Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser redirects and Windows startup issues


  • Please log in to reply
10 replies to this topic

#1 Ali320

Ali320

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:06:42 AM

Posted 14 January 2012 - 03:57 PM

Hello! For the past few days I've been having issues with Windows Startups; first a black error screen, then sometimes a blue one. Also all day today Google has been redirecting to a "302 this page has moved" screen. I'm running Windows 7. The only action I've taken is to run Webroot, but that didn't comeup with anything. Thank you in advance.

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 33,406 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:42 AM

Posted 14 January 2012 - 10:46 PM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif




#3 Ali320

Ali320
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:06:42 AM

Posted 16 January 2012 - 11:15 PM

Security Check Log:

Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 26
Out of date Java installed!
Adobe Flash Player ( 10.0.32.18) Flash Player Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
``````````End of Log````````````

#4 Ali320

Ali320
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:06:42 AM

Posted 16 January 2012 - 11:18 PM

Farbar Service Scanner Log:

Farbar Service Scanner
Ran by Owner (administrator) on 16-01-2012 at 23:17:51
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
===========

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#5 Ali320

Ali320
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:06:42 AM

Posted 16 January 2012 - 11:20 PM

MiniToolBox:

MiniToolBox by Farbar
Ran by Owner (administrator) on 16-01-2012 at 23:19:33
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Marvell Yukon 88E8057 PCI-E Gigabit Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Owner-VAIO
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : 00-26-5E-F4-3A-6C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b16b:46a1:40a1:7338%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.70(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, January 15, 2012 3:25:36 AM
Lease Expires . . . . . . . . . . : Tuesday, January 17, 2012 6:21:37 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 218111802
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-3A-02-2B-00-24-BE-3A-86-84
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8057 PCI-E Gigabit Ethernet Controller
Physical Address. . . . . . . . . : 00-24-BE-3A-86-84
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:10b9:184c:9c9a:c7d4(Preferred)
Link-local IPv6 Address . . . . . : fe80::10b9:184c:9c9a:c7d4%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{0392DEE3-4F2A-4EED-8133-34D4E6248495}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: homeportal
Address: 192.168.1.254

Name: google.com
Addresses: 74.125.47.147
74.125.47.99
74.125.47.105
74.125.47.106
74.125.47.103
74.125.47.104


Pinging google.com [74.125.47.103] with 32 bytes of data:
Reply from 74.125.47.103: bytes=32 time=43ms TTL=46
Reply from 74.125.47.103: bytes=32 time=42ms TTL=46

Ping statistics for 74.125.47.103:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 42ms, Maximum = 43ms, Average = 42ms
Server: homeportal
Address: 192.168.1.254

Name: yahoo.com
Addresses: 209.191.122.70
72.30.2.43
98.137.149.56
98.139.180.149


Pinging yahoo.com [98.139.180.149] with 32 bytes of data:
Reply from 98.139.180.149: bytes=32 time=107ms TTL=42
Reply from 98.139.180.149: bytes=32 time=83ms TTL=42

Ping statistics for 98.139.180.149:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 83ms, Maximum = 107ms, Average = 95ms
Server: homeportal
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 2ms, Average = 2ms
===========================================================================
Interface List
11...00 26 5e f4 3a 6c ......Atheros AR9285 Wireless Network Adapter
10...00 24 be 3a 86 84 ......Marvell Yukon 88E8057 PCI-E Gigabit Ethernet Controller
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.70 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.70 281
192.168.1.70 255.255.255.255 On-link 192.168.1.70 281
192.168.1.255 255.255.255.255 On-link 192.168.1.70 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.70 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.70 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:4137:9e76:10b9:184c:9c9a:c7d4/128
On-link
11 281 fe80::/64 On-link
15 306 fe80::/64 On-link
15 306 fe80::10b9:184c:9c9a:c7d4/128
On-link
11 281 fe80::b16b:46a1:40a1:7338/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/16/2012 06:46:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/16/2012 06:46:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/16/2012 06:46:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/16/2012 06:46:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/15/2012 03:57:20 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/15/2012 03:57:20 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/15/2012 03:57:20 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/15/2012 03:57:20 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/15/2012 03:33:10 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (01/15/2012 03:32:17 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (01/15/2012 11:02:30 PM) (Source: Schannel) (User: SYSTEM)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (01/15/2012 11:02:30 PM) (Source: Schannel) (User: SYSTEM)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (01/15/2012 11:02:30 PM) (Source: Schannel) (User: SYSTEM)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (01/15/2012 11:02:30 PM) (Source: Schannel) (User: SYSTEM)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (01/15/2012 11:02:30 PM) (Source: Schannel) (User: SYSTEM)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (01/15/2012 11:02:30 PM) (Source: Schannel) (User: SYSTEM)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (01/15/2012 11:02:30 PM) (Source: Schannel) (User: SYSTEM)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (01/15/2012 11:02:30 PM) (Source: Schannel) (User: SYSTEM)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (01/15/2012 11:02:30 PM) (Source: Schannel) (User: SYSTEM)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (01/15/2012 11:02:30 PM) (Source: Schannel) (User: SYSTEM)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

(Version: 1.0.0.07310)
(Version: 1.0.0.08050)
(Version: 3.0.0.06160)
(Version: 4.0.0.05260)
Update for Microsoft Office 2007 (KB2508958)
Adobe Flash Player 10 Plugin (Version: 10.0.32.18)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Adobe Reader 9.3.1 (Version: 9.3.1)
Alps Pointing-device for VAIO
Apple Application Support (Version: 1.2.1)
Apple Software Update (Version: 2.1.1.116)
Application Manager for VAIO
ArcSoft Magic-i Visual Effects 2 (Version: 2.0.1.85)
ArcSoft WebCam Companion 3 (Version: 3.0.21.193)
Atheros Client Installation Program (Version: 7.0)
Choice Guard (Version: 1.2.87.0)
Click to Disc (Version: 1.2.73.04270)
Click to Disc Editor (Version: 2.0.02)
Click to Disc Editor (Version: 2.0.03.04150)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
DivX Setup (Version: 2.6.0.34)
Geek Squad 24 Hour Computer Support (Version: 3.0.330)
Google Chrome (Version: 16.0.912.75)
Google Update Helper (Version: 1.3.21.79)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1872)
Intel® Matrix Storage Manager
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 15 (64-bit) (Version: 6.0.150)
Java™ 6 Update 26 (Version: 6.0.260)
Java™ SE Development Kit 6 Update 15 (64-bit) (Version: 1.6.0.150)
Junk Mail filter update (Version: 14.0.8050.1202)
Malwarebytes Anti-Malware version 1.60.0.1800 (Version: 1.60.0.1800)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 and SOAP Toolkit 3.0 (Version: 1.0.0.0)
Music Transfer (Version: 1.3.01.13160)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Primo (Version: 1.00.0000)
QuickBooks Financial Center (Version: 1.30.0000)
QuickTime (Version: 7.66.71.0)
RealPlayer
Realtek High Definition Audio Driver (Version: 6.0.1.5886)
RealUpgrade 1.0 (Version: 1.0.0)
Roxio Central Audio (Version: 3.8.0)
Roxio Central Copy (Version: 3.8.0)
Roxio Central Core (Version: 3.8.0)
Roxio Central Data (Version: 3.8.0)
Roxio Central Tools (Version: 3.8.0)
Roxio Easy Media Creator 10 LJ (Version: 10.3)
Roxio Easy Media Creator Home (Version: 10.3.121)
Runtime (Version: 1.00.0000)
SAMSUNG Intelli-studio
Setting Utility Series (Version: 5.0.0.07300)
SmartWi Connection Utility (Version: 4.8.4.20090826.2116)
Sony Home Network Library (Version: 2.0.0.07280)
Sony Picture Utility (Version: 4.2.12.16210)
Spotify (Version: 0.5.2)
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VAIO Care (Version: 5.1.0.13200)
VAIO Content Metadata Intelligent Analyzing Manager (Version: 3.5.0.06261)
VAIO Content Metadata Intelligent Network Service Manager (Version: 3.6.1.11040)
VAIO Content Metadata Manager Settings (Version: 3.6.0.09240)
VAIO Content Metadata XML Interface Library (Version: 3.5.0.06180)
VAIO Content Monitoring Settings (Version: 2.4.0.06120)
VAIO Control Center (Version: 4.0.0.06120)
VAIO Data Restore Tool (Version: 1.1.01.06290)
VAIO DVD Menu Data Basic (Version: 1.0.00.08130)
VAIO Entertainment Platform (Version: 3.5.0.07230)
VAIO Event Service (Version: 5.0.0.07010)
VAIO Help and Support (Version: 9.00.0729.ENUS)
VAIO Media plus (Version: 2.0.0.07280)
VAIO Media plus Opening Movie (Version: 2.0.0.07030)
VAIO Movie Story (Version: 1.5.00.06191)
VAIO Movie Story (Version: 1.5.01.05120)
VAIO Movie Story 1.5 Upgrade (Version: 1.5.01.05120)
VAIO Movie Story Template Data (Version: 1.5.01.05120)
VAIO OOBE and Startup Assistant (Version: 1.00.0811.ENUS)
VAIO Original Function Settings (Version: 2.0.1.10290)
VAIO Power Management (Version: 4.0.0.08240)
VAIO Presentation Support (Version: 2.0.0.05270)
VAIO Quick Web Access (Version: 1.1.2.4)
VAIO Survey (Version: 6.00.0722)
VAIO Update (Version: 5.5.3.10280)
VAIO Update Merge Module x64 (Version: 5.5.19220)
VAIO Update Merge Module x64 (Version: 5.6.10270)
VAIO Wallpaper Contents (Version: 2.0.0.06010)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VD64Inst (Version: 1.00.0000)
Veetle TV 0.9.18 (Version: 0.9.18)
Webroot SecureAnywhere (Version: 8.0.1.82)
Windows Live Call (Version: 14.0.8050.1202)
Windows Live Communications Platform (Version: 14.0.8050.1202)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live Mail (Version: 14.0.8050.1202)
Windows Live Messenger (Version: 14.0.8050.1202)
Windows Live Movie Maker Beta (Version: 14.0.8051.1204)
Windows Live Photo Gallery (Version: 14.0.8051.1204)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8050.1202)
WinRAR archiver

========================= Memory info: ===================================

Percentage of memory in use: 70%
Total physical RAM: 3935.02 MB
Available physical RAM: 1154.25 MB
Total Pagefile: 7868.23 MB
Available Pagefile: 4615.2 MB
Total Virtual: 4095.88 MB
Available Virtual: 3963.64 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:290.37 GB) (Free:205.03 GB) NTFS

========================= Users: ========================================

User accounts for \\OWNER-VAIO

Administrator Guest Owner


**** End of log ****

#6 Ali320

Ali320
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:06:42 AM

Posted 16 January 2012 - 11:25 PM

Malwarebytes Anti-Malware Log:

Malwarebytes Anti-Malware (Trial) 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.16.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Owner :: OWNER-VAIO [administrator]

Protection: Enabled

1/16/2012 11:21:05 PM
mbam-log-2012-01-16 (23-53-34).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 189566
Time elapsed: 2 minute(s), 44 second(s)

Memory Processes Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> 3904 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.

(end)

Edited by Ali320, 17 January 2012 - 12:03 AM.


#7 Ali320

Ali320
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:06:42 AM

Posted 16 January 2012 - 11:27 PM

ASWMBR Log:

swMBR version 0.9.9.1297 Copyright© 2011 AVAST Software
Run date: 2012-01-16 23:25:43
-----------------------------
23:25:43.135 OS Version: Windows x64 6.1.7601 Service Pack 1
23:25:43.135 Number of processors: 2 586 0x170A
23:25:43.136 ComputerName: OWNER-VAIO UserName: Owner
23:25:43.979 Initialize success
23:25:57.606 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:25:57.608 Disk 0 Vendor: FUJITSU_ 0041 Size: 305245MB BusType: 3
23:25:57.611 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000065
23:25:57.613 Disk 1 Vendor: RICOH 01 Size: 305245MB BusType: 0
23:25:57.616 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000066
23:25:57.619 Disk 2 Vendor: RICOH 02 Size: 305245MB BusType: 0
23:25:57.622 Device \Driver\iaStor -> MajorFunction fffffa8005bc05c4
23:25:57.626 Disk 0 MBR read successfully
23:25:57.629 Disk 0 MBR scan
23:25:57.632 Disk 0 Windows 7 default MBR code
23:25:57.651 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 7803 MB offset 2048
23:25:57.667 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 15982592
23:25:57.677 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 297340 MB offset 16187392
23:25:57.682 Service scanning
23:25:58.784 Modules scanning
23:25:58.789 Disk 0 trace - called modules:
23:25:58.796 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8005bc05c4]<<
23:25:58.801 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a403f0]
23:25:58.806 3 CLASSPNP.SYS[fffff88001b6843f] -> nt!IofCallDriver -> [0xfffffa80046d76f0]
23:25:58.812 5 ACPI.sys[fffff88000f3b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80046ed050]
23:25:58.818 \Driver\iaStor[0xfffffa8005b27e70] -> IRP_MJ_CREATE -> 0xfffffa8005bc05c4
23:25:58.823 Scan finished successfully
23:26:16.748 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Documents\MBR.dat"
23:26:16.753 The log file has been saved successfully to "C:\Users\Owner\Documents\aswMBR.txt"

#8 Ali320

Ali320
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:06:42 AM

Posted 16 January 2012 - 11:38 PM

After downloading the Malwarebytes, scanning and restarting; this notification pops up on my toolbar every few minutes:

Successfully blocked access to a potentially malicious website: 178.238.233.155
Type:outgoing
Port: xxxxx (a different number everytime) Proccess: svchost.exe (this always stays the same)

I take it by all the results there's a Trojan virus attatched to whatever svchost.exe is...?

ETA: I ran another scan and the 2 items detected before came right back. I guess this thing isn't so easy to get rid of. yeesh.

Malwarebytes Anti-Malware (Trial) 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.16.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Owner :: OWNER-VAIO [administrator]

Protection: Enabled

1/16/2012 11:53:34 PM
mbam-log-2012-01-16 (23-53-34).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 189566
Time elapsed: 2 minute(s), 44 second(s)

Memory Processes Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> 3904 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.

(end)

Edited by Ali320, 16 January 2012 - 11:59 PM.


#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 33,406 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:42 AM

Posted 17 January 2012 - 12:05 AM

You're not running any AV program.

Install ONE of these:
- Avast! free antivirus: http://www.avast.com/eng/download-avast-home.html
- free Microsoft Security Essentials: http://windows.microsoft.com/en-GB/windows/products/security-essentials
- free Comodo Antivirus: http://www.comodo.com/home/internet-security/antivirus.php
Update, run full scan, report on any findings.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif




#10 Ali320

Ali320
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:06:42 AM

Posted 17 January 2012 - 12:55 AM

I have Webroot but I had to turn it off to run the Farbar scan.

Webroot Scan Log (Version v8.0.1.82)
Log saved at Tue 2012-01-17 00:46:59

v8.0.1.82
Windows 7 Service Pack 1 (Build 7601) 64bit
Scan Started: Tue 2012-01-17 00:45:09
Files Scanned: 42666
Malicious Files: 4
Duration: 1m 20s

Some legitimate files are not included in this log
[B] c:\users\owner\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\20yutzz2\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667] [Flags: 08080000.9479] [Threat: W32.Trojan.Gen]
[B] c:\users\owner\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\2bkgpy2k\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667] [Flags: 08080000.9479] [Threat: W32.Trojan.Gen]
[B] c:\users\owner\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\kiolh4qc\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667] [Flags: 08080000.9479] [Threat: W32.Trojan.Gen]
[B] c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667] [Flags: 08080000.9479] [Threat: W32.Trojan.Gen]
[U] c:\$mbr.1 [MD5: 28BF37742B5CE404C5129C9F9DBBC5DF] [Flags: 00080010.8557]
[U] c:\programdata\adobe\reader\9.3\arm\30994\acrobatupdater.exe [MD5: 6B5ED259FFCDD40663007B6047E1EFE0] [Flags: 00081010.8539]
[U] c:\programdata\adobe\reader\9.3\arm\30994\adobearmhelper.exe [MD5: 6B5ED259FFCDD40663007B6047E1EFE0] [Flags: 00081010.8539]
[U] c:\programdata\adobe\reader\9.3\arm\30994\readerupdater.exe [MD5: 6B5ED259FFCDD40663007B6047E1EFE0] [Flags: 00081010.8539]
[U] c:\programdata\adobe\reader\9.3\arm\1479\acrobatupdater.exe [MD5: 6B5ED259FFCDD40663007B6047E1EFE0] [Flags: 00081010.8539]
[U] c:\users\owner\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\20yutzz2\minitoolbox[1].exe [MD5: F42A50968F409824F1630E3557CD2524] [Flags: 08080010.9566]
[U] c:\programdata\adobe\reader\9.3\arm\31055\acrobatupdater.exe [MD5: 6B5ED259FFCDD40663007B6047E1EFE0] [Flags: 00081010.8539]
[U] c:\programdata\adobe\reader\9.3\arm\25481\acrobatupdater.exe [MD5: 6B5ED259FFCDD40663007B6047E1EFE0] [Flags: 00081010.8539]
[U] c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\sspisrv.dll [MD5: 68EA2513CA68AD8F741FF4F5B8D8590C] [Flags: 00090010.9241]
[U] c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\cng.sys [MD5: 3C97A526FD2F674266B0F89406C2DC1C] [Flags: 00090010.9212]
[U] c:\program files (x86)\samsung\intelli-studio\medit.dll [MD5: ACFC9D85CFF70CD5CA627AB319330D74] [Flags: 00080010.5291]
[U] c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\ksecpkg.sys [MD5: 0B711550C56444879D71C7DAABDA6C83] [Flags: 00090010.9239]
[U] c:\programdata\adobe\reader\9.3\arm\1479\adobearmhelper.exe [MD5: 6B5ED259FFCDD40663007B6047E1EFE0] [Flags: 00081010.8539]
[U] c:\programdata\adobe\reader\9.3\arm\25481\adobearmhelper.exe [MD5: 6B5ED259FFCDD40663007B6047E1EFE0] [Flags: 00081010.8539]
[U] c:\programdata\adobe\reader\9.3\arm\4244\adobearmhelper.exe [MD5: 6B5ED259FFCDD40663007B6047E1EFE0] [Flags: 00081010.8539]
[U] c:\users\owner\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\kiolh4qc\securitycheck[1].exe [MD5: D2D7404AB5F8010CDF7C198886ACC183] [Flags: 00080810.9452]
[U] c:\windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.16915_none_7e56f78d6ebb08bb\schannel.dll [MD5: 65238BDC2EC498EF5BC52CCF0AC2736B] [Flags: 00090010.9215]
[U] c:\windows\winsxs\amd64_microsoft-windows-directshow-core_31bf3856ad364e35_6.1.7600.21077_none_02fb787320ab0dbf\quartz.dll [MD5: BD872C632D4B9401093BDF193961B751] [Flags: 00090010.8844]
[U] c:\windows\winsxs\amd64_microsoft-windows-scripting-jscript_31bf3856ad364e35_8.0.7600.16898_none_f9875be587dcafea\jscript.dll [MD5: E904E64B88DD447EC6DA93E687031F70] [Flags: 00090010.8561]
[U] c:\windows\winsxs\wow64_microsoft-windows-ntdll_31bf3856ad364e35_6.1.7600.21092_none_bf9c27dc63680973\ntdll.dll [MD5: A0145206D9B6C9270D139ADB10CDDCF0] [Flags: 00081010.8589]
[U] c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsasrv.dll [MD5: 98CB256AF251A9E08EF04C30D3D6B89E] [Flags: 00090010.9216]
[U] c:\programdata\adobe\reader\9.3\arm\10631\adobearmhelper.exe [MD5: 6B5ED259FFCDD40663007B6047E1EFE0] [Flags: 00081010.8539]
[U] c:\windows\winsxs\amd64_microsoft-windows-directshow-dvdsupport_31bf3856ad364e35_6.1.7601.21847_none_b2b461f203ab578d\qdvd.dll [MD5: 40FF8998590B3B794D447E3AC87DA8B2] [Flags: 00090010.8840]
[U] c:\windows\winsxs\wow64_microsoft-windows-ntdll_31bf3856ad364e35_6.1.7601.21861_none_c1a21e206076d21a\ntdll.dll [MD5: D090CC80116EBA8F4852DFE6D05684FD] [Flags: 00081010.8590]
[U] c:\programdata\adobe\reader\9.3\arm\4244\readerupdater.exe [MD5: 6B5ED259FFCDD40663007B6047E1EFE0] [Flags: 00081010.8539]
[U] c:\windows\syswow64\schannel.dll [MD5: 1AFFB765AF1FDCC0C185C38E9DDDDAEE] [Flags: 00080010.9250]
[U] c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\cng.sys [MD5: 937BEB186A735ACA91D717044A49D17E] [Flags: 00090010.9240]
[U] c:\programdata\adobe\reader\9.3\arm\10631\acrobatupdater.exe [MD5: 6B5ED259FFCDD40663007B6047E1EFE0] [Flags: 00081010.8539]
[U] c:\windows\winsxs\amd64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.21092_none_7e86ea56881c7223\schannel.dll [MD5: 4ABE93525123BA830A3D33EA0D5D93AD] [Flags: 00090010.9209]
[U] c:\windows\winsxs\amd64_microsoft-windows-scripting-jscript_31bf3856ad364e35_8.0.7601.21838_none_fc3837249df01121\jscript.dll [MD5: A1797FC0B57DF84607E1AF92C1832DB8] [Flags: 00090010.8558]
[U] c:\programdata\adobe\reader\9.3\arm\10631\readerupdater.exe [MD5: 6B5ED259FFCDD40663007B6047E1EFE0] [Flags: 00081010.8539]
[U] c:\windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.21861_none_8ae18aecb98bfcc5\schannel.dll [MD5: 3DBCBD8ADB406C43A2127544D7BA974E] [Flags: 00080010.9246]
[U] c:\programdata\adobe\reader\9.3\arm\25481\readerupdater.exe [MD5: 6B5ED259FFCDD40663007B6047E1EFE0] [Flags: 00081010.8539]
[U] c:\windows\syswow64\secur32.dll [MD5: 69678722290C78D5D7198C60B5A4E3E8] [Flags: 00080010.9251]
[U] c:\programdata\adobe\reader\9.3\arm\31055\adobearmhelper.exe [MD5: 6B5ED259FFCDD40663007B6047E1EFE0] [Flags: 00081010.8539]
[U] c:\programdata\adobe\reader\9.3\arm\31055\readerupdater.exe [MD5: 6B5ED259FFCDD40663007B6047E1EFE0] [Flags: 00081010.8539]
[U] c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsasrv.dll [MD5: BFA69408620587AFDEC2E8C12CA60492] [Flags: 00090010.9252]
[U] c:\windows\winsxs\amd64_microsoft-windows-scripting-jscript_31bf3856ad364e35_8.0.7600.21069_none_fa3240e0a0e1487a\jscript.dll [MD5: 805FFF8ED5D9DF39CC92875025112012] [Flags: 00090010.8560]
[U] c:\programdata\adobe\reader\9.3\arm\1479\readerupdater.exe [MD5: 6B5ED259FFCDD40663007B6047E1EFE0] [Flags: 00081010.8539]
[U] c:\windows\assembly\nativeimages_v2.0.50727_32\pbcontrols\704275ebc82da201a3d4a83b4d39c533\pbcontrols.ni.dll [MD5: 4000646DE9DC75E268F7DAA2C31033AF] [Flags: 00080010.8961]
[U] c:\windows\winsxs\wow64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_0f15caa0c1145e3a\secur32.dll [MD5: E32335B67DCB1C58E8D3FE95C5D1AC87] [Flags: 00080010.9247]
[U] c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\ksecpkg.sys [MD5: 23B090BCD583BD1AF218BD10C2F6D7EF] [Flags: 00090010.9211]
[U] c:\programdata\adobe\reader\9.3\arm\14248\acrobatupdater.exe [MD5: 6B5ED259FFCDD40663007B6047E1EFE0] [Flags: 00081010.8539]
[U] c:\programdata\adobe\reader\9.3\arm\4244\acrobatupdater.exe [MD5: 6B5ED259FFCDD40663007B6047E1EFE0] [Flags: 00081010.8539]
[U] c:\program files\winrar\zip64.sfx [MD5: EDD09FD8A6B33B4373D78CA03EB2FE62] [Flags: 00090010.8001]
[U] c:\windows\winsxs\wow64_microsoft-windows-webio_31bf3856ad364e35_6.1.7600.16915_none_c37f90ef2c8c2e71\webio.dll [MD5: A86A1C5DF1C662D1C75815BF4794F16D] [Flags: 00080010.9210]
[U] c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\sspisrv.dll [MD5: B9005027DC4BCA9230EB2F6F7F203AEC] [Flags: 00090010.9214]
[U] c:\windows\winsxs\amd64_microsoft-windows-directshow-dvdsupport_31bf3856ad364e35_6.1.7600.16905_none_b06da73ced48a965\qdvd.dll [MD5: 410F2A22672B81EF45DCB4957876D280] [Flags: 00090010.8843]
[U] c:\windows\winsxs\amd64_microsoft-windows-directshow-dvdsupport_31bf3856ad364e35_6.1.7600.21077_none_b0ad6b64069d758f\qdvd.dll [MD5: 433DAAE67161B2FCB91B80DE8F180AB6] [Flags: 00090010.8842]
[U] c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\secur32.dll [MD5: 74A0871810BF0F2AA3EB6681E9BECDD3] [Flags: 00090010.9243]
[U] c:\windows\syswow64\webio.dll [MD5: FB19FC5951A88F3C523E35C2C98D23C0] [Flags: 00080010.9249]
[U] c:\users\owner\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\20yutzz2\aswmbr[1].exe [MD5: E2675065CCBF804523396369A303E55C] [Flags: 00080010.9567]
[U] c:\windows\assembly\nativeimages_v2.0.50727_32\vmstory\efd777bfa1e1eb4daa20ef51ddb46ccc\vmstory.ni.exe [MD5: 048B9138A7F7DBFE54AD48C1B795D720] [Flags: 00080010.8955]
[U] c:\windows\winsxs\wow64_microsoft-windows-webio_31bf3856ad364e35_6.1.7601.21861_none_c5b579fc42fc6080\webio.dll [MD5: A7C87E19D07882B46C36B80974F20927] [Flags: 00080010.9245]
[U] c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\secur32.dll [MD5: 18A72342718A80AC3CA009EDAEAB03AD] [Flags: 00090010.9213]
[U] c:\windows\sysnative\jscript.dll [MD5: B9EA1C40F4B92320308F47217BD80260] [Flags: 00090010.8559]
[U] c:\windows\winsxs\amd64_microsoft-windows-webio_31bf3856ad364e35_6.1.7600.21092_none_b95ad966118cd5de\webio.dll [MD5: 9DA1DAAFF154E77A9C83BD52149BD5EB] [Flags: 00090010.9244]
[U] c:\windows\winsxs\wow64_microsoft-windows-webio_31bf3856ad364e35_6.1.7600.21092_none_c3af83b845ed97d9\webio.dll [MD5: 918433FE82F9E7A37DD86681255E1914] [Flags: 00080010.9208]
[U] c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe [MD5: 156F6159457D0AA7E59B62681B56EB90] [Flags: 00090010.9242]
[U] c:\windows\winsxs\amd64_microsoft-windows-directshow-core_31bf3856ad364e35_6.1.7601.21847_none_05026f011db8efbd\quartz.dll [MD5: C34DE2247CB3F5604E8A63650C8F9E01] [Flags: 00090010.8841]
[U] c:\windows\winsxs\amd64_microsoft-windows-directshow-core_31bf3856ad364e35_6.1.7600.16905_none_02bbb44c07564195\quartz.dll [MD5: 0D416B3476EC484DB2C0594E80EA7FCE] [Flags: 00090010.8845]
[U] c:\programdata\adobe\reader\9.3\arm\14248\adobearmhelper.exe [MD5: 6B5ED259FFCDD40663007B6047E1EFE0] [Flags: 00081010.8539]
[U] c:\windows\winsxs\amd64_microsoft-windows-webio_31bf3856ad364e35_6.1.7600.16915_none_b92ae69cf82b6c76\webio.dll [MD5: 2196CDBFA4B99BEEDAE300FA21DFE718] [Flags: 00090010.9248]
[U] c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe [MD5: D21BD47E528CD62E79311FB5DF0150E6] [Flags: 00090010.9201]
[U] c:\programdata\adobe\reader\9.3\arm\14248\readerupdater.exe [MD5: 6B5ED259FFCDD40663007B6047E1EFE0] [Flags: 00081010.8539]
[U] c:\windows\winsxs\amd64_microsoft-windows-ntdll_31bf3856ad364e35_6.1.7601.21861_none_b74d73ce2c16101f\ntdll.dll [MD5: 90D3125EE1268D1EEE7751ED54BA41C9] [Flags: 00090010.8591]
[U] c:\windows\assembly\nativeimages_v2.0.50727_32\pbareas\6adcafd80292b7b91a879f2e50379134\pbareas.ni.dll [MD5: C964DE2E6D5F9A21862BAEBB8DF69465] [Flags: 00080010.8956]
[U] c:\windows\winsxs\wow64_microsoft-windows-webio_31bf3856ad364e35_6.1.7601.17725_none_c55b1e0929bab64e\webio.dll [MD5: FB19FC5951A88F3C523E35C2C98D23C0] [Flags: 00080010.9249]
[U] c:\windows\winsxs\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17725_none_8a872ef9a04a5293\schannel.dll [MD5: 1AFFB765AF1FDCC0C185C38E9DDDDAEE] [Flags: 00080010.9250]
[U] c:\windows\winsxs\amd64_microsoft-windows-scripting-jscript_31bf3856ad364e35_8.0.7601.17707_none_fbce09d384bb042d\jscript.dll [MD5: B9EA1C40F4B92320308F47217BD80260] [Flags: 00090010.8559]
[U] c:\windows\winsxs\wow64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0ebb6eada7d2b408\secur32.dll [MD5: 69678722290C78D5D7198C60B5A4E3E8] [Flags: 00080010.9251]
[U] c:\windows\system32\jscript.dll [MD5: B9EA1C40F4B92320308F47217BD80260] [Flags: 00090010.8559]
[G] c:\windows\system32\csrss.exe [MD5: 60C2862B4BF0FD9F582EF344C2B1EC72] [Flags: 40190000.196]
[G] c:\windows\system32\drivers\mssmbios.sys [MD5: 0EED230E37515A0EAEE3C2E1BC97B288] [Flags: 40090000.10]
[G] c:\windows\syswow64\devobj.dll [MD5: 2EEFF4502F5E13B1BED4A04CCAD64C08] [Flags: 40080000.138]
[G] c:\windows\system32\drivers\arcsoftksufilter.sys [MD5: C130BC4A51B1382B2BE8E44579EC4C0A] [Flags: 40090000.319]
[G] c:\windows\system32\drivers\mup.sys [MD5: F9A18612FD3526FE473C1BDA678D61C8] [Flags: 40090000.278]
[G] c:\program files (x86)\java\jre6\bin\new_plugin\npjp2.dll [MD5: 1040BD9BF3DDAB7CDA2346F8375480A2] [Flags: 00080000.5591]
[G] c:\program files (x86)\google\update\googleupdate.exe [MD5: 626A24ED1228580B9518C01930936DF9] [Flags: 50581000.394]
[G] c:\windows\system32\drivers\intchdmi.sys [MD5: 88A20FA54C73DED4E8DAC764E9130AE9] [Flags: 40090000.304]
[G] c:\windows\system32\samlib.dll [MD5: 5B3EBFC3DA142324B388DDCC4465E1FF] [Flags: 40090000.269]
[G] c:\windows\system32\drivers\mbam.sys [MD5: 79DA94B35371B9E7104460C7693DCB2C] [Flags: 00090000.9305]
[G] c:\windows\system32\scext.dll [MD5: E914A50A151DFFE63D3935226DB5E2C1] [Flags: 00090000.6468]
[G] c:\windows\system32\drivers\termdd.sys [MD5: 561E7E1F06895D78DE991E01DD0FB6E5] [Flags: 40090000.799]
[G] c:\windows\system32\dwm.exe [MD5: F162D5F5E845B9DC352DD1BAD8CEF1BC] [Flags: 40190000.284]
[G] c:\program files (x86)\sony\smartwi connection utility\nativewifiwrap.dll [MD5: 72B946BCEA81C48B1CDC89527DF7F143] [Flags: 40080000.493]
[G] c:\windows\syswow64\xmllite.dll [MD5: EDF2A5E96BEC469DA3F64E9BDD386111] [Flags: 40080000.397]
[G] c:\windows\system32\dnsrslvr.dll [MD5: 16835866AAA693C7D7FCEBA8FFF706E4] [Flags: 40090000.450]
[G] c:\windows\system32\igfxdev.dll [MD5: 871A7DC6934A4F69E3696D135F39F49B] [Flags: 40090000.765]
[G] c:\windows\syswow64\cfgmgr32.dll [MD5: F436E847FA799ECD75AD8C313673F450] [Flags: 40080000.709]
[G] c:\windows\system32\drivers\hdaudbus.sys [MD5: 97BFED39B6B79EB12CDDBFEED51F56BB] [Flags: 40090000.874]
[G] c:\program files (x86)\common files\sony shared\vaio content folder watcher\sprcxc.dll [MD5: 1C57360A19F9587DC38A20CB355F97BB] [Flags: 40080000.784]
[G] c:\windows\syswow64\vbscript.dll [MD5: 34C07D9BED227103E32E21FBCC2F1FBD] [Flags: 40080000.639]
[G] c:\windows\system32\drivers\usbhub.sys [MD5: 287C6C9410B111B68B52CA298F7B8C24] [Flags: 40090000.817]
[G] c:\program files (x86)\google\chrome\application\chrome.exe [MD5: E5C93E2CF6C7B903799CF99F71286E1A] [Flags: 10581000.8039]
[G] c:\windows\system32\perftrack.dll [MD5: BF4AC709BE5BF64F331F5D67773A0C82] [Flags: 40090000.835]
[G] c:\windows\system32\p2psvc.dll [MD5: 927463ECB02179F88E4B9A17568C63C3] [Flags: 40090000.936]
[G] c:\program files\common files\motive\mccicmservice.exe [MD5: BE3D584D7C021EB7D89166EECB83C341] [Flags: 40190000.857]
[G] c:\program files (x86)\common files\microsoft shared\vgx\vgx.dll [MD5: 6163B14E9D9D96CB0E32858969D6EBC5] [Flags: 40080000.956]
[G] c:\windows\system32\drivers\usbport.sys [MD5: AE259C75F9A0B057B6BF9E9695632B09] [Flags: 40090000.838]
[G] c:\windows\explorer.exe [MD5: 332FEAB1435662FC6C672E25BEB37BE3] [Flags: 50190000.973]
[G] c:\windows\system32\tquery.dll [MD5: 589DF683A6C81424A6CECE52ABF98A50] [Flags: 40090000.837]
[G] c:\windows\system32\drivers\tcpip.sys [MD5: FC62769E7BFF2896035AEED399108162] [Flags: 40090000.1042]
[G] c:\windows\assembly\nativeimages_v2.0.50727_32\system\abab08afa60a6f06bdde0fcc9649c379\system.ni.dll [MD5: C1EF78195DEE2D5C6175B4BC1F4D69A0] [Flags: 40080000.1179]
[G] c:\windows\system32\drivers\igdkmd64.sys [MD5: 37A65E3D89F6BBF5719FF9585F99EB7D] [Flags: 40090000.1115]
[G] c:\windows\syswow64\pndx5016.dll [MD5: 33833B3EDA1B07EBD367FA9B38B23E60] [Flags: 40080000.53]
[G] c:\windows\syswow64\pndx5032.dll [MD5: B74E422BC81236042529DC8A42A18423] [Flags: 40080000.212]
[G] c:\windows\installer\$patchcache$\managed\00002119f20000000000000000f01fec\12.0.4518\mstagpol.dll [MD5: B99AE7A2293A8112DF87E6729515FD79] [Flags: 00081000.6616]
[G] c:\windows\system32\credwiz.exe [MD5: 405796C6EC050A82B930BD0B5ADC0267] [Flags: 00090000.8140]
[G] c:\windows\winsxs\backup\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3_csrss.exe_06529458 [MD5: 60C2862B4BF0FD9F582EF344C2B1EC72] [Flags: 40190000.196]
[G] c:\windows\system32\dfsshlex.dll [MD5: F7528DCF8C177867F7277223BE174C45] [Flags: 40090000.1480]
[G] c:\windows\system32\dvdupgrd.exe [MD5: 75A9B4172EAC01D9648C6D2133AF952F] [Flags: 00090000.8252]
[G] c:\windows\svchost.exe [MD5: 2CEFF13ACE25A40BD8D97654944297CD] [Flags: 10080000.8536]
[G] c:\windows\system32\drivers\atapi.sys [MD5: 02062C0B390B7729EDC9E69C680A6F3C] [Flags: 40090000.1539]
[G] c:\windows\system32\fltmc.exe [MD5: DD8DED1D5D82A38617846BA7A253FDE7] [Flags: 00090000.8165]
[G] c:\windows\winsxs\backup\amd64_microsoft-windows-fmifs_31bf3856ad364e35_6.1.7600.16385_none_b303632c4b483c6c_fmifs.dll_cfc1a67d [MD5: 491DA8248209835532DAABF18B0215DA] [Flags: 00090000.6877]
[G] c:\windows\system32\fmifs.dll [MD5: 491DA8248209835532DAABF18B0215DA] [Flags: 00090000.6877]
[G] c:\windows\system32\fverecover.dll [MD5: 0EF3FAC19D7E7FCD956457BB21C1BB60] [Flags: 00090000.8200]
[G] c:\windows\system32\fwcfg.dll [MD5: EFFA3C1731775272F074F3FF257020FC] [Flags: 00090000.8169]
[G] c:\windows\syswow64\atmlib.dll [MD5: C5ACDBF61DF211BDCC2B5021B1405BB0] [Flags: 40080000.1355]
[G] c:\windows\system32\drivers\bthenum.sys [MD5: CF98190A94F62E405C8CB255018B2315] [Flags: 40090000.1435]
[G] c:\windows\system32\iprtprio.dll [MD5: 2B19CB7DF98C4DB3900E77C97CAABEAF] [Flags: 00090000.8265]
[G] c:\windows\installer\$patchcache$\managed\00002119f20000000000000000f01fec\12.0.4518\refiebar.dll [MD5: 7FC19DA1DC70C78D2FBD7A1D10942051] [Flags: 00081000.6956]
[G] c:\windows\system32\ogldrv.dll [MD5: 6B17F86A100B9745848738D109C38689] [Flags: 00090000.8258]
[G] c:\windows\system32\panmap.dll [MD5: CB09ACDCFB024DBC28E2DECCED451CF0] [Flags: 40090000.1602]
[G] c:\windows\system32\pathping.exe [MD5: 329070FBD9C65BEA71954DC94031C026] [Flags: 00090000.8397]
[G] c:\windows\system32\perfts.dll [MD5: E1A20227B09B3A7BCC523294ED9BBA69] [Flags: 40090000.1623]
[G] c:\windows\system32\rasmontr.dll [MD5: 40E1F127557EFC86882581C55108D4AE] [Flags: 00090000.8342]
[G] c:\windows\system32\sampleres.dll [MD5: 234C6332DE002EE43A08C46B5B988EB2] [Flags: 00090000.8404]
[G] c:\windows\syswow64\ulib.dll [MD5: F93C84B307573327779AE0DA41115957] [Flags: 00080000.8555]
[G] c:\windows\installer\$patchcache$\managed\97230e76307ff8044bfb645bcfd807dc\9.7.621\f22194_wksssdb.dll [MD5: 8F84CACDF5C7AEA72BEB4A9EA6DC3B01] [Flags: 00081000.6931]
[G] c:\windows\system32\shellstyle.dll [MD5: AF474BE83A2B048218208038DAB65CB7] [Flags: 00090000.8331]
[G] c:\windows\installer\$patchcache$\managed\00002119f20000000000000000f01fec\12.0.4518\msmh.dll [MD5: F12B8ED7C37E5C0675DA512A4D50961A] [Flags: 00081000.7116]
[G] c:\windows\system32\drivers\usbprint.sys [MD5: 73188F58FB384E75C4063D29413CEE3D] [Flags: 40090000.1736]
[G] c:\windows\winsxs\backup\amd64_microsoft-windows-mlang.resources_31bf3856ad364e35_6.1.7600.16385_bg-bg_f3d7d28457fd7dfc_mlang.dll.mui_2904864a [MD5: E00EBFCF6499AEE7AA0ED46EF9D89422] [Flags: 00090000.7122]
[G] c:\windows\winsxs\backup\amd64_microsoft-windows-mup_31bf3856ad364e35_6.1.7600.16385_none_08e73ad57234cf5f_mup.sys_ea6a9c41 [MD5: F9A18612FD3526FE473C1BDA678D61C8] [Flags: 40090000.278]
[G] c:\windows\system32\drivers\rfcomm.sys [MD5: 3DD798846E2C28102B922C56E71B7932] [Flags: 40090000.1631]
[G] c:\windows\system32\drivers\cmdide.sys [MD5: E19D3F095812725D88F9001985B94EDD] [Flags: 40090000.1684]
[G] c:\windows\system32\drivers\mouhid.sys [MD5: D3BF052C40B0C4166D9FD86A4288C1E6] [Flags: 40090000.1829]
[G] c:\windows\system32\drivers\bthmodem.sys [MD5: 9DA669F11D1F894AB4EB69BF546A42E8] [Flags: 40090000.1892]
[G] c:\windows\winsxs\backup\amd64_microsoft-windows-comctl32-v5.resources_31bf3856ad364e35_6.1.7600.16385_lt-lt_34c4065f51729de0_comctl32.dll.mui_0da4e682 [MD5: 77931AA86B6A9282121962F5EF3D80BE] [Flags: 00090000.7096]
[G] c:\windows\winsxs\backup\amd64_microsoft-windows-comctl32-v5.resources_31bf3856ad364e35_6.1.7600.16385_ro-ro_0577819b021e44a4_comctl32.dll.mui_0da4e682 [MD5: 712D62AC33B2D6BC306827AF89E23BBD] [Flags: 00090000.7090]
[G] c:\windows\system32\drivers\intelide.sys [MD5: F00F20E70C6EC3AA366910083A0518AA] [Flags: 40090000.2026]
[G] c:\windows\winsxs\backup\amd64_microsoft-windows-comctl32-v5.resources_31bf3856ad364e35_6.1.7600.16385_zh-cn_1e451fe096b5e5df_comctl32.dll.mui_0da4e682 [MD5: 4B4302023AA2FD183DDC90D149F4F7E1] [Flags: 00090000.7143]
[G] c:\windows\winsxs\backup\amd64_microsoft-windows-comctl32-v5.resources_31bf3856ad364e35_6.1.7600.16385_zh-tw_22415d369426c24f_comctl32.dll.mui_0da4e682 [MD5: 46A136DFFFFD4FE092C2F0D8084F593F] [Flags: 00090000.7148]
[G] c:\windows\syswow64\cryptxml.dll [MD5: F1607316F19C813D7928788243637144] [Flags: 40080000.1872]
[G] c:\program files (x86)\real\realplayer\converter\plugins\cont3260.dll [MD5: 12C59F2246B482402697CF4FBC5C4D15] [Flags: 00080000.7363]
[G] c:\windows\syswow64\sc.exe [MD5: D2F7A0ADC2EE0F65AB1F19D2E00C16B8] [Flags: 00080000.9257]
[G] c:\windows\winsxs\backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_uicom.dll_d72e5b75 [MD5: 935F591BCAAAA6E25A56AF38634FA239] [Flags: 00080000.7285]
[G] c:\windows\system32\drivers\nvstor.sys [MD5: DAB0E87525C10052BF65F06152F37E4A] [Flags: 40090000.2492]
[G] c:\windows\system32\perfdisk.dll [MD5: 807EB11BD87CD9026906FB79015414CE] [Flags: 40090000.2474]
[G] c:\windows\system32\perfproc.dll [MD5: B466E673B5E219520A12B40F1289E455] [Flags: 40090000.2422]
[G] c:\windows\system32\drivers\crcdisk.sys [MD5: 1C827878A998C18847245FE1F34EE597] [Flags: 40090000.2606]
[G] c:\windows\system32\perfctrs.dll [MD5: 8056A3E51B569C3F437A5026A0ABE66D] [Flags: 40090000.2387]
[G] c:\windows\system32\drivers\hidbatt.sys [MD5: 78E86380454A7B10A5EB255DC44A355F] [Flags: 40090000.2497]
[G] c:\windows\syswow64\quicktimevr.qtx [MD5: 5AE5701F72C413BADA1153A7D8074E26] [Flags: 40080000.2409]
[G] c:\windows\system32\drivers\amdsbs.sys [MD5: F67F933E79241ED32FF46A4F29B5120B] [Flags: 40090000.2376]
[G] c:\windows\system32\drivers\msiscsi.sys [MD5: D931D7309DEB2317035B07C9F9E6B0BD] [Flags: 40090000.2477]
[G] c:\windows\system32\polstore.dll [MD5: 8DEC9C6DD13C4B3B62CD8D5A0FEF1650] [Flags: 40090000.788]
[G] c:\windows\system32\dfscli.dll [MD5: 1369DF1AA12A11876B41627099923EDB] [Flags: 00090000.8405]
[G] c:\windows\system32\drivers\aliide.sys [MD5: 5812713A477A3AD7363C7438CA2EE038] [Flags: 40090000.2437]
[G] c:\program files (x86)\common files\motive\mccicontrolhost.exe [MD5: 0F309B803A02B7A37404CC639749D52A] [Flags: 00081000.7361]
[G] c:\program files (x86)\veetle\uninstallveetletv.exe [MD5: B36C0D1617B7CC497C2E5489BE995490] [Flags: 40080000.2892]
[G] c:\program files (x86)\spotify\uninstall.exe [MD5: 1E1F21B00216CA4D85A5687FEE0FEA59] [Flags: 40080000.2859]
[G] c:\program files (x86)\sony\sony picture utility\pmbcore\spuvolumewatcher.exe [MD5: 8265CDE7DE5705FA64AA3F12FFCF9BBA] [Flags: 40081000.2680]
[G] c:\program files (x86)\sony\smartwi connection utility\nativewifisdk.dll [MD5: DF0EAA22D4A9AA01A6B90E8C860DC771] [Flags: 00080000.5941]
[G] c:\windows\system32\drivers\ataport.sys [MD5: A34FE1E025E88798E746F484956C0720] [Flags: 40090000.2793]
[G] c:\program files (x86)\common files\real\plugins\audplin.dll [MD5: 16DFCB54B0682D2D2C568FC4416B0AF6] [Flags: 00080000.7624]
[G] c:\program files (x86)\common files\sony shared\vaio content folder watcher\vcfwpluginvzcdb.dll [MD5: 97C7628849AA2BFAE6F86C55568D8391] [Flags: 00080000.7628]
[G] c:\program files (x86)\common files\sony shared\vaio content folder watcher\vzfwimport.dll [MD5: 5F75FD1816BC337CD2D5179D1CEFD3EC] [Flags: 00080000.7676]
[G] c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe [MD5: DE199F3AA9C541A349AF95A5C72A71AF] [Flags: 10081000.9298]
[G] c:\program files (x86)\common files\motive\mccieventx.dll [MD5: DFEBD7B76C049CAD0464EC7A5DC8A905] [Flags: 00080000.6277]
[G] c:\windows\system32\fntcache.dll [MD5: 5C4CB4086FB83115B153E47ADD961A0C] [Flags: 40090000.1240]
[G] c:\windows\syswow64\deployjava1.dll [MD5: 0A899DA43C0C82A96E695F3BA6A5FC0D] [Flags: 40081000.2853]
[G] c:\windows\installer\$patchcache$\managed\97230e76307ff8044bfb645bcfd807dc\9.7.621\f20987_wkwpqd.dll [MD5: 62F6A295F21F66790F23E059C0275DC3] [Flags: 00081000.7970]
[G] c:\program files (x86)\common files\real\plugins\vidplin.dll [MD5: F0B53A5F8C44C8FE57E8A402069057BE] [Flags: 00080000.7972]
[G] c:\windows\syswow64\dpl100.dll [MD5: 90C7F5E71EEFE13F762CFE7B42C7157A] [Flags: 40080000.1074]
[G] c:\windows\syswow64\instnm.exe [MD5: BD733ED5E9E8015EA1E48C6CB5E28F32] [Flags: 40080000.3003]
[G] c:\windows\syswow64\divx_xx16.dll [MD5: AD8E4393EAD5A8A71378BEEE95C59FDA] [Flags: 40080000.2915]
[G] c:\windows\syswow64\divx_xx0c.dll [MD5: 725C556795DFC534660E784F9324515C] [Flags: 40080000.2965]
[G] c:\program files (x86)\malwarebytes' anti-malware\mbam.exe [MD5: AE9DDBB804FDD3AC28B9A65FA1EE6212] [Flags: 10081000.9304]
[G] c:\programdata\malwarebytes\malwarebytes' anti-malware\cleanup.dll [MD5: 80D7997FC092CDB9DA217D8DC5386F48] [Flags: 00081000.9302]
[G] c:\windows\installer\$patchcache$\managed\00002119f20000000000000000f01fec\12.0.4518\dw20.exe_0001 [MD5: C6D0721E9156EB2A40A04BB38BE0B2A5] [Flags: 00081000.7887]
[G] c:\windows\installer\$patchcache$\managed\00002119f20000000000000000f01fec\12.0.4518\dwtrig20.exe [MD5: 29E177C7BB7343F365F12AD9A8AF4C48] [Flags: 00081000.7911]
[G] c:\program files (x86)\common files\microsoft shared\grphflt\epsimp32.flt [MD5: 398458EFCD92BE34484B0E91DC9A69B0] [Flags: 40081000.3048]
[G] c:\windows\syswow64\mfc42u.dll [MD5: 24CAEDCD73B5B0E22226283B7B2468C7] [Flags: 40080000.2914]
[G] c:\windows\system32\d2d1.dll [MD5: 1F04E809409A9B5FFD510B5FD89A1155] [Flags: 00090000.9255]
[G] c:\program files (x86)\common files\motive\ipworks6.dll [MD5: 7864ED6B9635693AC776EDFF3C33166C] [Flags: 00081000.7857]
[G] c:\windows\syswow64\explorer.exe [MD5: 8B88EBBB05A0E56B7DCC708498C02B3E] [Flags: 40080000.3187]
[G] c:\windows\system32\netfxperf.dll [MD5: 0F02C3FF97EAB0D8295854D6C4F82BEE] [Flags: 40090000.3281]
[G] c:\program files (x86)\malwarebytes' anti-malware\unins000.exe [MD5: D35094E97B0622D4758AD80CEC5458F6] [Flags: 00081000.9293]
[G] c:\windows\syswow64\esent.dll [MD5: 5C3F9DBA818CD93379D1A0F215270374] [Flags: 40080000.3222]
[G] c:\windows\installer\$patchcache$\managed\00002119f20000000000000000f01fec\12.0.4518\oartconv.dll [MD5: D2C80F0ADC44CD62B7330F7D6077E308] [Flags: 00081000.7939]
[G] \\.\globalroot\systemroot\svchost.exe [MD5: 2CEFF13ACE25A40BD8D97654944297CD] [Flags: 10080000.8536]
[G] c:\windows\syswow64\igdumdx32.dll [MD5: 1326E921FD442E8FF611BC9B70E21EE8] [Flags: 40080000.600]
[G] c:\windows\syswow64\d3dim700.dll [MD5: 523214677C1D31D7991632C6D11E6B42] [Flags: 40080000.899]
[G] c:\windows\syswow64\drivers\wimmount.sys [MD5: 5CF95B35E59E2A38023836FFF31BE64C] [Flags: 40081000.3325]
[G] c:\windows\syswow64\igdumd32.dll [MD5: 780B8E00B78DE986C145B3E6DA62FB65] [Flags: 40080000.1018]
[G] c:\windows\sysnative\drivers\1394bus.sys [MD5: 64EDD3F59DB321947969FDF1DD747323] [Flags: 40090000.2857]
[G] c:\windows\sysnative\drivers\1394ohci.sys [MD5: A87D604AEA360176311474C87A63BB88] [Flags: 40090000.892]
[G] c:\windows\sysnative\drivers\acpi.sys [MD5: D81D9E70B8A6DD14D42D7B4EFA65D5F2] [Flags: 40090000.749]
[G] c:\windows\sysnative\drivers\acpipmi.sys [MD5: 99F8E788246D495CE3794D7E7821D2CA] [Flags: 40090000.2399]
[G] c:\windows\sysnative\drivers\adp94xx.sys [MD5: 2F6B34B83843F0C5118B63AC634F5BF4] [Flags: 40090000.2813]
[G] c:\windows\sysnative\drivers\adpahci.sys [MD5: 597F78224EE9224EA1A13D6350CED962] [Flags: 40090000.2849]
[G] c:\windows\sysnative\drivers\adpu320.sys [MD5: E109549C90F62FB570B9540C4B148E54] [Flags: 40090000.2377]
[G] c:\windows\sysnative\drivers\afd.sys [MD5: D5B031C308A409A0A576BFF4CF083D30] [Flags: 40090000.1229]
[G] c:\windows\sysnative\drivers\agilevpn.sys [MD5: 7ECFF9B22276B73F43A99A15A6094E90] [Flags: 40090000.3396]
[[MD5: 156537B623F9D9569658F96E53F35513] [Flags: 00080000.9462]
[G] c:\windows\syswow64\certcli.dll [MD5: 61B1ED5F429EFAC7E2036769870AB93E] [Flags: 00080000.9472]
[G] c:\windows\microsoft.net\framework64\v3.0\windows communication foundation\smsvchost.exe [MD5: 3E5A36127E201DDF663176B66828FAFE] [Flags: 00081000.9508]
[G] c:\windows\syswow64\dot3cfg.dll [MD5: B06B2FEC249F48C4E7F628B689859AC7] [Flags: 00080000.9469]
[G] c:\windows\syswow64\wcspluginservice.dll [MD5: 5D930B6357A6D2AF4D7653BDABBF352F] [Flags: 00080000.9509]
[G] c:\windows\syswow64\perfhost.exe [MD5: E495E408C93141E8FC72DC0C6046DDFA] [Flags: 00080000.6449]
[G] c:\programdata\divx\dsdesktopcomponents\uninstaller.exe [MD5: EB96F7B2F46679AC0E9CF921C9002340] [Flags: 00080000.9510]
[G] c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe [MD5: D88040F816FDA31C3B466F0FA0918F29] [Flags: 00081000.9511]
[G] c:\program files (x86)\common files\microsoft shared\msinfo\oinfos12.dll [MD5: CD4EF5837EA80A902C5BBB357A666770] [Flags: 00081000.9512]
[G] c:\windows\system32\vbscript.dll [MD5: A502F97FF60669C2715496D9E0FD258A] [Flags: 40090000.2735]
[G] c:\program files (x86)\internet explorer\plugins\npqtplugin4.dll [MD5: FE3278C12FCC7D2F708C25181F3AEF95] [Flags: 00080000.5596]
[G] c:\program files (x86)\internet explorer\jsdebuggeride.dll [MD5: 865FF114B28B2591E62317C421230AE0] [Flags: 00080000.9513]
[G] c:\windows\system32\ndproxystub.dll [MD5: D9814FB0FBD7AED41D2C6097371D2FA7] [Flags: 40090000.1636]
[G] c:\program files (x86)\windows media player\wmpconfig.exe [MD5: B3D2770AAFB694A4C2EF911BF36C40DB] [Flags: 00080000.9514]
[G] c:\program files (x86)\internet explorer\jsprofilercore.dll [MD5: 0423CD4C5FF85EEC8184F1EC57328AC4] [Flags: 00080000.9515]
[G] c:\windows\system32\hpotiop1.dll [MD5: 189CE0C268ACEB8A7EEA3D364B984D65] [Flags: 40090000.2994]
[G] c:\program files (x86)\internet explorer\plugins\npqtplugin.dll [MD5: E70D106AE988BB3720F9A1A08D42C234] [Flags: 00080000.5593]
[G] c:\programdata\divx\update\uninstaller.exe [MD5: 080453E1F801C7FAC29EF118BBA70C82] [Flags: 00080000.9516]
[G] c:\program files (x86)\real\realplayer\converter\plugins\hxsdp.dll [MD5: DABD56584CE97B0885778F1B0FD393D8] [Flags: 00080000.6866]
[G] c:\windows\syswow64\divx_xx11.dll [MD5: E1F94DFDC350BB8CE14655F5DB567149] [Flags: 40080000.2998]
[G] c:\program files\windows media player\setup_wm.exe [MD5: 6FC498EF39E925C25EAC3B6F8F45207F] [Flags: 00090000.9517]
[G] c:\program files (x86)\internet explorer\plugins\npqtplugin2.dll [MD5: 81D641B7A9C19A2901CFF888F52A30E7] [Flags: 00080000.5594]
[G] c:\windows\system32\spfileq.dll [MD5: 198803E5E93E29967DFB0BCFD0186151] [Flags: 00090000.9310]
[G] c:\programdata\divx\aspencoder\uninstaller.exe [MD5: D07122A2924B8602EB9F8EF98EA2A988] [Flags: 00080000.9518]
[G] c:\program files (x86)\apple software update\softwareupdatefiles.resources\ko.lproj\softwareupdatefileslocalized.dll [MD5: 0FCD90346EE10F8E5BCC7066D2DD563B] [Flags: 00080000.3688]
[G] c:\program files (x86)\common files\microsoft shared\office12\odserv.exe [MD5: 1F0E05DFF4F5A833168E49BE1256F002] [Flags: 00081000.5233]
[G] c:\program files (x86)\quicktime\qtsystem\quicktimeauthoring.resources\sv.lproj\quicktimeauthoringlocalized.dll [MD5: A53B7DC74663DBCA8BE47F5EC661B03A] [Flags: 00081000.3713]
[G] c:\program files (x86)\common files\microsoft shared\msinfo\oinfop12.exe [MD5: 371E896D818784934BD1456296B99CBE] [Flags: 00081000.9519]
[G] c:\program files (x86)\quicktime\qtsystem\quicktimestreaming.resources\zh_cn.lproj\quicktimestreaminglocalized.dll [MD5: BBD4D1DA70D7B1E115BC0A64DBED73FC] [Flags: 00081000.3703]
[G] c:\windows\syswow64\wshelper.dll [MD5: 5B90BB3171504C9DAF3C5CB44B203CA7] [Flags: 00080000.7319]
[G] c:\windows\servicing\cbsmsg.dll [MD5: DA962E6301C2B887F545DA88BEB8D5D5] [Flags: 40090000.149]
[G] c:\program files (x86)\microsoft silverlight\4.0.60831.0\lv\system.resources.dll [MD5: 12F95CDE6ADE4445B86392FA3457F641] [Flags: 00080000.3712]
[G] c:\windows\system32\psisrndr.ax [MD5: 78394F2B354BDC28C5C61837872DD132] [Flags: 40090000.2764]
[G] c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe [MD5: 98886C88A1CB13D61672AE2C638B7E1C] [Flags: 00081000.9520]
[G] c:\program files (x86)\internet explorer\plugins\npqtplugin7.dll [MD5: 3DA9AF0BA61AB917D636B3CCA205006C] [Flags: 00080000.5599]
[G] c:\programdata\divx\divxdecodershortcut\uninstaller.exe [MD5: A0C7FBAB355C89A5D11835952AE89E38] [Flags: 00080000.9521]
[G] c:\program files\windows media player\wmpsideshowgadget.exe [MD5: 55A5E5AE40755556942C30548550E4C3] [Flags: 00090000.9522]
[G] c:\windows\syswow64\nslookup.exe [MD5: 5E3830EE3282A53920E00784FEC44CFD] [Flags: 00080000.9523]
[G] c:\windows\syswow64\rpcnsh.dll [MD5: 17F6993D2DD8B1196DB25FDC2ECB87E2] [Flags: 00080000.9468]
[G] c:\windows\syswow64\oleacchooks.dll [MD5: 7BD82EC8C664C636DCAFC7F0EE11CE3B] [Flags: 40080000.1171]
[G] c:\programdata\divx\qt4.5\uninstaller.exe [MD5: C772AE02CF2C2FCFFA9FC038D7218FAD] [Flags: 00080000.9524]
[G] c:\windows\system32\ndishc.dll [MD5: 8FCE9DF4C9679C1E4225CEC7767BE7DF] [Flags: 40090000.1174]
[G] c:\program files\internet explorer\pdm.dll [MD5: F05BDE2C833413687035677CE58FD897] [Flags: 00090000.9525]
[G] c:\program files (x86)\real\realplayer\converter\plugins\hxmedplyeng.dll [MD5: 5057F9C4FE0817EC26CA6F3395CEEAFE] [Flags: 00080000.7920]
[G] c:\program files (x86)\microsoft silverlight\4.0.60831.0\ar\mscorlib.resources.dll [MD5: 82EDB194F572B2497A231EDA11AA5C21] [Flags: 00080000.3661]
[G] c:\programdata\geek squad\customizer\gsrestartsvc.exe [MD5: 7DD5554728A36E70341D5E886F59746F] [Flags: 00090000.9526]
[G] c:\windows\syswow64\mprdim.dll [MD5: 7B5E1419717FAC363A31CC302895217A] [Flags: 40080000.2255]
[G] c:\program files\common files\system\directdb.dll [MD5: 7043AB955770A79916E0BE2E298C21DA] [Flags: 00090000.9527]
[G] c:\program files\common files\system\ado\msadomd.dll [MD5: 5707D6E62A89FB169BEFB0E6874D867B] [Flags: 00090000.9528]
[G] c:\program files (x86)\microsoft works\msadapi.dll [MD5: 36CBD2E2C0A075A52F9D319820623B01] [Flags: 00081000.3916]
[G] c:\program files (x86)\internet explorer\plugins\npqtplugin3.dll [MD5: 2A2F642E663ECB9EE97FF896F084F402] [Flags: 00080000.5595]
[G] c:\windows\system32\psisdecd.dll [MD5: 050AF06F8B0463417E4AED9DA5816A65] [Flags: 40090000.2782]
[G] c:\windows\system32\wwaninst.dll [MD5: 5A406C9C8E0880D3EABADC5DFD1ACDAE] [Flags: 00090000.9309]
[G] c:\windows\system32\mprmsg.dll [MD5: 1CF21800E337F4039AAD4C94B4280EE4] [Flags: 00090000.3468]
[G] c:\windows\winsxs\backup\amd64_microsoft-windows-mprmsg_31bf3856ad364e35_6.1.7600.16385_none_6f82e5f16d1409ef_mprmsg.dll_6fff912a [MD5: 1CF21800E337F4039AAD4C94B4280EE4] [Flags: 00090000.3468]
[G] c:\program files\internet explorer\ielowutil.exe [MD5: E5CAFD3D9E70F6B38701445E39F9C329] [Flags: 00090000.9529]
[G] c:\program files\windows media player\wmpenc.exe [MD5: 5A4BFDF154358EE76321E09E9AE161B1] [Flags: 00090000.9530]
[G] c:\windows\syswow64\wbem\wbemdisp.dll [MD5: 244C6722289F4869068992FD7D8A8832] [Flags: 00080000.9461]
[G] c:\program files\windows media player\wmpdmccore.dll [MD5: 73FC60FC4C3A09509FFEA745FC4EA696] [Flags: 00090000.9531]
[G] c:\windows\syswow64\asycfilt.dll [MD5: 088CF5B6380FB9002F2A4246F812225D] [Flags: 00080000.9307]
[G] c:\windows\syswow64\divx_xx0a.dll [MD5: 0DADCB1C15AB04A655F7B386FE625B35] [Flags: 40080000.3062]
[G] c:\windows\syswow64\psisdecd.dll [MD5: 00ADF21DE55AA97297FAC65E4F3A0256] [Flags: 40080000.3063]
[G] c:\windows\winsxs\backup\amd64_microsoft-windows-comctl32-v5.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_61418855a28d13d4_comctl32.dll.mui_0da4e682 [MD5: 329A3178B7F9143E975504C23DE0F506] [Flags: 00090000.7104]
[G] c:\windows\syswow64\eappprxy.dll [MD5: 666E57B6B51824D1D235F80A3DD70A13] [Flags: 00080000.9471]
[G] c:\program files\common files\motive\mccieventx.dll [MD5: 8A5F65542870050DB2F5BED0F0E972B4] [Flags: 40090000.3068]
[G] c:\windows\syswow64\eappcfg.dll [MD5: 5A5FEDDF02588B8F9FE4A95E5E7EAE97] [Flags: 00080000.9470]
[G] c:\program files (x86)\common files\sony shared\sohlib\sohdbsvr.exe [MD5: 442A13F395546F4564C377296D43B564] [Flags: 00081000.9532]
[G] c:\windows\syswow64\whhelper.dll [MD5: DAECDFA364992F1D26705887E1A3C93F] [Flags: 00080000.9467]
[G] c:\programdata\divx\mfcomponents\uninstaller.exe [MD5: 5D82D00D95733C8582EB68E0FE6EFB05] [Flags: 00080000.9533]
[G] c:\windows\syswow64\admparse.dll [MD5: AC1A21C0E2360E384DD2E6E4344B3210] [Flags: 00080000.9534]
[G] c:\windows\syswow64\aaclient.dll [MD5: CF15E7B164E5824E731665E83CFCF536] [Flags: 00080000.9535]
[G] c:\program files (x86)\microsoft silverlight\4.0.60831.0\lt\microsoft.visualbasic.resources.dll [MD5: F86535849527699DEFBB35DBDA396DB2] [Flags: 00080000.3755]
[G] c:\windows\syswow64\wlanhlp.dll [MD5: 8063046AA70B97CA9985672B8848FB2E] [Flags: 00080000.9474]
[G] c:\windows\system32\hpowiav1.dll [MD5: 678C769DA5F2F0F515D0F22D4FC4787D] [Flags: 40090000.3083]
[G] c:\windows\syswow64\webclnt.dll [MD5: A9D880F97530D5B8FEE278923349929D] [Flags: 00080000.9536]
[G] c:\programdata\divx\desktopservice\uninstaller.exe [MD5: DEB92EE3EF05957B235AC6ED0640441F] [Flags: 00080000.9537]
[G] c:\programdata\divx\ovshelper\uninstaller.exe [MD5: 3D27BB31CFD64DBD2B73E6556EF655B0] [Flags: 00080000.9538]
[G] c:\windows\assembly\nativeimages_v2.0.50727_32\system.configuration\2d5bcbeb9475ef62189f605bcca1cec6\system.configuration.ni.dll [MD5: 3E80E0995B343504ACDC380A6E485193] [Flags: 40080000.710]
[G] c:\windows\syswow64\es.dll [MD5: F6916EFC29D9953D5D0DF06882AE8E16] [Flags: 00080000.6356]
[G] c:\windows\syswow64\eapqec.dll [MD5: 9FA14FFC9150B48C5D582DCF6A79D6F2] [Flags: 00080000.9539]
[G] c:\windows\system32\xmlfilter.dll [MD5: 86C6E8597094BD9F2CF0E5F841641F4E] [Flags: 40090000.1743]
[G] c:\windows\system32\mpg2splt.ax [MD5: 1E452D8F44D82BFC256E02D0D6FD9608] [Flags: 40090000.2833]
[G] c:\windows\system32\fveui.dll [MD5: 506A83A3BEEE9FCA09F0170DE9FC7D1B] [Flags: 40090000.1749]
[G] c:\windows\syswow64\amstream.dll [MD5: 382BDDDE3438F9A65935ABC6B3F76D1B] [Flags: 00080000.9540]
[G] c:\program files (x86)\common files\microsoft shared\msinfo\oinfo12.ocx [MD5: D081D5532D4DE8432B584D9E74B6E70B] [Flags: 00081000.9541]
[G] c:\program files\common files\system\wab32.dll [MD5: 5706954D1E7EBB0C254FF6DDCD5D7B4E] [Flags: 00090000.9542]
[G] c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\atl80.dll [MD5: D5E459BED3DB9CF7FC6CC1455F177D2D] [Flags: 00080000.3708]
[G] c:\program files\divx\divx plus media foundation components\acmwrapperdmo.dll [MD5: 0BD67C5D052BFAC6E49560EB1974F472] [Flags: 40090000.1751]
[G] c:\program files\divx\divx plus media foundation components\divxmfsource.dll [MD5: BE22E896C85E2A728120A226C7BFDE1A] [Flags: 40090000.1237]
[G] c:\program files\windows media player\wmpmediasharing.dll [MD5: 139677BB4CA72DBB99FDF80E74FA0B95] [Flags: 00090000.9543]
[G] c:\windows\syswow64\amxread.dll [MD5: AB4EC6D80DE12BED0630D672E7719447] [Flags: 00080000.9544]
[G] c:\programdata\divx\dsaacdecoder\uninstaller.exe [MD5: 7F042ECF32FDF9C29297562C77656F45] [Flags: 00080000.9545]
[G] c:\program files\common files\motive\mccilogx.dll [MD5: DCFE98D0EDFD0B115FBFBA2B1A4D9862] [Flags: 40090000.2845]
[G] c:\program files (x86)\malwarebytes' anti-malware\vbalsgrid6.ocx [MD5: BAA4DE42156350754976DD563D02CDE4] [Flags: 00081000.9297]
[G] c:\program files (x86)\internet explorer\msdbg2.dll [MD5: 3D811BF538D6F359735D757C94F484B6] [Flags: 00081000.9546]
[G] c:\program files (x86)\internet explorer\jsdbgui.dll [MD5: E2C6DCAEFC0484169F1979287960AC83] [Flags: 00080000.9547]
[G] c:\program files (x86)\microsoft silverlight\sllauncher.exe [MD5: 7EBDD4D4E09ABD4B4EC2FB37B37E6578] [Flags: 00081000.3644]
[G] c:\program files\common files\motive\mccismx.dll [MD5: B2FD5F3049931899BE2757A3735191A5] [Flags: 40090000.2852]
[G] c:\program files (x86)\internet explorer\pdm.dll [MD5: 3CA2DFD1EE857CDE7DCCF4235F52D142] [Flags: 00081000.9548]
[G] c:\windows\syswow64\ifmon.dll [MD5: 019C500DBD380CBAFE5417DE8CD267F2] [Flags: 00080000.9464]
[G] c:\program files (x86)\microsoft silverlight\4.0.60831.0\nl\system.resources.dll [MD5: 3FCF55975152184E8CA3723BCD123506] [Flags: 00080000.3667]
[G] c:\program files (x86)\internet explorer\ieinstal.exe [MD5: 977FDB8B4E2F0694EEC664DAA6F0AFD3] [Flags: 08080000.9549]
[G] c:\windows\syswow64\wbem\wmic.exe [MD5: A03CF3838775E0801A0894C8BACD2E56] [Flags: 00080000.9476]
[G] c:\program files (x86)\quicktime\qtplugin.ocx [MD5: AD99EC8908185A02307CF071EF7BD9CF] [Flags: 00081000.3469]
[G] c:\program files\windows media player\wmpconfig.exe [MD5: 8AD91A4C6CECD1F5A4F858C4DE91DCAC] [Flags: 00090000.9550]
[G] c:\windows\servicing\cbsapi.dll [MD5: D485D1BE97777617B186FC8095F58421] [Flags: 40090000.234]
[G] c:\program files (x86)\windows media player\wmpshare.exe [MD5: 0566DB6153DC8F7BDBEF9552A6852139] [Flags: 00080000.9551]
[G] c:\windows\system32\inetcomm.dll [MD5: 142E90CF1A4C5B6E7505810E38B07B9F] [Flags: 40090000.3127]
[G] c:\programdata\divx\dsaspdecoder\uninstaller.exe [MD5: 2C4C5D8B348C9A9E9DA2F14D7A59582A] [Flags: 00080000.9552]
[G] c:\windows\syswow64\framedynos.dll [MD5: D0481FB85BEEDD30A0884BE327880F80] [Flags: 00080000.9477]
[G] c:\program files\windows media player\wmprph.exe [MD5: B540D64EFE0E63286A4C0BBA9A4C7A21] [Flags: 00090000.9553]
[G] c:\program files (x86)\microsoft silverlight\4.0.60831.0\system.runtime.serialization.dll [MD5: E51D6C5C403477FFE2C36412049E970E] [Flags: 00080000.3754]
[G] c:\programdata\divx\divxplusshortcuts\uninstaller.exe [MD5: F4F8120B2B1646F6B690D96498086744] [Flags: 00080000.9554]
[G] c:\program files (x86)\internet explorer\jsprofilerui.dll [MD5: 75953EE3E820B01786B15D04201586A1] [Flags: 00080000.9555]
[G] c:\program files\sony\vcm intelligent network service manager\vcminsmgr.exe [MD5: 9D9B34B430B4DC683112F59C80D20AB8] [Flags: 00081000.5666]
[G] c:\program files (x86)\quicktime\qtsystem\quicktimewebhelper.resources\quicktimewebhelper.dll [MD5: 6A5C0673F6BC8B26E1D882FA441215A1] [Flags: 00080000.3710]
[G] c:\program files (x86)\internet explorer\hmmapi.dll [MD5: FDF81746521EE74F9383F84D449EAA22] [Flags: 00080000.9556]
[G] c:\programdata\divx\symantec\scc.dll [MD5: F04A7BADEA1118A2D43D59C667954962] [Flags: 08081000.9557]
[G] c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe [MD5: 556681BE668D71DC162391A45422B52C] [Flags: 00081000.9558]
[G] c:\program files (x86)\microsoft works\wkwpqd.dll [MD5: 1E4B2E8ACDCBB0A151E96EA5B3FD5F33] [Flags: 00081000.3665]
[G] c:\program files (x86)\internet explorer\iedvtool.dll [MD5: B123D0BA4A6E8B67C282634CD58ADDC3] [Flags: 00080000.6510]
[G] c:\windows\syswow64\dhcpcmonitor.dll [MD5: 394ADE82B91F6458C060C522D7C3520C] [Flags: 00080000.9463]
[G] c:\program files (x86)\internet explorer\plugins\nppdf32.dll [MD5: A055971A27B8B767F5F0858B8F299282] [Flags: 00081000.3757]
[G] c:\program files\windows media player\mpvis.dll [MD5: B4A9CE21915C96A1BAA89FA884EA1C6C] [Flags: 00090000.9559]
[G] c:\program files\windows media player\wmplayer.exe [MD5: 322A96BFB36CEAA506F74D5F98CDA723] [Flags: 00090000.9560]
[G] c:\program files (x86)\common files\microsoft shared\web folders\msosv.dll [MD5: 49B4739F6A9A186E88BB39D1449C24B9] [Flags: 00081000.5255]
[G] c:\windows\syswow64\dsrole.dll [MD5: 2F040CF0613A6D64DCBBA9EE81F5A5AE] [Flags: 00080000.9561]
[G] c:\program files\internet explorer\sqmapi.dll [MD5: FC211BFD7A6AE37902F6D86ED3235159] [Flags: 00090000.9562]
[G] c:\windows\system32\mmci.dll [MD5: 7FDF18E7A5E552A52A3DE24EA62BF23B] [Flags: 00090000.8458]
[G] c:\windows\sysnative\wrusr.dll [MD5: 8CB637F4D9D9E295BC52B8B62812EAE2] [Flags: 00090000.9430]
[G] c:\windows\syswow64\tdh.dll [MD5: 8D47D01378347889A662D54037A988CC] [Flags: 00080000.7986]
[G] c:\windows\system32\wbem\\wmipjobj.dll [MD5: A56A458AC46A6931CBECA62ED843EC2E] [Flags: 40090000.1860]
[G] c:\windows\system32\cca.dll [MD5: BC4A4569F5E50EE9993E9DD9784C2FE3] [Flags: 40090000.3211]
[G] c:\windows\microsoft.net\framework64\v3.0\windows communication foundation\infocard.exe [MD5: 5988FC40F8DB5B0739CD1E3A5D0D78BD] [Flags: 00090000.9563]
[G] c:\windows\syswow64\wusa.exe [MD5: 8CBD6FDACDCC0ED48BAF607226D6D0C9] [Flags: 00080000.7989]
[G] c:\windows\sysnative\drivers\wrkrn.sys [MD5: B2BB4F5DEF32528D20DCF4AE4EBC6113] [Flags: 00090000.9434]
[G] c:\windows\syswow64\qdv.dll [MD5: 92DF43A9CDD39C67F2B2D2F98799E086] [Flags: 00080000.9258]
[G] c:\windows\syswow64\qdvd.dll [MD5: 68783E77D401E6392EA6579EBCEF16C8] [Flags: 00080000.8827]
[G] c:\windows\system32\wsdprintproxy.dll [MD5: 014D63C0B5E18CE5D4790E083BD4E2FD] [Flags: 40090000.1632]
[G] c:\windows\system32\at.exe [MD5: ED4CD10A13080E51F550F560F7FE50F1] [Flags: 00090000.9260]
[G] c:\windows\system32\mshtmled.dll [MD5: 9FC690681B627E522725F6F64ADE1503] [Flags: 40090010.3432]
[G] c:\windows\system32\packager.dll [MD5: BACE7F36D65968FD07757B239B01F4E2] [Flags: 00090000.8580]
[G] c:\windows\sysnative\ntdll.dll [MD5: CF95B85FF8D128385ABD411C8CA74DED] [Flags: 00090000.8584]
[G] c:\windows\system32\chcp.com [MD5: 0C8C209151A45A4D7774E89C2F4079AA] [Flags: 00090000.9262]
[G] c:\windows\syswow64\tapisrv.dll [MD5: 613BF4820361543956909043A265C6AC] [Flags: 00080000.9564]
[G] c:\windows\system32\quartz.dll [MD5: 44A8B9185030EA57F7999383643ADFFB] [Flags: 00090000.8834]
[G] c:\program files (x86)\common files\microsoft shared\msinfo\msinfo32.exe [MD5: 5F2122888583347C9B81724CF169EFC6] [Flags: 40080000.3319]
[G] c:\windows\system32\qdvd.dll [MD5: E44AFEA3C13A96FC79ABA67E5F0DC3AD] [Flags: 00090000.8836]
[G] c:\windows\system32\dot3hc.dll [MD5: CC100D183BBEFF4491155E3A88DD586D] [Flags: 40090000.1225]
[G] c:\program files\windows media player\wmlaunch.exe [MD5: 1E7509C70109EF997489C8E368B67223] [Flags: 00090000.9565]
[G] c:\windows\syswow64\qagent.dll [MD5: 02530B0B7E048DD5AC8D52DAEACAEB2B] [Flags: 00080000.9475]
[G] c:\windows\system32\sendmail.dll [MD5: 6441D2FFB14B613C1D44D709BC7F8FFA] [Flags: 40090000.1287]

The following files are referenced in the system but could not be found:
[?] %programfiles%\apoint\apoint.exe

Previous Scan Results

CLEAN - [Mon 2012-01-16 09:19:07] 25886 files scanned, 0 infections found in 1m 2s
CLEAN - [Sun 2012-01-15 08:14:00] 35980 files scanned, 0 infections found in 1m 11s
CLEAN - [Sat 2012-01-14 16:30:00] 1 files scanned, 0 infections found in 1s
CLEAN - [Sat 2012-01-14 16:30:00] 1 files scanned, 0 infections found in 1s
CLEAN - [Sat 2012-01-14 15:39:52] 24499 files scanned, 0 infections found in 32s
CLEAN - [Sat 2012-01-14 15:33:20] 32886 files scanned, 0 infections found in 4m 9s
CLEAN - [Sat 2012-01-14 11:05:08] 28917 files scanned, 0 infections found in 1m 7s
CLEAN - [Fri 2012-01-13 10:05:02] 22068 files scanned, 0 infections found in 59s
CLEAN - [Thu 2012-01-12 09:04:55] 33641 files scanned, 0 infections found in 1m 36s

Current Session System Statistics

[11:16 PM] - CPU: 24%, Physical Memory: 16%, Virtual Memory: 5%, Page File: 8%, Processes: 19
[11:31 PM] - CPU: 11%, Physical Memory: 37%, Virtual Memory: 5%, Page File: 23%, Processes: 76
[11:46 PM] - CPU: 14%, Physical Memory: 41%, Virtual Memory: 5%, Page File: 26%, Processes: 79
[12:01 AM] - CPU: 8%, Physical Memory: 36%, Virtual Memory: 5%, Page File: 23%, Processes: 79
[12:16 AM] - CPU: 8%, Physical Memory: 46%, Virtual Memory: 5%, Page File: 29%, Processes: 78
[12:31 AM] - CPU: 4%, Physical Memory: 43%, Virtual Memory: 5%, Page File: 27%, Processes: 79


Processes: 77, Modules: 1852 (Depth: 16, Type: 551, Analyzed: 186625, Threads: 88, Center: 295 - 491)
--- End of Scan Log ---

Sat 2011-12-17 08:24:47.0402 Begin Installation
Sat 2011-12-17 08:24:47.0645 Installation successfully completed (WSAINSTALL.EXE/0)
Sat 2011-12-17 08:24:47.0784 >>> Service started [v8.0.1.44]
Sat 2011-12-17 08:24:48.0387 User process connected successfully from PID 2524, Session 1
Sat 2011-12-17 08:24:48.0785 Protection enabled
Sat 2011-12-17 08:24:48.0962 Connecting to 3 - 3
Sat 2011-12-17 08:24:49.0393 SLevel updated to CA041H92BB000000NB000000OV000000RH000000SC000000MM000000
Sat 2011-12-17 08:25:32.0490 Scan Started: [ID: 1 - Flags: 551/16]
Sat 2011-12-17 08:26:24.0092 Connected to C1
Sat 2011-12-17 08:26:24.0100 SLevel updated to CA041H92BB000002NB0000C8OV0000C8RH0000C8SC000064MM0000C8
Sat 2011-12-17 08:26:27.0473 SLevel updated to CA041H92BB000002NB000181OV000190RH000190SC0000C8MM000190
Sat 2011-12-17 08:26:31.0497 SLevel updated to CA041H92BB000002NB000181OV000258RH000258SC00012CMM000258
Sat 2011-12-17 08:26:36.0023 SLevel updated to CA041H92BB000002NB000181OV000320RH000320SC000190MM000320
Sat 2011-12-17 08:26:41.0342 SLevel updated to CA041H92BB000002NB000181OV0003E8RH0003E8SC0001F4MM0003E8
Sat 2011-12-17 08:26:42.0315 SLevel updated to CA041H92BB000002NB000181OV0004B0RH0004B0SC000258MM0004B0
Sat 2011-12-17 08:26:48.0493 SLevel updated to CA041H92BB000002NB000181OV000578RH0004EDSC000287MM000578
Sat 2011-12-17 08:26:52.0690 SLevel updated to CA041H92BB000002NB000181OV000640RH0004EDSC000287MM000640
Sat 2011-12-17 08:26:57.0234 SLevel updated to CA041H92BB000002NB000181OV000708RH0004EDSC000287MM000708
Sat 2011-12-17 08:27:01.0463 SLevel updated to CA041H92BB000002NB000181OV0007D0RH0004EDSC000287MM0007D0
Sat 2011-12-17 08:27:08.0880 SLevel updated to CA041H92BB000002NB000181OV000898RH0004EDSC000287MM000898
Sat 2011-12-17 08:27:13.0724 SLevel updated to CA041H92BB000002NB000181OV000960RH0004EDSC000287MM000960
Sat 2011-12-17 08:27:27.0004 SLevel updated to CA041H92BB000002NB000181OV000A28RH0004EDSC000287MM000A28
Sat 2011-12-17 08:27:27.0378 SLevel updated to CA041H92BB000002NB000181OV000AF0RH0004EDSC000287MM000AF0
Sat 2011-12-17 08:27:28.0160 SLevel updated to CA041H92BB000002NB000181OV000BB8RH0004EDSC000287MM000BB8
Sat 2011-12-17 08:27:28.0355 Scan Results: Files Scanned: 22572, Duration: 1m 55s, Malicious Files: 0
Sat 2011-12-17 08:27:29.0519 SLevel updated to CA041H92BB000002NB000181OV000C80RH0004EDSC000287MM000C80
Sat 2011-12-17 08:27:30.0249 Scan Finished: [ID: 1 - Seq: 22512372]
Sat 2011-12-17 08:28:12.0903 SLevel updated to CA041H92BB000002NB000181OV000D48RH0004EDSC000287MM000CEA
Sat 2011-12-17 08:32:24.0191 SLevel updated to CA041H92BB000002NB000181OV000E10RH0004EDSC000287MM000CEA
Sat 2011-12-17 08:32:24.0544 SLevel updated to CA041H92BB000002NB000181OV000ED8RH0004EDSC000287MM000CEA
Sat 2011-12-17 08:41:57.0768 SLevel updated to CA041H92BB000002NB000181OV000FA0RH0004EDSC000287MM000CEA
Sat 2011-12-17 08:42:01.0397 SLevel updated to CA041H92BB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Sat 2011-12-17 09:09:57.0258 Scan Started: [ID: 2 - Flags: 1575/0]
Sat 2011-12-17 09:10:20.0367 Scan Results: Files Scanned: 16001, Duration: 23s, Malicious Files: 0
Sat 2011-12-17 09:10:20.0386 Scan Finished: [ID: 2 - Seq: 22515009]
Sun 2011-12-18 10:29:49.0618 SLevel updated to CA043HPNBB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Sun 2011-12-18 10:29:59.0899 Scan Started: [ID: 3 - Flags: 1575/0]
Sun 2011-12-18 10:30:48.0172 Scan Results: Files Scanned: 16572, Duration: 47s, Malicious Files: 0
Sun 2011-12-18 10:30:48.0239 Scan Finished: [ID: 3 - Seq: 22606247]
Mon 2011-12-19 03:01:10.0693 Begin passive write scan (82 file(s))
Mon 2011-12-19 03:01:11.0353 End passive write scan (82 file(s))
Mon 2011-12-19 03:01:13.0693 Begin passive write scan (4 file(s))
Mon 2011-12-19 03:01:13.0933 End passive write scan (4 file(s))
Mon 2011-12-19 03:01:19.0693 Begin passive write scan (4 file(s))
Mon 2011-12-19 03:01:20.0235 End passive write scan (4 file(s))
Mon 2011-12-19 10:29:41.0852 SLevel updated to CA045CDGBB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Mon 2011-12-19 11:30:12.0318 Scan Started: [ID: 4 - Flags: 1575/0]
Mon 2011-12-19 11:30:58.0235 Scan Results: Files Scanned: 15941, Duration: 45s, Malicious Files: 0
Mon 2011-12-19 11:30:58.0290 Scan Finished: [ID: 4 - Seq: 22696247]
Mon 2011-12-19 22:48:04.0912 Closed network connection: [4101A8C0.43256 - 9E4946D0.20480]
Mon 2011-12-19 22:48:04.0912 Closed network connection: [4101A8C0.57336 - C3335D5D.20480]
Mon 2011-12-19 22:48:04.0912 Closed network connection: [0100007F.60608 - 00000000.0]
Mon 2011-12-19 22:48:04.0912 Closed network connection: [0100007F.3057 - 00000000.0]
Mon 2011-12-19 22:48:04.0912 Closed network connection: [4101A8C0.41720 - 7E041B08.20480]
Mon 2011-12-19 22:48:04.0912 Closed network connection: [4101A8C0.41976 - 7E365DC7.20480]
Mon 2011-12-19 22:48:04.0912 Closed network connection: [4101A8C0.42232 - 7E365DC7.20480]
Mon 2011-12-19 22:48:04.0912 Closed network connection: [4101A8C0.42488 - 7E365DC7.20480]
Mon 2011-12-19 22:48:04.0912 Closed network connection: [4101A8C0.42744 - 7E365DC7.20480]
Mon 2011-12-19 22:48:04.0912 Closed network connection: [4101A8C0.43000 - 7318C0AD.20480]
Mon 2011-12-19 22:48:04.0912 Closed network connection: [4101A8C0.43512 - 21508962.20480]
Mon 2011-12-19 22:48:04.0912 Closed network connection: [4101A8C0.43768 - 21508962.20480]
Mon 2011-12-19 22:48:04.0912 Closed network connection: [4101A8C0.44024 - 21508962.20480]
Mon 2011-12-19 22:48:04.0912 Closed network connection: [4101A8C0.44280 - FEDC4EC6.20480]
Mon 2011-12-19 22:48:04.0912 Closed network connection: [4101A8C0.45048 - 9E4946D0.20480]
Mon 2011-12-19 22:48:04.0912 Closed network connection: [4101A8C0.45304 - 7DE71B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.45560 - ECE57D4A.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.45816 - E0E57D4A.47873]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.46072 - 7DE71B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.47096 - FDE31A04.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.47352 - 7E041B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.47608 - 7E041B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.47864 - 7E041B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.48120 - 7E041B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.48376 - 7E041B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.48632 - FDE31A04.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.48888 - FDE31A04.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.49144 - 7E041B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.49400 - FDE31A04.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.49656 - 7E041B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.49912 - 7E041B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.50168 - 7E041B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.50424 - FDE31A04.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.50680 - FDE31A04.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.50936 - FDE31A04.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.51192 - 7DE71B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.51448 - 7DE71B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.51704 - 7DE71B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.51960 - 7DE71B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.52216 - 7DE71B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.52728 - 7DE71B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.52984 - 7DE71B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.53240 - 7DE71B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.53496 - 7DE71B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.53752 - 7DE71B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.54008 - 7DE71B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.54264 - 7DE71B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.54520 - 7DE71B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.54776 - 7DE71B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.55032 - 7DE71B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.55288 - 7DE71B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.55800 - 7DE71B08.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.56056 - FEDC4EC6.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.56568 - 14AC1BB8.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.56824 - FE658E44.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.57080 - FE658E44.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.57592 - FEDC4EC6.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.57848 - 0AF95840.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.58104 - 7318C0AD.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.58360 - F53CC0AD.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [4101A8C0.58616 - DDC76F40.20480]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [0100007F.13267 - 00000000.0]
Mon 2011-12-19 22:48:04.0928 Closed network connection: [0100007F.1759 - 00000000.0]
Mon 2011-12-19 22:48:04.0928 Blocked website: http://creatives.livejasmin.com/pu/w2/?tid=kontx_w2_girl_teen&psid=ed_dpimpyp1&pstool=149_14095_151&pstour=t1&psprogram=REVS&site=jsm
Tue 2011-12-20 08:07:11.0291 Begin passive write scan (5 file(s))
Tue 2011-12-20 08:07:11.0884 End passive write scan (5 file(s))
Tue 2011-12-20 08:07:14.0333 Begin passive write scan (4 file(s))
Tue 2011-12-20 08:07:14.0926 End passive write scan (4 file(s))
Tue 2011-12-20 08:14:14.0427 Scan Started: [ID: 5 - Flags: 1575/0]
Tue 2011-12-20 08:14:43.0692 Scan Results: Files Scanned: 16557, Duration: 29s, Malicious Files: 0
Tue 2011-12-20 08:14:43.0708 Scan Finished: [ID: 5 - Seq: 22770881]
Tue 2011-12-20 15:39:25.0254 SLevel updated to CA047LDNBB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Tue 2011-12-20 20:28:05.0915 Begin passive write scan (7 file(s))
Tue 2011-12-20 20:28:07.0343 End passive write scan (7 file(s))
Wed 2011-12-21 09:22:34.0680 Scan Started: [ID: 6 - Flags: 1575/0]
Wed 2011-12-21 09:23:13.0441 Scan Results: Files Scanned: 20791, Duration: 38s, Malicious Files: 0
Wed 2011-12-21 09:23:13.0471 Scan Finished: [ID: 6 - Seq: 22861386]
Wed 2011-12-21 16:31:57.0478 SLevel updated to CA049IH7BB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Wed 2011-12-21 17:50:06.0994 Closed network connection: [4601A8C0.48883 - 9E4946D0.20480]
Wed 2011-12-21 17:50:06.0994 Closed network connection: [4601A8C0.49907 - C3335D5D.20480]
Wed 2011-12-21 17:50:06.0994 Closed network connection: [0100007F.8420 - 00000000.0]
Wed 2011-12-21 17:50:06.0994 Closed network connection: [4601A8C0.32499 - 7418C0AD.20480]
Wed 2011-12-21 17:50:06.0994 Closed network connection: [4601A8C0.32755 - 31508962.20480]
Wed 2011-12-21 17:50:06.0994 Closed network connection: [4601A8C0.33011 - 31508962.20480]
Wed 2011-12-21 17:50:06.0994 Closed network connection: [4601A8C0.33267 - 7DE71B08.20480]
Wed 2011-12-21 17:50:06.0994 Closed network connection: [4601A8C0.33523 - 7DE71B08.20480]
Wed 2011-12-21 17:50:06.0994 Closed network connection: [4601A8C0.33779 - 7DE71B08.20480]
Wed 2011-12-21 17:50:06.0994 Closed network connection: [4601A8C0.34035 - 9E4946D0.20480]
Wed 2011-12-21 17:50:06.0994 Closed network connection: [4601A8C0.34291 - CBE57D4A.20480]
Wed 2011-12-21 17:50:06.0994 Closed network connection: [4601A8C0.34547 - 7DD01A08.20480]
Wed 2011-12-21 17:50:06.0994 Closed network connection: [4601A8C0.34803 - 7DD01A08.20480]
Wed 2011-12-21 17:50:06.0994 Closed network connection: [4601A8C0.35059 - 7DD01A08.20480]
Wed 2011-12-21 17:50:06.0994 Closed network connection: [4601A8C0.35315 - 7DD01A08.20480]
Wed 2011-12-21 17:50:06.0994 Closed network connection: [4601A8C0.35571 - 7DD01A08.20480]
Wed 2011-12-21 17:50:06.0994 Closed network connection: [4601A8C0.35827 - 7DD01A08.20480]
Wed 2011-12-21 17:50:06.0994 Closed network connection: [4601A8C0.36083 - 7DD01A08.20480]
Wed 2011-12-21 17:50:06.0994 Closed network connection: [4601A8C0.36339 - 7D981B08.20480]
Wed 2011-12-21 17:50:06.0994 Closed network connection: [4601A8C0.36595 - 7D981B08.20480]
Wed 2011-12-21 17:50:06.0994 Closed network connection: [4601A8C0.36851 - 7D981B08.20480]
Wed 2011-12-21 17:50:06.0994 Closed network connection: [4601A8C0.37107 - 7D981B08.20480]
Wed 2011-12-21 17:50:06.0994 Closed network connection: [4601A8C0.37363 - 7D981B08.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.37619 - 7D981B08.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.37875 - 7D981B08.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.38131 - 7D981B08.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.38387 - 7D981B08.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.38643 - 7D981B08.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.38899 - CBE57D4A.47873]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.39155 - 7E367BCF.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.39411 - 7E367BCF.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.39667 - 7E367BCF.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.39923 - 7E367BCF.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.40179 - 7E367BCF.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.40435 - 5F2D7D4A.47873]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.40691 - FD0A1B04.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.40947 - FEDC4EC6.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.41203 - FEDC4EC6.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.41459 - FEDC4EC6.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.41715 - FEDC4EC6.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.41971 - FEDC4EC6.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.42227 - FEDC4EC6.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.42739 - CAE57D4A.47873]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.43251 - 09333348.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.43507 - 1D3E7FD8.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.43763 - 5FE57D4A.47873]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.44019 - 377519B8.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.44275 - 377519B8.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.44531 - 377519B8.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.45299 - 7EDF1A08.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.45555 - 7EDF1A08.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.45811 - 7EDF1A08.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.46067 - 7EDF1A08.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.46323 - 7EDF1A08.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.46579 - 7EDF1A08.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.46835 - 7EDF1A08.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.47091 - 7EDF1A08.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.47347 - 7EDF1A08.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.48371 - 7E3B1704.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.48627 - FD0A1B04.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [4601A8C0.49139 - FE658E44.20480]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [0100007F.8681 - 00000000.0]
Wed 2011-12-21 17:50:07.0004 Closed network connection: [0100007F.1759 - 00000000.0]
Wed 2011-12-21 17:50:07.0004 Blocked website: http://creatives.livejasmin.com/pu/w2/?tid=kontx_w2_girl_teen&psid=ed_dpimpyp1&pstool=149_14095_151&pstour=t1&psprogram=REVS&site=jsm
Thu 2011-12-22 10:22:40.0865 Scan Started: [ID: 7 - Flags: 1575/0]
Thu 2011-12-22 10:23:40.0051 Scan Results: Files Scanned: 20645, Duration: 59s, Malicious Files: 0
Thu 2011-12-22 10:23:40.0082 Scan Finished: [ID: 7 - Seq: 22951416]
Thu 2011-12-22 16:31:57.0731 SLevel updated to CA04BD56BB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Fri 2011-12-23 08:14:04.0864 Scan Started: [ID: 8 - Flags: 1575/0]
Fri 2011-12-23 08:14:36.0481 Scan Results: Files Scanned: 14960, Duration: 31s, Malicious Files: 0
Fri 2011-12-23 08:14:36.0511 Scan Finished: [ID: 8 - Seq: 23030069]
Fri 2011-12-23 08:23:14.0692 Begin passive write scan (1 file(s))
Fri 2011-12-23 08:23:15.0053 End passive write scan (1 file(s))
Fri 2011-12-23 08:23:17.0694 Begin passive write scan (3 file(s))
Fri 2011-12-23 08:23:19.0665 End passive write scan (3 file(s))
Fri 2011-12-23 08:23:20.0702 Begin passive write scan (1 file(s))
Fri 2011-12-23 08:23:26.0500 End passive write scan (1 file(s))
Fri 2011-12-23 08:23:29.0708 Begin passive write scan (1 file(s))
Fri 2011-12-23 08:23:30.0061 End passive write scan (1 file(s))
Fri 2011-12-23 08:23:35.0715 Begin passive write scan (3 file(s))
Fri 2011-12-23 08:23:36.0200 End passive write scan (3 file(s))
Fri 2011-12-23 11:47:14.0717 Begin passive write scan (2 file(s))
Fri 2011-12-23 11:47:15.0101 End passive write scan (2 file(s))
Fri 2011-12-23 16:31:59.0673 SLevel updated to CA04D7T8BB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Fri 2011-12-23 21:16:27.0191 >>> Service started [v8.0.1.44]
Fri 2011-12-23 21:16:27.0409 Terminated abruptly in the last session
Fri 2011-12-23 21:16:41.0387 Monitoring process C:\Windows\system32\atbroker.exe [23566F9723771108D2E6CD768AC27407]. Type: 3 (6299)
Fri 2011-12-23 21:16:41.0387 Monitoring process C:\Windows\system32\atbroker.exe [23566F9723771108D2E6CD768AC27407]. Type: 4 (6299)
Fri 2011-12-23 21:16:41.0387 Monitoring process C:\Windows\system32\atbroker.exe [23566F9723771108D2E6CD768AC27407]. Type: 5 (6299)
Fri 2011-12-23 21:16:41.0387 Monitoring process C:\Windows\system32\atbroker.exe [23566F9723771108D2E6CD768AC27407]. Type: 7 (6299)
Fri 2011-12-23 21:16:41.0590 Monitoring process C:\Windows\system32\atbroker.exe [23566F9723771108D2E6CD768AC27407]. Type: 8 (6299)
Fri 2011-12-23 21:16:41.0902 User process connected successfully from PID 824, Session 1
Fri 2011-12-23 21:16:42.0557 Connecting to 3 - 3
Fri 2011-12-23 21:16:44.0678 Begin passive write scan (1 file(s))
Fri 2011-12-23 21:16:45.0256 End passive write scan (1 file(s))
Fri 2011-12-23 21:17:45.0450 Begin passive write scan (4 file(s))
Fri 2011-12-23 21:17:46.0027 End passive write scan (4 file(s))
Fri 2011-12-23 21:18:40.0230 Begin passive write scan (1 file(s))
Fri 2011-12-23 21:18:40.0589 End passive write scan (1 file(s))
Fri 2011-12-23 21:19:22.0865 Begin passive write scan (1 file(s))
Fri 2011-12-23 21:19:23.0115 End passive write scan (1 file(s))
Fri 2011-12-23 21:25:58.0404 Scan Started: [ID: 9 - Flags: 1575/0]
Fri 2011-12-23 21:26:26.0609 Connected to C1
Fri 2011-12-23 21:26:38.0855 Scan Results: Files Scanned: 21352, Duration: 40s, Malicious Files: 0
Fri 2011-12-23 21:26:38.0870 Scan Finished: [ID: 9 - Seq: 23077582]
Fri 2011-12-23 21:26:44.0034 Scan Started: [ID: 10 - Flags: 1575/0]
Fri 2011-12-23 21:27:11.0022 Scan Results: Files Scanned: 21271, Duration: 26s, Malicious Files: 0
Fri 2011-12-23 21:27:11.0038 Scan Finished: [ID: 10 - Seq: 23077626]
Sat 2011-12-24 21:16:43.0296 SLevel updated to CA04FFNRBB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Sat 2011-12-24 22:26:54.0155 Scan Started: [ID: 11 - Flags: 1575/0]
Sat 2011-12-24 22:27:27.0587 Scan Results: Files Scanned: 22046, Duration: 33s, Malicious Files: 0
Sat 2011-12-24 22:27:27.0605 Scan Finished: [ID: 11 - Seq: 23167639]
Sun 2011-12-25 21:16:45.0843 SLevel updated to CA04HABXBB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Sun 2011-12-25 23:27:08.0237 Scan Started: [ID: 12 - Flags: 1575/0]
Sun 2011-12-25 23:27:59.0545 Scan Results: Files Scanned: 20570, Duration: 51s, Malicious Files: 0
Sun 2011-12-25 23:27:59.0566 Scan Finished: [ID: 12 - Seq: 23257652]
Mon 2011-12-26 20:51:20.0109 Closed network connection: [4601A8C0.30168 - B64946D0.20480]
Mon 2011-12-26 20:51:20.0110 Closed network connection: [4601A8C0.31704 - C3335D5D.20480]
Mon 2011-12-26 20:51:20.0110 Closed network connection: [0100007F.8943 - 00000000.0]
Mon 2011-12-26 20:51:20.0110 Closed network connection: [4601A8C0.38094 - B791FD9F.36615]
Mon 2011-12-26 20:51:20.0110 Closed network connection: [0100007F.2250 - 00000000.0]
Mon 2011-12-26 20:51:20.0111 Closed network connection: [4601A8C0.59607 - A4D31548.20480]
Mon 2011-12-26 20:51:20.0111 Closed network connection: [4601A8C0.60119 - A4D31548.20480]
Mon 2011-12-26 20:51:20.0111 Closed network connection: [4601A8C0.62935 - E08B146B.20480]
Mon 2011-12-26 20:51:20.0111 Closed network connection: [4601A8C0.63191 - ABE57D4A.20480]
Mon 2011-12-26 20:51:20.0113 Closed network connection: [4601A8C0.63447 - 4DF349B8.20480]
Mon 2011-12-26 20:51:20.0113 Closed network connection: [4601A8C0.63703 - 4DF349B8.20480]
Mon 2011-12-26 20:51:20.0113 Closed network connection: [4601A8C0.63959 - 4DF349B8.20480]
Mon 2011-12-26 20:51:20.0113 Closed network connection: [4601A8C0.64215 - 4DF349B8.20480]
Mon 2011-12-26 20:51:20.0113 Closed network connection: [4601A8C0.64471 - 4DF349B8.20480]
Mon 2011-12-26 20:51:20.0113 Closed network connection: [4601A8C0.64727 - 4DF349B8.20480]
Mon 2011-12-26 20:51:20.0113 Closed network connection: [4601A8C0.64983 - BAE57D4A.20480]
Mon 2011-12-26 20:51:20.0140 Closed network connection: [4601A8C0.728 - E42F9742.20480]
Mon 2011-12-26 20:51:20.0140 Closed network connection: [4601A8C0.1240 - F4EB48B8.20480]
Mon 2011-12-26 20:51:20.0140 Closed network connection: [4601A8C0.4056 - C25DBCCD.20480]
Mon 2011-12-26 20:51:20.0140 Closed network connection: [4601A8C0.4312 - 49AA49B8.20480]
Mon 2011-12-26 20:51:20.0140 Closed network connection: [4601A8C0.8152 - F23CC0AD.20480]
Mon 2011-12-26 20:51:20.0140 Closed network connection: [4601A8C0.8408 - 22508962.20480]
Mon 2011-12-26 20:51:20.0140 Closed network connection: [4601A8C0.8664 - 22508962.20480]
Mon 2011-12-26 20:51:20.0141 Closed network connection: [4601A8C0.8920 - 22508962.20480]
Mon 2011-12-26 20:51:20.0141 Closed network connection: [4601A8C0.9176 - 7E3B1704.20480]
Mon 2011-12-26 20:51:20.0141 Closed network connection: [4601A8C0.9432 - 7E3B1704.20480]
Mon 2011-12-26 20:51:20.0141 Closed network connection: [4601A8C0.9688 - B64946D0.20480]
Mon 2011-12-26 20:51:20.0152 Closed network connection: [4601A8C0.10200 - 7DE71B08.20480]
Mon 2011-12-26 20:51:20.0152 Closed network connection: [4601A8C0.10456 - 7DE71B08.20480]
Mon 2011-12-26 20:51:20.0152 Closed network connection: [4601A8C0.10712 - A4E57D4A.47873]
Mon 2011-12-26 20:51:20.0152 Closed network connection: [4601A8C0.10968 - 7EDA4EC6.20480]
Mon 2011-12-26 20:51:20.0152 Closed network connection: [4601A8C0.11992 - 7EDA4EC6.20480]
Mon 2011-12-26 20:51:20.0152 Closed network connection: [4601A8C0.12248 - 7EDA4EC6.20480]
Mon 2011-12-26 20:51:20.0152 Closed network connection: [4601A8C0.12504 - 7EDA4EC6.20480]
Mon 2011-12-26 20:51:20.0152 Closed network connection: [4601A8C0.12760 - 7EDA4EC6.20480]
Mon 2011-12-26 20:51:20.0152 Closed network connection: [4601A8C0.13016 - 7EDA4EC6.20480]
Mon 2011-12-26 20:51:20.0153 Closed network connection: [4601A8C0.13528 - 7E365DC7.20480]
Mon 2011-12-26 20:51:20.0153 Closed network connection: [4601A8C0.13784 - 7E365DC7.20480]
Mon 2011-12-26 20:51:20.0153 Closed network connection: [4601A8C0.14040 - 7E365DC7.20480]
Mon 2011-12-26 20:51:20.0153 Closed network connection: [4601A8C0.14296 - 7E365DC7.20480]
Mon 2011-12-26 20:51:20.0153 Closed network connection: [4601A8C0.14552 - 7E365DC7.20480]
Mon 2011-12-26 20:51:20.0153 Closed network connection: [4601A8C0.14808 - 7E365DC7.20480]
Mon 2011-12-26 20:51:20.0153 Closed network connection: [4601A8C0.15064 - 7E365DC7.20480]
Mon 2011-12-26 20:51:20.0153 Closed network connection: [4601A8C0.15320 - 7E367BCF.20480]
Mon 2011-12-26 20:51:20.0153 Closed network connection: [4601A8C0.15576 - 7E367BCF.20480]
Mon 2011-12-26 20:51:20.0153 Closed network connection: [4601A8C0.15832 - 7E367BCF.20480]
Mon 2011-12-26 20:51:20.0153 Closed network connection: [4601A8C0.16088 - 7E367BCF.20480]
Mon 2011-12-26 20:51:20.0153 Closed network connection: [4601A8C0.16344 - 7E367BCF.20480]
Mon 2011-12-26 20:51:20.0153 Closed network connection: [4601A8C0.16600 - 7E367BCF.20480]
Mon 2011-12-26 20:51:20.0153 Closed network connection: [4601A8C0.16856 - 7E367BCF.20480]
Mon 2011-12-26 20:51:20.0153 Closed network connection: [4601A8C0.17112 - 7E367BCF.20480]
Mon 2011-12-26 20:51:20.0153 Closed network connection: [4601A8C0.17368 - 7E367BCF.20480]
Mon 2011-12-26 20:51:20.0154 Closed network connection: [4601A8C0.17624 - 7E367BCF.20480]
Mon 2011-12-26 20:51:20.0154 Closed network connection: [4601A8C0.17880 - 7D0A1B04.20480]
Mon 2011-12-26 20:51:20.0154 Closed network connection: [4601A8C0.18136 - 7D0A1B04.20480]
Mon 2011-12-26 20:51:20.0154 Closed network connection: [4601A8C0.18392 - 7D0A1B04.20480]
Mon 2011-12-26 20:51:20.0154 Closed network connection: [4601A8C0.18648 - 7D0A1B04.20480]
Mon 2011-12-26 20:51:20.0155 Closed network connection: [4601A8C0.18904 - 7D0A1B04.20480]
Mon 2011-12-26 20:51:20.0155 Closed network connection: [4601A8C0.19160 - 7D0A1B04.20480]
Mon 2011-12-26 20:51:20.0155 Closed network connection: [4601A8C0.19416 - 7D0A1B04.20480]
Mon 2011-12-26 20:51:20.0155 Closed network connection: [4601A8C0.19672 - 7D0A1B04.20480]
Mon 2011-12-26 20:51:20.0155 Closed network connection: [4601A8C0.19928 - 7D0A1B04.20480]
Mon 2011-12-26 20:51:20.0155 Closed network connection: [4601A8C0.20184 - 7D0A1B04.20480]
Mon 2011-12-26 20:51:20.0156 Closed network connection: [4601A8C0.20440 - 7D0A1B04.20480]
Mon 2011-12-26 20:51:20.0156 Closed network connection: [4601A8C0.20696 - 7D0A1B04.20480]
Mon 2011-12-26 20:51:20.0156 Closed network connection: [4601A8C0.20952 - 5F2F7D4A.47873]
Mon 2011-12-26 20:51:20.0156 Closed network connection: [4601A8C0.21208 - 7D0A1B04.20480]
Mon 2011-12-26 20:51:20.0156 Closed network connection: [4601A8C0.21464 - 7D0A1B04.20480]
Mon 2011-12-26 20:51:20.0156 Closed network connection: [4601A8C0.21720 - 7D0A1B04.20480]
Mon 2011-12-26 20:51:20.0156 Closed network connection: [4601A8C0.21976 - 7D0A1B04.20480]
Mon 2011-12-26 20:51:20.0156 Closed network connection: [4601A8C0.22232 - 14AC1BB8.20480]
Mon 2011-12-26 20:51:20.0156 Closed network connection: [4601A8C0.22488 - FEDC4EC6.20480]
Mon 2011-12-26 20:51:20.0156 Closed network connection: [4601A8C0.22744 - AEE57D4A.47873]
Mon 2011-12-26 20:51:20.0156 Closed network connection: [4601A8C0.23000 - F23CC0AD.20480]
Mon 2011-12-26 20:51:20.0156 Closed network connection: [4601A8C0.23256 - AEE57D4A.47873]
Mon 2011-12-26 20:51:20.0157 Closed network connection: [4601A8C0.23512 - 7418C0AD.20480]
Mon 2011-12-26 20:51:20.0157 Closed network connection: [4601A8C0.24280 - A8E57D4A.47873]
Mon 2011-12-26 20:51:20.0157 Closed network connection: [4601A8C0.25048 - DFE57D4A.47873]
Mon 2011-12-26 20:51:20.0157 Closed network connection: [4601A8C0.25816 - FA347FD8.20480]
Mon 2011-12-26 20:51:20.0157 Closed network connection: [4601A8C0.26072 - 37771BB8.20480]
Mon 2011-12-26 20:51:20.0157 Closed network connection: [4601A8C0.26328 - 09333348.20480]
Mon 2011-12-26 20:51:20.0157 Closed network connection: [4601A8C0.26840 - 37771BB8.20480]
Mon 2011-12-26 20:51:20.0157 Closed network connection: [4601A8C0.27864 - 37771BB8.20480]
Mon 2011-12-26 20:51:20.0157 Closed network connection: [4601A8C0.28120 - 37771BB8.20480]
Mon 2011-12-26 20:51:20.0157 Closed network connection: [4601A8C0.28376 - 7E4780CD.20480]
Mon 2011-12-26 20:51:20.0157 Closed network connection: [4601A8C0.28888 - 18C30117.20480]
Mon 2011-12-26 20:51:20.0157 Closed network connection: [4601A8C0.29656 - 73A51BB8.20480]
Mon 2011-12-26 20:51:20.0158 Closed network connection: [4601A8C0.29912 - 7318C0AD.20480]
Mon 2011-12-26 20:51:20.0158 Closed network connection: [4601A8C0.30680 - 838AD040.20480]
Mon 2011-12-26 20:51:20.0158 Closed network connection: [4601A8C0.31960 - 7DE71B08.20480]
Mon 2011-12-26 20:51:20.0158 Closed network connection: [4601A8C0.32216 - 7DE71B08.20480]
Mon 2011-12-26 20:51:20.0158 Closed network connection: [4601A8C0.32472 - 7E365DC7.20480]
Mon 2011-12-26 20:51:20.0158 Closed network connection: [4601A8C0.32728 - 7E365DC7.20480]
Mon 2011-12-26 20:51:20.0158 Closed network connection: [4601A8C0.32984 - 7EDA4EC6.20480]
Mon 2011-12-26 20:51:20.0158 Closed network connection: [4601A8C0.33240 - 7EDA4EC6.20480]
Mon 2011-12-26 20:51:20.0158 Closed network connection: [4601A8C0.33496 - 7EDA4EC6.20480]
Mon 2011-12-26 20:51:20.0158 Closed network connection: [4601A8C0.33752 - 7E365DC7.20480]
Mon 2011-12-26 20:51:20.0158 Closed network connection: [4601A8C0.34008 - 7EDA4EC6.20480]
Mon 2011-12-26 20:51:20.0158 Closed network connection: [4601A8C0.34520 - 2FCD5292.20480]
Mon 2011-12-26 20:51:20.0158 Closed network connection: [4601A8C0.34776 - 7DE71B08.20480]
Mon 2011-12-26 20:51:20.0158 Closed network connection: [4601A8C0.35032 - 7DE71B08.20480]
Mon 2011-12-26 20:51:20.0158 Closed network connection: [4601A8C0.35288 - 3ACD5292.20480]
Mon 2011-12-26 20:51:20.0158 Closed network connection: [4601A8C0.35544 - 3ACD5292.20480]
Mon 2011-12-26 20:51:20.0159 Closed network connection: [0100007F.33756 - 00000000.0]
Mon 2011-12-26 20:51:20.0159 Closed network connection: [0100007F.22488 - 00000000.0]
Mon 2011-12-26 20:51:20.0159 Blocked website: http://creatives.livejasmin.com/pu/w2/?tid=kontx_w2_girl_teen&psid=ed_dpimpyp1&pstool=149_14095_151&pstour=t1&psprogram=REVS&site=jsm
Mon 2011-12-26 21:22:04.0979 SLevel updated to CA04J1XJBB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Tue 2011-12-27 00:27:20.0089 Scan Started: [ID: 13 - Flags: 1575/0]
Tue 2011-12-27 00:27:58.0706 Scan Results: Files Scanned: 22909, Duration: 38s, Malicious Files: 0
Tue 2011-12-27 00:27:58.0746 Scan Finished: [ID: 13 - Seq: 23347671]
Tue 2011-12-27 09:51:59.0160 Begin passive write scan (1 file(s))
Tue 2011-12-27 09:51:59.0506 End passive write scan (1 file(s))
Tue 2011-12-27 09:52:14.0166 Begin passive write scan (4 file(s))
Tue 2011-12-27 09:52:15.0629 End passive write scan (4 file(s))
Tue 2011-12-27 09:52:17.0270 Begin passive write scan (1 file(s))
Tue 2011-12-27 09:52:17.0609 End passive write scan (1 file(s))
Tue 2011-12-27 09:52:23.0436 Begin passive write scan (3 file(s))
Tue 2011-12-27 09:52:24.0092 End passive write scan (3 file(s))
Tue 2011-12-27 21:22:09.0393 SLevel updated to CA04KZWWBB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Wed 2011-12-28 01:27:30.0150 Scan Started: [ID: 14 - Flags: 1575/0]
Wed 2011-12-28 01:28:16.0863 Scan Results: Files Scanned: 17669, Duration: 46s, Malicious Files: 0
Wed 2011-12-28 01:28:16.0900 Scan Finished: [ID: 14 - Seq: 23437669]
Wed 2011-12-28 16:05:07.0926 Closed network connection: [4601A8C0.63952 - 9E4946D0.20480]
Wed 2011-12-28 16:05:07.0926 Closed network connection: [4601A8C0.64720 - C3335D5D.20480]
Wed 2011-12-28 16:05:07.0927 Closed network connection: [0100007F.42971 - 00000000.0]
Wed 2011-12-28 16:05:07.0927 Closed network connection: [0100007F.41410 - 00000000.0]
Wed 2011-12-28 16:05:07.0927 Closed network connection: [0100007F.9162 - 00000000.0]
Wed 2011-12-28 16:05:07.0927 Closed network connection: [0100007F.63737 - 00000000.0]
Wed 2011-12-28 16:05:07.0927 Blocked website: http://creatives.livejasmin.com/pu/w2/?tid=kontx_w2_girl_teen&psid=ed_dpimpyp1&pstool=149_14095_151&pstour=t1&psprogram=REVS&site=jsm
Wed 2011-12-28 21:22:09.0575 SLevel updated to CA04MUKVBB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Thu 2011-12-29 02:31:29.0938 Scan Started: [ID: 15 - Flags: 1575/0]
Thu 2011-12-29 10:10:15.0675 Scan Results: Files Scanned: 18917, Duration: 7h 38m, Malicious Files: 0
Thu 2011-12-29 10:10:15.0702 Scan Finished: [ID: 15 - Seq: 15]
Thu 2011-12-29 21:22:13.0933 SLevel updated to CA04OP8ZBB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Fri 2011-12-30 05:39:47.0120 Scan Started: [ID: 16 - Flags: 1575/0]
Fri 2011-12-30 05:40:42.0428 Scan Results: Files Scanned: 18681, Duration: 53s, Malicious Files: 0
Fri 2011-12-30 05:40:42.0456 Scan Finished: [ID: 16 - Seq: 23625612]
Fri 2011-12-30 05:50:57.0461 Begin passive write scan (6 file(s))
Fri 2011-12-30 05:50:58.0040 End passive write scan (6 file(s))
Fri 2011-12-30 05:51:00.0463 Begin passive write scan (3 file(s))
Fri 2011-12-30 05:51:00.0873 End passive write scan (3 file(s))
Fri 2011-12-30 08:14:04.0411 Scan Started: [ID: 17 - Flags: 1575/0]
Fri 2011-12-30 08:14:41.0636 Scan Results: Files Scanned: 21360, Duration: 37s, Malicious Files: 0
Fri 2011-12-30 08:14:41.0667 Scan Finished: [ID: 17 - Seq: 23634878]
Fri 2011-12-30 11:56:33.0948 Begin passive write scan (2 file(s))
Fri 2011-12-30 11:56:34.0389 End passive write scan (2 file(s))
Fri 2011-12-30 11:59:26.0720 Closed network connection: [4601A8C0.25323 - 7318C0AD.20480]
Fri 2011-12-30 11:59:26.0720 Closed network connection: [4601A8C0.26347 - 21508962.20480]
Fri 2011-12-30 11:59:26.0720 Closed network connection: [4601A8C0.26603 - 21508962.20480]
Fri 2011-12-30 11:59:26.0720 Closed network connection: [4601A8C0.26859 - 373319B8.20480]
Fri 2011-12-30 11:59:26.0720 Closed network connection: [4601A8C0.27371 - 9E4946D0.20480]
Fri 2011-12-30 11:59:26.0720 Closed network connection: [4601A8C0.27627 - E5E57D4A.20480]
Fri 2011-12-30 11:59:26.0720 Closed network connection: [4601A8C0.29931 - EBE57D4A.47873]
Fri 2011-12-30 11:59:26.0720 Closed network connection: [4601A8C0.36331 - 5F417D4A.47873]
Fri 2011-12-30 11:59:26.0720 Closed network connection: [4601A8C0.38891 - 0AF95840.20480]
Fri 2011-12-30 11:59:26.0720 Closed network connection: [4601A8C0.39147 - E2E57D4A.47873]
Fri 2011-12-30 11:59:26.0720 Closed network connection: [4601A8C0.39403 - FA347FD8.20480]
Fri 2011-12-30 11:59:26.0720 Closed network connection: [4601A8C0.40171 - 373319B8.20480]
Fri 2011-12-30 11:59:26.0720 Closed network connection: [4601A8C0.40683 - EEE57D4A.47873]
Fri 2011-12-30 11:59:26.0720 Closed network connection: [4601A8C0.40939 - 373319B8.20480]
Fri 2011-12-30 11:59:26.0720 Closed network connection: [4601A8C0.41195 - 373319B8.20480]
Fri 2011-12-30 11:59:26.0720 Closed network connection: [4601A8C0.41451 - EEE57D4A.47873]
Fri 2011-12-30 11:59:26.0720 Closed network connection: [4601A8C0.41963 - 1F25C2AD.47873]
Fri 2011-12-30 11:59:26.0721 Closed network connection: [4601A8C0.42731 - 7EDF1A08.20480]
Fri 2011-12-30 11:59:26.0721 Closed network connection: [4601A8C0.43243 - 7E5580CD.20480]
Fri 2011-12-30 11:59:26.0721 Closed network connection: [4601A8C0.43499 - 7E5580CD.20480]
Fri 2011-12-30 11:59:26.0721 Closed network connection: [4601A8C0.43755 - 7E5580CD.20480]
Fri 2011-12-30 11:59:26.0721 Closed network connection: [4601A8C0.44011 - 7EDF1A08.20480]
Fri 2011-12-30 11:59:26.0721 Closed network connection: [4601A8C0.44267 - 7EDF1A08.20480]
Fri 2011-12-30 11:59:26.0721 Closed network connection: [4601A8C0.44523 - 7E5580CD.20480]
Fri 2011-12-30 11:59:26.0721 Closed network connection: [4601A8C0.44779 - 7E5580CD.20480]
Fri 2011-12-30 11:59:26.0721 Closed network connection: [4601A8C0.45035 - 7E5580CD.20480]
Fri 2011-12-30 11:59:26.0721 Closed network connection: [4601A8C0.45291 - 7E5580CD.20480]
Fri 2011-12-30 11:59:26.0721 Closed network connection: [4601A8C0.45547 - 7E5580CD.20480]
Fri 2011-12-30 11:59:26.0721 Closed network connection: [4601A8C0.45803 - 7EDF1A08.20480]
Fri 2011-12-30 11:59:26.0721 Closed network connection: [4601A8C0.46059 - 7E5580CD.20480]
Fri 2011-12-30 11:59:26.0721 Closed network connection: [4601A8C0.46315 - 7E5580CD.20480]
Fri 2011-12-30 11:59:26.0721 Closed network connection: [4601A8C0.46571 - 7E5580CD.20480]
Fri 2011-12-30 11:59:26.0721 Closed network connection: [4601A8C0.46827 - 7E5580CD.20480]
Fri 2011-12-30 11:59:26.0721 Closed network connection: [4601A8C0.47083 - 7EDF1A08.20480]
Fri 2011-12-30 11:59:26.0721 Closed network connection: [4601A8C0.47339 - 7E5580CD.20480]
Fri 2011-12-30 11:59:26.0722 Closed network connection: [4601A8C0.47595 - 7EDF1A08.20480]
Fri 2011-12-30 11:59:26.0722 Closed network connection: [4601A8C0.47851 - 7EDF1A08.20480]
Fri 2011-12-30 11:59:26.0722 Closed network connection: [4601A8C0.48107 - 7E5580CD.20480]
Fri 2011-12-30 11:59:26.0722 Closed network connection: [4601A8C0.49131 - FA347FD8.20480]
Fri 2011-12-30 11:59:26.0722 Closed network connection: [4601A8C0.50155 - 7DE71B08.20480]
Fri 2011-12-30 11:59:26.0722 Closed network connection: [4601A8C0.50411 - 15B642CF.20480]
Fri 2011-12-30 11:59:26.0724 Closed network connection: [4601A8C0.50667 - 7E4780CD.20480]
Fri 2011-12-30 11:59:26.0724 Closed network connection: [4601A8C0.50923 - 7DE71B08.20480]
Fri 2011-12-30 11:59:26.0724 Closed network connection: [0100007F.47344 - 00000000.0]
Fri 2011-12-30 11:59:26.0724 Closed network connection: [4601A8C0.42219 - 9E4946D0.20480]
Fri 2011-12-30 11:59:26.0724 Closed network connection: [4601A8C0.49643 - C3335D5D.20480]
Fri 2011-12-30 11:59:26.0724 Closed network connection: [0100007F.51188 - 00000000.0]
Fri 2011-12-30 11:59:26.0724 Closed network connection: [4601A8C0.13291 - E6E57D4A.20480]
Fri 2011-12-30 11:59:26.0724 Closed network connection: [4601A8C0.13547 - EBE57D4A.20480]
Fri 2011-12-30 11:59:26.0724 Closed network connection: [4601A8C0.15595 - E5E57D4A.20480]
Fri 2011-12-30 11:59:26.0724 Closed network connection: [4601A8C0.16875 - E5E57D4A.20480]
Fri 2011-12-30 11:59:26.0725 Closed network connection: [4601A8C0.17131 - E5E57D4A.20480]
Fri 2011-12-30 11:59:26.0725 Closed network connection: [4601A8C0.21483 - EDE57D4A.20480]
Fri 2011-12-30 11:59:26.0725 Closed network connection: [4601A8C0.21995 - EDE57D4A.20480]
Fri 2011-12-30 11:59:26.0725 Closed network connection: [4601A8C0.22763 - 52D67D4A.20480]
Fri 2011-12-30 11:59:26.0725 Closed network connection: [4601A8C0.24043 - EDE57D4A.20480]
Fri 2011-12-30 11:59:26.0725 Closed network connection: [4601A8C0.24299 - EDE57D4A.20480]
Fri 2011-12-30 11:59:26.0725 Closed network connection: [4601A8C0.24555 - EDE57D4A.20480]
Fri 2011-12-30 11:59:26.0725 Closed network connection: [4601A8C0.24811 - EFE57D4A.20480]
Fri 2011-12-30 11:59:26.0725 Closed network connection: [0100007F.31457 - 00000000.0]
Fri 2011-12-30 11:59:26.0725 Closed network connection: [0100007F.54515 - 00000000.0]
Fri 2011-12-30 11:59:26.0725 Blocked website: http://creatives.livejasmin.com/pu/w2/?tid=kontx_w2_girl_teen&psid=ed_dpimpyp1&pstool=149_14095_151&pstour=t1&psprogram=REVS&site=jsm
Fri 2011-12-30 14:08:59.0449 Infection detected: c:\users\owner\appdata\local\temp\ms0cfg32.exe [MD5: FDDF0BA4DC6E227BC1072585303679B7] [3/08080000]
Fri 2011-12-30 14:08:59.0449 File blocked in realtime: c:\users\owner\appdata\local\temp\ms0cfg32.exe [MD5: FDDF0BA4DC6E227BC1072585303679B7, Size: 69632 bytes] [134742016/00000003]
Fri 2011-12-30 14:08:59.0472 File blocked in realtime: c:\users\owner\appdata\local\temp\ms0cfg32.exe [MD5: FDDF0BA4DC6E227BC1072585303679B7, Size: 69632 bytes] [134742016/00000003]
Fri 2011-12-30 14:08:59.0622 Infection detected: c:\users\owner\appdata\local\temp\ms0cfg32.exe [MD5: FDDF0BA4DC6E227BC1072585303679B7] [3/08080000]
Fri 2011-12-30 14:08:59.0622 File blocked in realtime: c:\users\owner\appdata\local\temp\ms0cfg32.exe [MD5: FDDF0BA4DC6E227BC1072585303679B7, Size: 69632 bytes] [134742016/00000003]
Fri 2011-12-30 14:08:59.0622 File blocked in realtime: c:\users\owner\appdata\local\temp\ms0cfg32.exe [MD5: FDDF0BA4DC6E227BC1072585303679B7, Size: 69632 bytes] [134742016/00000003]
Fri 2011-12-30 14:08:59.0944 Infection detected: c:\users\owner\appdata\local\temp\ms0cfg32.exe [MD5: FDDF0BA4DC6E227BC1072585303679B7] [3/08080000]
Fri 2011-12-30 14:08:59.0944 File blocked in realtime: c:\users\owner\appdata\local\temp\ms0cfg32.exe [MD5: FDDF0BA4DC6E227BC1072585303679B7, Size: 69632 bytes] [134742016/00000003]
Fri 2011-12-30 14:08:59.0945 File blocked in realtime: c:\users\owner\appdata\local\temp\ms0cfg32.exe [MD5: FDDF0BA4DC6E227BC1072585303679B7, Size: 69632 bytes] [134742016/00000003]
Fri 2011-12-30 14:08:59.0955 File blocked in realtime: c:\users\owner\appdata\local\temp\ms0cfg32.exe [MD5: FDDF0BA4DC6E227BC1072585303679B7, Size: 69632 bytes] [134742016/00000003]
Fri 2011-12-30 14:09:01.0432 Begin passive write scan (1 file(s))
Fri 2011-12-30 14:09:01.0789 Infection detected: c:\users\owner\appdata\local\temp\ms0cfg32.exe [MD5: FDDF0BA4DC6E227BC1072585303679B7] [3/08080000]
Fri 2011-12-30 14:09:01.0789 File blocked in realtime: c:\users\owner\appdata\local\temp\ms0cfg32.exe [MD5: FDDF0BA4DC6E227BC1072585303679B7, Size: 69632 bytes] [134742016/00000003]
Fri 2011-12-30 14:09:01.0973 End passive write scan (1 file(s))
Fri 2011-12-30 14:09:07.0084 Determination flags modified: MD5: FDDF0BA4DC6E227BC1072585303679B7, Size: 69632 bytes, Flags: 00000020
Fri 2011-12-30 14:09:13.0982 Performing cleanup entry: 1
Fri 2011-12-30 14:09:14.0689 Scan Started: [ID: 18 - Flags: 551/128]
Fri 2011-12-30 14:10:35.0462 Scan Results: Files Scanned: 30044, Duration: 1m 20s, Malicious Files: 0
Fri 2011-12-30 14:10:35.0542 Scan Finished: [ID: 18 - Seq: 23656179]
Fri 2011-12-30 21:22:16.0434 SLevel updated to CA04QJX0BB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Sat 2011-12-31 15:09:16.0361 Scan Started: [ID: 19 - Flags: 1575/0]
Sat 2011-12-31 15:11:03.0531 Scan Results: Files Scanned: 28492, Duration: 1m 46s, Malicious Files: 0
Sat 2011-12-31 15:11:03.0615 Scan Finished: [ID: 19 - Seq: 23746181]
Sat 2011-12-31 21:22:18.0116 SLevel updated to CA04SEL2BB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Sun 2012-01-01 16:09:31.0083 Scan Started: [ID: 20 - Flags: 1575/0]
Sun 2012-01-01 16:11:06.0483 Scan Results: Files Scanned: 30627, Duration: 1m 35s, Malicious Files: 0
Sun 2012-01-01 16:11:06.0564 Scan Finished: [ID: 20 - Seq: 23836206]
Sun 2012-01-01 21:22:19.0772 SLevel updated to CA04U997BB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Mon 2012-01-02 17:55:22.0076 Scan Started: [ID: 21 - Flags: 1575/0]
Mon 2012-01-02 17:56:48.0070 Scan Results: Files Scanned: 30581, Duration: 1m 25s, Malicious Files: 0
Mon 2012-01-02 17:56:48.0140 Scan Finished: [ID: 21 - Seq: 23928945]
Mon 2012-01-02 21:22:21.0926 SLevel updated to CA04W3X9BB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Tue 2012-01-03 12:25:21.0732 Begin passive write scan (1 file(s))
Tue 2012-01-03 12:25:22.0173 End passive write scan (1 file(s))
Tue 2012-01-03 12:25:24.0744 Begin passive write scan (4 file(s))
Tue 2012-01-03 12:25:27.0186 End passive write scan (4 file(s))
Tue 2012-01-03 12:25:30.0760 Begin passive write scan (1 file(s))
Tue 2012-01-03 12:25:31.0099 End passive write scan (1 file(s))
Tue 2012-01-03 12:25:36.0760 Begin passive write scan (3 file(s))
Tue 2012-01-03 12:25:37.0146 End passive write scan (3 file(s))
Tue 2012-01-03 18:55:34.0778 Scan Started: [ID: 22 - Flags: 1575/0]
Tue 2012-01-03 18:56:56.0254 Scan Results: Files Scanned: 30770, Duration: 1m 21s, Malicious Files: 0
Tue 2012-01-03 18:56:56.0359 Scan Finished: [ID: 22 - Seq: 24018965]
Tue 2012-01-03 21:28:38.0272 SLevel updated to CA04XXSBBB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Wed 2012-01-04 19:55:36.0445 Scan Started: [ID: 23 - Flags: 1575/0]
Wed 2012-01-04 19:57:06.0618 Scan Results: Files Scanned: 30702, Duration: 1m 30s, Malicious Files: 0
Wed 2012-01-04 19:57:06.0688 Scan Finished: [ID: 23 - Seq: 24108954]
Wed 2012-01-04 21:28:41.0137 SLevel updated to CA04ZTJRBB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Thu 2012-01-05 20:55:50.0776 Scan Started: [ID: 24 - Flags: 1575/0]
Thu 2012-01-05 20:57:45.0607 Scan Results: Files Scanned: 31173, Duration: 1m 54s, Malicious Files: 0
Thu 2012-01-05 20:57:45.0732 Scan Finished: [ID: 24 - Seq: 24198989]
Thu 2012-01-05 21:28:46.0154 SLevel updated to CA051O7WBB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Fri 2012-01-06 10:04:47.0502 Begin passive write scan (1 file(s))
Fri 2012-01-06 10:04:47.0838 End passive write scan (1 file(s))
Fri 2012-01-06 10:04:50.0501 Begin passive write scan (5 file(s))
Fri 2012-01-06 10:04:51.0047 End passive write scan (5 file(s))
Fri 2012-01-06 10:04:54.0007 Begin passive write scan (3 file(s))
Fri 2012-01-06 10:04:54.0398 End passive write scan (3 file(s))
Fri 2012-01-06 22:02:32.0515 >>> Service started [v8.0.1.44]
Fri 2012-01-06 22:02:32.0515 Terminated abruptly in the last session
Fri 2012-01-06 22:02:32.0523 Connecting to 3 - 3
Fri 2012-01-06 22:02:32.0749 User process connected successfully from PID 5876, Session 1
Sat 2012-01-07 10:18:13.0698 Begin passive write scan (3 file(s))
Sat 2012-01-07 10:18:14.0254 End passive write scan (3 file(s))
Sat 2012-01-07 10:18:55.0880 Begin passive write scan (4 file(s))
Sat 2012-01-07 10:18:56.0324 End passive write scan (4 file(s))
Sat 2012-01-07 13:28:03.0424 Infection detected: c:\users\owner\appdata\local\temp\mor.exe [MD5: 94DF8509587BC0701A6CD13CE0BA3C9D] [3/00080000]
Sat 2012-01-07 13:28:03.0424 File blocked in realtime: c:\users\owner\appdata\local\temp\mor.exe [MD5: 94DF8509587BC0701A6CD13CE0BA3C9D, Size: 273920 bytes] [524288/00000003]
Sat 2012-01-07 13:28:03.0424 File blocked in realtime: c:\users\owner\appdata\local\temp\mor.exe [MD5: 94DF8509587BC0701A6CD13CE0BA3C9D, Size: 273920 bytes] [524288/00000003]
Sat 2012-01-07 13:28:03.0567 Infection detected: c:\users\owner\appdata\local\temp\mor.exe [MD5: 94DF8509587BC0701A6CD13CE0BA3C9D] [3/00080000]
Sat 2012-01-07 13:28:03.0567 File blocked in realtime: c:\users\owner\appdata\local\temp\mor.exe [MD5: 94DF8509587BC0701A6CD13CE0BA3C9D, Size: 273920 bytes] [524288/00000003]
Sat 2012-01-07 13:28:03.0567 File blocked in realtime: c:\users\owner\appdata\local\temp\mor.exe [MD5: 94DF8509587BC0701A6CD13CE0BA3C9D, Size: 273920 bytes] [524288/00000003]
Sat 2012-01-07 13:28:03.0722 Infection detected: c:\users\owner\appdata\local\temp\mor.exe [MD5: 94DF8509587BC0701A6CD13CE0BA3C9D] [3/00080000]
Sat 2012-01-07 13:28:03.0722 File blocked in realtime: c:\users\owner\appdata\local\temp\mor.exe [MD5: 94DF8509587BC0701A6CD13CE0BA3C9D, Size: 273920 bytes] [524288/00000003]
Sat 2012-01-07 13:28:03.0722 File blocked in realtime: c:\users\owner\appdata\local\temp\mor.exe [MD5: 94DF8509587BC0701A6CD13CE0BA3C9D, Size: 273920 bytes] [524288/00000003]
Sat 2012-01-07 13:28:03.0722 File blocked in realtime: c:\users\owner\appdata\local\temp\mor.exe [MD5: 94DF8509587BC0701A6CD13CE0BA3C9D, Size: 273920 bytes] [524288/00000003]
Sat 2012-01-07 13:28:03.0839 Begin passive write scan (1 file(s))
Sat 2012-01-07 13:28:04.0226 Infection detected: c:\users\owner\appdata\local\temp\mor.exe [MD5: 94DF8509587BC0701A6CD13CE0BA3C9D] [3/00080000]
Sat 2012-01-07 13:28:04.0226 File blocked in realtime: c:\users\owner\appdata\local\temp\mor.exe [MD5: 94DF8509587BC0701A6CD13CE0BA3C9D, Size: 273920 bytes] [524288/00000003]
Sat 2012-01-07 13:28:04.0409 End passive write scan (1 file(s))
Sat 2012-01-07 22:02:38.0234 SLevel updated to CA055F4ABB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Sun 2012-01-08 19:26:56.0397 >>> Service started [v8.0.1.44]
Sun 2012-01-08 19:26:56.0631 Terminated abruptly in the last session
Sun 2012-01-08 19:27:10.0920 User process connected successfully from PID 820, Session 1
Sun 2012-01-08 19:27:34.0773 Connecting to 3 - 3
Sun 2012-01-08 19:28:18.0147 Begin passive write scan (4 file(s))
Sun 2012-01-08 19:28:18.0833 End passive write scan (4 file(s))
Sun 2012-01-08 19:28:54.0661 Begin passive write scan (2 file(s))
Sun 2012-01-08 19:28:55.0020 End passive write scan (2 file(s))
Sun 2012-01-08 19:29:00.0745 Begin passive write scan (1 file(s))
Sun 2012-01-08 19:29:01.0213 End passive write scan (1 file(s))
Sun 2012-01-08 19:29:43.0333 Begin passive write scan (1 file(s))
Sun 2012-01-08 19:29:43.0692 End passive write scan (1 file(s))
Sun 2012-01-08 19:30:28.0964 Begin passive write scan (1 file(s))
Sun 2012-01-08 19:30:29.0213 End passive write scan (1 file(s))
Sun 2012-01-08 19:30:32.0006 Begin passive write scan (1 file(s))
Sun 2012-01-08 19:30:32.0364 End passive write scan (1 file(s))
Sun 2012-01-08 19:32:18.0216 Begin passive write scan (1 file(s))
Sun 2012-01-08 19:32:18.0560 End passive write scan (1 file(s))
Sun 2012-01-08 19:32:21.0216 Begin passive write scan (4 file(s))
Sun 2012-01-08 19:32:21.0760 End passive write scan (4 file(s))
Sun 2012-01-08 19:32:24.0222 Begin passive write scan (4 file(s))
Sun 2012-01-08 19:32:24.0633 End passive write scan (4 file(s))
Sun 2012-01-08 19:36:26.0067 Scan Started: [ID: 25 - Flags: 1575/0]
Sun 2012-01-08 19:36:57.0172 Connected to C1
Sun 2012-01-08 19:37:33.0159 Scan Results: Files Scanned: 33047, Duration: 1m 7s, Malicious Files: 0
Sun 2012-01-08 19:37:33.0228 Scan Finished: [ID: 25 - Seq: 24453417]
Sun 2012-01-08 19:37:41.0102 Scan Started: [ID: 26 - Flags: 1575/0]
Sun 2012-01-08 19:38:34.0707 Scan Results: Files Scanned: 32989, Duration: 53s, Malicious Files: 0
Sun 2012-01-08 19:38:34.0729 Scan Finished: [ID: 26 - Seq: 24453514]
Mon 2012-01-09 00:39:13.0716 Begin passive write scan (2 file(s))
Mon 2012-01-09 00:39:16.0438 End passive write scan (2 file(s))
Mon 2012-01-09 00:39:17.0292 Begin passive write scan (1 file(s))
Mon 2012-01-09 00:39:17.0788 End passive write scan (1 file(s))
Mon 2012-01-09 00:39:26.0548 Begin passive write scan (4 file(s))
Mon 2012-01-09 00:39:27.0065 End passive write scan (4 file(s))
Mon 2012-01-09 14:22:55.0932 Begin passive write scan (2 file(s))
Mon 2012-01-09 14:22:56.0271 End passive write scan (2 file(s))
Mon 2012-01-09 19:43:25.0044 SLevel updated to CA058Y0BBB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Mon 2012-01-09 20:37:43.0175 Scan Started: [ID: 27 - Flags: 1575/0]
Mon 2012-01-09 20:38:41.0020 Scan Results: Files Scanned: 33361, Duration: 57s, Malicious Files: 0
Mon 2012-01-09 20:38:41.0042 Scan Finished: [ID: 27 - Seq: 24543519]
Tue 2012-01-10 19:43:25.0667 SLevel updated to CA05ASOCBB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Tue 2012-01-10 21:36:35.0769 Begin passive write scan (1 file(s))
Tue 2012-01-10 21:36:36.0117 End passive write scan (1 file(s))
Tue 2012-01-10 21:36:38.0811 Begin passive write scan (5 file(s))
Tue 2012-01-10 21:36:39.0432 End passive write scan (5 file(s))
Tue 2012-01-10 21:36:41.0836 Begin passive write scan (3 file(s))
Tue 2012-01-10 21:36:42.0370 End passive write scan (3 file(s))
Tue 2012-01-10 21:37:51.0579 Scan Started: [ID: 28 - Flags: 1575/0]
Tue 2012-01-10 21:39:39.0516 Scan Results: Files Scanned: 33234, Duration: 1m 47s, Malicious Files: 0
Tue 2012-01-10 21:39:39.0541 Scan Finished: [ID: 28 - Seq: 24633540]
Wed 2012-01-11 08:25:55.0450 Scan Started: [ID: 29 - Flags: 1575/0]
Wed 2012-01-11 08:26:56.0655 Scan Results: Files Scanned: 33334, Duration: 1m 1s, Malicious Files: 0
Wed 2012-01-11 08:26:56.0675 Scan Finished: [ID: 29 - Seq: 24672415]
Wed 2012-01-11 13:39:47.0483 Begin passive write scan (2 file(s))
Wed 2012-01-11 13:39:47.0921 End passive write scan (2 file(s))
Wed 2012-01-11 13:40:05.0486 Begin passive write scan (1 file(s))
Wed 2012-01-11 13:40:05.0736 End passive write scan (1 file(s))
Wed 2012-01-11 13:40:11.0488 Begin passive write scan (1 file(s))
Wed 2012-01-11 13:40:11.0935 End passive write scan (1 file(s))
Wed 2012-01-11 13:40:14.0488 Begin passive write scan (1 file(s))
Wed 2012-01-11 13:40:14.0828 End passive write scan (1 file(s))
Wed 2012-01-11 13:40:20.0491 Begin passive write scan (1 file(s))
Wed 2012-01-11 13:40:21.0045 End passive write scan (1 file(s))
Wed 2012-01-11 13:40:29.0504 Begin passive write scan (1 file(s))
Wed 2012-01-11 13:40:29.0948 End passive write scan (1 file(s))
Wed 2012-01-11 13:40:32.0504 Begin passive write scan (1 file(s))
Wed 2012-01-11 13:40:32.0751 End passive write scan (1 file(s))
Wed 2012-01-11 13:40:35.0505 Begin passive write scan (1 file(s))
Wed 2012-01-11 13:40:35.0946 End passive write scan (1 file(s))
Wed 2012-01-11 13:40:41.0508 Begin passive write scan (1 file(s))
Wed 2012-01-11 13:40:41.0846 End passive write scan (1 file(s))
Wed 2012-01-11 13:40:44.0509 Begin passive write scan (1 file(s))
Wed 2012-01-11 13:40:44.0846 End passive write scan (1 file(s))
Wed 2012-01-11 13:40:50.0509 Begin passive write scan (9 file(s))
Wed 2012-01-11 13:40:50.0954 End passive write scan (9 file(s))
Wed 2012-01-11 19:43:28.0120 SLevel updated to CA05CNCEBB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Wed 2012-01-11 23:20:32.0950 >>> Service started [v8.0.1.44]
Wed 2012-01-11 23:20:32.0996 Terminated abruptly in the last session
Wed 2012-01-11 23:20:34.0666 User process connected successfully from PID 976, Session 1
Wed 2012-01-11 23:20:35.0009 Connecting to 3 - 3
Wed 2012-01-11 23:20:50.0702 Begin passive write scan (1 file(s))
Wed 2012-01-11 23:20:51.0311 End passive write scan (1 file(s))
Wed 2012-01-11 23:21:40.0769 Begin passive write scan (1 file(s))
Wed 2012-01-11 23:21:41.0019 End passive write scan (1 file(s))
Wed 2012-01-11 23:22:08.0143 Begin passive write scan (4 file(s))
Wed 2012-01-11 23:22:09.0048 End passive write scan (4 file(s))
Wed 2012-01-11 23:23:02.0899 Begin passive write scan (2 file(s))
Wed 2012-01-11 23:23:04.0677 End passive write scan (2 file(s))
Wed 2012-01-11 23:23:05.0941 Begin passive write scan (1 file(s))
Wed 2012-01-11 23:23:06.0190 End passive write scan (1 file(s))
Wed 2012-01-11 23:30:13.0459 Scan Started: [ID: 30 - Flags: 1575/0]
Wed 2012-01-11 23:31:17.0643 Connected to C1
Wed 2012-01-11 23:31:18.0073 Scan Results: Files Scanned: 33548, Duration: 1m 4s, Malicious Files: 0
Wed 2012-01-11 23:31:18.0093 Scan Finished: [ID: 30 - Seq: 24726677]
Wed 2012-01-11 23:31:28.0483 Scan Started: [ID: 31 - Flags: 1575/0]
Wed 2012-01-11 23:32:05.0465 Scan Results: Files Scanned: 33404, Duration: 36s, Malicious Files: 0
Wed 2012-01-11 23:32:05.0485 Scan Finished: [ID: 31 - Seq: 24726725]
Thu 2012-01-12 03:06:12.0265 >>> Service started [v8.0.1.44]
Thu 2012-01-12 03:06:12.0280 Terminated abruptly in the last session
Thu 2012-01-12 03:06:16.0820 User process connected successfully from PID 932, Session 1
Thu 2012-01-12 03:06:33.0122 Connecting to 3 - 3
Thu 2012-01-12 03:06:34.0214 Begin passive write scan (1 file(s))
Thu 2012-01-12 03:06:34.0573 End passive write scan (1 file(s))
Thu 2012-01-12 03:07:10.0754 Begin passive write scan (4 file(s))
Thu 2012-01-12 03:07:16.0838 Begin passive write scan (1 file(s))
Thu 2012-01-12 03:07:17.0634 End passive write scan (1 file(s))
Thu 2012-01-12 03:07:18.0538 End passive write scan (4 file(s))
Thu 2012-01-12 03:08:39.0011 Begin passive write scan (1 file(s))
Thu 2012-01-12 03:08:44.0393 End passive write scan (1 file(s))
Thu 2012-01-12 03:08:48.0137 Begin passive write scan (1 file(s))
Thu 2012-01-12 03:08:48.0387 End passive write scan (1 file(s))
Thu 2012-01-12 03:08:51.0179 Begin passive write scan (1 file(s))
Thu 2012-01-12 03:08:51.0756 End passive write scan (1 file(s))
Thu 2012-01-12 03:11:01.0985 Begin passive write scan (30 file(s))
Thu 2012-01-12 03:11:02.0453 End passive write scan (30 file(s))
Thu 2012-01-12 03:15:23.0745 Begin passive write scan (1 file(s))
Thu 2012-01-12 03:15:24.0104 End passive write scan (1 file(s))
Thu 2012-01-12 03:15:32.0871 Begin passive write scan (1 file(s))
Thu 2012-01-12 03:15:33.0557 End passive write scan (1 file(s))
Thu 2012-01-12 03:16:33.0711 Begin passive write scan (1 file(s))
Thu 2012-01-12 03:16:34.0085 End passive write scan (1 file(s))
Thu 2012-01-12 03:18:50.0819 Begin passive write scan (1 file(s))
Thu 2012-01-12 03:18:51.0178 End passive write scan (1 file(s))
Thu 2012-01-12 03:19:06.0030 Begin passive write scan (4 file(s))
Thu 2012-01-12 03:19:06.0607 End passive write scan (4 file(s))
Thu 2012-01-12 03:19:09.0072 Begin passive write scan (4 file(s))
Thu 2012-01-12 03:19:09.0430 End passive write scan (4 file(s))
Thu 2012-01-12 03:39:04.0673 Begin passive write scan (3 file(s))
Thu 2012-01-12 03:39:06.0888 End passive write scan (3 file(s))
Thu 2012-01-12 03:39:10.0898 Begin passive write scan (4 file(s))
Thu 2012-01-12 03:39:11.0381 End passive write scan (4 file(s))
Thu 2012-01-12 08:49:20.0781 >>> Service started [v8.0.1.44]
Thu 2012-01-12 08:49:20.0875 Terminated abruptly in the last session
Thu 2012-01-12 08:49:24.0416 User process connected successfully from PID 904, Session 1
Thu 2012-01-12 08:49:36.0724 Connecting to 3 - 3
Thu 2012-01-12 08:49:39.0064 Begin passive write scan (1 file(s))
Thu 2012-01-12 08:49:39.0423 End passive write scan (1 file(s))
Thu 2012-01-12 08:50:15.0502 Begin passive write scan (1 file(s))
Thu 2012-01-12 08:50:15.0861 End passive write scan (1 file(s))
Thu 2012-01-12 08:51:01.0144 Begin passive write scan (4 file(s))
Thu 2012-01-12 08:51:01.0830 End passive write scan (4 file(s))
Thu 2012-01-12 08:51:52.0858 Begin passive write scan (2 file(s))
Thu 2012-01-12 08:51:54.0636 End passive write scan (2 file(s))
Thu 2012-01-12 08:51:56.0274 Begin passive write scan (2 file(s))
Thu 2012-01-12 08:51:56.0633 End passive write scan (2 file(s))
Thu 2012-01-12 08:58:57.0015 Begin passive write scan (1 file(s))
Thu 2012-01-12 08:58:57.0527 End passive write scan (1 file(s))
Thu 2012-01-12 08:59:30.0186 Begin passive write scan (4 file(s))
Thu 2012-01-12 08:59:30.0786 End passive write scan (4 file(s))
Thu 2012-01-12 08:59:33.0186 Begin passive write scan (4 file(s))
Thu 2012-01-12 08:59:33.0563 End passive write scan (4 file(s))
Thu 2012-01-12 09:04:55.0845 Scan Started: [ID: 30 - Flags: 1575/0]
Thu 2012-01-12 09:06:14.0172 Connected to C1
Thu 2012-01-12 09:06:32.0794 Scan Results: Files Scanned: 33641, Duration: 1m 36s, Malicious Files: 0
Thu 2012-01-12 09:06:33.0033 Scan Finished: [ID: 30 - Seq: 24761171]
Thu 2012-01-12 09:39:08.0268 Begin passive write scan (1 file(s))
Thu 2012-01-12 09:39:09.0765 End passive write scan (1 file(s))
Thu 2012-01-12 09:39:11.0268 Begin passive write scan (2 file(s))
Thu 2012-01-12 09:39:12.0887 End passive write scan (2 file(s))
Thu 2012-01-12 09:39:20.0436 Begin passive write scan (4 file(s))
Thu 2012-01-12 09:39:20.0890 End passive write scan (4 file(s))
Thu 2012-01-12 09:39:41.0437 Begin passive write scan (2 file(s))
Thu 2012-01-12 09:39:41.0678 End passive write scan (2 file(s))
Thu 2012-01-12 09:39:44.0437 Begin passive write scan (1 file(s))
Thu 2012-01-12 09:39:44.0674 End passive write scan (1 file(s))
Thu 2012-01-12 09:39:47.0437 Begin passive write scan (1 file(s))
Thu 2012-01-12 09:39:47.0674 End passive write scan (1 file(s))
Thu 2012-01-12 09:39:53.0439 Begin passive write scan (1 file(s))
Thu 2012-01-12 09:39:53.0678 End passive write scan (1 file(s))
Thu 2012-01-12 09:39:56.0439 Begin passive write scan (1 file(s))
Thu 2012-01-12 09:39:56.0680 End passive write scan (1 file(s))
Thu 2012-01-12 09:40:02.0439 Begin passive write scan (1 file(s))
Thu 2012-01-12 09:40:02.0685 End passive write scan (1 file(s))
Thu 2012-01-12 09:40:05.0439 Begin passive write scan (1 file(s))
Thu 2012-01-12 09:40:05.0679 End passive write scan (1 file(s))
Thu 2012-01-12 09:40:08.0444 Begin passive write scan (1 file(s))
Thu 2012-01-12 09:40:08.0687 End passive write scan (1 file(s))
Thu 2012-01-12 09:40:14.0449 Begin passive write scan (1 file(s))
Thu 2012-01-12 09:40:14.0699 End passive write scan (1 file(s))
Thu 2012-01-12 09:40:17.0447 Begin passive write scan (1 file(s))
Thu 2012-01-12 09:40:17.0692 End passive write scan (1 file(s))
Thu 2012-01-12 09:40:20.0447 Begin passive write scan (5 file(s))
Thu 2012-01-12 09:40:20.0790 End passive write scan (5 file(s))
Thu 2012-01-12 09:40:23.0447 Begin passive write scan (4 file(s))
Thu 2012-01-12 09:40:23.0694 End passive write scan (4 file(s))
Thu 2012-01-12 10:08:14.0676 Begin passive write scan (1 file(s))
Thu 2012-01-12 10:08:15.0419 End passive write scan (1 file(s))
Fri 2012-01-13 00:21:00.0029 Monitoring process C:\Users\Owner\AppData\Roaming\Spotify\Spotify.exe [B9E043646D9D4DCF20308CC8613636C3]. Type: 3 (8571)
Fri 2012-01-13 00:21:00.0029 Monitoring process C:\Users\Owner\AppData\Roaming\Spotify\Spotify.exe [B9E043646D9D4DCF20308CC8613636C3]. Type: 4 (8571)
Fri 2012-01-13 00:21:00.0087 Monitoring process C:\Users\Owner\AppData\Roaming\Spotify\Spotify.exe [B9E043646D9D4DCF20308CC8613636C3]. Type: 8 (8571)
Fri 2012-01-13 00:21:01.0169 Begin passive write scan (6 file(s))
Fri 2012-01-13 00:21:01.0921 End passive write scan (6 file(s))
Fri 2012-01-13 09:43:31.0211 SLevel updated to CA05FKWGBB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Fri 2012-01-13 09:54:34.0898 Begin passive write scan (1 file(s))
Fri 2012-01-13 09:54:35.0137 End passive write scan (1 file(s))
Fri 2012-01-13 09:54:37.0898 Begin passive write scan (5 file(s))
Fri 2012-01-13 09:54:38.0253 End passive write scan (5 file(s))
Fri 2012-01-13 09:54:40.0898 Begin passive write scan (3 file(s))
Fri 2012-01-13 09:54:41.0270 End passive write scan (3 file(s))
Fri 2012-01-13 10:05:02.0200 Scan Started: [ID: 31 - Flags: 1575/0]
Fri 2012-01-13 10:06:01.0932 Scan Results: Files Scanned: 22068, Duration: 59s, Malicious Files: 0
Fri 2012-01-13 10:06:01.0961 Scan Finished: [ID: 31 - Seq: 24851160]
Fri 2012-01-13 11:20:23.0111 Monitoring process C:\Users\Owner\AppData\Roaming\Spotify\Spotify.exe [B9E043646D9D4DCF20308CC8613636C3]. Type: 3 (8571)
Fri 2012-01-13 11:20:23.0111 Monitoring process C:\Users\Owner\AppData\Roaming\Spotify\Spotify.exe [B9E043646D9D4DCF20308CC8613636C3]. Type: 4 (8571)
Fri 2012-01-13 11:20:23.0166 Monitoring process C:\Users\Owner\AppData\Roaming\Spotify\Spotify.exe [B9E043646D9D4DCF20308CC8613636C3]. Type: 8 (8571)
Sat 2012-01-14 03:00:52.0228 Begin passive write scan (8 file(s))
Sat 2012-01-14 03:00:53.0065 End passive write scan (8 file(s))
Sat 2012-01-14 03:01:01.0229 Begin passive write scan (2 file(s))
Sat 2012-01-14 03:01:01.0469 End passive write scan (2 file(s))
Sat 2012-01-14 03:01:04.0230 Begin passive write scan (8 file(s))
Sat 2012-01-14 03:01:04.0868 End passive write scan (8 file(s))
Sat 2012-01-14 03:01:10.0232 Begin passive write scan (8 file(s))
Sat 2012-01-14 03:01:10.0775 End passive write scan (8 file(s))
Sat 2012-01-14 03:01:16.0234 Begin passive write scan (30 file(s))
Sat 2012-01-14 03:01:16.0670 End passive write scan (30 file(s))
Sat 2012-01-14 03:04:58.0268 Begin passive write scan (1 file(s))
Sat 2012-01-14 03:04:58.0639 End passive write scan (1 file(s))
Sat 2012-01-14 03:05:05.0383 Begin passive write scan (2 file(s))
Sat 2012-01-14 03:05:06.0041 End passive write scan (2 file(s))
Sat 2012-01-14 03:06:08.0397 Begin passive write scan (1 file(s))
Sat 2012-01-14 03:06:08.0735 End passive write scan (1 file(s))
Sat 2012-01-14 03:07:32.0594 Begin passive write scan (20 file(s))
Sat 2012-01-14 03:07:33.0353 End passive write scan (20 file(s))
Sat 2012-01-14 03:07:38.0610 Begin passive write scan (22 file(s))
Sat 2012-01-14 03:07:39.0351 End passive write scan (22 file(s))
Sat 2012-01-14 03:23:40.0809 Begin passive write scan (1 file(s))
Sat 2012-01-14 03:23:41.0168 End passive write scan (1 file(s))
Sat 2012-01-14 03:23:46.0893 Begin passive write scan (11 file(s))
Sat 2012-01-14 03:23:47.0907 End passive write scan (11 file(s))
Sat 2012-01-14 03:23:51.0136 Begin passive write scan (20 file(s))
Sat 2012-01-14 03:23:54.0116 End passive write scan (20 file(s))
Sat 2012-01-14 03:23:56.0877 System shutting down.
Sat 2012-01-14 03:24:04.0209 Configuration Saved: CSCS4CC1F1809EDE38064F88F707BE37D3BA,00011,00021,00031,00041,00051,00061,00070,00081,00091,000A1,000B1,000C1,000D0,000E1,000F0,001012,001114,00120,00130,00140,00151,00161,00170,00181,00191,001A0,001B0,001C1,001D0,001E1,001F1,00201,00211,00221,00231,00240,00251,00260,00270,00281,00291,002A0,002B1,002C1,002D0,002E1,002F1,00301,00311,00321,00331,00341,00351,00361,00371,00381,00390,003A1,003B1,003C2,003D1,003E1,003F1,00401,00411,00421,00430,00441,00451,00461,00471,00481,00491,004A1,004B1,004C1,004D1,004E1,004F1,00501,00511,00521,00530,00541,00551,00561,00571,00581,00591,005A1,005B1,005C0,005D0,005E1,005F0,00601,00612,00621,00631,00641,00653,00662,00672,00681,00692,006A1,006B1,006C1,006D2,006E1,006F1,00701,00711,00721,00731,00741,00753,00761,00771,00781,00791,
Sat 2012-01-14 03:24:04.0209 <<< Service shut down successfully. Uptime: 2554 minute(s)
Sat 2012-01-14 09:00:31.0766 >>> Service started [v8.0.1.44]
Sat 2012-01-14 09:00:31.0766 Terminated abruptly in the last session
Sat 2012-01-14 09:00:42.0795 User process connected successfully from PID 880, Session 1
Sat 2012-01-14 09:01:07.0427 Connecting to 3 - 3
Sat 2012-01-14 09:01:07.0864 Begin passive write scan (1 file(s))
Sat 2012-01-14 09:01:08.0441 End passive write scan (1 file(s))
Sat 2012-01-14 09:02:48.0250 Begin passive write scan (1 file(s))
Sat 2012-01-14 09:02:48.0718 End passive write scan (1 file(s))
Sat 2012-01-14 09:07:30.0314 Begin passive write scan (1 file(s))
Sat 2012-01-14 09:07:30.0704 End passive write scan (1 file(s))
Sat 2012-01-14 09:07:42.0591 Begin passive write scan (1 file(s))
Sat 2012-01-14 09:07:43.0075 End passive write scan (1 file(s))
Sat 2012-01-14 09:08:03.0886 Begin passive write scan (1 file(s))
Sat 2012-01-14 09:08:04.0244 End passive write scan (1 file(s))
Sat 2012-01-14 09:10:39.0543 User process connected successfully from PID 880, Session 1
Sat 2012-01-14 09:10:42.0023 User process connected successfully from PID 880, Session 1
Sat 2012-01-14 09:10:42.0990 System shutting down.
Sat 2012-01-14 09:10:46.0781 Configuration Saved: CSCS4CC1F1809EDE38064F88F707BE37D3BA,00011,00021,00031,00041,00051,00061,00070,00081,00091,000A1,000B1,000C1,000D0,000E1,000F0,001012,001114,00120,00130,00140,00151,00161,00170,00181,00191,001A0,001B0,001C1,001D0,001E1,001F1,00201,00211,00221,00231,00240,00251,00260,00270,00281,00291,002A0,002B1,002C1,002D0,002E1,002F1,00301,00311,00321,00331,00341,00351,00361,00371,00381,00390,003A1,003B1,003C2,003D1,003E1,003F1,00401,00411,00421,00430,00441,00451,00461,00471,00481,00491,004A1,004B1,004C1,004D1,004E1,004F1,00501,00511,00521,00530,00541,00551,00561,00571,00581,00591,005A1,005B1,005C0,005D0,005E1,005F0,00601,00612,00621,00631,00641,00653,00662,00672,00681,00692,006A1,006B1,006C1,006D2,006E1,006F1,00701,00711,00721,00731,00741,00753,00761,00771,00781,00791,
Sat 2012-01-14 09:10:46.0781 <<< Service shut down successfully. Uptime: 10 minute(s)
Sat 2012-01-14 09:38:47.0904 >>> Service started [v8.0.1.44]
Sat 2012-01-14 09:38:47.0920 Terminated abruptly in the last session
Sat 2012-01-14 09:38:51.0929 User process connected successfully from PID 896, Session 1
Sat 2012-01-14 09:39:23.0768 Connecting to 3 - 3
Sat 2012-01-14 09:39:24.0298 Begin passive write scan (1 file(s))
Sat 2012-01-14 09:39:24.0538 End passive write scan (1 file(s))
Sat 2012-01-14 09:39:33.0396 Begin passive write scan (4 file(s))
Sat 2012-01-14 09:39:34.0083 End passive write scan (4 file(s))
Sat 2012-01-14 09:39:58.0871 Begin passive write scan (1 file(s))
Sat 2012-01-14 09:39:59.0246 End passive write scan (1 file(s))
Sat 2012-01-14 09:41:30.0357 Begin passive write scan (1 file(s))
Sat 2012-01-14 09:41:30.0606 End passive write scan (1 file(s))
Sat 2012-01-14 09:41:33.0399 Begin passive write scan (1 file(s))
Sat 2012-01-14 09:41:33.0648 End passive write scan (1 file(s))
Sat 2012-01-14 09:52:53.0491 Begin passive write scan (1 file(s))
Sat 2012-01-14 09:52:54.0396 End passive write scan (1 file(s))
Sat 2012-01-14 09:52:56.0548 Begin passive write scan (17 file(s))
Sat 2012-01-14 09:52:57.0937 End passive write scan (17 file(s))
Sat 2012-01-14 09:52:59.0637 Begin passive write scan (36 file(s))
Sat 2012-01-14 09:53:00.0792 End passive write scan (36 file(s))
Sat 2012-01-14 09:53:08.0904 Begin passive write scan (1 file(s))
Sat 2012-01-14 09:53:09.0403 End passive write scan (1 file(s))
Sat 2012-01-14 11:05:08.0680 Scan Started: [ID: 32 - Flags: 1575/0]
Sat 2012-01-14 11:06:04.0034 Connected to C1
Sat 2012-01-14 11:06:16.0028 Scan Results: Files Scanned: 28917, Duration: 1m 7s, Malicious Files: 0
Sat 2012-01-14 11:06:16.0078 Scan Finished: [ID: 32 - Seq: 24941161]
Sat 2012-01-14 13:30:40.0221 Monitoring process C:\Users\Owner\AppData\Roaming\Spotify\Spotify.exe [B9E043646D9D4DCF20308CC8613636C3]. Type: 3 (8571)
Sat 2012-01-14 13:30:40.0221 Monitoring process C:\Users\Owner\AppData\Roaming\Spotify\Spotify.exe [B9E043646D9D4DCF20308CC8613636C3]. Type: 4 (8571)
Sat 2012-01-14 13:30:40.0377 Monitoring process C:\Users\Owner\AppData\Roaming\Spotify\Spotify.exe [B9E043646D9D4DCF20308CC8613636C3]. Type: 8 (8571)
Sat 2012-01-14 13:30:41.0828 Monitoring process C:\Users\Owner\AppData\Local\Temp\~SpUnin~.exe [B9E043646D9D4DCF20308CC8613636C3]. Type: 3 (8571)
Sat 2012-01-14 13:30:41.0828 Monitoring process C:\Users\Owner\AppData\Local\Temp\~SpUnin~.exe [B9E043646D9D4DCF20308CC8613636C3]. Type: 4 (8571)
Sat 2012-01-14 13:30:41.0890 Monitoring process C:\Users\Owner\AppData\Local\Temp\~SpUnin~.exe [B9E043646D9D4DCF20308CC8613636C3]. Type: 8 (8571)
Sat 2012-01-14 13:30:43.0450 Begin passive write scan (1 file(s))
Sat 2012-01-14 13:30:43.0825 Monitoring process C:\Users\Owner\AppData\Local\Temp\~SpUnin~.exe [B9E043646D9D4DCF20308CC8613636C3]. Type: 2 (8571)
Sat 2012-01-14 13:30:44.0027 End passive write scan (1 file(s))
Sat 2012-01-14 13:32:12.0214 Begin passive write scan (14 file(s))
Sat 2012-01-14 13:32:13.0072 End passive write scan (14 file(s))
Sat 2012-01-14 15:30:08.0255 >>> Service started [v8.0.1.44]
Sat 2012-01-14 15:30:08.0271 Terminated abruptly in the last session
Sat 2012-01-14 15:30:27.0849 User process connected successfully from PID 972, Session 1
Sat 2012-01-14 15:30:43.0811 Connecting to 3 - 3
Sat 2012-01-14 15:30:44.0216 Begin passive write scan (5 file(s))
Sat 2012-01-14 15:30:45.0006 End passive write scan (5 file(s))
Sat 2012-01-14 15:30:53.0337 Begin passive write scan (1 file(s))
Sat 2012-01-14 15:30:53.0586 End passive write scan (1 file(s))
Sat 2012-01-14 15:32:30.0826 Begin passive write scan (1 file(s))
Sat 2012-01-14 15:32:31.0083 End passive write scan (1 file(s))
Sat 2012-01-14 15:32:39.0936 Begin passive write scan (1 file(s))
Sat 2012-01-14 15:32:40.0185 End passive write scan (1 file(s))
Sat 2012-01-14 15:33:20.0615 Scan Started: [ID: 33 - Flags: 551/0]
Sat 2012-01-14 15:36:36.0310 Connected to C1
Sat 2012-01-14 15:37:30.0630 Scan Results: Files Scanned: 32886, Duration: 4m 9s, Malicious Files: 0
Sat 2012-01-14 15:37:30.0692 Scan Finished: [ID: 33 - Seq: 24957393]
Sat 2012-01-14 15:39:52.0808 Scan Started: [ID: 34 - Flags: 1575/0]
Sat 2012-01-14 15:40:24.0976 Scan Results: Files Scanned: 24499, Duration: 32s, Malicious Files: 0
Sat 2012-01-14 15:40:24.0976 Scan Aborted: [ID: 34]
Sat 2012-01-14 15:40:44.0614 Configuration Saved: CSCS4CC1F1809EDE38064F88F707BE37D3BA,00011,00021,00031,00041,00051,00061,00070,00081,00091,000A1,000B1,000C1,000D0,000E1,000F0,001012,001114,00120,00130,00140,00151,00161,00170,00181,00191,001A0,001B0,001C1,001D0,001E1,001F1,00201,00211,00221,00231,00240,00251,00260,00270,00281,00291,002A0,002B1,002C1,002D0,002E1,002F1,00301,00311,00321,00331,00341,00351,00361,00371,00381,00390,003A1,003B1,003C2,003D1,003E1,003F1,00401,00411,00421,00430,00441,00451,00461,00471,00481,00491,004A1,004B1,004C1,004D1,004E1,004F1,00501,00511,00521,00530,00541,00551,00561,00571,00581,00591,005A1,005B1,005C0,005D0,005E1,005F0,00601,00612,00621,00631,00641,00653,00662,00672,00681,00692,006A1,006B1,006C1,006D2,006E1,006F1,00701,00711,00721,00731,00741,00753,00761,00771,00781,00791,
Sat 2012-01-14 15:40:44.0614 <<< Service shut down successfully. Uptime: 10 minute(s)
Sat 2012-01-14 16:29:59.0838 >>> Service started [v8.0.1.44]
Sat 2012-01-14 16:29:59.0838 Connecting to 3 - 3
Sat 2012-01-14 16:30:00.0026 User process connected successfully from PID 4144, Session 1
Sat 2012-01-14 16:30:00.0026 Scan Started: C:\Users\Owner\Videos\Downton.Abbey.Christmas.Special.2011.HDTV_XviD-FoV.avi| [ID: 36 - Flags: 256/20]
Sat 2012-01-14 16:30:00.0041 Scan Started: C:\Users\Owner\Videos\Downton.Abbey.Christmas.Special.2011.HDTV_XviD-FoV.avi| [ID: 35 - Flags: 256/20]
Sat 2012-01-14 16:30:00.0306 Scan Results: Files Scanned: 1, Duration: 1s, Malicious Files: 0
Sat 2012-01-14 16:30:00.0306 Scan Results: Files Scanned: 1, Duration: 1s, Malicious Files: 0
Sat 2012-01-14 16:30:00.0353 Scan Finished: [ID: 36 - Seq: 36]
Sat 2012-01-14 16:30:00.0353 Scan Finished: [ID: 35 - Seq: 35]
Sat 2012-01-14 16:33:26.0560 Begin passive write scan (2 file(s))
Sat 2012-01-14 16:33:26.0920 End passive write scan (2 file(s))
Sat 2012-01-14 16:33:29.0569 Begin passive write scan (1 file(s))
Sat 2012-01-14 16:33:29.0929 End passive write scan (1 file(s))
Sat 2012-01-14 17:22:50.0801 Begin passive write scan (1 file(s))
Sat 2012-01-14 17:22:51.0131 End passive write scan (1 file(s))
Sat 2012-01-14 17:22:56.0817 Begin passive write scan (1 file(s))
Sat 2012-01-14 17:22:57.0147 End passive write scan (1 file(s))
Sat 2012-01-14 17:23:17.0837 Begin passive write scan (1 file(s))
Sat 2012-01-14 17:23:18.0379 End passive write scan (1 file(s))
Sat 2012-01-14 17:23:53.0876 Begin passive write scan (25 file(s))
Sat 2012-01-14 17:23:54.0630 End passive write scan (25 file(s))
Sat 2012-01-14 17:29:57.0098 Begin passive write scan (1 file(s))
Sat 2012-01-14 17:29:57.0678 End passive write scan (1 file(s))
Sat 2012-01-14 17:31:30.0885 Begin passive write scan (1 file(s))
Sat 2012-01-14 17:31:31.0134 End passive write scan (1 file(s))
Sat 2012-01-14 17:31:44.0815 System shutting down.
Sat 2012-01-14 17:31:48.0591 Configuration Saved: CSCS4CC1F1809EDE38064F88F707BE37D3BA,00011,00021,00031,00041,00051,00061,00070,00081,00091,000A1,000B1,000C1,000D0,000E1,000F0,001012,001114,00120,00130,00140,00151,00161,00170,00181,00191,001A0,001B0,001C1,001D0,001E1,001F1,00201,00211,00221,00231,00240,00251,00260,00270,00281,00291,002A0,002B1,002C1,002D0,002E1,002F1,00301,00311,00321,00331,00341,00351,00361,00371,00381,00390,003A1,003B1,003C2,003D1,003E1,003F1,00401,00411,00421,00430,00441,00451,00461,00471,00481,00491,004A1,004B1,004C1,004D1,004E1,004F1,00501,00511,00521,00530,00541,00551,00561,00571,00581,00591,005A1,005B1,005C0,005D0,005E1,005F0,00601,00612,00621,00631,00641,00653,00662,00672,00681,00692,006A1,006B1,006C1,006D2,006E1,006F1,00701,00711,00721,00731,00741,00753,00761,00771,00781,00791,
Sat 2012-01-14 17:31:48.0591 <<< Service shut down successfully. Uptime: 61 minute(s)
Sat 2012-01-14 17:32:27.0932 >>> Service started [v8.0.1.44]
Sat 2012-01-14 17:32:33.0283 User process connected successfully from PID 964, Session 1
Sat 2012-01-14 17:32:50.0786 Connecting to 3 - 3
Sat 2012-01-14 17:32:54.0515 Begin passive write scan (1 file(s))
Sat 2012-01-14 17:32:54.0764 End passive write scan (1 file(s))
Sat 2012-01-14 17:33:00.0599 Begin passive write scan (1 file(s))
Sat 2012-01-14 17:33:00.0848 End passive write scan (1 file(s))
Sat 2012-01-14 17:33:10.0002 Begin passive write scan (4 file(s))
Sat 2012-01-14 17:33:10.0688 End passive write scan (4 file(s))
Sat 2012-01-14 17:33:34.0789 Begin passive write scan (1 file(s))
Sat 2012-01-14 17:33:35.0148 End passive write scan (1 file(s))
Sat 2012-01-14 17:35:00.0034 Begin passive write scan (1 file(s))
Sat 2012-01-14 17:35:00.0283 End passive write scan (1 file(s))
Sat 2012-01-14 17:43:44.0574 Begin passive write scan (1 file(s))
Sat 2012-01-14 17:43:44.0839 End passive write scan (1 file(s))
Sat 2012-01-14 17:45:05.0776 Configuration Saved: CSCS4CC1F1809EDE38064F88F707BE37D3BA,00011,00021,00031,00041,00051,00061,00070,00081,00091,000A1,000B1,000C1,000D0,000E1,000F0,001012,001114,00120,00130,00140,00151,00161,00170,00181,00191,001A0,001B0,001C1,001D0,001E1,001F1,00201,00211,00221,00231,00240,00251,00260,00270,00281,00291,002A0,002B1,002C1,002D0,002E1,002F1,00301,00311,00321,00331,00341,00351,00361,00371,00381,00390,003A1,003B1,003C2,003D1,003E1,003F1,00401,00411,00421,00430,00441,00451,00461,00471,00481,00491,004A1,004B1,004C1,004D1,004E1,004F1,00501,00511,00521,00530,00541,00551,00561,00571,00581,00591,005A1,005B1,005C0,005D0,005E1,005F0,00601,00612,00621,00631,00641,00653,00662,00672,00681,00692,006A1,006B1,006C1,006D2,006E1,006F1,00701,00711,00721,00731,00741,00753,00761,00771,00781,00791,
Sat 2012-01-14 17:45:05.0776 <<< Service shut down successfully. Uptime: 12 minute(s)
Sat 2012-01-14 17:58:18.0050 >>> Service started [v8.0.1.44]
Sat 2012-01-14 17:58:18.0081 Connecting to 3 - 3
Sat 2012-01-14 17:58:18.0097 User process connected successfully from PID 1548, Session 1
Sat 2012-01-14 18:00:04.0644 Begin passive write scan (1 file(s))
Sat 2012-01-14 18:00:04.0894 End passive write scan (1 file(s))
Sat 2012-01-14 18:00:18.0794 System shutting down.
Sat 2012-01-14 18:00:21.0118 Configuration Saved: CSCS4CC1F1809EDE38064F88F707BE37D3BA,00011,00021,00031,00041,00051,00061,00070,00081,00091,000A1,000B1,000C1,000D0,000E1,000F0,001012,001114,00120,00130,00140,00151,00161,00170,00181,00191,001A0,001B0,001C1,001D0,001E1,001F1,00201,00211,00221,00231,00240,00251,00260,00270,00281,00291,002A0,002B1,002C1,002D0,002E1,002F1,00301,00311,00321,00331,00341,00351,00361,00371,00381,00390,003A1,003B1,003C2,003D1,003E1,003F1,00401,00411,00421,00430,00441,00451,00461,00471,00481,00491,004A1,004B1,004C1,004D1,004E1,004F1,00501,00511,00521,00530,00541,00551,00561,00571,00581,00591,005A1,005B1,005C0,005D0,005E1,005F0,00601,00612,00621,00631,00641,00653,00662,00672,00681,00692,006A1,006B1,006C1,006D2,006E1,006F1,00701,00711,00721,00731,00741,00753,00761,00771,00781,00791,
Sat 2012-01-14 18:00:21.0118 <<< Service shut down successfully. Uptime: 2 minute(s)
Sat 2012-01-14 18:01:01.0603 >>> Service started [v8.0.1.44]
Sat 2012-01-14 18:01:07.0313 User process connected successfully from PID 928, Session 1
Sat 2012-01-14 18:01:37.0122 Connecting to 3 - 3
Sat 2012-01-14 18:01:37.0572 Begin passive write scan (6 file(s))
Sat 2012-01-14 18:01:38.0316 End passive write scan (6 file(s))
Sat 2012-01-14 18:01:46.0850 Begin passive write scan (1 file(s))
Sat 2012-01-14 18:01:47.0131 End passive write scan (1 file(s))
Sat 2012-01-14 18:03:36.0789 Begin passive write scan (1 file(s))
Sat 2012-01-14 18:03:37.0038 End passive write scan (1 file(s))
Sat 2012-01-14 18:03:39.0831 Begin passive write scan (1 file(s))
Sat 2012-01-14 18:03:40.0080 End passive write scan (1 file(s))
Sun 2012-01-15 03:00:49.0891 Begin passive write scan (2 file(s))
Sun 2012-01-15 03:00:50.0141 End passive write scan (2 file(s))
Sun 2012-01-15 03:00:52.0933 Begin passive write scan (6 file(s))
Sun 2012-01-15 03:00:53.0635 End passive write scan (6 file(s))
Sun 2012-01-15 03:01:02.0059 Begin passive write scan (2 file(s))
Sun 2012-01-15 03:01:02.0309 End passive write scan (2 file(s))
Sun 2012-01-15 03:01:11.0185 Begin passive write scan (8 file(s))
Sun 2012-01-15 03:01:12.0199 End passive write scan (8 file(s))
Sun 2012-01-15 03:01:14.0227 Begin passive write scan (8 file(s))
Sun 2012-01-15 03:01:14.0804 End passive write scan (8 file(s))
Sun 2012-01-15 03:01:20.0311 Begin passive write scan (30 file(s))
Sun 2012-01-15 03:01:20.0576 End passive write scan (30 file(s))
Sun 2012-01-15 03:06:33.0685 Begin passive write scan (1 file(s))
Sun 2012-01-15 03:06:33.0934 End passive write scan (1 file(s))
Sun 2012-01-15 03:06:44.0901 Begin passive write scan (2 file(s))
Sun 2012-01-15 03:06:45.0447 End passive write scan (2 file(s))
Sun 2012-01-15 03:07:45.0741 Begin passive write scan (1 file(s))
Sun 2012-01-15 03:07:45.0991 End passive write scan (1 file(s))
Sun 2012-01-15 03:09:01.0822 Begin passive write scan (20 file(s))
Sun 2012-01-15 03:09:02.0836 End passive write scan (20 file(s))
Sun 2012-01-15 03:09:10.0948 Begin passive write scan (4 file(s))
Sun 2012-01-15 03:09:11.0198 End passive write scan (4 file(s))
Sun 2012-01-15 03:09:13.0990 Begin passive write scan (18 file(s))
Sun 2012-01-15 03:09:14.0474 End passive write scan (18 file(s))
Sun 2012-01-15 03:24:34.0096 Begin passive write scan (11 file(s))
Sun 2012-01-15 03:24:36.0092 End passive write scan (11 file(s))
Sun 2012-01-15 03:24:37.0138 Begin passive write scan (2 file(s))
Sun 2012-01-15 03:24:37.0496 End passive write scan (2 file(s))
Sun 2012-01-15 03:24:41.0084 System shutting down.
Sun 2012-01-15 03:24:43.0331 Configuration Saved: CSCS4CC1F1809EDE38064F88F707BE37D3BA,00011,00021,00031,00041,00051,00061,00070,00081,00091,000A1,000B1,000C1,000D0,000E1,000F0,001012,001114,00120,00130,00140,00151,00161,00170,00181,00191,001A0,001B0,001C1,001D0,001E1,001F1,00201,00211,00221,00231,00240,00251,00260,00270,00281,00291,002A0,002B1,002C1,002D0,002E1,002F1,00301,00311,00321,00331,00341,00351,00361,00371,00381,00390,003A1,003B1,003C2,003D1,003E1,003F1,00401,00411,00421,00430,00441,00451,00461,00471,00481,00491,004A1,004B1,004C1,004D1,004E1,004F1,00501,00511,00521,00530,00541,00551,00561,00571,00581,00591,005A1,005B1,005C0,005D0,005E1,005F0,00601,00612,00621,00631,00641,00653,00662,00672,00681,00692,006A1,006B1,006C1,006D2,006E1,006F1,00701,00711,00721,00731,00741,00753,00761,00771,00781,00791,
Sun 2012-01-15 03:24:43.0331 <<< Service shut down successfully. Uptime: 563 minute(s)
Sun 2012-01-15 03:25:30.0143 >>> Service started [v8.0.1.44]
Sun 2012-01-15 03:25:53.0278 User process connected successfully from PID 960, Session 1
Sun 2012-01-15 03:26:05.0599 Connecting to 3 - 3
Sun 2012-01-15 03:26:06.0114 Begin passive write scan (1 file(s))
Sun 2012-01-15 03:26:06.0442 End passive write scan (1 file(s))
Sun 2012-01-15 03:26:18.0329 Begin passive write scan (3 file(s))
Sun 2012-01-15 03:26:19.0015 End passive write scan (3 file(s))
Sun 2012-01-15 03:26:21.0371 Begin passive write scan (1 file(s))
Sun 2012-01-15 03:26:21.0948 End passive write scan (1 file(s))
Sun 2012-01-15 03:27:34.0484 Begin passive write scan (1 file(s))
Sun 2012-01-15 03:27:34.0733 End passive write scan (1 file(s))
Sun 2012-01-15 03:28:29.0396 Begin passive write scan (1 file(s))
Sun 2012-01-15 03:28:29.0645 End passive write scan (1 file(s))
Sun 2012-01-15 05:27:21.0169 Updating from C:\Users\Owner\AppData\Local\Temp\WRupdate7339925.exe
Sun 2012-01-15 05:27:24.0554 Configuration Saved: CSCS4CC1F1809EDE38064F88F707BE37D3BA,00011,00021,00031,00041,00051,00061,00070,00081,00091,000A1,000B1,000C1,000D0,000E1,000F0,001012,001114,00120,00130,00140,00151,00161,00170,00181,00191,001A0,001B0,001C1,001D0,001E1,001F1,00201,00211,00221,00231,00240,00251,00260,00270,00281,00291,002A0,002B1,002C1,002D0,002E1,002F1,00301,00311,00321,00331,00341,00351,00361,00371,00381,00390,003A1,003B1,003C2,003D1,003E1,003F1,00401,00411,00421,00430,00441,00451,00461,00471,00481,00491,004A1,004B1,004C1,004D1,004E1,004F1,00501,00511,00521,00530,00541,00551,00561,00571,00581,00591,005A1,005B1,005C0,005D0,005E1,005F0,00601,00612,00621,00631,00641,00653,00662,00672,00681,00692,006A1,006B1,006C1,006D2,006E1,006F1,00701,00711,00721,00731,00741,00753,00761,00771,00781,00791,
Sun 2012-01-15 05:27:24.0554 <<< Service shut down successfully. Uptime: 121 minute(s)
Sun 2012-01-15 05:27:26.0645 >>> Service started [v8.0.1.82]
Sun 2012-01-15 05:27:26.0660 Connecting to 3 - 3
Sun 2012-01-15 05:27:28.0922 User process connected successfully from PID 4724, Session 1
Sun 2012-01-15 08:14:00.0927 Scan Started: [ID: 37 - Flags: 1575/16]
Sun 2012-01-15 08:14:46.0542 Connected to C1
Sun 2012-01-15 08:15:12.0859 Scan Results: Files Scanned: 35980, Duration: 1m 11s, Malicious Files: 0
Sun 2012-01-15 08:15:12.0875 Scan Finished: [ID: 37 - Seq: 25017283]
Mon 2012-01-16 08:15:47.0467 SLevel updated to CA05KI15BB000002NB000181OV00102ARH0004EDSC000287MM000CEA
Mon 2012-01-16 09:19:07.0004 Scan Started: [ID: 38 - Flags: 1575/0]
Mon 2012-01-16 09:20:09.0735 Scan Results: Files Scanned: 25886, Duration: 1m 2s, Malicious Files: 0
Mon 2012-01-16 09:20:09.0866 Scan Finished: [ID: 38 - Seq: 25107591]
Mon 2012-01-16 23:13:12.0070 Begin passive write scan (1 file(s))
Mon 2012-01-16 23:13:12.0413 End passive write scan (1 file(s))
Mon 2012-01-16 23:13:33.0674 Monitoring process c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\trtq86ml\securitycheck[1].exe [D2D7404AB5F8010CDF7C198886ACC183]. Type: 9 (9452)
Mon 2012-01-16 23:13:33.0724 Monitoring process c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\trtq86ml\securitycheck[1].exe [D2D7404AB5F8010CDF7C198886ACC183]. Type: 3 (9452)
Mon 2012-01-16 23:13:33.0725 Monitoring process c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\trtq86ml\securitycheck[1].exe [D2D7404AB5F8010CDF7C198886ACC183]. Type: 4 (9452)
Mon 2012-01-16 23:13:33.0725 Monitoring process c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\trtq86ml\securitycheck[1].exe [D2D7404AB5F8010CDF7C198886ACC183]. Type: 5 (9452)
Mon 2012-01-16 23:13:33.0727 Monitoring process c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\trtq86ml\securitycheck[1].exe [D2D7404AB5F8010CDF7C198886ACC183]. Type: 8 (9452)
Mon 2012-01-16 23:13:33.0776 Monitoring process C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRTQ86ML\SecurityCheck[1].exe [D2D7404AB5F8010CDF7C198886ACC183]. Type: 3 (9452)
Mon 2012-01-16 23:13:33.0777 Monitoring process C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRTQ86ML\SecurityCheck[1].exe [D2D7404AB5F8010CDF7C198886ACC183]. Type: 4 (9452)
Mon 2012-01-16 23:13:33.0777 Monitoring process C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRTQ86ML\SecurityCheck[1].exe [D2D7404AB5F8010CDF7C198886ACC183]. Type: 5 (9452)
Mon 2012-01-16 23:13:33.0779 Monitoring process C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRTQ86ML\SecurityCheck[1].exe [D2D7404AB5F8010CDF7C198886ACC183]. Type: 8 (9452)
Mon 2012-01-16 23:13:36.0079 Begin passive write scan (1 file(s))
Mon 2012-01-16 23:13:36.0620 End passive write scan (1 file(s))
Mon 2012-01-16 23:13:36.0990 Monitoring process C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRTQ86ML\SecurityCheck[1].exe [D2D7404AB5F8010CDF7C198886ACC183]. Type: 3 (9452)
Mon 2012-01-16 23:13:36.0990 Monitoring process C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRTQ86ML\SecurityCheck[1].exe [D2D7404AB5F8010CDF7C198886ACC183]. Type: 4 (9452)
Mon 2012-01-16 23:13:36.0990 Monitoring process C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRTQ86ML\SecurityCheck[1].exe [D2D7404AB5F8010CDF7C198886ACC183]. Type: 5 (9452)
Mon 2012-01-16 23:13:36.0992 Monitoring process C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRTQ86ML\SecurityCheck[1].exe [D2D7404AB5F8010CDF7C198886ACC183]. Type: 8 (9452)
Mon 2012-01-16 23:13:41.0668 Monitoring process C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRTQ86ML\SecurityCheck[1].exe [D2D7404AB5F8010CDF7C198886ACC183]. Type: 3 (9452)
Mon 2012-01-16 23:13:41.0668 Monitoring process C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRTQ86ML\SecurityCheck[1].exe [D2D7404AB5F8010CDF7C198886ACC183]. Type: 4 (9452)
Mon 2012-01-16 23:13:41.0668 Monitoring process C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRTQ86ML\SecurityCheck[1].exe [D2D7404AB5F8010CDF7C198886ACC183]. Type: 5 (9452)
Mon 2012-01-16 23:13:41.0671 Monitoring process C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRTQ86ML\SecurityCheck[1].exe [D2D7404AB5F8010CDF7C198886ACC183]. Type: 8 (9452)
Mon 2012-01-16 23:13:45.0082 Begin passive write scan (7 file(s))
Mon 2012-01-16 23:13:45.0421 End passive write scan (7 file(s))
Mon 2012-01-16 23:16:18.0132 Begin passive write scan (1 file(s))
Mon 2012-01-16 23:16:18.0474 End passive write scan (1 file(s))
Mon 2012-01-16 23:16:18.0890 Infection detected: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667] [3/08080000] [W32.Trojan.Gen]
Mon 2012-01-16 23:16:18.0890 File blocked in realtime: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667, Size: 334083 bytes] [134742016/00000003] [W32.Trojan.Gen]
Mon 2012-01-16 23:16:19.0023 File blocked in realtime: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667, Size: 334083 bytes] [134742016/00000003] [W32.Trojan.Gen]
Mon 2012-01-16 23:16:19.0180 Infection detected: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667] [3/08080000] [W32.Trojan.Gen]
Mon 2012-01-16 23:16:19.0180 File blocked in realtime: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667, Size: 334083 bytes] [134742016/00000003] [W32.Trojan.Gen]
Mon 2012-01-16 23:16:19.0180 File blocked in realtime: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667, Size: 334083 bytes] [134742016/00000003] [W32.Trojan.Gen]
Mon 2012-01-16 23:16:19.0459 Infection detected: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667] [3/08080000] [W32.Trojan.Gen]
Mon 2012-01-16 23:16:19.0459 File blocked in realtime: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667, Size: 334083 bytes] [134742016/00000003] [W32.Trojan.Gen]
Mon 2012-01-16 23:16:19.0460 File blocked in realtime: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667, Size: 334083 bytes] [134742016/00000003] [W32.Trojan.Gen]
Mon 2012-01-16 23:16:19.0461 File blocked in realtime: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667, Size: 334083 bytes] [134742016/00000003] [(null)]
Mon 2012-01-16 23:16:21.0143 Begin passive write scan (1 file(s))
Mon 2012-01-16 23:16:21.0486 Infection detected: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667] [3/08080000] [W32.Trojan.Gen]
Mon 2012-01-16 23:16:21.0486 File blocked in realtime: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667, Size: 334083 bytes] [134742016/00000003] [W32.Trojan.Gen]
Mon 2012-01-16 23:16:21.0683 End passive write scan (1 file(s))
Mon 2012-01-16 23:16:23.0018 File blocked in realtime: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667, Size: 334083 bytes] [134742016/00000003] [(null)]
Mon 2012-01-16 23:16:23.0025 File blocked in realtime: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667, Size: 334083 bytes] [134742016/00000003] [(null)]
Mon 2012-01-16 23:16:23.0127 File blocked in realtime: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667, Size: 334083 bytes] [134742016/00000003] [(null)]
Mon 2012-01-16 23:16:23.0128 File blocked in realtime: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667, Size: 334083 bytes] [134742016/00000003] [(null)]
Mon 2012-01-16 23:16:48.0271 Begin passive write scan (1 file(s))
Mon 2012-01-16 23:16:48.0609 End passive write scan (1 file(s))
Mon 2012-01-16 23:16:53.0153 Infection detected: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667] [3/08080000] [W32.Trojan.Gen]
Mon 2012-01-16 23:16:53.0153 File blocked in realtime: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667, Size: 334083 bytes] [134742016/00000003] [W32.Trojan.Gen]
Mon 2012-01-16 23:16:53.0153 File blocked in realtime: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667, Size: 334083 bytes] [134742016/00000003] [W32.Trojan.Gen]
Mon 2012-01-16 23:16:53.0305 File blocked in realtime: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667, Size: 334083 bytes] [134742016/00000003] [(null)]
Mon 2012-01-16 23:16:53.0305 Infection detected: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667] [3/08080000] [W32.Trojan.Gen]
Mon 2012-01-16 23:16:53.0305 File blocked in realtime: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667, Size: 334083 bytes] [134742016/00000003] [W32.Trojan.Gen]
Mon 2012-01-16 23:16:53.0306 File blocked in realtime: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667, Size: 334083 bytes] [134742016/00000003] [W32.Trojan.Gen]
Mon 2012-01-16 23:16:53.0640 File blocked in realtime: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667, Size: 334083 bytes] [134742016/00000003] [(null)]
Mon 2012-01-16 23:16:57.0078 File blocked in realtime: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667, Size: 334083 bytes] [134742016/00000003] [(null)]
Mon 2012-01-16 23:16:57.0084 File blocked in realtime: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667, Size: 334083 bytes] [134742016/00000003] [(null)]
Mon 2012-01-16 23:16:57.0304 File blocked in realtime: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667, Size: 334083 bytes] [134742016/00000003] [(null)]
Mon 2012-01-16 23:16:57.0304 File blocked in realtime: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667, Size: 334083 bytes] [134742016/00000003] [(null)]
Mon 2012-01-16 23:17:31.0710 Configuration Saved: CSCS9709A11127B0760A5C66AC7F7CEA65AC,00011,00021,00031,00041,00051,00061,00070,00081,00091,000A1,000B1,000C1,000D0,000E1,000F0,001012,001114,00120,00130,00140,00151,00161,00170,00181,00191,001A0,001B0,001C1,001D0,001E1,001F1,00201,00211,00221,00231,00240,00251,00260,00270,00281,00291,002A0,002B1,002C1,002D0,002E1,002F1,00301,00311,00321,00331,00341,00351,00361,00371,00381,00390,003A1,003B1,003C2,003D1,003E1,003F1,00401,00411,00421,00430,00441,00451,00461,00471,00481,00491,004A1,004B1,004C1,004D1,004E1,004F1,00501,00511,00521,00530,00541,00551,00561,00571,00581,00591,005A1,005B1,005C0,005D0,005E1,005F0,00601,00612,00621,00631,00641,00653,00662,00672,00681,00692,006A1,006B1,006C1,006D2,006E1,006F1,00701,00711,00721,00731,00741,00753,00761,00771,00781,00791,007A0,
Mon 2012-01-16 23:17:31.0710 <<< Service shut down successfully. Uptime: 2510 minute(s)
Mon 2012-01-16 23:28:42.0542 >>> Service started [v8.0.1.82]
Mon 2012-01-16 23:28:43.0962 User process connected successfully from PID 964, Session 1
Mon 2012-01-16 23:28:44.0555 Connecting to 3 - 3
Mon 2012-01-16 23:29:07.0646 Begin passive write scan (1 file(s))
Mon 2012-01-16 23:29:07.0976 End passive write scan (1 file(s))
Mon 2012-01-16 23:29:31.0981 Begin passive write scan (4 file(s))
Mon 2012-01-16 23:29:34.0508 End passive write scan (4 file(s))
Mon 2012-01-16 23:29:44.0138 Begin passive write scan (1 file(s))
Mon 2012-01-16 23:29:44.0496 End passive write scan (1 file(s))
Mon 2012-01-16 23:31:21.0460 Begin passive write scan (1 file(s))
Mon 2012-01-16 23:31:21.0709 End passive write scan (1 file(s))
Mon 2012-01-16 23:31:24.0502 Begin passive write scan (1 file(s))
Mon 2012-01-16 23:31:24.0876 End passive write scan (1 file(s))
Mon 2012-01-16 23:56:38.0876 Begin passive write scan (1 file(s))
Mon 2012-01-16 23:56:39.0106 End passive write scan (1 file(s))
Tue 2012-01-17 00:45:09.0024 Scan Started: [ID: 39 - Flags: 551/16]
Tue 2012-01-17 00:46:20.0005 Connected to C1
Tue 2012-01-17 00:46:29.0599 Infection detected: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\20yutzz2\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667] [3/08080000] [W32.Trojan.Gen]
Tue 2012-01-17 00:46:29.0614 Infection detected: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\2bkgpy2k\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667] [3/08080000] [W32.Trojan.Gen]
Tue 2012-01-17 00:46:29.0614 Infection detected: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\kiolh4qc\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667] [3/08080000] [W32.Trojan.Gen]
Tue 2012-01-17 00:46:29.0614 Infection detected: c:\users\owner\appdata\local\microsoft\windows\temporary internet files\content.ie5\053fmtdy\fss[1].exe [MD5: 076C61D80307B52A8260EF21EB6BD667] [3/08080000] [W32.Trojan.Gen]
Tue 2012-01-17 00:46:29.0801 Scan Results: Files Scanned: 42666, Duration: 1m 20s, Malicious Files: 4
Tue 2012-01-17 00:46:29.0833 Scan Finished: [ID: 39 - Seq: 25163175]
Tue 2012-01-17 00:46:59.0254 Saved the product log to C:\Users\Owner\Documents\wbr.log
-------------------------------------------------------

Ran it, deleted the threats, ran it twice more and it seems like they're gone for now. But I'm still getting that notification on my toolbar from malwarebytes about malicious website.

#11 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 33,406 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:42 AM

Posted 17 January 2012 - 12:59 AM

You'll need more advanced help.

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif







0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users