Премини към съдържанието

Архивирана тема

Темата е твърде стара и е архивирана. Не можете да добавяте нови отговори в нея, но винаги можете да публикувате нова тема, в която да продължи дискусията. Регистрирайте се или влезте във вашия профил за да публикувате нова тема.

petyaf

компютъра ми е бавен [Решен]

Препоръчан отговор


Здравейте, компютъра ми е доста по- бавен в сравнение с преди и не можах да се оттърва от този babylon. DDS (Ver_2011-09-30.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 Run by PC at 21:39:17 on 2012-04-08 Microsoft Windows XP Professional 5.1.2600.3.1251.359.1033.18.503.50 [GMT 3:00] . AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . ============== Running Processes ================ . C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k bthsvcs C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\System32\svchost.exe -k HTTPFilter . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.bg/ mSearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=4c41a6ec00000000000000e04c4c3385&tlver=1.4.19.19&ss=1&affID=17981 uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - <orphaned> BHO: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\prxConduitEngine.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll BHO: Foxit PDF Creator Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - BHO: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:\program files\bs_player\prxtbBS_0.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: Foxit PDF Creator Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - TB: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:\program files\bs_player\prxtbBS_0.dll TB: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\prxConduitEngine.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: Foxit PDF Creator Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [OrderReminder] c:\program files\hewlett-packard\orderreminder\OrderReminder.exe mRun: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [instantAccess] c:\program files\scanneru\tbridge\bin\InstantAccess.exe /h mRun: [RegisterDropHandler] c:\program files\scanneru\tbridge\bin\RegisterDropHandler.exe mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k mRunServices: [RegisterDropHandler] c:\program files\scanneru\tbridge\bin\RegisterDropHandler.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRunOnce: [RunNarrator] Narrator.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1307386615703 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1307386724750 DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{B2BA5C57-775D-4485-B503-FCDBDBA85C3C} : DHCPNameServer = 192.168.1.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\pc\application data\mozilla\firefox\profiles\buta0c4f.default\ FF - prefs.js: browser.search.selectedengine - search the web (babylon) FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?af=110393&tt=290312_bexdll&babsrc=hp_ss&mntrid=4c41a6ec00000000000000e04c4c3385 FF - prefs.js: keyword.url - hxxp://search.babylon.com/?af=110393&babsrc=adbartrp&mntrid=4c41a6ec000000000000001a4d29970b&q= FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110393 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - 4c41a6ec00000000000000e04c4c3385 FF - user.js: extensions.BabylonToolbar_i.hardId - 4c41a6ec00000000000000e04c4c3385 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15431 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1715:56:18 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-20 612184] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-12-20 337880] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656] R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service;c:\program files\abbyy finereader 9.0\NetworkLicenseServer.exe [2007-11-2 566560] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-12-20 20696] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-12-20 44768] S2 gupdate;Услуга Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-5-3 135664] S2 USB680x;Plustek USB Scanner;c:\windows\system32\drivers\UScanner.SYS [2010-12-18 17332] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-2-5 1691480] S3 gupdatem;Услуга на Google Актуализация (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-5-3 135664] . =============== Created Last 30 ================ . 2012-04-08 12:49:46 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-04-08 12:49:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-04-03 22:18:19 -------- d-----w- c:\program files\ESET 2012-04-01 12:55:59 -------- d-----w- c:\documents and settings\pc\local settings\application data\Babylon 2012-04-01 12:55:57 -------- d-----w- c:\documents and settings\all users\application data\Babylon 2012-04-01 12:55:56 -------- d-----w- c:\documents and settings\pc\application data\Babylon 2012-04-01 12:55:31 -------- d-----w- c:\documents and settings\all users\application data\bProtector 2012-04-01 12:55:27 -------- d-----w- c:\documents and settings\pc\application data\eType 2012-04-01 12:55:21 -------- d-----w- c:\documents and settings\all users\application data\IBUpdaterService 2012-03-31 12:13:35 -------- d-----w- c:\documents and settings\pc\application data\Foxit Software 2012-03-26 16:27:51 -------- d-----w- c:\documents and settings\pc\local settings\application data\APN 2012-03-26 16:27:35 -------- d-----w- c:\program files\Foxit Software . ==================== Find3M ==================== . 2012-03-07 00:15:19 41184 ----a-w- c:\windows\avastSS.scr 2012-03-07 00:03:51 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-03-04 10:41:59 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl . ============= FINISH: 21:39:43.35 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 07.5.2005 г. 18:24:05 System Uptime: 08.4.2012 г. 21:03:47 (0 hours ago) . Motherboard: Gigabyte Technology Co., Ltd. | | 945GZM-S2 Processor: Intel Pentium II processor | Socket 775 | 1808/200mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 116 GiB total, 42.365 GiB free. D: is FIXED (NTFS) - 116 GiB total, 15 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {E0CBF06C-CD8B-4647-BB8A-263B43F0F974} Description: My new generic Bluetooth adapter Device ID: ROOT\IMAGE\0002 Manufacturer: Cambridge Silicon Radio Ltd. Name: My new generic Bluetooth adapter PNP Device ID: ROOT\IMAGE\0002 Service: BTHUSB . Class GUID: {E0CBF06C-CD8B-4647-BB8A-263B43F0F974} Description: My new generic Bluetooth adapter Device ID: ROOT\IMAGE\0003 Manufacturer: Cambridge Silicon Radio Ltd. Name: My new generic Bluetooth adapter PNP Device ID: ROOT\IMAGE\0003 Service: BTHUSB . Class GUID: {E0CBF06C-CD8B-4647-BB8A-263B43F0F974} Description: My new generic Bluetooth adapter Device ID: ROOT\IMAGE\0004 Manufacturer: Cambridge Silicon Radio Ltd. Name: My new generic Bluetooth adapter PNP Device ID: ROOT\IMAGE\0004 Service: BTHUSB . Class GUID: {E0CBF06C-CD8B-4647-BB8A-263B43F0F974} Description: My new generic Bluetooth adapter Device ID: ROOT\IMAGE\0005 Manufacturer: Cambridge Silicon Radio Ltd. Name: My new generic Bluetooth adapter PNP Device ID: ROOT\IMAGE\0005 Service: BTHUSB . Class GUID: {E0CBF06C-CD8B-4647-BB8A-263B43F0F974} Description: My new generic Bluetooth adapter Device ID: ROOT\IMAGE\0006 Manufacturer: Cambridge Silicon Radio Ltd. Name: My new generic Bluetooth adapter PNP Device ID: ROOT\IMAGE\0006 Service: BTHUSB . Class GUID: {E0CBF06C-CD8B-4647-BB8A-263B43F0F974} Description: My new generic Bluetooth adapter Device ID: ROOT\IMAGE\0007 Manufacturer: Cambridge Silicon Radio Ltd. Name: My new generic Bluetooth adapter PNP Device ID: ROOT\IMAGE\0007 Service: BTHUSB . Class GUID: {E0CBF06C-CD8B-4647-BB8A-263B43F0F974} Description: My new generic Bluetooth adapter Device ID: ROOT\IMAGE\0008 Manufacturer: Cambridge Silicon Radio Ltd. Name: My new generic Bluetooth adapter PNP Device ID: ROOT\IMAGE\0008 Service: BTHUSB . Class GUID: {E0CBF06C-CD8B-4647-BB8A-263B43F0F974} Description: My new generic Bluetooth adapter Device ID: ROOT\IMAGE\0009 Manufacturer: Cambridge Silicon Radio Ltd. Name: My new generic Bluetooth adapter PNP Device ID: ROOT\IMAGE\0009 Service: BTHUSB . Class GUID: {E0CBF06C-CD8B-4647-BB8A-263B43F0F974} Description: My new generic Bluetooth adapter Device ID: ROOT\IMAGE\0010 Manufacturer: Cambridge Silicon Radio Ltd. Name: My new generic Bluetooth adapter PNP Device ID: ROOT\IMAGE\0010 Service: BTHUSB . Class GUID: {E0CBF06C-CD8B-4647-BB8A-263B43F0F974} Description: My new generic Bluetooth adapter Device ID: ROOT\IMAGE\0011 Manufacturer: Cambridge Silicon Radio Ltd. Name: My new generic Bluetooth adapter PNP Device ID: ROOT\IMAGE\0011 Service: BTHUSB . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . Декларация Обр.1 и 6 ЗБУТ+ (Версия 2.11) µTorrent ABBYY FineReader 9.0 Professional Edition Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX Adobe Photoshop 7.0 Adobe Reader 9.4.7 avast! Free Antivirus BS.Player FREE BS_Player Toolbar CCleaner CD Recovery Toolbox Free 1.1 CD/DVD Diagnostic Compatibility Pack for the 2007 Office system Conduit Engine Easy CD-DA Extractor 12 EPSON AL-C1600 Exact Audio Copy 0.99pb3 Foxit Reader 5.1 FreeUndelete 2.0.35248.1 Google Земя Google Chrome Google Toolbar for Internet Explorer Google Update Helper Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB942288-v3) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976002-v5) Intel® Graphics Media Accelerator Driver IsoBuster 2.8.5 K-Lite Codec Pack 5.0.0 (Full) Konto v.5.80.1 LaserJet 1020 series Malwarebytes Anti-Malware, версия 1.60.1.1000 Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Office Professional Edition 2003 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mozilla Firefox 11.0 (x86 bg) MP3 Cutter 1.8 Nero 8 Lite 8.3.2.1 OrderReminder HP LaserJet 1020 Plustek USB Scanner REALTEK GbE & FE Ethernet PCI NIC Driver Realtek High Definition Audio Driver Recover Disc 2.0 Recuva Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2586448) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982665) Skype™ 3.6 Smart File Advisor 1.1.1 SUPERAntiSpyware Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Windows XP (KB2345886) Update for Windows XP (KB2541763) Update for Windows XP (KB2641690) Update for Windows XP (KB898461) Update for Windows XP (KB943729) Update for Windows XP (KB955759) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) WebFldrs XP Windows Genuine Advantage Notifications (KB905474) Windows Internet Explorer 8 Windows Media Format 11 runtime Windows Media Player 11 Windows Media Player Firefox Plugin WinRAR archiver . ==== Event Viewer Messages From Past Week ======== . 08.4.2012 г. 21:04:58, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 08.4.2012 г. 20:28:35, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 08.4.2012 г. 18:50:57, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 08.4.2012 г. 17:31:34, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 08.4.2012 г. 14:03:42, error: Service Control Manager [7000] - The HTTP SSL service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 08.4.2012 г. 14:03:41, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the HTTP SSL service to connect. 08.4.2012 г. 14:02:38, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 07.4.2012 г. 15:11:42, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 07.4.2012 г. 10:48:43, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the HTTP SSL service to connect. 07.4.2012 г. 10:48:43, error: Service Control Manager [7000] - The HTTP SSL service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 07.4.2012 г. 10:48:10, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 06.4.2012 г. 10:15:56, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 05.4.2012 г. 09:51:05, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 04.4.2012 г. 17:02:38, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 04.4.2012 г. 08:25:39, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 04.4.2012 г. 00:46:56, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 04.4.2012 г. 00:37:29, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 04.4.2012 г. 00:27:53, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 03.4.2012 г. 23:51:58, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 03.4.2012 г. 23:16:18, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 03.4.2012 г. 17:06:35, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 03.4.2012 г. 09:32:53, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 03.4.2012 г. 09:31:44, error: Dhcp [1002] - The IP address lease 192.168.1.3 for the Network Card with network address 001A4D29970B has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message). 02.4.2012 г. 19:02:36, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 02.4.2012 г. 12:39:08, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 02.4.2012 г. 09:13:42, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 01.4.2012 г. 20:37:50, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 01.4.2012 г. 17:40:01, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 01.4.2012 г. 17:09:24, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 01.4.2012 г. 16:40:58, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 01.4.2012 г. 11:05:24, error: Service Control Manager [7000] - The Plustek USB Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. . ==== End Of File ===========================

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте!

Моля, деинсталирайте следните приложения:

BS_Player Toolbar

Conduit Engine

След това:

  • Изтеглете OTL от тук и го запазете на вашия работен плот.
  • Стартирайте го.
  • Направете следните настройки:
  • Сложете отметка пред Scan All Users Публикувано изображение
  • Под менюто File Age изберете 90 days
  • Под менюто Standard Registryпроменете на ALL
  • Сложете отметки пред LOP и Purity Check
Под Публикувано изображение с Copy/ Paste въведете изцяло следната текстова информация (само това, което е поставено в карето):

netsvcs
msconfig
safebootminimal
safebootnetwork
%SYSTEMDRIVE%*.*
%USERPROFILE%*.*
%USERPROFILE%Application Data*.*
%USERPROFILE%Local SettingsApplication Data*.*
%AllUsersProfile%*.*
%AllUsersProfile%Application Data*.*
%USERPROFILE%My Documents*.*
%CommonProgramFiles%*.*
%PROGRAMFILES%*.*
%systemroot%system32configsystemprofile*.*
%windir%ServiceProfilesLocalServiceAppDataLocalTemp*.*
%windir%ServiceProfilesNetworkServiceAppDataLocalTemp*.*
%windir%temp*.*
%systemroot%assemblytemp*.* /S /MD5
%systemroot%assemblytmp*.* /S /MD5
%systemroot%assemblyGAC_32*.* /S /MD5
%systemroot%assemblyGAC_MSIL*.* /S /MD5
%systemroot%system32*.dll /lockedfiles
%systemroot%Tasks*.job /lockedfiles
%systemroot%system32drivers*.sys /90
%systemroot%system32drivers*.sys /lockedfiles
%systemroot%system32Spoolprtprocsw32x86*.dll
%systemroot%*. /mp /s
/md5start
explorer.exe
lsass.exe
svchost.exe
wininit.exe
winlogon.exe
userinit.exe
atapi.sys
iaStor.sys
serial.sys
disk.sys
volsnap.sys
redbook.sys
i8042prt.sys
afd.sys
netbt.sys
tcpip.sys
ipsec.sys
hlp.dat
/md5stop
  • Натиснете маркираният в синьо бутон: Run Scan.
  • Като приключи проверката, ще се създадат два файла - OTL.Txt и Extras.Txt. Използвайки copy/paste комбинацията, публикувайте двата лог файла в следващия ви коментар в тази тема.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

здравейте, не можах да деинсталирам BS_Player Toolbar и Conduit Engine от add/remove programs, затова прочетох в този форум темата "Не мога да деинсталирам програми" и използвах CCleaner . От там също не се деинсталираха, с delete entry ги изтрих от регистрите. След това с търсачката на Windows потърсих за ключови думи за тези програми и изтрих всички файлове и папки свързани с тях, но може и да не съм изтрила всичко. Да сканирам ли с OTL или трябва да направя още нещо?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

ето част от OTL.Txt , понеже е много дълъг ще ги публикувам на части

OTL logfile created on: 09.4.2012 г. 18:30:22 - Run 1

OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\User\My Documents\Downloads

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000402 | Country: Bulgaria | Language: BGR | Date Format: dd.M.yyyy 'г.'

503.48 Mb Total Physical Memory | 77.55 Mb Available Physical Memory | 15.40% Memory free

1.20 Gb Paging File | 0.57 Gb Available in Paging File | 47.15% Paging File free

Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 116.44 Gb Total Space | 42.28 Gb Free Space | 36.31% Space Free | Partition Type: NTFS

Drive D: | 116.44 Gb Total Space | 15.01 Gb Free Space | 12.89% Space Free | Partition Type: NTFS

Computer Name: USER-30EF165FC0 | User Name: PC | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2012.04.09 18:25:56 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\My Documents\Downloads\OTL.exe

PRC - [2012.03.13 07:36:40 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2012.03.07 03:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe

PRC - [2012.03.07 03:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe

PRC - [2011.12.01 12:29:10 | 002,424,192 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

PRC - [2008.04.14 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007.11.02 19:58:38 | 000,566,560 | ---- | M] (ABBYY (BIT Software)) -- C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe

PRC - [2006.01.30 12:00:00 | 000,098,304 | R--- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe

========== Modules (No Company Name) ==========

MOD - [2012.04.09 17:37:52 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll

MOD - [2012.04.09 10:24:11 | 001,755,136 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12040900\algo.dll

MOD - [2012.03.13 07:36:53 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll

MOD - [2011.12.01 12:26:00 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll

MOD - [2011.12.01 12:25:53 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

MOD - [2011.05.06 20:34:51 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll

MOD - [2010.06.16 13:07:41 | 005,612,496 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)

SRV - [2012.03.07 03:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV - [2007.11.02 19:58:38 | 000,566,560 | ---- | M] (ABBYY (BIT Software)) [Auto | Running] -- C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - [2012.03.07 03:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)

DRV - [2012.03.07 03:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2012.03.07 03:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2012.03.07 03:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2012.03.07 03:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2012.03.07 03:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2012.03.07 02:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2010.05.10 21:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2010.02.17 21:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)

DRV - [2009.12.08 13:03:00 | 006,017,568 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2009.11.18 02:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)

DRV - [2009.11.18 02:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)

DRV - [2008.08.28 10:40:40 | 000,111,104 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)

DRV - [2003.10.28 15:17:52 | 000,005,273 | ---- | M] (Arrowkey) [Kernel | Auto | Running] -- C:\Program Files\InfinaDyne\Shared\CDRPDACC.SYS -- (CDRPDACC)

DRV - [2000.06.22 12:42:48 | 000,017,332 | ---- | M] ( ) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\UScanner.SYS -- (USB680x)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=4c41a6ec00000000000000e04c4c3385&tlver=1.4.19.19&ss=1&affID=17981

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh.com/web?src=ieb&systemid=1&q={searchTerms}

IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb&q={searchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.google.bg/

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\System32\blank.htm

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.bg/

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = bg

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 C1 07 87 76 09 CC 01 [binary data]

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\InprocServer32 File not found

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\..\SearchScopes,bProtectorDefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=110393&babsrc=SP_ss&mntrId=4c41a6ec000000000000001a4d29970b

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SKPB_en

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "search the web (babylon)"

FF - prefs.js..browser.search.order.1: "search the web (babylon)"

FF - prefs.js..browser.search.selectedengine: "search the web (babylon)"

FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?af=110393&tt=290312_bexdll&babsrc=hp_ss&mntrid=4c41a6ec00000000000000e04c4c3385"

FF - prefs.js..extensions.enabledItems: {1e73965b-8b48-48be-9c8d-68b920abc1c4}:10.0.0.1319

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.3

FF - prefs.js..keyword.url: "http://search.babylon.com/?af=110393&babsrc=adbartrp&mntrid=4c41a6ec000000000000001a4d29970b&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011.11.13 11:57:51 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.03.20 17:48:15 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.26 23:03:46 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.10.08 00:18:53 | 000,000,000 | ---D | M]

[2011.05.03 17:01:49 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\PC\Application Data\Mozilla\Extensions

[2011.05.03 17:01:49 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\PC\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2012.04.08 22:43:47 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\buta0c4f.default\extensions

[2012.03.20 01:29:24 | 000,000,000 | ---D | M] (BS Player Community Toolbar) -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\buta0c4f.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}

[2012.04.08 22:43:47 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\buta0c4f.default\extensions\foxmarks@kei.com

[2012.01.03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\buta0c4f.default\searchplugins\askcom.xml

[2012.03.26 23:03:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2012.03.26 23:03:46 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2012.03.20 17:48:15 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

[2012.03.13 07:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2011.06.07 12:35:34 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll

[2012.03.13 10:48:12 | 000,001,083 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\911bg.xml

[2012.03.13 09:53:08 | 000,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml

[2012.03.13 10:48:12 | 000,002,442 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\diribg.xml

[2012.03.13 09:53:08 | 000,002,364 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml

[2010.09.02 11:09:28 | 000,002,486 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\iMeshWebSearch.xml

[2012.03.13 10:48:12 | 000,001,515 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pe-bg.xml

[2012.03.13 10:48:12 | 000,001,857 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\portalbgdict.xml

[2012.03.13 10:48:12 | 000,001,220 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-bg.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.151\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.151\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.151\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = D:\PFiles\Plugins\np-mswmp.dll

CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - Extension: YouTube = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Google Search = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: avast! WebRep = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\

CHR - Extension: Gmail = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No CLSID value found.

O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll File not found

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)

O2 - BHO: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found

O2 - BHO: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll File not found

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found

O3 - HKLM\..\Toolbar: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\..\Toolbar\WebBrowser: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [bluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)

O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)

O4 - HKLM..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)

O4 - HKLM..\Run: [instantAccess] C:\Program Files\ScannerU\TBRIDGE\BIN\InstantAccess.exe ()

O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found

O4 - HKLM..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe (Hewlett-Packard)

O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)

O4 - HKLM..\Run: [RegisterDropHandler] C:\Program Files\ScannerU\TBridge\Bin\RegisterDropHandler.exe ()

O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)

O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)

O4 - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)

O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)

O4 - HKLM..\RunServices: [RegisterDropHandler] C:\Program Files\ScannerU\TBridge\Bin\RegisterDropHandler.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]

O7 - HKU\__avast! sandbox\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\wshbth.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1307386615703 (WUWebControl Class)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1307386724750 (MUWebControl Class)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2BA5C57-775D-4485-B503-FCDBDBA85C3C}: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (protector.dll) - File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)

O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)

O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)

O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)

O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O24 - Desktop Components:0 (My Current Home Page) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\PC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\PC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010.02.04 13:30:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\F\Shell - "" = AutoRun

O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found

NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpReg: My Web Search Bar Search Scope Monitor - hkey= - key= - File not found

MsConfig - StartUpReg: MyWebSearch Email Plugin - hkey= - key= - File not found

MsConfig - StartUpReg: Smart File Advisor - hkey= - key= - C:\Program Files\Smart File Advisor\sfa.exe (Filefacts.net)

MsConfig - State: "system.ini" - 0

MsConfig - State: "win.ini" - 0

MsConfig - State: "bootini" - 0

MsConfig - State: "services" - 0

MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vga.sys - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

========== Files/Folders - Created Within 90 Days ==========

[2012.04.08 21:32:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos

[2012.04.08 21:32:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures

[2012.04.08 21:32:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music

[2012.04.08 21:32:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\PC\Start Menu\Programs\Administrative Tools

[2012.04.08 15:49:46 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2012.04.08 15:49:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2012.04.07 23:05:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\пчеларство_files

[2012.04.07 18:21:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\регистрация Т.ГАФАРОВ

[2012.04.05 22:29:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Desktop\печат янкова

[2012.04.01 15:55:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Local Settings\Application Data\Babylon

[2012.04.01 15:55:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Babylon

[2012.04.01 15:55:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Application Data\Babylon

[2012.04.01 15:55:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\bProtector

[2012.04.01 15:55:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Application Data\eType

[2012.04.01 15:55:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService

[2012.03.31 15:13:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Application Data\Foxit Software

[2012.03.31 14:59:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\РЕГИСТРАЦИЯ ГИНДА

[2012.03.30 11:45:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump

[2012.03.28 15:58:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Desktop\конвектомат

[2012.03.26 23:53:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth

[2012.03.26 19:29:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Foxit Reader 5.1

[2012.03.26 19:27:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Local Settings\Application Data\APN

[2012.03.26 19:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software

[2012.02.18 21:26:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\EPSON

[2012.02.18 21:26:06 | 000,376,832 | ---- | C] (EPSON) -- C:\WINDOWS\System32\SSMCML0G.DLL

[2012.02.18 21:26:06 | 000,051,200 | ---- | C] (EPSON) -- C:\WINDOWS\System32\SSPOOL0G.DLL

[2012.02.18 21:26:06 | 000,019,456 | ---- | C] (EPSON) -- C:\WINDOWS\System32\STAG320G.DLL

[2012.02.18 21:26:05 | 000,102,400 | ---- | C] (EPSON) -- C:\WINDOWS\System32\SLMON_0G.DLL

[2012.02.18 21:26:05 | 000,013,824 | ---- | C] (EPSON) -- C:\WINDOWS\System32\SIMF320G.DLL

[2012.02.18 21:26:05 | 000,009,728 | ---- | C] (EPSON) -- C:\WINDOWS\System32\SICM__0G.DLL

[2012.02.18 21:26:03 | 000,036,864 | ---- | C] (EPSON) -- C:\WINDOWS\System32\SCMM__0G.DLL

[2012.02.18 21:26:03 | 000,023,552 | ---- | C] (EPSON) -- C:\WINDOWS\System32\SGDI320G.DLL

[2012.02.18 21:26:01 | 000,000,000 | ---D | C] -- C:\Program Files\EPSON_P1

[2012.02.07 00:31:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Desktop\snimki prodavalnikk

[2012.01.31 20:05:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DatacardService

[2012.01.25 12:42:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\ПЖ СИНЕМАС

[2012.01.12 22:56:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\регистрация Галина

[2012.01.12 22:29:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\РЕГИСТРАЦИЯ БУБЛИК

[2012.01.12 11:27:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\НАП

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[28 C:\Documents and Settings\User\My Documents\*.tmp files -> C:\Documents and Settings\User\My Documents\*.tmp -> ]

[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2012.04.09 17:50:04 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012.04.09 17:36:38 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012.04.09 17:36:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012.04.09 16:29:18 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C224D257-9D07-40A1-9744-FF4262AFBB00}.job

[2012.04.09 12:33:14 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\Microsoft Office Word 2003.lnk

[2012.04.09 12:28:23 | 000,002,425 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Декларации Обр.1 и 6.lnk

[2012.04.09 11:54:46 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\Microsoft Office Excel 2003.lnk

[2012.04.09 09:56:35 | 000,134,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012.04.08 23:58:38 | 000,432,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2012.04.08 23:58:38 | 000,067,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2012.04.08 23:55:25 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2012.04.08 18:26:49 | 000,000,520 | ---- | M] () -- C:\Documents and Settings\User\My Documents\spider.sav

[2012.04.08 15:49:49 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2012.04.07 23:15:28 | 000,482,152 | ---- | M] () -- C:\Documents and Settings\User\My Documents\финансиране на пчеларство.mht

[2012.04.07 23:11:14 | 000,482,000 | ---- | M] () -- C:\Documents and Settings\User\My Documents\пчеларство.mht

[2012.04.07 23:07:54 | 000,481,711 | ---- | M] () -- C:\Documents and Settings\User\My Documents\отглеждане на пчели.mht

[2012.04.07 23:05:58 | 000,182,943 | ---- | M] () -- C:\Documents and Settings\User\My Documents\пчеларство.htm

[2012.04.07 10:47:33 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012.04.06 14:59:22 | 000,280,304 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\IMG[1].pdf

[2012.04.06 10:54:20 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk

[2012.04.03 23:59:06 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2012.04.03 11:56:18 | 000,481,198 | ---- | M] () -- C:\Documents and Settings\User\My Documents\Adapted_Food_Safety-corrective_BG_doc.mht

[2012.04.01 15:56:24 | 000,000,237 | ---- | M] () -- C:\user.js

[2012.03.31 20:56:57 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2012.03.31 11:50:32 | 000,511,528 | ---- | M] () -- C:\Documents and Settings\User\My Documents\4FBDB27BF30EFB85EEE511375F8D2C26[1].pdf

[2012.03.31 11:45:37 | 000,312,520 | ---- | M] () -- C:\Documents and Settings\User\My Documents\03A8426019745283DCC135832511FD43[1].pdf

[2012.03.30 17:46:59 | 000,038,400 | ---- | M] () -- C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.03.29 14:32:54 | 000,090,823 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\product_6779.jpg

[2012.03.26 23:53:31 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Земя.lnk

[2012.03.26 23:03:49 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2012.03.26 23:03:49 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

[2012.03.26 19:29:30 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader 5.1.lnk

[2012.03.24 21:57:52 | 000,032,539 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\resized_0.01.jpg

[2012.03.24 20:57:12 | 000,555,507 | ---- | M] () -- C:\Documents and Settings\User\My Documents\8655_scherzo_op_29_no_2.pdf

[2012.03.24 20:54:23 | 000,610,275 | ---- | M] () -- C:\Documents and Settings\User\My Documents\42664_etyud_no_1_sol-bemol_mazhor_op_30.pdf

[2012.03.24 20:53:25 | 000,572,216 | ---- | M] () -- C:\Documents and Settings\User\My Documents\60835_tri_pesy_dlya_fortepiano_op_25.pdf

[2012.03.18 21:03:49 | 000,002,483 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\Microsoft Office PowerPoint 2003.lnk

[2012.03.07 03:15:19 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2012.03.07 03:15:14 | 000,201,352 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2012.03.07 03:03:51 | 000,612,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys

[2012.03.07 03:03:38 | 000,337,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2012.03.07 03:02:00 | 000,035,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2012.03.07 03:01:53 | 000,053,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2012.03.07 03:01:39 | 000,095,704 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2012.03.07 03:01:35 | 000,089,048 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2012.03.07 03:01:30 | 000,020,696 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2012.03.07 02:58:29 | 000,024,920 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2012.03.04 13:41:59 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2012.02.19 16:47:46 | 003,026,061 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\ALC1600_UG_RU.PDF

[2012.02.03 12:26:17 | 001,869,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys

[2012.02.03 12:26:17 | 001,869,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys

[2012.01.30 19:45:27 | 000,000,523 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\LCHome.lnk

[2012.01.29 19:37:46 | 000,052,935 | ---- | M] () -- C:\Documents and Settings\User\My Documents\5_ОТЧЕТ ЗА ПРИХОДИТЕ И РАЗХОДИТЕ_2011_NF2.pdf

[2012.01.29 19:36:55 | 000,049,800 | ---- | M] () -- C:\Documents and Settings\User\My Documents\4_СЧЕТОВОДЕН БАЛАНС_2011_NF2.pdf

[2012.01.13 18:08:22 | 001,105,510 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\кедър.tif

[2012.01.11 22:06:47 | 000,003,072 | ---- | M] () -- C:\WINDOWS\System32\iacenc.dll

[2012.01.11 22:06:47 | 000,003,072 | ---- | M] () -- C:\WINDOWS\System32\dllcache\iacenc.dll

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[28 C:\Documents and Settings\User\My Documents\*.tmp files -> C:\Documents and Settings\User\My Documents\*.tmp -> ]

[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.04.08 20:54:15 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012.04.08 20:54:15 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll

[2012.04.08 15:49:49 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2012.04.07 23:15:23 | 000,482,152 | ---- | C] () -- C:\Documents and Settings\User\My Documents\финансиране на пчеларство.mht

[2012.04.07 23:11:06 | 000,482,000 | ---- | C] () -- C:\Documents and Settings\User\My Documents\пчеларство.mht

[2012.04.07 23:07:52 | 000,481,711 | ---- | C] () -- C:\Documents and Settings\User\My Documents\отглеждане на пчели.mht

[2012.04.07 23:05:54 | 000,182,943 | ---- | C] () -- C:\Documents and Settings\User\My Documents\пчеларство.htm

[2012.04.06 15:00:46 | 000,280,304 | ---- | C] () -- C:\Documents and Settings\PC\Desktop\IMG[1].pdf

[2012.04.03 11:56:13 | 000,481,198 | ---- | C] () -- C:\Documents and Settings\User\My Documents\Adapted_Food_Safety-corrective_BG_doc.mht

[2012.04.01 15:56:22 | 000,000,237 | ---- | C] () -- C:\user.js

[2012.03.31 11:51:31 | 000,511,528 | ---- | C] () -- C:\Documents and Settings\User\My Documents\4FBDB27BF30EFB85EEE511375F8D2C26[1].pdf

[2012.03.31 11:46:11 | 000,312,520 | ---- | C] () -- C:\Documents and Settings\User\My Documents\03A8426019745283DCC135832511FD43[1].pdf

[2012.03.29 14:33:28 | 000,090,823 | ---- | C] () -- C:\Documents and Settings\PC\Desktop\product_6779.jpg

[2012.03.26 23:53:31 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Земя.lnk

[2012.03.26 23:03:49 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2012.03.26 23:03:49 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk

[2012.03.26 23:03:49 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

[2012.03.26 19:29:30 | 000,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader 5.1.lnk

[2012.03.24 21:58:13 | 000,032,539 | ---- | C] () -- C:\Documents and Settings\PC\Desktop\resized_0.01.jpg

[2012.03.24 20:57:12 | 000,555,507 | ---- | C] () -- C:\Documents and Settings\User\My Documents\8655_scherzo_op_29_no_2.pdf

[2012.03.24 20:54:23 | 000,610,275 | ---- | C] () -- C:\Documents and Settings\User\My Documents\42664_etyud_no_1_sol-bemol_mazhor_op_30.pdf

[2012.03.24 20:53:25 | 000,572,216 | ---- | C] () -- C:\Documents and Settings\User\My Documents\60835_tri_pesy_dlya_fortepiano_op_25.pdf

[2012.02.19 16:48:00 | 003,026,061 | ---- | C] () -- C:\Documents and Settings\PC\Desktop\ALC1600_UG_RU.PDF

[2012.02.18 21:27:46 | 000,747,496 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Remote_Panel_P.exe

[2012.02.18 21:26:06 | 000,031,910 | ---- | C] () -- C:\WINDOWS\SSUMLT0G.INI

[2012.02.18 21:26:06 | 000,000,061 | ---- | C] () -- C:\WINDOWS\System32\SSEP010G.SEP

[2012.01.29 19:37:46 | 000,052,935 | ---- | C] () -- C:\Documents and Settings\User\My Documents\5_ОТЧЕТ ЗА ПРИХОДИТЕ И РАЗХОДИТЕ_2011_NF2.pdf

[2012.01.29 19:36:55 | 000,049,800 | ---- | C] () -- C:\Documents and Settings\User\My Documents\4_СЧЕТОВОДЕН БАЛАНС_2011_NF2.pdf

[2012.01.13 18:08:22 | 001,105,510 | ---- | C] () -- C:\Documents and Settings\PC\Desktop\кедър.tif

[2012.01.12 11:27:50 | 000,002,425 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Декларации Обр.1 и 6.lnk

[2011.05.15 00:53:52 | 000,038,400 | ---- | C] () -- C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011.05.06 08:57:41 | 000,000,224 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~18734884

[2011.05.06 08:57:41 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~18734884r

[2011.05.06 08:57:35 | 000,000,400 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\18734884

[2011.05.01 15:35:45 | 000,015,388 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\3po52o47a0m5

[2011.01.30 15:30:04 | 000,000,021 | ---- | C] () -- C:\WINDOWS\pccuo.ini

[2010.12.18 22:24:34 | 000,000,093 | ---- | C] () -- C:\WINDOWS\Tb98.ini

[2010.12.18 22:23:59 | 000,017,332 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\UScanner.SYS

[2010.12.18 22:16:46 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\xrxscnui.dll

[2010.06.17 18:43:25 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat

[2010.06.16 13:05:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

========== LOP Check ==========

[2011.01.09 00:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\0265

[2011.12.20 12:46:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software

[2011.05.06 17:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10

[2012.04.01 15:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon

[2012.04.01 15:55:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\bProtector

[2011.05.03 12:28:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2012.01.31 20:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DatacardService

[2010.03.21 22:42:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easy CD-DA Extractor

[2012.04.08 17:30:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService

[2011.11.21 16:32:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate

[2011.05.06 17:05:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData

[2011.11.21 16:32:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Premium

[2011.03.15 02:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2011.05.03 12:36:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PC\Application Data\AVG10

[2012.04.01 15:55:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Babylon

[2012.03.27 13:48:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\BSplayer

[2011.05.15 23:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\BSplayer Pro

[2011.06.12 18:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\CoSoSys

[2011.05.19 00:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Crystal Player

[2012.04.01 15:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\eType

[2012.03.31 15:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Foxit Software

[2011.05.06 19:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\OfficeRecovery

[2012.04.01 20:36:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\uTorrent

[2011.01.12 22:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\BluetoothDriverInstaller

[2011.03.19 23:45:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Breakpad

[2010.12.14 23:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\BSplayer

[2010.06.10 23:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\BSplayer Pro

[2011.01.07 23:35:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\imeshbandmltbpi

[2011.03.19 23:15:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\InfinaDyne

[2011.03.19 23:45:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Installer

[2011.03.23 02:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Ticno

[2010.06.17 00:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Uniblue

[2011.04.30 19:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\uTorrent

[2010.12.18 22:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Xerox

[2012.04.09 16:29:18 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{C224D257-9D07-40A1-9744-FF4262AFBB00}.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >

[2010.12.27 23:52:46 | 000,563,001 | ---- | M] (PKWARE, Inc.) -- C:\ast54win.exe

[2010.12.27 23:53:29 | 000,004,304 | ---- | M] () -- C:\ASTROLOG.DAT

[2010.02.04 13:30:15 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2011.05.03 12:09:01 | 000,000,211 | -HS- | M] () -- C:\boot.ini

[2010.02.04 13:30:15 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2008.01.13 16:26:46 | 000,263,168 | ---- | M] () -- C:\COPYDAT7.EXE

[1992.05.18 10:15:12 | 000,020,768 | ---- | M] () -- C:\CYRDRV.COM

[2011.09.03 10:47:47 | 000,000,291 | ---- | M] () -- C:\EMP2008.DBF

[2010.02.04 13:30:15 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2010.02.04 13:30:15 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2008.04.14 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2008.04.14 14:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr

[2012.04.09 17:36:25 | 792,723,456 | -HS- | M] () -- C:\pagefile.sys

[2011.01.01 15:08:26 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET

[2011.05.06 20:32:33 | 000,002,048 | ---- | M] () -- C:\Uninstall.dat

[2012.04.01 15:56:24 | 000,000,237 | ---- | M] () -- C:\user.js

< %USERPROFILE%\*.* >

[2012.04.09 17:35:27 | 095,944,704 | -H-- | M] () -- C:\Documents and Settings\PC\NTUSER.DAT

[2012.04.09 18:37:14 | 000,001,024 | -H-- | M] () -- C:\Documents and Settings\PC\ntuser.dat.LOG

[2012.04.09 17:35:27 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\PC\ntuser.ini

< %USERPROFILE%\Application Data\*.* >

[2010.02.04 14:34:04 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\PC\Application Data\desktop.ini

< %USERPROFILE%\Local Settings\Application Data\*.* >

[2012.03.30 17:46:59 | 000,038,400 | ---- | M] () -- C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011.05.03 17:01:21 | 000,022,584 | -H-- | M] () -- C:\Documents and Settings\PC\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

[2011.05.09 09:46:31 | 007,405,258 | -H-- | M] () -- C:\Documents and Settings\PC\Local Settings\Application Data\IconCache.db

< %AllUsersProfile%\*.* >

[2011.03.23 01:34:13 | 000,000,256 | ---- | M] () -- C:\Documents and Settings\All Users\file.lic

< %AllUsersProfile%\Application Data\*.* >

[2011.05.06 14:52:20 | 000,000,400 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\18734884

[2011.05.02 14:43:59 | 000,015,388 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\3po52o47a0m5

[2010.02.04 14:34:04 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini

[2010.06.17 18:43:25 | 000,000,032 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat

[2011.05.06 15:17:18 | 000,000,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~18734884

[2011.05.06 15:17:17 | 000,000,136 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~18734884r

< %USERPROFILE%\My Documents\*.* >

< %CommonProgramFiles%\*.* >

< %PROGRAMFILES%\*.* >

< %systemroot%\system32\config\systemprofile\*.* >

[2011.05.03 12:05:37 | 000,266,240 | ---- | M] () -- C:\WINDOWS\system32\config\systemprofile\ntuser.dat

[2011.05.06 19:11:00 | 000,001,024 | -H-- | M] () -- C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG

< %windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.* >

< %windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.* >

< %windir%\temp*.* >

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

< %systemroot%\assembly\temp\*.* /S /MD5 >

< %systemroot%\assembly\tmp\*.* /S /MD5 >

[2012.04.08 23:58:09 | 000,303,104 | ---- | M] () MD5=2849F13593D2712CCB97FFBDD3C1232E -- C:\WINDOWS\assembly\tmp\OV17DJPV\System.Runtime.Remoting.dll

< %systemroot%\assembly\GAC_32\*.* /S /MD5 >

[2012.04.08 23:58:12 | 000,069,120 | ---- | M] () MD5=DC426A365577F27187F99EB506ECD5D1 -- C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

[2012.04.08 23:58:16 | 000,072,192 | ---- | M] () MD5=29B35A999E341A37BE67771BE01CC275 -- C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

[2010.02.04 14:05:21 | 000,163,840 | ---- | M] () MD5=36BDD82A92AA704034475C2DEF7FBD29 -- C:\WINDOWS\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll

[2012.04.08 23:58:12 | 000,066,728 | ---- | M] () MD5=C01B81BB10AD14DBC5C4ECD350638096 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\big5.nlp

[2012.04.08 23:58:12 | 000,082,172 | ---- | M] () MD5=EE1F60F8774D74BED8B13498F3FE737A -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\bopomofo.nlp

[2012.04.08 23:58:12 | 000,116,756 | ---- | M] () MD5=F6DFDA5A31162D848634504565F6D321 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\ksc.nlp

[2012.04.08 23:58:12 | 004,550,656 | ---- | M] () MD5=0C57CB0497F75E3B60F913F1C4859257 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

[2012.04.08 23:58:12 | 000,059,342 | ---- | M] () MD5=DA5748A89E22A3932387E65694B25BBB -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normidna.nlp

[2012.04.08 23:58:12 | 000,045,794 | ---- | M] () MD5=3831A5E217D6FA828CCE1011DA26E677 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfc.nlp

[2012.04.08 23:58:12 | 000,039,284 | ---- | M] () MD5=DBDE664E0BA4BACD0A6A04AE2232B205 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfd.nlp

[2012.04.08 23:58:12 | 000,066,384 | ---- | M] () MD5=C9B88B759FE81D59CE8EBF5A0A8EB75A -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkc.nlp

[2012.04.08 23:58:12 | 000,060,294 | ---- | M] () MD5=3CAB6AB66759FCDF73B61EE262C9ACF4 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkd.nlp

[2012.04.08 23:58:12 | 000,083,748 | ---- | M] () MD5=54144F43EDF5AA8F504A30E7C1D1A7B5 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prc.nlp

[2012.04.08 23:58:12 | 000,083,748 | ---- | M] () MD5=901863C68E6523336CAC602FE9320ABC -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prcp.nlp

[2012.04.08 23:58:12 | 000,262,148 | ---- | M] () MD5=FB59D247F7143C3B9683A547E808A88B -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp

[2012.04.08 23:58:12 | 000,020,320 | ---- | M] () MD5=FF13BA175F0013D2311827E0D438C60B -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp

[2012.04.08 23:58:12 | 000,028,288 | ---- | M] () MD5=09E420F90A329BDA68477FA4AF43CB28 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\xjis.nlp

[2011.11.13 12:00:42 | 004,210,688 | ---- | M] () MD5=E968859D798FBF5822DCD1D269215823 -- C:\WINDOWS\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll

[2012.04.08 23:58:04 | 000,486,400 | ---- | M] () MD5=759FD3779911F89C450CCAE06B92AE3A -- C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

[2012.04.08 23:58:20 | 002,933,248 | ---- | M] () MD5=16F96C1496CBD0965285AB19A9271D02 -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

[2012.04.08 23:58:10 | 000,258,048 | ---- | M] () MD5=9631B15DB7C43C267636FF43C3075E07 -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

[2012.04.08 23:58:10 | 000,113,664 | ---- | M] () MD5=E786C33D35D39C5CCB523AECC18D7BD7 -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

[2010.02.04 14:05:25 | 000,368,640 | ---- | M] () MD5=34FA631FAA4B2DF8C0A92B7B5AD9D6E1 -- C:\WINDOWS\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll

[2012.04.08 23:58:08 | 000,261,632 | ---- | M] () MD5=F054572A92573CA32D5F3AA8C15D2BAC -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

[2012.04.08 23:58:03 | 005,246,976 | ---- | M] () MD5=661268A6BEEF1C1B0D1B9137F530A9FD -- C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

< %systemroot%\assembly\GAC_MSIL\*.* /S /MD5 >

[2012.04.08 23:58:11 | 000,010,752 | ---- | M] () MD5=A5A56B4957BD59D324821522FE14F751 -- C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

[2012.04.08 23:58:04 | 000,507,904 | ---- | M] () MD5=B8FE2350B2236EE3D1CECA34E0C0FF17 -- C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

[2012.04.08 23:58:11 | 000,013,312 | ---- | M] () MD5=107F49F1BF0FB27A6CD758EB8C4D95A0 -- C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

[2012.04.08 23:58:16 | 000,008,192 | ---- | M] () MD5=6CD7461E06CB8BAEE3B16C3D7F637CD0 -- C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

[2012.04.08 23:58:16 | 000,077,824 | ---- | M] () MD5=24F0385D06BD86A97412B8905483313E -- C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

[2012.04.08 23:58:14 | 000,006,656 | ---- | M] () MD5=11F3AC2D47E566615819F5BF0DD18379 -- C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

[2010.02.04 14:06:25 | 000,106,496 | ---- | M] () MD5=29CED3B606BA7E2B49E52931C5CB53B7 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll

[2012.04.08 23:58:13 | 000,348,160 | ---- | M] () MD5=996AAEEC01C734347DE8A72542FD1C12 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

[2010.02.04 14:06:26 | 000,733,184 | ---- | M] () MD5=31C6E94759BF4D2FBE3239FFA717967D -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

[2012.04.08 23:58:14 | 000,036,864 | ---- | M] () MD5=D2A1C3150E43738BAB3D0AD9921B3E50 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

[2010.02.04 14:06:26 | 000,036,864 | ---- | M] () MD5=17C6F3F73858732DE59D6D957958E9AF -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

[2010.02.04 14:06:26 | 000,802,816 | ---- | M] () MD5=37F17D4698086C90127BBD90E73D7FE2 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll

[2012.04.08 23:58:15 | 000,655,360 | ---- | M] () MD5=8A3F5B72C3F402C8D33027A4C77F55AC -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

[2010.02.04 14:06:26 | 000,094,208 | ---- | M] () MD5=E32A06F647517D0DEA80F29B459E8FA2 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll

[2012.04.08 23:58:14 | 000,077,824 | ---- | M] () MD5=640BF6BB259B53BEFF59135645C63B18 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

[2012.04.08 23:58:07 | 000,749,568 | ---- | M] () MD5=EB535D00C508119EEE4042B737165A3B -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

[2010.02.04 14:05:21 | 000,397,312 | ---- | M] () MD5=66F6B3248D6C39CEFA49174133A694FE -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll

[2012.04.08 23:58:09 | 000,110,592 | ---- | M] () MD5=D676BC7C829F86A215676281A1032C6B -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

[2012.04.08 23:58:08 | 000,372,736 | ---- | M] () MD5=226956F70AEBBBF5ACBC9ADA6522B6F6 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

[2012.04.08 23:58:14 | 000,028,672 | ---- | M] () MD5=3D61BFCBE13C2DC8F5AE20BF02145322 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

[2012.04.08 23:58:11 | 000,659,456 | ---- | M] () MD5=EFC806A1C4C6CE9F69AECE0AB72C1E34 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

[2010.02.04 14:06:25 | 000,041,984 | ---- | M] () MD5=9F065BF574C956B85DB355C32E7E995E -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll

[2012.04.08 23:58:13 | 000,005,632 | ---- | M] () MD5=7E50D25F9A5BC75F22CA7AEB52176CA2 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

[2012.04.08 23:58:15 | 000,012,800 | ---- | M] () MD5=B27AA2EA41728FAF5E9642CFD2958FB9 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

[2012.04.08 23:58:08 | 000,032,768 | ---- | M] () MD5=D251A67B7D6DE2194F6E264055E020FB -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

[2012.04.08 23:58:11 | 000,007,168 | ---- | M] () MD5=9659028AFA77387D6D2BF4280C10AB94 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

[2010.02.04 14:05:27 | 000,598,016 | ---- | M] () MD5=28595FA306E58AACD7DAFF001F430703 -- C:\WINDOWS\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll

[2010.02.04 14:05:24 | 000,032,768 | ---- | M] () MD5=93F9CC2360815D8EF955407CF92B38AA -- C:\WINDOWS\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll

[2010.02.04 14:05:28 | 000,046,104 | ---- | M] () MD5=8BA7C024070F2B7FDD98ED8A4BA41789 -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe

[2010.02.04 14:05:29 | 000,196,608 | ---- | M] () MD5=0C488A21B5A63055CB7736E3E0C75B1F -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll

[2010.02.04 14:05:29 | 000,139,264 | ---- | M] () MD5=DA8417F8973EC51F0F1859CA0B334FC5 -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll

[2010.02.04 14:05:29 | 000,397,312 | ---- | M] () MD5=7E61032F4F2BAB036B859D3B22D26DD0 -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll

[2010.02.04 14:05:29 | 000,163,840 | ---- | M] () MD5=D1E117EDDEFEB220351BE0C7B27A4646 -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll

[2011.11.13 12:00:43 | 005,279,744 | ---- | M] () MD5=D5A6ADE7FBEE0344D86394CE9F91B67F -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll

[2010.02.04 14:05:30 | 000,864,256 | ---- | M] () MD5=428D3714C85BACE55476C91E0D90E495 -- C:\WINDOWS\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll

[2010.02.04 14:05:25 | 000,528,384 | ---- | M] () MD5=A37D01E48B3908330E780466312D54A6 -- C:\WINDOWS\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll

[2010.02.04 14:06:26 | 000,005,632 | ---- | M] () MD5=807B70A78ACE7D01F769FE502A769E67 -- C:\WINDOWS\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll

[2011.11.13 01:02:53 | 000,110,592 | ---- | M] () MD5=BD6B60E0F4FA84FF4E3089EDF9B81C9A -- C:\WINDOWS\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll

[2012.04.08 23:58:13 | 000,110,592 | ---- | M] () MD5=0AD1C94AB2D36B79B9F2B54EADEB300A -- C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

[2010.02.04 14:06:27 | 000,045,056 | ---- | M] () MD5=B34B75256D536385B927193FB1DCBB81 -- C:\WINDOWS\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll

[2010.02.04 14:06:27 | 000,163,840 | ---- | M] () MD5=212E7E4F44432B5EDA508D454FC01A61 -- C:\WINDOWS\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll

[2010.02.04 14:06:31 | 000,057,344 | ---- | M] () MD5=34AAEA0DCF908A7D3C1D8C2132B0E4D4 -- C:\WINDOWS\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll

[2012.04.08 23:58:16 | 000,081,920 | ---- | M] () MD5=41BC941761FB3D1E21826C3C0E3CEEEE -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

[2012.04.08 23:58:20 | 000,425,984 | ---- | M] () MD5=C1C4025B5F5311AC8BCC318B0C244D58 -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

[2010.02.04 14:06:28 | 000,667,648 | ---- | M] () MD5=6617F24759BB1F3873C88AD9E0DF0435 -- C:\WINDOWS\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll

[2010.02.04 14:06:28 | 000,053,248 | ---- | M] () MD5=1FDC244EEDD9B7804C7829DA11F1522E -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll

[2010.02.04 14:06:28 | 000,229,376 | ---- | M] () MD5=3FE6C3CDB01F039110152B1B0AE4980F -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll

[2010.02.04 14:06:29 | 002,879,488 | ---- | M] () MD5=CB45DFC6F9E1F954A718769D02D9C312 -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll

[2010.02.04 14:06:24 | 000,684,032 | ---- | M] () MD5=DDFB10C4A14ADD5D0A6C96E6DC3D29DF -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll

[2011.11.13 12:04:20 | 000,294,912 | ---- | M] () MD5=2F69FF4ED483D3FF399534F99BD4694A -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll

[2010.02.04 14:06:24 | 000,114,688 | ---- | M] () MD5=0A7F3B1C1A9CC722F48A7A16394F61C4 -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll

[2011.11.13 12:04:20 | 000,442,368 | ---- | M] () MD5=AE975C122A442146D7D5A6A996C42F91 -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll

[2012.04.08 23:58:19 | 000,745,472 | ---- | M] () MD5=6388F9A7AA6E22DDA2E0D84E5BCE537C -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

[2012.04.08 23:58:21 | 000,970,752 | ---- | M] () MD5=97DDAFB2A7B33DC3F746EF35C9EDF892 -- C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

[2012.04.08 23:58:05 | 005,062,656 | ---- | M] () MD5=5C368BEBD58562133856B35BDCEFEADA -- C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

[2010.02.04 14:06:24 | 000,286,720 | ---- | M] () MD5=4C6FBCBB7E7D4E3B0CAAA42043B6A01F -- C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll

[2012.04.08 23:58:10 | 000,188,416 | ---- | M] () MD5=F0D4CE77F1F9D9A7468335B1CE4C061B -- C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

[2012.04.08 23:58:10 | 000,401,408 | ---- | M] () MD5=F485CF34C45F850B25A7E38B08A7C435 -- C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

[2012.04.08 23:58:06 | 000,081,920 | ---- | M] () MD5=36ABC218228871A981027174216A2DA8 -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

[2012.04.08 23:58:18 | 000,626,688 | ---- | M] () MD5=179CC375C81B39902825ABFE3A7CD49D -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

[2010.02.04 14:05:30 | 000,126,976 | ---- | M] () MD5=311A345681A73C66D3EE49C5157A473B -- C:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll

[2011.11.13 01:02:53 | 000,438,272 | ---- | M] () MD5=DB076F159D89B90924C465222BA128FE -- C:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll

[2010.02.04 14:05:22 | 000,131,072 | ---- | M] () MD5=80E67BFFD101CC6312B489BEE255430D -- C:\WINDOWS\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll

[2010.02.04 14:06:29 | 000,143,360 | ---- | M] () MD5=217A1E1DED132261C825313A7FB2616C -- C:\WINDOWS\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll

[2012.04.08 23:58:09 | 000,372,736 | ---- | M] () MD5=EBAADBBFB6C455E54EB6A0E47267D33C -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

[2012.04.08 23:58:09 | 000,258,048 | ---- | M] () MD5=7F9F1F17D368EE1EEA7E246FD934B9EC -- C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

[2010.02.04 14:06:32 | 000,233,472 | ---- | M] () MD5=2E66DE31546A6AB3A8160CE337E1C6BC -- C:\WINDOWS\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll

[2012.04.08 23:58:09 | 000,303,104 | ---- | M] () MD5=2849F13593D2712CCB97FFBDD3C1232E -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

[2012.04.08 23:58:08 | 000,131,072 | ---- | M] () MD5=C415D86079D431E7E1E32D0835A3FE81 -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

[2011.11.13 01:02:54 | 000,970,752 | ---- | M] () MD5=2CF02DF42A90A054D546BF3A85409DC4 -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll

[2012.04.08 23:58:19 | 000,258,048 | ---- | M] () MD5=0DFCD96DED6DB52064203C07B927357E -- C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

[2010.02.04 14:05:23 | 000,073,728 | ---- | M] () MD5=A80F41C8B2168E8B3ADD0AA4FCBDDC93 -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll

[2011.11.13 01:02:55 | 000,032,768 | ---- | M] () MD5=764E1A3E53C5885976F2EE6E206208EF -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll

[2010.02.04 14:06:23 | 000,569,344 | ---- | M] () MD5=1565B7FAFDFA6EEE16101388E57E749F -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll

[2011.11.13 01:02:54 | 005,967,872 | ---- | M] () MD5=4120A37565491CA998E226BCBE8EF6E8 -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll

[2012.04.08 23:58:21 | 000,114,688 | ---- | M] () MD5=50D2943D426BA91771AD87FDEC802AC3 -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

[2010.02.04 14:05:28 | 000,688,128 | ---- | M] () MD5=31588B867657A7DF046AC1908550D73C -- C:\WINDOWS\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll

[2010.02.04 14:06:32 | 000,077,824 | ---- | M] () MD5=2C3559C513F7CD6F95DC382F31A6A22D -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll

[2010.02.04 14:06:33 | 000,032,768 | ---- | M] () MD5=9E0D101B086297D5E166E03A8ACBF260 -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll

[2011.11.13 12:04:20 | 000,229,376 | ---- | M] () MD5=CC8D03C33986926A68696DAAAB5FF2F8 -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll

[2010.02.04 14:06:29 | 000,131,072 | ---- | M] () MD5=A6A5297AAD0A9BA8829D20B1CBD68D32 -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll

[2011.11.13 12:04:20 | 000,139,264 | ---- | M] () MD5=E42797003722BD930D83AB26998394D8 -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll

[2010.02.04 14:06:33 | 000,335,872 | ---- | M] () MD5=7E83B8040233DDCDE03CF7F0A5F2837B -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll

[2012.04.08 23:51:41 | 001,277,952 | ---- | M] () MD5=821B0AAB24CB11417381F8AE881309A2 -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll

[2012.04.08 23:58:06 | 000,835,584 | ---- | M] () MD5=C22D59F4EAC00510D1A86061A428C633 -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

[2012.04.08 23:58:07 | 000,077,824 | ---- | M] () MD5=F27A80887F125661CAC1A6039107428F -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

[2010.02.04 14:06:34 | 000,061,440 | ---- | M] () MD5=5B7868DF14D71D328EE8C1213F852393 -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll

[2012.04.08 23:58:07 | 000,839,680 | ---- | M] () MD5=A89DFA6DB0C3D00559F770A214962A60 -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

[2012.04.08 23:58:05 | 005,025,792 | ---- | M] () MD5=2045A75F511FB99F5B3369E49E0837A2 -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

[2010.02.04 14:06:30 | 000,012,288 | ---- | M] () MD5=044C3400A836E5FB60D4A49EAEC24544 -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll

[2010.02.04 14:05:26 | 001,138,688 | ---- | M] () MD5=A96933F3898290AA509080A90E0C7C5F -- C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll

[2010.02.04 14:05:27 | 001,630,208 | ---- | M] () MD5=C4503F6EADC2638D6898514290A7A60B -- C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll

[2010.02.04 14:05:27 | 000,540,672 | ---- | M] () MD5=6623152B2FB7DC650C6A8FE01AF71F44 -- C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll

[2010.02.04 14:06:23 | 000,507,904 | ---- | M] () MD5=E249D1B3114088C0D390A60643BF2BBC -- C:\WINDOWS\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll

[2010.02.04 14:06:31 | 000,139,264 | ---- | M] () MD5=64925CC79EA9E8245A4F18703CCABEC4 -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll

[2012.04.08 23:58:19 | 002,048,000 | ---- | M] () MD5=EB97291E3C9E0035B47B45DBB1AF710D -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

[2012.04.08 23:58:17 | 003,186,688 | ---- | M] () MD5=47B341F0931D6D11364145FFC6BBB1E7 -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

[2010.02.04 14:05:28 | 000,167,936 | ---- | M] () MD5=F303A07A6EF37B8B6DD928D97A016B75 -- C:\WINDOWS\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll

[2010.02.04 14:05:28 | 000,385,024 | ---- | M] () MD5=09658EF5F16F2ABD74FE577D50C0D155 -- C:\WINDOWS\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll

[2010.02.04 14:05:25 | 000,040,960 | ---- | M] () MD5=A93561FB224FA8539357C74065403630 -- C:\WINDOWS\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll

[2010.02.04 14:05:26 | 000,098,304 | ---- | M] () MD5=5BE33FC308914C1AE6577A908D97A4FF -- C:\WINDOWS\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll

[2011.11.13 12:00:44 | 001,249,280 | ---- | M] () MD5=2B54E384677C419230E016020DA076ED -- C:\WINDOWS\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll

[2010.02.04 14:05:28 | 000,094,208 | ---- | M] () MD5=E205A79EA6C06F91EA08BBE59FE83503 -- C:\WINDOWS\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll

< %systemroot%\system32\*.dll /lockedfiles >

[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /90 >

[2012.03.07 02:58:29 | 000,024,920 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys

[2012.03.07 03:01:30 | 000,020,696 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys

[2012.03.07 03:01:35 | 000,089,048 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswmon.sys

[2012.03.07 03:01:39 | 000,095,704 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys

[2012.03.07 03:02:00 | 000,035,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys

[2012.03.07 03:03:51 | 000,612,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswSnx.sys

[2012.03.07 03:03:38 | 000,337,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswSP.sys

[2012.03.07 03:01:53 | 000,053,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

[2008.07.06 15:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll

[2006.01.28 12:00:00 | 000,049,152 | R--- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\IMFPRINT.DLL

[2007.04.09 14:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\mdippr.dll

[2009.10.29 13:43:02 | 000,010,752 | ---- | M] (EPSON) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\SIMFPR0G.DLL

[2007.12.10 09:00:00 | 000,057,344 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\ZIMFPRNT.DLL

< %systemroot%\*. /mp /s >

< MD5 for: AFD.SYS >

[2008.10.16 18:07:58 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=38D7B715504DA4741DF35E3594FE2099 -- C:\WINDOWS\$NtUninstallKB2592799$\afd.sys

[2009.11.08 14:35:04 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=4D43E74F2A1239D53929B82600F1971C -- C:\WINDOWS\$NtUninstallKB2509553$\afd.sys

[2011.08.17 16:41:46 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=F6B7B1ECD7B41736BDB6FF4B092BCB79 -- C:\WINDOWS\system32\dllcache\afd.sys

[2011.08.17 16:41:46 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=F6B7B1ECD7B41736BDB6FF4B092BCB79 -- C:\WINDOWS\system32\drivers\afd.sys

< MD5 for: ATAPI.SYS >

[2009.11.08 14:46:05 | 017,778,292 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys

[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys

[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys

< MD5 for: DISK.SYS >

[2009.11.08 14:46:05 | 017,778,292 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys

[2008.04.14 14:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: EXPLORER.EXE >

[2008.04.14 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe

[2008.04.14 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: I8042PRT.SYS >

[2009.11.08 14:46:05 | 017,778,292 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:i8042prt.sys

[2008.04.14 14:00:00 | 000,052,480 | ---- | M] (Microsoft Corporation) MD5=4A0B06AA8943C1E332520F7440C0AA30 -- C:\WINDOWS\system32\drivers\i8042prt.sys

< MD5 for: IASTOR.SYS >

[2010.01.07 11:56:48 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\WINDOWS\NLDRV\001\iastor.sys

[2010.01.07 11:56:56 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\WINDOWS\NLDRV\002\iastor.sys

[2010.01.07 11:58:15 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\WINDOWS\NLDRV\003\iastor.sys

[2010.01.07 11:58:22 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\WINDOWS\NLDRV\004\iastor.sys

< MD5 for: IPSEC.SYS >

[2008.04.14 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\system32\dllcache\ipsec.sys

[2008.04.14 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\system32\drivers\ipsec.sys

< MD5 for: LSASS.EXE >

[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\dllcache\lsass.exe

[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NETBT.SYS >

[2008.04.14 14:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=74B2B2F5BEA5E9A3DC021D685551BD3D -- C:\WINDOWS\system32\dllcache\netbt.sys

[2008.04.14 14:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=74B2B2F5BEA5E9A3DC021D685551BD3D -- C:\WINDOWS\system32\drivers\netbt.sys

< MD5 for: REDBOOK.SYS >

[2009.11.08 14:46:05 | 017,778,292 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:redbook.sys

[2008.04.14 01:10:28 | 000,057,600 | ---- | M] (Microsoft Corporation) MD5=F828DD7E1419B6653894A8F97A0094C5 -- C:\WINDOWS\system32\drivers\redbook.sys

< MD5 for: SERIAL.SYS >

[2009.11.08 14:46:05 | 017,778,292 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:serial.sys

[2008.04.14 14:00:00 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=CCA207A8896D4C6A0C9CE29A4AE411A7 -- C:\WINDOWS\system32\drivers\serial.sys

< MD5 for: SVCHOST.EXE >

[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe

[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe

[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

< MD5 for: TCPIP.SYS >

[2009.11.08 14:33:39 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\system32\dllcache\tcpip.sys

[2009.11.08 14:33:39 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >

[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe

[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: VOLSNAP.SYS >

[2008.04.14 14:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- C:\WINDOWS\system32\dllcache\volsnap.sys

[2008.04.14 14:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- C:\WINDOWS\system32\drivers\volsnap.sys

< MD5 for: WINLOGON.EXE >

[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe

[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

========== Files - Unicode (All) ==========

[2012.02.22 15:26:21 | 000,817,152 | ---- | M] ()(C:\Documents and Settings\User\My Documents\????????? ?????????????.doc) -- C:\Documents and Settings\User\My Documents\Στανιμήρα Ντερμεντζίεβα.doc

[2012.02.21 20:50:57 | 000,817,152 | ---- | C] ()(C:\Documents and Settings\User\My Documents\????????? ?????????????.doc) -- C:\Documents and Settings\User\My Documents\Στανιμήρα Ντερμεντζίεβα.doc

[2012.02.18 21:57:42 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\PC\Desktop\~$ ??????? ????????? (1869-1942).doc) -- C:\Documents and Settings\PC\Desktop\~$ ΒΑΣΙΛΗΣ ΚΑΛΑΦΑΤΗΣ (1869-1942).doc

[2012.02.18 21:57:42 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\PC\Desktop\~$ ??????? ????????? (1869-1942).doc) -- C:\Documents and Settings\PC\Desktop\~$ ΒΑΣΙΛΗΣ ΚΑΛΑΦΑΤΗΣ (1869-1942).doc

========== Alternate Data Streams ==========

@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:51394AA5

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DBC416F8

< End of report >

OTL Extras logfile created on: 09.4.2012 г. 18:30:22 - Run 1

OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\User\My Documents\Downloads

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000402 | Country: Bulgaria | Language: BGR | Date Format: dd.M.yyyy 'г.'

503.48 Mb Total Physical Memory | 77.55 Mb Available Physical Memory | 15.40% Memory free

1.20 Gb Paging File | 0.57 Gb Available in Paging File | 47.15% Paging File free

Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 116.44 Gb Total Space | 42.28 Gb Free Space | 36.31% Space Free | Partition Type: NTFS

Drive D: | 116.44 Gb Total Space | 15.01 Gb Free Space | 12.89% Space Free | Partition Type: NTFS

Computer Name: USER-30EF165FC0 | User Name: PC | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1417001333-1645522239-1177238915-1004\SOFTWARE\Classes\<extension>]

.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- "C:\Program Files\Smart File Advisor\sfa.exe" /unknown "%1" (Filefacts.net)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"UpdatesDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 0

"DoNotAllowExceptions" = 0

"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)

"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)

"C:\Program Files\xerox\nwwia\XrxFTPLt.exe" = C:\Program Files\xerox\nwwia\XrxFTPLt.exe:*:Disabled:XrxFTPLt -- ()

"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh

"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6

"{5FC3D110-F94A-48DA-843A-F6DE5C1D4488}_is1" = ЗБУТ+ (Версия 2.11)

"{65163326-FA1A-4385-8668-83AFEEAE96AF}" = FreeUndelete 2.0.35248.1

"{65CE3464-B22F-4B0F-A160-AEF937E0D8D4}" = Декларация Обр.1 и 6

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7A25D130-4EC8-11E1-BEA4-B8AC6F97B88E}" = Google Земя

"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.7

"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{E217DFDD-C483-4736-821B-E3C10D21F67D}" = Recover Disc 2.0

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F9000000-0001-0000-0000-074957833700}" = ABBYY FineReader 9.0 Professional Edition

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Photoshop 7.0" = Adobe Photoshop 7.0

"avast" = avast! Free Antivirus

"BSPlayerf" = BS.Player FREE

"CCleaner" = CCleaner

"CD Recovery Toolbox Free_is1" = CD Recovery Toolbox Free 1.1

"CD/DVD Diagnostic" = CD/DVD Diagnostic

"Easy CD-DA Extractor 12" = Easy CD-DA Extractor 12

"EPSON AL-C1600" = EPSON AL-C1600

"Exact Audio Copy" = Exact Audio Copy 0.99pb3

"Foxit Reader_is1" = Foxit Reader 5.1

"Google Chrome" = Google Chrome

"HDMI" = Intel® Graphics Media Accelerator Driver

"HP-LaserJet 1020 series" = LaserJet 1020 series

"ie8" = Windows Internet Explorer 8

"IsoBuster_is1" = IsoBuster 2.8.5

"KLiteCodecPack_is1" = K-Lite Codec Pack 5.0.0 (Full)

"KONTO_is1" = Konto v.5.80.1

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware, версия 1.60.1.1000

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Mozilla Firefox 11.0 (x86 bg)" = Mozilla Firefox 11.0 (x86 bg)

"MP3 Cutter_is1" = MP3 Cutter 1.8

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"Nero8Lite_is1" = Nero 8 Lite 8.3.2.1

"OrderReminder HP LaserJet 1020" = OrderReminder HP LaserJet 1020

"Plustek USB Scanner" = Plustek USB Scanner

"Recuva" = Recuva

"Smart File Advisor_is1" = Smart File Advisor 1.1.1

"uTorrent" = µTorrent

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"WinRAR archiver" = WinRAR archiver

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 29.2.2012 г. 09:58:04 | Computer Name = USER-30EF165FC0 | Source = Application Hang | ID = 1002

Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 29.2.2012 г. 09:58:04 | Computer Name = USER-30EF165FC0 | Source = Application Hang | ID = 1002

Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 01.3.2012 г. 05:27:43 | Computer Name = USER-30EF165FC0 | Source = Application Hang | ID = 1002

Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 05.3.2012 г. 15:44:52 | Computer Name = USER-30EF165FC0 | Source = Application Error | ID = 1000

Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting

module msxml3.dll, version 8.100.1052.0, fault address 0x000a14f5.

Error - 08.3.2012 г. 06:09:56 | Computer Name = USER-30EF165FC0 | Source = Application Hang | ID = 1002

Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 15.3.2012 г. 17:58:11 | Computer Name = USER-30EF165FC0 | Source = Application Hang | ID = 1002

Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 15.3.2012 г. 17:58:11 | Computer Name = USER-30EF165FC0 | Source = Application Hang | ID = 1002

Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 15.3.2012 г. 17:58:11 | Computer Name = USER-30EF165FC0 | Source = Application Hang | ID = 1002

Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 15.3.2012 г. 17:58:11 | Computer Name = USER-30EF165FC0 | Source = Application Hang | ID = 1002

Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 18.3.2012 г. 18:55:15 | Computer Name = USER-30EF165FC0 | Source = Application Error | ID = 1000

Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting

module mshtml.dll, version 8.0.6001.19170, fault address 0x00067978.

[ System Events ]

Error - 09.4.2012 г. 08:01:12 | Computer Name = USER-30EF165FC0 | Source = Service Control Manager | ID = 7001

Description = The TCP/IP NetBIOS Helper service depends on the AFD service which

failed to start because of the following error: %%31

Error - 09.4.2012 г. 08:01:12 | Computer Name = USER-30EF165FC0 | Source = Service Control Manager | ID = 7001

Description = The IPSEC Services service depends on the IPSEC driver service which

failed to start because of the following error: %%31

Error - 09.4.2012 г. 08:01:12 | Computer Name = USER-30EF165FC0 | Source = Service Control Manager | ID = 7026

Description = The following boot-start or system-start driver(s) failed to load:

Aavmker4 AFD aswRdr aswSnx aswSP aswTdi Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss

SASDIFSV

SASKUTIL

Tcpip

Error - 09.4.2012 г. 08:01:14 | Computer Name = USER-30EF165FC0 | Source = DCOM | ID = 10005

Description = DCOM got error "%1084" attempting to start the service wuauserv with

arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 09.4.2012 г. 08:04:55 | Computer Name = USER-30EF165FC0 | Source = DCOM | ID = 10005

Description = DCOM got error "%1084" attempting to start the service StiSvc with

arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 09.4.2012 г. 08:05:05 | Computer Name = USER-30EF165FC0 | Source = DCOM | ID = 10005

Description = DCOM got error "%1084" attempting to start the service StiSvc with

arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 09.4.2012 г. 08:07:06 | Computer Name = USER-30EF165FC0 | Source = DCOM | ID = 10005

Description = DCOM got error "%1084" attempting to start the service StiSvc with

arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 09.4.2012 г. 08:08:17 | Computer Name = USER-30EF165FC0 | Source = DCOM | ID = 10005

Description = DCOM got error "%1084" attempting to start the service EventSystem

with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 09.4.2012 г. 08:09:50 | Computer Name = USER-30EF165FC0 | Source = Service Control Manager | ID = 7000

Description = The Plustek USB Scanner service failed to start due to the following

error: %%1058

Error - 09.4.2012 г. 10:36:47 | Computer Name = USER-30EF165FC0 | Source = Service Control Manager | ID = 7000

Description = The Plustek USB Scanner service failed to start due to the following

error: %%1058

< End of report >

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

В случай, че имате някакъв проблем или въпрос по инструкциите ми, моля ви спрете до където сте и ме попитайте. Имате нужда от помощ, затова пишете тук и затова аз ви помагам. Когато има нещо, което възпрепятства работата ни, да на действате на своя глава, а да ми обясните какво се случва, за да намерим оптимално решение. Моля, проверете за наличието на следния файл: C:Windowssystem32protector.dll Ако го откривате, влезте в www.virustotal.com и го качете там. Изчакайте сканирането да завърши и копирайте линка. След това го публикувайте в следващия ви коментар в тази тема.


Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Съжалявам. Извинявам се. Не намерих такъв файл C:\Windows\system32\protector.dll

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Мерси!

  • Стартирайте файла Публикувано изображение с двукратен клик на мишката.
  • Под Публикувано изображение с Copy/ Paste въведете изцяло следната текстова информация (само това, което е поставено в карето):
:OTL
IE - HKLMSOFTWAREMicrosoftInternet ExplorerSearch,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=4c41a6ec00000000000000e04c4c3385&tlver=1.4.19.19&ss=1&affID=17981
IE - HKLM..SearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh.com/web?src=ieb&systemid=1&q={searchTerms}
IE - HKLM..SearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb&q={searchTerms}
IE - HKUS-1-5-21-1417001333-1645522239-1177238915-1004..URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - SOFTWAREClassesCLSID{00000000-6E41-4FD3-8538-502F5495E5FC}InprocServer32 File not found
IE - HKUS-1-5-21-1417001333-1645522239-1177238915-1004..SearchScopes{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=110393&babsrc=SP_ss&mntrId=4c41a6ec000000000000001a4d29970b
FF - prefs.js..browser.search.defaultenginename: "search the web (babylon)"
FF - prefs.js..browser.search.order.1: "search the web (babylon)"
FF - prefs.js..browser.search.selectedengine: "search the web (babylon)"
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?af=110393&tt=290312_bexdll&babsrc=hp_ss&mntrid=4c41a6ec00000000000000e04c4c3385"
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.3
FF - prefs.js..keyword.url: "http://search.babylon.com/?af=110393&babsrc=adbartrp&mntrid=4c41a6ec000000000000001a4d29970b&q="
[2012.03.20 01:29:24 | 000,000,000 | ---D | M] (BS Player Community Toolbar) -- C:Documents and SettingsPCApplication DataMozillaFirefoxProfilesbuta0c4f.defaultextensions{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2012.01.03 16:27:44 | 000,002,333 | ---- | M] () -- C:Documents and SettingsPCApplication DataMozillaFirefoxProfilesbuta0c4f.defaultsearchpluginsaskcom.xml
[2010.09.02 11:09:28 | 000,002,486 | ---- | M] () -- C:Program Filesmozilla firefoxsearchpluginsiMeshWebSearch.xml
O2 - BHO: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No CLSID value found.
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:Program FilesConduitEngineprxConduitEngine.dll File not found
O2 - BHO: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:Program FilesAsk.comGenericAskToolbar.dll File not found
O2 - BHO: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:Program FilesBS_PlayerprxtbBS_0.dll (Conduit Ltd.)
O3 - HKLM..Toolbar: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No CLSID value found.
O3 - HKLM..Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:Program FilesConduitEngineprxConduitEngine.dll File not found
O3 - HKLM..Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM..Toolbar: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:Program FilesAsk.comGenericAskToolbar.dll File not found
O3 - HKLM..Toolbar: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:Program FilesBS_PlayerprxtbBS_0.dll (Conduit Ltd.)
O3 - HKLM..Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKUS-1-5-21-1417001333-1645522239-1177238915-1004..ToolbarWebBrowser: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:Program FilesAsk.comGenericAskToolbar.dll File not found
O20 - AppInit_DLLs: (protector.dll) - File not found
[2012.04.01 15:55:59 | 000,000,000 | ---D | C] -- C:Documents and SettingsPCLocal SettingsApplication DataBabylon
[2012.04.01 15:55:57 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication DataBabylon
[2012.04.01 15:55:56 | 000,000,000 | ---D | C] -- C:Documents and SettingsPCApplication DataBabylon
[2012.04.01 15:55:31 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication DatabProtector
[2011.05.06 08:57:41 | 000,000,224 | ---- | C] () -- C:Documents and SettingsAll UsersApplication Data~18734884
[2011.05.06 08:57:41 | 000,000,136 | ---- | C] () -- C:Documents and SettingsAll UsersApplication Data~18734884r
[2011.05.06 08:57:35 | 000,000,400 | ---- | C] () -- C:Documents and SettingsAll UsersApplication Data18734884
[2011.05.01 15:35:45 | 000,015,388 | -HS- | C] () -- C:Documents and SettingsAll UsersApplication Data3po52o47a0m5
[2011.01.09 00:33:00 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Data0265
[2011.05.06 17:06:35 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataAVG10
[2012.04.01 15:55:57 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataBabylon
[2011.05.03 12:36:20 | 000,000,000 | -H-D | M] -- C:Documents and SettingsPCApplication DataAVG10
[2012.04.01 15:55:56 | 000,000,000 | ---D | M] -- C:Documents and SettingsPCApplication DataBabylon

:files
C:Program FilesAsk.com
C:Program FilesConduitEngine

:commands
[emptytemp]
[clearallrestorepoints]
След като въведете скрипта от цитата по-горе натиснете бутона, маркиран в червено: Run Fix

Windows ще се рестартира и ще се създаде лог файл - OTL fix log. Публикувайте съдържанието му с Copy/Paste в следващия си коментар.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

All processes killed ========== OTL ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}\ not found. Registry value HKEY_USERS\S-1-5-21-1417001333-1645522239-1177238915-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully. Registry key HKEY_USERS\S-1-5-21-1417001333-1645522239-1177238915-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found. Prefs.js: "search the web (babylon)" removed from browser.search.defaultenginename Prefs.js: "search the web (babylon)" removed from browser.search.order.1 Prefs.js: "search the web (babylon)" removed from browser.search.selectedengine Prefs.js: "http://search.babylon.com/?af=110393&tt=290312_bexdll&babsrc=hp_ss&mntrid=4c41a6ec00000000000000e04c4c3385" removed from browser.startup.homepage Prefs.js: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.3 removed from extensions.enabledItems Prefs.js: "http://search.babylon.com/?af=110393&babsrc=adbartrp&mntrid=4c41a6ec000000000000001a4d29970b&q=" removed from keyword.url C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\buta0c4f.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\searchplugin folder moved successfully. C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\buta0c4f.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\modules folder moved successfully. C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\buta0c4f.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\META-INF folder moved successfully. C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\buta0c4f.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults folder moved successfully. C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\buta0c4f.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components folder moved successfully. C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\buta0c4f.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\chrome folder moved successfully. C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\buta0c4f.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} folder moved successfully. C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\buta0c4f.default\searchplugins\askcom.xml moved successfully. C:\Program Files\Mozilla Firefox\searchplugins\iMeshWebSearch.xml moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ deleted successfully. C:\Program Files\BS_Player\prxtbBS_0.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{28387537-e3f9-4ed7-860c-11e69af4a8a0} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ not found. File C:\Program Files\BS_Player\prxtbBS_0.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully. Registry value HKEY_USERS\S-1-5-21-1417001333-1645522239-1177238915-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:protector.dll deleted successfully. C:\Documents and Settings\PC\Local Settings\Application Data\Babylon\Setup\HtmlScreens folder moved successfully. C:\Documents and Settings\PC\Local Settings\Application Data\Babylon\Setup folder moved successfully. C:\Documents and Settings\PC\Local Settings\Application Data\Babylon folder moved successfully. C:\Documents and Settings\All Users\Application Data\Babylon folder moved successfully. C:\Documents and Settings\PC\Application Data\Babylon folder moved successfully. C:\Documents and Settings\All Users\Application Data\bProtector folder moved successfully. C:\Documents and Settings\All Users\Application Data\~18734884 moved successfully. C:\Documents and Settings\All Users\Application Data\~18734884r moved successfully. C:\Documents and Settings\All Users\Application Data\18734884 moved successfully. C:\Documents and Settings\All Users\Application Data\3po52o47a0m5 moved successfully. C:\Documents and Settings\All Users\Application Data\0265 folder moved successfully. C:\Documents and Settings\All Users\Application Data\AVG10 folder moved successfully. Folder C:\Documents and Settings\All Users\Application Data\Babylon\ not found. C:\Documents and Settings\PC\Application Data\AVG10\cfgall folder moved successfully. C:\Documents and Settings\PC\Application Data\AVG10 folder moved successfully. Folder C:\Documents and Settings\PC\Application Data\Babylon\ not found. ========== FILES ========== File\Folder C:\Program Files\Ask.com not found. File\Folder C:\Program Files\ConduitEngine not found. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 2936317 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33237 bytes User: PC ->Temp folder emptied: 592181267 bytes ->Temporary Internet Files folder emptied: 304864743 bytes ->FireFox cache emptied: 58037483 bytes ->Google Chrome cache emptied: 315278944 bytes ->Flash cache emptied: 210993 bytes User: User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->FireFox cache emptied: 91277999 bytes ->Google Chrome cache emptied: 8457091 bytes ->Flash cache emptied: 193392 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2402044 bytes %systemroot%\System32 .tmp files removed: 2577 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 455234586 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 162587999 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 1 902.00 mb Unable to start service SRService! OTL by OldTimer - Version 3.2.39.2 log created on 04092012_232527 Files\Folders moved on Reboot... Registry entries deleted on Reboot...

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Имаме ли подобрение?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Да, има подобрение, благодаря ви много. Babillon пак се появи, мисля да деинсталирам мозила. При другите браузери я няма.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Моля, генерирайте нов лог файл от OTL и го публикувайте в следващия си пост. Искам да видя как стоят нещата с Babylon.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Ето лога All processes killed ========== OTL ========== HKLMSOFTWAREMicrosoftInternet ExplorerSearchSearchAssistant| /E : value set successfully! Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} not found. Registry value HKEY_USERSS-1-5-21-1417001333-1645522239-1177238915-1004SoftwareMicrosoftInternet ExplorerURLSearchHooks{00000000-6E41-4FD3-8538-502F5495E5FC} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{00000000-6E41-4FD3-8538-502F5495E5FC} not found. Registry key HKEY_USERSS-1-5-21-1417001333-1645522239-1177238915-1004SoftwareMicrosoftInternet ExplorerSearchScopes{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} not found. Prefs.js: "search the web (babylon)" removed from browser.search.defaultenginename Prefs.js: "search the web (babylon)" removed from browser.search.order.1 Prefs.js: "search the web (babylon)" removed from browser.search.selectedengine Prefs.js: "http://search.babylon.com/?af=110393&tt=290312_bexdll&babsrc=hp_ss&mntrid=4c41a6ec00000000000000e04c4c3385" removed from browser.startup.homepage Prefs.js: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.3 removed from extensions.enabledItems Prefs.js: "http://search.babylon.com/?af=110393&babsrc=adbartrp&mntrid=4c41a6ec000000000000001a4d29970b&q=" removed from keyword.url Folder C:Documents and SettingsPCApplication DataMozillaFirefoxProfilesbuta0c4f.defaultextensions{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} not found. File C:Documents and SettingsPCApplication DataMozillaFirefoxProfilesbuta0c4f.defaultsearchpluginsaskcom.xml not found. File C:Program Filesmozilla firefoxsearchpluginsiMeshWebSearch.xml not found. Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{28387537-e3f9-4ed7-860c-11e69af4a8a0} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{28387537-e3f9-4ed7-860c-11e69af4a8a0} not found. Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{30F9B915-B755-4826-820B-08FBA6BD249D} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{30F9B915-B755-4826-820B-08FBA6BD249D} not found. Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{D4027C7F-154A-4066-A1AD-4243D8127440} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{D4027C7F-154A-4066-A1AD-4243D8127440} not found. Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} not found. File C:Program FilesBS_PlayerprxtbBS_0.dll not found. Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar{28387537-e3f9-4ed7-860c-11e69af4a8a0} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{28387537-e3f9-4ed7-860c-11e69af4a8a0} not found. Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar{30F9B915-B755-4826-820B-08FBA6BD249D} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{30F9B915-B755-4826-820B-08FBA6BD249D} not found. Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar{98889811-442D-49dd-99D7-DC866BE87DBC} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{98889811-442D-49dd-99D7-DC866BE87DBC} not found. Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar{D4027C7F-154A-4066-A1AD-4243D8127440} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{D4027C7F-154A-4066-A1AD-4243D8127440} not found. Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} not found. File C:Program FilesBS_PlayerprxtbBS_0.dll not found. Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar10 not found. Registry value HKEY_USERSS-1-5-21-1417001333-1645522239-1177238915-1004SoftwareMicrosoftInternet ExplorerToolbarWebBrowser{D4027C7F-154A-4066-A1AD-4243D8127440} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{D4027C7F-154A-4066-A1AD-4243D8127440} not found. Registry value HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindowsAppInit_Dlls:protector.dll deleted successfully. Folder C:Documents and SettingsPCLocal SettingsApplication DataBabylon not found. Folder C:Documents and SettingsAll UsersApplication DataBabylon not found. Folder C:Documents and SettingsPCApplication DataBabylon not found. Folder C:Documents and SettingsAll UsersApplication DatabProtector not found. File C:Documents and SettingsAll UsersApplication Data~18734884 not found. File C:Documents and SettingsAll UsersApplication Data~18734884r not found. File C:Documents and SettingsAll UsersApplication Data18734884 not found. File C:Documents and SettingsAll UsersApplication Data3po52o47a0m5 not found. Folder C:Documents and SettingsAll UsersApplication Data0265 not found. Folder C:Documents and SettingsAll UsersApplication DataAVG10 not found. Folder C:Documents and SettingsAll UsersApplication DataBabylon not found. Folder C:Documents and SettingsPCApplication DataAVG10 not found. Folder C:Documents and SettingsPCApplication DataBabylon not found. ========== FILES ========== FileFolder C:Program FilesAsk.com not found. FileFolder C:Program FilesConduitEngine not found. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: PC ->Temp folder emptied: 1320046 bytes ->Temporary Internet Files folder emptied: 45465411 bytes ->FireFox cache emptied: 75859906 bytes ->Google Chrome cache emptied: 8290865 bytes ->Flash cache emptied: 615 bytes User: User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%System32 .tmp files removed: 0 bytes %systemroot%System32dllcache .tmp files removed: 0 bytes %systemroot%System32drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 90 bytes %systemroot%system32configsystemprofileLocal SettingsTemp folder emptied: 0 bytes %systemroot%system32configsystemprofileLocal SettingsTemporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 125.00 mb Unable to start service SRService! OTL by OldTimer - Version 3.2.39.2 log created on 04102012_221017 FilesFolders moved on Reboot... Registry entries deleted on Reboot...

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

OTL.Txt

OTL logfile created on: 11.4.2012 г. 13:16:48 - Run 2

OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\User\My Documents\Downloads

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000402 | Country: Bulgaria | Language: BGR | Date Format: dd.M.yyyy 'г.'

503.48 Mb Total Physical Memory | 133.71 Mb Available Physical Memory | 26.56% Memory free

1.20 Gb Paging File | 0.54 Gb Available in Paging File | 44.95% Paging File free

Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 116.44 Gb Total Space | 44.08 Gb Free Space | 37.85% Space Free | Partition Type: NTFS

Drive D: | 116.44 Gb Total Space | 15.01 Gb Free Space | 12.89% Space Free | Partition Type: NTFS

Computer Name: USER-30EF165FC0 | User Name: PC | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2012.04.09 23:28:49 | 001,224,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

PRC - [2012.04.09 18:25:56 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\My Documents\Downloads\OTL.exe

PRC - [2012.03.07 03:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe

PRC - [2012.03.07 03:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe

PRC - [2011.12.01 12:29:10 | 002,424,192 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

PRC - [2008.04.14 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007.11.02 19:58:38 | 000,566,560 | ---- | M] (ABBYY (BIT Software)) -- C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe

PRC - [2006.01.30 12:00:00 | 000,098,304 | R--- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe

========== Modules (No Company Name) ==========

MOD - [2012.04.11 10:14:16 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll

MOD - [2012.04.11 09:02:40 | 001,755,136 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12041100\algo.dll

MOD - [2012.04.09 23:28:48 | 000,444,400 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\18.0.1025.152\ppgooglenaclpluginchrome.dll

MOD - [2012.04.09 23:28:46 | 003,915,248 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\18.0.1025.152\pdf.dll

MOD - [2012.04.09 23:27:21 | 000,122,880 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\18.0.1025.152\avutil-51.dll

MOD - [2012.04.09 23:27:20 | 000,220,672 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\18.0.1025.152\avformat-53.dll

MOD - [2012.04.09 23:27:19 | 001,747,456 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\18.0.1025.152\avcodec-53.dll

MOD - [2012.04.09 22:42:11 | 008,743,584 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\18.0.1025.152\gcswf32.dll

MOD - [2011.12.01 12:26:00 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll

MOD - [2011.12.01 12:25:53 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

MOD - [2011.05.06 20:34:51 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)

SRV - [2012.03.07 03:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV - [2007.11.02 19:58:38 | 000,566,560 | ---- | M] (ABBYY (BIT Software)) [Auto | Running] -- C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - [2012.03.07 03:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)

DRV - [2012.03.07 03:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2012.03.07 03:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2012.03.07 03:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2012.03.07 03:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2012.03.07 03:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2012.03.07 02:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2010.05.10 21:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2010.02.17 21:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)

DRV - [2009.12.08 13:03:00 | 006,017,568 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2009.11.18 02:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)

DRV - [2009.11.18 02:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)

DRV - [2008.08.28 10:40:40 | 000,111,104 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)

DRV - [2003.10.28 15:17:52 | 000,005,273 | ---- | M] (Arrowkey) [Kernel | Auto | Running] -- C:\Program Files\InfinaDyne\Shared\CDRPDACC.SYS -- (CDRPDACC)

DRV - [2000.06.22 12:42:48 | 000,017,332 | ---- | M] ( ) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\UScanner.SYS -- (USB680x)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.google.bg/

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\System32\blank.htm

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.bg/

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = bg

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 C1 07 87 76 09 CC 01 [binary data]

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\..\SearchScopes,bProtectorDefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SKPB_en

IE - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.order.1: ""

FF - prefs.js..browser.search.selectedengine: ""

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011.11.13 11:57:51 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.03.20 17:48:15 | 000,000,000 | ---D | M]

[2011.05.03 17:01:49 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\PC\Application Data\Mozilla\Extensions

[2011.05.03 17:01:49 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\PC\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2012.04.08 22:43:47 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\buta0c4f.default\extensions

[2012.04.08 22:43:47 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\buta0c4f.default\extensions\foxmarks@kei.com

[2012.03.20 17:48:15 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

[2011.06.07 12:35:34 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.152\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.152\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.152\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = D:\PFiles\Plugins\np-mswmp.dll

CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - Extension: YouTube = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Google Search = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: avast! WebRep = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\

CHR - Extension: Gmail = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [bluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)

O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)

O4 - HKLM..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)

O4 - HKLM..\Run: [instantAccess] C:\Program Files\ScannerU\TBRIDGE\BIN\InstantAccess.exe ()

O4 - HKLM..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe (Hewlett-Packard)

O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)

O4 - HKLM..\Run: [RegisterDropHandler] C:\Program Files\ScannerU\TBridge\Bin\RegisterDropHandler.exe ()

O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)

O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)

O4 - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)

O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)

O4 - HKLM..\RunServices: [RegisterDropHandler] C:\Program Files\ScannerU\TBridge\Bin\RegisterDropHandler.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1417001333-1645522239-1177238915-1004\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\wshbth.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1307386615703 (WUWebControl Class)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1307386724750 (MUWebControl Class)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2BA5C57-775D-4485-B503-FCDBDBA85C3C}: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)

O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)

O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)

O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)

O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O24 - Desktop Components:0 (My Current Home Page) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\PC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\PC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010.02.04 13:30:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\F\Shell - "" = AutoRun

O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found

NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpReg: My Web Search Bar Search Scope Monitor - hkey= - key= - File not found

MsConfig - StartUpReg: MyWebSearch Email Plugin - hkey= - key= - File not found

MsConfig - StartUpReg: Smart File Advisor - hkey= - key= - C:\Program Files\Smart File Advisor\sfa.exe (Filefacts.net)

MsConfig - State: "system.ini" - 0

MsConfig - State: "win.ini" - 0

MsConfig - State: "bootini" - 0

MsConfig - State: "services" - 0

MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vga.sys - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

========== Files/Folders - Created Within 90 Days ==========

[2012.04.09 23:25:27 | 000,000,000 | ---D | C] -- C:\_OTL

[2012.04.08 21:32:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos

[2012.04.08 21:32:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures

[2012.04.08 21:32:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music

[2012.04.08 21:32:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\PC\Start Menu\Programs\Administrative Tools

[2012.04.08 15:49:46 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2012.04.08 15:49:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2012.04.07 23:05:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\пчеларство_files

[2012.04.07 18:21:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\регистрация Т.ГАФАРОВ

[2012.04.05 22:29:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Desktop\печат янкова

[2012.04.01 15:55:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Application Data\eType

[2012.04.01 15:55:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService

[2012.03.31 15:13:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Application Data\Foxit Software

[2012.03.31 14:59:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\РЕГИСТРАЦИЯ ГИНДА

[2012.03.30 11:45:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump

[2012.03.28 15:58:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Desktop\конвектомат

[2012.03.26 23:53:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth

[2012.03.26 19:29:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Foxit Reader 5.1

[2012.03.26 19:27:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Local Settings\Application Data\APN

[2012.03.26 19:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software

[2012.02.18 21:26:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\EPSON

[2012.02.18 21:26:06 | 000,376,832 | ---- | C] (EPSON) -- C:\WINDOWS\System32\SSMCML0G.DLL

[2012.02.18 21:26:06 | 000,051,200 | ---- | C] (EPSON) -- C:\WINDOWS\System32\SSPOOL0G.DLL

[2012.02.18 21:26:06 | 000,019,456 | ---- | C] (EPSON) -- C:\WINDOWS\System32\STAG320G.DLL

[2012.02.18 21:26:05 | 000,102,400 | ---- | C] (EPSON) -- C:\WINDOWS\System32\SLMON_0G.DLL

[2012.02.18 21:26:05 | 000,013,824 | ---- | C] (EPSON) -- C:\WINDOWS\System32\SIMF320G.DLL

[2012.02.18 21:26:05 | 000,009,728 | ---- | C] (EPSON) -- C:\WINDOWS\System32\SICM__0G.DLL

[2012.02.18 21:26:03 | 000,036,864 | ---- | C] (EPSON) -- C:\WINDOWS\System32\SCMM__0G.DLL

[2012.02.18 21:26:03 | 000,023,552 | ---- | C] (EPSON) -- C:\WINDOWS\System32\SGDI320G.DLL

[2012.02.18 21:26:01 | 000,000,000 | ---D | C] -- C:\Program Files\EPSON_P1

[2012.02.07 00:31:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Desktop\snimki prodavalnikk

[2012.01.31 20:05:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DatacardService

[2012.01.25 12:42:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\ПЖ СИНЕМАС

[2012.01.12 22:56:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\регистрация Галина

[2012.01.12 22:29:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\РЕГИСТРАЦИЯ БУБЛИК

[28 C:\Documents and Settings\User\My Documents\*.tmp files -> C:\Documents and Settings\User\My Documents\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2012.04.11 12:50:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012.04.11 11:04:41 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\Microsoft Office Word 2003.lnk

[2012.04.11 10:57:07 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk

[2012.04.11 10:56:53 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\Microsoft Office Excel 2003.lnk

[2012.04.11 10:27:57 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C224D257-9D07-40A1-9744-FF4262AFBB00}.job

[2012.04.11 10:12:05 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012.04.11 10:11:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012.04.09 22:09:45 | 000,038,400 | ---- | M] () -- C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.04.09 12:28:23 | 000,002,425 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Декларации Обр.1 и 6.lnk

[2012.04.09 09:56:35 | 000,134,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012.04.08 23:58:38 | 000,432,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2012.04.08 23:58:38 | 000,067,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2012.04.08 23:55:25 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2012.04.08 18:26:49 | 000,000,520 | ---- | M] () -- C:\Documents and Settings\User\My Documents\spider.sav

[2012.04.08 15:49:49 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2012.04.07 23:15:28 | 000,482,152 | ---- | M] () -- C:\Documents and Settings\User\My Documents\финансиране на пчеларство.mht

[2012.04.07 23:11:14 | 000,482,000 | ---- | M] () -- C:\Documents and Settings\User\My Documents\пчеларство.mht

[2012.04.07 23:07:54 | 000,481,711 | ---- | M] () -- C:\Documents and Settings\User\My Documents\отглеждане на пчели.mht

[2012.04.07 23:05:58 | 000,182,943 | ---- | M] () -- C:\Documents and Settings\User\My Documents\пчеларство.htm

[2012.04.07 10:47:33 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012.04.06 14:59:22 | 000,280,304 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\IMG[1].pdf

[2012.04.03 23:59:06 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2012.04.03 11:56:18 | 000,481,198 | ---- | M] () -- C:\Documents and Settings\User\My Documents\Adapted_Food_Safety-corrective_BG_doc.mht

[2012.04.01 15:56:24 | 000,000,237 | ---- | M] () -- C:\user.js

[2012.03.31 20:56:57 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2012.03.31 11:50:32 | 000,511,528 | ---- | M] () -- C:\Documents and Settings\User\My Documents\4FBDB27BF30EFB85EEE511375F8D2C26[1].pdf

[2012.03.31 11:45:37 | 000,312,520 | ---- | M] () -- C:\Documents and Settings\User\My Documents\03A8426019745283DCC135832511FD43[1].pdf

[2012.03.29 14:32:54 | 000,090,823 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\product_6779.jpg

[2012.03.26 23:53:31 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Земя.lnk

[2012.03.26 19:29:30 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader 5.1.lnk

[2012.03.24 21:57:52 | 000,032,539 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\resized_0.01.jpg

[2012.03.24 20:57:12 | 000,555,507 | ---- | M] () -- C:\Documents and Settings\User\My Documents\8655_scherzo_op_29_no_2.pdf

[2012.03.24 20:54:23 | 000,610,275 | ---- | M] () -- C:\Documents and Settings\User\My Documents\42664_etyud_no_1_sol-bemol_mazhor_op_30.pdf

[2012.03.24 20:53:25 | 000,572,216 | ---- | M] () -- C:\Documents and Settings\User\My Documents\60835_tri_pesy_dlya_fortepiano_op_25.pdf

[2012.03.18 21:03:49 | 000,002,483 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\Microsoft Office PowerPoint 2003.lnk

[2012.03.07 03:15:19 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2012.03.07 03:15:14 | 000,201,352 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2012.03.07 03:03:51 | 000,612,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys

[2012.03.07 03:03:38 | 000,337,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2012.03.07 03:02:00 | 000,035,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2012.03.07 03:01:53 | 000,053,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2012.03.07 03:01:39 | 000,095,704 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2012.03.07 03:01:35 | 000,089,048 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2012.03.07 03:01:30 | 000,020,696 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2012.03.07 02:58:29 | 000,024,920 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2012.03.04 13:41:59 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2012.02.19 16:47:46 | 003,026,061 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\ALC1600_UG_RU.PDF

[2012.02.03 12:26:17 | 001,869,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys

[2012.02.03 12:26:17 | 001,869,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys

[2012.01.30 19:45:27 | 000,000,523 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\LCHome.lnk

[2012.01.29 19:37:46 | 000,052,935 | ---- | M] () -- C:\Documents and Settings\User\My Documents\5_ОТЧЕТ ЗА ПРИХОДИТЕ И РАЗХОДИТЕ_2011_NF2.pdf

[2012.01.29 19:36:55 | 000,049,800 | ---- | M] () -- C:\Documents and Settings\User\My Documents\4_СЧЕТОВОДЕН БАЛАНС_2011_NF2.pdf

[2012.01.13 18:08:22 | 001,105,510 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\кедър.tif

[28 C:\Documents and Settings\User\My Documents\*.tmp files -> C:\Documents and Settings\User\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.04.08 20:54:15 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012.04.08 20:54:15 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll

[2012.04.08 15:49:49 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2012.04.07 23:15:23 | 000,482,152 | ---- | C] () -- C:\Documents and Settings\User\My Documents\финансиране на пчеларство.mht

[2012.04.07 23:11:06 | 000,482,000 | ---- | C] () -- C:\Documents and Settings\User\My Documents\пчеларство.mht

[2012.04.07 23:07:52 | 000,481,711 | ---- | C] () -- C:\Documents and Settings\User\My Documents\отглеждане на пчели.mht

[2012.04.07 23:05:54 | 000,182,943 | ---- | C] () -- C:\Documents and Settings\User\My Documents\пчеларство.htm

[2012.04.06 15:00:46 | 000,280,304 | ---- | C] () -- C:\Documents and Settings\PC\Desktop\IMG[1].pdf

[2012.04.03 11:56:13 | 000,481,198 | ---- | C] () -- C:\Documents and Settings\User\My Documents\Adapted_Food_Safety-corrective_BG_doc.mht

[2012.04.01 15:56:22 | 000,000,237 | ---- | C] () -- C:\user.js

[2012.03.31 11:51:31 | 000,511,528 | ---- | C] () -- C:\Documents and Settings\User\My Documents\4FBDB27BF30EFB85EEE511375F8D2C26[1].pdf

[2012.03.31 11:46:11 | 000,312,520 | ---- | C] () -- C:\Documents and Settings\User\My Documents\03A8426019745283DCC135832511FD43[1].pdf

[2012.03.29 14:33:28 | 000,090,823 | ---- | C] () -- C:\Documents and Settings\PC\Desktop\product_6779.jpg

[2012.03.26 23:53:31 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Земя.lnk

[2012.03.26 19:29:30 | 000,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader 5.1.lnk

[2012.03.24 21:58:13 | 000,032,539 | ---- | C] () -- C:\Documents and Settings\PC\Desktop\resized_0.01.jpg

[2012.03.24 20:57:12 | 000,555,507 | ---- | C] () -- C:\Documents and Settings\User\My Documents\8655_scherzo_op_29_no_2.pdf

[2012.03.24 20:54:23 | 000,610,275 | ---- | C] () -- C:\Documents and Settings\User\My Documents\42664_etyud_no_1_sol-bemol_mazhor_op_30.pdf

[2012.03.24 20:53:25 | 000,572,216 | ---- | C] () -- C:\Documents and Settings\User\My Documents\60835_tri_pesy_dlya_fortepiano_op_25.pdf

[2012.02.19 16:48:00 | 003,026,061 | ---- | C] () -- C:\Documents and Settings\PC\Desktop\ALC1600_UG_RU.PDF

[2012.02.18 21:27:46 | 000,747,496 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Remote_Panel_P.exe

[2012.02.18 21:26:06 | 000,031,910 | ---- | C] () -- C:\WINDOWS\SSUMLT0G.INI

[2012.02.18 21:26:06 | 000,000,061 | ---- | C] () -- C:\WINDOWS\System32\SSEP010G.SEP

[2012.01.29 19:37:46 | 000,052,935 | ---- | C] () -- C:\Documents and Settings\User\My Documents\5_ОТЧЕТ ЗА ПРИХОДИТЕ И РАЗХОДИТЕ_2011_NF2.pdf

[2012.01.29 19:36:55 | 000,049,800 | ---- | C] () -- C:\Documents and Settings\User\My Documents\4_СЧЕТОВОДЕН БАЛАНС_2011_NF2.pdf

[2012.01.13 18:08:22 | 001,105,510 | ---- | C] () -- C:\Documents and Settings\PC\Desktop\кедър.tif

[2011.05.15 00:53:52 | 000,038,400 | ---- | C] () -- C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011.01.30 15:30:04 | 000,000,021 | ---- | C] () -- C:\WINDOWS\pccuo.ini

[2010.12.18 22:24:34 | 000,000,093 | ---- | C] () -- C:\WINDOWS\Tb98.ini

[2010.12.18 22:23:59 | 000,017,332 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\UScanner.SYS

[2010.12.18 22:16:46 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\xrxscnui.dll

[2010.06.17 18:43:25 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat

[2010.06.16 13:05:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

========== LOP Check ==========

[2011.12.20 12:46:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software

[2011.05.03 12:28:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2012.01.31 20:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DatacardService

[2010.03.21 22:42:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easy CD-DA Extractor

[2012.04.08 17:30:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService

[2011.11.21 16:32:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate

[2011.05.06 17:05:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData

[2011.11.21 16:32:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Premium

[2011.03.15 02:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2012.03.27 13:48:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\BSplayer

[2011.05.15 23:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\BSplayer Pro

[2011.06.12 18:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\CoSoSys

[2011.05.19 00:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Crystal Player

[2012.04.01 15:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\eType

[2012.03.31 15:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Foxit Software

[2011.05.06 19:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\OfficeRecovery

[2012.04.01 20:36:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\uTorrent

[2011.01.12 22:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\BluetoothDriverInstaller

[2011.03.19 23:45:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Breakpad

[2010.12.14 23:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\BSplayer

[2010.06.10 23:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\BSplayer Pro

[2011.01.07 23:35:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\imeshbandmltbpi

[2011.03.19 23:15:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\InfinaDyne

[2011.03.19 23:45:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Installer

[2011.03.23 02:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Ticno

[2010.06.17 00:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Uniblue

[2011.04.30 19:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\uTorrent

[2010.12.18 22:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Xerox

[2012.04.11 10:27:57 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{C224D257-9D07-40A1-9744-FF4262AFBB00}.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >

[2010.12.27 23:52:46 | 000,563,001 | ---- | M] (PKWARE, Inc.) -- C:\ast54win.exe

[2010.12.27 23:53:29 | 000,004,304 | ---- | M] () -- C:\ASTROLOG.DAT

[2010.02.04 13:30:15 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2011.05.03 12:09:01 | 000,000,211 | -HS- | M] () -- C:\boot.ini

[2010.02.04 13:30:15 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2008.01.13 16:26:46 | 000,263,168 | ---- | M] () -- C:\COPYDAT7.EXE

[1992.05.18 10:15:12 | 000,020,768 | ---- | M] () -- C:\CYRDRV.COM

[2011.09.03 10:47:47 | 000,000,291 | ---- | M] () -- C:\EMP2008.DBF

[2010.02.04 13:30:15 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2010.02.04 13:30:15 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2008.04.14 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2008.04.14 14:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr

[2012.04.11 10:11:52 | 792,723,456 | -HS- | M] () -- C:\pagefile.sys

[2011.01.01 15:08:26 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET

[2011.05.06 20:32:33 | 000,002,048 | ---- | M] () -- C:\Uninstall.dat

[2012.04.01 15:56:24 | 000,000,237 | ---- | M] () -- C:\user.js

< %USERPROFILE%\*.* >

[2012.04.11 00:19:06 | 095,944,704 | -H-- | M] () -- C:\Documents and Settings\PC\NTUSER.DAT

[2012.04.11 13:22:15 | 000,001,024 | -H-- | M] () -- C:\Documents and Settings\PC\ntuser.dat.LOG

[2012.04.11 00:19:06 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\PC\ntuser.ini

< %USERPROFILE%\Application Data\*.* >

[2010.02.04 14:34:04 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\PC\Application Data\desktop.ini

< %USERPROFILE%\Local Settings\Application Data\*.* >

[2012.04.09 22:09:45 | 000,038,400 | ---- | M] () -- C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011.05.03 17:01:21 | 000,022,584 | -H-- | M] () -- C:\Documents and Settings\PC\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

[2011.05.09 09:46:31 | 007,405,258 | -H-- | M] () -- C:\Documents and Settings\PC\Local Settings\Application Data\IconCache.db

< %AllUsersProfile%\*.* >

[2011.03.23 01:34:13 | 000,000,256 | ---- | M] () -- C:\Documents and Settings\All Users\file.lic

< %AllUsersProfile%\Application Data\*.* >

[2010.02.04 14:34:04 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini

[2010.06.17 18:43:25 | 000,000,032 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat

< %USERPROFILE%\My Documents\*.* >

< %CommonProgramFiles%\*.* >

< %PROGRAMFILES%\*.* >

< %systemroot%\system32\config\systemprofile\*.* >

[2011.05.03 12:05:37 | 000,266,240 | ---- | M] () -- C:\WINDOWS\system32\config\systemprofile\ntuser.dat

[2011.05.06 19:11:00 | 000,001,024 | -H-- | M] () -- C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG

< %windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.* >

< %windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.* >

< %windir%\temp*.* >

< %systemroot%\assembly\temp\*.* /S /MD5 >

< %systemroot%\assembly\tmp\*.* /S /MD5 >

[2012.04.08 23:58:09 | 000,303,104 | ---- | M] () MD5=2849F13593D2712CCB97FFBDD3C1232E -- C:\WINDOWS\assembly\tmp\OV17DJPV\System.Runtime.Remoting.dll

< %systemroot%\assembly\GAC_32\*.* /S /MD5 >

[2012.04.08 23:58:12 | 000,069,120 | ---- | M] () MD5=DC426A365577F27187F99EB506ECD5D1 -- C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

[2012.04.08 23:58:16 | 000,072,192 | ---- | M] () MD5=29B35A999E341A37BE67771BE01CC275 -- C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

[2010.02.04 14:05:21 | 000,163,840 | ---- | M] () MD5=36BDD82A92AA704034475C2DEF7FBD29 -- C:\WINDOWS\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll

[2012.04.08 23:58:12 | 000,066,728 | ---- | M] () MD5=C01B81BB10AD14DBC5C4ECD350638096 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\big5.nlp

[2012.04.08 23:58:12 | 000,082,172 | ---- | M] () MD5=EE1F60F8774D74BED8B13498F3FE737A -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\bopomofo.nlp

[2012.04.08 23:58:12 | 000,116,756 | ---- | M] () MD5=F6DFDA5A31162D848634504565F6D321 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\ksc.nlp

[2012.04.08 23:58:12 | 004,550,656 | ---- | M] () MD5=0C57CB0497F75E3B60F913F1C4859257 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

[2012.04.08 23:58:12 | 000,059,342 | ---- | M] () MD5=DA5748A89E22A3932387E65694B25BBB -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normidna.nlp

[2012.04.08 23:58:12 | 000,045,794 | ---- | M] () MD5=3831A5E217D6FA828CCE1011DA26E677 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfc.nlp

[2012.04.08 23:58:12 | 000,039,284 | ---- | M] () MD5=DBDE664E0BA4BACD0A6A04AE2232B205 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfd.nlp

[2012.04.08 23:58:12 | 000,066,384 | ---- | M] () MD5=C9B88B759FE81D59CE8EBF5A0A8EB75A -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkc.nlp

[2012.04.08 23:58:12 | 000,060,294 | ---- | M] () MD5=3CAB6AB66759FCDF73B61EE262C9ACF4 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkd.nlp

[2012.04.08 23:58:12 | 000,083,748 | ---- | M] () MD5=54144F43EDF5AA8F504A30E7C1D1A7B5 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prc.nlp

[2012.04.08 23:58:12 | 000,083,748 | ---- | M] () MD5=901863C68E6523336CAC602FE9320ABC -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prcp.nlp

[2012.04.08 23:58:12 | 000,262,148 | ---- | M] () MD5=FB59D247F7143C3B9683A547E808A88B -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp

[2012.04.08 23:58:12 | 000,020,320 | ---- | M] () MD5=FF13BA175F0013D2311827E0D438C60B -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp

[2012.04.08 23:58:12 | 000,028,288 | ---- | M] () MD5=09E420F90A329BDA68477FA4AF43CB28 -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\xjis.nlp

[2011.11.13 12:00:42 | 004,210,688 | ---- | M] () MD5=E968859D798FBF5822DCD1D269215823 -- C:\WINDOWS\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll

[2012.04.08 23:58:04 | 000,486,400 | ---- | M] () MD5=759FD3779911F89C450CCAE06B92AE3A -- C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

[2012.04.08 23:58:20 | 002,933,248 | ---- | M] () MD5=16F96C1496CBD0965285AB19A9271D02 -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

[2012.04.08 23:58:10 | 000,258,048 | ---- | M] () MD5=9631B15DB7C43C267636FF43C3075E07 -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

[2012.04.08 23:58:10 | 000,113,664 | ---- | M] () MD5=E786C33D35D39C5CCB523AECC18D7BD7 -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

[2010.02.04 14:05:25 | 000,368,640 | ---- | M] () MD5=34FA631FAA4B2DF8C0A92B7B5AD9D6E1 -- C:\WINDOWS\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll

[2012.04.08 23:58:08 | 000,261,632 | ---- | M] () MD5=F054572A92573CA32D5F3AA8C15D2BAC -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

[2012.04.08 23:58:03 | 005,246,976 | ---- | M] () MD5=661268A6BEEF1C1B0D1B9137F530A9FD -- C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

< %systemroot%\assembly\GAC_MSIL\*.* /S /MD5 >

[2012.04.08 23:58:11 | 000,010,752 | ---- | M] () MD5=A5A56B4957BD59D324821522FE14F751 -- C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

[2012.04.08 23:58:04 | 000,507,904 | ---- | M] () MD5=B8FE2350B2236EE3D1CECA34E0C0FF17 -- C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

[2012.04.08 23:58:11 | 000,013,312 | ---- | M] () MD5=107F49F1BF0FB27A6CD758EB8C4D95A0 -- C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

[2012.04.08 23:58:16 | 000,008,192 | ---- | M] () MD5=6CD7461E06CB8BAEE3B16C3D7F637CD0 -- C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

[2012.04.08 23:58:16 | 000,077,824 | ---- | M] () MD5=24F0385D06BD86A97412B8905483313E -- C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

[2012.04.08 23:58:14 | 000,006,656 | ---- | M] () MD5=11F3AC2D47E566615819F5BF0DD18379 -- C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

[2010.02.04 14:06:25 | 000,106,496 | ---- | M] () MD5=29CED3B606BA7E2B49E52931C5CB53B7 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll

[2012.04.08 23:58:13 | 000,348,160 | ---- | M] () MD5=996AAEEC01C734347DE8A72542FD1C12 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

[2010.02.04 14:06:26 | 000,733,184 | ---- | M] () MD5=31C6E94759BF4D2FBE3239FFA717967D -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

[2012.04.08 23:58:14 | 000,036,864 | ---- | M] () MD5=D2A1C3150E43738BAB3D0AD9921B3E50 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

[2010.02.04 14:06:26 | 000,036,864 | ---- | M] () MD5=17C6F3F73858732DE59D6D957958E9AF -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

[2010.02.04 14:06:26 | 000,802,816 | ---- | M] () MD5=37F17D4698086C90127BBD90E73D7FE2 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll

[2012.04.08 23:58:15 | 000,655,360 | ---- | M] () MD5=8A3F5B72C3F402C8D33027A4C77F55AC -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

[2010.02.04 14:06:26 | 000,094,208 | ---- | M] () MD5=E32A06F647517D0DEA80F29B459E8FA2 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll

[2012.04.08 23:58:14 | 000,077,824 | ---- | M] () MD5=640BF6BB259B53BEFF59135645C63B18 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

[2012.04.08 23:58:07 | 000,749,568 | ---- | M] () MD5=EB535D00C508119EEE4042B737165A3B -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

[2010.02.04 14:05:21 | 000,397,312 | ---- | M] () MD5=66F6B3248D6C39CEFA49174133A694FE -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll

[2012.04.08 23:58:09 | 000,110,592 | ---- | M] () MD5=D676BC7C829F86A215676281A1032C6B -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

[2012.04.08 23:58:08 | 000,372,736 | ---- | M] () MD5=226956F70AEBBBF5ACBC9ADA6522B6F6 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

[2012.04.08 23:58:14 | 000,028,672 | ---- | M] () MD5=3D61BFCBE13C2DC8F5AE20BF02145322 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

[2012.04.08 23:58:11 | 000,659,456 | ---- | M] () MD5=EFC806A1C4C6CE9F69AECE0AB72C1E34 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

[2010.02.04 14:06:25 | 000,041,984 | ---- | M] () MD5=9F065BF574C956B85DB355C32E7E995E -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll

[2012.04.08 23:58:13 | 000,005,632 | ---- | M] () MD5=7E50D25F9A5BC75F22CA7AEB52176CA2 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

[2012.04.08 23:58:15 | 000,012,800 | ---- | M] () MD5=B27AA2EA41728FAF5E9642CFD2958FB9 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

[2012.04.08 23:58:08 | 000,032,768 | ---- | M] () MD5=D251A67B7D6DE2194F6E264055E020FB -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

[2012.04.08 23:58:11 | 000,007,168 | ---- | M] () MD5=9659028AFA77387D6D2BF4280C10AB94 -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

[2010.02.04 14:05:27 | 000,598,016 | ---- | M] () MD5=28595FA306E58AACD7DAFF001F430703 -- C:\WINDOWS\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll

[2010.02.04 14:05:24 | 000,032,768 | ---- | M] () MD5=93F9CC2360815D8EF955407CF92B38AA -- C:\WINDOWS\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll

[2010.02.04 14:05:28 | 000,046,104 | ---- | M] () MD5=8BA7C024070F2B7FDD98ED8A4BA41789 -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe

[2010.02.04 14:05:29 | 000,196,608 | ---- | M] () MD5=0C488A21B5A63055CB7736E3E0C75B1F -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll

[2010.02.04 14:05:29 | 000,139,264 | ---- | M] () MD5=DA8417F8973EC51F0F1859CA0B334FC5 -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll

[2010.02.04 14:05:29 | 000,397,312 | ---- | M] () MD5=7E61032F4F2BAB036B859D3B22D26DD0 -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll

[2010.02.04 14:05:29 | 000,163,840 | ---- | M] () MD5=D1E117EDDEFEB220351BE0C7B27A4646 -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll

[2011.11.13 12:00:43 | 005,279,744 | ---- | M] () MD5=D5A6ADE7FBEE0344D86394CE9F91B67F -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll

[2010.02.04 14:05:30 | 000,864,256 | ---- | M] () MD5=428D3714C85BACE55476C91E0D90E495 -- C:\WINDOWS\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll

[2010.02.04 14:05:25 | 000,528,384 | ---- | M] () MD5=A37D01E48B3908330E780466312D54A6 -- C:\WINDOWS\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll

[2010.02.04 14:06:26 | 000,005,632 | ---- | M] () MD5=807B70A78ACE7D01F769FE502A769E67 -- C:\WINDOWS\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll

[2011.11.13 01:02:53 | 000,110,592 | ---- | M] () MD5=BD6B60E0F4FA84FF4E3089EDF9B81C9A -- C:\WINDOWS\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll

[2012.04.08 23:58:13 | 000,110,592 | ---- | M] () MD5=0AD1C94AB2D36B79B9F2B54EADEB300A -- C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

[2010.02.04 14:06:27 | 000,045,056 | ---- | M] () MD5=B34B75256D536385B927193FB1DCBB81 -- C:\WINDOWS\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll

[2010.02.04 14:06:27 | 000,163,840 | ---- | M] () MD5=212E7E4F44432B5EDA508D454FC01A61 -- C:\WINDOWS\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll

[2010.02.04 14:06:31 | 000,057,344 | ---- | M] () MD5=34AAEA0DCF908A7D3C1D8C2132B0E4D4 -- C:\WINDOWS\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll

[2012.04.08 23:58:16 | 000,081,920 | ---- | M] () MD5=41BC941761FB3D1E21826C3C0E3CEEEE -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

[2012.04.08 23:58:20 | 000,425,984 | ---- | M] () MD5=C1C4025B5F5311AC8BCC318B0C244D58 -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

[2010.02.04 14:06:28 | 000,667,648 | ---- | M] () MD5=6617F24759BB1F3873C88AD9E0DF0435 -- C:\WINDOWS\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll

[2010.02.04 14:06:28 | 000,053,248 | ---- | M] () MD5=1FDC244EEDD9B7804C7829DA11F1522E -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll

[2010.02.04 14:06:28 | 000,229,376 | ---- | M] () MD5=3FE6C3CDB01F039110152B1B0AE4980F -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll

[2010.02.04 14:06:29 | 002,879,488 | ---- | M] () MD5=CB45DFC6F9E1F954A718769D02D9C312 -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll

[2010.02.04 14:06:24 | 000,684,032 | ---- | M] () MD5=DDFB10C4A14ADD5D0A6C96E6DC3D29DF -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll

[2011.11.13 12:04:20 | 000,294,912 | ---- | M] () MD5=2F69FF4ED483D3FF399534F99BD4694A -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll

[2010.02.04 14:06:24 | 000,114,688 | ---- | M] () MD5=0A7F3B1C1A9CC722F48A7A16394F61C4 -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll

[2011.11.13 12:04:20 | 000,442,368 | ---- | M] () MD5=AE975C122A442146D7D5A6A996C42F91 -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll

[2012.04.08 23:58:19 | 000,745,472 | ---- | M] () MD5=6388F9A7AA6E22DDA2E0D84E5BCE537C -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

[2012.04.08 23:58:21 | 000,970,752 | ---- | M] () MD5=97DDAFB2A7B33DC3F746EF35C9EDF892 -- C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

[2012.04.08 23:58:05 | 005,062,656 | ---- | M] () MD5=5C368BEBD58562133856B35BDCEFEADA -- C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

[2010.02.04 14:06:24 | 000,286,720 | ---- | M] () MD5=4C6FBCBB7E7D4E3B0CAAA42043B6A01F -- C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll

[2012.04.08 23:58:10 | 000,188,416 | ---- | M] () MD5=F0D4CE77F1F9D9A7468335B1CE4C061B -- C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

[2012.04.08 23:58:10 | 000,401,408 | ---- | M] () MD5=F485CF34C45F850B25A7E38B08A7C435 -- C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

[2012.04.08 23:58:06 | 000,081,920 | ---- | M] () MD5=36ABC218228871A981027174216A2DA8 -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

[2012.04.08 23:58:18 | 000,626,688 | ---- | M] () MD5=179CC375C81B39902825ABFE3A7CD49D -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

[2010.02.04 14:05:30 | 000,126,976 | ---- | M] () MD5=311A345681A73C66D3EE49C5157A473B -- C:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll

[2011.11.13 01:02:53 | 000,438,272 | ---- | M] () MD5=DB076F159D89B90924C465222BA128FE -- C:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll

[2010.02.04 14:05:22 | 000,131,072 | ---- | M] () MD5=80E67BFFD101CC6312B489BEE255430D -- C:\WINDOWS\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll

[2010.02.04 14:06:29 | 000,143,360 | ---- | M] () MD5=217A1E1DED132261C825313A7FB2616C -- C:\WINDOWS\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll

[2012.04.08 23:58:09 | 000,372,736 | ---- | M] () MD5=EBAADBBFB6C455E54EB6A0E47267D33C -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

[2012.04.08 23:58:09 | 000,258,048 | ---- | M] () MD5=7F9F1F17D368EE1EEA7E246FD934B9EC -- C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

[2010.02.04 14:06:32 | 000,233,472 | ---- | M] () MD5=2E66DE31546A6AB3A8160CE337E1C6BC -- C:\WINDOWS\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll

[2012.04.08 23:58:09 | 000,303,104 | ---- | M] () MD5=2849F13593D2712CCB97FFBDD3C1232E -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

[2012.04.08 23:58:08 | 000,131,072 | ---- | M] () MD5=C415D86079D431E7E1E32D0835A3FE81 -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

[2011.11.13 01:02:54 | 000,970,752 | ---- | M] () MD5=2CF02DF42A90A054D546BF3A85409DC4 -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll

[2012.04.08 23:58:19 | 000,258,048 | ---- | M] () MD5=0DFCD96DED6DB52064203C07B927357E -- C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

[2010.02.04 14:05:23 | 000,073,728 | ---- | M] () MD5=A80F41C8B2168E8B3ADD0AA4FCBDDC93 -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll

[2011.11.13 01:02:55 | 000,032,768 | ---- | M] () MD5=764E1A3E53C5885976F2EE6E206208EF -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll

[2010.02.04 14:06:23 | 000,569,344 | ---- | M] () MD5=1565B7FAFDFA6EEE16101388E57E749F -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll

[2011.11.13 01:02:54 | 005,967,872 | ---- | M] () MD5=4120A37565491CA998E226BCBE8EF6E8 -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll

[2012.04.08 23:58:21 | 000,114,688 | ---- | M] () MD5=50D2943D426BA91771AD87FDEC802AC3 -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

[2010.02.04 14:05:28 | 000,688,128 | ---- | M] () MD5=31588B867657A7DF046AC1908550D73C -- C:\WINDOWS\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll

[2010.02.04 14:06:32 | 000,077,824 | ---- | M] () MD5=2C3559C513F7CD6F95DC382F31A6A22D -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll

[2010.02.04 14:06:33 | 000,032,768 | ---- | M] () MD5=9E0D101B086297D5E166E03A8ACBF260 -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll

[2011.11.13 12:04:20 | 000,229,376 | ---- | M] () MD5=CC8D03C33986926A68696DAAAB5FF2F8 -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll

[2010.02.04 14:06:29 | 000,131,072 | ---- | M] () MD5=A6A5297AAD0A9BA8829D20B1CBD68D32 -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll

[2011.11.13 12:04:20 | 000,139,264 | ---- | M] () MD5=E42797003722BD930D83AB26998394D8 -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll

[2010.02.04 14:06:33 | 000,335,872 | ---- | M] () MD5=7E83B8040233DDCDE03CF7F0A5F2837B -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll

[2012.04.08 23:51:41 | 001,277,952 | ---- | M] () MD5=821B0AAB24CB11417381F8AE881309A2 -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll

[2012.04.08 23:58:06 | 000,835,584 | ---- | M] () MD5=C22D59F4EAC00510D1A86061A428C633 -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

[2012.04.08 23:58:07 | 000,077,824 | ---- | M] () MD5=F27A80887F125661CAC1A6039107428F -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

[2010.02.04 14:06:34 | 000,061,440 | ---- | M] () MD5=5B7868DF14D71D328EE8C1213F852393 -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll

[2012.04.08 23:58:07 | 000,839,680 | ---- | M] () MD5=A89DFA6DB0C3D00559F770A214962A60 -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

[2012.04.08 23:58:05 | 005,025,792 | ---- | M] () MD5=2045A75F511FB99F5B3369E49E0837A2 -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

[2010.02.04 14:06:30 | 000,012,288 | ---- | M] () MD5=044C3400A836E5FB60D4A49EAEC24544 -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll

[2010.02.04 14:05:26 | 001,138,688 | ---- | M] () MD5=A96933F3898290AA509080A90E0C7C5F -- C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll

[2010.02.04 14:05:27 | 001,630,208 | ---- | M] () MD5=C4503F6EADC2638D6898514290A7A60B -- C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll

[2010.02.04 14:05:27 | 000,540,672 | ---- | M] () MD5=6623152B2FB7DC650C6A8FE01AF71F44 -- C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll

[2010.02.04 14:06:23 | 000,507,904 | ---- | M] () MD5=E249D1B3114088C0D390A60643BF2BBC -- C:\WINDOWS\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll

[2010.02.04 14:06:31 | 000,139,264 | ---- | M] () MD5=64925CC79EA9E8245A4F18703CCABEC4 -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll

[2012.04.08 23:58:19 | 002,048,000 | ---- | M] () MD5=EB97291E3C9E0035B47B45DBB1AF710D -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

[2012.04.08 23:58:17 | 003,186,688 | ---- | M] () MD5=47B341F0931D6D11364145FFC6BBB1E7 -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

[2010.02.04 14:05:28 | 000,167,936 | ---- | M] () MD5=F303A07A6EF37B8B6DD928D97A016B75 -- C:\WINDOWS\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll

[2010.02.04 14:05:28 | 000,385,024 | ---- | M] () MD5=09658EF5F16F2ABD74FE577D50C0D155 -- C:\WINDOWS\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll

[2010.02.04 14:05:25 | 000,040,960 | ---- | M] () MD5=A93561FB224FA8539357C74065403630 -- C:\WINDOWS\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll

[2010.02.04 14:05:26 | 000,098,304 | ---- | M] () MD5=5BE33FC308914C1AE6577A908D97A4FF -- C:\WINDOWS\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll

[2011.11.13 12:00:44 | 001,249,280 | ---- | M] () MD5=2B54E384677C419230E016020DA076ED -- C:\WINDOWS\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll

[2010.02.04 14:05:28 | 000,094,208 | ---- | M] () MD5=E205A79EA6C06F91EA08BBE59FE83503 -- C:\WINDOWS\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /90 >

[2012.03.07 02:58:29 | 000,024,920 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys

[2012.03.07 03:01:30 | 000,020,696 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys

[2012.03.07 03:01:35 | 000,089,048 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswmon.sys

[2012.03.07 03:01:39 | 000,095,704 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys

[2012.03.07 03:02:00 | 000,035,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys

[2012.03.07 03:03:51 | 000,612,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswSnx.sys

[2012.03.07 03:03:38 | 000,337,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswSP.sys

[2012.03.07 03:01:53 | 000,053,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

[2008.07.06 15:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll

[2006.01.28 12:00:00 | 000,049,152 | R--- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\IMFPRINT.DLL

[2007.04.09 14:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\mdippr.dll

[2009.10.29 13:43:02 | 000,010,752 | ---- | M] (EPSON) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\SIMFPR0G.DLL

[2007.12.10 09:00:00 | 000,057,344 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\ZIMFPRNT.DLL

< %systemroot%\*. /mp /s >

< MD5 for: AFD.SYS >

[2008.10.16 18:07:58 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=38D7B715504DA4741DF35E3594FE2099 -- C:\WINDOWS\$NtUninstallKB2592799$\afd.sys

[2009.11.08 14:35:04 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=4D43E74F2A1239D53929B82600F1971C -- C:\WINDOWS\$NtUninstallKB2509553$\afd.sys

[2011.08.17 16:41:46 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=F6B7B1ECD7B41736BDB6FF4B092BCB79 -- C:\WINDOWS\system32\dllcache\afd.sys

[2011.08.17 16:41:46 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=F6B7B1ECD7B41736BDB6FF4B092BCB79 -- C:\WINDOWS\system32\drivers\afd.sys

< MD5 for: ATAPI.SYS >

[2009.11.08 14:46:05 | 017,778,292 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys

[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys

[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys

< MD5 for: DISK.SYS >

[2009.11.08 14:46:05 | 017,778,292 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys

[2008.04.14 14:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: EXPLORER.EXE >

[2008.04.14 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe

[2008.04.14 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: I8042PRT.SYS >

[2009.11.08 14:46:05 | 017,778,292 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:i8042prt.sys

[2008.04.14 14:00:00 | 000,052,480 | ---- | M] (Microsoft Corporation) MD5=4A0B06AA8943C1E332520F7440C0AA30 -- C:\WINDOWS\system32\drivers\i8042prt.sys

< MD5 for: IASTOR.SYS >

[2010.01.07 11:56:48 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\WINDOWS\NLDRV\001\iastor.sys

[2010.01.07 11:56:56 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\WINDOWS\NLDRV\002\iastor.sys

[2010.01.07 11:58:15 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\WINDOWS\NLDRV\003\iastor.sys

[2010.01.07 11:58:22 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\WINDOWS\NLDRV\004\iastor.sys

< MD5 for: IPSEC.SYS >

[2008.04.14 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\system32\dllcache\ipsec.sys

[2008.04.14 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\system32\drivers\ipsec.sys

< MD5 for: LSASS.EXE >

[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\dllcache\lsass.exe

[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NETBT.SYS >

[2008.04.14 14:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=74B2B2F5BEA5E9A3DC021D685551BD3D -- C:\WINDOWS\system32\dllcache\netbt.sys

[2008.04.14 14:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=74B2B2F5BEA5E9A3DC021D685551BD3D -- C:\WINDOWS\system32\drivers\netbt.sys

< MD5 for: REDBOOK.SYS >

[2009.11.08 14:46:05 | 017,778,292 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:redbook.sys

[2008.04.14 01:10:28 | 000,057,600 | ---- | M] (Microsoft Corporation) MD5=F828DD7E1419B6653894A8F97A0094C5 -- C:\WINDOWS\system32\drivers\redbook.sys

< MD5 for: SERIAL.SYS >

[2009.11.08 14:46:05 | 017,778,292 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:serial.sys

[2008.04.14 14:00:00 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=CCA207A8896D4C6A0C9CE29A4AE411A7 -- C:\WINDOWS\system32\drivers\serial.sys

< MD5 for: SVCHOST.EXE >

[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe

[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe

[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

< MD5 for: TCPIP.SYS >

[2009.11.08 14:33:39 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\system32\dllcache\tcpip.sys

[2009.11.08 14:33:39 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >

[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe

[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: VOLSNAP.SYS >

[2008.04.14 14:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- C:\WINDOWS\system32\dllcache\volsnap.sys

[2008.04.14 14:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- C:\WINDOWS\system32\drivers\volsnap.sys

< MD5 for: WINLOGON.EXE >

[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe

[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

========== Files - Unicode (All) ==========

[2012.02.22 15:26:21 | 000,817,152 | ---- | M] ()(C:\Documents and Settings\User\My Documents\????????? ?????????????.doc) -- C:\Documents and Settings\User\My Documents\Στανιμήρα Ντερμεντζίεβα.doc

[2012.02.21 20:50:57 | 000,817,152 | ---- | C] ()(C:\Documents and Settings\User\My Documents\????????? ?????????????.doc) -- C:\Documents and Settings\User\My Documents\Στανιμήρα Ντερμεντζίεβα.doc

[2012.02.18 21:57:42 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\PC\Desktop\~$ ??????? ????????? (1869-1942).doc) -- C:\Documents and Settings\PC\Desktop\~$ ΒΑΣΙΛΗΣ ΚΑΛΑΦΑΤΗΣ (1869-1942).doc

[2012.02.18 21:57:42 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\PC\Desktop\~$ ??????? ????????? (1869-1942).doc) -- C:\Documents and Settings\PC\Desktop\~$ ΒΑΣΙΛΗΣ ΚΑΛΑΦΑΤΗΣ (1869-1942).doc

========== Alternate Data Streams ==========

@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:51394AA5

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DBC416F8

< End of report >

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Не откривам абсолютно никакви следи от Babylon. Къде точно се е появил?

Изтеглете MiniToolBox.exe и го запазете на десктопа.

  • Сложете отметка пред всички обекти и натиснете Go.
  • Копирайте съдържанието на файла Result.txt в следващия си пост.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Babylon се появяваше, когато отворя Мозила. От антивирусната блокирах този сайт и после деинсталирах Мозилата.

MiniToolBox by Farbar Version: 18-01-2012

Ran by PC (administrator) on 12-04-2012 at 15:45:35

Microsoft Windows XP Professional Service Pack 3 (X86)

Boot Mode: Normal

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.

No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8169/8110 Family Gigabit Ethernet NIC = Local Area Connection (Connected)

Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection 2 (Media disconnected)

# ----------------------------------

# Interface IP Configuration

# ----------------------------------

pushd interface ip

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp

set dns name="Local Area Connection" source=dhcp register=PRIMARY

set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp

set dns name="Local Area Connection 2" source=dhcp register=PRIMARY

set wins name="Local Area Connection 2" source=dhcp

popd

# End of interface IP configuration

Windows IP Configuration

Host Name . . . . . . . . . . . . : user-30ef165fc0

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : btc-adsl

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : btc-adsl

Description . . . . . . . . . . . : Realtek RTL8169/8110 Family Gigabit Ethernet NIC

Physical Address. . . . . . . . . : 00-1A-4D-29-97-0B

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.2

Subnet Mask . . . . . . . . . . . : 255.255.255.128

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1

Lease Obtained. . . . . . . . . . : 12 Април 2012 г. 15:31:58

Lease Expires . . . . . . . . . . : 13 Април 2012 г. 15:31:58

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC

Physical Address. . . . . . . . . : 00-E0-4C-4C-33-85

Server: adslrouter.btc-adsl

Address: 192.168.1.1

Name: google.com

Addresses: 209.85.148.101, 209.85.148.100, 209.85.148.113, 209.85.148.139

209.85.148.138, 209.85.148.102

Pinging google.com [209.85.148.101] with 32 bytes of data:

Reply from 209.85.148.101: bytes=32 time=61ms TTL=57

Reply from 209.85.148.101: bytes=32 time=64ms TTL=57

Ping statistics for 209.85.148.101:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 61ms, Maximum = 64ms, Average = 62ms

Server: adslrouter.btc-adsl

Address: 192.168.1.1

Name: yahoo.com

Addresses: 72.30.38.140, 98.139.183.24, 209.191.122.70

Pinging yahoo.com [72.30.38.140] with 32 bytes of data:

Reply from 72.30.38.140: bytes=32 time=241ms TTL=54

Reply from 72.30.38.140: bytes=32 time=257ms TTL=54

Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 241ms, Maximum = 257ms, Average = 249ms

Server: adslrouter.btc-adsl

Address: 192.168.1.1

Name: bleepingcomputer.com

Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================

Interface List

0x1 ........................... MS TCP Loopback interface

0x2 ...00 1a 4d 29 97 0b ...... Realtek RTL8169/8110 Family Gigabit Ethernet NIC - Packet Scheduler Miniport

0x3 ...00 e0 4c 4c 33 85 ...... Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler Miniport

===========================================================================

===========================================================================

Active Routes:

Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 20

127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1

192.168.1.0 255.255.255.128 192.168.1.2 192.168.1.2 20

192.168.1.2 255.255.255.255 127.0.0.1 127.0.0.1 20

192.168.1.255 255.255.255.255 192.168.1.2 192.168.1.2 20

224.0.0.0 240.0.0.0 192.168.1.2 192.168.1.2 20

255.255.255.255 255.255.255.255 192.168.1.2 192.168.1.2 1

255.255.255.255 255.255.255.255 192.168.1.2 3 1

Default Gateway: 192.168.1.1

===========================================================================

Persistent Routes:

None

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)

Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)

Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)

Catalog5 04 C:\Windows\system32\wshbth.dll [108032] (Microsoft Corporation)

Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)

Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)

Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:

==================

Error: (04/12/2012 10:56:40 AM) (Source: Application Hang) (User: )

Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (04/12/2012 10:56:39 AM) (Source: Application Hang) (User: )

Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (04/11/2012 10:55:21 AM) (Source: Application Hang) (User: )

Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (04/11/2012 10:55:21 AM) (Source: Application Hang) (User: )

Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (04/10/2012 10:55:30 AM) (Source: Application Error) (User: )

Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module ahascr.dll, version 7.0.1426.0, fault address 0x0000a906.

Processing media-specific event for [iexplore.exe!ws!]

Error: (04/09/2012 10:29:02 PM) (Source: Application Error) (User: )

Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module wmvcore.dll, version 11.0.5721.5275, fault address 0x000d3d79.

Processing media-specific event for [explorer.exe!ws!]

Error: (03/19/2012 01:55:15 AM) (Source: Application Error) (User: )

Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.19170, fault address 0x00067978.

Processing media-specific event for [iexplore.exe!ws!]

Error: (03/16/2012 00:58:11 AM) (Source: Application Hang) (User: )

Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/16/2012 00:58:11 AM) (Source: Application Hang) (User: )

Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/16/2012 00:58:11 AM) (Source: Application Hang) (User: )

Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

System errors:

=============

Error: (04/12/2012 03:32:16 PM) (Source: Service Control Manager) (User: )

Description: The System Restore Service service terminated with the following error:

%%2

Error: (04/12/2012 03:32:16 PM) (Source: Service Control Manager) (User: )

Description: The Plustek USB Scanner service failed to start due to the following error:

%%1058

Error: (04/12/2012 03:32:12 PM) (Source: SRService) (User: )

Description: The System Restore initialization process failed.

Error: (04/12/2012 09:40:12 AM) (Source: Service Control Manager) (User: )

Description: The IMAPI CD-Burning COM Service service failed to start due to the following error:

%%1053

Error: (04/12/2012 09:40:12 AM) (Source: Service Control Manager) (User: )

Description: Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.

Error: (04/12/2012 09:39:31 AM) (Source: Service Control Manager) (User: )

Description: The System Restore Service service terminated with the following error:

%%2

Error: (04/12/2012 09:39:31 AM) (Source: Service Control Manager) (User: )

Description: The Plustek USB Scanner service failed to start due to the following error:

%%1058

Error: (04/12/2012 09:39:28 AM) (Source: SRService) (User: )

Description: The System Restore initialization process failed.

Error: (04/11/2012 08:08:28 PM) (Source: Service Control Manager) (User: )

Description: The System Restore Service service terminated with the following error:

%%2

Error: (04/11/2012 08:08:28 PM) (Source: Service Control Manager) (User: )

Description: The Plustek USB Scanner service failed to start due to the following error:

%%1058

Microsoft Office Sessions:

=========================

Error: (04/12/2012 10:56:40 AM) (Source: Application Hang)(User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (04/12/2012 10:56:39 AM) (Source: Application Hang)(User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (04/11/2012 10:55:21 AM) (Source: Application Hang)(User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (04/11/2012 10:55:21 AM) (Source: Application Hang)(User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (04/10/2012 10:55:30 AM) (Source: Application Error)(User: )

Description: iexplore.exe8.0.6001.18702ahascr.dll7.0.1426.00000a906

Error: (04/09/2012 10:29:02 PM) (Source: Application Error)(User: )

Description: explorer.exe6.0.2900.5512wmvcore.dll11.0.5721.5275000d3d79

Error: (03/19/2012 01:55:15 AM) (Source: Application Error)(User: )

Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.1917000067978

Error: (03/16/2012 00:58:11 AM) (Source: Application Hang)(User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (03/16/2012 00:58:11 AM) (Source: Application Hang)(User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (03/16/2012 00:58:11 AM) (Source: Application Hang)(User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

=========================== Installed Programs ============================

Декларация Обр.1 и 6 (Version: 4.03)

ЗБУТ+ (Версия 2.11) (Version: 2.11)

µTorrent (Version: 2.0.3)

ABBYY FineReader 9.0 Professional Edition (Version: 9.00.662.5581)

Adobe Flash Player 10 Plugin (Version: 10.1.53.64)

Adobe Flash Player 11 ActiveX (Version: 11.1.102.62)

Adobe Photoshop 7.0 (Version: 7.0)

Adobe Reader 9.4.7 (Version: 9.4.7)

avast! Free Antivirus (Version: 7.0.1426.0)

BS.Player FREE (Version: 2.57.1051)

CCleaner (Version: 3.06)

CD Recovery Toolbox Free 1.1

CD/DVD Diagnostic (Version: 3.0.0)

Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)

Easy CD-DA Extractor 12 (Version: 12.0.8)

EPSON AL-C1600

Exact Audio Copy 0.99pb3 (Version: 0.99pb3)

Foxit Reader 5.1 (Version: 5.1.4.104)

FreeUndelete 2.0.35248.1 (Version: 2.0.35248.1)

Google Земя (Version: 6.2.1.6014)

Google Chrome (Version: 18.0.1025.152)

Google Toolbar for Internet Explorer (Version: 1.0.0)

Google Toolbar for Internet Explorer (Version: 7.3.2710.138)

Google Update Helper (Version: 1.3.21.111)

Intel® Graphics Media Accelerator Driver

IsoBuster 2.8.5 (Version: 2.8.5)

K-Lite Codec Pack 5.0.0 (Full) (Version: 5.0.0)

Konto v.5.80.1 (Version: 5.80.1)

LaserJet 1020 series

Malwarebytes Anti-Malware, версия 1.60.1.1000 (Version: 1.60.1.1000)

Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)

Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)

Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)

Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

MP3 Cutter 1.8

Nero 8 Lite 8.3.2.1 (Version: 8.3.2.1)

OrderReminder HP LaserJet 1020 (Version: 2.0)

Plustek USB Scanner

REALTEK GbE & FE Ethernet PCI NIC Driver (Version: 1.17.0001)

Realtek High Definition Audio Driver (Version: 5.10.0.5998)

Recover Disc 2.0 (Version: 2.0)

Recuva (Version: 1.40)

Skype™ 3.6 (Version: 3.6.248)

Smart File Advisor 1.1.1 (Version: 1.1.1)

SUPERAntiSpyware (Version: 4.52.1000)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)

Update for Windows XP (KB2345886) (Version: 1)

Update for Windows XP (KB2541763) (Version: 1)

Update for Windows XP (KB2641690) (Version: 1)

Update for Windows XP (KB898461) (Version: 1)

Update for Windows XP (KB943729)

Update for Windows XP (KB955759) (Version: 1)

Update for Windows XP (KB971029) (Version: 1)

Update for Windows XP (KB971737) (Version: 1)

Update for Windows XP (KB973687) (Version: 1)

WebFldrs XP (Version: 9.50.7523)

Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)

Windows Internet Explorer 8 (Version: 20090308.140743)

Windows Media Format 11 runtime

Windows Media Player 11

Windows Media Player Firefox Plugin (Version: 1.0.0.8)

WinRAR archiver

========================= Devices: ================================

Name: My new generic Bluetooth adapter

Description: My new generic Bluetooth adapter

Class Guid: {E0CBF06C-CD8B-4647-BB8A-263B43F0F974}

Manufacturer: Cambridge Silicon Radio Ltd.

Service: BTHUSB

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: My new generic Bluetooth adapter

Description: My new generic Bluetooth adapter

Class Guid: {E0CBF06C-CD8B-4647-BB8A-263B43F0F974}

Manufacturer: Cambridge Silicon Radio Ltd.

Service: BTHUSB

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: My new generic Bluetooth adapter

Description: My new generic Bluetooth adapter

Class Guid: {E0CBF06C-CD8B-4647-BB8A-263B43F0F974}

Manufacturer: Cambridge Silicon Radio Ltd.

Service: BTHUSB

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: My new generic Bluetooth adapter

Description: My new generic Bluetooth adapter

Class Guid: {E0CBF06C-CD8B-4647-BB8A-263B43F0F974}

Manufacturer: Cambridge Silicon Radio Ltd.

Service: BTHUSB

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: My new generic Bluetooth adapter

Description: My new generic Bluetooth adapter

Class Guid: {E0CBF06C-CD8B-4647-BB8A-263B43F0F974}

Manufacturer: Cambridge Silicon Radio Ltd.

Service: BTHUSB

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: My new generic Bluetooth adapter

Description: My new generic Bluetooth adapter

Class Guid: {E0CBF06C-CD8B-4647-BB8A-263B43F0F974}

Manufacturer: Cambridge Silicon Radio Ltd.

Service: BTHUSB

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: My new generic Bluetooth adapter

Description: My new generic Bluetooth adapter

Class Guid: {E0CBF06C-CD8B-4647-BB8A-263B43F0F974}

Manufacturer: Cambridge Silicon Radio Ltd.

Service: BTHUSB

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: My new generic Bluetooth adapter

Description: My new generic Bluetooth adapter

Class Guid: {E0CBF06C-CD8B-4647-BB8A-263B43F0F974}

Manufacturer: Cambridge Silicon Radio Ltd.

Service: BTHUSB

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: My new generic Bluetooth adapter

Description: My new generic Bluetooth adapter

Class Guid: {E0CBF06C-CD8B-4647-BB8A-263B43F0F974}

Manufacturer: Cambridge Silicon Radio Ltd.

Service: BTHUSB

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: My new generic Bluetooth adapter

Description: My new generic Bluetooth adapter

Class Guid: {E0CBF06C-CD8B-4647-BB8A-263B43F0F974}

Manufacturer: Cambridge Silicon Radio Ltd.

Service: BTHUSB

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

========================= Memory info: ===================================

Percentage of memory in use: 77%

Total physical RAM: 503.48 MB

Available physical RAM: 110.91 MB

Total Pagefile: 1228.85 MB

Available Pagefile: 554.67 MB

Total Virtual: 2047.88 MB

Available Virtual: 1970.72 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:116.44 GB) (Free:44.07 GB) NTFS

3 Drive d: () (Fixed) (Total:116.44 GB) (Free:15.01 GB) NTFS

========================= Users: ========================================

User accounts for \\USER-30EF165FC0

Administrator Guest HelpAssistant

PC SUPPORT_388945a0 User

========================= Minidump Files ==================================

C:\WINDOWS\Minidump\Mini033012-01.dmp

**** End of log ****

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Според мен petyaf бърка тулбара с отметката, която тулбара е поставил при инсталацията си, и която се отваря като стартова страница на мозилата. Ако съм прав, би било достатъчно да се влезе в настройките на мозилата и да се смени стартовата страница. Съжалявам ако съм объркал нещо с нерегламентираното си включване!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Всичко изглежда ОК. Благодаря за помощта. Да деинсталирам ли сканиращите програми?

Според мен petyaf бърка тулбара с отметката, която тулбара е поставил при инсталацията си, и която се отваря като стартова страница на мозилата. Ако съм прав, би било достатъчно да се влезе в настройките на мозилата и да се смени стартовата страница. Съжалявам ако съм объркал нещо с нерегламентираното си включване!

Adash, мозилата беше отдавна инсталирана. Опитах се да променя стартовата страница от настройките за интернет и с провлачване на иконата на избрания сайт от адресната лента до иконата с къщичката в дясно. При друт компютър със същия проблем се оправиха нещата, но тук не. И в Google Chrome Babylon беше стартова страница.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Имаше наистина огромно количество тулбари, които освен, че променят стартовата страница, както и търсачката, те е събират информация за сърфирането ти и я изпращат на маркетингови компании, които на базата на нея си изграждат стратегиите.

Нека, изчистим всичко. Стартирайте OTL и кликнете върху CleanUp бутона. Ръчно изтрийте MiniToolBox.

Приятно и внимателно сърфиране! Весели празници! :)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Благодаря! Лека вечер и весели празници!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Благодаря! Подобно! :)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.