Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby decepticon » June 15th, 2012, 2:12 pm

OTL logfile created on: 15-06-2012 23:30:58 - Run 3
OTL by OldTimer - Version 3.2.47.0 Folder = C:\Users\varsha.VICKY-PC\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy

1.99 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 42.09% Memory free
4.22 Gb Paging File | 2.81 Gb Available in Paging File | 66.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.74 Gb Total Space | 217.82 Gb Free Space | 75.44% Space Free | Partition Type: NTFS
Drive D: | 9.35 Gb Total Space | 1.08 Gb Free Space | 11.59% Space Free | Partition Type: NTFS

Computer Name: VICKY-PC | User Name: v icky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\varsha.VICKY-PC\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe (Nitro PDF Software)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Comodo\COMODO GeekBuddy\CLPSLS.exe (COMODO)
PRC - C:\Program Files\Comodo\Dragon\dragon.exe (Comodo)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)


========== Modules (No Company Name) ==========

MOD - C:\WINDOWS\System32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files\Comodo\Dragon\avcodec-53.dll ()
MOD - C:\Program Files\Comodo\Dragon\avformat-53.dll ()
MOD - C:\Program Files\Comodo\Dragon\avutil-51.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\WINDOWS\System32\igfxTMM.dll ()


========== Win32 Services (SafeList) ==========

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (NitroReaderDriverReadSpool2) -- C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe (Nitro PDF Software)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (CLPSLS) -- C:\Program Files\Comodo\COMODO GeekBuddy\CLPSLS.exe (COMODO)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (HPBtnSrv) -- c:\hp\HPEZBTN\HPBtnSrv.exe ()


========== Driver Services (SafeList) ==========

DRV - (SymIMMP) -- system32\DRIVERS\SymIM.sys File not found
DRV - (SymIM) -- system32\DRIVERS\SymIM.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (MpKslcf484463) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BA1D8727-CB34-47BC-8A93-15D4F388E33A}\MpKslcf484463.sys File not found
DRV - (MpKslc7a88b2a) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{802394EE-6FD5-4316-8E8C-7D48154A9AAF}\MpKslc7a88b2a.sys File not found
DRV - (MpKslc1ecceca) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6A6C552F-7BFC-492F-A36B-1B5F423C3302}\MpKslc1ecceca.sys File not found
DRV - (MpKsl8477fcea) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F36C60A2-C5AF-4108-929E-2395F247DEDD}\MpKsl8477fcea.sys File not found
DRV - (MpKsl7f875fed) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{802394EE-6FD5-4316-8E8C-7D48154A9AAF}\MpKsl7f875fed.sys File not found
DRV - (MpKsl5e44e26c) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BA1D8727-CB34-47BC-8A93-15D4F388E33A}\MpKsl5e44e26c.sys File not found
DRV - (MpKsl45ab98d9) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F36C60A2-C5AF-4108-929E-2395F247DEDD}\MpKsl45ab98d9.sys File not found
DRV - (MpKsl383d5f34) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{802394EE-6FD5-4316-8E8C-7D48154A9AAF}\MpKsl383d5f34.sys File not found
DRV - (MpKsl355c8a55) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D6D0DB9B-9266-4528-AF1D-712F6EEF85DA}\MpKsl355c8a55.sys File not found
DRV - (MpKsl140d154b) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BA1D8727-CB34-47BC-8A93-15D4F388E33A}\MpKsl140d154b.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (AVGIDSShim) -- system32\DRIVERS\avgidsshimx.sys File not found
DRV - (AVGIDSHX) -- system32\DRIVERS\avgidshx.sys File not found
DRV - (MBAMProtector) -- C:\WINDOWS\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (inspect) -- C:\WINDOWS\System32\drivers\inspect.sys (COMODO)
DRV - (cmdHlp) -- C:\WINDOWS\System32\drivers\cmdhlp.sys (COMODO)
DRV - (cmdGuard) -- C:\WINDOWS\System32\drivers\cmdGuard.sys (COMODO)
DRV - (sbwtis) -- C:\WINDOWS\System32\drivers\sbwtis.sys (GFI Software)
DRV - (netr73) -- C:\WINDOWS\System32\drivers\netr73.sys (Ralink Technology, Corp.)
DRV - (RTL8169) -- C:\WINDOWS\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (bcm4sbxp) -- C:\WINDOWS\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (Ps2) -- C:\WINDOWS\System32\drivers\PS2.sys (Hewlett-Packard Company)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2011-12-18 12:17:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-06-05 20:58:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-06-03 16:11:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012-05-27 12:15:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\v icky\AppData\Roaming\mozilla\Extensions
[2012-06-08 23:15:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\v icky\AppData\Roaming\mozilla\Firefox\Profiles\8yw39bvl.default\extensions
[2011-12-11 22:39:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-06-03 16:11:21 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-06-06 09:12:06 | 000,003,766 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012-06-03 16:11:17 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012-03-13 17:24:54 | 000,002,511 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012-06-03 16:11:17 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\v icky\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\v icky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\v icky\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\v icky\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\
CHR - Extension: avast! WebRep = C:\Users\v icky\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Gmail = C:\Users\v icky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2011-12-22 23:12:37 | 000,000,755 | --S- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{245E6FCB-7E4C-4A66-BACF-BFC8178B4820}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58841B97-BB84-436F-A8E8-15F1E8F1AF92}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58841B97-BB84-436F-A8E8-15F1E8F1AF92}: NameServer = 8.26.56.26,156.154.70.22
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\v icky\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\v icky\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-08-10 17:05:27 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012-06-14 10:49:29 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012-06-14 10:49:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012-06-14 10:49:26 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012-06-14 10:49:25 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012-06-14 10:49:23 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012-06-14 10:49:22 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012-06-14 10:49:18 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012-06-13 23:40:56 | 002,045,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012-06-10 22:18:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-06-10 22:18:49 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012-06-10 22:04:33 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012-06-10 16:39:01 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2012-06-10 16:38:59 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012-06-10 16:38:59 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012-06-10 16:38:58 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012-06-10 16:38:58 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012-06-10 16:38:57 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012-06-09 22:17:57 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012-06-09 22:17:57 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012-06-09 22:17:57 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012-06-09 22:17:57 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012-06-09 22:17:57 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012-06-09 22:17:57 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012-06-09 22:17:56 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012-06-09 22:17:56 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012-06-09 22:17:56 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012-06-09 22:17:56 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012-06-09 22:17:56 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012-06-09 22:17:56 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012-06-09 22:17:56 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012-06-09 22:17:56 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012-06-09 22:17:56 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012-06-09 22:17:56 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012-06-09 22:17:56 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012-06-09 22:17:55 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012-06-09 22:17:55 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012-06-09 22:17:55 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012-06-09 22:17:55 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012-06-09 22:17:55 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012-06-09 22:17:55 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012-06-09 22:17:55 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012-06-09 22:17:54 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012-06-09 22:17:54 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012-06-09 22:17:53 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012-06-09 22:17:53 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012-06-09 22:17:53 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012-06-09 22:17:53 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012-06-09 21:15:59 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2012-06-09 20:51:51 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2012-06-09 20:50:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2012-06-09 20:38:40 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2012-06-09 20:38:37 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2012-06-09 20:38:37 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2012-06-09 20:37:43 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2012-06-09 20:37:35 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2012-06-09 20:37:35 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2012-06-09 20:37:35 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2012-06-09 20:37:35 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2012-06-09 20:37:34 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2012-06-09 20:36:50 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2012-06-09 20:36:50 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2012-06-09 20:36:41 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2012-06-09 20:36:34 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtpUS.dll
[2012-06-09 20:36:34 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdConns.dll
[2012-06-09 20:36:33 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2012-06-09 20:36:33 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtp.dll
[2012-06-09 20:36:32 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2012-06-09 20:36:32 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2012-06-09 20:36:32 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2012-06-09 20:36:32 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2012-06-09 20:36:32 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2012-06-09 20:03:55 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2012-06-09 20:03:54 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012-06-09 20:03:54 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2012-06-09 20:03:53 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2012-06-09 20:03:53 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2012-06-09 20:03:53 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2012-06-09 20:03:26 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2012-06-09 20:03:25 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2012-06-09 20:03:25 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012-06-09 20:03:24 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2012-06-09 20:03:23 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2012-06-09 20:03:23 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2012-06-09 20:03:22 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012-06-09 20:03:22 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2012-06-09 20:03:22 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012-06-09 20:03:21 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2012-06-09 20:03:14 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2012-06-09 20:03:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2012-06-09 20:02:13 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2012-06-09 20:02:13 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2012-06-09 20:01:41 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012-06-09 20:01:40 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012-06-09 20:01:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012-06-09 20:01:27 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2012-06-09 20:01:26 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2012-06-09 20:01:26 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2012-06-09 20:01:26 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2012-06-09 20:01:25 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012-06-09 20:01:23 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012-06-09 20:01:02 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012-06-09 20:01:01 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012-06-09 20:00:57 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2012-06-09 20:00:56 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012-06-09 20:00:54 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2012-06-09 20:00:53 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012-06-09 20:00:52 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012-06-09 13:18:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2012-06-09 13:18:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2012-06-09 13:18:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2012-06-09 13:01:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012-06-08 13:48:13 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-06-05 23:12:08 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Local\PackageAware
[2012-06-05 20:32:26 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Local\Comodo
[2012-06-05 17:25:15 | 000,000,000 | ---D | C] -- C:\ProgramData\F381
[2012-06-04 15:29:37 | 000,000,000 | ---D | C] -- C:\Users\v icky\Documents\GTA San Andreas User Files
[2012-06-03 16:11:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012-06-03 16:11:26 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012-06-02 18:21:55 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\ProgSense
[2012-06-02 18:07:17 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService
[2012-06-01 23:48:36 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\Nitro PDF
[2012-06-01 23:48:21 | 000,027,152 | ---- | C] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalmon2.dll
[2012-06-01 23:48:21 | 000,018,448 | ---- | C] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalui2.dll
[2012-06-01 23:48:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro PDF
[2012-06-01 23:48:05 | 000,000,000 | ---D | C] -- C:\Program Files\Nitro PDF
[2012-06-01 23:48:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro PDF
[2012-06-01 23:44:04 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\OpenCandy
[2012-06-01 23:41:45 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\DVDVideoSoftIEHelpers
[2012-06-01 23:41:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012-06-01 23:41:22 | 002,557,952 | ---- | C] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Windows\System32\QtCore4.dll
[2012-06-01 23:41:22 | 000,405,176 | ---- | C] (Newtonsoft) -- C:\Windows\System32\Newtonsoft.Json.Net20.dll
[2012-06-01 23:39:19 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\GrabPro
[2012-06-01 23:39:19 | 000,000,000 | ---D | C] -- C:\downloads
[2012-06-01 23:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orbit
[2012-06-01 23:39:06 | 000,000,000 | ---D | C] -- C:\Program Files\Orbitdownloader
[2012-06-01 23:38:42 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\Orbit
[2012-06-01 23:37:46 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2012-06-01 23:37:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2012-06-01 23:36:51 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\DVDVideoSoft
[2012-05-28 11:26:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012-05-28 11:26:02 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-05-27 12:15:53 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012-05-27 12:15:11 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\Mozilla
[2012-05-27 12:15:11 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Local\Mozilla
[2012-05-25 23:53:43 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2012-05-25 23:53:39 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2012-05-25 23:53:34 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2012-05-25 23:53:34 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2012-05-25 23:53:31 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2012-05-25 23:53:27 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2012-05-25 23:53:24 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2012-05-25 23:53:22 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2012-05-25 23:53:20 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2012-05-25 23:53:18 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2012-05-25 23:53:14 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2012-05-25 23:53:12 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2012-05-25 23:53:12 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2012-05-25 23:53:09 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2012-05-25 23:53:07 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2012-05-25 23:53:05 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2012-05-25 23:53:05 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2012-05-25 23:53:04 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2012-05-25 23:53:02 | 000,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2012-05-25 23:53:02 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2012-05-25 23:52:57 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2012-05-25 23:52:55 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL
[2012-05-25 23:52:55 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2012-05-25 23:52:55 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2012-05-25 23:52:54 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2012-05-25 23:52:52 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2012-05-25 23:52:50 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2012-05-25 23:52:50 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2012-05-25 23:52:49 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
[2012-05-25 23:52:48 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2012-05-25 23:52:47 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2012-05-25 23:52:43 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2012-05-25 23:52:39 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2012-05-25 23:52:39 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
[2012-05-25 23:52:38 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2012-05-25 23:52:38 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2012-05-25 23:52:36 | 000,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2012-05-25 23:52:36 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2012-05-25 23:52:35 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2012-05-25 23:52:34 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2012-05-25 23:52:34 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2012-05-25 23:52:33 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2012-05-25 23:52:32 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2012-05-25 23:52:31 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2012-05-25 23:52:28 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2012-05-25 23:52:28 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2012-05-25 23:52:27 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2012-05-25 23:52:26 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2012-05-25 23:52:23 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2012-05-25 23:52:23 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2012-05-25 23:52:23 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll
[2012-05-25 23:52:23 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2012-05-25 23:52:20 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2012-05-25 23:52:19 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2012-05-25 23:52:18 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2012-05-25 23:52:18 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2012-05-25 23:52:18 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2012-05-25 23:52:11 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2012-05-25 23:52:11 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2012-05-25 23:52:10 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2012-05-25 23:52:09 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2012-05-25 23:52:08 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2012-05-25 23:52:06 | 001,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll
[2012-05-25 23:52:05 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2012-05-25 23:52:04 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2012-05-25 23:52:04 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2012-05-25 23:52:03 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2012-05-25 23:52:03 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2012-05-25 23:52:03 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2012-05-25 23:52:02 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012-05-25 23:51:59 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2012-05-25 23:51:59 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2012-05-25 23:51:57 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2012-05-25 23:51:56 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2012-05-25 23:51:56 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll
[2012-05-25 23:51:55 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2012-05-25 23:51:54 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2012-05-25 23:51:54 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2012-05-25 23:51:51 | 000,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2012-05-25 23:51:49 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2012-05-25 23:51:49 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2012-05-25 23:51:47 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
[2012-05-25 23:51:46 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2012-05-25 23:51:45 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll
[2012-05-25 23:51:44 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2012-05-25 23:51:40 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2012-05-25 23:51:39 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2012-05-25 23:51:39 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2012-05-25 23:51:38 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2012-05-25 23:51:36 | 000,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2012-05-25 23:51:36 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2012-05-25 23:51:32 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2012-05-25 23:51:31 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2012-05-25 23:51:31 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2012-05-25 23:51:28 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2012-05-25 23:51:25 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2012-05-25 23:51:24 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2012-05-25 23:51:24 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2012-05-25 23:51:24 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2012-05-25 23:51:23 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2012-05-25 23:51:22 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2012-05-25 23:51:21 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2012-05-25 23:51:20 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2012-05-25 23:51:19 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2012-05-25 23:51:19 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2012-05-25 23:51:18 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2012-05-25 23:51:18 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2012-05-25 23:51:18 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2012-05-25 23:51:17 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2012-05-25 23:51:16 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2012-05-25 23:51:16 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2012-05-25 23:51:13 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll
[2012-05-25 23:51:13 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2012-05-25 23:51:13 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2012-05-25 23:51:13 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll
[2012-05-25 23:51:12 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2012-05-25 23:51:12 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2012-05-25 23:51:10 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2012-05-25 23:51:10 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2012-05-25 23:51:09 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2012-05-25 23:51:08 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2012-05-25 23:51:08 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2012-05-25 23:51:07 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2012-05-25 23:51:07 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2012-05-25 23:51:07 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2012-05-25 23:51:05 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2012-05-25 23:51:05 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2012-05-25 23:51:05 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2012-05-25 23:51:04 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2012-05-25 23:51:02 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2012-05-25 23:51:01 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2012-05-25 23:51:01 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2012-05-25 23:50:57 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2012-05-25 23:50:56 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2012-05-25 23:50:56 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2012-05-25 23:50:56 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2012-05-25 23:50:55 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2012-05-25 23:50:55 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2012-05-25 23:50:54 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2012-05-25 23:50:53 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2012-05-25 23:50:53 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2012-05-25 23:50:51 | 000,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2012-05-25 23:50:51 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2012-05-25 23:50:50 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2012-05-25 23:50:50 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2012-05-25 23:50:49 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2012-05-25 23:50:48 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2012-05-25 23:50:47 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2012-05-25 23:50:46 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2012-05-25 23:50:44 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2012-05-25 23:50:43 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2012-05-25 23:50:43 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012-05-25 23:50:42 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2012-05-25 23:50:42 | 000,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2012-05-25 23:50:41 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2012-05-25 23:50:41 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2012-05-25 23:50:41 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2012-05-25 23:50:40 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2012-05-25 23:50:38 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2012-05-25 23:50:37 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2012-05-25 23:50:36 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2012-05-25 23:50:34 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2012-05-25 23:50:34 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2012-05-25 23:50:34 | 000,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2012-05-25 23:50:33 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2012-05-25 23:50:33 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2012-05-25 23:50:32 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2012-05-25 23:50:32 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2012-05-25 23:50:29 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2012-05-25 23:50:29 | 000,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2012-05-25 23:50:29 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
[2012-05-25 23:50:27 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2012-05-25 23:50:26 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2012-05-25 23:50:26 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2012-05-25 23:50:24 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2012-05-25 23:50:24 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2012-05-25 23:50:23 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2012-05-25 23:50:22 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2012-05-25 23:50:21 | 000,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2012-05-25 23:50:21 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2012-05-25 23:50:21 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2012-05-25 23:50:21 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2012-05-25 23:50:21 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2012-05-25 23:50:20 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2012-05-25 23:50:20 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2012-05-25 23:50:20 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2012-05-25 23:50:19 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2012-05-25 23:50:18 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2012-05-25 23:50:17 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2012-05-25 23:50:16 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2012-05-25 23:50:15 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2012-05-25 23:50:15 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2012-05-25 23:50:15 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2012-05-25 23:50:14 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2012-05-25 23:50:14 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2012-05-25 23:50:13 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2012-05-25 23:50:13 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2012-05-25 23:50:13 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2012-05-25 23:50:13 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2012-05-25 23:50:12 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2012-05-25 23:50:11 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2012-05-25 23:50:11 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2012-05-25 23:50:10 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2012-05-25 23:50:10 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2012-05-25 23:50:09 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2012-05-25 23:50:09 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2012-05-25 23:50:07 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2012-05-25 23:50:07 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2012-05-25 23:50:04 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2012-05-25 23:50:04 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2012-05-25 23:50:03 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2012-05-25 23:50:03 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2012-05-25 23:50:00 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2012-05-25 23:49:58 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2012-05-25 23:49:58 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2012-05-25 23:49:58 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2012-05-25 23:49:56 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2012-05-25 23:49:56 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2012-05-25 23:49:55 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2012-05-25 23:49:55 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2012-05-25 23:49:55 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2012-05-25 23:49:54 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2012-05-25 23:49:54 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2012-05-25 23:49:53 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2012-05-25 23:49:52 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2012-05-25 23:49:52 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2012-05-25 23:49:51 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2012-05-25 23:49:50 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
[2012-05-25 23:49:49 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2012-05-25 23:49:49 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2012-05-25 23:49:48 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2012-05-25 23:49:48 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2012-05-25 23:49:48 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2012-05-25 23:49:46 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2012-05-25 23:49:46 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2012-05-25 23:49:46 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2012-05-25 23:49:45 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2012-05-25 23:49:45 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2012-05-25 23:49:44 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2012-05-25 23:49:44 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2012-05-25 23:49:43 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2012-05-25 23:49:42 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2012-05-25 23:49:42 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2012-05-25 23:49:42 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2012-05-25 23:49:42 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2012-05-25 23:49:41 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2012-05-25 23:49:41 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2012-05-25 23:49:40 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2012-05-25 23:49:40 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2012-05-25 23:49:40 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2012-05-25 23:49:39 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2012-05-25 23:49:39 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2012-05-25 23:49:39 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2012-05-25 23:49:39 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2012-05-25 23:49:38 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2012-05-25 23:49:37 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2012-05-25 23:49:37 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2012-05-25 23:49:37 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2012-05-25 23:49:36 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
[2012-05-25 23:49:35 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2012-05-25 23:49:35 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2012-05-25 23:49:35 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2012-05-25 23:49:35 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2012-05-25 23:49:35 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2012-05-25 23:49:34 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2012-05-25 23:49:34 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2012-05-25 23:49:34 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2012-05-25 23:49:33 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2012-05-25 23:49:33 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012-05-25 23:49:33 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2012-05-25 23:49:32 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
[2012-05-25 23:49:31 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2012-05-25 23:49:30 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2012-05-25 23:49:30 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2012-05-25 23:49:29 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2012-05-25 23:49:29 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2012-05-25 23:49:29 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2012-05-25 23:49:28 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2012-05-25 23:49:27 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2012-05-25 23:49:26 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2012-05-25 23:49:26 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2012-05-25 23:49:25 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2012-05-25 23:49:25 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2012-05-25 23:49:24 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2012-05-25 23:49:24 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2012-05-25 23:49:23 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2012-05-25 23:49:22 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2012-05-25 23:49:22 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012-05-25 23:49:22 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2012-05-25 23:49:20 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2012-05-25 23:49:19 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2012-05-25 23:49:18 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2012-05-25 23:49:17 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2012-05-25 23:49:17 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2012-05-25 23:49:17 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2012-05-25 23:49:16 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2012-05-25 23:49:16 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2012-05-25 23:49:16 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2012-05-25 23:49:16 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2012-05-25 23:49:16 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2012-05-25 23:49:15 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2012-05-25 23:49:14 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2012-05-25 23:49:14 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2012-05-25 23:49:12 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2012-05-25 23:49:12 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2012-05-25 23:49:11 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2012-05-25 23:49:10 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2012-05-25 23:49:09 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2012-05-25 23:49:09 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2012-05-25 23:49:08 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2012-05-25 23:49:07 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2012-05-25 23:49:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2012-05-25 23:49:06 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2012-05-25 23:49:05 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2012-05-25 23:49:04 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2012-05-25 23:49:03 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2012-05-25 23:49:03 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2012-05-25 23:49:02 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2012-05-25 23:49:02 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2012-05-25 23:49:02 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
[2012-05-25 23:49:01 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2012-05-25 23:49:01 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2012-05-25 23:49:00 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2012-05-25 23:48:59 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2012-05-25 23:48:59 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2012-05-25 23:48:59 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2012-05-25 23:48:58 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2012-05-25 23:48:58 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2012-05-25 23:48:58 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2012-05-25 23:48:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2012-05-25 23:48:57 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2012-05-25 23:48:56 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2012-05-25 23:48:56 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
[2012-05-25 23:48:55 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2012-05-25 23:48:55 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2012-05-25 23:48:55 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2012-05-25 23:48:53 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2012-05-25 23:48:53 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2012-05-25 23:48:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2012-05-25 23:48:52 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2012-05-25 23:48:52 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2012-05-25 23:48:52 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
[2012-05-25 23:48:50 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2012-05-25 23:48:48 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2012-05-25 23:48:44 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2012-05-25 23:48:44 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2012-05-25 23:48:43 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2012-05-25 23:48:42 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2012-05-25 23:48:42 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2012-05-25 23:48:39 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2012-05-25 23:48:39 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2012-05-25 23:48:39 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2012-05-25 23:48:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2012-05-25 23:48:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2012-05-25 23:48:38 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2012-05-25 23:48:32 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2012-05-25 23:48:31 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2012-05-25 23:48:29 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2012-05-25 23:48:27 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2012-05-25 23:48:26 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2012-05-25 23:47:51 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2012-05-25 23:47:47 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2012-05-25 23:47:47 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2012-05-25 23:47:36 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2012-05-25 16:34:30 | 000,000,000 | ---D | C] -- C:\Cricket 2008
[2012-05-25 16:22:29 | 000,000,000 | ---D | C] -- C:\Users\v icky\Documents\EA SPORTS(TM) Cricket 07
[2012-05-25 16:20:04 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Local\Adobe
[2012-05-25 16:19:41 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\A² Studios' ICC Cricket World Cup 2011 Patch
[2012-05-25 16:12:50 | 000,000,000 | ---D | C] -- C:\Cricket 2011
[2012-05-18 12:23:58 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2012-05-17 09:40:30 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\Macromedia
[2012-05-17 08:32:53 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\Adobe
[2012-05-17 08:26:59 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Local\Google
[2012-05-17 08:06:09 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\Malwarebytes
[2012-05-17 08:04:31 | 000,000,000 | ---D | C] -- C:\Users\v icky\Desktop\varsha_2
[2012-05-17 07:48:06 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\vlc
[2012-05-17 07:47:27 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\Apple Computer
[2012-05-17 07:46:51 | 000,000,000 | R--D | C] -- C:\Users\v icky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012-05-17 07:46:51 | 000,000,000 | R--D | C] -- C:\Users\v icky\Searches
[2012-05-17 07:46:51 | 000,000,000 | R--D | C] -- C:\Users\v icky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012-05-17 07:46:42 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\Identities
[2012-05-17 07:46:40 | 000,000,000 | R--D | C] -- C:\Users\v icky\Contacts
[2012-05-17 07:46:39 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Local\VirtualStore
[2012-05-17 07:46:18 | 000,000,000 | --SD | C] -- C:\Users\v icky\AppData\Roaming\Microsoft
[2012-05-17 07:46:18 | 000,000,000 | R--D | C] -- C:\Users\v icky\Videos
[2012-05-17 07:46:18 | 000,000,000 | R--D | C] -- C:\Users\v icky\Saved Games
[2012-05-17 07:46:18 | 000,000,000 | R--D | C] -- C:\Users\v icky\Pictures
[2012-05-17 07:46:18 | 000,000,000 | R--D | C] -- C:\Users\v icky\Music
[2012-05-17 07:46:18 | 000,000,000 | R--D | C] -- C:\Users\v icky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012-05-17 07:46:18 | 000,000,000 | R--D | C] -- C:\Users\v icky\Links
[2012-05-17 07:46:18 | 000,000,000 | R--D | C] -- C:\Users\v icky\Favorites
[2012-05-17 07:46:18 | 000,000,000 | R--D | C] -- C:\Users\v icky\Downloads
[2012-05-17 07:46:18 | 000,000,000 | R--D | C] -- C:\Users\v icky\Documents
[2012-05-17 07:46:18 | 000,000,000 | R--D | C] -- C:\Users\v icky\Desktop
[2012-05-17 07:46:18 | 000,000,000 | R--D | C] -- C:\Users\v icky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\AppData\Local\Temporary Internet Files
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\Templates
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\Start Menu
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\SendTo
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\Recent
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\PrintHood
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\NetHood
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\Documents\My Videos
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\Documents\My Pictures
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\Documents\My Music
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\My Documents
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\Local Settings
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\AppData\Local\History
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\Cookies
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\Application Data
[2012-05-17 07:46:18 | 000,000,000 | -HSD | C] -- C:\Users\v icky\AppData\Local\Application Data
[2012-05-17 07:46:18 | 000,000,000 | -H-D | C] -- C:\Users\v icky\AppData
[2012-05-17 07:46:18 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Local\Temp
[2012-05-17 07:46:18 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Local\Microsoft Help
[2012-05-17 07:46:18 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Local\Microsoft
[2012-05-17 07:46:18 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\Media Center Programs
[2012-05-17 07:46:18 | 000,000,000 | ---D | C] -- C:\Users\v icky\AppData\Roaming\IObit
[2012-05-17 07:32:47 | 000,000,000 | ---D | C] -- C:\ProgramData\2FC8

========== Files - Modified Within 30 Days ==========

[2012-06-15 22:58:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-06-15 22:11:51 | 000,608,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-06-15 22:11:51 | 000,108,268 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-06-15 22:07:24 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-06-15 22:07:11 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-06-15 22:07:11 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-06-15 22:07:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-06-15 14:37:17 | 000,000,680 | ---- | M] () -- C:\Users\v icky\AppData\Local\d3d9caps.dat
[2012-06-14 11:42:04 | 000,398,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-06-10 22:18:52 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-06-10 22:04:34 | 000,001,059 | ---- | M] () -- C:\Users\v icky\Desktop\Revo Uninstaller.lnk
[2012-06-09 22:18:06 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2012-06-09 22:18:06 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2012-06-09 22:17:57 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012-06-09 22:17:57 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012-06-09 22:17:57 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012-06-09 22:17:57 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012-06-09 22:17:57 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012-06-09 22:17:57 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012-06-09 22:17:56 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012-06-09 22:17:56 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012-06-09 22:17:56 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012-06-09 22:17:56 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012-06-09 22:17:56 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012-06-09 22:17:56 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012-06-09 22:17:56 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012-06-09 22:17:56 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012-06-09 22:17:56 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012-06-09 22:17:56 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012-06-09 22:17:56 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012-06-09 22:17:56 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012-06-09 22:17:55 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012-06-09 22:17:55 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012-06-09 22:17:55 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012-06-09 22:17:55 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012-06-09 22:17:55 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012-06-09 22:17:55 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012-06-09 22:17:55 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012-06-09 22:17:54 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012-06-09 22:17:54 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012-06-09 22:17:53 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012-06-09 22:17:53 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012-06-09 22:17:53 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012-06-09 22:17:53 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012-06-09 21:15:43 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2012-06-09 21:15:37 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2012-06-09 13:18:01 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2012-06-05 20:58:07 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012-06-04 15:07:59 | 000,013,824 | ---- | M] () -- C:\Users\v icky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-06-02 22:47:20 | 000,001,493 | ---- | M] () -- C:\user.js
[2012-06-01 23:48:15 | 000,001,902 | ---- | M] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2012-06-01 23:41:30 | 000,001,034 | ---- | M] () -- C:\Users\v icky\Desktop\DVDVideoSoft Free Studio.lnk
[2012-06-01 23:39:15 | 000,000,874 | ---- | M] () -- C:\Users\v icky\Application Data\Microsoft\Internet Explorer\Quick Launch\Orbit.lnk
[2012-06-01 23:39:15 | 000,000,850 | ---- | M] () -- C:\Users\v icky\Desktop\Orbit.lnk
[2012-05-28 11:34:26 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012-05-28 11:32:30 | 000,004,892 | ---- | M] () -- C:\Users\v icky\Documents\cc_20120528_113223.reg
[2012-05-28 11:26:06 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-05-25 16:48:44 | 000,000,593 | ---- | M] () -- C:\Users\v icky\Desktop\Cricket11.lnk
[2012-05-25 16:48:25 | 000,000,593 | ---- | M] () -- C:\Users\v icky\Desktop\Cricket08.lnk
[2012-05-18 04:15:37 | 001,800,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012-05-18 04:05:39 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012-05-18 04:03:08 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012-05-18 04:01:16 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012-05-18 03:59:45 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012-05-18 03:54:45 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012-05-18 03:50:42 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012-05-17 08:21:33 | 000,009,724 | ---- | M] () -- C:\Users\v icky\Documents\cc_20120517_082129.reg
[2012-05-17 07:46:20 | 000,000,632 | RHS- | M] () -- C:\Users\v icky\ntuser.pol

========== Files Created - No Company Name ==========

[2012-06-15 14:37:17 | 000,000,680 | ---- | C] () -- C:\Users\v icky\AppData\Local\d3d9caps.dat
[2012-06-10 22:18:52 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-06-09 22:17:56 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012-06-09 21:15:43 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2012-06-09 21:15:37 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2012-06-09 13:18:01 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2012-06-08 13:35:58 | 000,002,990 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VClean2.vbs
[2012-06-01 23:48:15 | 000,001,902 | ---- | C] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2012-06-01 23:48:14 | 000,001,872 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 2.lnk
[2012-06-01 23:41:30 | 000,001,034 | ---- | C] () -- C:\Users\v icky\Desktop\DVDVideoSoft Free Studio.lnk
[2012-06-01 23:39:15 | 000,000,874 | ---- | C] () -- C:\Users\v icky\Application Data\Microsoft\Internet Explorer\Quick Launch\Orbit.lnk
[2012-06-01 23:39:15 | 000,000,850 | ---- | C] () -- C:\Users\v icky\Desktop\Orbit.lnk
[2012-05-28 11:32:28 | 000,004,892 | ---- | C] () -- C:\Users\v icky\Documents\cc_20120528_113223.reg
[2012-05-28 11:26:06 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-05-27 12:15:53 | 000,001,059 | ---- | C] () -- C:\Users\v icky\Desktop\Revo Uninstaller.lnk
[2012-05-25 23:52:32 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012-05-25 23:52:27 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2012-05-25 23:52:02 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2012-05-25 23:51:57 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012-05-25 23:51:56 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012-05-25 23:51:50 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2012-05-25 23:51:40 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2012-05-25 23:50:57 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2012-05-25 23:50:51 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2012-05-25 23:48:37 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2012-05-25 23:48:19 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2012-05-25 16:48:25 | 000,000,593 | ---- | C] () -- C:\Users\v icky\Desktop\Cricket11.lnk
[2012-05-25 16:48:25 | 000,000,593 | ---- | C] () -- C:\Users\v icky\Desktop\Cricket08.lnk
[2012-05-17 08:21:31 | 000,009,724 | ---- | C] () -- C:\Users\v icky\Documents\cc_20120517_082129.reg
[2012-05-17 07:51:56 | 000,013,824 | ---- | C] () -- C:\Users\v icky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-05-17 07:46:52 | 000,000,951 | ---- | C] () -- C:\Users\v icky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012-05-17 07:46:50 | 000,000,946 | ---- | C] () -- C:\Users\v icky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012-05-17 07:46:40 | 000,000,917 | ---- | C] () -- C:\Users\v icky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2012-05-17 07:46:20 | 000,000,632 | RHS- | C] () -- C:\Users\v icky\ntuser.pol
[2012-05-17 07:46:18 | 000,001,917 | ---- | C] () -- C:\Users\v icky\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012-05-17 07:46:18 | 000,001,034 | ---- | C] () -- C:\Users\v icky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite Deluxe.lnk
[2012-05-17 07:46:18 | 000,000,258 | ---- | C] () -- C:\Users\v icky\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012-05-17 07:46:18 | 000,000,240 | ---- | C] () -- C:\Users\v icky\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011-12-28 23:04:53 | 000,398,240 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2011-12-18 17:35:36 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2011-12-18 11:58:58 | 000,166,220 | ---- | C] () -- C:\Windows\hpoins28.dat
[2011-12-03 19:55:55 | 000,020,312 | ---- | C] () -- C:\Windows\System32\RegistryDefragBootTime.exe
[2011-12-03 18:26:38 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011-12-01 20:11:06 | 000,074,703 | ---- | C] () -- C:\Windows\System32\mfc45.dll
[2011-11-19 16:41:50 | 000,000,020 | ---- | C] () -- C:\Windows\mafosav.INI

========== Custom Scans ==========

< nsisvc.dll /md5 /s >
[2008-01-19 13:05:57 | 000,018,432 | ---- | M] () MD5=8BB86F0C7EEA2BDED6FE095D0B4CA9BD -- \WINDOWS\System32\nsisvc.dll
[2006-11-02 15:16:12 | 000,018,432 | ---- | M] () MD5=23B8201A363DE0E649FC75EE9874DEE2 -- \WINDOWS\winsxs\x86_microsoft-windows-usermodensi_31bf3856ad364e35_6.0.6000.16386_none_702b60e3ca88cfce\nsisvc.dll
[2008-01-19 13:05:57 | 000,018,432 | ---- | M] () MD5=8BB86F0C7EEA2BDED6FE095D0B4CA9BD -- \WINDOWS\winsxs\x86_microsoft-windows-usermodensi_31bf3856ad364e35_6.0.6001.18000_none_726222dfc773e0a2\nsisvc.dll

< End of report >
decepticon
Regular Member
 
Posts: 22
Joined: May 29th, 2012, 1:57 pm
Advertisement
Register to Remove

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby diver79 » June 16th, 2012, 3:06 am

Hi deception,

  • Download AccessEnum to your Desktop.
  • Unzip AccessEnum.exe to your Desktop.
  • Right click on AccessEnum.exe and select Run as Administrator.
  • Copy/Paste the following line into the Text field and press Enter
    Code: Select all
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\nsi\
  • Click the Save Button.
  • A file called AccessEnum.txt will be saved to your Desktop (provided that is the location of the AccessEnum.exe file)
  • Post the contents of this file.
User avatar
diver79
Retired Graduate
 
Posts: 1004
Joined: January 3rd, 2010, 7:03 pm

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby decepticon » June 16th, 2012, 3:22 am

"Path" "Read" "Write" "Deny"
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\nsi\" "Administrators, Users" "Administrators" ""
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\nsi\\Parameters" "???" "???" "???"
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\nsi\\Parameters\*" "The handle is invalid." "" ""
decepticon
Regular Member
 
Posts: 22
Joined: May 29th, 2012, 1:57 pm

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby diver79 » June 16th, 2012, 4:00 am

Hi deception,

It does look like there is a permissions issue here, however I need you to run it again. The tool needs to be run as Administrator or it will not be able to read the permissions. Can you run it again but make sure to Right click on AccessEnum.exe and select Run as Administrator.

diver79
User avatar
diver79
Retired Graduate
 
Posts: 1004
Joined: January 3rd, 2010, 7:03 pm

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby decepticon » June 16th, 2012, 4:21 am

"Path" "Read" "Write" "Deny"
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\nsi\" "Administrators, Users" "Administrators" ""
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\nsi\\Parameters" "Administrators, NT SERVICE\nsi" "Administrators, NT SERVICE\nsi" ""
decepticon
Regular Member
 
Posts: 22
Joined: May 29th, 2012, 1:57 pm

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby diver79 » June 16th, 2012, 4:47 am

Hi deception

Please follow the instructions below.

Save swreg to system32 folder
  • Please download this file to your desktop.
  • Right click on the swreg file on your desktop and select copy.
  • You now need to save it to C:\Windows\System32 . You must open Explorer as an Administrator to do this.
  • Go to Start > All Programs > Accessories. Locate Windows Explorer, Right click on it and select Run as Administrator.
  • Navigate to C:\Windows\System32 and paste the file in here.


Create swreg batch file
  1. Copy all text in the code box (below)...to Notepad, Do not include the word Code:
    Code: Select all
    @echo off
    
    swreg ACL "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\nsi" /GA:F /I ENABLE > "%userprofile%"\Desktop\look.txt"
    swreg ACL "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\nsi\parameters" /GA:F /I ENABLE > "%userprofile%"\Desktop\look.txt"
    Notepad.exe "%userprofile%\Desktop\look.txt"
    Del %0
  2. Save the Notepad file to your desktop...as fix.bat... save type as "All Files"
    Image
    fix.bat <<------------- you should see this on your desktop.
  3. Right click on fix.bat and select Run as Administrator to execute it.
  4. A black CMD window will flash, then disappear...this is normal.
  5. Post the contents of the look.txt file in your next reply.
  6. Reboot your computer


Farbar Service Scanner
  • Right click on FSS.exe and select Run as Administrator to start the program.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Note: I will be away from the computer until Sunday evening. Let me know how the computer performs and we can pick things up again on Sunday.

Regards,

diver79
Last edited by diver79 on June 17th, 2012, 3:34 pm, edited 2 times in total.
User avatar
diver79
Retired Graduate
 
Posts: 1004
Joined: January 3rd, 2010, 7:03 pm

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby diver79 » June 17th, 2012, 2:47 pm

Hi deception,

Did the batch file run successfully? How is the computer performing now?

diver79
User avatar
diver79
Retired Graduate
 
Posts: 1004
Joined: January 3rd, 2010, 7:03 pm

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby decepticon » June 18th, 2012, 12:22 pm

dear driver79..accidently and unknowingly my pc gt crashed..i mean i just was unable to open my desktop..my pc engineer formated my pc .and now i have windws7....thank u for u support dont know why my pc got dat problem..i really don't know..i .Saved swreg to system32 then after dat i really don't know wat happened...





YOUR'S FAITHFULLY ,


DECEPTICON
decepticon
Regular Member
 
Posts: 22
Joined: May 29th, 2012, 1:57 pm

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby diver79 » June 18th, 2012, 2:15 pm

No problem deception,

Keeping your computer up to date with the latest windows updates and patching vulnerable applications will help to prevent these types of issues happening again. See below for more information on how you can do this.


Update your Antivirus programs and other programs regularly.
Secunia Personal Software Inspector - Copyright © Secunia. This app will monitor programs on your computer for known vulnerabilities. You can set it to auto-update for you, or just prompt you if an update is available. I highly recommend it.
F-secure Health Check - Copyright © F-Secure Corporation. F-Secure Health Check is a free application that tells you if your computer is protected and helps you fix possible security issues.


Read, stay informed.
To help minimize the chances of becoming re-infected, please read.
Computer Security - a short guide to staying safer online

Unless there are other malware questions or concerns, I will have this topic closed as resolved.
User avatar
diver79
Retired Graduate
 
Posts: 1004
Joined: January 3rd, 2010, 7:03 pm

Re: GRRRRRRRRRR!!!!...antivirus problem..!!!!!!

Unread postby deltalima » June 20th, 2012, 4:27 pm

As your problems appear to require a reformat, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 43 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware