Jump to content
bhakbhosad

Please Help Here.

Recommended Posts

My log Novirusthanks

 

 

Hijack Hunter 1.8.4.1

Log created on 5/24/2012 at 9:24:39 PM

 

[+] Generic system info

 

Operating System: Windows 7 Ultimate 32-bit

Build Version: 7600.win7_gdr.111025-1503

Internet Explorer: 9.0.8112.16421

System Folder: C:\Windows\system32

 

[+] Running processes

 

[system Process] (0 bytes) (Unknown) () (HSAR) (d41d8cd98f00b204e9800998ecf8427e)

System (0 bytes) (Unknown) () (HSAR) (d41d8cd98f00b204e9800998ecf8427e)

C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (1983232 bytes) (COMODO) (6/30/2011 9:37:28 AM) (--A-) (907324001ae25ac5959c91eaa34cabae)

audiodg.exe (0 bytes) (Microsoft Corporation) () (HSAR) (d41d8cd98f00b204e9800998ecf8427e)

C:\Program Files\AVAST Software\Avast\AvastSvc.exe (44768 bytes) (AVAST Software) (3/10/2012 1:32:36 AM) (--A-) (4041d31508a2a084dfb42c595854090f)

C:\Program Files\Google\Update\1.3.21.111\GoogleCrashHandler.exe (180648 bytes) (Google Inc.) (4/4/2012 10:06:18 PM) (--A-) (d566847532183a720a0177565014cb73)

C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (6749512 bytes) (COMODO) (6/30/2011 9:37:06 AM) (--A-) (c61f226996b84ab78d481fd69362e72a)

C:\Program Files\AVAST Software\Avast\AvastUI.exe (4241512 bytes) (AVAST Software) (3/10/2012 1:32:36 AM) (--A-) (782fef655dbf8653c9f2722bebf7a8a6)

C:\Program Files\Glary Utilities\memdefrag.exe (108344 bytes) (Glarysoft Ltd) (1/26/2012 1:19:42 AM) (--A-) (54785b0ffcf17471b00406d5bd4bd41a)

C:\Program Files\Google\Drive\googledrivesync.exe (11396840 bytes) (Google) (5/2/2012 6:33:00 PM) (--A-) (80563a0c64ec3ebe74bd69744e433734)

C:\Program Files\BlueSprig\JetBoost\JetBoostTray.exe (1496912 bytes) (BlueSprig) (3/17/2012 4:40:55 AM) (--A-) (3cdec44c37422dcf4a6a58ea4d10181e)

C:\Program Files\Google\Chrome\Application\chrome.exe (1240088 bytes) (Google Inc.) (6/19/2011 12:21:00 AM) (--A-) (42490fb12b55d9841b2c51365e7a4303)

C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (329824 bytes) (BillP Studios) (5/6/2012 12:10:35 AM) (----) (d59d472ad56b4b3c084e4f8c2c23b0c5)

C:\Program Files\ZTE Wireless Terminal\bin\App.exe (1363968 bytes) (Unknown) (2/26/2012 9:26:21 PM) (--A-) (ec58029c38a8c30d905e712c18661a9c)

C:\Program Files\SpywareGuard\sgmain.exe (360448 bytes) (Unknown) (8/29/2003 7:05:35 PM) (--A-) (61c028aba5e49573a6332f4a7c744e87)

C:\Program Files\SpywareGuard\sgbhp.exe (233472 bytes) (Unknown) (8/29/2003 11:14:56 AM) (--A-) (a80d0704537c0ef97db2bef24b99af1a)

C:\Program Files\AVAST Software\Avast\setup\avast.setup (6426672 bytes) (AVAST Software) (5/24/2012 9:23:09 PM) (--A-) (03cf68dde2311640ab2723b3aafe16d9)

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe (628736 bytes) (NoVirusThanks Company Srl) (3/16/2012 3:28:48 AM) (--A-) (b6ffa83b91d78a0369fe0e15e4dba69c)

dllhost.exe (0 bytes) (Microsoft Corporation) () (HSAR) (d41d8cd98f00b204e9800998ecf8427e)

 

[+] Loaded Modules

 

C:\Windows\system32\cmdcsr.dll (33984 bytes) (COMODO) (12/2/2011 1:07:07 AM) (--A-) (038cd24979a1d6b59217257eada4ca40)

C:\Windows\system32\guard32.dll (301224 bytes) (COMODO) (6/30/2011 9:37:26 AM) (--A-) (34abda6c1c69e54400c670d5cac6afa6)

C:\Windows\system32\CEmLSP.dll (691880 bytes) (COMODO CA Ltd.) (1/29/2012 7:19:51 AM) (--A-) (4f4f266eafd86d6480cdec2dff7fcd34)

C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\COMCTL32.dll (530432 bytes) (Microsoft Corporation) (2/18/2011 2:54:52 PM) (--A-) (d3ead1cf16ba729a7f7c9a5d94aa7c05)

C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (1680896 bytes) (Microsoft Corporation) (2/18/2011 2:54:52 PM) (--A-) (4b8dd8541c0e26602005dd0137333615)

C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll (653136 bytes) (Microsoft Corporation) (1/18/2012 7:56:43 PM) (--A-) (cdbe9690cf2b8409facad94fac9479c9)

C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCP90.dll (569680 bytes) (Microsoft Corporation) (1/18/2012 7:56:43 PM) (--A-) (4c39358ebdd2ffcd9132a30e1ec31e16)

C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (1624576 bytes) (Microsoft Corporation) (7/14/2009 4:56:25 AM) (--A-) (edb57065790b62ef83be117ad3edfde2)

C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP80.dll (554832 bytes) (Microsoft Corporation) (7/15/2011 8:28:42 PM) (--A-) (0b3595a4ff0b36d68e5fc67fd7d70fdc)

C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll (632656 bytes) (Microsoft Corporation) (7/15/2011 8:28:42 PM) (--A-) (c9564cf4976e7e96b4052737aa2492b4)

C:\Windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll (3781960 bytes) (Microsoft Corporation) (1/18/2012 7:56:46 PM) (--A-) (ca6ade4f7761bb15b3325356dc3b82bb)

C:\Windows\WinSxS\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL (53584 bytes) (Microsoft Corporation) (1/18/2012 7:56:49 PM) (--A-) (fbfca1a574d47ee575448b719cbbf2e4)

C:\Windows\system32\igdumd32.dll (3829760 bytes) (Intel Corporation) (7/14/2009 3:39:18 AM) (--A-) (39c3b2eebee102adda573c346ff5f3b7)

C:\Windows\system32\mscomctl.ocx (1071088 bytes) (Microsoft Corporation) (12/20/2002 2:02:44 PM) (--A-) (d268668751ee22997d7ef1417034cb04)

C:\Windows\system32\RICHTX32.OCX (212240 bytes) (Microsoft Corporation) (12/20/2004 9:07:00 PM) (--A-) (045a16822822426c305ea7280270a3d6)

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll (413008 bytes) (Microsoft Corporation) (3/18/2010 1:16:28 PM) (--A-) (83ba5e873164a3711b44052f58c8fe9f)

 

[+] Registry startups

 

Value: COMODO Internet Security

Data: "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

 

Value: avast

Data: "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

 

Value: Glary Memory Optimizer

Data: "C:\Program Files\Glary Utilities\memdefrag.exe" /autostart

Key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

 

Value: F90364981E0945D638CD1316A40E378F4B0A7F7B._service_run

Data: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service

Key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

 

Value: GoogleDriveSync

Data: "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart

Key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

 

Value: AppInit_DLLs

Data: C:\Windows\system32\guard32.dll

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

 

Value: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

Data: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

 

Value: {4A368E80-174F-4872-96B5-0B27DDD11DB2}

Data: C:\Program Files\SpywareGuard\dlprotect.dll

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A368E80-174F-4872-96B5-0B27DDD11DB2}

 

Value: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}

Data: C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}

 

Value: {DBC80044-A445-435b-BC74-9C25C1C588A9}

Data: C:\Program Files\Java\jre6\bin\jp2ssv.dll

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}

 

 

[+] Other Startups Methods

 

Value: DLLName

Data: igfxdev.dll

Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui

 

Value:

Data: C:\Program Files\SpywareGuard\spywareguard.dll

CLSID: {81559C35-8464-49F7-BB0E-07A383BEF910}

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

 

Value: midi9

Data: wdmaud.drv

Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Drivers32

 

 

[+] Startup folders

 

C:\Users\planet compuers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpywareGuard.lnk (921 bytes) (Unknown) (5/17/2012 9:36:27 PM) (--A-) (20342f4d28dc3f550390c4d0bdb1d5b4)

 

[+] TCPIP nameservers

 

 

[+] Internet Explorer settings

 

Value: Start Page

Data: http://guide.opendns...024&h=612&ifc=0

Key: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main

 

 

[+] Internet Explorer Trusted Sites

 

 

[+] Windows Firewall allowed programs

 

 

[+] Windows Firewall allowed ports

 

 

[+] System Hijack

 

Value: EnableDCOM

Data: Y

Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Ole

 

Value: Wallpaper

Data: C:\Users\planet compuers\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

Key: HKEY_CURRENT_USER\Control Panel\Desktop

 

Value: RequireSignedAppInit_DLLs

Data: 0

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

 

Value: LoadAppInit_DLLs

Data: 1

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

 

Value: EnabledV8

Data: 0

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter

 

Value: RequireSignedAppInit_DLLs

Data: 0

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

 

 

[+] Executables in Temp folders

 

 

[+] Executables in suspicious folders

 

C:\install.exe (562688 bytes) (Microsoft Corporation) (11/7/2007 8:03:18 AM) (--A-) (520a6d1cbcc9cf642c625fe814c93c58)

C:\install.res.1028.dll (76304 bytes) (Microsoft Corporation) (11/7/2007 8:03:18 AM) (--A-) (4151a4d07640863783f837e588235837)

C:\install.res.1031.dll (96272 bytes) (Microsoft Corporation) (11/7/2007 8:03:18 AM) (--A-) (3b8a82e04238655eaef97e074fb29911)

C:\install.res.1033.dll (91152 bytes) (Microsoft Corporation) (11/7/2007 8:03:18 AM) (--A-) (9edeb8b1c5c0a4cd3a3016b85108127d)

C:\install.res.1036.dll (97296 bytes) (Microsoft Corporation) (11/7/2007 8:03:18 AM) (--A-) (5b6ff470cfa7087690e61f87e81ef78a)

C:\install.res.1040.dll (95248 bytes) (Microsoft Corporation) (11/7/2007 8:03:18 AM) (--A-) (6310ab8fc9e3dbee80592fc453a34fee)

C:\install.res.1041.dll (81424 bytes) (Microsoft Corporation) (11/7/2007 8:03:18 AM) (--A-) (13ed4517152203de4bc52acc0255d952)

C:\install.res.1042.dll (79888 bytes) (Microsoft Corporation) (11/7/2007 8:03:18 AM) (--A-) (0d4fb4095ea49c1ec89b9e8db0b936a3)

C:\install.res.2052.dll (75792 bytes) (Microsoft Corporation) (11/7/2007 8:03:18 AM) (--A-) (d7366b34e8afb605c39ef56e2201fe85)

C:\install.res.3082.dll (96272 bytes) (Microsoft Corporation) (11/7/2007 8:03:18 AM) (--A-) (41bb37a347121f3e5e88d85100638b79)

C:\Windows\system32\FsUsbExDisk.Sys (36608 bytes) (Unknown) (3/16/2011 6:47:51 PM) (--A-) (790a4ca68f44be35967b3df61f3e4675)

 

[+] Autorun.ini

 

 

[+] Unknown .SYS files

 

C:\Windows\system32\drivers\adp94xx.sys (422976 bytes) (Adaptec, Inc.) (6/11/2009 2:49:05 AM) (--A-) (21e785ebd7dc90a06391141aac7892fb)

C:\Windows\system32\drivers\adpahci.sys (297552 bytes) (Adaptec, Inc.) (7/14/2009 3:39:16 AM) (--A-) (0c676bc278d5b59ff5abd57bbe9123f2)

C:\Windows\system32\drivers\adpu320.sys (146512 bytes) (Adaptec, Inc.) (7/14/2009 3:39:16 AM) (--A-) (7c7b5ee4b7b822ec85321fe23a27db33)

C:\Windows\system32\drivers\aliide.sys (14400 bytes) (Acer Laboratories Inc.) (7/14/2009 4:41:17 AM) (--A-) (0d40bcf52ea90fc7df2aeab6503dea44)

C:\Windows\system32\drivers\amdsata.sys (79952 bytes) (Advanced Micro Devices) (6/11/2009 2:49:09 AM) (--A-) (2101a86c25c154f8314b24ef49d7fbc2)

C:\Windows\system32\drivers\amdsbs.sys (159312 bytes) (AMD Technologies Inc.) (6/11/2009 2:50:03 AM) (--A-) (ea43af0c423ff267355f74e7a53bdaba)

C:\Windows\system32\drivers\amdxata.sys (23616 bytes) (Advanced Micro Devices) (7/14/2009 3:39:16 AM) (--A-) (b81c2b5616f6420a9941ea093a92b150)

C:\Windows\system32\drivers\arc.sys (76368 bytes) (Adaptec, Inc.) (7/14/2009 3:39:17 AM) (--A-) (2932004f49677bd84dbc72edb754ffb3)

C:\Windows\system32\drivers\arcsas.sys (86608 bytes) (Adaptec, Inc.) (7/14/2009 3:39:17 AM) (--A-) (5d6f36c46fd283ae1b57bd2e9feb0bc7)

C:\Windows\system32\drivers\aswFsBlk.sys (20696 bytes) (AVAST Software) (3/10/2012 1:37:44 AM) (--A-) (0ae43c6c411254049279c2ee55630f95)

C:\Windows\system32\drivers\aswKbd.sys (24408 bytes) (AVAST Software) (3/10/2012 2:43:54 AM) (--A-) (81e695913fefd4e23360a69c0f151797)

C:\Windows\system32\drivers\aswMonFlt.sys (57688 bytes) (AVAST Software) (3/10/2012 1:37:17 AM) (--A-) (6693141560b1615d8dccf0d8eb00087e)

C:\Windows\system32\drivers\aswRdr2.sys (44376 bytes) (AVAST Software) (3/10/2012 1:37:42 AM) (--A-) (225013c16fe096714d71649ad7a20e8b)

C:\Windows\system32\drivers\aswSnx.sys (612184 bytes) (AVAST Software) (3/10/2012 1:37:33 AM) (--A-) (dcb199b967375753b5019ec15f008f53)

C:\Windows\system32\drivers\aswSP.sys (337880 bytes) (AVAST Software) (3/10/2012 1:37:44 AM) (--A-) (b32873e5a1443c0a1e322266e203bf10)

C:\Windows\system32\drivers\aswTdi.sys (53848 bytes) (AVAST Software) (3/10/2012 1:37:42 AM) (--A-) (6ff544175a9180c5d88534d3d9c9a9f7)

C:\Windows\system32\drivers\b57nd60x.sys (229888 bytes) (Broadcom Corporation) (7/14/2009 3:32:49 AM) (--A-) (bd8869eb9cde6bbe4508d869929869ee)

C:\Windows\system32\drivers\BrFiltLo.sys (13568 bytes) (Brother Industries, Ltd.) (7/14/2009 6:29:16 AM) (--A-) (9f9acc7f7ccde8a15c282d3f88b43309)

C:\Windows\system32\drivers\BrFiltUp.sys (5248 bytes) (Brother Industries, Ltd.) (7/14/2009 6:28:59 AM) (--A-) (56801ad62213a41f6497f96dee83755a)

C:\Windows\system32\drivers\BrSerId.sys (272128 bytes) (Brother Industries Ltd.) (7/14/2009 6:27:25 AM) (--A-) (845b8ce732e67f3b4133164868c666ea)

C:\Windows\system32\drivers\BrSerWdm.sys (62336 bytes) (Brother Industries Ltd.) (7/14/2009 6:29:02 AM) (--A-) (203f0b1e73adadbbb7b7b1fabd901f6b)

C:\Windows\system32\drivers\BrUsbMdm.sys (12160 bytes) (Brother Industries Ltd.) (7/14/2009 6:28:27 AM) (--A-) (bd456606156ba17e60a04e18016ae54b)

C:\Windows\system32\drivers\BrUsbSer.sys (11904 bytes) (Brother Industries Ltd.) (7/14/2009 6:28:35 AM) (--A-) (af72ed54503f717a43268b3cc5faec2e)

C:\Windows\system32\drivers\btwaudio.sys (79664 bytes) (Broadcom Corporation.) (3/30/2007 3:46:22 AM) (--A-) (636f45a8500c1438cfa7dee15fc5c184)

C:\Windows\system32\drivers\btwavdt.sys (81200 bytes) (Broadcom Corporation.) (2/27/2007 2:20:28 PM) (--A-) (bf9256ff01b093a5d90bb7a35ec90410)

C:\Windows\system32\drivers\btwrchid.sys (16432 bytes) (Broadcom Corporation.) (2/27/2007 2:20:24 PM) (--A-) (0ab8c1ac177afb27309e1072faf34a37)

C:\Windows\system32\drivers\bxvbdx.sys (430080 bytes) (Broadcom Corporation) (6/11/2009 2:47:52 AM) (--A-) (1a231abec60fd316ec54c66715543cec)

C:\Windows\system32\drivers\cbfs.sys (146904 bytes) (EldoS Corporation) (11/26/2011 1:46:00 PM) (--A-) (a975187f3c8867f8d00a698a5282672b)

C:\Windows\system32\drivers\ccdcmb.sys (18048 bytes) (Nokia) (2/18/2011 8:06:44 PM) (--A-) (28e36e677849174c910faaead3e60e9e)

C:\Windows\system32\drivers\ccdcmbo.sys (22016 bytes) (Nokia) (2/18/2011 8:06:44 PM) (--A-) (3823deb17f9f6775de0187a98fa0536d)

C:\Windows\system32\drivers\cfosspeed6.sys (1164504 bytes) (cFos Software GmbH) (1/16/2012 6:46:04 PM) (--A-) (d08887cc6e9f2f88547a666fd38b69a3)

C:\Windows\system32\drivers\cmderd.sys (19600 bytes) (COMODO) (6/30/2011 9:38:04 AM) (--A-) (33af7a732ae22833ebfd9f77793152a1)

C:\Windows\system32\drivers\cmdGuard.sys (491816 bytes) (COMODO) (6/30/2011 9:38:04 AM) (--A-) (ed042da80d9d6a087e83df395ceefd65)

C:\Windows\system32\drivers\cmdhlp.sys (39640 bytes) (COMODO) (6/30/2011 9:38:06 AM) (--A-) (ed6b6a222cb9adf6751e02ad478a89fb)

C:\Windows\system32\drivers\cmdide.sys (15952 bytes) (CMD Technology, Inc.) (7/14/2009 4:41:18 AM) (--A-) (c537b1db64d495b9b4717b4d6d9edbf2)

C:\Windows\system32\drivers\cmnsusbser.sys (105984 bytes) (QUALCOMM Incorporated) (2/18/2011 2:03:33 PM) (--A-) (ce0d4eac1cd08ecf5fb9eab4b1e403c7)

C:\Windows\system32\drivers\djsvs.sys (70720 bytes) (Adaptec, Inc.) (6/11/2009 2:50:26 AM) (--A-) (8b30250d573a8f6b4bd23195160d8707)

C:\Windows\system32\drivers\dne2000.sys (125200 bytes) (Deterministic Networks, Inc.) (5/2/2011 5:41:45 AM) (--A-) (7efbafdec4f543d43296bdbdf912bdd4)

C:\Windows\system32\drivers\elxstor.sys (453712 bytes) (Emulex) (6/11/2009 2:49:19 AM) (--A-) (0ed67910c8c326796faa00b2bf6d9d3c)

C:\Windows\system32\drivers\evbdx.sys (3100160 bytes) (Broadcom Corporation) (6/11/2009 2:47:55 AM) (--A-) (024e1b5cac09731e4d868e64dbfb4ab0)

C:\Windows\system32\drivers\ewdcsc.sys (27136 bytes) (Huawei Tech. Co., Ltd.) (8/6/2011 3:36:34 PM) (--A-) (90cda5326abb5945330a9293568fd88c)

C:\Windows\system32\drivers\ewusbmdm.sys (106880 bytes) (Huawei Technologies Co., Ltd.) (8/6/2011 3:36:34 PM) (--A-) (a89423d0132c8ab69ba621b6ce191714)

C:\Windows\system32\drivers\ewusbnet.sys (208896 bytes) (Huawei Technologies Co., Ltd.) (8/6/2011 3:36:34 PM) (--A-) (95bcb4321962028799eb2ea53319bb0c)

C:\Windows\system32\drivers\ew_hwupgrade.sys (19456 bytes) (Huawei Technologies Co., Ltd.) (8/6/2011 3:36:47 PM) (--A-) (079c2988e6c073f524355aad352c340e)

C:\Windows\system32\drivers\ew_hwusbdev.sys (102784 bytes) (Huawei Technologies Co., Ltd.) (8/6/2011 3:36:21 PM) (--A-) (57c171ea22f0a7f068fcb0caedd1e8e7)

C:\Windows\system32\drivers\ew_jubusenum.sys (72832 bytes) (Huawei Technologies Co., Ltd.) (8/6/2011 3:36:47 PM) (--A-) (92548543d50c9bccdb31ffb7ec39249d)

C:\Windows\system32\drivers\ew_jucdcacm.sys (82816 bytes) (Huawei Technologies Co., Ltd.) (8/6/2011 3:36:47 PM) (--A-) (5b2a372a0685b8c670c17791fff1f1ef)

C:\Windows\system32\drivers\ew_jucdcecm.sys (51712 bytes) (Huawei Technologies Co., Ltd.) (8/6/2011 3:36:47 PM) (--A-) (752d9ff56f0fa655f199246a90fb6430)

C:\Windows\system32\drivers\ew_juextctrl.sys (27008 bytes) (Huawei Technologies Co., Ltd.) (8/6/2011 3:36:47 PM) (--A-) (219cae39c3f3d276a0d5240f5add6c68)

C:\Windows\system32\drivers\ew_juwwanecm.sys (168960 bytes) (Huawei Technologies Co., Ltd.) (8/6/2011 3:36:47 PM) (--A-) (29147ea76e0f21d0d335f7693367d6f9)

C:\Windows\system32\drivers\ew_usbenumfilter.sys (11136 bytes) (Huawei Technologies Co., Ltd.) (8/6/2011 3:36:34 PM) (--A-) (61a973f60e94a551ba7b15f3460444fb)

C:\Windows\system32\drivers\hcw85cir.sys (26624 bytes) (Hauppauge Computer Works, Inc.) (7/14/2009 4:24:14 AM) (--A-) (c44e3c2bab6837db337ddee7544736db)

C:\Windows\system32\drivers\HpSAMD.sys (67152 bytes) (Hewlett-Packard Company) (7/14/2009 3:39:17 AM) (--A-) (295fdc419039090eb8b49ffdbb374549)

C:\Windows\system32\drivers\hwgpssensor.dll (350720 bytes) (Huawei Technologies Co., Ltd.) (8/6/2011 3:36:47 PM) (--A-) (b44f8027a22b3f51d2d00df809f881a6)

C:\Windows\system32\drivers\iaStorV.sys (332352 bytes) (Intel Corporation) (6/11/2009 2:49:28 AM) (--A-) (934af4d7c5f457b9f0743f4299b77b67)

C:\Windows\system32\drivers\igdkmd32.sys (4808192 bytes) (Intel Corporation) (9/23/2009 7:18:14 PM) (--A-) (9467514ea189475a6e7fdc5d7bde9d3f)

C:\Windows\system32\drivers\iirsp.sys (41040 bytes) (Intel Corp./ICP vortex GmbH) (7/14/2009 3:39:17 AM) (--A-) (4173ff5708f3236cf25195fecd742915)

C:\Windows\system32\drivers\inspect.sys (82400 bytes) (COMODO) (6/30/2011 9:38:06 AM) (--A-) (2ee3db2c1760171c6f72f2f1792a47b5)

C:\Windows\system32\drivers\lsi_fc.sys (95824 bytes) (LSI Corporation) (7/14/2009 3:39:19 AM) (--A-) (eb119a53ccf2acc000ac71b065b78fef)

C:\Windows\system32\drivers\lsi_sas.sys (89168 bytes) (LSI Corporation) (7/14/2009 3:39:18 AM) (--A-) (8ade1c877256a22e49b75d1cc9161f9c)

C:\Windows\system32\drivers\lsi_sas2.sys (54864 bytes) (LSI Corporation) (7/14/2009 3:39:18 AM) (--A-) (dc9dc3d3daa0e276fd2ec262e38b11e9)

C:\Windows\system32\drivers\lsi_scsi.sys (96848 bytes) (LSI Corporation) (7/14/2009 3:39:18 AM) (--A-) (0a036c7d7cab643a7f07135ac47e0524)

C:\Windows\system32\drivers\ManyCam.sys (21632 bytes) (ManyCam LLC.) (1/14/2008 3:36:32 PM) (--A-) (c6d085c7045200143528136a43a65fde)

C:\Windows\system32\drivers\mbam.sys (22344 bytes) (Malwarebytes Corporation) (1/28/2012 8:17:17 PM) (--A-) (fb097bbc1a18f044bd17bd2fccf97865)

C:\Windows\system32\drivers\mbtusbser.sys (76544 bytes) (mobiletop) (5/2/2011 5:46:11 AM) (--A-) (d4698a320c445ed806b0b16ce0180575)

C:\Windows\system32\drivers\megasas.sys (30800 bytes) (LSI Corporation) (6/11/2009 2:49:35 AM) (--A-) (0fff5b045293002ab38eb1fd1fc2fb74)

C:\Windows\system32\drivers\MegaSR.sys (235584 bytes) (LSI Corporation, Inc.) (7/14/2009 3:39:17 AM) (--A-) (dcbab2920c75f390caf1d29f675d03d6)

C:\Windows\system32\drivers\mod7700.sys (860928 bytes) (DiBcom SA) (8/6/2011 3:36:35 PM) (--A-) (8075a313a5a4e0c15e5a974e8a4eec66)

C:\Windows\system32\drivers\nfrd960.sys (44624 bytes) (IBM Corporation) (7/14/2009 3:39:17 AM) (--A-) (1d85c4b390b0ee09c7a46b91efb2c097)

C:\Windows\system32\drivers\nmwcdnsu.sys (136704 bytes) (Nokia) (3/19/2009 2:48:18 PM) (--A-) (02e96113511171ba7559386d10d3daea)

C:\Windows\system32\drivers\npf.sys (35088 bytes) (CACE Technologies, Inc.) (2/12/2011 2:53:34 AM) (--A-) (b48dc6abcd3aeff8618350ccbdc6b09a)

C:\Windows\system32\drivers\nvraid.sys (117312 bytes) (NVIDIA Corporation) (7/14/2009 3:39:18 AM) (--A-) (3f3d04b1d08d43c16ea7963954ec768d)

C:\Windows\system32\drivers\nvstor.sys (142416 bytes) (NVIDIA Corporation) (6/11/2009 2:49:56 AM) (--A-) (c99f251a5de63c6f129cf71933aced0f)

C:\Windows\system32\drivers\pccsmcfd.sys (18816 bytes) (Nokia) (7/23/2011 6:38:05 PM) (--A-) (fd2041e9ba03db7764b2248f02475079)

C:\Windows\system32\drivers\qcusbmdm.sys (60928 bytes) (QUALCOMM Incorporated) (2/27/2011 12:50:40 AM) (--A-) (93cb54a40fdcc3a7962298719a2dbc7f)

C:\Windows\system32\drivers\qcusbser.sys (60928 bytes) (QUALCOMM Incorporated) (2/27/2011 12:50:40 AM) (--A-) (93cb54a40fdcc3a7962298719a2dbc7f)

C:\Windows\system32\drivers\ql2300.sys (1383488 bytes) (QLogic Corporation) (6/11/2009 2:50:06 AM) (--A-) (ab95ecf1f6659a60ddc166d8315b0751)

C:\Windows\system32\drivers\ql40xx.sys (106064 bytes) (QLogic Corporation) (7/14/2009 3:39:18 AM) (--A-) (b4dd51dd25182244b86737dc51af2270)

C:\Windows\system32\drivers\Rt86win7.sys (139776 bytes) (Realtek Corporation) (6/11/2009 2:48:34 AM) (--A-) (7dfd48e24479b68b258d8770121155a0)

C:\Windows\system32\drivers\SBREDrv.sys (101720 bytes) (Sunbelt Software) (2/6/2012 12:04:50 AM) (--A-) (0505da5d357f18a5d42fc5dede6bc9a0)

C:\Windows\system32\drivers\secdrv.sys (20480 bytes) (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) (7/14/2009 7:35:20 AM) (--A-) (90a3935d05b494a5a39d37e71f09a677)

C:\Windows\system32\drivers\SHPACM.sys (30208 bytes) (Samsung & MobileTop) (2/18/2011 8:08:41 PM) (--A-) (15063c9b60da5206a2c64c532cd6b099)

C:\Windows\system32\drivers\SHPACMFilter.sys (6656 bytes) (Unknown) (2/18/2011 8:08:41 PM) (--A-) (841d543de1c022de3b7de5cad701d14a)

C:\Windows\system32\drivers\SHPUSB.sys (25600 bytes) (MobileTop) (2/18/2011 8:08:41 PM) (--A-) (6d3bfbf299d0e7996248ab9b6d88a59f)

C:\Windows\system32\drivers\sisraid2.sys (40016 bytes) (Silicon Integrated Systems Corp.) (6/11/2009 2:50:08 AM) (--A-) (a9f0486851becb6dda1d89d381e71055)

C:\Windows\system32\drivers\sisraid4.sys (77888 bytes) (Silicon Integrated Systems) (7/14/2009 3:39:18 AM) (--A-) (3727097b55738e2f554972c3be5bc1aa)

C:\Windows\system32\drivers\sp_rsdrv2.sys (32768 bytes) (Unknown) (12/10/2011 12:56:02 AM) (--A-) (7b426b8e809edf081d771ef429345528)

C:\Windows\system32\drivers\ss_bus.sys (98560 bytes) (MCCI Corporation) (5/2/2011 5:45:18 AM) (--A-) (54946449a0eb74915a4bb34f7ee51a5a)

C:\Windows\system32\drivers\ss_cm.sys (12416 bytes) (MCCI Corporation) (5/2/2011 5:45:18 AM) (--A-) (01faf94de32a4d2944bd845f462ee5b8)

C:\Windows\system32\drivers\ss_cmnt.sys (12416 bytes) (MCCI Corporation) (5/2/2011 5:45:18 AM) (--A-) (01faf94de32a4d2944bd845f462ee5b8)

C:\Windows\system32\drivers\ss_mdfl.sys (14848 bytes) (MCCI Corporation) (5/2/2011 5:45:19 AM) (--A-) (4450bc0b2e9d7d9b90e3c3de4ea00a78)

C:\Windows\system32\drivers\ss_mdm.sys (123776 bytes) (MCCI Corporation) (5/2/2011 5:45:19 AM) (--A-) (30b8d0dd01ead1243f329caf7d7d1517)

C:\Windows\system32\drivers\ss_wh.sys (12288 bytes) (MCCI Corporation) (5/2/2011 5:45:19 AM) (--A-) (b629928bb05b91cff8378f277603f75a)

C:\Windows\system32\drivers\ss_whnt.sys (12288 bytes) (MCCI Corporation) (5/2/2011 5:45:19 AM) (--A-) (b629928bb05b91cff8378f277603f75a)

C:\Windows\system32\drivers\StarOpen.sys (5632 bytes) (Unknown) (10/25/2007 5:26:10 PM) (--A-) (306521935042fc0a6988d528643619b3)

C:\Windows\system32\drivers\stexstor.sys (21072 bytes) (Promise Technology) (7/14/2009 3:39:18 AM) (--A-) (db32d325c192b801df274bfd12a7e72b)

C:\Windows\system32\drivers\tap08qemu.sys (26112 bytes) (The OpenVPN Project) (3/23/2010 9:00:04 PM) (--A-) (79436529f3cbe216b6ea066868faae36)

C:\Windows\system32\drivers\tapoas.sys (26112 bytes) (The OpenVPN Project) (3/23/2011 5:20:32 PM) (--A-) (827c8058c284ff0013e4462efe2591a3)

C:\Windows\system32\drivers\usbser_lowerflt.sys (7936 bytes) (Nokia) (2/18/2011 8:06:44 PM) (--A-) (b1b8bee26227dad9835019201552cb05)

C:\Windows\system32\drivers\usbser_lowerfltj.sys (7936 bytes) (Nokia) (2/18/2011 8:06:44 PM) (--A-) (98e1ff1d732c6c7200b6c59d4ff8c1c3)

C:\Windows\system32\drivers\vCOM.sys (22400 bytes) (N8VB vCOM) (6/22/2005 12:50:20 PM) (--A-) (b2904a3694f7363935333dc42cf9b4b3)

C:\Windows\system32\drivers\viaide.sys (16976 bytes) (VIA Technologies, Inc.) (7/14/2009 4:41:20 AM) (--A-) (e43574f6a56a0ee11809b48c09e4fd3c)

C:\Windows\system32\drivers\vsmraid.sys (141904 bytes) (VIA Technologies Inc.,Ltd) (6/11/2009 2:50:24 AM) (--A-) (9dfa0cc2f8855a04816729651175b631)

C:\Windows\system32\drivers\ztemtusbser.sys (104320 bytes) (ZTEMT Incorporated) (2/16/2012 6:33:58 PM) (--A-) (b54a011c6524796d910a6f30b9e37d27)

 

[+] Non accessible files

 

 

[+] Executables in Internet Explorer Folder

 

 

[+] Files created/modified 30 days ago

 

C:\Windows\system32\drivers\ks.sys (190976 bytes) (Microsoft Corporation) (4/27/2012 4:46:42 AM) (--A-) (9e79e2354301783d5e0d48411c2a7466) (Created)

C:\Windows\system32\drivers\usbvideo.sys (146304 bytes) (Microsoft Corporation) (4/27/2012 4:46:42 AM) (--A-) (b5f6a992d996282b7fae7048e50af83a) (Created)

C:\Program Files\AnalogX\CacheBooster\cb.exe (134128 bytes) (AnalogX, LLC) (5/18/2012 2:07:04 PM) (--A-) (4c2fada78834a3851ae43f6aa4d09e2f) (Created)

C:\Program Files\AnalogX\CacheBooster\cbu.exe (154227 bytes) (AnalogX, LLC) (5/18/2012 2:07:04 PM) (--A-) (8ecde7353e8c46c9f7c18cb404f2b4fb) (Created)

C:\Program Files\AssaultCube_v1.1.0.4\Uninstall.exe (108046 bytes) (Unknown) (4/28/2012 7:14:15 AM) (--A-) (daa8687cce35eb61fcecc1d7a5eb58a9) (Modified)

C:\Program Files\AVAST Software\Avast\aswJsFlt.dll (120976 bytes) (AVAST Software) (4/27/2012 1:41:51 AM) (--A-) (a1379abb64209a093421b07f4c1804be) (Modified)

C:\Program Files\AVAST Software\Avast\defs\12052400\algo.dll (1761792 bytes) (Unknown) (5/24/2012 5:23:55 PM) (--A-) (cc1d926556fe497d8f4fe0bdf0b116e5) (Created)

C:\Program Files\AVAST Software\Avast\defs\12052400\ArPot.dll (47392 bytes) (AVAST Software) (5/24/2012 5:23:51 PM) (--A-) (d5b8fca3f3f2534cd2f234aea4c10e24) (Created)

C:\Program Files\AVAST Software\Avast\defs\12052400\aswAR.dll (185912 bytes) (AVAST Software) (5/24/2012 5:23:51 PM) (--A-) (394086186008e9266a830431bcbb8994) (Created)

C:\Program Files\AVAST Software\Avast\defs\12052400\aswBoot.dll (1629472 bytes) (AVAST Software) (5/24/2012 5:23:51 PM) (--A-) (fc5b17c3b5213b396c6741e9264d64cd) (Created)

C:\Program Files\AVAST Software\Avast\defs\12052400\aswCleanerDLL.dll (451712 bytes) (AVAST Software) (5/24/2012 5:23:52 PM) (--A-) (67acfe059a264056e65cc563495bf297) (Created)

C:\Program Files\AVAST Software\Avast\defs\12052400\aswCmnBS.dll (349176 bytes) (AVAST Software) (5/24/2012 5:23:52 PM) (--A-) (253c98273d04483b570fbf439dfbebbe) (Created)

C:\Program Files\AVAST Software\Avast\defs\12052400\aswCmnIS.dll (214776 bytes) (AVAST Software) (5/24/2012 5:23:52 PM) (--A-) (b39636ea278dcc8836d695d6d96384d8) (Created)

C:\Program Files\AVAST Software\Avast\defs\12052400\aswCmnOS.dll (101464 bytes) (AVAST Software) (5/24/2012 5:23:52 PM) (--A-) (9949f6e04a2201d6b1f30b0736882303) (Created)

C:\Program Files\AVAST Software\Avast\defs\12052400\aswEngin.dll (1260720 bytes) (AVAST Software) (5/24/2012 5:23:52 PM) (--A-) (db31cc2cd7d2274e26bb7cb71df1ae2a) (Created)

C:\Program Files\AVAST Software\Avast\defs\12052400\aswFiDb.dll (397056 bytes) (AVAST Software) (5/24/2012 5:23:52 PM) (--A-) (21f078cc540a933131d44312424c19dc) (Created)

C:\Program Files\AVAST Software\Avast\defs\12052400\aswRawFS.dll (425384 bytes) (AVAST Software) (5/24/2012 5:23:52 PM) (--A-) (df8e2aa15a8c2c84779e25449197b9c4) (Created)

C:\Program Files\AVAST Software\Avast\defs\12052400\aswRep.dll (283280 bytes) (AVAST Software) (5/24/2012 5:23:52 PM) (--A-) (363edc05a5b899b7ae5f40a4987ec034) (Created)

C:\Program Files\AVAST Software\Avast\defs\12052400\aswScan.dll (103512 bytes) (AVAST Software) (5/24/2012 5:23:52 PM) (--A-) (f2966d74106d30e0d4d60e6c1bec7a8b) (Created)

C:\Program Files\AVAST Software\Avast\defs\12052400\exts.dll (13912 bytes) (AVAST Software) (5/24/2012 5:23:52 PM) (--A-) (5a9009c82dfc80b13ecbd48af4d2d4b9) (Created)

C:\Program Files\AVAST Software\Avast\defs\12052400\fwAux.dll (40712 bytes) (AVAST Software) (5/24/2012 5:23:52 PM) (--A-) (f6a6e0f87b0cc6a05ffd7eea369730e4) (Created)

C:\Program Files\AVAST Software\Avast\defs\12052400\Sf.bin (572168 bytes) (Unknown) (5/24/2012 5:23:51 PM) (--A-) (6a52de8c279692292a5277a5446a9fcb) (Created)

C:\Program Files\AVAST Software\Avast\defs\12052400\Sf1.bin (79304 bytes) (AVAST Software) (5/24/2012 5:23:51 PM) (--A-) (6d5257bd0b9f7d593c52b95e77b2ff37) (Created)

C:\Program Files\AVAST Software\Avast\defs\12052400\uiext.dll (41224 bytes) (AVAST Software) (5/24/2012 5:23:52 PM) (--A-) (5302d257101ff251cae889efa1d41ea4) (Created)

C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll (64600 bytes) (BillP Studios) (5/6/2012 12:10:35 AM) (----) (0a3e1ff75b6a8017e8ee5958a305a83c) (Created)

C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll (548854 bytes) (Unknown) (5/6/2012 12:10:35 AM) (----) (45c045c6813e17639e8d86469fd1c759) (Created)

C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (329824 bytes) (BillP Studios) (5/6/2012 12:10:35 AM) (----) (d59d472ad56b4b3c084e4f8c2c23b0c5) (Created)

C:\Program Files\BillP Studios\WinPatrol\WinPatrolEx.exe (635496 bytes) (BillP Studios) (5/6/2012 12:10:35 AM) (----) (c39753ddb203eab9ec5fddab290b8d5a) (Created)

C:\Program Files\CloneSpy\CloneSpy.exe (1302528 bytes) (Marcus Kleinehagenbrock) (4/26/2012 9:56:08 PM) (--A-) (ec96deed5eadaed83b783f555280d909) (Created)

C:\Program Files\CloneSpy\CSUninstall.exe (61965 bytes) (Marcus Kleinehagenbrock) (4/30/2012 12:30:49 AM) (--A-) (0de7a9e02c4c3b9ecb96c31a510bd99f) (Created)

C:\Program Files\FreshDevices\FreshDiagnose\fbench.dll (49152 bytes) (Unknown) (5/18/2012 1:10:51 PM) (--A-) (6a3b85dc6eb768a8359098f5af1c93dd) (Created)

C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys (2410 bytes) (Unknown) (5/18/2012 1:10:51 PM) (--A-) (caac750e6d27866c28494e0de9fa802a) (Created)

C:\Program Files\FreshDevices\FreshDiagnose\unins000.exe (714526 bytes) (Unknown) (5/18/2012 1:10:49 PM) (--A-) (29127e9f9b111479330612e75e8d691d) (Created)

C:\Program Files\Google\Chrome\Application\chrome.exe (1240088 bytes) (Google Inc.) (5/23/2012 7:26:51 AM) (--A-) (42490fb12b55d9841b2c51365e7a4303) (Modified)

C:\Program Files\Google\Chrome\Application\old_chrome.exe (1240048 bytes) (Google Inc.) (5/9/2012 8:34:54 AM) (--A-) (a7f80fd4ba188ee39735ffa90d338aba) (Modified)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\avcodec-54.dll (2375680 bytes) (Unknown) (5/17/2012 7:50:08 PM) (--A-) (e01013302d50bbe40c6c2f853669352e) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\avformat-54.dll (250368 bytes) (Unknown) (5/17/2012 7:50:09 PM) (--A-) (41c1a7b835026b2e444faa4db787acb3) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\avutil-51.dll (134656 bytes) (Unknown) (5/17/2012 7:50:09 PM) (--A-) (fb2645013732b8b95bd4fddc125fbb6a) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\chrome_frame_helper.dll (63472 bytes) (Google Inc.) (5/17/2012 7:50:11 PM) (--A-) (0f81f4f0ee613f338ce4e93f27bad996) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\chrome_frame_helper.exe (96752 bytes) (Google Inc.) (5/17/2012 7:50:18 PM) (--A-) (cba71f2660ccf1a96d92888e4dfa55d9) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\chrome_launcher.exe (94192 bytes) (Google Inc.) (5/17/2012 7:50:18 PM) (--A-) (9e40fd4348a9908816b3b25d463b3e97) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\d3dcompiler_43.dll (2106216 bytes) (Microsoft Corporation) (5/17/2012 7:50:11 PM) (--A-) (1c9b45e87528b8bb8cfa884ea0099a85) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\d3dx9_43.dll (1998168 bytes) (Microsoft Corporation) (5/17/2012 7:50:11 PM) (--A-) (86e39e9161c3d930d93822f1563c280d) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\flashplayerapp.exe (419488 bytes) (Adobe Systems Incorporated) (5/17/2012 7:50:18 PM) (--A-) (6c52b933b9ace73d134752b8c077eddf) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\flashplayercplapp.cpl (70304 bytes) (Adobe Systems Incorporated) (5/17/2012 7:50:08 PM) (--A-) (2c9341c5e30174ad972affed9a10d5e3) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\libegl.dll (117744 bytes) (Unknown) (5/17/2012 7:50:14 PM) (--A-) (52c163a4522644290128e24a9706ab8a) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\libglesv2.dll (553456 bytes) (Unknown) (5/17/2012 7:50:14 PM) (--A-) (cfa7e73dd75edb8c991a8f537726037c) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\npchrome_frame.dll (2259952 bytes) (Google Inc.) (5/17/2012 7:50:15 PM) (--A-) (9bda0fa84f2c05015718848703f57b77) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\ppgooglenaclpluginchrome.dll (441840 bytes) (Unknown) (5/17/2012 7:50:16 PM) (--A-) (fea7d15e38c3030d62d1c470e321f7c7) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\xinput1_3.dll (81768 bytes) (Microsoft Corporation) (5/17/2012 7:50:17 PM) (--A-) (77f595dee5ffacea72b135b1fce1312e) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Installer\setup.exe (1533936 bytes) (Google Inc.) (5/17/2012 7:50:21 PM) (--A-) (3c7bbb08ffb57919dceb75f76cde2705) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\am.dll (8176 bytes) (Unknown) (5/17/2012 7:50:08 PM) (--A-) (e2a19b2ff84cd58d46abc9fdeb4e6e99) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\ar.dll (8176 bytes) (Unknown) (5/17/2012 7:50:08 PM) (--A-) (e01cfde73c1609872e232ef6855b97d2) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\bg.dll (8176 bytes) (Unknown) (5/17/2012 7:50:09 PM) (--A-) (56ef4a8ead967f002f5f9b0cd46fe6ea) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\bn.dll (8176 bytes) (Unknown) (5/17/2012 7:50:09 PM) (--A-) (c926054dc198d1a1d8405125ec8962cb) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\ca.dll (8176 bytes) (Unknown) (5/17/2012 7:50:09 PM) (--A-) (164185052566fe73ec3076f52a758cd2) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\cs.dll (8176 bytes) (Unknown) (5/17/2012 7:50:11 PM) (--A-) (51a3255941dacc2e35a7b9d75a6fc957) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\da.dll (8176 bytes) (Unknown) (5/17/2012 7:50:12 PM) (--A-) (2ec3684ffcd89ed80d1adeea4fd177e5) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\de.dll (8176 bytes) (Unknown) (5/17/2012 7:50:12 PM) (--A-) (e2d656691819661b9e81d01dbe6c10bc) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\el.dll (8176 bytes) (Unknown) (5/17/2012 7:50:12 PM) (--A-) (b5b4ed09c1df6007551ffb65fbcb1ddb) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\en-GB.dll (8176 bytes) (Unknown) (5/17/2012 7:50:12 PM) (--A-) (b836fe81aec6e7eb2b6da89ff4209f9b) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\en-US.dll (8176 bytes) (Unknown) (5/17/2012 7:50:12 PM) (--A-) (532394b440a36fe5ee682f8bc6ca7504) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\es-419.dll (8176 bytes) (Unknown) (5/17/2012 7:50:12 PM) (--A-) (556e7132dd0a856f14f9aaa876664a43) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\es.dll (8176 bytes) (Unknown) (5/17/2012 7:50:12 PM) (--A-) (e29008fa1341009825b2f1d8ed541693) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\et.dll (8176 bytes) (Unknown) (5/17/2012 7:50:12 PM) (--A-) (c9be3ae729e8fc8fb9148d515649bdd5) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\fa.dll (8176 bytes) (Unknown) (5/17/2012 7:50:12 PM) (--A-) (20390c5a9786c09e94d07d2b41ed2058) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\fi.dll (8176 bytes) (Unknown) (5/17/2012 7:50:12 PM) (--A-) (7c50daf543cf89246229f3d998123bbd) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\fil.dll (8176 bytes) (Unknown) (5/17/2012 7:50:13 PM) (--A-) (738ee3667845c3c24c9efcd5708fc09a) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\fr.dll (8176 bytes) (Unknown) (5/17/2012 7:50:13 PM) (--A-) (b009b8aea44a71649fc33ec80c1a0db7) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\gu.dll (8176 bytes) (Unknown) (5/17/2012 7:50:13 PM) (--A-) (92887d6d7d5f392d2760f04cc344bb8c) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\he.dll (8176 bytes) (Unknown) (5/17/2012 7:50:13 PM) (--A-) (1f5207b7f2153b8063afa3b518b6e138) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\hi.dll (8176 bytes) (Unknown) (5/17/2012 7:50:13 PM) (--A-) (c3ade9f7f180c3e3c9a77a6b5adb4334) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\hr.dll (8176 bytes) (Unknown) (5/17/2012 7:50:13 PM) (--A-) (f770ba99af21ac5934a5c37385871849) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\hu.dll (8176 bytes) (Unknown) (5/17/2012 7:50:13 PM) (--A-) (6d44a03ec9416254df40eba3d051c798) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\id.dll (8176 bytes) (Unknown) (5/17/2012 7:50:14 PM) (--A-) (7f9d789966d1237fed04718a0d5b338f) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\it.dll (8176 bytes) (Unknown) (5/17/2012 7:50:14 PM) (--A-) (6e3883da4eae49a472c8be1928f5fc31) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\ja.dll (8176 bytes) (Unknown) (5/17/2012 7:50:14 PM) (--A-) (de4295d7ad2928021358ffc706d24217) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\kn.dll (8176 bytes) (Unknown) (5/17/2012 7:50:14 PM) (--A-) (67e1b39ec8c73d49c8c397108258e646) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\ko.dll (8176 bytes) (Unknown) (5/17/2012 7:50:14 PM) (--A-) (9db0131080a202d97914e5ab98705d83) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\lt.dll (8176 bytes) (Unknown) (5/17/2012 7:50:14 PM) (--A-) (cfd1c2f705d6480e271858835ffcbf08) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\lv.dll (8176 bytes) (Unknown) (5/17/2012 7:50:14 PM) (--A-) (1a5373e1461db64b7b668894dcc1cbde) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\ml.dll (8688 bytes) (Unknown) (5/17/2012 7:50:15 PM) (--A-) (78243af15b4f2aaef4ab71b5a4a0d3d0) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\mr.dll (8176 bytes) (Unknown) (5/17/2012 7:50:15 PM) (--A-) (1c6b196d54cb6e5247db012661079b05) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\ms.dll (8176 bytes) (Unknown) (5/17/2012 7:50:15 PM) (--A-) (0717ff1b2cc565b23dbae9c439000eab) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\nb.dll (8176 bytes) (Unknown) (5/17/2012 7:50:15 PM) (--A-) (0f8113061a794d130946f1f9964663fd) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\nl.dll (8176 bytes) (Unknown) (5/17/2012 7:50:15 PM) (--A-) (d481804d791b6f8d2ae168ac74ca40f4) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\pl.dll (8176 bytes) (Unknown) (5/17/2012 7:50:16 PM) (--A-) (06e28addba3af254c808fb34abbecebf) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\pt-BR.dll (8176 bytes) (Unknown) (5/17/2012 7:50:16 PM) (--A-) (1eee6f438117327a5d04361afb64342c) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\pt-PT.dll (8176 bytes) (Unknown) (5/17/2012 7:50:16 PM) (--A-) (f757b6d30ae5d98d138c2523716e8f57) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\ro.dll (8176 bytes) (Unknown) (5/17/2012 7:50:16 PM) (--A-) (898578c137e5d82eb5a253e59a471887) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\ru.dll (8176 bytes) (Unknown) (5/17/2012 7:50:16 PM) (--A-) (d67237637336b6d7c737f3e4d3180917) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\sk.dll (8176 bytes) (Unknown) (5/17/2012 7:50:16 PM) (--A-) (0c2abc4600b9c0af4e77e19f5f39d80c) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\sl.dll (8176 bytes) (Unknown) (5/17/2012 7:50:16 PM) (--A-) (0ca0cce59750dbc9213771d638ccbf72) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\sr.dll (8176 bytes) (Unknown) (5/17/2012 7:50:17 PM) (--A-) (c77bf795568053c35bfc4917cc29546c) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\sv.dll (8176 bytes) (Unknown) (5/17/2012 7:50:17 PM) (--A-) (d50b3ccb243439cbbe994844f1512ce3) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\sw.dll (8176 bytes) (Unknown) (5/17/2012 7:50:17 PM) (--A-) (02011e7a870857bede0a653af12784e0) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\ta.dll (8176 bytes) (Unknown) (5/17/2012 7:50:17 PM) (--A-) (a1ee04a78949ea40a5001d8c63b729da) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\te.dll (8176 bytes) (Unknown) (5/17/2012 7:50:17 PM) (--A-) (40faaf76eb621e437cadfd797baa37d6) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\th.dll (8176 bytes) (Unknown) (5/17/2012 7:50:17 PM) (--A-) (82eaf13bad7c18bc57fe812b705c73a0) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\tr.dll (8176 bytes) (Unknown) (5/17/2012 7:50:17 PM) (--A-) (ae19036214b13bdc2f6f80b5c452c1cb) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\uk.dll (8176 bytes) (Unknown) (5/17/2012 7:50:17 PM) (--A-) (40b1ba6e3fe970f44f960ced35b22703) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\vi.dll (8176 bytes) (Unknown) (5/17/2012 7:50:17 PM) (--A-) (a8091129b897e41ca827b8bf7b073a4b) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\zh-CN.dll (8176 bytes) (Unknown) (5/17/2012 7:50:18 PM) (--A-) (78ea1bf71812f4bc3cf1e554cac09e97) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.46\Locales\zh-TW.dll (8176 bytes) (Unknown) (5/17/2012 7:50:18 PM) (--A-) (cefa053d58ba6cd858fcc77003ad4ea1) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll (2375720 bytes) (Unknown) (5/24/2012 9:55:17 AM) (--A-) (d5a445ddbae5506dcb1e8c85349e5326) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\avformat-54.dll (250408 bytes) (Unknown) (5/24/2012 9:55:17 AM) (--A-) (48654421038e1076ebb35d5bce986d89) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\avutil-51.dll (134696 bytes) (Unknown) (5/24/2012 9:55:17 AM) (--A-) (6d0e147dbdaf94cab4e79eaab616ac46) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\chrome_frame_helper.dll (63512 bytes) (Google Inc.) (5/24/2012 9:55:19 AM) (--A-) (aaf4abc516b13ba158bdefc9e089ec38) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\chrome_frame_helper.exe (96792 bytes) (Google Inc.) (5/24/2012 9:55:22 AM) (--A-) (1be232ff01d36a446aef369cbb71e491) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\chrome_launcher.exe (94232 bytes) (Google Inc.) (5/24/2012 9:55:22 AM) (--A-) (5df85d398f94c348bccc7670785a93dc) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\d3dcompiler_43.dll (2106216 bytes) (Microsoft Corporation) (5/24/2012 9:55:19 AM) (--A-) (1c9b45e87528b8bb8cfa884ea0099a85) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\d3dx9_43.dll (1998168 bytes) (Microsoft Corporation) (5/24/2012 9:55:19 AM) (--A-) (86e39e9161c3d930d93822f1563c280d) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\flashplayerapp.exe (419488 bytes) (Adobe Systems Incorporated) (5/24/2012 9:55:22 AM) (--A-) (6c52b933b9ace73d134752b8c077eddf) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\flashplayercplapp.cpl (70304 bytes) (Adobe Systems Incorporated) (5/24/2012 9:55:16 AM) (--A-) (2c9341c5e30174ad972affed9a10d5e3) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\libegl.dll (117784 bytes) (Unknown) (5/24/2012 9:55:21 AM) (--A-) (11fbcbbb50e74230728f6412221ff19d) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\libglesv2.dll (553496 bytes) (Unknown) (5/24/2012 9:55:21 AM) (--A-) (a19107fb0728cfe5c148005e3a409ed9) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\npchrome_frame.dll (2259992 bytes) (Google Inc.) (5/24/2012 9:55:21 AM) (--A-) (9d65a83a27391f30af9da562006fb045) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\ppgooglenaclpluginchrome.dll (441880 bytes) (Unknown) (5/24/2012 9:55:21 AM) (--A-) (26250f1fbf291600b8126c6d43cf0b74) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\xinput1_3.dll (81768 bytes) (Microsoft Corporation) (5/24/2012 9:55:22 AM) (--A-) (77f595dee5ffacea72b135b1fce1312e) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Installer\setup.exe (1533976 bytes) (Google Inc.) (5/24/2012 9:55:24 AM) (--A-) (12f5282735994e4517c96d693e5499ed) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\am.dll (8216 bytes) (Unknown) (5/24/2012 9:55:17 AM) (--A-) (95e48c10c02c222c0a31491995e420af) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\ar.dll (8216 bytes) (Unknown) (5/24/2012 9:55:17 AM) (--A-) (f51da48d92ea101443e8e0d059c7f3e8) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\bg.dll (8216 bytes) (Unknown) (5/24/2012 9:55:17 AM) (--A-) (447c7a841d8d539cde599d8ff9165824) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\bn.dll (8216 bytes) (Unknown) (5/24/2012 9:55:17 AM) (--A-) (7035cb9629d63ffe0c66b7f9ba6571a2) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\ca.dll (8216 bytes) (Unknown) (5/24/2012 9:55:17 AM) (--A-) (14cd28dd99e65f81718516594c7310a9) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\cs.dll (8216 bytes) (Unknown) (5/24/2012 9:55:19 AM) (--A-) (c088c0ce4207bddde67862cddb9655d3) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\da.dll (8216 bytes) (Unknown) (5/24/2012 9:55:19 AM) (--A-) (a335aac7ec307b20b01bf8ee059429c9) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\de.dll (8216 bytes) (Unknown) (5/24/2012 9:55:19 AM) (--A-) (2abe125ebb43db3c45040a90513072eb) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\el.dll (8216 bytes) (Unknown) (5/24/2012 9:55:19 AM) (--A-) (9cd2e755f011c78f34654dffacee705b) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\en-GB.dll (8216 bytes) (Unknown) (5/24/2012 9:55:19 AM) (--A-) (3475866bdd3019b6576fa2e41272063a) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\en-US.dll (8216 bytes) (Unknown) (5/24/2012 9:55:19 AM) (--A-) (7d9b9960ca53d6f051f6dc53ec25511d) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\es-419.dll (8216 bytes) (Unknown) (5/24/2012 9:55:19 AM) (--A-) (032249a87262091b33797ed9322786e9) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\es.dll (8216 bytes) (Unknown) (5/24/2012 9:55:19 AM) (--A-) (9072d5042decee87e3989eb0ce2c6231) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\et.dll (8216 bytes) (Unknown) (5/24/2012 9:55:19 AM) (--A-) (3cd780a60fd2b294815efd5604f86a09) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\fa.dll (8216 bytes) (Unknown) (5/24/2012 9:55:19 AM) (--A-) (9b18143f82d9c1ea686c7936372bd8a8) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\fi.dll (8216 bytes) (Unknown) (5/24/2012 9:55:19 AM) (--A-) (4ec4c2fd336855f4864dac6e4f4c4983) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\fil.dll (8216 bytes) (Unknown) (5/24/2012 9:55:19 AM) (--A-) (0cfbf33392fca9534e80ca0b77418cc2) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\fr.dll (8216 bytes) (Unknown) (5/24/2012 9:55:19 AM) (--A-) (ab30730e1d3501b71b45b611406644bb) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\gu.dll (8216 bytes) (Unknown) (5/24/2012 9:55:20 AM) (--A-) (014ad83e552bb8a93f6c3f525309b320) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\he.dll (8216 bytes) (Unknown) (5/24/2012 9:55:20 AM) (--A-) (1bfa77800a350c431eaabef43263d7e3) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\hi.dll (8216 bytes) (Unknown) (5/24/2012 9:55:20 AM) (--A-) (91afac38ffce22a35d269454d4df6f43) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\hr.dll (8216 bytes) (Unknown) (5/24/2012 9:55:20 AM) (--A-) (36aaa276c14066ff0e5f2641668a29ca) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\hu.dll (8216 bytes) (Unknown) (5/24/2012 9:55:20 AM) (--A-) (7f9f266994163e919e499e848a6989e7) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\id.dll (8216 bytes) (Unknown) (5/24/2012 9:55:20 AM) (--A-) (65886db263270bb1dca495b94df6d808) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\it.dll (8216 bytes) (Unknown) (5/24/2012 9:55:20 AM) (--A-) (101bc473338d1d4011ce92f6c3d3f304) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\ja.dll (8216 bytes) (Unknown) (5/24/2012 9:55:20 AM) (--A-) (f25858d2265a8898424392caa9db7b22) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\kn.dll (8216 bytes) (Unknown) (5/24/2012 9:55:20 AM) (--A-) (940234cd95119e2d84992a19a590d403) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\ko.dll (8216 bytes) (Unknown) (5/24/2012 9:55:20 AM) (--A-) (6c3154548e6812d6892293c6cf0c7620) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\lt.dll (8216 bytes) (Unknown) (5/24/2012 9:55:21 AM) (--A-) (c9fabd26080ab161433ee311a202c2fc) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\lv.dll (8216 bytes) (Unknown) (5/24/2012 9:55:21 AM) (--A-) (9afe80b0babd3c1cadfe21dbddd9ccb6) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\ml.dll (8728 bytes) (Unknown) (5/24/2012 9:55:21 AM) (--A-) (5c0d3a98475778390e785cc113de1a45) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\mr.dll (8216 bytes) (Unknown) (5/24/2012 9:55:21 AM) (--A-) (732fc79fb3630bcc2bedb7f172d22de4) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\ms.dll (8216 bytes) (Unknown) (5/24/2012 9:55:21 AM) (--A-) (7656df208a326b3201113cff0a144c14) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\nb.dll (8216 bytes) (Unknown) (5/24/2012 9:55:21 AM) (--A-) (2c85ef129d7bf77c1b7830d7317c79f7) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\nl.dll (8216 bytes) (Unknown) (5/24/2012 9:55:21 AM) (--A-) (6b7e7b0b6d4af9d904ae620b2ab52085) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\pl.dll (8216 bytes) (Unknown) (5/24/2012 9:55:21 AM) (--A-) (4dd133a288851acdea94a69955516a61) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\pt-BR.dll (8216 bytes) (Unknown) (5/24/2012 9:55:21 AM) (--A-) (2962e4b15a2e5d2bceb09e24fc064be0) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\pt-PT.dll (8216 bytes) (Unknown) (5/24/2012 9:55:21 AM) (--A-) (aef117ea3c98e73203591a446e69a0ab) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\ro.dll (8216 bytes) (Unknown) (5/24/2012 9:55:21 AM) (--A-) (656ca1b7297c83a19b8edb0469d0782b) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\ru.dll (8216 bytes) (Unknown) (5/24/2012 9:55:21 AM) (--A-) (6a24fe2fad094498dad1671da286d8b5) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\sk.dll (8216 bytes) (Unknown) (5/24/2012 9:55:21 AM) (--A-) (b75bf22313fcfdcc2c580b881d3a5327) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\sl.dll (8216 bytes) (Unknown) (5/24/2012 9:55:21 AM) (--A-) (0f50dad50f16dd2b524c597fe2156a94) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\sr.dll (8216 bytes) (Unknown) (5/24/2012 9:55:21 AM) (--A-) (7e3af0eb322b233d0b7e026312c26f67) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\sv.dll (8216 bytes) (Unknown) (5/24/2012 9:55:21 AM) (--A-) (48bf8a7b102a4c09a4a0fe8b7423aadf) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\sw.dll (8216 bytes) (Unknown) (5/24/2012 9:55:21 AM) (--A-) (38d090814da2abf451a11ba539962455) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\ta.dll (8216 bytes) (Unknown) (5/24/2012 9:55:21 AM) (--A-) (e1262914070cf9b18a5ffd26c8392e0c) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\te.dll (8216 bytes) (Unknown) (5/24/2012 9:55:21 AM) (--A-) (3e9d093d6a1a6ab563c8f6f35f5bb3e6) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\th.dll (8216 bytes) (Unknown) (5/24/2012 9:55:22 AM) (--A-) (a44b54159bea9a92d7d04c2ae1d88424) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\tr.dll (8216 bytes) (Unknown) (5/24/2012 9:55:22 AM) (--A-) (96ae32a3c4864d8aeb22785fe76ca8e3) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\uk.dll (8216 bytes) (Unknown) (5/24/2012 9:55:22 AM) (--A-) (887c5491b6ee4bb66332bf196b617216) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\vi.dll (8216 bytes) (Unknown) (5/24/2012 9:55:22 AM) (--A-) (88e83dc68b6bfb33dcd6fe0efdd68b10) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\zh-CN.dll (8216 bytes) (Unknown) (5/24/2012 9:55:22 AM) (--A-) (c1d1c675f6f7e3ab2ccabbd6402d02b9) (Created)

C:\Program Files\Google\Chrome\Application\19.0.1084.52\Locales\zh-TW.dll (8216 bytes) (Unknown) (5/24/2012 9:55:22 AM) (--A-) (a43280d05989c507e773277d4607b8b2) (Created)

C:\Program Files\Google\Drive\googledrivesync32.dll (579072 bytes) (Google) (5/2/2012 6:31:14 PM) (--A-) (b21a7f2494e03f2de343d2bc4bb80633) (Created)

C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\19.0.1084.52\chrome_updater.exe (672168 bytes) (Unknown) (5/24/2012 9:51:36 AM) (--A-) (5450872b23c718a1f0055479de571d03) (Created)

C:\Program Files\gs\uninstgs.exe (102400 bytes) (Unknown) (5/18/2012 5:36:55 AM) (--A-) (e1c0ec79c3ec947e97299b338273517f) (Created)

C:\Program Files\gs\gs8.71\bin\gswin32.exe (147456 bytes) (Unknown) (5/18/2012 5:36:38 AM) (--A-) (91928a35add81a78efa7678ffbf47fdb) (Created)

C:\Program Files\gs\gs8.71\bin\gswin32c.exe (139264 bytes) (Unknown) (5/18/2012 5:36:38 AM) (--A-) (49ca13c0d95491f2d6cabfd1d708ff7f) (Created)

C:\Program Files\Handbrake\uninst.exe (56524 bytes) (Unknown) (5/15/2012 8:12:23 PM) (--A-) (504149b8ab21d7a39e9d8f6b53af8918) (Created)

C:\Program Files\IObit\Random Password Generator\sqlite3.dll (511384 bytes) (Unknown) (5/6/2012 12:32:10 AM) (--A-) (423f8d2e0a0d21403fcb9d8d055dbd1d) (Created)

C:\Program Files\IObit\Random Password Generator\unins000.exe (1177432 bytes) (Unknown) (5/6/2012 12:32:10 AM) (--A-) (63582a30cf08273cb433cb925a760598) (Created)

C:\Program Files\IObit\Random Password Generator\Freeware\Check.dll (143192 bytes) (IObit) (5/6/2012 12:32:11 AM) (--A-) (2b0c89a4c0e3691e81d5d2f527afa7d5) (Created)

C:\Program Files\IObit\Random Password Generator\Freeware\RPG_FreeSoftwareDownloader.exe (1015128 bytes) (IObit) (5/6/2012 12:32:11 AM) (--A-) (45c52841f65d7d0f68c107fdf8db3810) (Created)

C:\Program Files\Java\j2re1.4.2_01\bin\jucheck.exe (241769 bytes) (Unknown) (8/19/2067 5:23:36 PM) (--A-) (56ebb71655623b5e67e7f6882c0f15d8) (Created)

C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe (32873 bytes) (Unknown) (8/19/2067 5:23:36 PM) (--A-) (3f261a8554d95d66009863dcff1b2f72) (Created)

C:\Program Files\Java\j2re1.4.2_01\bin\NPJPI142_01.dll (65642 bytes) (JavaSoft / Sun Microsystems, Inc.) (8/19/2067 5:23:36 PM) (--A-) (0b668a48cb4845f9d9d335d99c82504c) (Created)

C:\Program Files\Mozilla Firefox\AccessibleMarshal.dll (19384 bytes) (Mozilla Foundation) (5/6/2012 12:29:06 AM) (--A-) (44c519569be92c56d468186f562eda2d) (Created)

C:\Program Files\Mozilla Firefox\crashreporter.exe (125880 bytes) (Mozilla Foundation) (5/6/2012 12:29:06 AM) (--A-) (c62ffdd38cc1e5801c9054a6dfa7edc5) (Created)

C:\Program Files\Mozilla Firefox\D3DCompiler_43.dll (2106216 bytes) (Microsoft Corporation) (5/6/2012 12:29:06 AM) (--A-) (1c9b45e87528b8bb8cfa884ea0099a85) (Created)

C:\Program Files\Mozilla Firefox\d3dx9_43.dll (1998168 bytes) (Microsoft Corporation) (5/6/2012 12:29:06 AM) (--A-) (86e39e9161c3d930d93822f1563c280d) (Created)

C:\Program Files\Mozilla Firefox\firefox.exe (924600 bytes) (Mozilla Corporation) (5/6/2012 12:29:06 AM) (--A-) (4f69aabb5d82aa4ef6dff7871212adf6) (Created)

C:\Program Files\Mozilla Firefox\freebl3.dll (269240 bytes) (Mozilla Foundation) (5/6/2012 12:29:06 AM) (--A-) (2c83614ca5c79d7f75c65e79fcabb257) (Created)

C:\Program Files\Mozilla Firefox\gkmedias.dll (588728 bytes) (Mozilla Foundation) (5/11/2012 1:50:21 PM) (--A-) (a899c54193d1742fbc4e49c88bbb5841) (Created)

C:\Program Files\Mozilla Firefox\libEGL.dll (101304 bytes) (Mozilla Foundation) (5/6/2012 12:29:06 AM) (--A-) (cbec83cf546dcb71643565e37d50e2ed) (Created)

C:\Program Files\Mozilla Firefox\libGLESv2.dll (449464 bytes) (Mozilla Foundation) (5/6/2012 12:29:06 AM) (--A-) (7d88b5cb41e4025ae54b2b6ed46517de) (Created)

C:\Program Files\Mozilla Firefox\maintenanceservice.exe (129976 bytes) (Mozilla Foundation) (5/11/2012 1:50:21 PM) (--A-) (96aa8ba23142cc8e2b30f3cae0c80254) (Created)

C:\Program Files\Mozilla Firefox\maintenanceservice_installer.exe (157352 bytes) (Mozilla Corporation) (5/11/2012 1:50:21 PM) (--A-) (a67980ef454f9592cfa8ebdb046369f5) (Created)

C:\Program Files\Mozilla Firefox\mozalloc.dll (16312 bytes) (Mozilla Foundation) (5/6/2012 12:29:06 AM) (--A-) (3817d77e8371f2b8bfab4653fb23230c) (Created)

C:\Program Files\Mozilla Firefox\mozglue.dll (43960 bytes) (Mozilla Foundation) (5/11/2012 1:50:20 PM) (--A-) (0993ab4dc534b208c5557d0586195589) (Created)

C:\Program Files\Mozilla Firefox\mozjs.dll (1952696 bytes) (Unknown) (5/6/2012 12:29:07 AM) (--A-) (97258f0898f8e3f3d154ce1dd71fd50b) (Created)

C:\Program Files\Mozilla Firefox\mozsqlite3.dll (838584 bytes) (sqlite.org) (5/6/2012 12:29:07 AM) (--A-) (f8d269cb2edd02963adab1065352487d) (Created)

C:\Program Files\Mozilla Firefox\msvcm80.dll (479232 bytes) (Microsoft Corporation) (5/6/2012 12:29:07 AM) (--A-) (cae6861b19a2a7e5d42fefc4dfdf5ccf) (Created)

C:\Program Files\Mozilla Firefox\msvcp80.dll (548864 bytes) (Microsoft Corporation) (5/6/2012 12:29:07 AM) (--A-) (4c8a880eabc0b4d462cc4b2472116ea1) (Created)

C:\Program Files\Mozilla Firefox\msvcr80.dll (626688 bytes) (Microsoft Corporation) (5/6/2012 12:29:07 AM) (--A-) (e4fece18310e23b1d8fee993e35e7a6f) (Created)

C:\Program Files\Mozilla Firefox\nspr4.dll (187320 bytes) (Mozilla Foundation) (5/6/2012 12:29:07 AM) (--A-) (1200b011ad494a9e41d882143deb9d68) (Created)

C:\Program Files\Mozilla Firefox\nss3.dll (646072 bytes) (Mozilla Foundation) (5/6/2012 12:29:07 AM) (--A-) (6d8f7647f8eadb1f0d003b13ac7aff8b) (Created)

C:\Program Files\Mozilla Firefox\nssckbi.dll (371640 bytes) (Mozilla Foundation) (5/6/2012 12:29:07 AM) (--A-) (4eb7702ea671448197af4ca2b0d6f7d0) (Created)

C:\Program Files\Mozilla Firefox\nssdbm3.dll (109496 bytes) (Mozilla Foundation) (5/6/2012 12:29:07 AM) (--A-) (77685eccd3cc603c49fb6df510f2d191) (Created)

C:\Program Files\Mozilla Firefox\nssutil3.dll (105400 bytes) (Mozilla Foundation) (5/6/2012 12:29:07 AM) (--A-) (cbbaa8d5109e5c51c241482be107d1b2) (Created)

C:\Program Files\Mozilla Firefox\plc4.dll (22456 bytes) (Mozilla Foundation) (5/6/2012 12:29:07 AM) (--A-) (e52f9b31aea7458e415616b88f41d6b6) (Created)

C:\Program Files\Mozilla Firefox\plds4.dll (20920 bytes) (Mozilla Foundation) (5/6/2012 12:29:07 AM) (--A-) (65d434a6ead6152acffca952121b8fa2) (Created)

C:\Program Files\Mozilla Firefox\plugin-container.exe (16824 bytes) (Mozilla Corporation) (5/6/2012 12:29:07 AM) (--A-) (a7b6857b7503d9ca4f40d17a7ebb67fb) (Created)

C:\Program Files\Mozilla Firefox\smime3.dll (105400 bytes) (Mozilla Foundation) (5/6/2012 12:29:08 AM) (--A-) (25a86a8d2a66b599800d3530dc8ca4af) (Created)

C:\Program Files\Mozilla Firefox\softokn3.dll (170936 bytes) (Mozilla Foundation) (5/6/2012 12:29:08 AM) (--A-) (9a0f86431a4304985a6a32356d8a1e5a) (Created)

C:\Program Files\Mozilla Firefox\ssl3.dll (158648 bytes) (Mozilla Foundation) (5/6/2012 12:29:08 AM) (--A-) (49c2a8dbd535ec9ff202aca627c3ec6a) (Created)

C:\Program Files\Mozilla Firefox\updater.exe (285624 bytes) (Mozilla Foundation) (5/6/2012 12:29:08 AM) (--A-) (7e422ef7807f0717d96bef834e201371) (Created)

C:\Program Files\Mozilla Firefox\xpcom.dll (19896 bytes) (Mozilla Foundation) (5/6/2012 12:29:08 AM) (--A-) (ed866bd9b4f737c4e798eb92dca30931) (Created)

C:\Program Files\Mozilla Firefox\components\browsercomps.dll (97208 bytes) (Mozilla Foundation) (5/6/2012 12:29:10 AM) (--A-) (bd5fc9f3ef6ce0e4e149e9825285974d) (Created)

C:\Program Files\Mozilla Firefox\uninstall\helper.exe (866992 bytes) (Mozilla Corporation) (5/6/2012 12:29:08 AM) (--A-) (b06ca4cef8a3639f886f6f67cd3f02d0) (Created)

C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (129976 bytes) (Mozilla Foundation) (5/11/2012 1:50:30 PM) (--A-) (96aa8ba23142cc8e2b30f3cae0c80254) (Created)

C:\Program Files\Mozilla Maintenance Service\Uninstall.exe (89714 bytes) (Mozilla Corporation) (5/11/2012 1:50:33 PM) (--A-) (0d4f0483bb1b85ddb0f1d109ef31e379) (Created)

C:\Program Files\NCH Swift Sound\Switch\switchsetup_v4.04.exe (426080 bytes) (NCH Software) (3/6/2013 6:06:00 PM) (--A-) (7703f320191a4b2af84f6dbe16a4d3c0) (Modified)

C:\Program Files\PDF Editor\jbig2dec.exe (69632 bytes) (Unknown) (5/18/2012 5:35:20 AM) (--A-) (703b4587e42690ffadb1d2e9cf4d67ed) (Created)

C:\Program Files\PDF Editor\MMPDF.dll (174336 bytes) (Unknown) (5/18/2012 5:35:24 AM) (--A-) (5383d86699f4951540487c20a4e576a8) (Created)

C:\Program Files\PDF Editor\pdfeditor.exe (2860544 bytes) (Unknown) (5/18/2012 5:35:21 AM) (--A-) (0a889ecbb49b0087e8614037c2fa7c81) (Created)

C:\Program Files\PDF Editor\PDFTextInfoDLL.dll (1402880 bytes) (Unknown) (5/18/2012 5:35:24 AM) (--A-) (d587ec33777a8b22b79bd91386d030fd) (Created)

C:\Program Files\PDF Editor\PDFToImageProcessor.dat (1526784 bytes) (Unknown) (5/18/2012 5:35:24 AM) (--A-) (31a7825a487c5974722cf3f5c6942f0e) (Created)

C:\Program Files\PDF Editor\SWFToImageProcessor.dat (733184 bytes) (Unknown) (5/18/2012 5:35:25 AM) (--A-) (d2e2e5cad25e0fe3d7ac8430b312c63f) (Created)

C:\Program Files\PDF Editor\unins000.exe (710426 bytes) (Unknown) (5/18/2012 5:35:14 AM) (--A-) (434a2422a3797fa54835c10a267a5b7c) (Created)

C:\Program Files\PDF Editor\TmplData\book.data (854016 bytes) (Unknown) (5/18/2012 5:36:03 AM) (--A-) (892ee91d692270c45e0d12ee10913f01) (Created)

C:\Program Files\SpywareGuard\unins000.exe (73070 bytes) (Jordan Russell) (5/17/2012 9:36:28 PM) (--A-) (9a4d265548d2a4736f5cfa1d121a55bf) (Modified)

C:\Program Files\System Nucleus\ComponentFactory.Krypton.Toolkit.DLL (2541568 bytes) (Component Factory Pty Ltd) (5/18/2012 1:29:58 PM) (--A-) (330a90e18922b84c6bcb00cbd7558a83) (Created)

C:\Program Files\System Nucleus\Interop.COMAdmin.dll (36864 bytes) (Unknown) (5/18/2012 1:29:57 PM) (--A-) (6497fd6876d1c62ccabe08bf1a976b9c) (Created)

C:\Program Files\System Nucleus\Interop.IWshRuntimeLibrary.dll (49152 bytes) (Unknown) (5/18/2012 1:29:57 PM) (--A-) (1c850a420f48db3b35ddc9a5f69a4935) (Created)

C:\Program Files\System Nucleus\Microsoft.Win32.TaskScheduler.dll (115200 bytes) (CodePlex Community) (5/18/2012 1:29:57 PM) (--A-) (c757150e058428e2a0757701930c223c) (Created)

C:\Program Files\System Nucleus\Spencerberus.dll (706560 bytes) (Spencerberus.com) (5/18/2012 1:29:57 PM) (--A-) (1617d131903aa328ec3d970f1b567277) (Created)

C:\Program Files\System Nucleus\Spencerberus.SystemNucleus.Controls.dll (297984 bytes) (Spencerberus.com) (5/18/2012 1:29:57 PM) (--A-) (2e5dbe77f372917898792e5f96a93542) (Created)

C:\Program Files\System Nucleus\Spencerberus.Toolkit.dll (41984 bytes) (Microsoft) (5/18/2012 1:29:57 PM) (--A-) (1d587e817d1f994b81a359a806e7caed) (Created)

C:\Program Files\System Nucleus\Spencerberus.WindowsApplications.dll (249344 bytes) (Spencerberus.com) (5/18/2012 1:29:57 PM) (--A-) (de9d55d3cd575453453f9fd49394f324) (Created)

C:\Program Files\System Nucleus\System.Data.SQLite.dll (904704 bytes) (Unknown) (5/18/2012 1:29:56 PM) (--A-) (80725a732aba27911402f9ca09fede23) (Created)

C:\Program Files\System Nucleus\unins000.exe (1093406 bytes) (Unknown) (5/18/2012 1:29:55 PM) (--A-) (3079dfbbcdbb9472bd12fc1a75b02851) (Created)

C:\Program Files\System Nucleus\WeifenLuo.WinFormsUI.Docking.dll (430080 bytes) (Weifen Luo) (5/18/2012 1:29:57 PM) (--A-) (ebc6e7d439216d6791df65e6fcc60e7e) (Created)

C:\Program Files\VideoLAN\VLC\uninstall.exe (203099 bytes) (Unknown) (5/10/2012 3:04:25 PM) (--A-) (ea5c84bec09cf3af1d5bdda28686205b) (Modified)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\bz2.pyd (71168 bytes) (Unknown) (5/23/2012 12:29:29 PM) (--A-) (fbe69c5e3c8094093248d7a1427dcfe3) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\mfc90.dll (1156600 bytes) (Microsoft Corporation) (5/23/2012 12:29:31 PM) (--A-) (462ddcc5eb88f34aed991416f8e354b2) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\mfc90u.dll (1162744 bytes) (Microsoft Corporation) (5/23/2012 12:29:31 PM) (--A-) (b9030d821e099c79de1c9125b790e2da) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\mfcm90.dll (59904 bytes) (Microsoft Corporation) (5/23/2012 12:29:32 PM) (--A-) (d4e7c1546cf3131b7d84b39f8da9e321) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\mfcm90u.dll (59904 bytes) (Microsoft Corporation) (5/23/2012 12:29:32 PM) (--A-) (371226b8346f29011137c7aa9e93f2f6) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\pyexpat.pyd (153088 bytes) (Unknown) (5/23/2012 12:29:30 PM) (--A-) (df495f31aa306dbfec3e7cdbb2711cf1) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\pysqlite2._sqlite.pyd (571392 bytes) (Unknown) (5/23/2012 12:29:30 PM) (--A-) (15de81ec02716d08b17ebf5afc2190b8) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\python26.dll (2149888 bytes) (Python Software Foundation) (5/23/2012 12:29:31 PM) (--A-) (30f3d3e322c5339004415d7bc8bf246e) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\pythoncom26.dll (354304 bytes) (Unknown) (5/23/2012 12:29:30 PM) (--A-) (65ee7a7c20134ded91485aef23c882d4) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\PyWinTypes26.dll (110592 bytes) (Unknown) (5/23/2012 12:29:30 PM) (--A-) (abc5dcac962ae8af7af214dd0d6d4ff6) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\select.pyd (11776 bytes) (Unknown) (5/23/2012 12:29:28 PM) (--A-) (3c303c9d3ea9c64742931cac0e351910) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\unicodedata.pyd (585728 bytes) (Unknown) (5/23/2012 12:29:28 PM) (--A-) (ba3c226b01ff615107659411ae01e3b0) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\win32api.pyd (96256 bytes) (Unknown) (5/23/2012 12:29:30 PM) (--A-) (526d928d13e0e141c01ba3799fd8338b) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\win32com.shell.shell.pyd (263168 bytes) (Unknown) (5/23/2012 12:29:30 PM) (--A-) (a78890bf2712d6e472788711fb60113b) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\win32crypt.pyd (11776 bytes) (Unknown) (5/23/2012 12:29:30 PM) (--A-) (6ec174e577b7ab75b3a1a9858b2db261) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\win32event.pyd (17920 bytes) (Unknown) (5/23/2012 12:29:29 PM) (--A-) (e282ea80be94b90e656a475efcac89c2) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\win32evtlog.pyd (19968 bytes) (Unknown) (5/23/2012 12:29:29 PM) (--A-) (94a4b43e93d355f4c225b3794c2e9e03) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\win32file.pyd (111104 bytes) (Unknown) (5/23/2012 12:29:29 PM) (--A-) (94cd8007843957c9a499f3b4ecbaf0d8) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\win32gui.pyd (167936 bytes) (Unknown) (5/23/2012 12:29:28 PM) (--A-) (79192ed88c8751714374b721a55b21e6) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\win32inet.pyd (39424 bytes) (Unknown) (5/23/2012 12:29:29 PM) (--A-) (a294a77b4271ce24bc830f8ca376e018) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\win32pipe.pyd (24064 bytes) (Unknown) (5/23/2012 12:29:28 PM) (--A-) (c8cd1a6f1c4c48fcb0847c1baadd2c94) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\win32process.pyd (36352 bytes) (Unknown) (5/23/2012 12:29:29 PM) (--A-) (5bf6ba38b703df5bbe18358a3188c929) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\win32trace.pyd (16384 bytes) (Unknown) (5/23/2012 12:29:30 PM) (--A-) (05c209dfdac1fb8c7894eb0ce00654a7) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\win32ui.pyd (778240 bytes) (Unknown) (5/23/2012 12:29:29 PM) (--A-) (5a7b2f518a13eb75025795b40caf67f0) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\win32wnet.pyd (24576 bytes) (Unknown) (5/23/2012 12:29:29 PM) (--A-) (494ddc9d643e82667bf86eeebc318711) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\wx._controls_.pyd (1056256 bytes) (Unknown) (5/23/2012 12:29:29 PM) (--A-) (09b6a5a2f9ead10d50e3aea7934e6de4) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\wx._core_.pyd (1169408 bytes) (Unknown) (5/23/2012 12:29:30 PM) (--A-) (dafa56c9092c7cc163cd85a246e5a674) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\wx._gdi_.pyd (792576 bytes) (Unknown) (5/23/2012 12:29:28 PM) (--A-) (86aef2219e35f086ab78ba9fbc0fa1e7) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\wx._html2.pyd (70656 bytes) (Unknown) (5/23/2012 12:29:30 PM) (--A-) (3a4f66adddf413dcd1c714b2bebaf98a) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\wx._misc_.pyd (731136 bytes) (Unknown) (5/23/2012 12:29:30 PM) (--A-) (03b6d87d79e269526aa2b1370de65675) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\wx._windows_.pyd (807424 bytes) (Unknown) (5/23/2012 12:29:29 PM) (--A-) (6cb0403bdfb83f114f6ebfbd1163b220) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\wx._wizard.pyd (121856 bytes) (Unknown) (5/23/2012 12:29:29 PM) (--A-) (7106be04428936372fb6d826956a12d4) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\wxbase293u_net_vc.dll (152576 bytes) (wxWidgets development team) (5/23/2012 12:29:32 PM) (--A-) (29cd1f3e9148fcd542dec355a41776af) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\wxbase293u_vc.dll (1972224 bytes) (wxWidgets development team) (5/23/2012 12:29:31 PM) (--A-) (9e6ad2917d6fd7730ff37b50f7053183) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\wxmsw293u_adv_vc.dll (1214976 bytes) (wxWidgets development team) (5/23/2012 12:29:31 PM) (--A-) (ff13bc0ead656e2de88bd245ba3d2bf7) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\wxmsw293u_html_vc.dll (593408 bytes) (wxWidgets development team) (5/23/2012 12:29:31 PM) (--A-) (699efc4d6fe0a2fe24d7049608f2d543) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\wxmsw293u_webview_vc.dll (81920 bytes) (wxWidgets development team) (5/23/2012 12:29:32 PM) (--A-) (3d01c7f884349a6170a1e0d3cf812333) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\_ctypes.pyd (73728 bytes) (Unknown) (5/23/2012 12:29:30 PM) (--A-) (8dc2eb39af2a01c5c28e50685f5b78a5) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\_elementtree.pyd (86016 bytes) (Unknown) (5/23/2012 12:29:30 PM) (--A-) (37fae00d4f6dec20efafc157c4b3499a) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\_hashlib.pyd (311808 bytes) (Unknown) (5/23/2012 12:29:29 PM) (--A-) (78b16d439f3562552aeb38d352f00567) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\_socket.pyd (40448 bytes) (Unknown) (5/23/2012 12:29:30 PM) (--A-) (2931b1a98fa187834f7e39a598b947e1) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\_ssl.pyd (645120 bytes) (Unknown) (5/23/2012 12:29:29 PM) (--A-) (234cf1a2306cd5645011a298f0d3584a) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI14002\_win32sysloader.pyd (9216 bytes) (Unknown) (5/23/2012 12:29:30 PM) (--A-) (c8f90881a0802051e85640862cada895) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\bz2.pyd (71168 bytes) (Unknown) (5/23/2012 3:31:38 PM) (--A-) (fbe69c5e3c8094093248d7a1427dcfe3) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\mfc90.dll (1156600 bytes) (Microsoft Corporation) (5/23/2012 3:31:42 PM) (--A-) (462ddcc5eb88f34aed991416f8e354b2) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\mfc90u.dll (1162744 bytes) (Microsoft Corporation) (5/23/2012 3:31:42 PM) (--A-) (b9030d821e099c79de1c9125b790e2da) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\mfcm90.dll (59904 bytes) (Microsoft Corporation) (5/23/2012 3:31:42 PM) (--A-) (d4e7c1546cf3131b7d84b39f8da9e321) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\mfcm90u.dll (59904 bytes) (Microsoft Corporation) (5/23/2012 3:31:42 PM) (--A-) (371226b8346f29011137c7aa9e93f2f6) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\pyexpat.pyd (153088 bytes) (Unknown) (5/23/2012 3:31:39 PM) (--A-) (df495f31aa306dbfec3e7cdbb2711cf1) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\pysqlite2._sqlite.pyd (571392 bytes) (Unknown) (5/23/2012 3:31:40 PM) (--A-) (15de81ec02716d08b17ebf5afc2190b8) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\python26.dll (2149888 bytes) (Python Software Foundation) (5/23/2012 3:31:41 PM) (--A-) (30f3d3e322c5339004415d7bc8bf246e) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\pythoncom26.dll (354304 bytes) (Unknown) (5/23/2012 3:31:39 PM) (--A-) (65ee7a7c20134ded91485aef23c882d4) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\PyWinTypes26.dll (110592 bytes) (Unknown) (5/23/2012 3:31:39 PM) (--A-) (abc5dcac962ae8af7af214dd0d6d4ff6) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\select.pyd (11776 bytes) (Unknown) (5/23/2012 3:31:36 PM) (--A-) (3c303c9d3ea9c64742931cac0e351910) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\unicodedata.pyd (585728 bytes) (Unknown) (5/23/2012 3:31:36 PM) (--A-) (ba3c226b01ff615107659411ae01e3b0) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\win32api.pyd (96256 bytes) (Unknown) (5/23/2012 3:31:40 PM) (--A-) (526d928d13e0e141c01ba3799fd8338b) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\win32com.shell.shell.pyd (263168 bytes) (Unknown) (5/23/2012 3:31:40 PM) (--A-) (a78890bf2712d6e472788711fb60113b) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\win32crypt.pyd (11776 bytes) (Unknown) (5/23/2012 3:31:39 PM) (--A-) (6ec174e577b7ab75b3a1a9858b2db261) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\win32event.pyd (17920 bytes) (Unknown) (5/23/2012 3:31:37 PM) (--A-) (e282ea80be94b90e656a475efcac89c2) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\win32evtlog.pyd (19968 bytes) (Unknown) (5/23/2012 3:31:37 PM) (--A-) (94a4b43e93d355f4c225b3794c2e9e03) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\win32file.pyd (111104 bytes) (Unknown) (5/23/2012 3:31:37 PM) (--A-) (94cd8007843957c9a499f3b4ecbaf0d8) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\win32gui.pyd (167936 bytes) (Unknown) (5/23/2012 3:31:37 PM) (--A-) (79192ed88c8751714374b721a55b21e6) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\win32inet.pyd (39424 bytes) (Unknown) (5/23/2012 3:31:37 PM) (--A-) (a294a77b4271ce24bc830f8ca376e018) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\win32pipe.pyd (24064 bytes) (Unknown) (5/23/2012 3:31:18 PM) (--A-) (c8cd1a6f1c4c48fcb0847c1baadd2c94) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\win32process.pyd (36352 bytes) (Unknown) (5/23/2012 3:31:38 PM) (--A-) (5bf6ba38b703df5bbe18358a3188c929) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\win32trace.pyd (16384 bytes) (Unknown) (5/23/2012 3:31:40 PM) (--A-) (05c209dfdac1fb8c7894eb0ce00654a7) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\win32ui.pyd (778240 bytes) (Unknown) (5/23/2012 3:31:38 PM) (--A-) (5a7b2f518a13eb75025795b40caf67f0) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\win32wnet.pyd (24576 bytes) (Unknown) (5/23/2012 3:31:37 PM) (--A-) (494ddc9d643e82667bf86eeebc318711) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\wx._controls_.pyd (1056256 bytes) (Unknown) (5/23/2012 3:31:37 PM) (--A-) (09b6a5a2f9ead10d50e3aea7934e6de4) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\wx._core_.pyd (1169408 bytes) (Unknown) (5/23/2012 3:31:39 PM) (--A-) (dafa56c9092c7cc163cd85a246e5a674) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\wx._gdi_.pyd (792576 bytes) (Unknown) (5/23/2012 3:31:37 PM) (--A-) (86aef2219e35f086ab78ba9fbc0fa1e7) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\wx._html2.pyd (70656 bytes) (Unknown) (5/23/2012 3:31:40 PM) (--A-) (3a4f66adddf413dcd1c714b2bebaf98a) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\wx._misc_.pyd (731136 bytes) (Unknown) (5/23/2012 3:31:39 PM) (--A-) (03b6d87d79e269526aa2b1370de65675) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\wx._windows_.pyd (807424 bytes) (Unknown) (5/23/2012 3:31:38 PM) (--A-) (6cb0403bdfb83f114f6ebfbd1163b220) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\wx._wizard.pyd (121856 bytes) (Unknown) (5/23/2012 3:31:37 PM) (--A-) (7106be04428936372fb6d826956a12d4) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\wxbase293u_net_vc.dll (152576 bytes) (wxWidgets development team) (5/23/2012 3:31:42 PM) (--A-) (29cd1f3e9148fcd542dec355a41776af) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\wxbase293u_vc.dll (1972224 bytes) (wxWidgets development team) (5/23/2012 3:31:41 PM) (--A-) (9e6ad2917d6fd7730ff37b50f7053183) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\wxmsw293u_adv_vc.dll (1214976 bytes) (wxWidgets development team) (5/23/2012 3:31:41 PM) (--A-) (ff13bc0ead656e2de88bd245ba3d2bf7) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\wxmsw293u_html_vc.dll (593408 bytes) (wxWidgets development team) (5/23/2012 3:31:41 PM) (--A-) (699efc4d6fe0a2fe24d7049608f2d543) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\wxmsw293u_webview_vc.dll (81920 bytes) (wxWidgets development team) (5/23/2012 3:31:42 PM) (--A-) (3d01c7f884349a6170a1e0d3cf812333) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\_ctypes.pyd (73728 bytes) (Unknown) (5/23/2012 3:31:39 PM) (--A-) (8dc2eb39af2a01c5c28e50685f5b78a5) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\_elementtree.pyd (86016 bytes) (Unknown) (5/23/2012 3:31:40 PM) (--A-) (37fae00d4f6dec20efafc157c4b3499a) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\_hashlib.pyd (311808 bytes) (Unknown) (5/23/2012 3:31:38 PM) (--A-) (78b16d439f3562552aeb38d352f00567) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\_socket.pyd (40448 bytes) (Unknown) (5/23/2012 3:31:40 PM) (--A-) (2931b1a98fa187834f7e39a598b947e1) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\_ssl.pyd (645120 bytes) (Unknown) (5/23/2012 3:31:38 PM) (--A-) (234cf1a2306cd5645011a298f0d3584a) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24122\_win32sysloader.pyd (9216 bytes) (Unknown) (5/23/2012 3:31:39 PM) (--A-) (c8f90881a0802051e85640862cada895) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\bz2.pyd (71168 bytes) (Unknown) (5/24/2012 9:04:48 AM) (--A-) (fbe69c5e3c8094093248d7a1427dcfe3) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\mfc90.dll (1156600 bytes) (Microsoft Corporation) (5/24/2012 9:04:50 AM) (--A-) (462ddcc5eb88f34aed991416f8e354b2) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\mfc90u.dll (1162744 bytes) (Microsoft Corporation) (5/24/2012 9:04:50 AM) (--A-) (b9030d821e099c79de1c9125b790e2da) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\mfcm90.dll (59904 bytes) (Microsoft Corporation) (5/24/2012 9:04:50 AM) (--A-) (d4e7c1546cf3131b7d84b39f8da9e321) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\mfcm90u.dll (59904 bytes) (Microsoft Corporation) (5/24/2012 9:04:50 AM) (--A-) (371226b8346f29011137c7aa9e93f2f6) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\pyexpat.pyd (153088 bytes) (Unknown) (5/24/2012 9:04:49 AM) (--A-) (df495f31aa306dbfec3e7cdbb2711cf1) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\pysqlite2._sqlite.pyd (571392 bytes) (Unknown) (5/24/2012 9:04:49 AM) (--A-) (15de81ec02716d08b17ebf5afc2190b8) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\python26.dll (2149888 bytes) (Python Software Foundation) (5/24/2012 9:04:50 AM) (--A-) (30f3d3e322c5339004415d7bc8bf246e) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\pythoncom26.dll (354304 bytes) (Unknown) (5/24/2012 9:04:49 AM) (--A-) (65ee7a7c20134ded91485aef23c882d4) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\PyWinTypes26.dll (110592 bytes) (Unknown) (5/24/2012 9:04:49 AM) (--A-) (abc5dcac962ae8af7af214dd0d6d4ff6) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\select.pyd (11776 bytes) (Unknown) (5/24/2012 9:04:47 AM) (--A-) (3c303c9d3ea9c64742931cac0e351910) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\unicodedata.pyd (585728 bytes) (Unknown) (5/24/2012 9:04:47 AM) (--A-) (ba3c226b01ff615107659411ae01e3b0) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\win32api.pyd (96256 bytes) (Unknown) (5/24/2012 9:04:49 AM) (--A-) (526d928d13e0e141c01ba3799fd8338b) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\win32com.shell.shell.pyd (263168 bytes) (Unknown) (5/24/2012 9:04:49 AM) (--A-) (a78890bf2712d6e472788711fb60113b) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\win32crypt.pyd (11776 bytes) (Unknown) (5/24/2012 9:04:49 AM) (--A-) (6ec174e577b7ab75b3a1a9858b2db261) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\win32event.pyd (17920 bytes) (Unknown) (5/24/2012 9:04:47 AM) (--A-) (e282ea80be94b90e656a475efcac89c2) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\win32evtlog.pyd (19968 bytes) (Unknown) (5/24/2012 9:04:48 AM) (--A-) (94a4b43e93d355f4c225b3794c2e9e03) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\win32file.pyd (111104 bytes) (Unknown) (5/24/2012 9:04:48 AM) (--A-) (94cd8007843957c9a499f3b4ecbaf0d8) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\win32gui.pyd (167936 bytes) (Unknown) (5/24/2012 9:04:47 AM) (--A-) (79192ed88c8751714374b721a55b21e6) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\win32inet.pyd (39424 bytes) (Unknown) (5/24/2012 9:04:48 AM) (--A-) (a294a77b4271ce24bc830f8ca376e018) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\win32pipe.pyd (24064 bytes) (Unknown) (5/24/2012 9:04:47 AM) (--A-) (c8cd1a6f1c4c48fcb0847c1baadd2c94) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\win32process.pyd (36352 bytes) (Unknown) (5/24/2012 9:04:48 AM) (--A-) (5bf6ba38b703df5bbe18358a3188c929) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\win32trace.pyd (16384 bytes) (Unknown) (5/24/2012 9:04:49 AM) (--A-) (05c209dfdac1fb8c7894eb0ce00654a7) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\win32ui.pyd (778240 bytes) (Unknown) (5/24/2012 9:04:48 AM) (--A-) (5a7b2f518a13eb75025795b40caf67f0) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\win32wnet.pyd (24576 bytes) (Unknown) (5/24/2012 9:04:48 AM) (--A-) (494ddc9d643e82667bf86eeebc318711) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\wx._controls_.pyd (1056256 bytes) (Unknown) (5/24/2012 9:04:47 AM) (--A-) (09b6a5a2f9ead10d50e3aea7934e6de4) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\wx._core_.pyd (1169408 bytes) (Unknown) (5/24/2012 9:04:49 AM) (--A-) (dafa56c9092c7cc163cd85a246e5a674) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\wx._gdi_.pyd (792576 bytes) (Unknown) (5/24/2012 9:04:47 AM) (--A-) (86aef2219e35f086ab78ba9fbc0fa1e7) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\wx._html2.pyd (70656 bytes) (Unknown) (5/24/2012 9:04:49 AM) (--A-) (3a4f66adddf413dcd1c714b2bebaf98a) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\wx._misc_.pyd (731136 bytes) (Unknown) (5/24/2012 9:04:49 AM) (--A-) (03b6d87d79e269526aa2b1370de65675) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\wx._windows_.pyd (807424 bytes) (Unknown) (5/24/2012 9:04:48 AM) (--A-) (6cb0403bdfb83f114f6ebfbd1163b220) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\wx._wizard.pyd (121856 bytes) (Unknown) (5/24/2012 9:04:48 AM) (--A-) (7106be04428936372fb6d826956a12d4) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\wxbase293u_net_vc.dll (152576 bytes) (wxWidgets development team) (5/24/2012 9:04:51 AM) (--A-) (29cd1f3e9148fcd542dec355a41776af) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\wxbase293u_vc.dll (1972224 bytes) (wxWidgets development team) (5/24/2012 9:04:50 AM) (--A-) (9e6ad2917d6fd7730ff37b50f7053183) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\wxmsw293u_adv_vc.dll (1214976 bytes) (wxWidgets development team) (5/24/2012 9:04:50 AM) (--A-) (ff13bc0ead656e2de88bd245ba3d2bf7) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\wxmsw293u_html_vc.dll (593408 bytes) (wxWidgets development team) (5/24/2012 9:04:50 AM) (--A-) (699efc4d6fe0a2fe24d7049608f2d543) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\wxmsw293u_webview_vc.dll (81920 bytes) (wxWidgets development team) (5/24/2012 9:04:51 AM) (--A-) (3d01c7f884349a6170a1e0d3cf812333) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\_ctypes.pyd (73728 bytes) (Unknown) (5/24/2012 9:04:49 AM) (--A-) (8dc2eb39af2a01c5c28e50685f5b78a5) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\_elementtree.pyd (86016 bytes) (Unknown) (5/24/2012 9:04:50 AM) (--A-) (37fae00d4f6dec20efafc157c4b3499a) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\_hashlib.pyd (311808 bytes) (Unknown) (5/24/2012 9:04:48 AM) (--A-) (78b16d439f3562552aeb38d352f00567) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\_socket.pyd (40448 bytes) (Unknown) (5/24/2012 9:04:49 AM) (--A-) (2931b1a98fa187834f7e39a598b947e1) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\_ssl.pyd (645120 bytes) (Unknown) (5/24/2012 9:04:48 AM) (--A-) (234cf1a2306cd5645011a298f0d3584a) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI24402\_win32sysloader.pyd (9216 bytes) (Unknown) (5/24/2012 9:04:49 AM) (--A-) (c8f90881a0802051e85640862cada895) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\bz2.pyd (71168 bytes) (Unknown) (5/23/2012 6:21:26 PM) (--A-) (fbe69c5e3c8094093248d7a1427dcfe3) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\mfc90.dll (1156600 bytes) (Microsoft Corporation) (5/23/2012 6:21:30 PM) (--A-) (462ddcc5eb88f34aed991416f8e354b2) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\mfc90u.dll (1162744 bytes) (Microsoft Corporation) (5/23/2012 6:21:30 PM) (--A-) (b9030d821e099c79de1c9125b790e2da) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\mfcm90.dll (59904 bytes) (Microsoft Corporation) (5/23/2012 6:21:30 PM) (--A-) (d4e7c1546cf3131b7d84b39f8da9e321) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\mfcm90u.dll (59904 bytes) (Microsoft Corporation) (5/23/2012 6:21:30 PM) (--A-) (371226b8346f29011137c7aa9e93f2f6) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\pyexpat.pyd (153088 bytes) (Unknown) (5/23/2012 6:21:27 PM) (--A-) (df495f31aa306dbfec3e7cdbb2711cf1) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\pysqlite2._sqlite.pyd (571392 bytes) (Unknown) (5/23/2012 6:21:28 PM) (--A-) (15de81ec02716d08b17ebf5afc2190b8) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\python26.dll (2149888 bytes) (Python Software Foundation) (5/23/2012 6:21:29 PM) (--A-) (30f3d3e322c5339004415d7bc8bf246e) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\pythoncom26.dll (354304 bytes) (Unknown) (5/23/2012 6:21:27 PM) (--A-) (65ee7a7c20134ded91485aef23c882d4) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\PyWinTypes26.dll (110592 bytes) (Unknown) (5/23/2012 6:21:27 PM) (--A-) (abc5dcac962ae8af7af214dd0d6d4ff6) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\select.pyd (11776 bytes) (Unknown) (5/23/2012 6:21:23 PM) (--A-) (3c303c9d3ea9c64742931cac0e351910) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\unicodedata.pyd (585728 bytes) (Unknown) (5/23/2012 6:21:23 PM) (--A-) (ba3c226b01ff615107659411ae01e3b0) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\win32api.pyd (96256 bytes) (Unknown) (5/23/2012 6:21:28 PM) (--A-) (526d928d13e0e141c01ba3799fd8338b) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\win32com.shell.shell.pyd (263168 bytes) (Unknown) (5/23/2012 6:21:28 PM) (--A-) (a78890bf2712d6e472788711fb60113b) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\win32crypt.pyd (11776 bytes) (Unknown) (5/23/2012 6:21:27 PM) (--A-) (6ec174e577b7ab75b3a1a9858b2db261) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\win32event.pyd (17920 bytes) (Unknown) (5/23/2012 6:21:25 PM) (--A-) (e282ea80be94b90e656a475efcac89c2) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\win32evtlog.pyd (19968 bytes) (Unknown) (5/23/2012 6:21:25 PM) (--A-) (94a4b43e93d355f4c225b3794c2e9e03) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\win32file.pyd (111104 bytes) (Unknown) (5/23/2012 6:21:26 PM) (--A-) (94cd8007843957c9a499f3b4ecbaf0d8) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\win32gui.pyd (167936 bytes) (Unknown) (5/23/2012 6:21:24 PM) (--A-) (79192ed88c8751714374b721a55b21e6) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\win32inet.pyd (39424 bytes) (Unknown) (5/23/2012 6:21:25 PM) (--A-) (a294a77b4271ce24bc830f8ca376e018) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\win32pipe.pyd (24064 bytes) (Unknown) (5/23/2012 6:21:14 PM) (--A-) (c8cd1a6f1c4c48fcb0847c1baadd2c94) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\win32process.pyd (36352 bytes) (Unknown) (5/23/2012 6:21:26 PM) (--A-) (5bf6ba38b703df5bbe18358a3188c929) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\win32trace.pyd (16384 bytes) (Unknown) (5/23/2012 6:21:27 PM) (--A-) (05c209dfdac1fb8c7894eb0ce00654a7) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\win32ui.pyd (778240 bytes) (Unknown) (5/23/2012 6:21:27 PM) (--A-) (5a7b2f518a13eb75025795b40caf67f0) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\win32wnet.pyd (24576 bytes) (Unknown) (5/23/2012 6:21:25 PM) (--A-) (494ddc9d643e82667bf86eeebc318711) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\wx._controls_.pyd (1056256 bytes) (Unknown) (5/23/2012 6:21:25 PM) (--A-) (09b6a5a2f9ead10d50e3aea7934e6de4) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\wx._core_.pyd (1169408 bytes) (Unknown) (5/23/2012 6:21:27 PM) (--A-) (dafa56c9092c7cc163cd85a246e5a674) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\wx._gdi_.pyd (792576 bytes) (Unknown) (5/23/2012 6:21:24 PM) (--A-) (86aef2219e35f086ab78ba9fbc0fa1e7) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\wx._html2.pyd (70656 bytes) (Unknown) (5/23/2012 6:21:28 PM) (--A-) (3a4f66adddf413dcd1c714b2bebaf98a) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\wx._misc_.pyd (731136 bytes) (Unknown) (5/23/2012 6:21:27 PM) (--A-) (03b6d87d79e269526aa2b1370de65675) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\wx._windows_.pyd (807424 bytes) (Unknown) (5/23/2012 6:21:26 PM) (--A-) (6cb0403bdfb83f114f6ebfbd1163b220) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\wx._wizard.pyd (121856 bytes) (Unknown) (5/23/2012 6:21:26 PM) (--A-) (7106be04428936372fb6d826956a12d4) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\wxbase293u_net_vc.dll (152576 bytes) (wxWidgets development team) (5/23/2012 6:21:30 PM) (--A-) (29cd1f3e9148fcd542dec355a41776af) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\wxbase293u_vc.dll (1972224 bytes) (wxWidgets development team) (5/23/2012 6:21:29 PM) (--A-) (9e6ad2917d6fd7730ff37b50f7053183) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\wxmsw293u_adv_vc.dll (1214976 bytes) (wxWidgets development team) (5/23/2012 6:21:30 PM) (--A-) (ff13bc0ead656e2de88bd245ba3d2bf7) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\wxmsw293u_html_vc.dll (593408 bytes) (wxWidgets development team) (5/23/2012 6:21:30 PM) (--A-) (699efc4d6fe0a2fe24d7049608f2d543) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\wxmsw293u_webview_vc.dll (81920 bytes) (wxWidgets development team) (5/23/2012 6:21:31 PM) (--A-) (3d01c7f884349a6170a1e0d3cf812333) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\_ctypes.pyd (73728 bytes) (Unknown) (5/23/2012 6:21:27 PM) (--A-) (8dc2eb39af2a01c5c28e50685f5b78a5) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\_elementtree.pyd (86016 bytes) (Unknown) (5/23/2012 6:21:29 PM) (--A-) (37fae00d4f6dec20efafc157c4b3499a) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\_hashlib.pyd (311808 bytes) (Unknown) (5/23/2012 6:21:26 PM) (--A-) (78b16d439f3562552aeb38d352f00567) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\_socket.pyd (40448 bytes) (Unknown) (5/23/2012 6:21:28 PM) (--A-) (2931b1a98fa187834f7e39a598b947e1) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\_ssl.pyd (645120 bytes) (Unknown) (5/23/2012 6:21:27 PM) (--A-) (234cf1a2306cd5645011a298f0d3584a) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI25082\_win32sysloader.pyd (9216 bytes) (Unknown) (5/23/2012 6:21:27 PM) (--A-) (c8f90881a0802051e85640862cada895) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\bz2.pyd (71168 bytes) (Unknown) (5/24/2012 9:19:39 PM) (--A-) (fbe69c5e3c8094093248d7a1427dcfe3) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\mfc90.dll (1156600 bytes) (Microsoft Corporation) (5/24/2012 9:19:43 PM) (--A-) (462ddcc5eb88f34aed991416f8e354b2) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\mfc90u.dll (1162744 bytes) (Microsoft Corporation) (5/24/2012 9:19:43 PM) (--A-) (b9030d821e099c79de1c9125b790e2da) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\mfcm90.dll (59904 bytes) (Microsoft Corporation) (5/24/2012 9:19:43 PM) (--A-) (d4e7c1546cf3131b7d84b39f8da9e321) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\mfcm90u.dll (59904 bytes) (Microsoft Corporation) (5/24/2012 9:19:43 PM) (--A-) (371226b8346f29011137c7aa9e93f2f6) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\pyexpat.pyd (153088 bytes) (Unknown) (5/24/2012 9:19:40 PM) (--A-) (df495f31aa306dbfec3e7cdbb2711cf1) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\pysqlite2._sqlite.pyd (571392 bytes) (Unknown) (5/24/2012 9:19:41 PM) (--A-) (15de81ec02716d08b17ebf5afc2190b8) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\python26.dll (2149888 bytes) (Python Software Foundation) (5/24/2012 9:19:41 PM) (--A-) (30f3d3e322c5339004415d7bc8bf246e) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\pythoncom26.dll (354304 bytes) (Unknown) (5/24/2012 9:19:40 PM) (--A-) (65ee7a7c20134ded91485aef23c882d4) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\PyWinTypes26.dll (110592 bytes) (Unknown) (5/24/2012 9:19:39 PM) (--A-) (abc5dcac962ae8af7af214dd0d6d4ff6) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\select.pyd (11776 bytes) (Unknown) (5/24/2012 9:19:37 PM) (--A-) (3c303c9d3ea9c64742931cac0e351910) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\unicodedata.pyd (585728 bytes) (Unknown) (5/24/2012 9:19:37 PM) (--A-) (ba3c226b01ff615107659411ae01e3b0) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\win32api.pyd (96256 bytes) (Unknown) (5/24/2012 9:19:41 PM) (--A-) (526d928d13e0e141c01ba3799fd8338b) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\win32com.shell.shell.pyd (263168 bytes) (Unknown) (5/24/2012 9:19:40 PM) (--A-) (a78890bf2712d6e472788711fb60113b) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\win32crypt.pyd (11776 bytes) (Unknown) (5/24/2012 9:19:40 PM) (--A-) (6ec174e577b7ab75b3a1a9858b2db261) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\win32event.pyd (17920 bytes) (Unknown) (5/24/2012 9:19:37 PM) (--A-) (e282ea80be94b90e656a475efcac89c2) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\win32evtlog.pyd (19968 bytes) (Unknown) (5/24/2012 9:19:38 PM) (--A-) (94a4b43e93d355f4c225b3794c2e9e03) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\win32file.pyd (111104 bytes) (Unknown) (5/24/2012 9:19:38 PM) (--A-) (94cd8007843957c9a499f3b4ecbaf0d8) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\win32gui.pyd (167936 bytes) (Unknown) (5/24/2012 9:19:37 PM) (--A-) (79192ed88c8751714374b721a55b21e6) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\win32inet.pyd (39424 bytes) (Unknown) (5/24/2012 9:19:38 PM) (--A-) (a294a77b4271ce24bc830f8ca376e018) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\win32pipe.pyd (24064 bytes) (Unknown) (5/24/2012 9:19:36 PM) (--A-) (c8cd1a6f1c4c48fcb0847c1baadd2c94) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\win32process.pyd (36352 bytes) (Unknown) (5/24/2012 9:19:38 PM) (--A-) (5bf6ba38b703df5bbe18358a3188c929) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\win32trace.pyd (16384 bytes) (Unknown) (5/24/2012 9:19:40 PM) (--A-) (05c209dfdac1fb8c7894eb0ce00654a7) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\win32ui.pyd (778240 bytes) (Unknown) (5/24/2012 9:19:39 PM) (--A-) (5a7b2f518a13eb75025795b40caf67f0) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\win32wnet.pyd (24576 bytes) (Unknown) (5/24/2012 9:19:38 PM) (--A-) (494ddc9d643e82667bf86eeebc318711) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\wx._controls_.pyd (1056256 bytes) (Unknown) (5/24/2012 9:19:38 PM) (--A-) (09b6a5a2f9ead10d50e3aea7934e6de4) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\wx._core_.pyd (1169408 bytes) (Unknown) (5/24/2012 9:19:39 PM) (--A-) (dafa56c9092c7cc163cd85a246e5a674) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\wx._gdi_.pyd (792576 bytes) (Unknown) (5/24/2012 9:19:37 PM) (--A-) (86aef2219e35f086ab78ba9fbc0fa1e7) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\wx._html2.pyd (70656 bytes) (Unknown) (5/24/2012 9:19:40 PM) (--A-) (3a4f66adddf413dcd1c714b2bebaf98a) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\wx._misc_.pyd (731136 bytes) (Unknown) (5/24/2012 9:19:39 PM) (--A-) (03b6d87d79e269526aa2b1370de65675) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\wx._windows_.pyd (807424 bytes) (Unknown) (5/24/2012 9:19:38 PM) (--A-) (6cb0403bdfb83f114f6ebfbd1163b220) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\wx._wizard.pyd (121856 bytes) (Unknown) (5/24/2012 9:19:38 PM) (--A-) (7106be04428936372fb6d826956a12d4) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\wxbase293u_net_vc.dll (152576 bytes) (wxWidgets development team) (5/24/2012 9:19:43 PM) (--A-) (29cd1f3e9148fcd542dec355a41776af) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\wxbase293u_vc.dll (1972224 bytes) (wxWidgets development team) (5/24/2012 9:19:42 PM) (--A-) (9e6ad2917d6fd7730ff37b50f7053183) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\wxmsw293u_adv_vc.dll (1214976 bytes) (wxWidgets development team) (5/24/2012 9:19:42 PM) (--A-) (ff13bc0ead656e2de88bd245ba3d2bf7) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\wxmsw293u_html_vc.dll (593408 bytes) (wxWidgets development team) (5/24/2012 9:19:43 PM) (--A-) (699efc4d6fe0a2fe24d7049608f2d543) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\wxmsw293u_webview_vc.dll (81920 bytes) (wxWidgets development team) (5/24/2012 9:19:44 PM) (--A-) (3d01c7f884349a6170a1e0d3cf812333) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\_ctypes.pyd (73728 bytes) (Unknown) (5/24/2012 9:19:40 PM) (--A-) (8dc2eb39af2a01c5c28e50685f5b78a5) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\_elementtree.pyd (86016 bytes) (Unknown) (5/24/2012 9:19:41 PM) (--A-) (37fae00d4f6dec20efafc157c4b3499a) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\_hashlib.pyd (311808 bytes) (Unknown) (5/24/2012 9:19:38 PM) (--A-) (78b16d439f3562552aeb38d352f00567) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\_socket.pyd (40448 bytes) (Unknown) (5/24/2012 9:19:41 PM) (--A-) (2931b1a98fa187834f7e39a598b947e1) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\_ssl.pyd (645120 bytes) (Unknown) (5/24/2012 9:19:39 PM) (--A-) (234cf1a2306cd5645011a298f0d3584a) (Created)

C:\Users\PLANET~1\AppData\Local\Temp\_MEI30042\_win32sysloader.pyd (9216 bytes) (Unknown) (5/24/2012 9:19:40 PM) (--A-) (c8f90881a0802051e85640862cada895) (Created)

 

[+] Hidden files in suspicious folders

 

 

[+] Suspicious Registry Keys

 

 

[+] Suspicious folders

 

 

[+] Drivers

 

C:\Windows\system32\drivers\amdxata.sys (amdxata) (amdxata) (Advanced Micro Devices) (b81c2b5616f6420a9941ea093a92b150)

c:\windows\system32\drivers\aswmonflt.sys (aswMonFlt) (aswMonFlt) (AVAST Software) (6693141560b1615d8dccf0d8eb00087e)

C:\Windows\system32\drivers\aswrdr2.sys (aswRdr) (aswRdr) (AVAST Software) (225013c16fe096714d71649ad7a20e8b)

C:\Windows\system32\drivers\blbdrive.sys (blbdrive) (blbdrive) (Microsoft Corporation) (2287078ed48fcfc477b05b20cf38f36f)

c:\windows\system32\drivers\cbfs.sys (CbFs) (CbFs) (EldoS Corporation) (a975187f3c8867f8d00a698a5282672b)

C:\Windows\system32\drivers\cmdguard.sys (cmdGuard) (COMODO Internet Security Sandbox Driver) (COMODO) (ed042da80d9d6a087e83df395ceefd65)

C:\Windows\system32\drivers\cmdhlp.sys (cmdHlp) (COMODO Internet Security Helper Driver) (COMODO) (ed6b6a222cb9adf6751e02ad478a89fb)

C:\Windows\system32\drivers\igdkmd32.sys (igfx) (igfx) (Intel Corporation) (9467514ea189475a6e7fdc5d7bde9d3f)

C:\Windows\system32\drivers\inspect.sys (inspect) (COMODO Internet Security Firewall Driver) (COMODO) (2ee3db2c1760171c6f72f2f1792a47b5)

C:\Windows\system32\drivers\intelide.sys (intelide) (intelide) (Microsoft Corporation) (a0f12f2c9ba6c72f3987ce780e77c130)

C:\Windows\system32\drivers\manycam.sys (ManyCam) (ManyCam Virtual Webcam, WDM Video Capture Driver) (ManyCam LLC.) (c6d085c7045200143528136a43a65fde)

C:\Windows\system32\drivers\npf.sys (npf) (NetGroup Packet Filter Driver) (CACE Technologies, Inc.) (b48dc6abcd3aeff8618350ccbdc6b09a)

C:\Windows\system32\drivers\rt86win7.sys (RTL8167) (Realtek 8167 NT Driver) (Realtek Corporation) (7dfd48e24479b68b258d8770121155a0)

C:\Windows\system32\drivers\vmstorfl.sys (storflt) (Disk Virtual Machine Bus Acceleration Filter Driver) (Microsoft Corporation) (957e346ca948668f2496a6ccf6ff82cc)

C:\Windows\system32\drivers\swenum.sys (swenum) (Software Bus Driver) (Microsoft Corporation) (e58c78a848add9610a4db6d214af5224)

C:\Windows\system32\drivers\tap08qemu.sys (tap08qemu) (Qemu Manager TAP-Win32 Adapter V8) (The OpenVPN Project) (79436529f3cbe216b6ea066868faae36)

C:\Windows\system32\drivers\tapoas.sys (tapoas) (TAP-Win32 Adapter OAS) (The OpenVPN Project) (827c8058c284ff0013e4462efe2591a3)

C:\Windows\system32\drivers\vcom.sys (vCOM) (vCOM) (N8VB vCOM) (b2904a3694f7363935333dc42cf9b4b3)

C:\Windows\system32\drivers\ztemtusbser.sys (zteusbser) (ZTE USB Device for Legacy Serial Communication) (ZTEMT Incorporated) (b54a011c6524796d910a6f30b9e37d27)

 

[+] Drivers -> FSFilter Anti-Virus

 

Driver Name: aswMonFlt

Driver File: \??\C:\Windows\system32\drivers\aswMonFlt.sys

Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aswMonFlt

 

Driver Name: cmdGuard

Driver File:

Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cmdGuard

 

 

[+] Services

 

c:\program files\avast software\avast\avastsvc.exe (avast! Antivirus) (avast! Antivirus) (AVAST Software) (4041d31508a2a084dfb42c595854090f)

c:\program files\comodo\comodo internet security\cmdagent.exe (cmdAgent) (COMODO Internet Security Helper Service) (COMODO) (907324001ae25ac5959c91eaa34cabae)

 

[+] ServiceDll

 

 

[+] Unknown files in Winsock LSP

 

 

[+] Unknown files in CLSID

 

C:\Windows\system32\ffdshow.ax (3478016 bytes) (Unknown) (1/10/2012 1:33:22 AM) (--A-) (4a2e8bb964295bdd5133d0c1abacd962)

C:\Windows\system32\VSFilter.dll (987136 bytes) (Gabest) (8/27/2008 3:41:42 AM) (--A-) (06895377fb9ffef94c3b4d995597e760)

C:\Windows\system32\IVIVIDEO.ax (3956736 bytes) (InterVideo Inc.) (4/17/2006 7:07:06 PM) (--A-) (e2e39a959a73cdfb06df94b44bf791aa)

C:\Windows\system32\imagXpr7.dll (497296 bytes) (Pegasus Imaging Corp.) (3/17/2006 12:45:54 PM) (--A-) (30cfd905ba1f1b85dc8e98cbf79f1d57)

C:\Windows\system32\threed32.ocx (200704 bytes) (Sheridan Software Systems, Inc.) (6/23/2011 4:32:40 AM) (--A-) (51c9e8d775c6653acf5d87bdb2ebd33e)

C:\Windows\system32\igfxsrvc.exe (252952 bytes) (Intel Corporation) (9/23/2009 7:30:48 PM) (--A-) (d9c51528488ea0d98d3c4d02abd16759)

C:\Windows\system32\HLButton.ocx (143360 bytes) (Herman & Associates) (8/4/2011 2:20:46 AM) (--A-) (105f8e623989e7830ffc45cc96159558)

C:\Windows\system32\LAVSplitter.ax (460800 bytes) (1f0.de - Hendrik Leppkes) (1/8/2012 3:52:08 AM) (--A-) (fe4166ed0cadba8af8071234adc7613f)

C:\Windows\system32\GoogleInput_bn.ime (1761264 bytes) (Google Inc.) (3/1/2011 4:49:12 PM) (--A-) (6f3d7065c4baadd52da660c3e5558452)

C:\Windows\system32\VSFLEX3.OCX (225280 bytes) (VideoSoft) (1/5/1999 5:30:02 PM) (--A-) (c758ebc719c0d07b1b0e251c77f11bfd)

C:\Windows\system32\LAVAudio.ax (212992 bytes) (1f0.de - Hendrik Leppkes) (1/8/2012 3:52:04 AM) (--A-) (c5ca436d963b7cb2607c71072c9f30ba)

C:\Windows\system32\XceedCry.dll (526184 bytes) (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) (8/4/2011 2:20:50 AM) (--A-) (47086109df33378a73e15e25ee6a2d20)

C:\Windows\system32\LAVVideo.ax (448000 bytes) (1f0.de - Hendrik Leppkes) (1/8/2012 3:52:04 AM) (--A-) (e41abdd77ff7e612d5f74d00ec722f32)

C:\Windows\system32\IGFXEXPS.DLL (23552 bytes) (Intel Corporation) (9/23/2009 6:49:36 PM) (--A-) (f2a9419ac0645001a44ddc518b07a1cf)

C:\Windows\system32\igfxpph.dll (199680 bytes) (Intel Corporation) (9/23/2009 6:49:42 PM) (--A-) (ed616cd5d2b5d9e77ff98aa9d2a2a1d7)

C:\Windows\system32\ccrpfd6.ocx (151552 bytes) (Domenico Statuto - CCRP) (6/23/2011 4:32:40 AM) (--A-) (385d15906d1be4de788d5ccb3732c24f)

C:\Windows\system32\igfxdo.dll (130048 bytes) (Intel Corporation) (9/23/2009 6:49:10 PM) (--A-) (f480e35463d107ce27bd492bde51b61f)

C:\Windows\system32\FLVSplitter.ax (437760 bytes) (MPC-HC Team) (7/23/2011 4:25:26 AM) (--A-) (1b05381f4116fb383634c0d986406cc2)

C:\Windows\system32\avi.dll (109568 bytes) (Unknown) (3/3/2011 5:09:56 PM) (--A-) (8111075e8b53fee942ce45d9a514fa89)

C:\Windows\system32\mkx.dll (150528 bytes) (Unknown) (9/8/2011 7:30:52 PM) (--A-) (6adb98152cd780dafd43fa2db9ff819b)

C:\Windows\system32\splitter.ax (556032 bytes) (Unknown) (9/8/2011 7:31:08 PM) (--A-) (f9d85ffe9198de79004353a3ff8a120f)

C:\Windows\system32\IVInav.ax (601600 bytes) (InterVideo Inc.) (2/15/2006 2:42:54 AM) (--A-) (658f661eacdccfbb1667ec2fad50bba3)

C:\Windows\system32\AniGIF.ocx (282624 bytes) (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) (1/23/2004 10:12:00 PM) (--A-) (4dca36401a2bcd703b581b8302cb74ce)

C:\Windows\system32\GoogleInput_sa.ime (1761264 bytes) (Google Inc.) (6/28/2011 3:59:01 PM) (--A-) (9cc13cc2fa534edda2de4e58657df2f9)

C:\Windows\system32\igfxTMM.dll (257536 bytes) (Intel Corporation) (9/23/2009 6:49:42 PM) (--A-) (cffecb89cad732e79b2a6725833eadc7)

C:\Windows\system32\IBColIml.ocx (94208 bytes) (Unknown) (8/4/2011 2:20:46 AM) (--A-) (064ac7aa2487a7e90685af7b476a1c6b)

C:\Windows\system32\dxr.dll (249856 bytes) (Unknown) (9/8/2011 7:30:38 PM) (--A-) (116abbf463689755cc34e65338eb478b)

C:\Windows\system32\Disable_X.ocx (28672 bytes) (Checks Unlimited) (8/4/2011 2:20:46 AM) (--A-) (ef6670c8985109f79e7b4f0546463200)

C:\Windows\system32\DCBassSource.ax (243712 bytes) (http://www.dsp-worx.de) (9/14/2010 3:10:26 AM) (--A-) (872f2784774238f5990ef8c8b7d88ba7)

C:\Windows\system32\GoogleInput_ru.ime (1761264 bytes) (Google Inc.) (2/19/2011 12:02:59 PM) (--A-) (8c8183e35091efa990598f940c6ac5c3)

C:\Windows\system32\ac3filter.ax (797184 bytes) (Unknown) (8/12/2009 2:49:04 AM) (--A-) (841e8d8623b1683eb8249b676ca0ad26)

C:\Windows\system32\igfxdev.dll (218112 bytes) (Intel Corporation) (9/23/2009 6:49:00 PM) (--A-) (aed01a07b3f9b7ac9ebec89ebe78b0a1)

C:\Windows\system32\FXTab.ocx (229376 bytes) (xyz) (12/7/2007 7:09:56 PM) (--A-) (df9e4a7e31c3feea34beb12aaed33573)

C:\Windows\system32\mp4.dll (142336 bytes) (Unknown) (9/8/2011 7:30:48 PM) (--A-) (5571c32ae9b10240a791fdc2a5387a7c)

C:\Windows\system32\GoogleInput_kn.ime (1761264 bytes) (Google Inc.) (5/9/2011 12:55:37 PM) (--A-) (83e2ec70f55935eceac01d34d34e86ca)

C:\Windows\system32\ts.dll (154624 bytes) (Unknown) (9/8/2011 7:30:24 PM) (--A-) (18d337b1a07c2ccdc1bfc9339a1aff8d)

C:\Windows\system32\GoogleInput_hi.ime (1761264 bytes) (Google Inc.) (2/18/2011 9:36:38 PM) (--A-) (367c959d9ad9aba7fcc86887f4d381d8)

C:\Windows\system32\mbprgbar.ocx (106496 bytes) (Marco Bellinaso) (6/23/2011 4:32:40 AM) (--A-) (503e3d39587a3f08799db5defd540ddb)

C:\Windows\system32\IMAGEV~1.OCX (991232 bytes) (Viscom Software) (6/23/2011 4:32:40 AM) (--A-) (b006e26e122c67d4fc68df1e1aeca458)

C:\Windows\system32\deployJava1.dll (472808 bytes) (Sun Microsystems, Inc.) (5/17/2011 2:28:47 AM) (--A-) (3107d5460a32130eafe9beaa12ee2251)

C:\Windows\system32\cdxareader.ax (376832 bytes) (MPC-HC Team) (7/23/2011 4:26:20 AM) (--A-) (b94432970d2af2e466242ae44d81567f)

C:\Windows\system32\ogm.dll (123392 bytes) (Unknown) (9/8/2011 7:30:42 PM) (--A-) (73933b9207edae66ecfcd2871a79ae21)

C:\Windows\system32\igfxsrvc.dll (51712 bytes) (Intel Corporation) (9/23/2009 6:49:24 PM) (--A-) (ecf6459a9c158ba07877221cf86d9e81)

C:\Windows\system32\avs.dll (97792 bytes) (Unknown) (3/3/2011 5:08:10 PM) (--A-) (44a5965795fd86118922e18124498d43)

 

[+] TCP Connections

 

svchost.exe -> 0.0.0.0:135 -> 0.0.0.0:0 -> LISTENING

N/A -> 0.0.0.0:445 -> 0.0.0.0:0 -> LISTENING

wininit.exe -> 0.0.0.0:1025 -> 0.0.0.0:0 -> LISTENING

svchost.exe -> 0.0.0.0:1026 -> 0.0.0.0:0 -> LISTENING

svchost.exe -> 0.0.0.0:1027 -> 0.0.0.0:0 -> LISTENING

lsass.exe -> 0.0.0.0:1028 -> 0.0.0.0:0 -> LISTENING

services.exe -> 0.0.0.0:1029 -> 0.0.0.0:0 -> LISTENING

AvastSvc.exe -> 117.254.219.179:1105 -> 74.125.236.162:80 -> LAST_ACK

AvastSvc.exe -> 117.254.219.179:1110 -> 68.232.44.119:80 -> LAST_ACK

AvastSvc.exe -> 117.254.219.179:1111 -> 68.232.44.119:80 -> LAST_ACK

AvastSvc.exe -> 117.254.219.179:1127 -> 91.199.212.171:80 -> CLOSE_WAIT

AvastSvc.exe -> 117.254.219.179:1142 -> 74.125.236.171:80 -> LAST_ACK

AvastSvc.exe -> 117.254.219.179:1143 -> 74.125.236.171:80 -> LAST_ACK

AvastSvc.exe -> 117.254.219.179:1166 -> 68.232.44.119:80 -> LAST_ACK

AvastSvc.exe -> 117.254.219.179:1167 -> 68.232.44.119:80 -> LAST_ACK

AvastSvc.exe -> 117.254.219.179:1170 -> 68.232.44.119:80 -> LAST_ACK

AvastSvc.exe -> 117.254.219.179:1172 -> 74.125.236.162:80 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1185 -> 209.85.175.95:80 -> LAST_ACK

AvastSvc.exe -> 117.254.219.179:1225 -> 74.125.236.173:80 -> LAST_ACK

AvastSvc.exe -> 117.254.219.179:1235 -> 74.125.236.185:80 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1241 -> 184.26.207.139:80 -> LAST_ACK

AvastSvc.exe -> 117.254.219.179:1243 -> 58.26.1.27:80 -> LAST_ACK

AvastSvc.exe -> 117.254.219.179:1253 -> 74.125.236.184:80 -> LAST_ACK

AvastSvc.exe -> 117.254.219.179:1258 -> 72.5.58.54:80 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1277 -> 74.125.236.177:80 -> LAST_ACK

AvastSvc.exe -> 117.254.219.179:1278 -> 74.50.120.10:80 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1291 -> 69.171.229.70:80 -> LAST_ACK

AvastSvc.exe -> 117.254.219.179:1294 -> 69.171.229.70:80 -> LAST_ACK

AvastSvc.exe -> 117.254.219.179:1296 -> 74.125.236.184:80 -> LAST_ACK

AvastSvc.exe -> 117.254.219.179:1307 -> 74.50.120.10:80 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1309 -> 74.125.236.184:80 -> LAST_ACK

AvastSvc.exe -> 117.254.219.179:1311 -> 58.26.1.97:80 -> LAST_ACK

AvastUI.exe -> 117.254.219.179:1339 -> 75.126.120.205:80 -> CLOSE_WAIT

AvastUI.exe -> 117.254.219.179:1340 -> 75.126.120.205:80 -> CLOSE_WAIT

AvastUI.exe -> 117.254.219.179:1341 -> 75.126.120.205:80 -> CLOSE_WAIT

AvastUI.exe -> 117.254.219.179:1342 -> 75.126.120.205:80 -> CLOSE_WAIT

AvastSvc.exe -> 117.254.219.179:1347 -> 209.85.175.95:80 -> LAST_ACK

googledrivesync.exe -> 117.254.219.179:1378 -> 74.125.236.162:443 -> CLOSE_WAIT

AvastSvc.exe -> 117.254.219.179:1390 -> 74.125.236.187:80 -> ESTABLISHED

googledrivesync.exe -> 117.254.219.179:1407 -> 74.125.236.162:443 -> CLOSE_WAIT

AvastSvc.exe -> 117.254.219.179:1427 -> 74.125.236.161:80 -> LAST_ACK

AvastSvc.exe -> 117.254.219.179:1433 -> 74.125.236.185:80 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1434 -> 74.125.236.185:80 -> LAST_ACK

AvastSvc.exe -> 117.254.219.179:1443 -> 74.125.236.160:80 -> CLOSE_WAIT

AvastSvc.exe -> 117.254.219.179:1444 -> 74.125.236.160:80 -> LAST_ACK

AvastSvc.exe -> 117.254.219.179:1448 -> 204.152.194.218:80 -> CLOSE_WAIT

AvastSvc.exe -> 117.254.219.179:1453 -> 74.125.236.167:80 -> CLOSE_WAIT

AvastSvc.exe -> 117.254.219.179:1482 -> 209.133.56.106:80 -> LAST_ACK

AvastSvc.exe -> 117.254.219.179:1490 -> 205.234.175.175:80 -> CLOSE_WAIT

AvastSvc.exe -> 117.254.219.179:1491 -> 205.234.175.175:80 -> CLOSE_WAIT

AvastSvc.exe -> 117.254.219.179:1492 -> 205.234.175.175:80 -> CLOSE_WAIT

AvastSvc.exe -> 117.254.219.179:1493 -> 205.234.175.175:80 -> CLOSE_WAIT

AvastSvc.exe -> 117.254.219.179:1500 -> 204.152.194.219:80 -> CLOSE_WAIT

AvastSvc.exe -> 117.254.219.179:1501 -> 204.152.194.219:80 -> CLOSE_WAIT

AvastSvc.exe -> 117.254.219.179:1503 -> 204.152.194.219:80 -> CLOSE_WAIT

AvastSvc.exe -> 117.254.219.179:1504 -> 204.152.194.219:80 -> CLOSE_WAIT

googledrivesync.exe -> 117.254.219.179:1515 -> 74.125.236.162:443 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1532 -> 67.134.211.120:80 -> CLOSE_WAIT

chrome.exe -> 117.254.219.179:1544 -> 74.125.236.167:443 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1549 -> 74.52.28.114:80 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1559 -> 50.23.13.126:80 -> LAST_ACK

googledrivesync.exe -> 117.254.219.179:1565 -> 74.125.236.160:443 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1577 -> 74.125.236.166:80 -> ESTABLISHED

chrome.exe -> 117.254.219.179:1578 -> 209.85.175.125:5222 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1580 -> 74.125.236.168:80 -> ESTABLISHED

googledrivesync.exe -> 117.254.219.179:1581 -> 74.125.236.160:443 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1582 -> 50.23.13.126:80 -> CLOSE_WAIT

googledrivesync.exe -> 117.254.219.179:1583 -> 74.125.236.160:443 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1586 -> 69.171.229.70:80 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1600 -> 69.171.234.21:80 -> ESTABLISHED

chrome.exe -> 117.254.219.179:1603 -> 125.252.234.110:443 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1605 -> 209.133.56.106:80 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1625 -> 203.106.85.58:80 -> ESTABLISHED

googledrivesync.exe -> 117.254.219.179:1626 -> 74.125.236.160:443 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1629 -> 93.184.216.169:80 -> CLOSE_WAIT

AvastSvc.exe -> 117.254.219.179:1630 -> 58.26.1.11:80 -> CLOSE_WAIT

AvastSvc.exe -> 117.254.219.179:1633 -> 93.184.216.169:80 -> CLOSE_WAIT

AvastSvc.exe -> 117.254.219.179:1634 -> 93.184.216.169:80 -> CLOSE_WAIT

AvastSvc.exe -> 117.254.219.179:1672 -> 58.26.1.27:80 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1673 -> 58.26.1.27:80 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1674 -> 58.26.1.27:80 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1676 -> 58.26.1.27:80 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1677 -> 58.26.1.27:80 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1678 -> 58.26.1.27:80 -> ESTABLISHED

googledrivesync.exe -> 117.254.219.179:1713 -> 74.125.236.160:443 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1717 -> 199.16.172.14:80 -> CLOSE_WAIT

chrome.exe -> 117.254.219.179:1718 -> 74.125.236.175:443 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1721 -> 50.23.13.126:80 -> ESTABLISHED

googledrivesync.exe -> 117.254.219.179:1723 -> 74.125.236.160:443 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1727 -> 50.23.13.126:80 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1729 -> 50.23.13.126:80 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1730 -> 50.23.13.126:80 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1731 -> 50.23.13.126:80 -> ESTABLISHED

AvastSvc.exe -> 117.254.219.179:1732 -> 50.23.13.126:80 -> ESTABLISHED

cmdagent.exe -> 127.0.0.1:1126 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1171 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1234 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1236 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1267 -> 127.0.0.1:12080 -> FIN_WAIT_2

chrome.exe -> 127.0.0.1:1284 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1306 -> 127.0.0.1:12080 -> FIN_WAIT_2

chrome.exe -> 127.0.0.1:1323 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1330 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1389 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1431 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1440 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1447 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1452 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1454 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1456 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1486 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1487 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1488 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1489 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1495 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1496 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1498 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1499 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1531 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1548 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1573 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1576 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1579 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1599 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1624 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1627 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1628 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1631 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1632 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1666 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1667 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1668 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1669 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1670 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1671 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1716 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1719 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1720 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1724 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1725 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1726 -> 127.0.0.1:12080 -> ESTABLISHED

chrome.exe -> 127.0.0.1:1728 -> 127.0.0.1:12080 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12025 -> 0.0.0.0:0 -> LISTENING

AvastSvc.exe -> 127.0.0.1:12080 -> 0.0.0.0:0 -> LISTENING

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1126 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1171 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1234 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1236 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1267 -> CLOSE_WAIT

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1284 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1306 -> CLOSE_WAIT

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1323 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1330 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1389 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1431 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1440 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1447 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1452 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1454 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1456 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1486 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1487 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1488 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1489 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1495 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1496 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1498 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1499 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1531 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1548 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1573 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1576 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1579 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1599 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1624 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1627 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1628 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1631 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1632 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1666 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1667 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1668 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1669 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1670 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1671 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1716 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1719 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1720 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1724 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1725 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1726 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12080 -> 127.0.0.1:1728 -> ESTABLISHED

AvastSvc.exe -> 127.0.0.1:12110 -> 0.0.0.0:0 -> LISTENING

AvastSvc.exe -> 127.0.0.1:12119 -> 0.0.0.0:0 -> LISTENING

AvastSvc.exe -> 127.0.0.1:12143 -> 0.0.0.0:0 -> LISTENING

AvastSvc.exe -> 127.0.0.1:12465 -> 0.0.0.0:0 -> LISTENING

AvastSvc.exe -> 127.0.0.1:12563 -> 0.0.0.0:0 -> LISTENING

AvastSvc.exe -> 127.0.0.1:12993 -> 0.0.0.0:0 -> LISTENING

AvastSvc.exe -> 127.0.0.1:12995 -> 0.0.0.0:0 -> LISTENING

AvastSvc.exe -> 127.0.0.1:27275 -> 0.0.0.0:0 -> LISTENING

 

[+] UDP Connections

 

svchost.exe -> 0.0.0.0:500 -> *.*

svchost.exe -> 0.0.0.0:4500 -> *.*

svchost.exe -> 0.0.0.0:5355 -> *.*

svchost.exe -> 117.254.219.179:1900 -> *.*

svchost.exe -> 127.0.0.1:1900 -> *.*

svchost.exe -> 127.0.0.1:63109 -> *.*

 

[+] Hosts file

 

 

[+] Ring3 API Hooks

 

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> NTDLL.DLL->LdrLoadDll -> guard32.dll -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> NTDLL.DLL->LdrUnloadDll -> guard32.dll -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> NTDLL.DLL->NtAlpcSendWaitReceivePort -> guard32.dll -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> NTDLL.DLL->NtClose -> guard32.dll -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> NTDLL.DLL->ZwAlpcSendWaitReceivePort -> guard32.dll -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> NTDLL.DLL->ZwClose -> guard32.dll -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> KERNEL32.DLL->CreateProcessA -> guard32.dll -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> KERNEL32.DLL->CreateProcessAsUserW -> guard32.dll -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> KERNEL32.DLL->CreateProcessW -> guard32.dll -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> ADVAPI32.DLL->CreateProcessAsUserA -> guard32.dll -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> SECHOST.DLL->ChangeServiceConfig2A -> N/A -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> SECHOST.DLL->ChangeServiceConfig2W -> N/A -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> SECHOST.DLL->ChangeServiceConfigA -> N/A -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> SECHOST.DLL->ChangeServiceConfigW -> N/A -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> SECHOST.DLL->CreateServiceA -> N/A -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> SECHOST.DLL->CreateServiceW -> N/A -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> SECHOST.DLL->DeleteService -> N/A -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> SECHOST.DLL->SetServiceObjectSecurity -> N/A -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> GDI32.DLL->CreateDCA -> guard32.dll -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> GDI32.DLL->CreateDCW -> guard32.dll -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> GDI32.DLL->DeleteDC -> guard32.dll -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> GDI32.DLL->GetPixel -> guard32.dll -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> USER32.DLL->SetWinEventHook -> N/A -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> USER32.DLL->SetWindowsHookExA -> N/A -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> USER32.DLL->SetWindowsHookExW -> N/A -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> USER32.DLL->UnhookWinEvent -> N/A -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> USER32.DLL->UnhookWindowsHookEx -> N/A -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> FLTLIB.DLL->FilterConnectCommunicationPort -> guard32.dll -> Inline JMP 0xE9

C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe -> FLTLIB.DLL->FilterSendMessage -> guard32.dll -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> NTDLL.DLL->LdrLoadDll -> guard32.dll -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> NTDLL.DLL->LdrUnloadDll -> guard32.dll -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> NTDLL.DLL->NtAlpcSendWaitReceivePort -> guard32.dll -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> NTDLL.DLL->NtClose -> guard32.dll -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> NTDLL.DLL->ZwAlpcSendWaitReceivePort -> guard32.dll -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> NTDLL.DLL->ZwClose -> guard32.dll -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> KERNEL32.DLL->CreateProcessA -> guard32.dll -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> KERNEL32.DLL->CreateProcessAsUserW -> guard32.dll -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> KERNEL32.DLL->CreateProcessW -> guard32.dll -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> ADVAPI32.DLL->CreateProcessAsUserA -> guard32.dll -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> SECHOST.DLL->ChangeServiceConfig2A -> N/A -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> SECHOST.DLL->ChangeServiceConfig2W -> N/A -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> SECHOST.DLL->ChangeServiceConfigA -> N/A -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> SECHOST.DLL->ChangeServiceConfigW -> N/A -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> SECHOST.DLL->CreateServiceA -> N/A -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> SECHOST.DLL->CreateServiceW -> N/A -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> SECHOST.DLL->DeleteService -> N/A -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> SECHOST.DLL->SetServiceObjectSecurity -> N/A -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> GDI32.DLL->CreateDCA -> guard32.dll -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> GDI32.DLL->CreateDCW -> guard32.dll -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> GDI32.DLL->DeleteDC -> guard32.dll -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> GDI32.DLL->GetPixel -> guard32.dll -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> USER32.DLL->SetWinEventHook -> N/A -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> USER32.DLL->SetWindowsHookExA -> N/A -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> USER32.DLL->SetWindowsHookExW -> N/A -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> USER32.DLL->UnhookWinEvent -> N/A -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> USER32.DLL->UnhookWindowsHookEx -> N/A -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> FLTLIB.DLL->FilterConnectCommunicationPort -> guard32.dll -> Inline JMP 0xE9

C:\Windows\Explorer.EXE -> FLTLIB.DLL->FilterSendMessage -> guard32.dll -> Inline JMP 0xE9

 

[+] Kernel Mode Info

 

[sSDT] NtAddBootEntry -> 0x8FC40DF8 -> 0x84922CDC -> aswSnx.SYS

[sSDT] NtAdjustPrivilegesToken -> 0x8FCCFF26 -> 0x8482CC5D -> cmdguard.sys

[sSDT] NtAllocateVirtualMemory -> 0x90C1CA5A -> 0x8486B37B -> aswSP.SYS

[sSDT] NtAlpcConnectPort -> 0x8FCD0112 -> 0x84872D8D -> cmdguard.sys

[sSDT] NtAssignProcessToJobObject -> 0x8FC4185E -> 0x8481679A -> aswSnx.SYS

[sSDT] NtConnectPort -> 0x8FCCF286 -> 0x84897E03 -> cmdguard.sys

[sSDT] NtCreateEvent -> 0x8FC462E4 -> 0x84880B49 -> aswSnx.SYS

[sSDT] NtCreateEventPair -> 0x8FC46330 -> 0x849289DC -> aswSnx.SYS

[sSDT] NtCreateFile -> 0x8FCCFB8C -> 0x8486A3EE -> cmdguard.sys

[sSDT] NtCreateIoCompletion -> 0x8FC46422 -> 0x84883705 -> aswSnx.SYS

[sSDT] NtCreateMutant -> 0x8FC46252 -> 0x8489E184 -> aswSnx.SYS

[sSDT] NtCreateSection -> 0x8FCCF940 -> 0x84850243 -> cmdguard.sys

[sSDT] NtCreateSemaphore -> 0x8FC4629A -> 0x848A0578 -> aswSnx.SYS

[sSDT] NtCreateSymbolicLinkObject -> 0x8FCD0C8A -> 0x8482E441 -> cmdguard.sys

[sSDT] NtCreateThread -> 0x8FCCEC72 -> 0x848FA186 -> cmdguard.sys

[sSDT] NtCreateThreadEx -> 0x8FCD0340 -> 0x848582B1 -> cmdguard.sys

[sSDT] NtCreateTimer -> 0x8FC463DC -> 0x8481951E -> aswSnx.SYS

[sSDT] NtDeleteBootEntry -> 0x8FC40E44 -> 0x84922D0F -> aswSnx.SYS

[sSDT] NtFreeVirtualMemory -> 0x90C1CB34 -> 0x846D295D -> aswSP.SYS

[sSDT] NtLoadDriver -> 0x8FCD06BC -> 0x847C0295 -> cmdguard.sys

[sSDT] NtMakeTemporaryObject -> 0x8FCCF54E -> 0x8482673C -> cmdguard.sys

[sSDT] NtModifyBootEntry -> 0x8FC40E90 -> 0x84922EE0 -> aswSnx.SYS

[sSDT] NtNotifyChangeKey -> 0x8FC43D1C -> 0x848190BE -> aswSnx.SYS

[sSDT] NtNotifyChangeMultipleKeys -> 0x8FC41B02 -> 0x84818468 -> aswSnx.SYS

[sSDT] NtOpenEvent -> 0x8FC4630E -> 0x848A0AD6 -> aswSnx.SYS

[sSDT] NtOpenEventPair -> 0x8FC46352 -> 0x84928ADD -> aswSnx.SYS

[sSDT] NtOpenFile -> 0x8FCCFD68 -> 0x84899B33 -> cmdguard.sys

[sSDT] NtOpenIoCompletion -> 0x8FC46446 -> 0x848D88C1 -> aswSnx.SYS

[sSDT] NtOpenMutant -> 0x8FC46278 -> 0x8483BAC9 -> aswSnx.SYS

[sSDT] NtOpenSection -> 0x8FCCF7E8 -> 0x8489E729 -> cmdguard.sys

[sSDT] NtOpenSemaphore -> 0x8FC462C2 -> 0x84803459 -> aswSnx.SYS

[sSDT] NtOpenTimer -> 0x8FC46400 -> 0x84928783 -> aswSnx.SYS

[sSDT] NtProtectVirtualMemory -> 0x90C1CCA0 -> 0x8489F1B0 -> aswSP.SYS

[sSDT] NtQueryObject -> 0x8FC419CE -> 0x8482C099 -> aswSnx.SYS

[sSDT] NtSetBootEntryOrder -> 0x8FC40EDC -> 0x849235F3 -> aswSnx.SYS

[sSDT] NtSetBootOptions -> 0x8FC40F28 -> 0x84923ADF -> aswSnx.SYS

[sSDT] NtSetSystemInformation -> 0x8FCD09A8 -> 0x848AA365 -> cmdguard.sys

[sSDT] NtSetSystemPowerState -> 0x8FC40CEA -> 0x84940375 -> aswSnx.SYS

[sSDT] NtShutdownSystem -> 0x8FCCF4B8 -> 0x84920F11 -> cmdguard.sys

[sSDT] NtSystemDebugControl -> 0x8FCCF6D4 -> 0x848286E5 -> cmdguard.sys

[sSDT] NtTerminateProcess -> 0x90C1CD60 -> 0x848810AD -> aswSP.SYS

[sSDT] NtTerminateThread -> 0x8FCCEE76 -> 0x84893E53 -> cmdguard.sys

[sSDT] NtVdmControl -> 0x8FC40F74 -> 0x8491634F -> aswSnx.SYS

[sSDT] NtWriteVirtualMemory -> 0x90C1CBE0 -> 0x848A6B25 -> aswSP.SYS

[RING0] ntkrnlpa.exe -> ObMakeTemporaryObject -> 0x84828342 -> 0x90C2FC8C -> aswSP.SYS

[RING0] ntkrnlpa.exe -> NtCreateProcessEx -> 0x848FA3C8 -> 0x90C32D96 -> aswSP.SYS

 

---

Finish [ 0:8:14 ]

 

Sometimes back I had malwarebytes which sucked my lil computer out of memory, if mbam was running no other thngs could run. I cannot upgrade my computer certainly because of financial problems. Please help me suggest me, that if i am using immunet and i uninstall avast (which is currently my current anti virus) what other things i have to install so that i can have a save computer..

i do chrome, i do facebook and some softwares like video formatting etc thats all.

Share this post


Link to post
Share on other sites

You should see an improvement in system performance if you switched to Immunet over Avast!. Immunet has one of the lightest system footprints compared to other AV packages on the market today. The newest 3.0.6.8523 version can be found here. I would add Comodo's and the other security software's Program Files folders into Immunet's Exclusion List. Also add Immunet's Program Files folder to the other security programs Exclusion or Trusted Files list just to avoid any conflicts there. Add agent.exe and iptray.exe to Comodo's Trusted Files list. These are two processes that Immunet uses and needs internet access. If the ClamAV module (for extra protection & off-line scanning) and Allow Definition Updates is enabled freshclam.exe will also require internet access. If you don't have a rootkit scanner you might want to consider installing one as this function is not included with the free version of Immunet. I use and recommend Kaspersky TDSSKiller.

Share this post


Link to post
Share on other sites

Another way to glean a little more system performance is only allow programs that absolutely need to be startup programs such as Comodo and the other security programs you have installed. Some programs will search for updates automatically on startup such as Google Chrome and Java Updater. It's ok to disable these and just manually check for updates from time to time yourself. The fewer startup programs the faster your system will be, especially on bootup.

Share this post


Link to post
Share on other sites

I've never heard of Hijack Hunter. It looks like it generates a Hijack This log... suspicious. Hiding this post until we can determine if Hijack Hunter is Rouge AV malware or not.

Share this post


Link to post
Share on other sites

Hi RobT, I've never heard of Hijack Hunter either. Since a link to the software was included that just might have been the prudent thing to do to be on the safe side. Other forum users might want to try this software. CNET's download.com has a listing, that's over a year old, for Hijack Hunter. This is what the company displays at it's home page:

 

About Us

The NoVirusThanks project began in June 2008 with the primary objective of creating software and services related to computer and Internet security. We offer various services and software for the security conscious in order to help users defend themselves from Internet threats.

 

One year after the birth of NoVirusThanks we founded the NoVirusThanks Company Srl, with headquarters in Italy, which deals with the development and support of our services and products. NoVirusThanks is a registered trademark of the NoVirusThanks Company Srl.

 

Company Details:

 

CAP. SOC. 10.000,00 EUR

CAP. SOC. i.v. 10.000,00 EUR

REA. 261307 PG

P.IVA/C.F. 03065920542

It appears to be a legitimate company but then again looks can be deceiving!

Share this post


Link to post
Share on other sites

Yes, thanks Ritchie. I've done some investigating and haven't come across anything indicating that they are dangerous so far as a program or as a company (they have had an active twitter feed since 2010 and seemingly legitimate news updates starting around the same time), but I'm currently waiting to hear back from them (I've emailed a few of their listed addresses) since their forum link doesn't lead anywhere which seems suspicious to me. If they can give me a reasonable answer as to why, or an alternate link, I will confident in unhiding this post.

Share this post


Link to post
Share on other sites

Ok, thanks for the info Pedersen, the topic is now visible again.

 

As for your current problem bhakbhosad, I agree with the information Ritchie provided above.

Share this post


Link to post
Share on other sites

btw i want to mention one thing since i remember everything now..

i test new softwares and came to this novirusthanks from a site which is one of the greatest software referrers.

 

this site novirusthanks has many other softwares which came out to be viruses on both mbam and avast.. so i think the link must be deleted from my first post.. hijack hunter was ok, so i kept in on my computer..

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×