] () -- C:\Documents and Settings\Jeanette\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/07/31 11:33:12 | 000,001,815 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/07/31 11:31:23 | 000,000,890 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/31 11:31:23 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/31 11:29:22 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/07/31 11:22:59 | 000,001,333 | ---- | C] () -- C:\Documents and Settings\Jeanette\Desktop\blinkx beat.lnk
[2011/07/23 15:21:42 | 000,011,309 | ---- | C] () -- C:\Documents and Settings\Jeanette\Desktop\patrick_nomnomnom_by_fyi_sus-d3gt4qo.gif
[2011/07/21 23:01:47 | 000,000,710 | -HS- | C] () -- C:\WINDOWS\System32\mmcshext32.dll
[2011/07/21 21:56:06 | 000,000,709 | -HS- | C] () -- C:\WINDOWS\System32\sigtab32.dll
[2011/07/21 20:50:28 | 000,000,709 | -HS- | C] () -- C:\WINDOWS\System32\mtxex32.dll
[2011/07/16 11:03:36 | 000,006,408 | ---- | C] () -- C:\Documents and Settings\Jeanette\Desktop\carothegirlytomboy.gif
[2011/07/15 19:02:46 | 001,496,772 | ---- | C] () -- C:\Documents and Settings\Jeanette\Desktop\8c4e4336-5c6b-453b-ada6-64108c813baa.gif
[2011/07/15 15:24:57 | 000,000,101 | ---- | C] () -- C:\WINDOWS\System32\610960705
[2011/07/14 11:09:36 | 000,292,069 | ---- | C] () -- C:\Documents and Settings\Jeanette\Desktop\funny_jill_by_neon206-d3qmsrn.gif
[2011/07/04 19:21:08 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Jeanette\Application Data\8DF924
[2011/07/04 19:21:07 | 000,870,128 | ---- | C] () -- C:\Documents and Settings\Jeanette\Application Data\mcs.rma
[2010/12/31 12:31:01 | 000,310,312 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/06/13 21:14:38 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/06/12 21:05:59 | 000,002,154 | ---- | C] () -- C:\Documents and Settings\Jeanette\Application Data\install.dat
[2010/04/19 18:53:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/02/10 10:30:41 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010/02/10 10:29:41 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2010/02/10 10:25:42 | 000,001,155 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2010/02/10 09:20:36 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2010/02/10 09:03:36 | 000,000,076 | RHS- | C] () -- C:\WINDOWS\CT4CET.bin
[2010/02/10 08:56:22 | 000,577,536 | ---- | C] () -- C:\WINDOWS\System32\EMSC.DLL
[2010/02/10 08:55:25 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2010/02/10 08:55:24 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2010/02/10 08:55:24 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2008/05/26 20:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 20:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/25 18:47:34 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/04/25 18:44:05 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/25 18:42:57 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/04/25 13:33:19 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/25 13:33:18 | 000,464,526 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/25 13:33:18 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/25 13:33:18 | 000,079,636 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/25 13:33:18 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/25 13:33:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/25 13:33:17 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/25 13:33:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/04/25 13:33:14 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/25 13:33:14 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/25 13:33:10 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/25 13:33:06 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/25 06:39:19 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/04/25 06:38:33 | 000,182,632 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/09/27 09:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini

========== LOP Check ==========

[2011/07/31 15:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FREEzeFrogSA
[2010/12/31 11:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2011/06/01 15:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/02/10 08:56:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista32
[2010/02/10 08:56:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista64
[2010/02/10 08:56:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Win732
[2010/02/10 08:56:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Win764
[2010/02/10 08:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\XP32
[2011/07/31 16:55:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeanette\Application Data\.minecraft
[2011/07/31 16:55:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeanette\Application Data\FREEzeFrog
[2011/07/31 13:55:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeanette\Application Data\Mp3Tube Toolbar
[2011/07/19 15:42:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeanette\Application Data\Unity
[2010/02/10 08:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeanette\Application Data\Windows Desktop Search
[2010/07/28 10:55:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jeanette\Application Data\Windows Search
[2011/07/31 23:57:00 | 000,000,564 | ---- | M] () -- C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
[2011/07/31 23:48:00 | 000,000,422 | ---- | M] () -- C:\WINDOWS\Tasks\SystemToolsDailyTest.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2008/04/14 05:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/04/14 05:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/04/14 05:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008/04/14 05:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/07/08 21:51:19 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/03/06 12:46:36 | 000,552,376 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/03/06 12:46:36 | 000,552,376 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/03/06 12:46:36 | 000,552,376 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/03/06 12:46:09 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/03/06 12:46:09 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/03/06 12:46:09 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2011/07/08 21:51:19 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2011/07/08 21:51:19 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/07/08 21:51:19 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/07/08 21:51:19 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/04/25 05:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/04/25 05:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/04/25 05:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/07/08 21:51:19 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/03/06 12:46:36 | 000,552,376 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/03/06 12:46:36 | 000,552,376 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/03/06 12:46:36 | 000,552,376 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/03/06 12:46:09 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/03/06 12:46:09 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/03/06 12:46:09 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2011/07/08 21:51:19 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2011/07/08 21:51:19 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/07/08 21:51:19 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/07/08 21:51:19 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/04/25 05:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/04/25 05:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/04/25 05:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

========== Alternate Data Streams ==========

@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7F4C2C65

< End of report >
  • 0

#6
Down_with_malware

Down_with_malware

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 152 posts
The extra log, the killer log will be next post.

OTL Extras logfile created on: 7/31/2011 11:52:47 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Jeanette\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.29 Mb Total Physical Memory | 457.12 Mb Available Physical Memory | 45.11% Memory free
2.38 Gb Paging File | 1.84 Gb Available in Paging File | 77.04% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 139.24 Gb Total Space | 123.70 Gb Free Space | 88.84% Space Free | Partition Type: NTFS
Drive D: | 1.87 Gb Total Space | 1.34 Gb Free Space | 71.59% Space Free | Partition Type: NTFS

Computer Name: FAMILYMINI | User Name: Jeanette | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Documents and Settings\Pete\ctmweb.exe" = C:\Documents and Settings\Pete\ctmweb.exe:*:Enabled:ctmweb Computrace Installation/Management Application -- (Absolute Software Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent
"C:\Program Files\Rhapsody\rhapsody.exe" = C:\Program Files\Rhapsody\rhapsody.exe:*:Enabled:RealNetworks Rhapsody -- (Rhapsody International Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" = C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{053E51D3-885D-425C-9586-EA5183C4C688}" = Function Keys
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 21
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{543A4F31-9590-416A-A621-42CEB4C6A694}" = Battery Meter
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{67635FB6-2F63-4FFB-830B-D4C01597EBA4}" = Microsoft Office Suite Activation Assistant
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90578106-70AF-4198-B9DE-1924FA83B03A}" = CapsLKNotify
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5B48A19-F319-6BFB-82DE-A18ED1087221}" = Acrobat.com
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.2
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E6CB6126-D120-4FB5-9D1B-E2E19003E66C}" = WSED
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{FEF06E73-A519-4510-8CF3-B66041B91D8A}" = EMSC
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Broadcom 802.11 Application" = Dell Wireless WLAN Card Utility
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DealScout" = DealScout for FireFox
"Dell Support Center" = Dell Support Center
"Dell Webcam Central" = Dell Webcam Central
"FREEzeFrogSA" = FREEzeFrog
"Google Chrome" = Google Chrome
"Guffinsbar Uninstall" = Guffins
"HDMI" = Intel® Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ie8" = Windows Internet Explorer 8
"InstallShield_{543A4F31-9590-416A-A621-42CEB4C6A694}" = Battery Meter
"InstallShield_{90578106-70AF-4198-B9DE-1924FA83B03A}" = CapsLKNotify
"Kitty Luv Free Trial_is1" = Kitty Luv Free Trial
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.14)" = Mozilla Firefox (3.6.14)
"MSC" = McAfee SecurityCenter
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"RealPlayer 12.0" = RealPlayer
"Rhapsody" = Rhapsody
"SynTPDeinstKey" = Dell Touchpad
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"blinkx beat" = blinkx beat
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/31/2011 11:17:11 PM | Computer Name = FAMILYMINI | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 7/31/2011 11:17:11 PM | Computer Name = FAMILYMINI | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 7/31/2011 11:17:11 PM | Computer Name = FAMILYMINI | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 7/31/2011 11:17:11 PM | Computer Name = FAMILYMINI | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 7/31/2011 11:17:11 PM | Computer Name = FAMILYMINI | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 7/31/2011 11:17:12 PM | Computer Name = FAMILYMINI | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 7/31/2011 11:17:12 PM | Computer Name = FAMILYMINI | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 7/31/2011 11:17:12 PM | Computer Name = FAMILYMINI | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 8/1/2011 2:52:28 AM | Computer Name = FAMILYMINI | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE
SECURITYCENTER.LNK> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)


Error - 8/1/2011 2:52:28 AM | Computer Name = FAMILYMINI | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE
SECURITYCENTER.LNK> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)


[ System Events ]
Error - 8/1/2011 2:48:22 AM | Computer Name = FAMILYMINI | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).

Error - 8/1/2011 2:48:22 AM | Computer Name = FAMILYMINI | Source = Service Control Manager | ID = 7034
Description = The Application Layer Gateway Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 8/1/2011 2:48:22 AM | Computer Name = FAMILYMINI | Source = Service Control Manager | ID = 7031
Description = The Print Spooler service terminated unexpectedly. It has done this
2 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 8/1/2011 2:48:30 AM | Computer Name = FAMILYMINI | Source = Service Control Manager | ID = 7031
Description = The McAfee Personal Firewall Service service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
60000 milliseconds: Restart the service.

Error - 8/1/2011 2:48:30 AM | Computer Name = FAMILYMINI | Source = Service Control Manager | ID = 7031
Description = The McAfee Services service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 8/1/2011 2:48:30 AM | Computer Name = FAMILYMINI | Source = Service Control Manager | ID = 7031
Description = The McAfee VirusScan Announcer service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 60000
milliseconds: Restart the service.

Error - 8/1/2011 2:48:30 AM | Computer Name = FAMILYMINI | Source = Service Control Manager | ID = 7031
Description = The McAfee Network Agent service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 8/1/2011 2:48:30 AM | Computer Name = FAMILYMINI | Source = Service Control Manager | ID = 7031
Description = The McAfee Proxy Service service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 8/1/2011 2:48:30 AM | Computer Name = FAMILYMINI | Source = Service Control Manager | ID = 7031
Description = The McAfee Anti-Spam Service service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 60000
milliseconds: Restart the service.

Error - 8/1/2011 2:49:41 AM | Computer Name = FAMILYMINI | Source = Service Control Manager | ID = 7034
Description = The Print Spooler service terminated unexpectedly. It has done this
3 time(s).


< End of report >
  • 0

#7
Down_with_malware

Down_with_malware

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 152 posts
Killer log.

TheKiller v0.2 by maliprog
Log file created on 07/31/2011
Operating system: Windows 2000/XP Service Pack 3
-------------------------------

File associations resetted
HKCU\...\Explorer\Advanced: SuperHidden -> Resetted to '0'

-------------------------------
All Done!

Also I have a new home page when I went into Firefox, I am sure its nothing just wanted to tell you that. The killer log came up two times, once when it worked and the second during OTL. Must of clicked it more then once or something. - DWM
  • 0

#8
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
If you fail to run OTL then run TheKiller before it.

Step 1

Please close all running programs and Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    IE - HKCU\..\URLSearchHook: {c3d3840c-12ea-4461-a61d-190555fecc82} - Reg Error: Key error. File not found
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mp3tubetoolba...49be219c0a6621c
    FF - prefs.js..browser.search..defaultengine: "Yahoo-Mp3Tube"
    FF - prefs.js..browser.search..defaultenginename: "Yahoo-Mp3Tube"
    FF - prefs.js..browser.search..order.1: "Yahoo-Mp3Tube"
    FF - prefs.js..browser.search..selectedEngine: "Yahoo-Mp3Tube"
    FF - prefs.js..browser.search..selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
    FF - prefs.js..browser.search.defaultengine: "Yahoo-Mp3Tube"
    FF - prefs.js..browser.search.defaultenginename: "Yahoo-Mp3Tube"
    FF - prefs.js..browser.search.order.1: "Yahoo-Mp3Tube"
    FF - prefs.js..browser.search.selectedEngine: "Yahoo-Mp3Tube"
    FF - prefs.js..browser.search.selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
    FF - prefs.js..browser.startup.homepage: "http://mp3tubetoolba...0a6621c&subid="
    FF - prefs.js..keyword.URL: "http://search.mywebs...3a9&searchfor="
    FF - user.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="
    FF - user.js..keyword.enabled: 1
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Guffins\bar\1.bin [2011/07/13 22:10:02 | 000,000,000 | ---D | M]
    [2011/07/13 22:10:02 | 000,000,000 | ---D | M] (Guffins) -- C:\PROGRAM FILES\GUFFINS\BAR\1.BIN
    [2011/07/31 14:23:18 | 000,001,211 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Mp3Tube.xml
    O2 - BHO: (Toolbar BHO) - {a916eefe-6a17-4d7d-a131-2738b260bb55} - C:\Program Files\Guffins\bar\1.bin\u4bar.dll (MindSpark)
    O3 - HKLM\..\Toolbar: (Guffins) - {de2fdf7c-2637-4ba3-b427-3fce2d331db5} - C:\Program Files\Guffins\bar\1.bin\u4bar.dll (MindSpark)
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {46897C77-E7A6-4C33-BFFB-E9C2E2718942} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (Guffins) - {DE2FDF7C-2637-4BA3-B427-3FCE2D331DB5} - C:\Program Files\Guffins\bar\1.bin\u4bar.dll (MindSpark)
    O4 - HKLM..\Run: [Guffins Browser Plugin Loader] C:\Program Files\Guffins\bar\1.bin\u4brmon.exe (VER_COMPANY_NAME)
    O4 - HKLM..\Run: [Guffins Browser Plugin Loader] C:\Program Files\Guffins\bar\1.bin\u4brmon.exe (VER_COMPANY_NAME)
    O4 - HKCU..\Run: [Security Protection] C:\Documents and Settings\All Users\Application Data\defender.exe ()
    O33 - MountPoints2\{f7f0868e-a6ab-11e0-9369-701a04e0d9a3}\Shell - "" = AutoRun
    O33 - MountPoints2\{f7f0868e-a6ab-11e0-9369-701a04e0d9a3}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{f7f0868e-a6ab-11e0-9369-701a04e0d9a3}\Shell\AutoRun\command - "" = D:\AP.exe
    [2011/07/31 11:23:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeanette\Application Data\Mp3Tube Toolbar
    [2011/07/13 22:09:51 | 000,000,000 | ---D | C] -- C:\Program Files\Guffins
    [2011/07/13 22:09:32 | 000,000,000 | ---D | C] -- C:\Program Files\GuffinsEI
    [2011/07/10 12:24:32 | 000,044,544 | ---- | C] (Absolute Software Corp.) -- C:\WINDOWS\System32\agremove.exe
    [2011/07/31 13:57:01 | 000,865,280 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\defender.exe

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the fix log it produces in your next reply or you can find it in C:\_OTL\MovedFiles

Step 2

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Step 3

Please don't forget to include these items in your reply:

  • OTL fix log
  • MAlwarebytes log
It would be helpful if you could post each log in separate post
  • 0

#9
Down_with_malware

Down_with_malware

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 152 posts
Here is the OTL log of the Fix, others in following replys.

========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{c3d3840c-12ea-4461-a61d-190555fecc82} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c3d3840c-12ea-4461-a61d-190555fecc82}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{c3d3840c-12ea-4461-a61d-190555fecc82}\ deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "Yahoo-Mp3Tube" removed from browser.search..defaultengine
Prefs.js: "Yahoo-Mp3Tube" removed from browser.search..defaultenginename
Prefs.js: "Yahoo-Mp3Tube" removed from browser.search..order.1
Prefs.js: "Yahoo-Mp3Tube" removed from browser.search..selectedEngine
Prefs.js: "http://mp3tubetoolba...={searchTerms}" removed from browser.search..selectedEngineURL
Prefs.js: "Yahoo-Mp3Tube" removed from browser.search.defaultengine
Prefs.js: "Yahoo-Mp3Tube" removed from browser.search.defaultenginename
Prefs.js: "Yahoo-Mp3Tube" removed from browser.search.order.1
Prefs.js: "Yahoo-Mp3Tube" removed from browser.search.selectedEngine
Prefs.js: "http://mp3tubetoolba...={searchTerms}" removed from browser.search.selectedEngineURL
Prefs.js: "http://mp3tubetoolba...0a6621c&subid=" removed from browser.startup.homepage
Prefs.js: "http://search.mywebs...3a9&searchfor=" removed from keyword.URL
C:\Documents and Settings\Jeanette\Application Data\Mozilla\FireFox\Profiles\xspilbdx.default\user.js moved successfully.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Guffins\bar\1.bin not found.
C:\PROGRAM FILES\GUFFINS\BAR\1.BIN\chrome folder moved successfully.
C:\PROGRAM FILES\GUFFINS\BAR\1.BIN folder moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\Mp3Tube.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a916eefe-6a17-4d7d-a131-2738b260bb55}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a916eefe-6a17-4d7d-a131-2738b260bb55}\ deleted successfully.
File C:\Program Files\Guffins\bar\1.bin\u4bar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{de2fdf7c-2637-4ba3-b427-3fce2d331db5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{de2fdf7c-2637-4ba3-b427-3fce2d331db5}\ deleted successfully.
File C:\Program Files\Guffins\bar\1.bin\u4bar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46897C77-E7A6-4C33-BFFB-E9C2E2718942}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DE2FDF7C-2637-4BA3-B427-3FCE2D331DB5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DE2FDF7C-2637-4BA3-B427-3FCE2D331DB5}\ not found.
File C:\Program Files\Guffins\bar\1.bin\u4bar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Guffins Browser Plugin Loader deleted successfully.
File C:\Program Files\Guffins\bar\1.bin\u4brmon.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Guffins Browser Plugin Loader not found.
File C:\Program Files\Guffins\bar\1.bin\u4brmon.exe not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Security Protection deleted successfully.
C:\Documents and Settings\All Users\Application Data\defender.exe moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f7f0868e-a6ab-11e0-9369-701a04e0d9a3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f7f0868e-a6ab-11e0-9369-701a04e0d9a3}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f7f0868e-a6ab-11e0-9369-701a04e0d9a3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f7f0868e-a6ab-11e0-9369-701a04e0d9a3}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f7f0868e-a6ab-11e0-9369-701a04e0d9a3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f7f0868e-a6ab-11e0-9369-701a04e0d9a3}\ not found.
File D:\AP.exe not found.
C:\Documents and Settings\Jeanette\Application Data\Mp3Tube Toolbar\images folder moved successfully.
C:\Documents and Settings\Jeanette\Application Data\Mp3Tube Toolbar folder moved successfully.
C:\Program Files\Guffins\Guffins\Cache folder moved successfully.
C:\Program Files\Guffins\Guffins folder moved successfully.
C:\Program Files\GuffinsEI\Installr\1.bin\chrome folder moved successfully.
C:\Program Files\GuffinsEI\Installr\1.bin folder moved successfully.
C:\Program Files\GuffinsEI\Installr folder moved successfully.
C:\Program Files\GuffinsEI folder moved successfully.
C:\WINDOWS\system32\agremove.exe moved successfully.
File C:\Documents and Settings\All Users\Application Data\defender.exe not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Jeanette\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\Jeanette\My Documents\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.26.1 log created on 08012011_092518
  • 0

#10
Down_with_malware

Down_with_malware

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 152 posts
Malwarebytes log. It said it couldn't remove a certain file when it was done.

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7346

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

8/1/2011 10:00:51 AM
mbam-log-2011-08-01 (10-00-51).txt

Scan type: Quick scan
Objects scanned: 188311
Time elapsed: 19 minute(s), 12 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 2
Registry Keys Infected: 17
Registry Values Infected: 2
Registry Data Items Infected: 2
Folders Infected: 2
Files Infected: 16

Memory Processes Infected:
c:\program files\freezefrog\bin\1.0.670.0\freezefrogsa.exe (Adware.FreezeFrog) -> 3684 -> Unloaded process successfully.

Memory Modules Infected:
c:\WINDOWS\system32\basesrv32.dll (Trojan.Tracur.PGen) -> Delete on reboot.
c:\program files\freezefrog\bin\1.0.670.0\freezefrogsahook.dll (Adware.FreezeFrog) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{01ECBF73-88B8-4E6D-BA6A-04D14033B6D8} (Trojan.Tracur.PGen) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01ECBF73-88B8-4E6D-BA6A-04D14033B6D8} (Trojan.Tracur.PGen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{01ECBF73-88B8-4E6D-BA6A-04D14033B6D8} (Trojan.Tracur.PGen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01ECBF73-88B8-4E6D-BA6A-04D14033B6D8} (Trojan.Tracur.PGen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FREEzeFrogAx.Info (Adware.FreezeFrog) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FREEzeFrogAx.Info.1 (Adware.FreezeFrog) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Mp3Tube (Adware.Mp3Tube) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\FREEZEFROGSA (Adware.FreezeFrog) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FREEzeFrogSA (Adware.FreezeFrog) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\Software\freezefrogsa\actionurl_current_version (Adware.FreezeFrog) -> Value: actionurl_current_version -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\FREEzeFrogSA (Adware.FreezeFrog) -> Value: FREEzeFrogSA -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
c:\program files\freezefrog\bin\1.0.670.0 (Adware.FreezeFrog) -> Delete on reboot.
c:\documents and settings\all users\application data\freezefrogsa (Adware.FreezeFrog) -> Quarantined and deleted successfully.

Files Infected:
c:\WINDOWS\system32\basesrv32.dll (Trojan.Tracur.PGen) -> Delete on reboot.
c:\program files\freezefrog\bin\1.0.670.0\freezefrogsahook.dll (Adware.FreezeFrog) -> Delete on reboot.
c:\documents and settings\Jeanette\my documents\downloads\Guffins.exe (PUP.FunWebProducts) -> Not selected for removal.
c:\RECYCLER\s-1-5-21-552070401-851945994-2673825684-1007\Dc3.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\RECYCLER\s-1-5-21-552070401-851945994-2673825684-1007\Dc5.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\RECYCLER\s-1-5-21-552070401-851945994-2673825684-1007\Dc6.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\Jeanette\local settings\Temp\37.tmp (Rogue.MalwareProtection) -> Quarantined and deleted successfully.
c:\documents and settings\Jeanette\local settings\Temp\69_dncgf.exe.part (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\freezefrog\bin\1.0.670.0\freezefrogsa.exe (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\program files\freezefrog\bin\1.0.670.0\freezefroguninstaller.exe (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\freezefrogsa\freezefrogsa.dat (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\freezefrogsa\freezefrogsaabout.mht (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\freezefrogsa\freezefrogsaau.dat (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\freezefrogsa\freezefrogsaeula.mht (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\freezefrogsa\freezefrogsa_hpk.dat (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\freezefrogsa\freezefrogsa_kyf.dat (Adware.FreezeFrog) -> Quarantined and deleted successfully.
  • 0

Advertisements


#11
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
Posted Image

Allow AVP to delete all infections found
Once it has finished select report tab (last tab)
Select Automatic Scan report from the left and press Save button
Save it to your desktop and attach to your next post
  • 0

#12
Down_with_malware

Down_with_malware

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 152 posts
I tried to attach the file but it doesn't seem to be working so prepare for A LOT of posts.

Automatic Scan: completed 1 minute ago (events: 247941, objects: 244923, time: 02:11:18)
8/1/2011 4:40:23 PM Task completed
8/1/2011 4:40:22 PM OK D:\WINDOWS\Web\printers\images\ipp_0002.gif
8/1/2011 4:40:22 PM OK D:\WINDOWS\Web\printers\images\ipp_0015.gif
8/1/2011 4:40:22 PM OK D:\WINDOWS\Web\printers\images\ipp_0012.gif
8/1/2011 4:40:22 PM OK D:\WINDOWS\Web\printers\images\ipp_0005.gif
8/1/2011 4:40:22 PM OK D:\WINDOWS\Web\printers\images\ipp_0004.gif
8/1/2011 4:40:22 PM OK D:\WINDOWS\Web\printers\images\ipp_0003.gif
8/1/2011 4:40:22 PM OK D:\WINDOWS\Web\printers\prtwebvw.css
8/1/2011 4:40:22 PM OK D:\WINDOWS\Web\printers\page1.asp
8/1/2011 4:40:22 PM OK D:\WINDOWS\Web\printers\ipp_util.inc
8/1/2011 4:40:22 PM OK D:\WINDOWS\Web\printers\ipp_res.inc
8/1/2011 4:40:22 PM OK D:\WINDOWS\Web\printers\ipp_adsi.inc
8/1/2011 4:40:22 PM OK D:\WINDOWS\Web\printers\ipp_0015.asp
8/1/2011 4:40:22 PM OK D:\WINDOWS\Web\printers\ipp_0010.asp
8/1/2011 4:40:22 PM OK D:\WINDOWS\Web\printers\ipp_0014.asp
8/1/2011 4:40:22 PM OK D:\WINDOWS\Web\printers\ipp_0013.asp
8/1/2011 4:40:22 PM OK D:\WINDOWS\Web\printers\ipp_0007.asp
8/1/2011 4:40:22 PM OK D:\WINDOWS\Web\printers\ipp_0006.asp
8/1/2011 4:40:22 PM OK D:\WINDOWS\Web\printers\ipp_0005.asp
8/1/2011 4:40:22 PM OK D:\WINDOWS\Web\printers\ipp_0004.asp
8/1/2011 4:40:21 PM OK D:\WINDOWS\Web\printers\ipp_0003.asp
8/1/2011 4:40:21 PM OK D:\WINDOWS\Web\printers\ipp_0002.asp
8/1/2011 4:40:21 PM OK D:\WINDOWS\Web\printers\ipp_0001.asp
8/1/2011 4:40:21 PM OK D:\WINDOWS\Web\printers\ipp_0000.inc
8/1/2011 4:40:21 PM OK D:\WINDOWS\Web\tips.gif
8/1/2011 4:40:21 PM OK D:\WINDOWS\Web\tip.htm
8/1/2011 4:40:21 PM OK D:\WINDOWS\twain_32\wiatwain.ds
8/1/2011 4:40:21 PM OK D:\WINDOWS\system32\wbem\wscenter.mof
8/1/2011 4:40:21 PM OK D:\WINDOWS\system32\wbem\wbemperf.dll
8/1/2011 4:40:21 PM OK D:\WINDOWS\system32\wbem\whqlprov.mof
8/1/2011 4:40:20 PM OK D:\WINDOWS\system32\wbem\sr.mof
8/1/2011 4:40:20 PM OK D:\WINDOWS\system32\wbem\ieinfo5.mof
8/1/2011 4:40:20 PM OK D:\WINDOWS\system32\wbem\hnetcfg.mof
8/1/2011 4:40:20 PM OK D:\WINDOWS\system32\wbem\evntrprv.mof
8/1/2011 4:40:20 PM OK D:\WINDOWS\system32\wbem\evntrprv.dll
8/1/2011 4:40:20 PM OK D:\WINDOWS\system32\wbem\dgnet.mof
8/1/2011 4:40:20 PM OK D:\WINDOWS\system32\usmt\sysmod_a.dll
8/1/2011 4:40:20 PM OK D:\WINDOWS\system32\usmt\usmtdef.inf
8/1/2011 4:40:20 PM OK D:\WINDOWS\system32\usmt\sysmod.dll
8/1/2011 4:40:20 PM OK D:\WINDOWS\system32\usmt\sysfiles.inf
8/1/2011 4:40:20 PM OK D:\WINDOWS\system32\usmt\script_a.dll
8/1/2011 4:40:20 PM OK D:\WINDOWS\system32\usmt\script.dll
8/1/2011 4:40:20 PM OK D:\WINDOWS\system32\usmt\migwiz_a.exe
8/1/2011 4:40:19 PM OK D:\WINDOWS\system32\usmt\migwiz.exe
8/1/2011 4:40:19 PM OK D:\WINDOWS\system32\usmt\migwiz.inf
8/1/2011 4:40:19 PM OK D:\WINDOWS\system32\usmt\migwiz.exe.manifest
8/1/2011 4:40:19 PM OK D:\WINDOWS\system32\usmt\migload.exe
8/1/2011 4:40:19 PM OK D:\WINDOWS\system32\usmt\miguser.inf
8/1/2011 4:40:19 PM OK D:\WINDOWS\system32\usmt\migsys.inf
8/1/2011 4:40:19 PM OK D:\WINDOWS\system32\usmt\migism_a.dll
8/1/2011 4:40:19 PM OK D:\WINDOWS\system32\usmt\migism.dll
8/1/2011 4:40:19 PM OK D:\WINDOWS\system32\usmt\migism.inf
8/1/2011 4:40:19 PM OK D:\WINDOWS\system32\usmt\migapp.inf
8/1/2011 4:40:19 PM OK D:\WINDOWS\system32\usmt\log.dll
8/1/2011 4:40:19 PM OK D:\WINDOWS\system32\usmt\iconlib.dll
8/1/2011 4:40:19 PM OK D:\WINDOWS\system32\usmt\guitrn_a.dll
8/1/2011 4:40:19 PM OK D:\WINDOWS\system32\usmt\guitrn.dll
8/1/2011 4:40:16 PM OK D:\WINDOWS\system32\spool\drivers\color\sRGB Color Space Profile.icm
8/1/2011 4:40:16 PM OK D:\WINDOWS\system32\spool\drivers\color\kodak_dc.icm
8/1/2011 4:40:16 PM OK D:\WINDOWS\system32\spool\drivers\color\is330.icm
8/1/2011 4:40:16 PM OK D:\WINDOWS\system32\Setup\tsoc.dll
8/1/2011 4:40:16 PM OK D:\WINDOWS\system32\Setup\tsoc.dll/#
8/1/2011 4:40:16 PM OK D:\WINDOWS\system32\Setup\zoneoc.dll Object was not changed (iChecker)
8/1/2011 4:40:16 PM OK D:\WINDOWS\system32\Setup\startoc.dll
8/1/2011 4:40:16 PM OK D:\WINDOWS\system32\Setup\setupqry.dll
8/1/2011 4:40:16 PM OK D:\WINDOWS\system32\Setup\ocmsn.dll
8/1/2011 4:40:16 PM OK D:\WINDOWS\system32\Setup\ocgen.dll
8/1/2011 4:40:16 PM OK D:\WINDOWS\system32\Setup\ocgen.dll/#
8/1/2011 4:40:16 PM OK D:\WINDOWS\system32\Setup\ntoc.dll
8/1/2011 4:40:15 PM OK D:\WINDOWS\system32\Setup\netoc.dll
8/1/2011 4:40:15 PM OK D:\WINDOWS\system32\Setup\msdtcstp.dll
8/1/2011 4:40:15 PM OK D:\WINDOWS\system32\Setup\msgrocm.dll
8/1/2011 4:40:15 PM OK D:\WINDOWS\system32\Setup\msgrocm.dll/#
8/1/2011 4:40:15 PM OK D:\WINDOWS\system32\Setup\imsinsnt.dll
8/1/2011 4:40:15 PM OK D:\WINDOWS\system32\Setup\iis.dll
8/1/2011 4:40:15 PM OK D:\WINDOWS\system32\Setup\fxsocm.dll
8/1/2011 4:40:15 PM OK D:\WINDOWS\system32\Setup\fsconins.dll Object was not changed (iChecker)
8/1/2011 4:39:54 PM OK D:\WINDOWS\system32\Setup\fp40ext.dll
8/1/2011 4:39:54 PM OK D:\WINDOWS\system32\Setup\comsetup.dll
8/1/2011 4:39:54 PM OK D:\WINDOWS\system32\ras\switch.inf
8/1/2011 4:39:54 PM OK D:\WINDOWS\system32\ras\slipmenu.scp
8/1/2011 4:39:54 PM OK D:\WINDOWS\system32\ras\slip.scp
8/1/2011 4:39:53 PM OK D:\WINDOWS\system32\ras\pppmenu.scp
8/1/2011 4:39:53 PM OK D:\WINDOWS\system32\ras\pad.inf
8/1/2011 4:39:53 PM OK D:\WINDOWS\system32\ras\cis.scp
8/1/2011 4:39:53 PM OK D:\WINDOWS\system32\npp\nppagent.exe
8/1/2011 4:39:53 PM OK D:\WINDOWS\system32\npp\ndisnpp.dll
8/1/2011 4:39:53 PM OK D:\WINDOWS\system32\mui\0424\xpsp2res.dll
8/1/2011 4:39:53 PM OK D:\WINDOWS\system32\mui\0424\xpsp1res.dll
8/1/2011 4:39:52 PM OK D:\WINDOWS\system32\mui\0424\xpob2res.dll
8/1/2011 4:39:52 PM OK D:\WINDOWS\system32\mui\041b\xpsp2res.dll
8/1/2011 4:39:52 PM OK D:\WINDOWS\system32\mui\041b\xpsp1res.dll
8/1/2011 4:39:52 PM OK D:\WINDOWS\system32\mui\041b\xpob2res.dll
8/1/2011 4:39:52 PM OK D:\WINDOWS\system32\mui\0009\hhctrlui.dll Object was not changed (iChecker)
8/1/2011 4:39:52 PM OK D:\WINDOWS\system32\icsxml\pppcfg.xml
8/1/2011 4:39:52 PM OK D:\WINDOWS\system32\icsxml\potscfg.xml
8/1/2011 4:39:52 PM OK D:\WINDOWS\system32\icsxml\osinfo.xml
8/1/2011 4:39:52 PM OK D:\WINDOWS\system32\icsxml\ipcfg.xml
8/1/2011 4:39:52 PM OK D:\WINDOWS\system32\icsxml\cmnicfg.xml
8/1/2011 4:39:51 PM OK D:\WINDOWS\system32\ias\iasnew.mdb
8/1/2011 4:39:51 PM OK D:\WINDOWS\system32\ias\dnary.mdb
8/1/2011 4:39:51 PM OK D:\WINDOWS\system32\drivers\etc\services
8/1/2011 4:39:51 PM OK D:\WINDOWS\system32\drivers\etc\protocol
8/1/2011 4:39:51 PM OK D:\WINDOWS\system32\drivers\etc\networks
8/1/2011 4:39:51 PM OK D:\WINDOWS\system32\drivers\etc\hosts
8/1/2011 4:39:51 PM OK D:\WINDOWS\system32\drivers\etc\lmhosts.sam
8/1/2011 4:39:51 PM OK D:\WINDOWS\system32\drivers\wanarp.sys
8/1/2011 4:39:51 PM OK D:\WINDOWS\system32\drivers\wanarp.sys/PE_Patch
8/1/2011 4:39:51 PM OK D:\WINDOWS\system32\drivers\ws2ifsl.sys Object was not changed (iChecker)
8/1/2011 4:39:51 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\wanarp.sys
8/1/2011 4:39:51 PM OK D:\WINDOWS\system32\drivers\wmilib.sys Object was not changed (iChecker)
8/1/2011 4:39:50 PM OK D:\WINDOWS\system32\drivers\volsnap.sys
8/1/2011 4:39:50 PM OK D:\WINDOWS\system32\drivers\volsnap.sys/PE_Patch
8/1/2011 4:39:50 PM OK D:\WINDOWS\system32\drivers\videoprt.sys
8/1/2011 4:39:50 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\volsnap.sys
8/1/2011 4:39:50 PM OK D:\WINDOWS\system32\drivers\videoprt.sys/PE_Patch
8/1/2011 4:39:50 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\videoprt.sys
8/1/2011 4:39:50 PM OK D:\WINDOWS\system32\drivers\vga.sys
8/1/2011 4:39:50 PM OK D:\WINDOWS\system32\drivers\vga.sys/PE_Patch
8/1/2011 4:39:50 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\vga.sys
8/1/2011 4:39:50 PM OK D:\WINDOWS\system32\drivers\vdmindvd.sys Object was not changed (iChecker)
8/1/2011 4:39:50 PM OK D:\WINDOWS\system32\drivers\usbstor.sys Object was not changed (iChecker)
8/1/2011 4:39:50 PM OK D:\WINDOWS\system32\drivers\usbport.sys Object was not changed (iChecker)
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\usbohci.sys Object was not changed (iChecker)
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\usbintel.sys Object was not changed (iChecker)
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\usbhub.sys Object was not changed (iChecker)
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\usbehci.sys Object was not changed (iChecker)
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\usbd.sys Object was not changed (iChecker)
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\usbcamd2.sys Object was not changed (iChecker)
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\usbcamd.sys Object was not changed (iChecker)
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\usb8023.sys
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\usb8023.sys/PE_Patch
8/1/2011 4:39:49 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\usb8023.sys
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\update.sys
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\udfs.sys
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\update.sys/PE_Patch
8/1/2011 4:39:49 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\update.sys
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\udfs.sys/PE_Patch
8/1/2011 4:39:49 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\udfs.sys
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\tunmp.sys Object was not changed (iChecker)
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\tsbvcap.sys Object was not changed (iChecker)
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\tosdvd.sys Object was not changed (iChecker)
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\tdi.sys
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\tdi.sys/PE_Patch
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\tcpip6.sys
8/1/2011 4:39:49 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\tdi.sys
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\tcpip6.sys/PE_Patch
8/1/2011 4:39:49 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\tcpip6.sys
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\tcpip.sys
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\tape.sys
8/1/2011 4:39:49 PM OK D:\WINDOWS\system32\drivers\tape.sys/PE_Patch
8/1/2011 4:39:49 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\tape.sys
8/1/2011 4:39:48 PM OK D:\WINDOWS\system32\drivers\swenum.sys Object was not changed (iChecker)
8/1/2011 4:39:48 PM OK D:\WINDOWS\system32\drivers\srv.sys
8/1/2011 4:39:48 PM OK D:\WINDOWS\system32\drivers\stream.sys Object was not changed (iChecker)
8/1/2011 4:39:48 PM OK D:\WINDOWS\system32\drivers\sonydcam.sys Object was not changed (iChecker)
8/1/2011 4:39:48 PM OK D:\WINDOWS\system32\drivers\smclib.sys Object was not changed (iChecker)
8/1/2011 4:39:48 PM OK D:\WINDOWS\system32\drivers\sfloppy.sys Object was not changed (iChecker)
8/1/2011 4:39:48 PM OK D:\WINDOWS\system32\drivers\sffp_sd.sys Object was not changed (iChecker)
8/1/2011 4:39:48 PM OK D:\WINDOWS\system32\drivers\sffdisk.sys Object was not changed (iChecker)
8/1/2011 4:39:48 PM OK D:\WINDOWS\system32\drivers\serial.sys Object was not changed (iChecker)
8/1/2011 4:39:48 PM OK D:\WINDOWS\system32\drivers\serenum.sys Object was not changed (iChecker)
8/1/2011 4:39:48 PM OK D:\WINDOWS\system32\drivers\secdrv.sys
8/1/2011 4:39:48 PM OK D:\WINDOWS\system32\drivers\sdbus.sys Object was not changed (iChecker)
8/1/2011 4:39:47 PM OK D:\WINDOWS\system32\drivers\scsiport.sys Object was not changed (iChecker)
8/1/2011 4:39:47 PM OK D:\WINDOWS\system32\drivers\rootmdm.sys Object was not changed (iChecker)
8/1/2011 4:39:47 PM OK D:\WINDOWS\system32\drivers\rndismp.sys
8/1/2011 4:39:47 PM OK D:\WINDOWS\system32\drivers\RMCast.sys
8/1/2011 4:39:47 PM OK D:\WINDOWS\system32\drivers\rndismp.sys/PE_Patch
8/1/2011 4:39:47 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\rndismp.sys
8/1/2011 4:39:47 PM OK D:\WINDOWS\system32\drivers\riodrv.sys Object was not changed (iChecker)
8/1/2011 4:39:47 PM OK D:\WINDOWS\system32\drivers\rio8drv.sys Object was not changed (iChecker)
8/1/2011 4:39:47 PM OK D:\WINDOWS\system32\drivers\rdbss.sys
8/1/2011 4:39:47 PM OK D:\WINDOWS\system32\drivers\rdpcdd.sys Object was not changed (iChecker)
8/1/2011 4:39:47 PM OK D:\WINDOWS\system32\drivers\rawwan.sys Object was not changed (iChecker)
8/1/2011 4:39:47 PM OK D:\WINDOWS\system32\drivers\raspti.sys Object was not changed (iChecker)
8/1/2011 4:39:47 PM OK D:\WINDOWS\system32\drivers\raspptp.sys
8/1/2011 4:39:47 PM OK D:\WINDOWS\system32\drivers\raspppoe.sys
8/1/2011 4:39:47 PM OK D:\WINDOWS\system32\drivers\raspppoe.sys/PE_Patch
8/1/2011 4:39:47 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\raspppoe.sys
8/1/2011 4:39:47 PM OK D:\WINDOWS\system32\drivers\rasl2tp.sys
8/1/2011 4:39:47 PM OK D:\WINDOWS\system32\drivers\psched.sys
8/1/2011 4:39:46 PM OK D:\WINDOWS\system32\drivers\psched.sys/PE_Patch
8/1/2011 4:39:46 PM OK D:\WINDOWS\system32\drivers\rasacd.sys Object was not changed (iChecker)
8/1/2011 4:39:46 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\psched.sys
8/1/2011 4:39:46 PM OK D:\WINDOWS\system32\drivers\ptilink.sys Object was not changed (iChecker)
8/1/2011 4:39:46 PM OK D:\WINDOWS\system32\drivers\processr.sys Object was not changed (iChecker)
8/1/2011 4:39:46 PM OK D:\WINDOWS\system32\drivers\pcmcia.sys Object was not changed (iChecker)
8/1/2011 4:39:46 PM OK D:\WINDOWS\system32\drivers\pciidex.sys Object was not changed (iChecker)
8/1/2011 4:39:46 PM OK D:\WINDOWS\system32\drivers\pciide.sys Object was not changed (iChecker)
8/1/2011 4:39:46 PM OK D:\WINDOWS\system32\drivers\pci.sys Object was not changed (iChecker)
8/1/2011 4:39:46 PM OK D:\WINDOWS\system32\drivers\parvdm.sys Object was not changed (iChecker)
8/1/2011 4:39:46 PM OK D:\WINDOWS\system32\drivers\partmgr.sys
8/1/2011 4:39:46 PM OK D:\WINDOWS\system32\drivers\parport.sys Object was not changed (iChecker)
8/1/2011 4:39:46 PM OK D:\WINDOWS\system32\drivers\p3.sys Object was not changed (iChecker)
8/1/2011 4:39:46 PM OK D:\WINDOWS\system32\drivers\oprghdlr.sys Object was not changed (iChecker)
8/1/2011 4:39:46 PM OK D:\WINDOWS\system32\drivers\nwlnkspx.sys Object was not changed (iChecker)
8/1/2011 4:39:46 PM OK D:\WINDOWS\system32\drivers\nwlnkipx.sys
8/1/2011 4:39:46 PM OK D:\WINDOWS\system32\drivers\nwlnknb.sys Object was not changed (iChecker)
8/1/2011 4:39:46 PM OK D:\WINDOWS\system32\drivers\nwlnkipx.sys/PE_Patch
8/1/2011 4:39:46 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\nwlnkipx.sys
8/1/2011 4:39:46 PM OK D:\WINDOWS\system32\drivers\nwlnkfwd.sys Object was not changed (iChecker)
8/1/2011 4:39:45 PM OK D:\WINDOWS\system32\drivers\nwlnkflt.sys Object was not changed (iChecker)
8/1/2011 4:39:45 PM OK D:\WINDOWS\system32\drivers\ntfs.sys
8/1/2011 4:39:45 PM OK D:\WINDOWS\system32\drivers\null.sys Object was not changed (iChecker)
8/1/2011 4:39:45 PM OK D:\WINDOWS\system32\drivers\npfs.sys
8/1/2011 4:39:45 PM OK D:\WINDOWS\system32\drivers\npfs.sys/PE_Patch
8/1/2011 4:39:45 PM OK D:\WINDOWS\system32\drivers\nmnt.sys
8/1/2011 4:39:45 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\npfs.sys
8/1/2011 4:39:45 PM OK D:\WINDOWS\system32\drivers\nmnt.sys/PE_Patch
8/1/2011 4:39:45 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\nmnt.sys
8/1/2011 4:39:45 PM OK D:\WINDOWS\system32\drivers\nikedrv.sys Object was not changed (iChecker)
8/1/2011 4:39:45 PM OK D:\WINDOWS\system32\drivers\nic1394.sys Object was not changed (iChecker)
8/1/2011 4:39:45 PM OK D:\WINDOWS\system32\drivers\netbt.sys
8/1/2011 4:39:45 PM OK D:\WINDOWS\system32\drivers\netbios.sys
8/1/2011 4:39:45 PM OK D:\WINDOWS\system32\drivers\netbios.sys/PE_Patch
8/1/2011 4:39:45 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\netbios.sys
8/1/2011 4:39:45 PM OK D:\WINDOWS\system32\drivers\ndproxy.sys
8/1/2011 4:39:45 PM OK D:\WINDOWS\system32\drivers\ndiswan.sys
8/1/2011 4:39:45 PM OK D:\WINDOWS\system32\drivers\ndistapi.sys
8/1/2011 4:39:45 PM OK D:\WINDOWS\system32\drivers\ndisuio.sys Object was not changed (iChecker)
8/1/2011 4:39:45 PM OK D:\WINDOWS\system32\drivers\ndis.sys
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\mup.sys
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\msgpc.sys
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\mssmbios.sys Object was not changed (iChecker)
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\msgpc.sys/PE_Patch
8/1/2011 4:39:44 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\msgpc.sys
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\msfs.sys
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\msfs.sys/PE_Patch
8/1/2011 4:39:44 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\msfs.sys
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\mrxsmb.sys Object was not changed (iChecker)
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\mrxdav.sys
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\mrxdav.sys/PE_Patch
8/1/2011 4:39:44 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\mrxdav.sys
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\mountmgr.sys
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\mountmgr.sys/PE_Patch
8/1/2011 4:39:44 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\mountmgr.sys
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\mouclass.sys Object was not changed (iChecker)
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\modem.sys Object was not changed (iChecker)
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\mnmdd.sys Object was not changed (iChecker)
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\mf.sys Object was not changed (iChecker)
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\ksecdd.sys
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\ksecdd.sys/PE_Patch
8/1/2011 4:39:44 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\ksecdd.sys
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\mcd.sys Object was not changed (iChecker)
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\ks.sys Object was not changed (iChecker)
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\kbdclass.sys Object was not changed (iChecker)
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\isapnp.sys Object was not changed (iChecker)
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\ipsec.sys
8/1/2011 4:39:44 PM OK D:\WINDOWS\system32\drivers\ipnat.sys
8/1/2011 4:39:43 PM OK D:\WINDOWS\system32\drivers\ipnat.sys/PE_Patch
8/1/2011 4:39:43 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\ipnat.sys
8/1/2011 4:39:43 PM OK D:\WINDOWS\system32\drivers\ipinip.sys
8/1/2011 4:39:43 PM OK D:\WINDOWS\system32\drivers\ipinip.sys/PE_Patch
8/1/2011 4:39:43 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\ipinip.sys
8/1/2011 4:39:43 PM OK D:\WINDOWS\system32\drivers\ip6fw.sys
8/1/2011 4:39:43 PM OK D:\WINDOWS\system32\drivers\ip6fw.sys/PE_Patch
8/1/2011 4:39:43 PM OK D:\WINDOWS\system32\drivers\ipfltdrv.sys Object was not changed (iChecker)
8/1/2011 4:39:43 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\ip6fw.sys
8/1/2011 4:39:43 PM OK D:\WINDOWS\system32\drivers\intelppm.sys Object was not changed (iChecker)
8/1/2011 4:39:43 PM OK D:\WINDOWS\system32\drivers\imapi.sys Object was not changed (iChecker)
8/1/2011 4:39:43 PM OK D:\WINDOWS\system32\drivers\i8042prt.sys Object was not changed (iChecker)
8/1/2011 4:39:43 PM OK D:\WINDOWS\system32\drivers\http.sys Object was not changed (iChecker)
8/1/2011 4:39:43 PM OK D:\WINDOWS\system32\drivers\hidparse.sys Object was not changed (iChecker)
8/1/2011 4:39:43 PM OK D:\WINDOWS\system32\drivers\hidclass.sys Object was not changed (iChecker)
8/1/2011 4:39:43 PM OK D:\WINDOWS\system32\drivers\gmreadme.txt
8/1/2011 4:39:43 PM OK D:\WINDOWS\system32\drivers\gm.dls
8/1/2011 4:39:42 PM OK D:\WINDOWS\system32\drivers\ftdisk.sys Object was not changed (iChecker)
8/1/2011 4:39:42 PM OK D:\WINDOWS\system32\drivers\fs_rec.sys Object was not changed (iChecker)
8/1/2011 4:39:42 PM OK D:\WINDOWS\system32\drivers\fsvga.sys Object was not changed (iChecker)
8/1/2011 4:39:42 PM OK D:\WINDOWS\system32\drivers\flpydisk.sys Object was not changed (iChecker)
8/1/2011 4:39:42 PM OK D:\WINDOWS\system32\drivers\fips.sys
8/1/2011 4:39:42 PM OK D:\WINDOWS\system32\drivers\fastfat.sys
8/1/2011 4:39:42 PM OK D:\WINDOWS\system32\drivers\fdc.sys Object was not changed (iChecker)
8/1/2011 4:39:42 PM OK D:\WINDOWS\system32\drivers\dxgthk.sys Object was not changed (iChecker)
8/1/2011 4:39:42 PM OK D:\WINDOWS\system32\drivers\dmboot.sys
8/1/2011 4:39:42 PM OK D:\WINDOWS\system32\drivers\dxg.sys Object was not changed (iChecker)
8/1/2011 4:39:42 PM OK D:\WINDOWS\system32\drivers\dxapi.sys Object was not changed (iChecker)
8/1/2011 4:39:42 PM OK D:\WINDOWS\system32\drivers\dmboot.sys/PE_Patch
8/1/2011 4:39:42 PM OK D:\WINDOWS\system32\drivers\dmload.sys Object was not changed (iChecker)
8/1/2011 4:39:42 PM OK D:\WINDOWS\system32\drivers\dmio.sys
8/1/2011 4:39:42 PM OK D:\WINDOWS\system32\drivers\dmio.sys/PE_Patch
8/1/2011 4:39:42 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\dmboot.sys
8/1/2011 4:39:42 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\dmio.sys
8/1/2011 4:39:41 PM OK D:\WINDOWS\system32\drivers\diskdump.sys
8/1/2011 4:39:41 PM OK D:\WINDOWS\system32\drivers\diskdump.sys/PE_Patch
8/1/2011 4:39:41 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\diskdump.sys
8/1/2011 4:39:41 PM OK D:\WINDOWS\system32\drivers\disk.sys Object was not changed (iChecker)
8/1/2011 4:39:41 PM OK D:\WINDOWS\system32\drivers\crusoe.sys Object was not changed (iChecker)
8/1/2011 4:39:41 PM OK D:\WINDOWS\system32\drivers\cpqdap01.sys Object was not changed (iChecker)
8/1/2011 4:39:41 PM OK D:\WINDOWS\system32\drivers\classpnp.sys
8/1/2011 4:39:41 PM OK D:\WINDOWS\system32\drivers\cinemst2.sys Object was not changed (iChecker)
8/1/2011 4:39:41 PM OK D:\WINDOWS\system32\drivers\cdrom.sys Object was not changed (iChecker)
8/1/2011 4:39:41 PM OK D:\WINDOWS\system32\drivers\cdfs.sys
8/1/2011 4:39:41 PM OK D:\WINDOWS\system32\drivers\cdaudio.sys Object was not changed (iChecker)
8/1/2011 4:39:41 PM OK D:\WINDOWS\system32\drivers\bridge.sys
8/1/2011 4:39:41 PM OK D:\WINDOWS\system32\drivers\bridge.sys/PE_Patch
8/1/2011 4:39:41 PM OK D:\WINDOWS\system32\drivers\cbidf2k.sys Object was not changed (iChecker)
8/1/2011 4:39:41 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\bridge.sys
8/1/2011 4:39:41 PM OK D:\WINDOWS\system32\drivers\beep.sys Object was not changed (iChecker)
8/1/2011 4:39:41 PM OK D:\WINDOWS\system32\drivers\atmuni.sys Object was not changed (iChecker)
8/1/2011 4:39:41 PM OK D:\WINDOWS\system32\drivers\atmlane.sys
8/1/2011 4:39:41 PM OK D:\WINDOWS\system32\drivers\atmlane.sys/PE_Patch
8/1/2011 4:39:41 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\atmlane.sys
8/1/2011 4:39:41 PM OK D:\WINDOWS\system32\drivers\atmarpc.sys
8/1/2011 4:39:41 PM OK D:\WINDOWS\system32\drivers\atmepvc.sys Object was not changed (iChecker)
8/1/2011 4:39:41 PM OK D:\WINDOWS\system32\drivers\atmarpc.sys/PE_Patch
8/1/2011 4:39:40 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\atmarpc.sys
8/1/2011 4:39:40 PM OK D:\WINDOWS\system32\drivers\atapi.sys Object was not changed (iChecker)
8/1/2011 4:39:40 PM OK D:\WINDOWS\system32\drivers\asyncmac.sys
8/1/2011 4:39:40 PM OK D:\WINDOWS\system32\drivers\asyncmac.sys/PE_Patch
8/1/2011 4:39:40 PM Packed: PE_Patch D:\WINDOWS\system32\drivers\asyncmac.sys
8/1/2011 4:39:40 PM OK D:\WINDOWS\system32\drivers\arp1394.sys Object was not changed (iChecker)
8/1/2011 4:39:40 PM OK D:\WINDOWS\system32\drivers\amdk7.sys Object was not changed (iChecker)
8/1/2011 4:39:40 PM OK D:\WINDOWS\system32\drivers\afd.sys
8/1/2011 4:39:40 PM OK D:\WINDOWS\system32\drivers\amdk6.sys Object was not changed (iChecker)
8/1/2011 4:39:40 PM OK D:\WINDOWS\system32\drivers\acpiec.sys Object was not changed (iChecker)
8/1/2011 4:39:40 PM OK D:\WINDOWS\system32\drivers\acpi.sys Object was not changed (iChecker)
8/1/2011 4:39:40 PM OK D:\WINDOWS\system32\config\userdiff.LOG
8/1/2011 4:39:40 PM OK D:\WINDOWS\system32\config\userdiff
8/1/2011 4:39:40 PM OK D:\WINDOWS\system32\config\TempKey.LOG
8/1/2011 4:39:40 PM OK D:\WINDOWS\system32\config\system.sav
8/1/2011 4:39:40 PM OK D:\WINDOWS\system32\config\system.LOG
8/1/2011 4:39:40 PM OK D:\WINDOWS\system32\config\system
8/1/2011 4:39:40 PM OK D:\WINDOWS\system32\config\software.sav
8/1/2011 4:39:40 PM OK D:\WINDOWS\system32\config\software.LOG
8/1/2011 4:39:40 PM OK D:\WINDOWS\system32\config\software
8/1/2011 4:39:40 PM OK D:\WINDOWS\system32\config\default.sav
8/1/2011 4:39:39 PM OK D:\WINDOWS\system32\config\default.LOG
8/1/2011 4:39:39 PM OK D:\WINDOWS\system32\config\default
8/1/2011 4:39:39 PM OK D:\WINDOWS\system32\1033\dwintl.dll Object was not changed (iChecker)
8/1/2011 4:39:39 PM OK D:\WINDOWS\system32\zipfldr.dll
8/1/2011 4:39:39 PM OK D:\WINDOWS\system32\xpsp2res.dll
8/1/2011 4:39:38 PM OK D:\WINDOWS\system32\xpsp1res.dll
8/1/2011 4:39:38 PM OK D:\WINDOWS\system32\xpob2res.dll
8/1/2011 4:39:38 PM OK D:\WINDOWS\system32\xmlprovi.dll
8/1/2011 4:39:38 PM OK D:\WINDOWS\system32\xmlprov.dll
8/1/2011 4:39:38 PM OK D:\WINDOWS\system32\xenroll.dll Object was not changed (iChecker)
8/1/2011 4:39:38 PM OK D:\WINDOWS\system32\xactsrv.dll
8/1/2011 4:39:38 PM OK D:\WINDOWS\system32\xcopy.exe
8/1/2011 4:39:38 PM OK D:\WINDOWS\system32\wzcsvc.dll Object was not changed (iChecker)
8/1/2011 4:39:37 PM OK D:\WINDOWS\system32\wzcdlg.dll
8/1/2011 4:39:37 PM OK D:\WINDOWS\system32\wzcsapi.dll Object was not changed (iChecker)
8/1/2011 4:39:37 PM OK D:\WINDOWS\system32\wupdmgr.exe Object was not changed (iChecker)
8/1/2011 4:39:37 PM OK D:\WINDOWS\system32\wtsapi32.dll
8/1/2011 4:39:37 PM OK D:\WINDOWS\system32\wstdecod.dll
8/1/2011 4:39:37 PM OK D:\WINDOWS\system32\wsock32.dll
8/1/2011 4:39:37 PM OK D:\WINDOWS\system32\wsnmp32.dll
8/1/2011 4:39:37 PM OK D:\WINDOWS\system32\wshom.ocx
8/1/2011 4:39:37 PM OK D:\WINDOWS\system32\wshtcpip.dll
8/1/2011 4:39:37 PM OK D:\WINDOWS\system32\WshRm.dll
8/1/2011 4:39:37 PM OK D:\WINDOWS\system32\wshnetbs.dll Object was not changed (iChecker)
8/1/2011 4:39:37 PM OK D:\WINDOWS\system32\wshext.dll
8/1/2011 4:39:37 PM OK D:\WINDOWS\system32\wshisn.dll Object was not changed (iChecker)
8/1/2011 4:39:37 PM OK D:\WINDOWS\system32\wship6.dll
8/1/2011 4:39:36 PM OK D:\WINDOWS\system32\wshcon.dll
8/1/2011 4:39:36 PM OK D:\WINDOWS\system32\wshbth.dll Object was not changed (iChecker)
8/1/2011 4:39:36 PM OK D:\WINDOWS\system32\wshatm.dll Object was not changed (iChecker)
8/1/2011 4:39:36 PM OK D:\WINDOWS\system32\wscui.cpl
8/1/2011 4:39:36 PM OK D:\WINDOWS\system32\wscript.exe
8/1/2011 4:39:36 PM OK D:\WINDOWS\system32\wscsvc.dll
8/1/2011 4:39:36 PM OK D:\WINDOWS\system32\ws2_32.dll
8/1/2011 4:39:36 PM OK D:\WINDOWS\system32\wscntfy.exe
8/1/2011 4:39:36 PM OK D:\WINDOWS\system32\ws2help.dll
8/1/2011 4:39:36 PM OK D:\WINDOWS\system32\wpnpinst.exe
8/1/2011 4:39:36 PM OK D:\WINDOWS\system32\wpabaln.exe
8/1/2011 4:39:36 PM OK D:\WINDOWS\system32\wpa.dbl
8/1/2011 4:39:36 PM OK D:\WINDOWS\system32\wowfaxui.dll Object was not changed (iChecker)
8/1/2011 4:39:36 PM OK D:\WINDOWS\system32\wowfax.dll Object was not changed (iChecker)
8/1/2011 4:39:35 PM OK D:\WINDOWS\system32\wowexec.exe Object was not changed (iChecker)
8/1/2011 4:39:35 PM OK D:\WINDOWS\system32\wowdeb.exe Object was not changed (iChecker)
8/1/2011 4:39:35 PM OK D:\WINDOWS\system32\wow32.dll
8/1/2011 4:39:35 PM OK D:\WINDOWS\system32\wmvds32.ax
8/1/2011 4:39:35 PM OK D:\WINDOWS\system32\wmvdmoe2.dll
8/1/2011 4:39:35 PM OK D:\WINDOWS\system32\wmvdmod.dll
8/1/2011 4:39:35 PM OK D:\WINDOWS\system32\wmvcore.dll
8/1/2011 4:39:35 PM OK D:\WINDOWS\system32\wmstream.dll
8/1/2011 4:39:34 PM OK D:\WINDOWS\system32\wmv8ds32.ax
8/1/2011 4:39:34 PM OK D:\WINDOWS\system32\wmpshell.dll
8/1/2011 4:39:34 PM OK D:\WINDOWS\system32\wmspdmoe.dll
8/1/2011 4:39:34 PM OK D:\WINDOWS\system32\wmspdmod.dll
8/1/2011 4:39:34 PM OK D:\WINDOWS\system32\wmsdmoe2.dll
8/1/2011 4:39:34 PM OK D:\WINDOWS\system32\wmpdxm.dll
8/1/2011 4:39:34 PM OK D:\WINDOWS\system32\wmsdmoe.dll
8/1/2011 4:39:34 PM OK D:\WINDOWS\system32\wmsdmod.dll
8/1/2011 4:39:34 PM OK D:\WINDOWS\system32\wmpui.dll
8/1/2011 4:39:34 PM OK D:\WINDOWS\system32\wmploc.dll
8/1/2011 4:39:33 PM OK D:\WINDOWS\system32\wmnetmgr.dll
8/1/2011 4:39:33 PM OK D:\WINDOWS\system32\wmpasf.dll
8/1/2011 4:39:33 PM OK D:\WINDOWS\system32\wmpcore.dll
8/1/2011 4:39:33 PM OK D:\WINDOWS\system32\wmpcd.dll
8/1/2011 4:39:33 PM OK D:\WINDOWS\system32\wmp.dll
8/1/2011 4:39:33 PM OK D:\WINDOWS\system32\wmp.ocx
8/1/2011 4:39:33 PM OK D:\WINDOWS\system32\wmerror.dll
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\wmdmlog.dll
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\wmiprop.dll Object was not changed (iChecker)
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\wmidx.dll
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\wmi.dll
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\wmadmod.dll
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\wmerrenu.dll Object was not changed (iChecker)
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\wmdmps.dll
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\wmasf.dll
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\wmadmoe.dll
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\wlnotify.dll
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\wldap32.dll
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\winver.exe
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\winsrv.dll
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\wkssvc.dll
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\wintrust.dll
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\win32k.sys
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\winstrm.dll Object was not changed (iChecker)
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\winsta.dll
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\winmm.dll
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\winspool.exe Object was not changed (iChecker)
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\winspool.drv
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\winsock.dll Object was not changed (iChecker)
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\winshfhc.dll
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\winscard.dll
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\winrnr.dll
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\winoldap.mod
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\winntbbu.dll
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\winnls.dll Object was not changed (iChecker)
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\winmsd.exe Object was not changed (iChecker)
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\winhttp.dll
8/1/2011 4:39:32 PM OK D:\WINDOWS\system32\winlogon.exe
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\winipsec.dll
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\wininet.dll
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\winbrand.dll
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\winhlp32.exe Object was not changed (iChecker)
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\winhelp.hlp
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\winfax.dll Object was not changed (iChecker)
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\wiascr.dll
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\win87em.dll Object was not changed (iChecker)
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\win32spl.dll
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\win.com
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\wiaservc.dll
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\wifeman.dll Object was not changed (iChecker)
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\wiavusd.dll Object was not changed (iChecker)
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\wiaservc.dll/#
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\wiavideo.dll
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\wiashext.dll
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\wiasf.ax
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\wiaacmgr.exe
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\wiadefui.dll
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\wiadss.dll
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\wextract.exe
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\wfwnet.drv
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\webclnt.dll
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\webvw.dll
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\wdigest.dll
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\webhits.dll Object was not changed (iChecker)
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\wdmaud.drv
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\webcheck.dll
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\wdl.trm
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\wbdbase.sve
8/1/2011 4:39:31 PM OK D:\WINDOWS\system32\wbdbase.nld
8/1/2011 4:39:30 PM OK D:\WINDOWS\system32\wbdbase.fra
8/1/2011 4:39:30 PM OK D:\WINDOWS\system32\wbdbase.ita
8/1/2011 4:39:30 PM OK D:\WINDOWS\system32\watchdog.sys
8/1/2011 4:39:30 PM OK D:\WINDOWS\system32\wbdbase.enu
8/1/2011 4:39:30 PM OK D:\WINDOWS\system32\watchdog.sys/PE_Patch
8/1/2011 4:39:30 PM OK D:\WINDOWS\system32\wbdbase.esn
8/1/2011 4:39:30 PM OK D:\WINDOWS\system32\w95upgnt.dll
8/1/2011 4:39:30 PM OK D:\WINDOWS\system32\wbdbase.deu
8/1/2011 4:39:30 PM Packed: PE_Patch D:\WINDOWS\system32\watchdog.sys
8/1/2011 4:39:30 PM OK D:\WINDOWS\system32\wbcache.sve
8/1/2011 4:39:30 PM OK D:\WINDOWS\system32\wbcache.nld
8/1/2011 4:39:30 PM OK D:\WINDOWS\system32\wbcache.ita
8/1/2011 4:39:30 PM OK D:\WINDOWS\system32\wbcache.fra
8/1/2011 4:39:30 PM OK D:\WINDOWS\system32\wbcache.esn
8/1/2011 4:39:30 PM OK D:\WINDOWS\system32\wbcache.enu
8/1/2011 4:39:30 PM OK D:\WINDOWS\system32\wbcache.deu
8/1/2011 4:39:30 PM OK D:\WINDOWS\system32\wavemsp.dll
8/1/2011 4:39:30 PM OK D:\WINDOWS\system32\w32time.dll
8/1/2011 4:39:30 PM OK D:\WINDOWS\system32\vssvc.exe
8/1/2011 4:39:30 PM OK D:\WINDOWS\system32\w3ssl.dll
8/1/2011 4:39:29 PM OK D:\WINDOWS\system32\w32topl.dll Object was not changed (iChecker)
8/1/2011 4:39:29 PM OK D:\WINDOWS\system32\w32tm.exe Object was not changed (iChecker)
8/1/2011 4:39:29 PM OK D:\WINDOWS\system32\vssapi.dll
8/1/2011 4:39:29 PM OK D:\WINDOWS\system32\vss_ps.dll Object was not changed (iChecker)
8/1/2011 4:39:29 PM OK D:\WINDOWS\system32\verifier.dll
8/1/2011 4:39:29 PM OK D:\WINDOWS\system32\View Channels.scf
8/1/2011 4:39:28 PM OK D:\WINDOWS\system32\vssadmin.exe Object was not changed (iChecker)
8/1/2011 4:39:28 PM OK D:\WINDOWS\system32\vjoy.dll Object was not changed (iChecker)
8/1/2011 4:39:28 PM OK D:\WINDOWS\system32\version.dll
8/1/2011 4:39:28 PM OK D:\WINDOWS\system32\vga64k.dll Object was not changed (iChecker)
8/1/2011 4:39:28 PM OK D:\WINDOWS\system32\vga256.dll Object was not changed (iChecker)
8/1/2011 4:39:28 PM OK D:\WINDOWS\system32\vga.drv
8/1/2011 4:39:28 PM OK D:\WINDOWS\system32\vga.dll Object was not changed (iChecker)
8/1/2011 4:39:28 PM OK D:\WINDOWS\system32\vfpodbc.dll Object was not changed (iChecker)
8/1/2011 4:39:28 PM OK D:\WINDOWS\system32\vbscript.dll
8/1/2011 4:39:28 PM OK D:\WINDOWS\system32\verifier.exe Object was not changed (iChecker)
8/1/2011 4:39:28 PM OK D:\WINDOWS\system32\ver.dll Object was not changed (iChecker)
8/1/2011 4:39:28 PM OK D:\WINDOWS\system32\vdmdbg.dll
8/1/2011 4:39:28 PM OK D:\WINDOWS\system32\vdmredir.dll
8/1/2011 4:39:27 PM OK D:\WINDOWS\system32\vbajet32.dll
8/1/2011 4:39:27 PM OK D:\WINDOWS\system32\vcdex.dll Object was not changed (iChecker)
8/1/2011 4:39:27 PM OK D:\WINDOWS\system32\vbisurf.ax
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\v7vga.rom
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\uxtheme.dll
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\utilman.exe
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\usp10.dll
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\user32.dll
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\utildll.dll Object was not changed (iChecker)
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\usrvpa.dll Object was not changed (iChecker)
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\usrvoica.dll Object was not changed (iChecker)
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\usrv80a.dll Object was not changed (iChecker)
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\usrv42a.dll Object was not changed (iChecker)
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\usrsvpia.dll Object was not changed (iChecker)
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\usrshuta.exe Object was not changed (iChecker)
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\usrsdpia.dll Object was not changed (iChecker)
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\usrrtosa.dll Object was not changed (iChecker)
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\usrprbda.exe Object was not changed (iChecker)
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\usrmlnka.exe Object was not changed (iChecker)
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\usrlbva.dll Object was not changed (iChecker)
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\usrfaxa.dll Object was not changed (iChecker)
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\usrdtea.dll Object was not changed (iChecker)
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\usrdpa.dll Object was not changed (iChecker)
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\usrcoina.dll Object was not changed (iChecker)
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\usrcntra.dll Object was not changed (iChecker)
8/1/2011 4:39:26 PM OK D:\WINDOWS\system32\userinit.exe
8/1/2011 4:39:25 PM OK D:\WINDOWS\system32\userenv.dll
8/1/2011 4:39:25 PM OK D:\WINDOWS\system32\urlmon.dll
8/1/2011 4:39:25 PM OK D:\WINDOWS\system32\usbmon.dll
8/1/2011 4:39:25 PM OK D:\WINDOWS\system32\user.exe Object was not changed (iChecker)
8/1/2011 4:39:25 PM OK D:\WINDOWS\system32\url.dll
8/1/2011 4:39:24 PM OK D:\WINDOWS\system32\ups.exe
8/1/2011 4:39:24 PM OK D:\WINDOWS\system32\upnphost.dll
8/1/2011 4:39:24 PM OK D:\WINDOWS\system32\ureg.dll Object was not changed (iChecker)
8/1/2011 4:39:24 PM OK D:\WINDOWS\system32\upnpui.dll
8/1/2011 4:39:24 PM OK D:\WINDOWS\system32\upnpcont.exe
8/1/2011 4:39:24 PM OK D:\WINDOWS\system32\untfs.dll
8/1/2011 4:39:24 PM OK D:\WINDOWS\system32\upnp.dll
8/1/2011 4:39:23 PM OK D:\WINDOWS\system32\uniplat.dll
8/1/2011 4:39:23 PM OK D:\WINDOWS\system32\unimdmat.dll
8/1/2011 4:39:23 PM OK D:\WINDOWS\system32\unlodctr.exe Object was not changed (iChecker)
8/1/2011 4:39:23 PM OK D:\WINDOWS\system32\unimdm.tsp
8/1/2011 4:39:23 PM OK D:\WINDOWS\system32\umpnpmgr.dll
8/1/2011 4:39:23 PM OK D:\WINDOWS\system32\unicode.nls
8/1/2011 4:39:23 PM OK D:\WINDOWS\system32\txflog.dll
8/1/2011 4:39:23 PM OK D:\WINDOWS\system32\ulib.dll
8/1/2011 4:39:23 PM OK D:\WINDOWS\system32\umdmxfrm.dll Object was not changed (iChecker)
8/1/2011 4:39:23 PM OK D:\WINDOWS\system32\umandlg.dll
8/1/2011 4:39:22 PM OK D:\WINDOWS\system32\udhisapi.dll
8/1/2011 4:39:22 PM OK D:\WINDOWS\system32\ufat.dll Object was not changed (iChecker)
8/1/2011 4:39:22 PM OK D:\WINDOWS\system32\twext.dll
8/1/2011 4:39:22 PM OK D:\WINDOWS\system32\typelib.dll Object was not changed (iChecker)
8/1/2011 4:39:22 PM OK D:\WINDOWS\system32\tsddd.dll
8/1/2011 4:39:21 PM OK D:\WINDOWS\system32\trkwks.dll
8/1/2011 4:39:21 PM OK D:\WINDOWS\system32\tssoft32.acm
8/1/2011 4:39:21 PM OK D:\WINDOWS\system32\tree.com
8/1/2011 4:39:21 PM OK D:\WINDOWS\system32\tsd32.dll Object was not changed (iChecker)
8/1/2011 4:39:21 PM OK D:\WINDOWS\system32\tsbyuv.dll Object was not changed (iChecker)
8/1/2011 4:39:21 PM OK D:\WINDOWS\system32\tsappcmp.dll Object was not changed (iChecker)
8/1/2011 4:39:21 PM OK D:\WINDOWS\system32\tourstart.exe
8/1/2011 4:39:21 PM OK D:\WINDOWS\system32\tracert.exe
8/1/2011 4:39:21 PM OK D:\WINDOWS\system32\traffic.dll Object was not changed (iChecker)
8/1/2011 4:39:21 PM OK D:\WINDOWS\system32\tracert6.exe Object was not changed (iChecker)
8/1/2011 4:39:21 PM OK D:\WINDOWS\system32\timer.drv
8/1/2011 4:39:21 PM OK D:\WINDOWS\system32\timedate.cpl
8/1/2011 4:39:20 PM OK D:\WINDOWS\system32\toolhelp.dll Object was not changed (iChecker)
8/1/2011 4:39:20 PM OK D:\WINDOWS\system32\themeui.dll
8/1/2011 4:39:20 PM OK D:\WINDOWS\system32\termmgr.dll
8/1/2011 4:39:20 PM OK D:\WINDOWS\system32\webfldrs.msi
8/1/2011 4:39:20 PM OK D:\WINDOWS\system32\telnet.exe
8/1/2011 4:39:20 PM OK D:\WINDOWS\system32\webfldrs.msi/Cabinet.1.CAB
8/1/2011 4:39:20 PM OK D:\WINDOWS\system32\tftp.exe Object was not changed (iChecker)
8/1/2011 4:39:20 PM OK D:\WINDOWS\system32\telephon.cpl
8/1/2011 4:39:20 PM OK D:\WINDOWS\system32\tdc.ocx
8/1/2011 4:39:20 PM OK D:\WINDOWS\system32\webfldrs.msi/Cabinet.1.CAB/pubplace.htt
8/1/2011 4:39:19 PM OK D:\WINDOWS\system32\tcpmonui.dll
8/1/2011 4:39:19 PM OK D:\WINDOWS\system32\tcpmon.dll
8/1/2011 4:39:19 PM OK D:\WINDOWS\system32\tcpsvcs.exe Object was not changed (iChecker)
8/1/2011 4:39:19 PM OK D:\WINDOWS\system32\tcpmon.ini
8/1/2011 4:39:19 PM OK D:\WINDOWS\system32\tcpmib.dll
8/1/2011 4:39:19 PM OK D:\WINDOWS\system32\webfldrs.msi/Cabinet.1.CAB/msows409.dll Object was not changed (iChecker)
8/1/2011 4:39:19 PM OK D:\WINDOWS\system32\taskmgr.exe
8/1/2011 4:39:19 PM OK D:\WINDOWS\system32\tapi32.dll
8/1/2011 4:39:19 PM OK D:\WINDOWS\system32\tcmsetup.exe Object was not changed (iChecker)
8/1/2011 4:39:19 PM OK D:\WINDOWS\system32\tapisrv.dll
8/1/2011 4:39:18 PM OK D:\WINDOWS\system32\webfldrs.msi/Cabinet.1.CAB/msonsext.dll Object was not changed (iChecker)
8/1/2011 4:39:18 PM OK D:\WINDOWS\system32\taskman.exe Object was not changed (iChecker)
8/1/2011 4:39:18 PM OK D:\WINDOWS\system32\tapiui.dll Object was not changed (iChecker)
8/1/2011 4:39:18 PM OK D:\WINDOWS\system32\syssetup.dll
8/1/2011 4:39:18 PM OK D:\WINDOWS\system32\tapiperf.dll Object was not changed (iChecker)
8/1/2011 4:39:18 PM OK D:\WINDOWS\system32\tapi3.dll
8/1/2011 4:39:18 PM OK D:\WINDOWS\system32\t2embed.dll
8/1/2011 4:39:18 PM OK D:\WINDOWS\system32\webfldrs.msi/Cabinet.1.CAB/msdapml.dll Object was not changed (iChecker)
8/1/2011 4:39:18 PM OK D:\WINDOWS\system32\tapi.dll Object was not changed (iChecker)
8/1/2011 4:39:18 PM OK D:\WINDOWS\system32\system.drv
8/1/2011 4:39:17 PM OK D:\WINDOWS\system32\systray.exe Object was not changed (iChecker)
8/1/2011 4:39:17 PM OK D:\WINDOWS\system32\sysocmgr.exe
8/1/2011 4:39:17 PM OK D:\WINDOWS\system32\sysprtj.sep
8/1/2011 4:39:17 PM OK D:\WINDOWS\system32\webfldrs.msi/Cabinet.1.CAB/msdaipp.dll Object was not changed (iChecker)
8/1/2011 4:39:17 PM OK D:\WINDOWS\system32\sysmon.ocx
8/1/2011 4:39:17 PM OK D:\WINDOWS\system32\sysprint.sep
8/1/2011 4:39:17 PM OK D:\WINDOWS\system32\syncui.dll
8/1/2011 4:39:17 PM OK D:\WINDOWS\system32\webfldrs.msi/Cabinet.1.CAB/fpext.msg
8/1/2011 4:39:17 PM OK D:\WINDOWS\system32\sysdm.cpl
8/1/2011 4:39:16 PM OK D:\WINDOWS\system32\syskey.exe Object was not changed (iChecker)
8/1/2011 4:39:16 PM OK D:\WINDOWS\system32\sysinv.dll Object was not changed (iChecker)
8/1/2011 4:39:16 PM OK D:\WINDOWS\system32\sysedit.exe Object was not changed (iChecker)
8/1/2011 4:39:16 PM OK D:\WINDOWS\system32\synceng.dll
8/1/2011 4:39:16 PM OK D:\WINDOWS\system32\sxs.dll
8/1/2011 4:39:16 PM OK D:\WINDOWS\system32\webfldrs.msi/Cabinet.1.CAB/fp4awec.dll Object was not changed (iChecker)
8/1/2011 4:39:16 PM OK D:\WINDOWS\system32\svchost.exe
8/1/2011 4:39:15 PM OK D:\WINDOWS\system32\webfldrs.msi/Cabinet.1.CAB/fp4autl.dll Object was not changed (iChecker)
8/1/2011 4:39:15 PM OK D:\WINDOWS\system32\syncapp.exe Object was not changed (iChecker)
8/1/2011 4:39:15 PM OK D:\WINDOWS\system32\strmdll.dll
8/1/2011 4:39:15 PM OK D:\WINDOWS\system32\swprv.dll Object was not changed (iChecker)
8/1/2011 4:39:15 PM OK D:\WINDOWS\system32\svcpack.dll Object was not changed (iChecker)
8/1/2011 4:39:15 PM OK D:\WINDOWS\system32\strmfilt.dll
8/1/2011 4:39:15 PM OK D:\WINDOWS\system32\subst.exe Object was not changed (iChecker)
8/1/2011 4:39:15 PM OK D:\WINDOWS\system32\stobject.dll
8/1/2011 4:39:15 PM Archive: CAB D:\WINDOWS\system32\webfldrs.msi/Cabinet.1.CAB
8/1/2011 4:39:15 PM OK D:\WINDOWS\system32\sti_ci.dll
8/1/2011 4:39:15 PM OK D:\WINDOWS\system32\streamci.dll Object was not changed (iChecker)
8/1/2011 4:39:15 PM OK D:\WINDOWS\system32\storage.dll Object was not changed (iChecker)
8/1/2011 4:39:15 PM OK D:\WINDOWS\system32\sti.dll
8/1/2011 4:39:15 PM OK D:\WINDOWS\system32\stimon.exe
8/1/2011 4:39:14 PM OK D:\WINDOWS\system32\webfldrs.msi/places.exe Object was not changed (iChecker)
8/1/2011 4:39:14 PM OK D:\WINDOWS\system32\stdole32.tlb
8/1/2011 4:39:14 PM Archive: Embedded D:\WINDOWS\system32\webfldrs.msi
8/1/2011 4:39:14 PM OK D:\WINDOWS\system32\stdole2.tlb
8/1/2011 4:39:14 PM OK D:\WINDOWS\system32\sstext3d.scr
8/1/2011 4:39:14 PM OK D:\WINDOWS\system32\sspipes.scr
8/1/2011 4:39:14 PM OK D:\WINDOWS\system32\ssstars.scr
8/1/2011 4:39:13 PM OK D:\WINDOWS\system32\ssmyst.scr
8/1/2011 4:39:13 PM OK D:\WINDOWS\system32\ssflwbox.scr
8/1/2011 4:39:13 PM OK D:\WINDOWS\system32\ssmypics.scr
8/1/2011 4:39:13 PM OK D:\WINDOWS\system32\ssmarque.scr
8/1/2011 4:39:12 PM OK D:\WINDOWS\system32\ssdpsrv.dll
8/1/2011 4:39:12 PM OK D:\WINDOWS\system32\ss3dfo.scr
8/1/2011 4:39:12 PM OK D:\WINDOWS\system32\ssdpapi.dll
8/1/2011 4:39:11 PM OK D:\WINDOWS\system32\ssbezier.scr
8/1/2011 4:39:11 PM OK D:\WINDOWS\system32\srvsvc.dll
8/1/2011 4:39:11 PM OK D:\WINDOWS\system32\sqlunirl.dll
8/1/2011 4:39:11 PM OK D:\WINDOWS\system32\sqlsrv32.dll
8/1/2011 4:39:10 PM OK D:\WINDOWS\system32\sqlwoa.dll Object was not changed (iChecker)
8/1/2011 4:39:10 PM OK D:\WINDOWS\system32\sqlwid.dll Object was not changed (iChecker)
8/1/2011 4:39:10 PM OK D:\WINDOWS\system32\sqlsrv32.rll
8/1/2011 4:39:10 PM OK D:\WINDOWS\system32\spoolsv.exe
8/1/2011 4:39:10 PM OK D:\WINDOWS\system32\spoolss.dll
8/1/2011 4:39:10 PM OK D:\WINDOWS\system32\sprio800.dll Object was not changed (iChecker)
8/1/2011 4:39:10 PM OK D:\WINDOWS\system32\sprio600.dll Object was not changed (iChecker)
8/1/2011 4:39:10 PM OK D:\WINDOWS\system32\sprestrt.exe Object was not changed (iChecker)
8/1/2011 4:39:10 PM OK D:\WINDOWS\system32\spnpinst.exe
8/1/2011 4:39:10 PM OK D:\WINDOWS\system32\spnpinst.exe/#
8/1/2011 4:39:09 PM OK D:\WINDOWS\system32\sort.exe
8/1/2011 4:39:09 PM OK D:\WINDOWS\system32\sound.drv
8/1/2011 4:39:09 PM OK D:\WINDOWS\system32\spnike.dll Object was not changed (iChecker)
8/1/2011 4:39:09 PM OK D:\WINDOWS\system32\sorttbls.nls
8/1/2011 4:39:09 PM OK D:\WINDOWS\system32\snmpsnap.dll
8/1/2011 4:39:09 PM OK D:\WINDOWS\system32\sortkey.nls
8/1/2011 4:39:08 PM OK D:\WINDOWS\system32\snmpapi.dll
8/1/2011 4:39:08 PM OK D:\WINDOWS\system32\softpub.dll Object was not changed (iChecker)
8/1/2011 4:39:08 PM OK D:\WINDOWS\system32\smss.exe
8/1/2011 4:39:08 PM OK D:\WINDOWS\system32\smlogsvc.exe
8/1/2011 4:39:08 PM OK D:\WINDOWS\system32\slbiop.dll
8/1/2011 4:39:08 PM OK D:\WINDOWS\system32\smlogcfg.dll
8/1/2011 4:39:07 PM OK D:\WINDOWS\system32\smbinst.exe
8/1/2011 4:39:07 PM OK D:\WINDOWS\system32\sl_anet.acm
8/1/2011 4:39:07 PM OK D:\WINDOWS\system32\skeys.exe
8/1/2011 4:39:07 PM OK D:\WINDOWS\system32\slbrccsp.dll Object was not changed (iChecker)
8/1/2011 4:39:07 PM OK D:\WINDOWS\system32\slayerxp.dll
8/1/2011 4:39:07 PM OK D:\WINDOWS\system32\slbcsp.dll Object was not changed (iChecker)
8/1/2011 4:39:07 PM OK D:\WINDOWS\system32\sigverif.exe
8/1/2011 4:39:06 PM OK D:\WINDOWS\system32\shsvcs.dll
8/1/2011 4:39:06 PM OK D:\WINDOWS\system32\skdll.dll Object was not changed (iChecker)
8/1/2011 4:39:06 PM OK D:\WINDOWS\system32\sisbkup.dll Object was not changed (iChecker)
8/1/2011 4:39:06 PM OK D:\WINDOWS\system32\simpdata.tlb
8/1/2011 4:39:06 PM OK D:\WINDOWS\system32\sigtab.dll
8/1/2011 4:39:06 PM OK D:\WINDOWS\system32\shutdown.exe
8/1/2011 4:39:05 PM OK D:\WINDOWS\system32\shscrap.dll
8/1/2011 4:39:05 PM OK D:\WINDOWS\system32\shrpubw.exe
8/1/2011 4:39:04 PM OK D:\WINDOWS\system32\shmgrate.exe
8/1/2011 4:39:04 PM OK D:\WINDOWS\system32\shlwapi.dll
8/1/2011 4:39:04 PM OK D:\WINDOWS\system32\sqlsodbc.chm
8/1/2011 4:39:04 PM OK D:\WINDOWS\system32\sqlsodbc.chm/Basics/coC.gif
8/1/2011 4:39:04 PM OK D:\WINDOWS\system32\shimgvw.dll
8/1/2011 4:39:04 PM OK D:\WINDOWS\system32\sqlsodbc.chm/Basics/caution.gif
8/1/2011 4:39:04 PM OK D:\WINDOWS\system32\shmedia.dll
8/1/2011 4:39:04 PM OK D:\WINDOWS\system32\sqlsodbc.chm/_sql_server_login_dialog_box.htm
8/1/2011 4:39:03 PM OK D:\WINDOWS\system32\shimeng.dll
8/1/2011 4:39:03 PM OK D:\WINDOWS\system32\shell32.dll
8/1/2011 4:39:03 PM OK D:\WINDOWS\system32\sqlsodbc.chm/_sql_server_2000_copyright_and_disclaimer.htm
8/1/2011 4:39:03 PM OK D:\WINDOWS\system32\shgina.dll
8/1/2011 4:39:03 PM OK D:\WINDOWS\system32\sqlsodbc.chm/_data_source_wizard_screen_4.htm
8/1/2011 4:39:03 PM OK D:\WINDOWS\system32\shfolder.dll
8/1/2011 4:39:03 PM OK D:\WINDOWS\system32\sqlsodbc.chm/_data_source_wizard_screen_3.htm
8/1/2011 4:39:02 PM OK D:\WINDOWS\system32\shdocvw.dll
8/1/2011 4:39:02 PM OK D:\WINDOWS\system32\shellstyle.dll Object was not changed (iChecker)
8/1/2011 4:39:02 PM OK D:\WINDOWS\system32\sfc_os.dll
8/1/2011 4:39:02 PM OK D:\WINDOWS\system32\sqlsodbc.chm/_data_source_wizard_screen_2.htm
8/1/2011 4:39:02 PM OK D:\WINDOWS\system32\sqlsodbc.chm/_data_source_wizard_screen_1.htm
8/1/2011 4:39:02 PM OK D:\WINDOWS\system32\shell.dll Object was not changed (iChecker)
8/1/2011 4:39:02 PM OK D:\WINDOWS\system32\shdoclc.dll
8/1/2011 4:39:01 PM OK D:\WINDOWS\system32\sqlsodbc.chm/#TOCIDX
8/1/2011 4:39:01 PM OK D:\WINDOWS\system32\sfcfiles.dll
8/1/2011 4:39:01 PM OK D:\WINDOWS\system32\share.exe Object was not changed (iChecker)
8/1/2011 4:39:01 PM OK D:\WINDOWS\system32\sfmapi.dll Object was not changed (iChecker)
8/1/2011 4:39:01 PM OK D:\WINDOWS\system32\setupapi.dll
8/1/2011 4:39:01 PM OK D:\WINDOWS\system32\setup.exe
8/1/2011 4:39:01 PM OK D:\WINDOWS\system32\sqlsodbc.chm/#IVB
8/1/2011 4:39:01 PM OK D:\WINDOWS\system32\sfc.exe Object was not changed (iChecker)
8/1/2011 4:39:01 PM OK D:\WINDOWS\system32\sfc.dll
8/1/2011 4:39:01 PM Archive: CHM D:\WINDOWS\system32\sqlsodbc.chm
8/1/2011 4:39:00 PM OK D:\WINDOWS\system32\setver.exe Object was not changed (iChecker)
8/1/2011 4:39:00 PM OK D:\WINDOWS\system32\setupdll.dll Object was not changed (iChecker)
8/1/2011 4:39:00 PM OK D:\WINDOWS\system32\sethc.exe
8/1/2011 4:39:00 PM OK D:\WINDOWS\system32\services.exe
8/1/2011 4:39:00 PM OK D:\WINDOWS\system32\setup.bmp
8/1/2011 4:39:00 PM OK D:\WINDOWS\system32\services.msc
8/1/2011 4:38:59 PM OK D:\WINDOWS\system32\serwvdrv.dll Object was not changed (iChecker)
8/1/2011 4:38:59 PM OK D:\WINDOWS\system32\sendcmsg.dll
8/1/2011 4:38:59 PM OK D:\WINDOWS\system32\sendmail.dll
8/1/2011 4:38:59 PM OK D:\WINDOWS\system32\serialui.dll Object was not changed (iChecker)
8/1/2011 4:38:59 PM OK D:\WINDOWS\system32\senscfg.dll Object was not changed (iChecker)
8/1/2011 4:38:59 PM OK D:\WINDOWS\system32\sensapi.dll
8/1/2011 4:38:59 PM OK D:\WINDOWS\system32\sens.dll
8/1/2011 4:38:58 PM OK D:\WINDOWS\system32\secur32.dll
8/1/2011 4:38:58 PM OK D:\WINDOWS\system32\security.dll
8/1/2011 4:38:58 PM OK D:\WINDOWS\system32\seclogon.dll
8/1/2011 4:38:58 PM OK D:\WINDOWS\system32\secupd.dat
8/1/2011 4:38:58 PM OK D:\WINDOWS\system32\secupd.sig
8/1/2011 4:38:57 PM OK D:\WINDOWS\system32\scrobj.dll
8/1/2011 4:38:57 PM OK D:\WINDOWS\system32\sdbinst.exe
8/1/2011 4:38:57 PM OK D:\WINDOWS\system32\sdpblb.dll Object was not changed (iChecker)
8/1/2011 4:38:57 PM OK D:\WINDOWS\system32\sdhcinst.dll Object was not changed (iChecker)
8/1/2011 4:38:57 PM OK D:\WINDOWS\system32\scrrun.dll
8/1/2011 4:38:56 PM OK D:\WINDOWS\system32\sclgntfy.dll
8/1/2011 4:38:56 PM OK D:\WINDOWS\system32\scrnsave.scr
8/1/2011 4:38:55 PM OK D:\WINDOWS\system32\scesrv.dll
8/1/2011 4:38:55 PM OK D:\WINDOWS\system32\scredir.dll Object was not changed (iChecker)
8/1/2011 4:38:55 PM OK D:\WINDOWS\system32\schannel.dll
8/1/2011 4:38:55 PM OK D:\WINDOWS\system32\scecli.dll
8/1/2011 4:38:54 PM OK D:\WINDOWS\system32\sccsccp.dll
8/1/2011 4:38:54 PM OK D:\WINDOWS\system32\scardsvr.exe
8/1/2011 4:38:54 PM OK D:\WINDOWS\system32\scarddlg.dll
8/1/2011 4:38:54 PM OK D:\WINDOWS\system32\sccbase.dll Object was not changed (iChecker)
8/1/2011 4:38:54 PM OK D:\WINDOWS\system32\sc.exe
8/1/2011 4:38:53 PM OK D:\WINDOWS\system32\scardssp.dll Object was not changed (iChecker)
8/1/2011 4:38:53 PM OK D:\WINDOWS\system32\sbe.dll
8/1/2011 4:38:53 PM OK D:\WINDOWS\system32\sbeio.dll
8/1/2011 4:38:53 PM OK D:\WINDOWS\system32\savedump.exe
8/1/2011 4:38:53 PM OK D:\WINDOWS\system32\samsrv.dll
8/1/2011 4:38:52 PM OK D:\WINDOWS\system32\samlib.dll
8/1/2011 4:38:52 PM OK D:\WINDOWS\system32\runonce.exe
8/1/2011 4:38:52 PM OK D:\WINDOWS\system32\rundll32.exe
8/1/2011 4:38:52 PM OK D:\WINDOWS\system32\rtutils.dll
8/1/2011 4:38:51 PM OK D:\WINDOWS\system32\rsvpsp.dll
8/1/2011 4:38:51 PM OK D:\WINDOWS\system32\runas.exe Object was not changed (iChecker)
8/1/2011 4:38:51 PM OK D:\WINDOWS\system32\rtcshare.exe
8/1/2011 4:38:51 PM OK D:\WINDOWS\system32\rtm.dll Object was not changed (iChecker)
8/1/2011 4:38:51 PM OK D:\WINDOWS\system32\rtipxmib.dll
8/1/2011 4:38:50 PM OK D:\WINDOWS\system32\rsvp.ini
8/1/2011 4:38:50 PM OK D:\WINDOWS\system32\rsvpcnts.h
8/1/2011 4:38:50 PM OK D:\WINDOWS\system32\rsvpperf.dll Object was not changed (iChecker)
8/1/2011 4:38:50 PM OK D:\WINDOWS\system32\rsvpmsg.dll Object was not changed (iChecker)
8/1/2011 4:38:50 PM OK D:\WINDOWS\system32\rsmps.dll
8/1/2011 4:38:50 PM OK D:\WINDOWS\system32\rsaenh.dll
8/1/2011 4:38:50 PM OK D:\WINDOWS\system32\rsvp.exe Object was not changed (iChecker)
8/1/2011 4:38:50 PM OK D:\WINDOWS\system32\rsmui.exe Object was not changed (iChecker)
8/1/2011 4:38:50 PM OK D:\WINDOWS\system32\rsmsink.exe Object was not changed (iChecker)
8/1/2011 4:38:50 PM OK D:\WINDOWS\system32\rshx32.dll
8/1/2011 4:38:50 PM OK D:\WINDOWS\system32\rsm.exe Object was not changed (iChecker)
8/1/2011 4:38:50 PM OK D:\WINDOWS\system32\rsh.exe
8/1/2011 4:38:50 PM OK D:\WINDOWS\system32\rsaci.rat
8/1/2011 4:38:49 PM OK D:\WINDOWS\system32\rpcss.dll
8/1/2011 4:38:49 PM OK D:\WINDOWS\system32\riched20.dll
8/1/2011 4:38:49 PM OK D:\WINDOWS\system32\rpcrt4.dll
8/1/2011 4:38:49 PM OK D:\WINDOWS\system32\rcbdyctl.dll
8/1/2011 4:38:48 PM OK D:\WINDOWS\system32\rpcns4.dll Object was not changed (iChecker)
8/1/2011 4:38:48 PM OK D:\WINDOWS\system32\routetab.dll Object was not changed (iChecker)
8/1/2011 4:38:48 PM OK D:\WINDOWS\system32\routemon.exe Object was not changed (iChecker)
8/1/2011 4:38:48 PM OK D:\WINDOWS\system32\route.exe Object was not changed (iChecker)
8/1/2011 4:38:48 PM OK D:\WINDOWS\system32\rnr20.dll Object was not changed (iChecker)
8/1/2011 4:38:48 PM OK D:\WINDOWS\system32\riched32.dll Object was not changed (iChecker)
8/1/2011 4:38:48 PM OK D:\WINDOWS\system32\resutils.dll
8/1/2011 4:38:48 PM OK D:\WINDOWS\system32\rexec.exe
8/1/2011 4:38:48 PM OK D:\WINDOWS\system32\remotesp.tsp
8/1/2011 4:38:48 PM OK D:\WINDOWS\system32\replace.exe Object was not changed (iChecker)
8/1/2011 4:38:48 PM OK D:\WINDOWS\system32\rend.dll Object was not changed (iChecker)
8/1/2011 4:38:48 PM OK D:\WINDOWS\system32\regwizc.dll
8/1/2011 4:38:47 PM OK D:\WINDOWS\system32\regsvr32.exe
8/1/2011 4:38:47 PM OK D:\WINDOWS\system32\regwiz.exe Object was not changed (iChecker)
8/1/2011 4:38:47 PM OK D:\WINDOWS\system32\regsvc.dll
8/1/2011 4:38:46 PM OK D:\WINDOWS\system32\regapi.dll
8/1/2011 4:38:46 PM OK D:\WINDOWS\system32\regedt32.exe Object was not changed (iChecker)
8/1/2011 4:38:46 PM OK D:\WINDOWS\system32\reg.exe
8/1/2011 4:38:45 PM OK D:\WINDOWS\system32\rdpdd.dll
8/1/2011 4:38:45 PM OK D:\WINDOWS\system32\redir.exe Object was not changed (iChecker)
8/1/2011 4:38:45 PM OK D:\WINDOWS\system32\recover.exe Object was not changed (iChecker)
8/1/2011 4:38:45 PM OK D:\WINDOWS\system32\rcp.exe
8/1/2011 4:38:45 PM OK D:\WINDOWS\system32\rcimlby.exe
8/1/2011 4:38:45 PM OK D:\WINDOWS\system32\query.dll
8/1/2011 4:38:44 PM OK D:\WINDOWS\system32\rastls.dll
8/1/2011 4:38:44 PM OK D:\WINDOWS\system32\rastapi.dll
8/1/2011 4:38:44 PM OK D:\WINDOWS\system32\rassapi.dll
8/1/2011 4:38:44 PM OK D:\WINDOWS\system32\rasser.dll Object was not changed (iChecker)
8/1/2011 4:38:44 PM OK D:\WINDOWS\system32\rasppp.dll
8/1/2011 4:38:43 PM OK D:\WINDOWS\system32\rasrad.dll Object was not changed (iChecker)
8/1/2011 4:38:43 PM OK D:\WINDOWS\system32\rasphone.exe
8/1/2011 4:38:43 PM OK D:\WINDOWS\system32\rasmans.dll
8/1/2011 4:38:42 PM OK D:\WINDOWS\system32\rasmxs.dll Object was not changed (iChecker)
8/1/2011 4:38:42 PM OK D:\WINDOWS\system32\rasmontr.dll Object was not changed (iChecker)
8/1/2011 4:38:42 PM OK D:\WINDOWS\system32\rasman.dll
8/1/2011 4:38:42 PM OK D:\WINDOWS\system32\rasdlg.dll
8/1/2011 4:38:42 PM OK D:\WINDOWS\system32\rasctrs.ini
8/1/2011 4:38:41 PM OK D:\WINDOWS\system32\rasdial.exe Object was not changed (iChecker)
8/1/2011 4:38:41 PM OK D:\WINDOWS\system32\rasctrnm.h
8/1/2011 4:38:41 PM OK D:\WINDOWS\system32\rasctrs.dll Object was not changed (iChecker)
8/1/2011 4:38:41 PM OK D:\WINDOWS\system32\rasauto.dll
8/1/2011 4:38:41 PM OK D:\WINDOWS\system32\raschap.dll
8/1/2011 4:38:41 PM OK D:\WINDOWS\system32\rasautou.exe Object was not changed (iChecker)
8/1/2011 4:38:41 PM OK D:\WINDOWS\system32\quartz.dll
8/1/2011 4:38:41 PM OK D:\WINDOWS\system32\rasapi32.dll
8/1/2011 4:38:40 PM OK D:\WINDOWS\system32\rasadhlp.dll
8/1/2011 4:38:39 PM OK D:\WINDOWS\system32\qedit.dll
8/1/2011 4:38:39 PM OK D:\WINDOWS\system32\qedwipes.dll
8/1/2011 4:38:38 PM OK D:\WINDOWS\system32\qosname.dll Object was not changed (iChecker)
8/1/2011 4:38:38 PM OK D:\WINDOWS\system32\qdvd.dll
8/1/2011 4:38:38 PM OK D:\WINDOWS\system32\qdv.dll
8/1/2011 4:38:38 PM OK D:\WINDOWS\system32\qcap.dll
8/1/2011 4:38:37 PM OK D:\WINDOWS\system32\qasf.dll
8/1/2011 4:38:37 PM OK D:\WINDOWS\system32\pubprn.vbs
8/1/2011 4:38:37 PM OK D:\WINDOWS\system32\pstorsvc.dll
8/1/2011 4:38:37 PM OK D:\WINDOWS\system32\pstorec.dll
8/1/2011 4:38:37 PM OK D:\WINDOWS\system32\pscript.sep
8/1/2011 4:38:37 PM OK D:\WINDOWS\system32\pschdprf.ini
8/1/2011 4:38:37 PM OK D:\WINDOWS\system32\psnppagn.dll Object was not changed (iChecker)
8/1/2011 4:38:37 PM OK D:\WINDOWS\system32\pschdcnt.h
8/1/2011 4:38:37 PM OK D:\WINDOWS\system32\psbase.dll
8/1/2011 4:38:37 PM OK D:\WINDOWS\system32\pschdprf.dll Object was not changed (iChecker)
8/1/2011 4:38:37 PM OK D:\WINDOWS\system32\psapi.dll
8/1/2011 4:38:37 PM OK D:\WINDOWS\system32\proquota.exe
8/1/2011 4:38:36 PM OK D:\WINDOWS\system32\proxycfg.exe
8/1/2011 4:38:36 PM OK D:\WINDOWS\system32\progman.exe
8/1/2011 4:38:36 PM OK D:\WINDOWS\system32\profmap.dll
8/1/2011 4:38:36 PM OK D:\WINDOWS\system32\proctexe.ocx
8/1/2011 4:38:36 PM OK D:\WINDOWS\system32\prodspec.ini
8/1/2011 4:38:36 PM OK D:\WINDOWS\system32\printui.dll
8/1/2011 4:38:36 PM OK D:\WINDOWS\system32\print.exe Object was not changed (iChecker)
8/1/2011 4:38:36 PM OK D:\WINDOWS\system32\powrprof.dll
8/1/2011 4:38:36 PM OK D:\WINDOWS\system32\prflbmsg.dll Object was not changed (iChecker)
8/1/2011 4:38:36 PM OK D:\WINDOWS\system32\powercfg.exe
8/1/2011 4:38:36 PM OK D:\WINDOWS\system32\powercfg.cpl
8/1/2011 4:38:36 PM OK D:\WINDOWS\system32\polstore.dll
8/1/2011 4:38:36 PM OK D:\WINDOWS\system32\pnrpnsp.dll
8/1/2011 4:38:36 PM OK D:\WINDOWS\system32\pngfilt.dll
8/1/2011 4:38:35 PM OK D:\WINDOWS\system32\plugin.ocx
8/1/2011 4:38:35 PM OK D:\WINDOWS\system32\pmspl.dll Object was not changed (iChecker)
8/1/2011 4:38:35 PM OK D:\WINDOWS\system32\plustab.dll Object was not changed (iChecker)
8/1/2011 4:38:35 PM OK D:\WINDOWS\system32\ping.exe
8/1/2011 4:38:35 PM OK D:\WINDOWS\system32\pjlmon.dll Object was not changed (iChecker)
8/1/2011 4:38:35 PM OK D:\WINDOWS\system32\ping6.exe Object was not changed (iChecker)
8/1/2011 4:38:35 PM OK D:\WINDOWS\system32\pidgen.dll
8/1/2011 4:38:35 PM OK D:\WINDOWS\system32\pifmgr.dll Object was not changed (iChecker)
8/1/2011 4:38:35 PM OK D:\WINDOWS\system32\photowiz.dll
8/1/2011 4:38:35 PM OK D:\WINDOWS\system32\pid.dll Object was not changed (iChecker)
8/1/2011 4:38:35 PM OK D:\WINDOWS\system32\perfwci.ini
8/1/2011 4:38:35 PM OK D:\WINDOWS\system32\perfwci.h
8/1/2011 4:38:35 PM OK D:\WINDOWS\system32\perfts.dll Object was not changed (iChecker)
8/1/2011 4:38:35 PM OK D:\WINDOWS\system32\perfproc.dll
8/1/2011 4:38:35 PM OK D:\WINDOWS\system32\perfnet.dll
8/1/2011 4:38:35 PM OK D:\WINDOWS\system32\perfos.dll
8/1/2011 4:38:35 PM OK D:\WINDOWS\system32\perfmon.msc
8/1/2011 4:38:34 PM OK D:\WINDOWS\system32\perfmon.exe
8/1/2011 4:38:34 PM OK D:\WINDOWS\system32\perfi009.dat
8/1/2011 4:38:34 PM OK D:\WINDOWS\system32\perfh009.dat
8/1/2011 4:38:34 PM OK D:\WINDOWS\system32\perffilt.ini
8/1/2011 4:38:34 PM OK D:\WINDOWS\system32\perfdisk.dll
8/1/2011 4:38:34 PM OK D:\WINDOWS\system32\perffilt.h
8/1/2011 4:38:34 PM OK D:\WINDOWS\system32\perfctrs.dll
8/1/2011 4:38:34 PM OK D:\WINDOWS\system32\perfd009.dat
8/1/2011 4:38:34 PM OK D:\WINDOWS\system32\perfci.ini
8/1/2011 4:38:34 PM OK D:\WINDOWS\system32\perfci.h
8/1/2011 4:38:34 PM OK D:\WINDOWS\system32\perfc009.dat
8/1/2011 4:38:34 PM OK D:\WINDOWS\system32\pdh.dll
8/1/2011 4:38:34 PM OK D:\WINDOWS\system32\pentnt.exe Object was not changed (iChecker)
8/1/2011 4:38:24 PM OK D:\WINDOWS\system32\pcl.sep
8/1/2011 4:38:24 PM OK D:\WINDOWS\system32\pautoenr.dll
8/1/2011 4:38:24 PM OK D:\WINDOWS\system32\pathping.exe Object was not changed (iChecker)
8/1/2011 4:38:24 PM OK D:\WINDOWS\system32\paqsp.dll Object was not changed (iChecker)
8/1/2011 4:38:24 PM OK D:\WINDOWS\system32\packager.exe
8/1/2011 4:38:24 PM OK D:\WINDOWS\system32\panmap.dll Object was not changed (iChecker)
8/1/2011 4:38:24 PM OK D:\WINDOWS\system32\p2psvc.dll
8/1/2011 4:38:24 PM OK D:\WINDOWS\system32\p2pgraph.dll
8/1/2011 4:38:24 PM OK D:\WINDOWS\system32\p2pnetsh.dll
8/1/2011 4:38:24 PM OK D:\WINDOWS\system32\p2pgasvc.dll
8/1/2011 4:38:24 PM OK D:\WINDOWS\system32\p2p.dll
8/1/2011 4:38:24 PM OK D:\WINDOWS\system32\osk.exe
8/1/2011 4:38:24 PM OK D:\WINDOWS\system32\osuninst.exe Object was not changed (iChecker)
8/1/2011 4:38:23 PM OK D:\WINDOWS\system32\osuninst.dll
8/1/2011 4:38:22 PM OK D:\WINDOWS\system32\opengl32.dll
8/1/2011 4:38:22 PM OK D:\WINDOWS\system32\olethk32.dll Object was not changed (iChecker)
8/1/2011 4:38:22 PM OK D:\WINDOWS\system32\olesvr32.dll Object was not changed (iChecker)
8/1/2011 4:38:22 PM OK D:\WINDOWS\system32\olesvr.dll Object was not changed (iChecker)
8/1/2011 4:38:22 PM OK D:\WINDOWS\system32\olepro32.dll
8/1/2011 4:38:22 PM OK D:\WINDOWS\system32\oleprn.dll
8/1/2011 4:38:22 PM OK D:\WINDOWS\system32\oledlg.dll
8/1/2011 4:38:22 PM OK D:\WINDOWS\system32\olecnv32.dll
8/1/2011 4:38:22 PM OK D:\WINDOWS\system32\olecli32.dll
8/1/2011 4:38:22 PM OK D:\WINDOWS\system32\olecli.dll Object was not changed (iChecker)
8/1/2011 4:38:22 PM OK D:\WINDOWS\system32\oleaut32.dll
8/1/2011 4:38:21 PM OK D:\WINDOWS\system32\oleaccrc.dll Object was not changed (iChecker)
8/1/2011 4:38:21 PM OK D:\WINDOWS\system32\oleacc.dll Object was not changed (iChecker)
8/1/2011 4:38:21 PM OK D:\WINDOWS\system32\ole32.dll
8/1/2011 4:38:21 PM OK D:\WINDOWS\system32\ole2nls.dll Object was not changed (iChecker)
8/1/2011 4:38:21 PM OK D:\WINDOWS\system32\ole2disp.dll Object was not changed (iChecker)
8/1/2011 4:38:21 PM OK D:\WINDOWS\system32\offfilt.dll
8/1/2011 4:38:21 PM OK D:\WINDOWS\system32\ole2.dll Object was not changed (iChecker)
8/1/2011 4:38:21 PM OK D:\WINDOWS\system32\oembios.dat
8/1/2011 4:38:21 PM OK D:\WINDOWS\system32\oembios.sig
8/1/2011 4:38:21 PM OK D:\WINDOWS\system32\oembios.bin
8/1/2011 4:38:20 PM OK D:\WINDOWS\system32\odtext32.dll
8/1/2011 4:38:20 PM OK D:\WINDOWS\system32\odpdx32.dll
8/1/2011 4:38:20 PM OK D:\WINDOWS\system32\odfox32.dll
8/1/2011 4:38:20 PM OK D:\WINDOWS\system32\odexl32.dll
8/1/2011 4:38:20 PM OK D:\WINDOWS\system32\oddbse32.dll
8/1/2011 4:38:20 PM OK D:\WINDOWS\system32\odbctrac.dll
8/1/2011 4:38:20 PM OK D:\WINDOWS\system32\odbcp32r.dll
8/1/2011 4:38:20 PM OK D:\WINDOWS\system32\odbcjt32.dll
8/1/2011 4:38:20 PM OK D:\WINDOWS\system32\odbcji32.dll
8/1/2011 4:38:20 PM OK D:\WINDOWS\system32\odbcint.dll
8/1/2011 4:38:20 PM OK D:\WINDOWS\system32\odbccu32.dll
8/1/2011 4:38:20 PM OK D:\WINDOWS\system32\odbccr32.dll
8/1/2011 4:38:20 PM OK D:\WINDOWS\system32\odbccp32.dll
8/1/2011 4:38:20 PM OK D:\WINDOWS\system32\odbccp32.cpl
8/1/2011 4:38:19 PM OK D:\WINDOWS\system32\odbcconf.exe
8/1/2011 4:38:19 PM OK D:\WINDOWS\system32\odbcconf.rsp
8/1/2011 4:38:19 PM OK D:\WINDOWS\system32\odbcconf.dll
8/1/2011 4:38:19 PM OK D:\WINDOWS\system32\odbcbcp.dll
8/1/2011 4:38:19 PM OK D:\WINDOWS\system32\odbcad32.exe
8/1/2011 4:38:19 PM OK D:\WINDOWS\system32\odbc32gt.dll
8/1/2011 4:38:19 PM OK D:\WINDOWS\system32\odbc32.dll
8/1/2011 4:38:19 PM OK D:\WINDOWS\system32\odbc16gt.dll Object was not changed (iChecker)
8/1/2011 4:38:19 PM OK D:\WINDOWS\system32\ocmanage.dll
8/1/2011 4:38:19 PM OK D:\WINDOWS\system32\objsel.dll
8/1/2011 4:38:19 PM OK D:\WINDOWS\system32\occache.dll
8/1/2011 4:38:19 PM OK D:\WINDOWS\system32\oakley.dll
8/1/2011 4:38:19 PM OK D:\WINDOWS\system32\nwprovau.dll
8/1/2011 4:38:19 PM OK D:\WINDOWS\system32\nusrmgr.cpl
8/1/2011 4:38:18 PM OK D:\WINDOWS\system32\ntvdmd.dll
8/1/2011 4:38:18 PM OK D:\WINDOWS\system32\ntvdm.exe
8/1/2011 4:38:18 PM OK D:\WINDOWS\system32\ntshrui.dll
8/1/2011 4:38:18 PM OK D:\WINDOWS\system32\ntoskrnl.exe
8/1/2011 4:38:18 PM OK D:\WINDOWS\system32\ntsdexts.dll Object was not changed (iChecker)
8/1/2011 4:38:18 PM OK D:\WINDOWS\system32\ntprint.dll
8/1/2011 4:38:18 PM OK D:\WINDOWS\system32\ntsd.exe Object was not changed (iChecker)
8/1/2011 4:38:18 PM OK D:\WINDOWS\system32\ntmssvc.dll
8/1/2011 4:38:17 PM OK D:\WINDOWS\system32\ntmsoprq.msc
8/1/2011 4:38:17 PM OK D:\WINDOWS\system32\ntmsmgr.msc
8/1/2011 4:38:17 PM OK D:\WINDOWS\system32\ntmsmgr.dll
8/1/2011 4:38:17 PM OK D:\WINDOWS\system32\ntmsdba.dll
8/1/2011 4:38:17 PM OK D:\WINDOWS\system32\ntmsevt.dll Object was not changed (iChecker)
8/1/2011 4:38:17 PM OK D:\WINDOWS\system32\ntmsapi.dll
8/1/2011 4:38:17 PM OK D:\WINDOWS\system32\ntkrnlpa.exe
8/1/2011 4:38:17 PM OK D:\WINDOWS\system32\ntlsapi.dll
8/1/2011 4:38:17 PM OK D:\WINDOWS\system32\ntmarta.dll
8/1/2011 4:38:17 PM OK D:\WINDOWS\system32\ntlanui2.dll Object was not changed (iChecker)
8/1/2011 4:38:17 PM OK D:\WINDOWS\system32\ntlanui.dll Object was not changed (iChecker)
8/1/2011 4:38:17 PM OK D:\WINDOWS\system32\ntlanman.dll
8/1/2011 4:38:16 PM OK D:\WINDOWS\system32\ntio804.sys
8/1/2011 4:38:16 PM OK D:\WINDOWS\system32\ntio412.sys
8/1/2011 4:38:16 PM OK D:\WINDOWS\system32\ntio411.sys
8/1/2011 4:38:16 PM OK D:\WINDOWS\system32\ntio404.sys
8/1/2011 4:38:16 PM OK D:\WINDOWS\system32\ntio.sys
8/1/2011 4:38:16 PM OK D:\WINDOWS\system32\ntimage.gif
8/1/2011 4:38:16 PM OK D:\WINDOWS\system32\ntdsapi.dll
8/1/2011 4:38:16 PM OK D:\WINDOWS\system32\ntdos804.sys
8/1/2011 4:38:16 PM OK D:\WINDOWS\system32\ntdos412.sys
8/1/2011 4:38:16 PM OK D:\WINDOWS\system32\ntdos411.sys
8/1/2011 4:38:16 PM OK D:\WINDOWS\system32\ntdll.dll
8/1/2011 4:38:16 PM OK D:\WINDOWS\system32\ntdos404.sys
8/1/2011 4:38:16 PM OK D:\WINDOWS\system32\ntdos.sys
8/1/2011 4:38:16 PM OK D:\WINDOWS\system32\nslookup.exe
8/1/2011 4:38:15 PM OK D:\WINDOWS\system32\npptools.dll
8/1/2011 4:38:15 PM OK D:\WINDOWS\system32\notepad.exe
8/1/2011 4:38:15 PM OK D:\WINDOWS\system32\noise.tha
  • 0

#13
Down_with_malware

Down_with_malware

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 152 posts
8/1/2011 4:38:15 PM OK D:\WINDOWS\system32\noise.sve
8/1/2011 4:38:15 PM OK D:\WINDOWS\system32\noise.nld
8/1/2011 4:38:15 PM OK D:\WINDOWS\system32\noise.ita
8/1/2011 4:38:15 PM OK D:\WINDOWS\system32\noise.fra
8/1/2011 4:38:15 PM OK D:\WINDOWS\system32\noise.esn
8/1/2011 4:38:15 PM OK D:\WINDOWS\system32\noise.enu
8/1/2011 4:38:15 PM OK D:\WINDOWS\system32\noise.eng
8/1/2011 4:38:15 PM OK D:\WINDOWS\system32\noise.deu
8/1/2011 4:38:15 PM OK D:\WINDOWS\system32\noise.dat
8/1/2011 4:38:15 PM OK D:\WINDOWS\system32\noise.cht
8/1/2011 4:38:15 PM OK D:\WINDOWS\system32\nlhtml.dll
8/1/2011 4:38:15 PM OK D:\WINDOWS\system32\noise.chs
8/1/2011 4:38:15 PM OK D:\WINDOWS\system32\nlsfunc.exe Object was not changed (iChecker)
8/1/2011 4:38:15 PM OK D:\WINDOWS\system32\newdev.dll
8/1/2011 4:38:15 PM OK D:\WINDOWS\system32\netui1.dll
8/1/2011 4:38:15 PM OK D:\WINDOWS\system32\netui2.dll Object was not changed (iChecker)
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netui0.dll
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netstat.exe
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netshell.dll
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netsetup.exe
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netsetup.exe/data0000.cab
8/1/2011 4:38:14 PM Archive: Rsrc-Package D:\WINDOWS\system32\netsetup.exe
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netsetup.exe/data0016.res
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netsetup.exe/data0016.res/SSDPSRV.EXE Object was not changed (iChecker)
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netsetup.exe/data0016.res/upnp.dll
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netsetup.exe/data0016.res/ssdpapi.dll
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netsetup.exe/data0016.res/NoUPnP.inf Object was not changed (iChecker)
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netsetup.exe/data0016.res/HasUPnP.inf Object was not changed (iChecker)
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netsetup.exe/data0016.res/WinXPChk.exe
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netsetup.exe/data0016.res/WinXPChk.exe
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netsh.exe
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netsetup.exe/data0016.res/ncxpnt.dll Object was not changed (iChecker)
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netsetup.exe/data0016.res/ncxp32.dll Object was not changed (iChecker)
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netsetup.exe/data0016.res/ncxp16.dll Object was not changed (iChecker)
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netsetup.exe/data0016.res/icsdclt.dll Object was not changed (iChecker)
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netsetup.exe/data0016.res/hnetwiz.dll Object was not changed (iChecker)
8/1/2011 4:38:14 PM Archive: CAB D:\WINDOWS\system32\netsetup.exe/data0016.res
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netsetup.cpl
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netrap.dll
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netplwiz.dll
8/1/2011 4:38:14 PM OK D:\WINDOWS\system32\netman.dll
8/1/2011 4:38:13 PM OK D:\WINDOWS\system32\netcfgx.dll
8/1/2011 4:38:13 PM OK D:\WINDOWS\system32\netmsg.dll Object was not changed (iChecker)
8/1/2011 4:38:13 PM OK D:\WINDOWS\system32\netlogon.dll
8/1/2011 4:38:13 PM OK D:\WINDOWS\system32\netid.dll
8/1/2011 4:38:13 PM OK D:\WINDOWS\system32\neth.dll Object was not changed (iChecker)
8/1/2011 4:38:13 PM OK D:\WINDOWS\system32\netevent.dll Object was not changed (iChecker)
8/1/2011 4:38:13 PM OK D:\WINDOWS\system32\netdde.exe
8/1/2011 4:38:12 PM OK D:\WINDOWS\system32\netapi32.dll
8/1/2011 4:38:12 PM OK D:\WINDOWS\system32\netapi.dll Object was not changed (iChecker)
8/1/2011 4:38:12 PM OK D:\WINDOWS\system32\net1.exe
8/1/2011 4:38:12 PM OK D:\WINDOWS\system32\net.hlp
8/1/2011 4:38:12 PM OK D:\WINDOWS\system32\net.exe
8/1/2011 4:38:12 PM OK D:\WINDOWS\system32\ndptsp.tsp
8/1/2011 4:38:12 PM OK D:\WINDOWS\system32\nddenb32.dll
8/1/2011 4:38:12 PM OK D:\WINDOWS\system32\nddeapir.exe
8/1/2011 4:38:12 PM OK D:\WINDOWS\system32\nddeapi.dll
8/1/2011 4:38:12 PM OK D:\WINDOWS\system32\ncobjapi.dll
8/1/2011 4:38:12 PM OK D:\WINDOWS\system32\ncxpnt.dll Object was not changed (iChecker)
8/1/2011 4:38:12 PM OK D:\WINDOWS\system32\ncpa.cpl
8/1/2011 4:38:12 PM OK D:\WINDOWS\system32\nbtstat.exe Object was not changed (iChecker)
8/1/2011 4:38:11 PM OK D:\WINDOWS\system32\narrhook.dll Object was not changed (iChecker)
8/1/2011 4:38:11 PM OK D:\WINDOWS\system32\narrator.exe
8/1/2011 4:38:11 PM OK D:\WINDOWS\system32\mydocs.dll
8/1/2011 4:38:11 PM OK D:\WINDOWS\system32\mtstocom.exe
8/1/2011 4:38:11 PM OK D:\WINDOWS\system32\mtstocom.exe/#
8/1/2011 4:38:11 PM OK D:\WINDOWS\system32\mycomput.dll Object was not changed (iChecker)
8/1/2011 4:38:11 PM OK D:\WINDOWS\system32\mtxclu.dll
8/1/2011 4:38:11 PM OK D:\WINDOWS\system32\msyuv.dll Object was not changed (iChecker)
8/1/2011 4:38:11 PM OK D:\WINDOWS\system32\msxmlr.dll Object was not changed (iChecker)
8/1/2011 4:38:11 PM OK D:\WINDOWS\system32\msxml3r.dll Object was not changed (iChecker)
8/1/2011 4:38:11 PM OK D:\WINDOWS\system32\msxml3.dll
8/1/2011 4:38:10 PM OK D:\WINDOWS\system32\msw3prt.dll
8/1/2011 4:38:10 PM OK D:\WINDOWS\system32\msxml2r.dll Object was not changed (iChecker)
8/1/2011 4:38:10 PM OK D:\WINDOWS\system32\msxml2.dll
8/1/2011 4:38:10 PM OK D:\WINDOWS\system32\msxml.dll
8/1/2011 4:38:10 PM OK D:\WINDOWS\system32\mswmdm.dll
8/1/2011 4:38:10 PM OK D:\WINDOWS\system32\msxbde40.dll
8/1/2011 4:38:10 PM OK D:\WINDOWS\system32\mswstr10.dll
8/1/2011 4:38:10 PM OK D:\WINDOWS\system32\mswsock.dll
8/1/2011 4:38:10 PM OK D:\WINDOWS\system32\msvidctl.dll
8/1/2011 4:38:09 PM OK D:\WINDOWS\system32\mswebdvd.dll
8/1/2011 4:38:09 PM OK D:\WINDOWS\system32\mswdat10.dll
8/1/2011 4:38:09 PM OK D:\WINDOWS\system32\msvideo.dll Object was not changed (iChecker)
8/1/2011 4:38:08 PM OK D:\WINDOWS\system32\msvidc32.dll Object was not changed (iChecker)
8/1/2011 4:38:08 PM OK D:\WINDOWS\system32\msvfw32.dll
8/1/2011 4:38:08 PM OK D:\WINDOWS\system32\msvcrt40.dll
8/1/2011 4:38:08 PM OK D:\WINDOWS\system32\msvcrt20.dll Object was not changed (iChecker)
8/1/2011 4:38:08 PM OK D:\WINDOWS\system32\msvcrt.dll
8/1/2011 4:38:08 PM OK D:\WINDOWS\system32\msvcp60.dll Object was not changed (iChecker)
8/1/2011 4:38:08 PM OK D:\WINDOWS\system32\msvcp50.dll Object was not changed (iChecker)
8/1/2011 4:38:07 PM OK D:\WINDOWS\system32\msvcirt.dll
8/1/2011 4:38:05 PM OK D:\WINDOWS\system32\msvbvm60.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msv1_0.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\mstext40.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msvbvm50.dll Object was not changed (iChecker)
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msutb.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\mstlsapi.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\mstime.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msscp.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msswchx.exe Object was not changed (iChecker)
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msscript.ocx
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msswch.dll Object was not changed (iChecker)
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\mssip32.dll Object was not changed (iChecker)
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\mssign32.dll Object was not changed (iChecker)
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msscds32.ax
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\mssap.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msrle32.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msrepl40.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msrd2x40.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\mspmsp.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msrecr40.dll Object was not changed (iChecker)
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msrd3x40.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\mspmsnsv.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msrclr40.dll Object was not changed (iChecker)
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msrating.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msratelc.dll Object was not changed (iChecker)
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msr2cenu.dll Object was not changed (iChecker)
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msr2c.dll Object was not changed (iChecker)
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msprivs.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msports.dll Object was not changed (iChecker)
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\mspbde40.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msnetobj.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msorcl32.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\mspatcha.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msorc32r.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msltus40.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msobjs.dll Object was not changed (iChecker)
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msnsspc.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msls31.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\mslbui.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msjter40.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msjtes40.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msjint40.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msjet40.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msjetoledb40.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msihnd.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msisip.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\msimsg.dll
8/1/2011 4:38:04 PM OK D:\WINDOWS\system32\MSIMTF.dll
8/1/2011 4:38:03 PM OK D:\WINDOWS\system32\msimg32.dll
8/1/2011 4:38:03 PM OK D:\WINDOWS\system32\mshtmler.dll
8/1/2011 4:38:03 PM OK D:\WINDOWS\system32\mshtmler.dll/data0003.html
8/1/2011 4:38:03 PM OK D:\WINDOWS\system32\mshtmler.dll/data0002.html
8/1/2011 4:38:03 PM OK D:\WINDOWS\system32\msieftp.dll
8/1/2011 4:38:03 PM OK D:\WINDOWS\system32\msiexec.exe
8/1/2011 4:38:03 PM OK D:\WINDOWS\system32\msident.dll
8/1/2011 4:38:03 PM OK D:\WINDOWS\system32\mshtmler.dll/data0001.html
8/1/2011 4:38:03 PM OK D:\WINDOWS\system32\msidntld.dll Object was not changed (iChecker)
8/1/2011 4:38:03 PM OK D:\WINDOWS\system32\msidle.dll
8/1/2011 4:38:03 PM OK D:\WINDOWS\system32\msdxm.ocx
8/1/2011 4:38:03 PM OK D:\WINDOWS\system32\msi.dll
8/1/2011 4:38:03 PM Archive: EmbeddedHTML D:\WINDOWS\system32\mshtmler.dll
8/1/2011 4:38:03 PM OK D:\WINDOWS\system32\mshtmled.dll
8/1/2011 4:38:02 PM OK D:\WINDOWS\system32\mshtml.tlb
8/1/2011 4:38:02 PM OK D:\WINDOWS\system32\mshta.exe
8/1/2011 4:38:02 PM OK D:\WINDOWS\system32\mshtml.dll
8/1/2011 4:38:01 PM OK D:\WINDOWS\system32\msgsvc.dll
8/1/2011 4:38:01 PM OK D:\WINDOWS\system32\msh263.drv
8/1/2011 4:38:00 PM OK D:\WINDOWS\system32\msgina.dll
8/1/2011 4:38:00 PM OK D:\WINDOWS\system32\msgsm32.acm
8/1/2011 4:38:00 PM OK D:\WINDOWS\system32\msftedit.dll
8/1/2011 4:38:00 PM OK D:\WINDOWS\system32\msg711.acm
8/1/2011 4:37:59 PM OK D:\WINDOWS\system32\msexch40.dll
8/1/2011 4:37:59 PM OK D:\WINDOWS\system32\msexcl40.dll
8/1/2011 4:37:58 PM OK D:\WINDOWS\system32\msencode.dll Object was not changed (iChecker)
8/1/2011 4:37:58 PM OK D:\WINDOWS\system32\msdart.dll
8/1/2011 4:37:58 PM OK D:\WINDOWS\system32\msdxmlc.dll
8/1/2011 4:37:58 PM OK D:\WINDOWS\system32\msdmo.dll
8/1/2011 4:37:58 PM OK D:\WINDOWS\system32\msdatsrc.tlb
8/1/2011 4:37:57 PM OK D:\WINDOWS\system32\MSCTF.dll
8/1/2011 4:37:57 PM OK D:\WINDOWS\system32\msdadiag.dll
8/1/2011 4:37:57 PM OK D:\WINDOWS\system32\MSCTFP.dll
8/1/2011 4:37:56 PM OK D:\WINDOWS\system32\mscpxl32.dLL
8/1/2011 4:37:56 PM OK D:\WINDOWS\system32\MSCTFIME.IME
8/1/2011 4:37:56 PM OK D:\WINDOWS\system32\mscpx32r.dLL
8/1/2011 4:37:55 PM OK D:\WINDOWS\system32\msaud32.acm
8/1/2011 4:37:55 PM OK D:\WINDOWS\system32\msasn1.dll
8/1/2011 4:37:55 PM OK D:\WINDOWS\system32\mscms.dll
8/1/2011 4:37:55 PM OK D:\WINDOWS\system32\mscdexnt.exe Object was not changed (iChecker)
8/1/2011 4:37:55 PM OK D:\WINDOWS\system32\mscat32.dll Object was not changed (iChecker)
8/1/2011 4:37:55 PM OK D:\WINDOWS\system32\msaudite.dll Object was not changed (iChecker)
8/1/2011 4:37:55 PM OK D:\WINDOWS\system32\msapsspc.dll
8/1/2011 4:37:54 PM OK D:\WINDOWS\system32\msafd.dll
8/1/2011 4:37:54 PM OK D:\WINDOWS\system32\msadp32.acm
8/1/2011 4:37:54 PM OK D:\WINDOWS\system32\msacm32.dll
8/1/2011 4:37:54 PM OK D:\WINDOWS\system32\msadds32.ax
8/1/2011 4:37:54 PM OK D:\WINDOWS\system32\msacm32.drv
8/1/2011 4:37:53 PM OK D:\WINDOWS\system32\mprdim.dll
8/1/2011 4:37:53 PM OK D:\WINDOWS\system32\mprapi.dll
8/1/2011 4:37:53 PM OK D:\WINDOWS\system32\msacm.dll Object was not changed (iChecker)
8/1/2011 4:37:53 PM OK D:\WINDOWS\system32\msaatext.dll Object was not changed (iChecker)
8/1/2011 4:37:53 PM OK D:\WINDOWS\system32\mrinfo.exe Object was not changed (iChecker)
8/1/2011 4:37:53 PM OK D:\WINDOWS\system32\mprui.dll Object was not changed (iChecker)
8/1/2011 4:37:53 PM OK D:\WINDOWS\system32\mprmsg.dll Object was not changed (iChecker)
8/1/2011 4:37:53 PM OK D:\WINDOWS\system32\mpr.dll
8/1/2011 4:37:53 PM OK D:\WINDOWS\system32\mprddm.dll Object was not changed (iChecker)
8/1/2011 4:37:53 PM OK D:\WINDOWS\system32\mpg4ds32.ax
8/1/2011 4:37:52 PM OK D:\WINDOWS\system32\mpg2splt.ax
8/1/2011 4:37:52 PM OK D:\WINDOWS\system32\mpnotify.exe Object was not changed (iChecker)
8/1/2011 4:37:52 PM OK D:\WINDOWS\system32\mpg4dmod.dll
8/1/2011 4:37:52 PM OK D:\WINDOWS\system32\mpeg2data.ax
8/1/2011 4:37:52 PM OK D:\WINDOWS\system32\mp4sdmod.dll
8/1/2011 4:37:52 PM OK D:\WINDOWS\system32\mp43dmod.dll
8/1/2011 4:37:51 PM OK D:\WINDOWS\system32\mouse.drv
8/1/2011 4:37:51 PM OK D:\WINDOWS\system32\more.com
8/1/2011 4:37:51 PM OK D:\WINDOWS\system32\moricons.dll
8/1/2011 4:37:51 PM OK D:\WINDOWS\system32\mountvol.exe Object was not changed (iChecker)
8/1/2011 4:37:51 PM OK D:\WINDOWS\system32\mobsync.exe
8/1/2011 4:37:51 PM OK D:\WINDOWS\system32\modemui.dll
8/1/2011 4:37:50 PM OK D:\WINDOWS\system32\modex.dll Object was not changed (iChecker)
8/1/2011 4:37:50 PM OK D:\WINDOWS\system32\mode.com
8/1/2011 4:37:50 PM OK D:\WINDOWS\system32\mobsync.dll
8/1/2011 4:37:50 PM OK D:\WINDOWS\system32\mmsys.cpl
8/1/2011 4:37:50 PM OK D:\WINDOWS\system32\mmtask.tsk
8/1/2011 4:37:50 PM OK D:\WINDOWS\system32\mmutilse.dll Object was not changed (iChecker)
8/1/2011 4:37:50 PM OK D:\WINDOWS\system32\mlang.dll
8/1/2011 4:37:50 PM OK D:\WINDOWS\system32\mmsystem.dll Object was not changed (iChecker)
8/1/2011 4:37:50 PM OK D:\WINDOWS\system32\mmdriver.inf
8/1/2011 4:37:50 PM OK D:\WINDOWS\system32\mmdrv.dll Object was not changed (iChecker)
8/1/2011 4:37:50 PM OK D:\WINDOWS\system32\mmcshext.dll
8/1/2011 4:37:49 PM OK D:\WINDOWS\system32\mmcndmgr.dll
8/1/2011 4:37:49 PM OK D:\WINDOWS\system32\mmcbase.dll
8/1/2011 4:37:49 PM OK D:\WINDOWS\system32\mmc.exe
8/1/2011 4:37:49 PM OK D:\WINDOWS\system32\mlang.dat
8/1/2011 4:37:49 PM OK D:\WINDOWS\system32\mll_qic.dll Object was not changed (iChecker)
8/1/2011 4:37:49 PM OK D:\WINDOWS\system32\mll_mtf.dll Object was not changed (iChecker)
8/1/2011 4:37:49 PM OK D:\WINDOWS\system32\mll_hp.dll Object was not changed (iChecker)
8/1/2011 4:37:49 PM OK D:\WINDOWS\system32\mimefilt.dll
8/1/2011 4:37:49 PM OK D:\WINDOWS\system32\migisol.exe
8/1/2011 4:37:49 PM OK D:\WINDOWS\system32\midimap.dll
8/1/2011 4:37:49 PM OK D:\WINDOWS\system32\migpwd.exe Object was not changed (iChecker)
8/1/2011 4:37:49 PM OK D:\WINDOWS\system32\miglibnt.dll
8/1/2011 4:37:49 PM OK D:\WINDOWS\system32\mfcsubs.dll
8/1/2011 4:37:49 PM OK D:\WINDOWS\system32\mib.bin
8/1/2011 4:37:49 PM OK D:\WINDOWS\system32\mgmtapi.dll
8/1/2011 4:37:49 PM OK D:\WINDOWS\system32\mfc40u.dll
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mfc42u.dll
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mfc42.dll
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mf3216.dll
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mdminst.dll
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mfc40.dll Object was not changed (iChecker)
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mciwave.drv
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mem.exe Object was not changed (iChecker)
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mdwmdmsp.dll Object was not changed (iChecker)
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mdhcp.dll Object was not changed (iChecker)
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mciwave.dll
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mciseq.drv
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mciqtz32.dll
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mciavi32.dll
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mciseq.dll
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mcastmib.dll
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mciole32.dll Object was not changed (iChecker)
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mciole16.dll Object was not changed (iChecker)
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mcicda.dll Object was not changed (iChecker)
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\makecab.exe
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mciavi.drv
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mchgrcoi.dll Object was not changed (iChecker)
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mcdsrv32.dll Object was not changed (iChecker)
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mcd32.dll Object was not changed (iChecker)
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mapistub.dll Object was not changed (iChecker)
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\main.cpl
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\magnify.exe
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\l_intl.nls
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\mag_hook.dll Object was not changed (iChecker)
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\lsass.exe
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\l_except.nls
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\lusrmgr.msc
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\lzexpand.dll Object was not changed (iChecker)
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\lz32.dll Object was not changed (iChecker)
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\lsasrv.dll
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\logonui.exe
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\lprhelp.dll
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\lprmonui.dll Object was not changed (iChecker)
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\logman.exe
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\lpr.exe Object was not changed (iChecker)
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\lpq.exe Object was not changed (iChecker)
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\lpk.dll
8/1/2011 4:37:48 PM OK D:\WINDOWS\system32\logon.scr
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\lmrt.dll
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\logagent.exe
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\loghours.dll Object was not changed (iChecker)
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\locator.exe
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\lodctr.exe Object was not changed (iChecker)
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\localsec.dll
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\localui.dll
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\localspl.dll
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\locale.nls
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\licdll.dll
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\loadperf.dll
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\loadfix.com
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\lnkstub.exe Object was not changed (iChecker)
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\lmhsvc.dll
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\linkinfo.dll
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\laprxy.dll
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\lights.exe Object was not changed (iChecker)
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\licmgr10.dll
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\kernel32.dll
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\l3codeca.acm
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\lanman.drv
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\langwrbk.dll Object was not changed (iChecker)
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\label.exe Object was not changed (iChecker)
8/1/2011 4:37:47 PM OK D:\WINDOWS\system32\l3codecx.ax
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kmddsp.tsp
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\krnl386.exe Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\keymgr.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kerberos.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\keyboard.sys
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\keyboard.drv
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\key01.sys
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kdcom.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kd1394.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdusx.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdukx.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdsmsno.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdusr.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdusl.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdus.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdsmsfi.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbduk.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdsw.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdsp.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdno1.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdpo.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdsg.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdsf.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdmaori.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdnec.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdno.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdne.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdmlt47.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdmlt48.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdmac.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdinmal.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdinben.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdla.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdit142.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdit.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdir.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdfi1.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdinbe1.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdic.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdgr1.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdgr.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdgae.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdfr.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdfo.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdfi.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\jscript.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdfc.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdes.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbddv.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdda.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdcan.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdbr.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdca.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdbene.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kbdbe.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\kb16.com
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\jsproxy.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\joy.cpl
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\jgpl400.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\jgsh400.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\jobexec.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\ixsso.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\jgsd400.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\jgdw400.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\jgmd400.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\jgaw400.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\jet500.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\iyuv_32.dll Object was not changed (iChecker)
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\ivfsrc.ax
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\iuengine.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\itss.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\iuengine.dll/#
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\itircl.dll
8/1/2011 4:37:46 PM OK D:\WINDOWS\system32\irprops.cpl
8/1/2011 4:37:45 PM OK D:\WINDOWS\system32\ir50_qcx.dll
8/1/2011 4:37:45 PM OK D:\WINDOWS\system32\ir50_32.dll
8/1/2011 4:37:45 PM OK D:\WINDOWS\system32\ir50_qc.dll
8/1/2011 4:37:44 PM OK D:\WINDOWS\system32\ir41_qcx.dll
8/1/2011 4:37:44 PM OK D:\WINDOWS\system32\ir41_qc.dll
8/1/2011 4:37:44 PM OK D:\WINDOWS\system32\ir41_32.ax
8/1/2011 4:37:43 PM OK D:\WINDOWS\system32\ipxroute.exe
8/1/2011 4:37:43 PM OK D:\WINDOWS\system32\ipxwan.dll
8/1/2011 4:37:42 PM OK D:\WINDOWS\system32\ir32_32.dll Object was not changed (iChecker)
8/1/2011 4:37:42 PM OK D:\WINDOWS\system32\ipv6mon.dll
8/1/2011 4:37:42 PM OK D:\WINDOWS\system32\ipxsap.dll Object was not changed (iChecker)
8/1/2011 4:37:42 PM OK D:\WINDOWS\system32\ipxrtmgr.dll Object was not changed (iChecker)
8/1/2011 4:37:42 PM OK D:\WINDOWS\system32\ipsmsnap.dll
8/1/2011 4:37:42 PM OK D:\WINDOWS\system32\ipxrip.dll Object was not changed (iChecker)
8/1/2011 4:37:42 PM OK D:\WINDOWS\system32\ipxpromn.dll Object was not changed (iChecker)
8/1/2011 4:37:42 PM OK D:\WINDOWS\system32\ipxmontr.dll Object was not changed (iChecker)
8/1/2011 4:37:42 PM OK D:\WINDOWS\system32\ipv6.exe
8/1/2011 4:37:42 PM OK D:\WINDOWS\system32\ipsecsvc.dll
8/1/2011 4:37:41 PM OK D:\WINDOWS\system32\ipsecsnp.dll
8/1/2011 4:37:41 PM OK D:\WINDOWS\system32\ippromon.dll
8/1/2011 4:37:41 PM OK D:\WINDOWS\system32\iprtrmgr.dll
8/1/2011 4:37:40 PM OK D:\WINDOWS\system32\ipsec6.exe Object was not changed (iChecker)
8/1/2011 4:37:40 PM OK D:\WINDOWS\system32\ipnathlp.dll
8/1/2011 4:37:40 PM OK D:\WINDOWS\system32\iprtprio.dll Object was not changed (iChecker)
8/1/2011 4:37:40 PM OK D:\WINDOWS\system32\iprop.dll Object was not changed (iChecker)
8/1/2011 4:37:40 PM OK D:\WINDOWS\system32\iphlpapi.dll
8/1/2011 4:37:40 PM OK D:\WINDOWS\system32\ipmontr.dll
8/1/2011 4:37:40 PM OK D:\WINDOWS\system32\ipconfig.exe
8/1/2011 4:37:39 PM OK D:\WINDOWS\system32\ipconf.tsp
8/1/2011 4:37:39 PM OK D:\WINDOWS\system32\intl.cpl
8/1/2011 4:37:39 PM OK D:\WINDOWS\system32\instcat.sql
8/1/2011 4:37:39 PM OK D:\WINDOWS\system32\iologmsg.dll Object was not changed (iChecker)
8/1/2011 4:37:39 PM OK D:\WINDOWS\system32\inseng.dll
8/1/2011 4:37:38 PM OK D:\WINDOWS\system32\input.dll
8/1/2011 4:37:38 PM OK D:\WINDOWS\system32\initpki.dll
8/1/2011 4:37:38 PM OK D:\WINDOWS\system32\inetppui.dll
8/1/2011 4:37:38 PM OK D:\WINDOWS\system32\inetpp.dll
8/1/2011 4:37:37 PM OK D:\WINDOWS\system32\infosoft.dll Object was not changed (iChecker)
8/1/2011 4:37:37 PM OK D:\WINDOWS\system32\inetcpl.cpl
8/1/2011 4:37:37 PM OK D:\WINDOWS\system32\inetmib1.dll
8/1/2011 4:37:37 PM OK D:\WINDOWS\system32\imm32.dll
8/1/2011 4:37:37 PM OK D:\WINDOWS\system32\inetcplc.dll Object was not changed (iChecker)
8/1/2011 4:37:37 PM OK D:\WINDOWS\system32\imgutil.dll
8/1/2011 4:37:36 PM OK D:\WINDOWS\system32\imapi.exe
8/1/2011 4:37:36 PM OK D:\WINDOWS\system32\imeshare.dll
8/1/2011 4:37:36 PM OK D:\WINDOWS\system32\imagehlp.dll
8/1/2011 4:37:35 PM OK D:\WINDOWS\system32\imaadp32.acm
8/1/2011 4:37:35 PM OK D:\WINDOWS\system32\iexpress.exe
8/1/2011 4:37:35 PM OK D:\WINDOWS\system32\igmpagnt.dll
8/1/2011 4:37:35 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab
8/1/2011 4:37:35 PM OK D:\WINDOWS\system32\ifmon.dll
8/1/2011 4:37:35 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/zlogic.cyz
8/1/2011 4:37:35 PM OK D:\WINDOWS\system32\ifsutil.dll Object was not changed (iChecker)
8/1/2011 4:37:35 PM OK D:\WINDOWS\system32\iernonce.dll
8/1/2011 4:37:34 PM OK D:\WINDOWS\system32\iesetup.dll
8/1/2011 4:37:34 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xxwh1hlp.hlp
8/1/2011 4:37:34 PM OK D:\WINDOWS\system32\ieuinit.inf
8/1/2011 4:37:34 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xxui1.dll Object was not changed (iChecker)
8/1/2011 4:37:34 PM OK D:\WINDOWS\system32\iepeers.dll
8/1/2011 4:37:34 PM OK D:\WINDOWS\system32\ieencode.dll
8/1/2011 4:37:34 PM OK D:\WINDOWS\system32\iedkcs32.dll
8/1/2011 4:37:33 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xxpsru1.dll Object was not changed (iChecker)
8/1/2011 4:37:33 PM OK D:\WINDOWS\system32\ieaksie.dll
8/1/2011 4:37:33 PM OK D:\WINDOWS\system32\ie4uinit.exe
8/1/2011 4:37:33 PM OK D:\WINDOWS\system32\ieakui.dll
8/1/2011 4:37:33 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xxpsini1.ini
8/1/2011 4:37:32 PM OK D:\WINDOWS\system32\ieakeng.dll
8/1/2011 4:37:32 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xxpclru1.dll Object was not changed (iChecker)
8/1/2011 4:37:32 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xxpclin1.ini
8/1/2011 4:37:32 PM OK D:\WINDOWS\system32\idq.dll
8/1/2011 4:37:31 PM OK D:\WINDOWS\system32\icm32.dll
8/1/2011 4:37:31 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xuim760.dll Object was not changed (iChecker)
8/1/2011 4:37:31 PM OK D:\WINDOWS\system32\icmp.dll
8/1/2011 4:37:31 PM OK D:\WINDOWS\system32\icmui.dll Object was not changed (iChecker)
8/1/2011 4:37:31 PM OK D:\WINDOWS\system32\hotplug.dll
8/1/2011 4:37:31 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xuim750.dll Object was not changed (iChecker)
8/1/2011 4:37:31 PM OK D:\WINDOWS\system32\iccvid.dll
8/1/2011 4:37:31 PM OK D:\WINDOWS\system32\iasrad.dll
8/1/2011 4:37:30 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xt_82001.ppd
8/1/2011 4:37:30 PM OK D:\WINDOWS\system32\iassvcs.dll Object was not changed (iChecker)
8/1/2011 4:37:30 PM OK D:\WINDOWS\system32\iassdo.dll Object was not changed (iChecker)
8/1/2011 4:37:30 PM OK D:\WINDOWS\system32\iassam.dll Object was not changed (iChecker)
8/1/2011 4:37:30 PM OK D:\WINDOWS\system32\iasrecst.dll Object was not changed (iChecker)
8/1/2011 4:37:30 PM OK D:\WINDOWS\system32\iac25_32.ax
8/1/2011 4:37:30 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xr_88121.ppd
8/1/2011 4:37:29 PM OK D:\WINDOWS\system32\iaspolcy.dll Object was not changed (iChecker)
8/1/2011 4:37:29 PM OK D:\WINDOWS\system32\iasnap.dll Object was not changed (iChecker)
8/1/2011 4:37:29 PM OK D:\WINDOWS\system32\iashlpr.dll Object was not changed (iChecker)
8/1/2011 4:37:29 PM OK D:\WINDOWS\system32\iasads.dll Object was not changed (iChecker)
8/1/2011 4:37:29 PM OK D:\WINDOWS\system32\iasacct.dll Object was not changed (iChecker)
8/1/2011 4:37:29 PM OK D:\WINDOWS\system32\httpapi.dll
8/1/2011 4:37:29 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xr_88081.ppd
8/1/2011 4:37:29 PM OK D:\WINDOWS\system32\htui.dll
8/1/2011 4:37:29 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xr_45201.ppd
8/1/2011 4:37:28 PM OK D:\WINDOWS\system32\hnetwiz.dll
8/1/2011 4:37:28 PM OK D:\WINDOWS\system32\html.iec
8/1/2011 4:37:28 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xr_45171.ppd
8/1/2011 4:37:28 PM OK D:\WINDOWS\system32\homepage.inf
8/1/2011 4:37:27 PM OK D:\WINDOWS\system32\hostname.exe Object was not changed (iChecker)
8/1/2011 4:37:27 PM OK D:\WINDOWS\system32\hlink.dll
8/1/2011 4:37:27 PM OK D:\WINDOWS\system32\hnetcfg.dll
8/1/2011 4:37:27 PM OK D:\WINDOWS\system32\hnetmon.dll Object was not changed (iChecker)
8/1/2011 4:37:27 PM OK D:\WINDOWS\system32\hhctrl.ocx
8/1/2011 4:37:27 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xr_45101.ppd
8/1/2011 4:37:27 PM OK D:\WINDOWS\system32\hhsetup.dll
8/1/2011 4:37:26 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xr_45051.ppd
8/1/2011 4:37:26 PM OK D:\WINDOWS\system32\himem.sys Object was not changed (iChecker)
8/1/2011 4:37:26 PM OK D:\WINDOWS\system32\hidphone.tsp
8/1/2011 4:37:26 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xr_42302.ppd
8/1/2011 4:37:25 PM OK D:\WINDOWS\system32\hid.dll Object was not changed (iChecker)
8/1/2011 4:37:25 PM OK D:\WINDOWS\system32\hdwwiz.cpl
8/1/2011 4:37:25 PM OK D:\WINDOWS\system32\help.exe
8/1/2011 4:37:25 PM OK D:\WINDOWS\system32\hal.dll
8/1/2011 4:37:25 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xr_42204.ppd
8/1/2011 4:37:24 PM OK D:\WINDOWS\system32\hccoin.dll Object was not changed (iChecker)
8/1/2011 4:37:24 PM OK D:\WINDOWS\system32\grpconv.exe
8/1/2011 4:37:24 PM OK D:\WINDOWS\system32\h323msp.dll
8/1/2011 4:37:24 PM OK D:\WINDOWS\system32\h323.tsp
8/1/2011 4:37:24 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xr_42192.ppd
8/1/2011 4:37:23 PM OK D:\WINDOWS\system32\glu32.dll
8/1/2011 4:37:23 PM OK D:\WINDOWS\system32\graftabl.com
8/1/2011 4:37:23 PM OK D:\WINDOWS\system32\graphics.pro
8/1/2011 4:37:23 PM OK D:\WINDOWS\system32\graphics.com
8/1/2011 4:37:23 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xr_42152.ppd
8/1/2011 4:37:23 PM OK D:\WINDOWS\system32\gpkrsrc.dll
8/1/2011 4:37:22 PM OK D:\WINDOWS\system32\gdi32.dll
8/1/2011 4:37:22 PM OK D:\WINDOWS\system32\gpkcsp.dll Object was not changed (iChecker)
8/1/2011 4:37:22 PM OK D:\WINDOWS\system32\geo.nls
8/1/2011 4:37:22 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrxwbtmp.dll Object was not changed (iChecker)
8/1/2011 4:37:22 PM OK D:\WINDOWS\system32\glmf32.dll Object was not changed (iChecker)
8/1/2011 4:37:22 PM OK D:\WINDOWS\system32\g711codc.ax
8/1/2011 4:37:22 PM OK D:\WINDOWS\system32\ftp.exe
8/1/2011 4:37:22 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrxscnui.dll
8/1/2011 4:37:22 PM OK D:\WINDOWS\system32\gdi.exe Object was not changed (iChecker)
8/1/2011 4:37:22 PM OK D:\WINDOWS\system32\gcdef.dll Object was not changed (iChecker)
8/1/2011 4:37:22 PM OK D:\WINDOWS\system32\fwcfg.dll
8/1/2011 4:37:21 PM OK D:\WINDOWS\system32\fsmgmt.msc
8/1/2011 4:37:21 PM OK D:\WINDOWS\system32\ftsrch.dll Object was not changed (iChecker)
8/1/2011 4:37:21 PM OK D:\WINDOWS\system32\framebuf.dll
8/1/2011 4:37:21 PM OK D:\WINDOWS\system32\fsutil.exe Object was not changed (iChecker)
8/1/2011 4:37:21 PM OK D:\WINDOWS\system32\fsusd.dll Object was not changed (iChecker)
8/1/2011 4:37:21 PM OK D:\WINDOWS\system32\fsquirt.exe Object was not changed (iChecker)
8/1/2011 4:37:21 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrxnui.dll Object was not changed (iChecker)
8/1/2011 4:37:21 PM OK D:\WINDOWS\system32\fontext.dll
8/1/2011 4:37:21 PM OK D:\WINDOWS\system32\format.com
8/1/2011 4:37:20 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrxnps.ini
8/1/2011 4:37:20 PM OK D:\WINDOWS\system32\fontview.exe
8/1/2011 4:37:20 PM OK D:\WINDOWS\system32\fontext.dll/#
8/1/2011 4:37:20 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrxnps.dll Object was not changed (iChecker)
8/1/2011 4:37:20 PM OK D:\WINDOWS\system32\forcedos.exe
8/1/2011 4:37:20 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrxnpcl.ini
8/1/2011 4:37:20 PM OK D:\WINDOWS\system32\fontsub.dll
8/1/2011 4:37:19 PM OK D:\WINDOWS\system32\fldrclnr.dll
8/1/2011 4:37:19 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrxnpcl.dll Object was not changed (iChecker)
8/1/2011 4:37:19 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrxids_1.gpd
8/1/2011 4:37:19 PM OK D:\WINDOWS\system32\firewall.cpl
8/1/2011 4:37:19 PM OK D:\WINDOWS\system32\fmifs.dll Object was not changed (iChecker)
8/1/2011 4:37:19 PM OK D:\WINDOWS\system32\findstr.exe
8/1/2011 4:37:19 PM OK D:\WINDOWS\system32\fixmapi.exe Object was not changed (iChecker)
8/1/2011 4:37:19 PM OK D:\WINDOWS\system32\filemgmt.dll
8/1/2011 4:37:18 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrxftplt.exe Object was not changed (iChecker)
8/1/2011 4:37:18 PM OK D:\WINDOWS\system32\finger.exe Object was not changed (iChecker)
8/1/2011 4:37:18 PM OK D:\WINDOWS\system32\faultrep.dll
8/1/2011 4:37:18 PM OK D:\WINDOWS\system32\find.exe Object was not changed (iChecker)
8/1/2011 4:37:18 PM OK D:\WINDOWS\system32\feclient.dll
8/1/2011 4:37:18 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrxflnch.exe Object was not changed (iChecker)
8/1/2011 4:37:18 PM OK D:\WINDOWS\system32\extrac32.exe
8/1/2011 4:37:18 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrxdpc55.icm
8/1/2011 4:37:17 PM OK D:\WINDOWS\system32\fc.exe Object was not changed (iChecker)
8/1/2011 4:37:17 PM OK D:\WINDOWS\system32\expsrv.dll
8/1/2011 4:37:17 PM OK D:\WINDOWS\system32\fastopen.exe Object was not changed (iChecker)
8/1/2011 4:37:17 PM OK D:\WINDOWS\system32\exts.dll
8/1/2011 4:37:17 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrxcbids.gpd
8/1/2011 4:37:17 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrx49201.ppd
8/1/2011 4:37:16 PM OK D:\WINDOWS\system32\eventvwr.msc
8/1/2011 4:37:16 PM OK D:\WINDOWS\system32\extmgr.dll
8/1/2011 4:37:16 PM OK D:\WINDOWS\system32\eventlog.dll
8/1/2011 4:37:15 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrx4915h.icm
8/1/2011 4:37:15 PM OK D:\WINDOWS\system32\expand.exe Object was not changed (iChecker)
8/1/2011 4:37:15 PM OK D:\WINDOWS\system32\exe2bin.exe Object was not changed (iChecker)
8/1/2011 4:37:15 PM OK D:\WINDOWS\system32\eula.txt
8/1/2011 4:37:15 PM OK D:\WINDOWS\system32\eventvwr.exe Object was not changed (iChecker)
8/1/2011 4:37:15 PM OK D:\WINDOWS\system32\eudcedit.exe
8/1/2011 4:37:15 PM OK D:\WINDOWS\system32\eventcls.dll Object was not changed (iChecker)
8/1/2011 4:37:15 PM OK D:\WINDOWS\system32\esent.dll
8/1/2011 4:37:15 PM OK D:\WINDOWS\system32\esentprf.ini
8/1/2011 4:37:14 PM OK D:\WINDOWS\system32\esentutl.exe Object was not changed (iChecker)
8/1/2011 4:37:14 PM OK D:\WINDOWS\system32\esentprf.hxx
8/1/2011 4:37:14 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrx4915d.icm
8/1/2011 4:37:14 PM OK D:\WINDOWS\system32\es.dll
8/1/2011 4:37:14 PM OK D:\WINDOWS\system32\esentprf.dll Object was not changed (iChecker)
8/1/2011 4:37:14 PM OK D:\WINDOWS\system32\esent97.dll Object was not changed (iChecker)
8/1/2011 4:37:14 PM OK D:\WINDOWS\system32\ersvc.dll
8/1/2011 4:37:14 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrx49151.ppd
8/1/2011 4:37:14 PM OK D:\WINDOWS\system32\encdec.dll
8/1/2011 4:37:13 PM OK D:\WINDOWS\system32\encapi.dll
8/1/2011 4:37:13 PM OK D:\WINDOWS\system32\els.dll
8/1/2011 4:37:13 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrx49001.ppd
8/1/2011 4:37:13 PM OK D:\WINDOWS\system32\edit.com
8/1/2011 4:37:13 PM OK D:\WINDOWS\system32\ega.cpi
8/1/2011 4:37:13 PM OK D:\WINDOWS\system32\edit.com/ExePack
8/1/2011 4:37:12 PM OK D:\WINDOWS\system32\dxtrans.dll
8/1/2011 4:37:12 PM OK D:\WINDOWS\system32\edlin.exe Object was not changed (iChecker)
8/1/2011 4:37:12 PM OK D:\WINDOWS\system32\edit.hlp
8/1/2011 4:37:12 PM Packed: ExePack D:\WINDOWS\system32\edit.com
8/1/2011 4:37:12 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrpr6res.dll Object was not changed (iChecker)
8/1/2011 4:37:12 PM OK D:\WINDOWS\system32\dxdiag.exe
8/1/2011 4:37:12 PM OK D:\WINDOWS\system32\dxtmsft.dll
8/1/2011 4:37:11 PM OK D:\WINDOWS\system32\dxdiagn.dll
8/1/2011 4:37:11 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrph1235.ppd
8/1/2011 4:37:11 PM OK D:\WINDOWS\system32\dxmasf.dll
8/1/2011 4:37:10 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrph1235.gpd
8/1/2011 4:37:09 PM OK D:\WINDOWS\system32\dx8vb.dll
8/1/2011 4:37:09 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrpclres.dll Object was not changed (iChecker)
8/1/2011 4:37:09 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrnc60ps.ppd
8/1/2011 4:37:09 PM OK D:\WINDOWS\system32\dx7vb.dll
8/1/2011 4:37:09 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrnc60.gpd
8/1/2011 4:37:09 PM OK D:\WINDOWS\system32\dwwin.exe
8/1/2011 4:37:09 PM OK D:\WINDOWS\system32\dvdupgrd.exe
8/1/2011 4:37:09 PM OK D:\WINDOWS\system32\duser.dll
8/1/2011 4:37:09 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrn4025.ppd
8/1/2011 4:37:09 PM OK D:\WINDOWS\system32\dumprep.exe
8/1/2011 4:37:09 PM OK D:\WINDOWS\system32\dvdplay.exe Object was not changed (iChecker)
8/1/2011 4:37:09 PM OK D:\WINDOWS\system32\dswave.dll
8/1/2011 4:37:08 PM OK D:\WINDOWS\system32\dssenh.dll
8/1/2011 4:37:08 PM OK D:\WINDOWS\system32\dssec.dat
8/1/2011 4:37:08 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrn4025.gpd
8/1/2011 4:37:08 PM OK D:\WINDOWS\system32\dsuiext.dll
8/1/2011 4:37:08 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrn40.ppd
8/1/2011 4:37:08 PM OK D:\WINDOWS\system32\dssec.dll
8/1/2011 4:37:08 PM OK D:\WINDOWS\system32\dsquery.dll
8/1/2011 4:37:08 PM OK D:\WINDOWS\system32\dsdmoprp.dll
8/1/2011 4:37:08 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrn40.gpd
8/1/2011 4:37:08 PM OK D:\WINDOWS\system32\dsprpres.dll
8/1/2011 4:37:08 PM OK D:\WINDOWS\system32\dsprop.dll
8/1/2011 4:37:08 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrn3225.ppd
8/1/2011 4:37:08 PM OK D:\WINDOWS\system32\dsound3d.dll
8/1/2011 4:37:07 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrn3225.gpd
8/1/2011 4:37:07 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrn32.ppd
8/1/2011 4:37:07 PM OK D:\WINDOWS\system32\dsound.dll
8/1/2011 4:37:07 PM OK D:\WINDOWS\system32\dsound.vxd
8/1/2011 4:37:07 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrn32.gpd
8/1/2011 4:37:07 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrn2825.ppd
8/1/2011 4:37:07 PM OK D:\WINDOWS\system32\dskquoui.dll
8/1/2011 4:37:07 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrn2825.gpd
8/1/2011 4:37:07 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrn24.ppd
8/1/2011 4:37:07 PM OK D:\WINDOWS\system32\dskquota.dll
8/1/2011 4:37:07 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrn24.gpd
8/1/2011 4:37:07 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrn2125.ppd
8/1/2011 4:37:07 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrn2125.gpd
8/1/2011 4:37:07 PM OK D:\WINDOWS\system32\dsdmo.dll
8/1/2011 4:37:07 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrn2025.ppd
8/1/2011 4:37:07 PM OK D:\WINDOWS\system32\ds32gt.dll
8/1/2011 4:37:07 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrn2025.gpd
8/1/2011 4:37:07 PM OK D:\WINDOWS\system32\dsauth.dll Object was not changed (iChecker)
8/1/2011 4:37:06 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrn17.ppd
8/1/2011 4:37:06 PM OK D:\WINDOWS\system32\ds16gt.dLL Object was not changed (iChecker)
8/1/2011 4:37:06 PM OK D:\WINDOWS\system32\drmv2clt.dll
8/1/2011 4:37:06 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrn17.gpd
8/1/2011 4:37:06 PM OK D:\WINDOWS\system32\drwtsn32.exe Object was not changed (iChecker)
8/1/2011 4:37:06 PM OK D:\WINDOWS\system32\drprov.dll
8/1/2011 4:37:06 PM OK D:\WINDOWS\system32\drwatson.exe Object was not changed (iChecker)
8/1/2011 4:37:06 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrk61801.ppd
8/1/2011 4:37:06 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrk61351.ppd
8/1/2011 4:37:06 PM OK D:\WINDOWS\system32\drmstor.dll
8/1/2011 4:37:06 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrk60651.ppd
8/1/2011 4:37:06 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrfep.bin
8/1/2011 4:37:06 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrenm760.ini
8/1/2011 4:37:06 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrenm760.dll Object was not changed (iChecker)
8/1/2011 4:37:06 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrenm750.ini
8/1/2011 4:37:06 PM OK D:\WINDOWS\system32\drmclien.dll
8/1/2011 4:37:06 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrenm750.dll Object was not changed (iChecker)
8/1/2011 4:37:06 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdt1355.ppd
8/1/2011 4:37:06 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdt0905.ppd
8/1/2011 4:37:06 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdt0904.ppd
8/1/2011 4:37:06 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdpm760.gpd
8/1/2011 4:37:06 PM OK D:\WINDOWS\system32\dpwsockx.dll
8/1/2011 4:37:06 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdpm750.gpd
8/1/2011 4:37:06 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdp9001.ppd
8/1/2011 4:37:06 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdp1801.ppd
8/1/2011 4:37:06 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdp1551.ppd
8/1/2011 4:37:06 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdp12.gpd
8/1/2011 4:37:06 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdcs50.ppd
8/1/2011 4:37:06 PM OK D:\WINDOWS\system32\dpvvox.dll
8/1/2011 4:37:06 PM OK D:\WINDOWS\system32\dpwsock.dll Object was not changed (iChecker)
8/1/2011 4:37:06 PM OK D:\WINDOWS\system32\dpvsetup.exe
8/1/2011 4:37:06 PM OK D:\WINDOWS\system32\dpvoice.dll
8/1/2011 4:37:05 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdcs35.gpd
8/1/2011 4:37:05 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc50s.icm
8/1/2011 4:37:05 PM OK D:\WINDOWS\system32\dpvacm.dll
8/1/2011 4:37:05 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc50q.icm
8/1/2011 4:37:05 PM OK D:\WINDOWS\system32\dpserial.dll Object was not changed (iChecker)
8/1/2011 4:36:59 PM OK D:\WINDOWS\system32\dplaysvr.exe
8/1/2011 4:36:58 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc490.ppd
8/1/2011 4:36:58 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc490.gpd
8/1/2011 4:36:58 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc480.ppd
8/1/2011 4:36:58 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc480.gpd
8/1/2011 4:36:58 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc470.ppd
8/1/2011 4:36:58 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc470.gpd
8/1/2011 4:36:58 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc460.ppd
8/1/2011 4:36:58 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc460.gpd
8/1/2011 4:36:58 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc440.ppd
8/1/2011 4:36:58 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc440.gpd
8/1/2011 4:36:58 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc432.ppd
8/1/2011 4:36:58 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc432.gpd
8/1/2011 4:36:58 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc425.ppd
8/1/2011 4:36:58 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc425.gpd
8/1/2011 4:36:58 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc420.ppd
8/1/2011 4:36:58 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc420.gpd
8/1/2011 4:36:58 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc340.ppd
8/1/2011 4:36:58 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc340.gpd
8/1/2011 4:36:58 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc332.ppd
8/1/2011 4:36:58 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc332.gpd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc265d.ppd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc265.ppd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc265.gpd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc255.ppd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc255.gpd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc240.ppd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc240.gpd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc230.ppd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc230.gpd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc220.ppd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrdc220.gpd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrd61802.ppd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrd61801.ppd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrd61551.ppd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrd61355.ppd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrd61354.ppd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrd61351.ppd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrd61151.ppd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrd61001.ppd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrd60652.ppd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrd13001.ppd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrc55dp0.ppd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrc55.gpd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xrbios.bin
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xr610.gpd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xr470002.ppd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xr4520.gpd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xr4517.gpd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xr4512.gpd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xr4510.gpd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xr4508.gpd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xr4505.gpd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xr4220.gpd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xr4219.gpd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xr4215.gpd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xr3006.gpd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xpclres1.dll Object was not changed (iChecker)
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xnsercom.gpd
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xm750.hlp
8/1/2011 4:36:57 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xlog.exe Object was not changed (iChecker)
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xeroxdp.hlp
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xem336n5.sys Object was not changed (iChecker)
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xdp96.ppd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xdp92c.ppd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xdp8ex.gpd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xdp8e.gpd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xdp4890.ppd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xdp4850.ppd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xdp4635.ppd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xdp4090.ppd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xdp4050.ppd
8/1/2011 4:36:56 PM OK D:\WINDOWS\system32\dpnwsock.dll Object was not changed (iChecker)
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xdp180.ppd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xdp155.ppd
8/1/2011 4:36:56 PM OK D:\WINDOWS\system32\dpnsvr.exe
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xdp1210.gpd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xdp1202.gpd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xdc_lcom.gpd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xdc_com.gpd
8/1/2011 4:36:56 PM OK D:\WINDOWS\system32\dpnhupnp.dll
8/1/2011 4:36:56 PM OK D:\WINDOWS\system32\dpnmodem.dll Object was not changed (iChecker)
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xdcs35.ppd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xdcs20.ppd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/xcci2032.dll Object was not changed (iChecker)
8/1/2011 4:36:56 PM OK D:\WINDOWS\system32\dpnlobby.dll
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/x4700ii.ppd
8/1/2011 4:36:56 PM OK D:\WINDOWS\system32\dpnhpast.dll
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/x4512ps.ppd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/wpw2050p.gpd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/wplq2130.gpd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/wpl1180p.gpd
8/1/2011 4:36:56 PM OK D:\WINDOWS\system32\dpnet.dll
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/wph1050p.gpd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/wph1040p.gpd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/wph1020p.gpd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/wpex3xx.gpd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/wpex330.gpd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/wpex2xx.gpd
8/1/2011 4:36:56 PM OK D:\WINDOWS\system32\dpnaddr.dll
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/wpex200x.gpd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/wpex200p.gpd
8/1/2011 4:36:56 PM OK D:\WINDOWS\Driver Cache\i386\driver.cab/wpe2050p.gpd
  • 0

#14
Down_with_malware

Down_with_malware

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 152 posts
I apologize but I already lost track where I was, I am going to try to upload this from another PC.
  • 0

#15
Down_with_malware

Down_with_malware

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 152 posts
I am sorry I tried to save the text file but it won't let me. Whenever I put it in it says I:/scan.txt and is just stuck. Is there any other way to do this? Or can I copy and paste the whole 200K worth of words into one post? I am sorry I just don't know what to do.

Edited by Down_with_malware, 01 August 2011 - 06:33 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP