Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby decepticon » June 10th, 2012, 2:19 am

dear sir , my pc is much better than before, but still little slow enogh.Sir i couldn't remove the pogram MarketResearch from my pc as i couldnt find it in add or remove/uninstall pograme nor in revo uninstalller.ALSO, i cannot check updates on malwarebytes. as some error causing acess denined..:P..please help me...:P :P :P
decepticon
Regular Member
 
Posts: 22
Joined: May 29th, 2012, 1:57 pm
Advertisement
Register to Remove

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby diver79 » June 10th, 2012, 12:01 pm

Sir i couldn't remove the pogram MarketResearch from my pc as i couldnt find it in add or remove/uninstall pograme nor in revo uninstalller.
OK, thats fine. Oh and you do not need to call me Sir ;)

i cannot check updates on malwarebytes. as some error causing acess denined
OK, try uninstalling Malwarebytes, then reboot the computer and follow the instructions below to install the latest version.

Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware and save to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to:
    Update Malwarebytes' Anti-Malware
    Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform Quick Scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Check all items except items in the C:\System Volume Information folder... and click Remove Selected.
    Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
  • When completed, a log will open in Notepad. Please copy and paste the log back into your next reply
  • The log can also be found here:
    C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
User avatar
diver79
Retired Graduate
 
Posts: 1004
Joined: January 3rd, 2010, 7:03 pm

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby decepticon » June 11th, 2012, 1:35 am

ok FRIEND, i couldn't these steps...



Check all items except items in the C:\System Volume Information folder... and click Remove Selected.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

I POSTED THE LOG WHICH MALWAREBYTES DISPLAYED MY PC RESULTS..

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.10.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
varsha :: VICKY-PC [limited]

Protection: Disabled

11-06-2012 10:47:28
mbam-log-2012-06-11 (10-47-28).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 173666
Time elapsed: 5 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)
decepticon
Regular Member
 
Posts: 22
Joined: May 29th, 2012, 1:57 pm

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby diver79 » June 11th, 2012, 4:30 am

Hi decepticon,

Thats OK, there was nothing found to remove. One last scan with ESET's online scanner to be sure.

ESET Online Scanner:
Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your Avast! Anti-Virus.

Disable Antivirus
  • Right click on the avast icon in the system tray and select avast! shields control.
  • Select the option to disable avast until the computer is restarted.

Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Please go here to run the scan.
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
User avatar
diver79
Retired Graduate
 
Posts: 1004
Joined: January 3rd, 2010, 7:03 pm

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby decepticon » June 11th, 2012, 10:31 am

C:\Users\varsha.VICKY-PC\Downloads\FreeStudio(1).exe Win32/OpenCandy application
C:\Users\varsha.VICKY-PC\Downloads\FreeStudio.exe Win32/OpenCandy application
C:\Users\varsha.VICKY-PC\Downloads\orbitdownloader.exe Win32/OpenCandy application
C:\Users\varsha.VICKY-PC\Downloads\PDFConverterSetup.exe a variant of Win32/InstallCore.R application
decepticon
Regular Member
 
Posts: 22
Joined: May 29th, 2012, 1:57 pm

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby diver79 » June 11th, 2012, 6:12 pm

Hi deception,

Looking good, almost there now.

Run OTL Script
We need to run an OTL Fix
  • Right click on OTL.exe and select Run as Administrator to start the program.
  • Copy and Paste the following code into the Image textbox. Do not include the word Code
    Code: Select all
    :files
    C:\Users\varsha.VICKY-PC\Downloads\FreeStudio(1).exe
    C:\Users\varsha.VICKY-PC\Downloads\FreeStudio.exe
    C:\Users\varsha.VICKY-PC\Downloads\orbitdownloader.exe
    C:\Users\varsha.VICKY-PC\Downloads\PDFConverterSetup.exe
    :commands
    [EMPTYTEMP]
    [CREATERESTOREPOINT]
    
  • Then click the Run Fix button at the top.
  • Click Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.


Farbar Service Scanner
Please download Farbar Service Scanner save the file to your Desktop.
  • Right click on FSS.exe and select Run as Administrator to start the program.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
User avatar
diver79
Retired Graduate
 
Posts: 1004
Joined: January 3rd, 2010, 7:03 pm

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby decepticon » June 12th, 2012, 1:42 am

DEAR friend thank you for all your efforts, but my friend still my pc takes longer time to statup, now when i rebooted my pc for otl.scan..it took longer time to shutdown or restart,i even deleted my temporary files but still my pc is very slow.Moreover whenever i open my account or desktop, since you allowed me to run vcclean to remove my vipre antivirus ,every time i open my desktop it keeps on opening a window that your vipre is completly removed from my pc...Also i want bring u notice that i have some virus which my avast and malwarebytes.. has detected..i havekept that in virus chest box of avast and quarntine box of malwarebytes respectively..so areu able identify those problems..These problems are irritating me ever time.. please help.:O HERE ARE THE LOGS THAT YOU HAVE REQUESTED ....ME TO POST..


All processes killed
========== FILES ==========
C:\Users\varsha.VICKY-PC\Downloads\FreeStudio(1).exe moved successfully.
C:\Users\varsha.VICKY-PC\Downloads\FreeStudio.exe moved successfully.
C:\Users\varsha.VICKY-PC\Downloads\orbitdownloader.exe moved successfully.
C:\Users\varsha.VICKY-PC\Downloads\PDFConverterSetup.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes

User: Public

User: v icky
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 5871781 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Varsha
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: varsha.VICKY-PC
->Temp folder emptied: 32053 bytes
->Temporary Internet Files folder emptied: 5488736 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 61651611 bytes
->Google Chrome cache emptied: 193854119 bytes
->Flash cache emptied: 2334 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 44581874 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 297.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.47.0 log created on 06122012_103700

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
All processes killed
========== FILES ==========
C:\Users\varsha.VICKY-PC\Downloads\FreeStudio(1).exe moved successfully.
C:\Users\varsha.VICKY-PC\Downloads\FreeStudio.exe moved successfully.
C:\Users\varsha.VICKY-PC\Downloads\orbitdownloader.exe moved successfully.
C:\Users\varsha.VICKY-PC\Downloads\PDFConverterSetup.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes

User: Public

User: v icky
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 5871781 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Varsha
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: varsha.VICKY-PC
->Temp folder emptied: 32053 bytes
->Temporary Internet Files folder emptied: 5488736 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 61651611 bytes
->Google Chrome cache emptied: 193854119 bytes
->Flash cache emptied: 2334 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 44581874 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 297.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.47.0 log created on 06122012_103700

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
decepticon
Regular Member
 
Posts: 22
Joined: May 29th, 2012, 1:57 pm

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby diver79 » June 12th, 2012, 9:40 am

Hi deception,

You posted the OTL log twice, can you run Farbar's Service scanner again and post it's log.

Also, please post the malwarebytes log that shows the infection in quarantine. You can find it here C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs\protection-log-yyyy-mm-dd

Next run a scan with AswMBR. We can deal with the other issues later

aswMBR Scan
Please download aswMBR and save it to your Desktop.
  • Right click aswMBR.exe & choose "Run as Administrator" to run it.
  • Click Yes to the prompt to download Avast! virus definitions.
    (Please be patient whilst the virus definitions download)
  • With the AVscan set to Quick Scan, click the Scan button.
    (Please be patient whilst your computer is scanned.)
  • After a while when the scan reports "Scan finished successfully", click Save log & save the log to your desktop.
  • Click OK > Exit.
  • Note: Do not attempt to fix anything at this stage!
  • Two files will be created, aswMBR.txt & a file named MBR.dat.
  • MBR.dat is a backup of the MBR(master boot record), do not delete it..
  • I strongly suggest you keep a copy of this backup stored on an external device.
  • Copy & Paste the contents of aswMBR.txt into your next reply.
User avatar
diver79
Retired Graduate
 
Posts: 1004
Joined: January 3rd, 2010, 7:03 pm

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby decepticon » June 12th, 2012, 10:22 am

Farbar Service Scanner Version: 09-06-2012
Ran by varsha (ATTENTION: The logged in user is not administrator) on 12-06-2012 at 19:38:03
Running from "C:\Users\varsha.VICKY-PC\Desktop"
Windows Vista (TM) Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

Nsi Service is not running. Checking service configuration:
The start type of Nsi service is OK.
The ImagePath of Nsi service is OK.
Checking ServiceDll: ATTENTION!=====> Unable to open Nsi registry key. The service key does not exist.

nsiproxy Service is not running. Checking service configuration:
The start type of nsiproxy service is OK.
The ImagePath of nsiproxy service is OK.

tdx Service is not running. Checking service configuration:
The start type of tdx service is OK.
The ImagePath of tdx service is OK.

afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd service is OK.

Tcpip Service is not running. Checking service configuration:
The start type of Tcpip service is OK.
The ImagePath of Tcpip service is OK.


Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.

winmgmt Service is not running. Checking service configuration:
The start type of winmgmt service is OK.
The ImagePath of winmgmt: "%systemroot%\system32\svchost.exe -k netsvcs".
The ServiceDll of winmgmt service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.

cryptsvc Service is not running. Checking service configuration:
The start type of cryptsvc service is OK.
The ImagePath of cryptsvc service is OK.
The ServiceDll of cryptsvc service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

PlugPlay Service is not running. Checking service configuration:
The start type of PlugPlay service is OK.
The ImagePath of PlugPlay service is OK.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-06-09 20:03] - [2012-03-30 18:09] - 0914304 ____A (Microsoft Corporation) EE7E10BED85C312C1D5D30C435BDDA9F

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-12 19:42:11
-----------------------------
19:42:11.241 OS Version: Windows 6.0.6002 Service Pack 2
19:42:11.241 Number of processors: 2 586 0xF0D
19:42:11.256 ComputerName: VICKY-PC UserName: v icky
19:42:12.536 Initialize success
19:42:12.692 AVAST engine defs: 12061200
19:42:46.403 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:42:46.419 Disk 0 Vendor: SAMSUNG_ CP10 Size: 305245MB BusType: 3
19:42:46.434 Disk 0 MBR read successfully
19:42:46.434 Disk 0 MBR scan
19:42:46.434 Disk 0 unknown MBR code
19:42:46.434 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 295671 MB offset 18
19:42:46.481 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 9572 MB offset 605536256
19:42:46.481 Disk 0 scanning sectors +625139712
19:42:46.528 Disk 0 scanning C:\Windows\system32\drivers
19:42:54.344 Service scanning
19:43:11.816 Modules scanning
19:43:20.411 Disk 0 trace - called modules:
19:43:20.442 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
19:43:20.942 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8707e030]
19:43:20.942 3 CLASSPNP.SYS[8999e8b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86609030]
19:43:22.283 AVAST engine scan C:\Windows
19:43:27.104 AVAST engine scan C:\Windows\system32
19:43:58.179 File: C:\Windows\system32\jureg.exe **INFECTED** Win32:SMSSend-IG [Trj]
19:45:30.240 AVAST engine scan C:\Windows\system32\drivers
19:45:42.517 AVAST engine scan C:\Users\v icky
19:46:54.137 AVAST engine scan C:\ProgramData
19:47:57.762 Scan finished successfully
19:49:48.380 Disk 0 MBR has been saved successfully to "C:\Users\varsha.VICKY-PC\Desktop\MBR.dat"
19:49:48.386 The log file has been saved successfully to "C:\Users\varsha.VICKY-PC\Desktop\aswMBR.txt"
decepticon
Regular Member
 
Posts: 22
Joined: May 29th, 2012, 1:57 pm

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby diver79 » June 12th, 2012, 1:26 pm

Hi deception,

Can you post the log from malwarebytes, you should find it here C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs\protection-log-yyyy-mm-dd

There are lots of services that are not starting correctly, I need to do some research on this, in the meantime please run MBRCheck using the below instructions.

MBRCheck
    Please download MBRCheck.exe and save it to your desktop.
  • Right click on MBRCheck.exe and select Run as Administrator to run it.
  • A window similar to this should open on your desktop:

Image

  • If you are prompted with options, enter N at the prompt and press Enter
  • Press Enter again.
  • A log will open on your Desktop ...... MBRCheck_mm.dd.yy_hh.mm.ss.txt (where mm.dd.yy_hh.mm.ss are the date and time the scan was run)
  • Please post the contents of the log in your next reply.
User avatar
diver79
Retired Graduate
 
Posts: 1004
Joined: January 3rd, 2010, 7:03 pm

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby decepticon » June 14th, 2012, 1:27 am

Ok FRIEND...i tried my best but i couldn't find the log from malwarebytes and also i couldn't find the log from C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs\protection-log-yyyy-mm-dd .

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: ASUSTeK Computer INC.
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: HP-Pavilion
System Product Name: GX737AA-ACJ m9160IN
Logical Drives Mask: 0x000001fc

Kernel Drivers (total 139):
0x83804000 \SystemRoot\system32\ntkrnlpa.exe
0x83BBE000 \SystemRoot\system32\hal.dll
0x80409000 \SystemRoot\system32\kdcom.dll
0x80410000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x80480000 \SystemRoot\system32\PSHED.dll
0x80491000 \SystemRoot\system32\BOOTVID.dll
0x80499000 \SystemRoot\system32\CLFS.SYS
0x804DA000 \SystemRoot\system32\CI.dll
0x80608000 \SystemRoot\system32\drivers\Wdf01000.sys
0x80684000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x80691000 \SystemRoot\system32\drivers\acpi.sys
0x806D7000 \SystemRoot\system32\drivers\WMILIB.SYS
0x806E0000 \SystemRoot\system32\drivers\msisadrv.sys
0x806E8000 \SystemRoot\system32\drivers\pci.sys
0x8070F000 \SystemRoot\System32\drivers\partmgr.sys
0x8071F000 \SystemRoot\system32\drivers\volmgr.sys
0x8072E000 \SystemRoot\System32\drivers\volmgrx.sys
0x80778000 \SystemRoot\System32\drivers\mountmgr.sys
0x83E08000 \SystemRoot\system32\drivers\iastor.sys
0x83ECF000 \SystemRoot\system32\drivers\fltmgr.sys
0x83F01000 \SystemRoot\system32\drivers\fileinfo.sys
0x83F11000 \SystemRoot\System32\Drivers\ksecdd.sys
0x89408000 \SystemRoot\system32\drivers\ndis.sys
0x89513000 \SystemRoot\system32\drivers\msrpc.sys
0x8953E000 \SystemRoot\system32\drivers\NETIO.SYS
0x8960A000 \SystemRoot\System32\drivers\tcpip.sys
0x896F7000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8980E000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8991E000 \SystemRoot\system32\drivers\volsnap.sys
0x89957000 \SystemRoot\System32\Drivers\spldr.sys
0x8995F000 \SystemRoot\System32\Drivers\mup.sys
0x8996E000 \SystemRoot\System32\drivers\ecache.sys
0x89995000 \SystemRoot\system32\drivers\disk.sys
0x899A6000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x899C7000 \SystemRoot\system32\drivers\crcdisk.sys
0x899DD000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x899E8000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x899F1000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x91C03000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x9223A000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x922DA000 \SystemRoot\System32\drivers\watchdog.sys
0x922E6000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x922F1000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x9232F000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x9233E000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x923CB000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
0x923E5000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x89800000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x897D9000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x89579000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x895A8000 \SystemRoot\system32\DRIVERS\storport.sys
0x923F5000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x895E9000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x897F1000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x83F83000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x83FA6000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x83FB5000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x83FC9000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x83FDE000 \SystemRoot\system32\DRIVERS\termdd.sys
0x83FEE000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x80788000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x91C00000 \SystemRoot\system32\DRIVERS\swenum.sys
0x80793000 \SystemRoot\system32\DRIVERS\ks.sys
0x807BD000 \SystemRoot\system32\DRIVERS\circlass.sys
0x89600000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x807CB000 \SystemRoot\system32\DRIVERS\umbus.sys
0x805BA000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x807D8000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x9260E000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x92C0A000 \SystemRoot\system32\drivers\portcls.sys
0x92C37000 \SystemRoot\system32\drivers\drmk.sys
0x92C5C000 \SystemRoot\System32\Drivers\aswSnx.SYS
0x92CF6000 \SystemRoot\System32\DRIVERS\cmdguard.sys
0x92D71000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x92D7A000 \SystemRoot\System32\Drivers\Null.SYS
0x92D81000 \SystemRoot\System32\Drivers\Beep.SYS
0x92DA4000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x92DAB000 \SystemRoot\System32\drivers\vga.sys
0x92DB7000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x92DD8000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x92DE0000 \SystemRoot\system32\drivers\rdpencdd.sys
0x92DE8000 \SystemRoot\System32\Drivers\Msfs.SYS
0x92D88000 \SystemRoot\System32\Drivers\Npfs.SYS
0x92D96000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x807E9000 \SystemRoot\system32\DRIVERS\tdx.sys
0x92DF3000 \SystemRoot\System32\DRIVERS\cmdhlp.sys
0x927EC000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x93609000 \SystemRoot\system32\DRIVERS\smb.sys
0x9361D000 \SystemRoot\System32\DRIVERS\netbt.sys
0x9364F000 \SystemRoot\system32\drivers\afd.sys
0x93697000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x9369E000 \SystemRoot\system32\DRIVERS\pacer.sys
0x936B4000 \SystemRoot\system32\DRIVERS\inspect.sys
0x936CA000 \SystemRoot\system32\DRIVERS\netbios.sys
0x936D8000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x936EB000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x93727000 \SystemRoot\system32\drivers\nsiproxy.sys
0x93731000 \SystemRoot\System32\Drivers\dfsc.sys
0x93748000 \SystemRoot\System32\Drivers\aswSP.SYS
0x9B604000 \SystemRoot\system32\DRIVERS\netr73.sys
0x9B686000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x9B688000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x9B69F000 \SystemRoot\system32\DRIVERS\usbcir.sys
0x9B6B5000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x9B6BE000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x9B6CE000 \SystemRoot\system32\DRIVERS\hidir.sys
0x9B6D9000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x9B6E2000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x9B6EA000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x9B6FC000 \SystemRoot\System32\Drivers\crashdmp.sys
0x9B709000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x9EE90000 \SystemRoot\System32\win32k.sys
0x9B7D0000 \SystemRoot\System32\drivers\Dxapi.sys
0x9B7DA000 \SystemRoot\system32\DRIVERS\monitor.sys
0x9F0B0000 \SystemRoot\System32\TSDDD.dll
0x9F0D0000 \SystemRoot\System32\cdd.dll
0x93799000 \SystemRoot\system32\drivers\luafv.sys
0x937B4000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0x9B7E9000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0x89712000 \SystemRoot\system32\drivers\spsys.sys
0x937E7000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x8100E000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x81038000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x81042000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x81055000 \SystemRoot\system32\DRIVERS\bowser.sys
0x8106E000 \SystemRoot\System32\drivers\mpsdrv.sys
0x81083000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x810A2000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x810DB000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x810F3000 \SystemRoot\system32\drivers\peauth.sys
0x811D1000 \SystemRoot\System32\Drivers\secdrv.SYS
0x811DB000 \SystemRoot\System32\drivers\tcpipreg.sys
0x811E7000 \SystemRoot\system32\drivers\tdtcp.sys
0x811F2000 \SystemRoot\System32\DRIVERS\tssecsrv.sys
0xB5E09000 \SystemRoot\System32\Drivers\RDPWD.SYS
0xB5E3C000 \SystemRoot\system32\DRIVERS\cdfs.sys
0xB5E52000 \??\C:\Windows\system32\drivers\mbam.sys
0xB5E56000 \SystemRoot\system32\drivers\HTTP.sys
0x770B0000 \WINDOWS\System32\ntdll.dll

Processes (total 54):
0 System Idle Process
4 System
552 C:\WINDOWS\System32\smss.exe
620 csrss.exe
660 C:\WINDOWS\System32\wininit.exe
680 csrss.exe
716 C:\WINDOWS\System32\services.exe
732 C:\WINDOWS\System32\lsass.exe
740 C:\WINDOWS\System32\lsm.exe
776 C:\WINDOWS\System32\winlogon.exe
932 C:\WINDOWS\System32\svchost.exe
988 C:\Program Files\Comodo\COMODO GeekBuddy\CLPSLS.exe
1016 C:\WINDOWS\System32\svchost.exe
1080 C:\WINDOWS\System32\svchost.exe
1148 C:\WINDOWS\System32\svchost.exe
1172 C:\WINDOWS\System32\svchost.exe
1200 C:\WINDOWS\System32\svchost.exe
1272 C:\WINDOWS\System32\audiodg.exe
1296 C:\WINDOWS\System32\svchost.exe
1312 C:\WINDOWS\System32\SLsvc.exe
1384 C:\WINDOWS\System32\svchost.exe
1716 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
1784 C:\WINDOWS\System32\svchost.exe
1868 C:\WINDOWS\System32\svchost.exe
1904 C:\WINDOWS\System32\svchost.exe
1924 C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
1976 C:\WINDOWS\System32\svchost.exe
1992 C:\WINDOWS\System32\svchost.exe
124 C:\WINDOWS\System32\SearchIndexer.exe
2284 C:\WINDOWS\explorer.exe
2304 C:\WINDOWS\System32\taskeng.exe
2480 C:\hp\support\hpsysdrv.exe
2580 C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
2604 C:\WINDOWS\System32\hkcmd.exe
2652 C:\WINDOWS\System32\igfxpers.exe
2684 C:\WINDOWS\RtHDVCpl.exe
2692 igfxsrvc.exe
2724 C:\Program Files\AVAST Software\Avast\AvastUI.exe
2768 C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
2780 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
3176 C:\WINDOWS\System32\svchost.exe
2616 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
836 C:\WINDOWS\System32\svchost.exe
3420 C:\Program Files\Comodo\Dragon\dragon.exe
964 C:\Program Files\Comodo\Dragon\dragon.exe
3848 C:\Program Files\Comodo\Dragon\dragon.exe
2220 C:\Program Files\Comodo\Dragon\dragon.exe
1532 C:\Program Files\Comodo\Dragon\dragon.exe
3468 C:\Program Files\Comodo\Dragon\dragon.exe
3800 C:\WINDOWS\System32\SearchProtocolHost.exe
1188 C:\WINDOWS\System32\SearchFilterHost.exe
1568 dllhost.exe
3424 dllhost.exe
888 C:\Users\varsha.VICKY-PC\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00002400 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000048`2f800000 (NTFS)

PhysicalDrive0 Model Number: SAMSUNGHD320KJ, Rev: CP100-13

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: CEFD837A02A1F4445A136688B10013AE4399C2CF


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
decepticon
Regular Member
 
Posts: 22
Joined: May 29th, 2012, 1:57 pm

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby diver79 » June 15th, 2012, 12:13 pm

Hi deception,

Try this to get the mbam log.

Go to Start > All Programs > Accessories > Run
Copy/Paste the following line into the Open field and press Enter
Code: Select all
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs\
If there are any logs here please post the most recent one.

I need to get a scan of some of the services that are failing, please run the custom scan below.

OTL Custom Scan
  • Right click on OTL.exe and select Run as Administrator to start the program.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Under Custom Scans/Fixes copy/paste the contents of the code box below.
    Code: Select all
    C:\system32\nsisvc.dll /md5  /s
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\nsi\ /s
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\ /s
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.


I'd like to get a second opinion on the file that aswMBR identified, please follow the instructions below.

Online Antivirus file scan
Upload file(s) to VirusTotal (VT) for an online scan. Click here.
  • Click on the Browse button or the white box beside it. A File Upload prompt will open.
  • Copy and paste the following file and its path to upload:
    Code: Select all
    C:\Windows\system32\jureg.exe
  • Press Open, then Send file. The file will be uploaded for testing.
  • If there is any indication or prompt that the file has been scanned before, please proceed to have the file rescanned or reanalyzed.
  • Please wait for all the scanners to finish, then copy and paste the result into Notepad and save it to a convenient place.
  • Post the results in your next response.

Alternatively, if VirusTotal is busy or inaccessible, you may try Jotti or VirScan (VS) with similar steps.

A result from either one of the above scanners would be sufficient.
User avatar
diver79
Retired Graduate
 
Posts: 1004
Joined: January 3rd, 2010, 7:03 pm

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby decepticon » June 15th, 2012, 1:21 pm

2012/06/15 09:50:56 +0530 VICKY-PC varsha MESSAGE Starting protection
2012/06/15 09:50:59 +0530 VICKY-PC varsha MESSAGE Protection started successfully
2012/06/15 09:51:02 +0530 VICKY-PC varsha MESSAGE Starting IP protection
2012/06/15 09:51:05 +0530 VICKY-PC varsha MESSAGE IP Protection started successfully
2012/06/15 13:35:30 +0530 VICKY-PC varsha MESSAGE Starting protection
2012/06/15 13:35:33 +0530 VICKY-PC varsha MESSAGE Protection started successfully
2012/06/15 13:35:36 +0530 VICKY-PC varsha MESSAGE Starting IP protection
2012/06/15 13:35:39 +0530 VICKY-PC varsha MESSAGE IP Protection started successfully
2012/06/15 20:37:20 +0530 VICKY-PC varsha MESSAGE Starting protection
2012/06/15 20:37:23 +0530 VICKY-PC varsha MESSAGE Protection started successfully
2012/06/15 20:37:26 +0530 VICKY-PC varsha MESSAGE Starting IP protection
2012/06/15 20:37:29 +0530 VICKY-PC varsha MESSAGE IP Protection started successfully
2012/06/15 22:10:33 +0530 VICKY-PC varsha MESSAGE Starting protection
2012/06/15 22:10:36 +0530 VICKY-PC varsha MESSAGE Protection started successfully
2012/06/15 22:10:39 +0530 VICKY-PC varsha MESSAGE Starting IP protection
2012/06/15 22:10:41 +0530 VICKY-PC varsha MESSAGE IP Protection started successfully


OTL logfile created on: 15-06-2012 22:16:22 - Run 2
OTL by OldTimer - Version 3.2.47.0 Folder = C:\Users\varsha.VICKY-PC\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy

1.99 Gb Total Physical Memory | 1.04 Gb Available Physical Memory | 52.43% Memory free
4.21 Gb Paging File | 3.19 Gb Available in Paging File | 75.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.74 Gb Total Space | 217.82 Gb Free Space | 75.44% Space Free | Partition Type: NTFS
Drive D: | 9.35 Gb Total Space | 1.08 Gb Free Space | 11.59% Space Free | Partition Type: NTFS

Computer Name: VICKY-PC | User Name: v icky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\varsha.VICKY-PC\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe (Nitro PDF Software)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Comodo\COMODO GeekBuddy\CLPSLS.exe (COMODO)
PRC - C:\Program Files\Comodo\Dragon\dragon.exe (Comodo)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Comodo\Dragon\avcodec-53.dll ()
MOD - C:\Program Files\Comodo\Dragon\avformat-53.dll ()
MOD - C:\Program Files\Comodo\Dragon\avutil-51.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\WINDOWS\System32\igfxTMM.dll ()


========== Win32 Services (SafeList) ==========

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (NitroReaderDriverReadSpool2) -- C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe (Nitro PDF Software)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (CLPSLS) -- C:\Program Files\Comodo\COMODO GeekBuddy\CLPSLS.exe (COMODO)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (HPBtnSrv) -- c:\hp\HPEZBTN\HPBtnSrv.exe ()


========== Driver Services (SafeList) ==========

DRV - (SymIMMP) -- system32\DRIVERS\SymIM.sys File not found
DRV - (SymIM) -- system32\DRIVERS\SymIM.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (MpKslcf484463) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BA1D8727-CB34-47BC-8A93-15D4F388E33A}\MpKslcf484463.sys File not found
DRV - (MpKslc7a88b2a) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{802394EE-6FD5-4316-8E8C-7D48154A9AAF}\MpKslc7a88b2a.sys File not found
DRV - (MpKslc1ecceca) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6A6C552F-7BFC-492F-A36B-1B5F423C3302}\MpKslc1ecceca.sys File not found
DRV - (MpKsl8477fcea) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F36C60A2-C5AF-4108-929E-2395F247DEDD}\MpKsl8477fcea.sys File not found
DRV - (MpKsl7f875fed) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{802394EE-6FD5-4316-8E8C-7D48154A9AAF}\MpKsl7f875fed.sys File not found
DRV - (MpKsl5e44e26c) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BA1D8727-CB34-47BC-8A93-15D4F388E33A}\MpKsl5e44e26c.sys File not found
DRV - (MpKsl45ab98d9) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F36C60A2-C5AF-4108-929E-2395F247DEDD}\MpKsl45ab98d9.sys File not found
DRV - (MpKsl383d5f34) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{802394EE-6FD5-4316-8E8C-7D48154A9AAF}\MpKsl383d5f34.sys File not found
DRV - (MpKsl355c8a55) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D6D0DB9B-9266-4528-AF1D-712F6EEF85DA}\MpKsl355c8a55.sys File not found
DRV - (MpKsl140d154b) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BA1D8727-CB34-47BC-8A93-15D4F388E33A}\MpKsl140d154b.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (AVGIDSShim) -- system32\DRIVERS\avgidsshimx.sys File not found
DRV - (AVGIDSHX) -- system32\DRIVERS\avgidshx.sys File not found
DRV - (MBAMProtector) -- C:\WINDOWS\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (inspect) -- C:\WINDOWS\System32\drivers\inspect.sys (COMODO)
DRV - (cmdHlp) -- C:\WINDOWS\System32\drivers\cmdhlp.sys (COMODO)
DRV - (cmdGuard) -- C:\WINDOWS\System32\drivers\cmdGuard.sys (COMODO)
DRV - (sbwtis) -- C:\WINDOWS\System32\drivers\sbwtis.sys (GFI Software)
DRV - (netr73) -- C:\WINDOWS\System32\drivers\netr73.sys (Ralink Technology, Corp.)
DRV - (RTL8169) -- C:\WINDOWS\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (bcm4sbxp) -- C:\WINDOWS\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (Ps2) -- C:\WINDOWS\System32\drivers\PS2.sys (Hewlett-Packard Company)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2011-12-18 12:17:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-06-05 20:58:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-06-03 16:11:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012-05-27 12:15:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\v icky\AppData\Roaming\mozilla\Extensions
[2012-06-08 23:15:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\v icky\AppData\Roaming\mozilla\Firefox\Profiles\8yw39bvl.default\extensions
[2011-12-11 22:39:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-06-03 16:11:21 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-06-06 09:12:06 | 000,003,766 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012-06-03 16:11:17 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012-03-13 17:24:54 | 000,002,511 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012-06-03 16:11:17 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\v icky\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\v icky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\v icky\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\v icky\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\
CHR - Extension: avast! WebRep = C:\Users\v icky\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Gmail = C:\Users\v icky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2011-12-22 23:12:37 | 000,000,755 | --S- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{245E6FCB-7E4C-4A66-BACF-BFC8178B4820}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58841B97-BB84-436F-A8E8-15F1E8F1AF92}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58841B97-BB84-436F-A8E8-15F1E8F1AF92}: NameServer = 8.26.56.26,156.154.70.22
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\v icky\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\v icky\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-08-10 17:05:27 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012-06-14 10:49:29 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012-06-14 10:49:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012-06-14 10:49:26 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012-06-14 10:49:25 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012-06-14 10:49:23 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012-06-14 10:49:22 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012-06-14 10:49:18 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012-06-13 23:40:56 | 002,045,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012-06-10 22:18:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-06-10 22:18:49 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012-06-10 22:04:33 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012-06-10 16:39:01 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2012-06-10 16:38:59 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012-06-10 16:38:59 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012-06-10 16:38:58 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012-06-10 16:38:58 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012-06-10 16:38:57 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012-06-09 22:17:57 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012-06-09 22:17:57 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012-06-09 22:17:57 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012-06-09 22:17:57 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012-06-09 22:17:57 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012-06-09 22:17:57 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012-06-09 22:17:56 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012-06-09 22:17:56 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012-06-09 22:17:56 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012-06-09 22:17:56 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012-06-09 22:17:56 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012-06-09 22:17:56 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012-06-09 22:17:56 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012-06-09 22:17:56 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012-06-09 22:17:56 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012-06-09 22:17:56 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012-06-09 22:17:56 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012-06-09 22:17:55 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012-06-09 22:17:55 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012-06-09 22:17:55 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012-06-09 22:17:55 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012-06-09 22:17:55 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012-06-09 22:17:55 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012-06-09 22:17:55 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012-06-09 22:17:54 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012-06-09 22:17:54 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012-06-09 22:17:53 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012-06-09 22:17:53 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012-06-09 22:17:53 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012-06-09 22:17:53 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012-06-09 21:15:59 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2012-06-09 20:51:51 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2012-06-09 20:50:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2012-06-09 20:38:40 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2012-06-09 20:38:37 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2012-06-09 20:38:37 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2012-06-09 20:37:43 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2012-06-09 20:37:35 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2012-06-09 20:37:35 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2012-06-09 20:37:35 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2012-06-09 20:37:35 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2012-06-09 20:37:34 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2012-06-09 20:36:50 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2012-06-09 20:36:50 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2012-06-09 20:36:41 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2012-06-09 20:36:34 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtpUS.dll
[2012-06-09 20:36:34 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdConns.dll
[2012-06-09 20:36:33 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2012-06-09 20:36:33 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtp.dll
[2012-06-09 20:36:32 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2012-06-09 20:36:32 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2012-06-09 20:36:32 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2012-06-09 20:36:32 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2012-06-09 20:36:32 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2012-06-09 20:03:55 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2012-06-09 20:03:54 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012-06-09 20:03:54 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2012-06-09 20:03:53 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2012-06-09 20:03:53 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2012-06-09 20:03:53 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2012-06-09 20:03:26 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2012-06-09 20:03:25 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2012-06-09 20:03:25 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012-06-09 20:03:24 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2012-06-09 20:03:23 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2012-06-09 20:03:23 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2012-06-09 20:03:22 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012-06-09 20:03:22 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2012-06-09 20:03:22 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012-06-09 20:03:21 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2012-06-09 20:03:14 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2012-06-09 20:03:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2012-06-09 20:02:13 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2012-06-09 20:02:13 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2012-06-09 20:01:41 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012-06-09 20:01:40 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012-06-09 20:01:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012-06-09 20:01:27 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2012-06-09 20:01:26 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2012-06-09 20:01:26 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2012-06-09 20:01:26 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2012-06-09 20:01:25 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012-06-09 20:01:23 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012-06-09 20:01:02 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012-06-09 20:01:01 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012-06-09 20:00:57 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2012-06-09 20:00:56 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012-06-09 20:00:54 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2012-06-09 20:00:53 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012-06-09 20:00:52 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012-06-09 13:18:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2012-06-09 13:18:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2012-06-09 13:18:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2012-06-09 13:01:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012-06-08 13:48:13 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-06-05 23:12:08 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Local\PackageAware
[2012-06-05 20:32:26 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Local\Comodo
[2012-06-05 17:25:15 | 000,000,000 | ---D | C] -- C:\ProgramData\F381
[2012-06-04 15:29:37 | 000,000,000 | ---D | C] -- C:\Users\v icky\Documents\GTA San Andreas User Files
[2012-06-03 16:11:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012-06-03 16:11:26 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012-06-02 18:21:55 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\ProgSense
[2012-06-02 18:07:17 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService
[2012-06-01 23:48:36 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\Nitro PDF
[2012-06-01 23:48:21 | 000,027,152 | ---- | C] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalmon2.dll
[2012-06-01 23:48:21 | 000,018,448 | ---- | C] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalui2.dll
[2012-06-01 23:48:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro PDF
[2012-06-01 23:48:05 | 000,000,000 | ---D | C] -- C:\Program Files\Nitro PDF
[2012-06-01 23:48:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro PDF
[2012-06-01 23:44:04 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\OpenCandy
[2012-06-01 23:41:45 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\DVDVideoSoftIEHelpers
[2012-06-01 23:41:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012-06-01 23:41:22 | 002,557,952 | ---- | C] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Windows\System32\QtCore4.dll
[2012-06-01 23:41:22 | 000,405,176 | ---- | C] (Newtonsoft) -- C:\Windows\System32\Newtonsoft.Json.Net20.dll
[2012-06-01 23:39:19 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\GrabPro
[2012-06-01 23:39:19 | 000,000,000 | ---D | C] -- C:\downloads
[2012-06-01 23:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orbit
[2012-06-01 23:39:06 | 000,000,000 | ---D | C] -- C:\Program Files\Orbitdownloader
[2012-06-01 23:38:42 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\Orbit
[2012-06-01 23:37:46 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2012-06-01 23:37:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2012-06-01 23:36:51 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\DVDVideoSoft
[2012-05-28 11:26:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012-05-28 11:26:02 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-05-27 12:15:53 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012-05-27 12:15:11 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\Mozilla
[2012-05-27 12:15:11 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Local\Mozilla
[2012-05-25 23:53:43 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2012-05-25 23:53:39 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2012-05-25 23:53:34 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2012-05-25 23:53:34 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2012-05-25 23:53:31 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2012-05-25 23:53:27 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2012-05-25 23:53:24 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2012-05-25 23:53:22 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2012-05-25 23:53:20 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2012-05-25 23:53:18 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2012-05-25 23:53:14 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2012-05-25 23:53:12 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2012-05-25 23:53:12 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2012-05-25 23:53:09 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2012-05-25 23:53:07 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2012-05-25 23:53:05 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2012-05-25 23:53:05 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2012-05-25 23:53:04 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2012-05-25 23:53:02 | 000,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2012-05-25 23:53:02 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2012-05-25 23:52:57 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2012-05-25 23:52:55 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL
[2012-05-25 23:52:55 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2012-05-25 23:52:55 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2012-05-25 23:52:54 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2012-05-25 23:52:52 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2012-05-25 23:52:50 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2012-05-25 23:52:50 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2012-05-25 23:52:49 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
[2012-05-25 23:52:48 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2012-05-25 23:52:47 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2012-05-25 23:52:43 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2012-05-25 23:52:39 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2012-05-25 23:52:39 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
[2012-05-25 23:52:38 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2012-05-25 23:52:38 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2012-05-25 23:52:36 | 000,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2012-05-25 23:52:36 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2012-05-25 23:52:35 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2012-05-25 23:52:34 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2012-05-25 23:52:34 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2012-05-25 23:52:33 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2012-05-25 23:52:32 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2012-05-25 23:52:31 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2012-05-25 23:52:28 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2012-05-25 23:52:28 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2012-05-25 23:52:27 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2012-05-25 23:52:26 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2012-05-25 23:52:23 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2012-05-25 23:52:23 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2012-05-25 23:52:23 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll
[2012-05-25 23:52:23 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2012-05-25 23:52:20 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2012-05-25 23:52:19 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2012-05-25 23:52:18 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2012-05-25 23:52:18 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2012-05-25 23:52:18 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2012-05-25 23:52:11 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2012-05-25 23:52:11 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2012-05-25 23:52:10 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2012-05-25 23:52:09 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2012-05-25 23:52:08 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2012-05-25 23:52:06 | 001,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll
[2012-05-25 23:52:05 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2012-05-25 23:52:04 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2012-05-25 23:52:04 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2012-05-25 23:52:03 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2012-05-25 23:52:03 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2012-05-25 23:52:03 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2012-05-25 23:52:02 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012-05-25 23:51:59 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2012-05-25 23:51:59 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2012-05-25 23:51:57 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2012-05-25 23:51:56 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2012-05-25 23:51:56 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll
[2012-05-25 23:51:55 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2012-05-25 23:51:54 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2012-05-25 23:51:54 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2012-05-25 23:51:51 | 000,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2012-05-25 23:51:49 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2012-05-25 23:51:49 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2012-05-25 23:51:47 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
[2012-05-25 23:51:46 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2012-05-25 23:51:45 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll
[2012-05-25 23:51:44 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2012-05-25 23:51:40 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2012-05-25 23:51:39 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2012-05-25 23:51:39 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2012-05-25 23:51:38 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2012-05-25 23:51:36 | 000,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2012-05-25 23:51:36 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2012-05-25 23:51:32 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2012-05-25 23:51:31 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2012-05-25 23:51:31 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2012-05-25 23:51:28 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2012-05-25 23:51:25 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2012-05-25 23:51:24 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2012-05-25 23:51:24 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2012-05-25 23:51:24 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2012-05-25 23:51:23 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2012-05-25 23:51:22 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2012-05-25 23:51:21 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2012-05-25 23:51:20 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2012-05-25 23:51:19 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2012-05-25 23:51:19 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2012-05-25 23:51:18 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2012-05-25 23:51:18 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2012-05-25 23:51:18 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2012-05-25 23:51:17 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2012-05-25 23:51:16 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2012-05-25 23:51:16 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2012-05-25 23:51:13 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll
[2012-05-25 23:51:13 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2012-05-25 23:51:13 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2012-05-25 23:51:13 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll
[2012-05-25 23:51:12 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2012-05-25 23:51:12 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2012-05-25 23:51:10 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2012-05-25 23:51:10 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2012-05-25 23:51:09 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2012-05-25 23:51:08 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2012-05-25 23:51:08 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2012-05-25 23:51:07 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2012-05-25 23:51:07 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2012-05-25 23:51:07 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2012-05-25 23:51:05 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2012-05-25 23:51:05 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2012-05-25 23:51:05 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2012-05-25 23:51:04 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2012-05-25 23:51:02 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2012-05-25 23:51:01 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2012-05-25 23:51:01 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2012-05-25 23:50:57 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2012-05-25 23:50:56 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2012-05-25 23:50:56 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2012-05-25 23:50:56 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2012-05-25 23:50:55 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2012-05-25 23:50:55 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2012-05-25 23:50:54 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2012-05-25 23:50:53 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2012-05-25 23:50:53 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2012-05-25 23:50:51 | 000,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2012-05-25 23:50:51 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2012-05-25 23:50:50 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2012-05-25 23:50:50 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2012-05-25 23:50:49 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2012-05-25 23:50:48 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2012-05-25 23:50:47 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2012-05-25 23:50:46 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2012-05-25 23:50:44 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2012-05-25 23:50:43 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2012-05-25 23:50:43 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012-05-25 23:50:42 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2012-05-25 23:50:42 | 000,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2012-05-25 23:50:41 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2012-05-25 23:50:41 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2012-05-25 23:50:41 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2012-05-25 23:50:40 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2012-05-25 23:50:38 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2012-05-25 23:50:37 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2012-05-25 23:50:36 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2012-05-25 23:50:34 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2012-05-25 23:50:34 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2012-05-25 23:50:34 | 000,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2012-05-25 23:50:33 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2012-05-25 23:50:33 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2012-05-25 23:50:32 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2012-05-25 23:50:32 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2012-05-25 23:50:29 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2012-05-25 23:50:29 | 000,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2012-05-25 23:50:29 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
[2012-05-25 23:50:27 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2012-05-25 23:50:26 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2012-05-25 23:50:26 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2012-05-25 23:50:24 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2012-05-25 23:50:24 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2012-05-25 23:50:23 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2012-05-25 23:50:22 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2012-05-25 23:50:21 | 000,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2012-05-25 23:50:21 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2012-05-25 23:50:21 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2012-05-25 23:50:21 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2012-05-25 23:50:21 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2012-05-25 23:50:20 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2012-05-25 23:50:20 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2012-05-25 23:50:20 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2012-05-25 23:50:19 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2012-05-25 23:50:18 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2012-05-25 23:50:17 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2012-05-25 23:50:16 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2012-05-25 23:50:15 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2012-05-25 23:50:15 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2012-05-25 23:50:15 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2012-05-25 23:50:14 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2012-05-25 23:50:14 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2012-05-25 23:50:13 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2012-05-25 23:50:13 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2012-05-25 23:50:13 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2012-05-25 23:50:13 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2012-05-25 23:50:12 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2012-05-25 23:50:11 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2012-05-25 23:50:11 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2012-05-25 23:50:10 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2012-05-25 23:50:10 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2012-05-25 23:50:09 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2012-05-25 23:50:09 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2012-05-25 23:50:07 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2012-05-25 23:50:07 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2012-05-25 23:50:04 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2012-05-25 23:50:04 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2012-05-25 23:50:03 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2012-05-25 23:50:03 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2012-05-25 23:50:00 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2012-05-25 23:49:58 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2012-05-25 23:49:58 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2012-05-25 23:49:58 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2012-05-25 23:49:56 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2012-05-25 23:49:56 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2012-05-25 23:49:55 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2012-05-25 23:49:55 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2012-05-25 23:49:55 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2012-05-25 23:49:54 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2012-05-25 23:49:54 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2012-05-25 23:49:53 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2012-05-25 23:49:52 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2012-05-25 23:49:52 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2012-05-25 23:49:51 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2012-05-25 23:49:50 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
[2012-05-25 23:49:49 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2012-05-25 23:49:49 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2012-05-25 23:49:48 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2012-05-25 23:49:48 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2012-05-25 23:49:48 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2012-05-25 23:49:46 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2012-05-25 23:49:46 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2012-05-25 23:49:46 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2012-05-25 23:49:45 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2012-05-25 23:49:45 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2012-05-25 23:49:44 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2012-05-25 23:49:44 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2012-05-25 23:49:43 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2012-05-25 23:49:42 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2012-05-25 23:49:42 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2012-05-25 23:49:42 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2012-05-25 23:49:42 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2012-05-25 23:49:41 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2012-05-25 23:49:41 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2012-05-25 23:49:40 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2012-05-25 23:49:40 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2012-05-25 23:49:40 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2012-05-25 23:49:39 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2012-05-25 23:49:39 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2012-05-25 23:49:39 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2012-05-25 23:49:39 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2012-05-25 23:49:38 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2012-05-25 23:49:37 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2012-05-25 23:49:37 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2012-05-25 23:49:37 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2012-05-25 23:49:36 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
[2012-05-25 23:49:35 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2012-05-25 23:49:35 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2012-05-25 23:49:35 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2012-05-25 23:49:35 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2012-05-25 23:49:35 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2012-05-25 23:49:34 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2012-05-25 23:49:34 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2012-05-25 23:49:34 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2012-05-25 23:49:33 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2012-05-25 23:49:33 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012-05-25 23:49:33 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2012-05-25 23:49:32 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
[2012-05-25 23:49:31 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2012-05-25 23:49:30 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2012-05-25 23:49:30 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2012-05-25 23:49:29 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2012-05-25 23:49:29 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2012-05-25 23:49:29 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2012-05-25 23:49:28 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2012-05-25 23:49:27 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2012-05-25 23:49:26 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2012-05-25 23:49:26 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2012-05-25 23:49:25 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2012-05-25 23:49:25 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2012-05-25 23:49:24 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2012-05-25 23:49:24 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2012-05-25 23:49:23 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2012-05-25 23:49:22 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2012-05-25 23:49:22 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012-05-25 23:49:22 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2012-05-25 23:49:20 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2012-05-25 23:49:19 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2012-05-25 23:49:18 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2012-05-25 23:49:17 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2012-05-25 23:49:17 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2012-05-25 23:49:17 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2012-05-25 23:49:16 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2012-05-25 23:49:16 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2012-05-25 23:49:16 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2012-05-25 23:49:16 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2012-05-25 23:49:16 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2012-05-25 23:49:15 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2012-05-25 23:49:14 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2012-05-25 23:49:14 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2012-05-25 23:49:12 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2012-05-25 23:49:12 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2012-05-25 23:49:11 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2012-05-25 23:49:10 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2012-05-25 23:49:09 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2012-05-25 23:49:09 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2012-05-25 23:49:08 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2012-05-25 23:49:07 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2012-05-25 23:49:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2012-05-25 23:49:06 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2012-05-25 23:49:05 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2012-05-25 23:49:04 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2012-05-25 23:49:03 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2012-05-25 23:49:03 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2012-05-25 23:49:02 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2012-05-25 23:49:02 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2012-05-25 23:49:02 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
[2012-05-25 23:49:01 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2012-05-25 23:49:01 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2012-05-25 23:49:00 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2012-05-25 23:48:59 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2012-05-25 23:48:59 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2012-05-25 23:48:59 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2012-05-25 23:48:58 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2012-05-25 23:48:58 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2012-05-25 23:48:58 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2012-05-25 23:48:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2012-05-25 23:48:57 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2012-05-25 23:48:56 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2012-05-25 23:48:56 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
[2012-05-25 23:48:55 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2012-05-25 23:48:55 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2012-05-25 23:48:55 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2012-05-25 23:48:53 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2012-05-25 23:48:53 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2012-05-25 23:48:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2012-05-25 23:48:52 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2012-05-25 23:48:52 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2012-05-25 23:48:52 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
[2012-05-25 23:48:50 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2012-05-25 23:48:48 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2012-05-25 23:48:44 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2012-05-25 23:48:44 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2012-05-25 23:48:43 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2012-05-25 23:48:42 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2012-05-25 23:48:42 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2012-05-25 23:48:39 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2012-05-25 23:48:39 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2012-05-25 23:48:39 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2012-05-25 23:48:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2012-05-25 23:48:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2012-05-25 23:48:38 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2012-05-25 23:48:32 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2012-05-25 23:48:31 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2012-05-25 23:48:29 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2012-05-25 23:48:27 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2012-05-25 23:48:26 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2012-05-25 23:47:51 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2012-05-25 23:47:47 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2012-05-25 23:47:47 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2012-05-25 23:47:36 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2012-05-25 16:34:30 | 000,000,000 | ---D | C] -- C:\Cricket 2008
[2012-05-25 16:22:29 | 000,000,000 | ---D | C] -- C:\Users\v icky\Documents\EA SPORTS(TM) Cricket 07
[2012-05-25 16:20:04 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Local\Adobe
[2012-05-25 16:19:41 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\A² Studios' ICC Cricket World Cup 2011 Patch
[2012-05-25 16:12:50 | 000,000,000 | ---D | C] -- C:\Cricket 2011
[2012-05-18 12:23:58 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2012-05-17 09:40:30 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\Macromedia
[2012-05-17 08:32:53 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\Adobe
[2012-05-17 08:26:59 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Local\Google
[2012-05-17 08:06:09 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\Malwarebytes
[2012-05-17 08:04:31 | 000,000,000 | ---D | C] -- C:\Users\v icky\Desktop\varsha_2
[2012-05-17 07:48:06 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\vlc
[2012-05-17 07:47:27 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\Apple Computer
[2012-05-17 07:46:51 | 000,000,000 | R--D | C] -- C:\Users\v icky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012-05-17 07:46:51 | 000,000,000 | R--D | C] -- C:\Users\v icky\Searches
[2012-05-17 07:46:51 | 000,000,000 | R--D | C] -- C:\Users\v icky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012-05-17 07:46:42 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\Identities
[2012-05-17 07:46:40 | 000,000,000 | R--D | C] -- C:\Users\v icky\Contacts
[2012-05-17 07:46:39 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Local\VirtualStore
[2012-05-17 07:46:18 | 000,000,000 | --SD | C] -- C:\Users\v icky\AppData\Roaming\Microsoft
[2012-05-17 07:46:18 | 000,000,000 | R--D | C] -- C:\Users\v icky\Videos
[2012-05-17 07:46:18 | 000,000,000 | R--D | C] -- C:\Users\v icky\Saved Games
[2012-05-17 07:46:18 | 000,000,000 | R--D | C] -- C:\Users\v icky\Pictures
[2012-05-17 07:46:18 | 000,000,000 | R--D | C] -- C:\Users\v icky\Music
[2012-05-17 07:46:18 | 000,000,000 | R--D | C] -- C:\Users\v icky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012-05-17 07:46:18 | 000,000,000 | R--D | C] -- C:\Users\v icky\Links
[2012-05-17 07:46:18 | 000,000,000 | R--D | C] -- C:\Users\v icky\Favorites
[2012-05-17 07:46:18 | 000,000,000 | R--D | C] -- C:\Users\v icky\Downloads
[2012-05-17 07:46:18 | 000,000,000 | R--D | C] -- C:\Users\v icky\Documents
[2012-05-17 07:46:18 | 000,000,000 | R--D | C] -- C:\Users\v icky\Desktop
[2012-05-17 07:46:18 | 000,000,000 | R--D | C] -- C:\Users\v icky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\AppData\Local\Temporary Internet Files
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\Templates
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\Start Menu
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\SendTo
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\Recent
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\PrintHood
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\NetHood
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\Documents\My Videos
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\Documents\My Pictures
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\Documents\My Music
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\My Documents
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\Local Settings
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\AppData\Local\History
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\Cookies
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\Application Data
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\AppData\Local\Application Data
[2012-05-17 07:46:18 | 000,000,000 | -H-D | C] -- C:\Users\v icky\AppData
[2012-05-17 07:46:18 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Local\Temp
[2012-05-17 07:46:18 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Local\Microsoft Help
[2012-05-17 07:46:18 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Local\Microsoft
[2012-05-17 07:46:18 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\Media Center Programs
[2012-05-17 07:46:18 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\IObit
[2012-05-17 07:32:47 | 000,000,000 | ---D | C] -- C:\ProgramData\2FC8

========== Files - Modified Within 30 Days ==========

[2012-06-15 22:11:51 | 000,608,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-06-15 22:11:51 | 000,108,268 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-06-15 22:07:24 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-06-15 22:07:11 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-06-15 22:07:11 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-06-15 22:07:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-06-15 20:58:02 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-06-15 14:37:17 | 000,000,680 | ---- | M] () -- C:\Users\v icky\AppData\Local\d3d9caps.dat
[2012-06-14 11:42:04 | 000,398,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-06-10 22:18:52 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-06-10 22:04:34 | 000,001,059 | ---- | M] () -- C:\Users\v icky\Desktop\Revo Uninstaller.lnk
[2012-06-09 22:18:06 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2012-06-09 22:18:06 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2012-06-09 22:17:57 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012-06-09 22:17:57 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012-06-09 22:17:57 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012-06-09 22:17:57 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012-06-09 22:17:57 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012-06-09 22:17:57 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012-06-09 22:17:56 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012-06-09 22:17:56 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012-06-09 22:17:56 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012-06-09 22:17:56 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012-06-09 22:17:56 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012-06-09 22:17:56 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012-06-09 22:17:56 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012-06-09 22:17:56 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012-06-09 22:17:56 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012-06-09 22:17:56 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012-06-09 22:17:56 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012-06-09 22:17:56 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012-06-09 22:17:55 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012-06-09 22:17:55 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012-06-09 22:17:55 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012-06-09 22:17:55 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012-06-09 22:17:55 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012-06-09 22:17:55 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012-06-09 22:17:55 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012-06-09 22:17:54 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012-06-09 22:17:54 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012-06-09 22:17:53 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012-06-09 22:17:53 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012-06-09 22:17:53 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012-06-09 22:17:53 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012-06-09 21:15:43 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2012-06-09 21:15:37 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2012-06-09 13:18:01 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2012-06-05 20:58:07 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012-06-04 15:07:59 | 000,013,824 | ---- | M] () -- C:\Users\v icky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-06-02 22:47:20 | 000,001,493 | ---- | M] () -- C:\user.js
[2012-06-01 23:48:15 | 000,001,902 | ---- | M] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2012-06-01 23:41:30 | 000,001,034 | ---- | M] () -- C:\Users\v icky\Desktop\DVDVideoSoft Free Studio.lnk
[2012-06-01 23:39:15 | 000,000,874 | ---- | M] () -- C:\Users\v icky\Application Data\Microsoft\Internet Explorer\Quick Launch\Orbit.lnk
[2012-06-01 23:39:15 | 000,000,850 | ---- | M] () -- C:\Users\v icky\Desktop\Orbit.lnk
[2012-05-28 11:34:26 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012-05-28 11:32:30 | 000,004,892 | ---- | M] () -- C:\Users\v icky\Documents\cc_20120528_113223.reg
[2012-05-28 11:26:06 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-05-25 16:48:44 | 000,000,593 | ---- | M] () -- C:\Users\v icky\Desktop\Cricket11.lnk
[2012-05-25 16:48:25 | 000,000,593 | ---- | M] () -- C:\Users\v icky\Desktop\Cricket08.lnk
[2012-05-18 04:15:37 | 001,800,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012-05-18 04:05:39 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012-05-18 04:03:08 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012-05-18 04:01:16 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012-05-18 03:59:45 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012-05-18 03:54:45 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012-05-18 03:50:42 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012-05-17 08:21:33 | 000,009,724 | ---- | M] () -- C:\Users\v icky\Documents\cc_20120517_082129.reg
[2012-05-17 07:46:20 | 000,000,632 | RHS- | M] () -- C:\Users\v icky\ntuser.pol

========== Files Created - No Company Name ==========

[2012-06-15 14:37:17 | 000,000,680 | ---- | C] () -- C:\Users\v icky\AppData\Local\d3d9caps.dat
[2012-06-10 22:18:52 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-06-09 22:17:56 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012-06-09 21:15:43 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2012-06-09 21:15:37 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2012-06-09 13:18:01 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2012-06-08 13:35:58 | 000,002,990 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VClean2.vbs
[2012-06-01 23:48:15 | 000,001,902 | ---- | C] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2012-06-01 23:48:14 | 000,001,872 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 2.lnk
[2012-06-01 23:41:30 | 000,001,034 | ---- | C] () -- C:\Users\v icky\Desktop\DVDVideoSoft Free Studio.lnk
[2012-06-01 23:39:15 | 000,000,874 | ---- | C] () -- C:\Users\v icky\Application Data\Microsoft\Internet Explorer\Quick Launch\Orbit.lnk
[2012-06-01 23:39:15 | 000,000,850 | ---- | C] () -- C:\Users\v icky\Desktop\Orbit.lnk
[2012-05-28 11:32:28 | 000,004,892 | ---- | C] () -- C:\Users\v icky\Documents\cc_20120528_113223.reg
[2012-05-28 11:26:06 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-05-27 12:15:53 | 000,001,059 | ---- | C] () -- C:\Users\v icky\Desktop\Revo Uninstaller.lnk
[2012-05-25 23:52:32 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012-05-25 23:52:27 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2012-05-25 23:52:02 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2012-05-25 23:51:57 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012-05-25 23:51:56 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012-05-25 23:51:50 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2012-05-25 23:51:40 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2012-05-25 23:50:57 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2012-05-25 23:50:51 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2012-05-25 23:48:37 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2012-05-25 23:48:19 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2012-05-25 16:48:25 | 000,000,593 | ---- | C] () -- C:\Users\v icky\Desktop\Cricket11.lnk
[2012-05-25 16:48:25 | 000,000,593 | ---- | C] () -- C:\Users\v icky\Desktop\Cricket08.lnk
[2012-05-17 08:21:31 | 000,009,724 | ---- | C] () -- C:\Users\v icky\Documents\cc_20120517_082129.reg
[2012-05-17 07:51:56 | 000,013,824 | ---- | C] () -- C:\Users\v icky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-05-17 07:46:52 | 000,000,951 | ---- | C] () -- C:\Users\v icky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012-05-17 07:46:50 | 000,000,946 | ---- | C] () -- C:\Users\v icky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012-05-17 07:46:40 | 000,000,917 | ---- | C] () -- C:\Users\v icky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2012-05-17 07:46:20 | 000,000,632 | RHS- | C] () -- C:\Users\v icky\ntuser.pol
[2012-05-17 07:46:18 | 000,001,917 | ---- | C] () -- C:\Users\v icky\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012-05-17 07:46:18 | 000,001,034 | ---- | C] () -- C:\Users\v icky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite Deluxe.lnk
[2012-05-17 07:46:18 | 000,000,258 | ---- | C] () -- C:\Users\v icky\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012-05-17 07:46:18 | 000,000,240 | ---- | C] () -- C:\Users\v icky\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011-12-28 23:04:53 | 000,398,240 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2011-12-18 17:35:36 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2011-12-18 11:58:58 | 000,166,220 | ---- | C] () -- C:\Windows\hpoins28.dat
[2011-12-03 19:55:55 | 000,020,312 | ---- | C] () -- C:\Windows\System32\RegistryDefragBootTime.exe
[2011-12-03 18:26:38 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011-12-01 20:11:06 | 000,074,703 | ---- | C] () -- C:\Windows\System32\mfc45.dll
[2011-11-19 16:41:50 | 000,000,020 | ---- | C] () -- C:\Windows\mafosav.INI

========== Custom Scans ==========

< C:\system32\nsisvc.dll /md5 /s >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\nsi\ /s >
"DisplayName" = @%SystemRoot%\system32\nsisvc.dll,-200
"ImagePath" = %systemroot%\system32\svchost.exe -k LocalService -- [2008-01-19 13:03:32 | 000,021,504 | ---- | M] (Microsoft Corporation)
"Description" = @%SystemRoot%\system32\nsisvc.dll,-201
"ObjectName" = NT Authority\LocalService
"ErrorControl" = 1
"Start" = 2
"Type" = 32
"DependOnService" = nsiproxy [binary data]
"ServiceSidType" = 1
"RequiredPrivileges" = SeCreateGlobalPrivilegeSeImpersonatePrivilege [binary data]
"FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 C0 D4 01 00 01 00 00 00 E0 93 04 00 00 00 00 00 00 00 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\nsi\Parameters]
"ServiceDll" = %systemroot%\system32\nsisvc.dll -- [2008-01-19 13:05:57 | 000,018,432 | ---- | M] (Microsoft Corporation)
"ServiceDllUnloadOnStop" = 1

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\ /s >
"DisplayName" = @%SystemRoot%\system32\bfe.dll,-1001
"Group" = NetworkProvider
"ImagePath" = %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork -- [2008-01-19 13:03:32 | 000,021,504 | ---- | M] (Microsoft Corporation)
"Description" = @%SystemRoot%\system32\bfe.dll,-1002
"ObjectName" = NT AUTHORITY\LocalService
"ErrorControl" = 1
"Start" = 2
"Type" = 32
"DependOnService" = RpcSs [binary data] -- [2009-04-11 11:58:24 | 000,550,400 | ---- | M] (Microsoft Corporation)
"ServiceSidType" = 3
"RequiredPrivileges" = SeAuditPrivilegeSeImpersonatePrivilege [binary data]
"FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 C0 D4 01 00 01 00 00 00 E0 93 04 00 00 00 00 00 00 00 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters]
"ServiceDll" = %SystemRoot%\System32\bfe.dll -- [2009-04-11 11:58:18 | 000,334,848 | ---- | M] (Microsoft Corporation)
"ServiceDllUnloadOnStop" = 1
"ServiceMain" = BfeServiceMain
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter]
"{dc95b53e-01cf-4058-821d-350b3d0d4676}" = [Binary data over 100 bytes]
"{0c41d586-9c19-4e01-9d66-b5b98a97576e}" = [Binary data over 100 bytes]
"{12c38916-82ac-4737-8f38-b6957ffebad6}" = [Binary data over 100 bytes]
"{c970a45d-57f9-4e32-a5bd-886a9662641e}" = [Binary data over 100 bytes]
"{0c3be01b-fe70-4cc4-89dc-c07996b67e6d}" = [Binary data over 100 bytes]
"{074f7f68-ee10-428a-89d1-ba78f6c327ca}" = [Binary data over 100 bytes]
"{c016105c-eb34-4519-a5fd-5f4e4ad4d18e}" = [Binary data over 100 bytes]
"{a47525e2-725b-4888-8af1-ba5a60c04f4d}" = [Binary data over 100 bytes]
"{0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}" = [Binary data over 100 bytes]
"{2dd96961-5757-434f-b617-34e732517c0e}" = [Binary data over 100 bytes]
"{2729ee66-d21e-4f00-b440-b11f9e8b1bc4}" = [Binary data over 100 bytes]
"{a5f7f5de-ff63-4626-bb95-a6b1c6ec65d0}" = [Binary data over 100 bytes]
"{7e07c361-3d1a-4c91-ba62-8553922c464b}" = [Binary data over 100 bytes]
"{a78018b0-7397-45e7-886d-2fc6e7a878cf}" = [Binary data over 100 bytes]
"{0aa8b2a7-d8e6-4574-8b79-5389071e8fa2}" = [Binary data over 100 bytes]
"{790018f5-8e05-4a78-88ac-ebc35a2e5ee5}" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Callout]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter]
"{dc95b53e-01cf-4058-821d-350b3d0d4676}" = [Binary data over 100 bytes]
"{f444c576-6e60-4ea2-9faa-80d57ed12cd2}" = [Binary data over 100 bytes]
"{0c41d586-9c19-4e01-9d66-b5b98a97576e}" = [Binary data over 100 bytes]
"{12c38916-82ac-4737-8f38-b6957ffebad6}" = [Binary data over 100 bytes]
"{c970a45d-57f9-4e32-a5bd-886a9662641e}" = [Binary data over 100 bytes]
"{0c3be01b-fe70-4cc4-89dc-c07996b67e6d}" = [Binary data over 100 bytes]
"{4d9581d2-aef8-4993-84cd-b986ced80d42}" = [Binary data over 100 bytes]
"{be7cbdf4-b192-4aa5-94f8-1fb5c5ee07bc}" = [Binary data over 100 bytes]
"{716b48eb-0a35-4a76-92ab-1d987230d288}" = [Binary data over 100 bytes]
"{1165065e-4996-4338-abaf-4b8556b4d431}" = [Binary data over 100 bytes]
"{07a24961-a760-4e80-b263-6d275e1b09cb}" = [Binary data over 100 bytes]
"{5b0cb2e2-ab87-4974-9f1c-2f22a654eeb9}" = [Binary data over 100 bytes]
"{b6b2ca61-fb98-4422-adc2-e7cf56b3680c}" = [Binary data over 100 bytes]
"{0aa7fff8-919f-453c-928c-28a12122ba38}" = [Binary data over 100 bytes]
"{074f7f68-ee10-428a-89d1-ba78f6c327ca}" = [Binary data over 100 bytes]
"{c016105c-eb34-4519-a5fd-5f4e4ad4d18e}" = [Binary data over 100 bytes]
"{a47525e2-725b-4888-8af1-ba5a60c04f4d}" = [Binary data over 100 bytes]
"{0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}" = [Binary data over 100 bytes]
"{91ffecf0-0a9e-4572-95f1-a7111af86967}" = [Binary data over 100 bytes]
"{64e55933-15a5-495d-a928-ccca43d44875}" = [Binary data over 100 bytes]
"{13bfd422-6f75-4408-8924-9400ec0cb19c}" = [Binary data over 100 bytes]
"{cbfb56db-3c85-4543-9bc2-76ea28cdd74e}" = [Binary data over 100 bytes]
"{2dd96961-5757-434f-b617-34e732517c0e}" = [Binary data over 100 bytes]
"{375fb39b-08c6-40f2-bdf2-08fa63f970a2}" = [Binary data over 100 bytes]
"{3cd72f71-3c6e-49fd-b77c-4e58456a8d7a}" = [Binary data over 100 bytes]
"{55208d43-d432-42a7-a38a-c3d2a6461f78}" = [Binary data over 100 bytes]
"{25434595-0231-4312-81d8-e3e7e2cb81e3}" = [Binary data over 100 bytes]
"{76e819cb-d317-4f73-af11-ee05d19211c5}" = [Binary data over 100 bytes]
"{877a423b-9710-4a3e-beb6-0a8cfebdc642}" = [Binary data over 100 bytes]
"{b232d62d-7510-4cff-94a1-7fa9f3353a3f}" = [Binary data over 100 bytes]
"{2729ee66-d21e-4f00-b440-b11f9e8b1bc4}" = [Binary data over 100 bytes]
"{a5f7f5de-ff63-4626-bb95-a6b1c6ec65d0}" = [Binary data over 100 bytes]
"{7e07c361-3d1a-4c91-ba62-8553922c464b}" = [Binary data over 100 bytes]
"{a78018b0-7397-45e7-886d-2fc6e7a878cf}" = [Binary data over 100 bytes]
"{0aa8b2a7-d8e6-4574-8b79-5389071e8fa2}" = [Binary data over 100 bytes]
"{790018f5-8e05-4a78-88ac-ebc35a2e5ee5}" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider]
"{decc16ca-3f33-4346-be1e-8fb4ae0f3d62}" = [Binary data over 100 bytes]
"{4b153735-1049-4480-aab4-d1b9bdc03710}" = [Binary data over 100 bytes]
"{1bebc969-61a5-4732-a177-847a0817862a}" = [Binary data over 100 bytes]
"{aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}" = [Binary data over 100 bytes]
"{42ff0794-3627-44c1-9886-765010075254}" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer]
"{b3cdd441-af90-41ba-a745-7c6008ff2300}" = [Binary data over 100 bytes]
"{b3cdd441-af90-41ba-a745-7c6008ff2301}" = [Binary data over 100 bytes]
"{4224eab7-7d61-4fe0-9264-6d6568d2ddff}" = [Binary data over 100 bytes]

< End of report >
decepticon
Regular Member
 
Posts: 22
Joined: May 29th, 2012, 1:57 pm

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby decepticon » June 15th, 2012, 1:23 pm

OTL Extras logfile created on: 15-06-2012 22:16:22 - Run 2
OTL by OldTimer - Version 3.2.47.0 Folder = C:\Users\varsha.VICKY-PC\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy

1.99 Gb Total Physical Memory | 1.04 Gb Available Physical Memory | 52.43% Memory free
4.21 Gb Paging File | 3.19 Gb Available in Paging File | 75.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.74 Gb Total Space | 217.82 Gb Free Space | 75.44% Space Free | Partition Type: NTFS
Drive D: | 9.35 Gb Total Space | 1.08 Gb Free Space | 11.59% Space Free | Partition Type: NTFS

Computer Name: VICKY-PC | User Name: v icky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\WinHlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\WinHlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-683407207-1343029834-3925171578-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05604F51-7172-4106-B35C-0180300CF216}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{0A5D5D97-F694-4790-99EB-CF48BB26ED00}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{126219E1-33EB-4E8D-B2E4-DF9C9641DE6E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1E2DFE5D-CE29-439E-808C-276C1DF22DD5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{3B737626-16A9-4172-8177-89A3A3108287}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{5523F439-0475-40A0-AC54-757BB033E242}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{762E0FD1-43C6-4C87-B737-43527ACB4396}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{83644D23-83F7-40D8-9182-4A5584C18D5F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{8EF1447C-6261-47A1-9758-06E6E683D422}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{96841B5A-34C6-4A9E-BD09-B48EC1F29FCB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{9AF2513D-9215-4C0F-8DB8-F9952D0E85C0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{AB6BFECC-4BDE-4753-AF7A-2D095C51E6B6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{AD16C6DB-24BE-4B8A-B25F-94D45E6C81A6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B7E9668E-28FD-4DDE-A360-8B4CCCD35E06}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{D52AB86B-9B59-4CEC-936B-B8556D75048C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{F04D9C26-BA7F-4963-B1B9-772C8A25EDEB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{F39C4C54-FAC5-49DA-B580-F599D1E15F17}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{27197499-7680-4208-8FD8-5439CDB0FDC1}" = HPProductAssistant
"{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{34DAFDEC-A4B4-488A-A5CD-C91975A6F083}" = MediaRing Talk
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{556C5DF3-CA72-4550-8C68-D4EE330A8A44}" = Nitro Reader 2
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{593A6CAF-E114-4e31-884F-74FF349E8E36}" = SolutionCenter
"{60D4F9F1-B828-4048-A5AB-9AA2FD0C4751}" = DJ_AIO_03_F4200_Software
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7C0B3A39-6602-4E52-9561-01C24E7BDFC0}" = muvee autoProducer 6.1
"{7E36A3A4-9652-4200-AF89-C839CE4F1F2A}" = VIPRE Antivirus
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95A76C9-6F65-477E-83A0-9F884B6DC21B}" = TuneUp Utilities Language Pack (en-US)
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AFAD41A9-9687-48A3-848F-693C11451433}" = HP Customer Experience Enhancements
"{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}" = DJ_AIO_03_F4200_Software_Min
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{C3B6AEB1-390C-4792-8677-CD87F8B2C959}" = HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC0E1AE3-091D-4969-B151-7AC142062C28}" = SmartWebPrinting
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{E133E97F-5186-4503-BEC8-752EB9E8EBD7}" = Copy
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E6CFBFB5-9232-410C-B353-AF6E614B2681}" = LightScribe System Software 1.10.16.1
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Comodo Dragon" = Comodo Dragon
"COMODO GeekBuddy" = COMODO GeekBuddy
"Free Studio_is1" = Free Studio version 5.4.9
"FVDIEPlugin" = FVDIEPlugin
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 11.0
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 11.0
"HPExtendedCapabilities" = HP Customer Participation Program 11.0
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Orbit_is1" = Orbit Downloader
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"Revo Uninstaller" = Revo Uninstaller 1.93
"Shop for HP Supplies" = Shop for HP Supplies
"VLC media player" = VLC media player 1.0.5
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"A² Studios' ICC Cricket World Cup 2011 Patch" = A² Studios' ICC Cricket World Cup 2011 Patch

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11-06-2012 11:17:42 | Computer Name = vicky-pc | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 11-06-2012 11:17:42 | Computer Name = vicky-pc | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 11-06-2012 11:17:42 | Computer Name = vicky-pc | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 12-06-2012 01:08:18 | Computer Name = vicky-pc | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 12-06-2012 01:08:18 | Computer Name = vicky-pc | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 12-06-2012 01:08:18 | Computer Name = vicky-pc | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 12-06-2012 06:34:37 | Computer Name = vicky-pc | Source = ESENT | ID = 215
Description = WinMail (2472) WindowsMail0: The backup has been stopped because it
was halted by the client or the connection with the client failed.

Error - 13-06-2012 03:48:22 | Computer Name = vicky-pc | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 13-06-2012 03:48:22 | Computer Name = vicky-pc | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 13-06-2012 03:48:22 | Computer Name = vicky-pc | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

[ System Events ]
Error - 15-06-2012 07:19:30 | Computer Name = vicky-pc | Source = Service Control Manager | ID = 7022
Description =

Error - 15-06-2012 07:19:30 | Computer Name = vicky-pc | Source = Service Control Manager | ID = 7026
Description =

Error - 15-06-2012 11:03:52 | Computer Name = vicky-pc | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 001644763332 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 15-06-2012 11:05:17 | Computer Name = vicky-pc | Source = Service Control Manager | ID = 7022
Description =

Error - 15-06-2012 11:05:17 | Computer Name = vicky-pc | Source = Service Control Manager | ID = 7026
Description =

Error - 15-06-2012 11:07:19 | Computer Name = vicky-pc | Source = Service Control Manager | ID = 7000
Description =

Error - 15-06-2012 12:38:31 | Computer Name = vicky-pc | Source = Service Control Manager | ID = 7022
Description =

Error - 15-06-2012 12:38:31 | Computer Name = vicky-pc | Source = Service Control Manager | ID = 7026
Description =

Error - 15-06-2012 12:40:33 | Computer Name = vicky-pc | Source = Service Control Manager | ID = 7000
Description =

Error - 15-06-2012 12:41:23 | Computer Name = vicky-pc | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 001644763332 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).


< End of report >

Antivirus Result Update
AhnLab-V3 - 20120615
AntiVir - 20120615
Antiy-AVL - 20120615
Avast - 20120615
AVG - 20120615
BitDefender - 20120615
ByteHero - 20120613
CAT-QuickHeal - 20120615
ClamAV - 20120615
Commtouch - 20120615
Comodo - 20120615
DrWeb - 20120615
Emsisoft - 20120615
eSafe - 20120614
F-Prot - 20120615
F-Secure - 20120615
Fortinet - 20120615
GData - 20120615
Ikarus - 20120615
Jiangmin - 20120615
K7AntiVirus - 20120615
Kaspersky - 20120615
McAfee - 20120615
McAfee-GW-Edition- 20120614
Microsoft - 20120615
NOD32 - 20120615
Norman - 20120615
nProtect - 20120615
Panda - 20120615
PCTools - 20120615
Rising - 20120614
Sophos - 20120615
SUPERAntiSpyware- 20120615
Symantec - 20120615
TheHacker - 20120615
TotalDefense - 20120615
TrendMicro - 20120615
TrendMicro-HouseCall- 20120615
VBA32 - 20120615
VIPRE - 20120615
ViRobot - 20120615
VirusBuster - 20120615
Comments
Votes
Additional information
decepticon
Regular Member
 
Posts: 22
Joined: May 29th, 2012, 1:57 pm

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby diver79 » June 15th, 2012, 1:38 pm

Good work :D

One of the commands did not work, can you try this please

OTL Custom Scan
  • Right click on OTL.exe and select Run as Administrator to start the program.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select None.
  • Under Custom Scans/Fixes copy/paste the contents of the code box below.
    Code: Select all
    nsisvc.dll /md5  /s
  • Click on Run Scan at the top left hand corner.
  • When done post the contents OTL.txt.
User avatar
diver79
Retired Graduate
 
Posts: 1004
Joined: January 3rd, 2010, 7:03 pm
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: random/random and 55 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware