Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-12-2014 01
Ran by Zore (administrator) on HOME-193E3C216B on 15-12-2014 00:00:30
Running from C:\Documents and Settings\Zore.HOME-193E3C216B\Desktop
Loaded Profile: Zore (Available profiles: Zore)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\WINXP\System32\smss.exe
(Microsoft Corporation) C:\WINXP\System32\winlogon.exe
(Microsoft Corporation) C:\WINXP\System32\services.exe
(Microsoft Corporation) C:\WINXP\System32\lsass.exe
(Microsoft Corporation) C:\WINXP\System32\svchost.exe
(Microsoft Corporation) C:\WINXP\System32\svchost.exe
(Microsoft Corporation) C:\WINXP\EXPLORER.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Lexmark International, Inc.) C:\WINXP\System32\LEXBCES.EXE
(Lexmark International, Inc.) C:\WINXP\System32\LEXPPS.EXE
(Microsoft Corporation) C:\WINXP\System32\spoolsv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AVASTUI.EXE
(Microsoft Corporation) C:\WINXP\System32\CTFMON.EXE
() E:\PROGRAMi\Meraci protoka internet veze\NetMeter114beta_4.exe
(Google Inc.) C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
( ) C:\WINXP\System32\lxbkcoms.exe
(Google Inc.) C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Application Data\Google\Update\\GoogleCrashHandler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\WINXP\System32\nvsvc32.exe
(Microsoft Corporation) C:\WINXP\System32\svchost.exe
(Microsoft Corporation) C:\WINXP\System32\wscntfy.exe
(Microsoft Corporation) C:\WINXP\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\FIREFOX.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM\...\Run: [MSPY2002] => C:\WINXP\system32\IME\PINTLGNT\ImScInst.exe [59392 2008-04-14] ()
HKLM\...\Winlogon: [Userinit] C:\WINXP\system32\userinit.exe,
HKLM\...\Winlogon: [Shell] Explorer.exe [x ] ()
HKLM\...\Winlogon: [UIHost] C:\WINXP\system32\logonui.exe [514560 2008-04-14] (Microsoft Corporation)
Winlogon\Notify\crypt32chain: C:\WINXP\system32\crypt32.dll (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINXP\system32\cryptnet.dll (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINXP\system32\cscdll.dll (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINXP\System32\dimsntfy.dll (Microsoft Corporation)
Winlogon\Notify\ScCertProp: C:\WINXP\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\Schedule: C:\WINXP\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\sclgntfy: C:\WINXP\system32\sclgntfy.dll (Microsoft Corporation)
Winlogon\Notify\SensLogn: C:\WINXP\system32\WlNotify.dll (Microsoft Corporation)
Winlogon\Notify\termsrv: C:\WINXP\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\wlballoon: C:\WINXP\system32\wlnotify.dll (Microsoft Corporation)
HKU\S-1-5-21-1060284298-813497703-1547161642-1003\...\Run: [ctfmon.exe] => C:\WINXP\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1060284298-813497703-1547161642-1003\...\Run: [NetMeter] => E:\PROGRAMi\Meraci protoka internet veze\NetMeter114beta_4.exe [296960 2011-03-04] ()
HKU\S-1-5-21-1060284298-813497703-1547161642-1003\...\Run: [Google Update] => C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [116648 2014-12-06] (Google Inc.)
HKU\S-1-5-18\...\Run: [ctfmon.exe] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\pchealth\helpctr\System\panels\blank.htm
HKU\S-1-5-21-1060284298-813497703-1547161642-1003\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\pchealth\helpctr\System\panels\blank.htm
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll No File
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINXP\system32\urlmon.dll (Microsoft Corporation)
Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINXP\system32\wiascr.dll (Microsoft Corporation)
Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINXP\system32\SHELL32.dll (Microsoft Corporation)
Winsock: Catalog5 01 C:\WINXP\system32\mswsock.dll [245248] (Microsoft Corporation)
Winsock: Catalog5 02 C:\WINXP\system32\winrnr.dll [16896] (Microsoft Corporation)
Winsock: Catalog5 03 C:\WINXP\system32\mswsock.dll [245248] (Microsoft Corporation)
Winsock: Catalog9 01 C:\WINXP\system32\mswsock.dll [245248] (Microsoft Corporation)
Winsock: Catalog9 02 C:\WINXP\system32\mswsock.dll [245248] (Microsoft Corporation)
Winsock: Catalog9 03 C:\WINXP\system32\mswsock.dll [245248] (Microsoft Corporation)
Winsock: Catalog9 04 C:\WINXP\system32\mswsock.dll [245248] (Microsoft Corporation)
Winsock: Catalog9 05 C:\WINXP\system32\mswsock.dll [245248] (Microsoft Corporation)
Winsock: Catalog9 06 C:\WINXP\system32\mswsock.dll [245248] (Microsoft Corporation)
Winsock: Catalog9 07 C:\WINXP\system32\mswsock.dll [245248] (Microsoft Corporation)
Winsock: Catalog9 08 C:\WINXP\system32\mswsock.dll [245248] (Microsoft Corporation)
Winsock: Catalog9 09 C:\WINXP\system32\mswsock.dll [245248] (Microsoft Corporation)
Winsock: Catalog9 10 C:\WINXP\system32\mswsock.dll [245248] (Microsoft Corporation)
Winsock: Catalog9 11 C:\WINXP\system32\mswsock.dll [245248] (Microsoft Corporation)
Winsock: Catalog9 12 C:\WINXP\system32\mswsock.dll [245248] (Microsoft Corporation)
Winsock: Catalog9 13 C:\WINXP\system32\mswsock.dll [245248] (Microsoft Corporation)
Winsock: Catalog9 14 C:\WINXP\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Winsock: Catalog9 15 C:\WINXP\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Tcpip\..\Interfaces\{E753F80A-A00F-45BB-A831-6D6FC66331A8}: [NameServer]
FF ProfilePath: C:\Documents and Settings\Zore.HOME-193E3C216B\Application Data\Mozilla\Firefox\Profiles\lwu1g1ez.default
FF NewTab: hxxp://www.searchalgo.com/?cid=5032
FF SearchEngineOrder.1:
FF SelectedSearchEngine:
FF Homepage: google.rs
FF Keyword.URL: hxxp://www.searchalgo.com/search.html?cid=5032&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINXP\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-1060284298-813497703-1547161642-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Application Data\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1060284298-813497703-1547161642-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Application Data\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pogodakyu.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\vokabular.xml
FF Extension: Qualys BrowserCheck - C:\Documents and Settings\Zore.HOME-193E3C216B\Application Data\Mozilla\Firefox\Profiles\lwu1g1ez.default\Extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} [2014-12-14]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-06]
FF Extension: No Name - wrc@avast.com [Not Found]
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Application Data\Google\Chrome\Application\19.0.1077.3\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Application Data\Google\Chrome\Application\19.0.1077.3\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Application Data\Google\Chrome\Application\19.0.1077.3\gcswf32.dll ()
CHR Plugin: (Shockwave Flash) - C:\WINXP\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit - C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 8 U25) - C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Profile: C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Application Data\Google\Chrome\User Data\Profile 1
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-06]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-27]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINXP\system32\Macromed\Flash\FlashPlayerUpdateService.exe [267440 2014-12-13] (Adobe Systems Incorporated)
S4 Alerter; C:\WINXP\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation)
R3 ALG; C:\WINXP\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation)
S3 AppMgmt; C:\WINXP\System32\appmgmts.dll [167936 2008-04-14] (Microsoft Corporation)
S3 aspnet_state; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [34312 2008-07-25] (Microsoft Corporation)
R2 AudioSrv; C:\WINXP\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-27] (AVAST Software)
R3 BITS; C:\WINXP\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation)
S2 Browser; C:\WINXP\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation)
S3 CiSvc; C:\WINXP\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation)
S4 ClipSrv; C:\WINXP\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation)
S3 clr_optimization_v2.0.50727_32; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [69632 2008-07-25] (Microsoft Corporation)
S3 COMSysApp; C:\WINXP\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation)
R2 CryptSvc; C:\WINXP\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation)
R2 DcomLaunch; C:\WINXP\system32\rpcss.dll [401408 2010-09-16] (Microsoft Corporation)
R2 Dhcp; C:\WINXP\System32\dhcpcsvc.dll [126976 2008-04-14] (Microsoft Corporation)
S3 dmadmin; C:\WINXP\System32\dmadmin.exe [224768 2008-04-14] (Microsoft Corp., Veritas Software)
R2 dmserver; C:\WINXP\System32\dmserver.dll [23552 2008-04-14] (Microsoft Corp.)
R2 Dnscache; C:\WINXP\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation)
S3 Dot3svc; C:\WINXP\System32\dot3svc.dll [132096 2008-04-14] (Microsoft Corporation)
S3 EapHost; C:\WINXP\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation)
R2 ERSvc; C:\WINXP\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation)
R2 Eventlog; C:\WINXP\system32\services.exe [110592 2010-09-16] (Microsoft Corporation)
R3 EventSystem; C:\WINXP\system32\es.dll [253952 2010-09-16] (Microsoft Corporation)
R3 FastUserSwitchingCompatibility; C:\WINXP\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation)
R2 helpsvc; C:\WINXP\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation)
S3 hkmsvc; C:\WINXP\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation)
S3 HTTPFilter; C:\WINXP\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation)
S3 ImapiService; C:\WINXP\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation)
R2 LanmanServer; C:\WINXP\System32\srvsvc.dll [99840 2010-10-12] (Microsoft Corporation)
R2 lanmanworkstation; C:\WINXP\System32\wkssvc.dll [134144 2010-09-16] (Microsoft Corporation)
R2 LexBceS; C:\WINXP\system32\LEXBCES.EXE [303104 2003-08-18] (Lexmark International, Inc.)
R2 LmHosts; C:\WINXP\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation)
R2 lxbk_device; C:\WINXP\system32\lxbkcoms.exe [537520 2007-04-26] ( )
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S4 Messenger; C:\WINXP\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation)
S3 mnmsrvc; C:\WINXP\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation)
S3 MSDTC; C:\WINXP\system32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation)
S3 MSIServer; C:\WINXP\System32\msiexec.exe [95744 2008-05-19] (Microsoft Corporation)
S3 napagent; C:\WINXP\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)
S4 NetDDE; C:\WINXP\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation)
S4 NetDDEdsdm; C:\WINXP\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation)
S3 Netlogon; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
R3 Netman; C:\WINXP\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation)
R3 Nla; C:\WINXP\System32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
S3 NtLmSsp; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 NtmsSvc; C:\WINXP\system32\ntmssvc.dll [435200 2008-04-14] (Microsoft Corporation)
R2 NVSvc; C:\WINXP\system32\nvsvc32.exe [61440 2002-07-30] (NVIDIA Corporation) [File not signed]
R2 PlugPlay; C:\WINXP\system32\services.exe [110592 2010-09-16] (Microsoft Corporation)
R2 PolicyAgent; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
R2 ProtectedStorage; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 RasAuto; C:\WINXP\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation)
R3 RasMan; C:\WINXP\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation)
S3 RDSessMgr; C:\WINXP\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Corporation)
S4 RemoteAccess; C:\WINXP\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation)
R2 RemoteRegistry; C:\WINXP\system32\regsvc.dll [59904 2008-04-14] (Microsoft Corporation)
S3 RpcLocator; C:\WINXP\system32\locator.exe [75264 2008-04-14] (Microsoft Corporation)
R2 RpcSs; C:\WINXP\system32\rpcss.dll [401408 2010-09-16] (Microsoft Corporation)
S3 RSVP; C:\WINXP\system32\rsvp.exe [132608 2008-04-14] (Microsoft Corporation)
R2 SamSs; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 SCardSvr; C:\WINXP\System32\SCardSvr.exe [95744 2008-04-14] (Microsoft Corporation)
R2 Schedule; C:\WINXP\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Corporation)
R2 seclogon; C:\WINXP\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation)
R2 SENS; C:\WINXP\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation)
R2 SharedAccess; C:\WINXP\System32\ipnathlp.dll [331264 2008-04-14] (Microsoft Corporation)
R2 ShellHWDetection; C:\WINXP\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation)
R2 Spooler; C:\WINXP\system32\spoolsv.exe [58880 2010-09-16] (Microsoft Corporation)
R2 srservice; C:\WINXP\system32\srsvc.dll [171008 2008-04-14] (Microsoft Corporation)
R3 SSDPSRV; C:\WINXP\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation)
R2 stisvc; C:\WINXP\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Corporation)
S3 SwPrv; C:\WINXP\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation)
S3 SysmonLog; C:\WINXP\system32\smlogsvc.exe [89600 2008-04-14] (Microsoft Corporation)
R3 TapiSrv; C:\WINXP\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Corporation)
R3 TermService; C:\WINXP\System32\termsrv.dll [295424 2008-04-14] (Microsoft Corporation)
R2 Themes; C:\WINXP\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation)
S4 TlntSvr; C:\WINXP\system32\tlntsvr.exe [73216 2008-04-14] (Microsoft Corporation)
R2 TrkWks; C:\WINXP\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation)
S3 upnphost; C:\WINXP\System32\upnphost.dll [185856 2008-04-14] (Microsoft Corporation)
S3 UPS; C:\WINXP\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation)
S3 VSS; C:\WINXP\System32\vssvc.exe [289792 2008-04-14] (Microsoft Corporation)
R2 W32Time; C:\WINXP\system32\w32time.dll [175104 2008-04-14] (Microsoft Corporation)
R2 WebClient; C:\WINXP\System32\webclnt.dll [68096 2008-04-14] (Microsoft Corporation)
R2 winmgmt; C:\WINXP\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Corporation)
S3 WmdmPmSN; C:\WINXP\system32\mspmsnsv.dll [27136 2010-09-16] (Microsoft Corporation)
S3 Wmi; C:\WINXP\System32\advapi32.dll [617472 2010-09-16] (Microsoft Corporation)
S3 WmiApSrv; C:\WINXP\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation)
R2 wscsvc; C:\WINXP\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation)
R2 wuauserv; C:\WINXP\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Corporation)
S3 WudfSvc; C:\WINXP\System32\WUDFSvc.dll [55808 2010-09-16] (Microsoft Corporation)
R2 WZCSVC; C:\WINXP\System32\wzcsvc.dll [483840 2010-09-16] (Microsoft Corporation)
S3 xmlprov; C:\WINXP\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 ACPI; C:\WINXP\System32\DRIVERS\ACPI.sys [187776 2008-04-14] (Microsoft Corporation)
S4 ACPIEC; C:\WINXP\system32\Drivers\ACPIEC.sys [11648 2008-04-14] (Microsoft Corporation)
S3 aec; C:\WINXP\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation)
R1 AFD; C:\WINXP\System32\drivers\afd.sys [138496 2011-08-17] (Microsoft Corporation)
R1 AmdK7; C:\WINXP\System32\DRIVERS\amdk7.sys [37760 2010-09-16] (Microsoft Corporation)
R2 aswHwid; C:\WINXP\system32\drivers\aswHwid.sys [24184 2014-11-27] ()
R2 aswMonFlt; C:\WINXP\system32\drivers\aswMonFlt.sys [70384 2014-11-27] (AVAST Software)
R1 AswRdr; C:\WINXP\system32\drivers\aswRdr.sys [55240 2014-11-27] (AVAST Software)
R0 aswRvrt; C:\WINXP\system32\Drivers\aswRvrt.sys [49944 2014-11-27] ()
R1 aswSnx; C:\WINXP\system32\drivers\aswSnx.sys [787800 2014-11-27] (AVAST Software)
R1 aswSP; C:\WINXP\system32\drivers\aswSP.sys [423784 2014-11-27] (AVAST Software)
R1 aswTdi; C:\WINXP\system32\drivers\aswTdi.sys [57928 2014-11-27] (AVAST Software)
R0 aswVmm; C:\WINXP\system32\Drivers\aswVmm.sys [206248 2014-11-27] ()
S3 AsyncMac; C:\WINXP\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Corporation)
R0 atapi; C:\WINXP\System32\DRIVERS\atapi.sys [96512 2008-04-14] (Microsoft Corporation)
S3 Atmarpc; C:\WINXP\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Corporation)
R3 audstub; C:\WINXP\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation)
R1 Beep; C:\WINXP\system32\Drivers\Beep.sys [4224 2008-04-14] (Microsoft Corporation)
S4 cbidf2k; C:\WINXP\system32\Drivers\cbidf2k.sys [13952 2008-04-14] (Microsoft Corporation)
S1 Cdaudio; C:\WINXP\system32\Drivers\Cdaudio.sys [18688 2010-09-16] (Microsoft Corporation)
R4 Cdfs; C:\WINXP\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Corporation)
R1 Cdrom; C:\WINXP\System32\DRIVERS\cdrom.sys [62976 2008-04-14] (Microsoft Corporation)
R0 Disk; C:\WINXP\System32\DRIVERS\disk.sys [36352 2008-04-14] (Microsoft Corporation)
S4 dmboot; C:\WINXP\System32\drivers\dmboot.sys [799744 2008-04-14] (Microsoft Corp., Veritas Software)
R0 dmio; C:\WINXP\System32\drivers\dmio.sys [153344 2008-04-14] (Microsoft Corp., Veritas Software)
R0 dmload; C:\WINXP\System32\drivers\dmload.sys [5888 2008-04-14] (Microsoft Corp., Veritas Software.)
S3 DMusic; C:\WINXP\System32\drivers\DMusic.sys [52864 2008-04-13] (Microsoft Corporation)
S3 drmkaud; C:\WINXP\System32\drivers\drmkaud.sys [2944 2008-04-13] (Microsoft Corporation)
R4 Fastfat; C:\WINXP\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Corporation)
R3 Fdc; C:\WINXP\System32\DRIVERS\fdc.sys [27392 2008-04-14] (Microsoft Corporation)
R1 Fips; C:\WINXP\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Corporation)
R3 Flpydisk; C:\WINXP\System32\DRIVERS\flpydisk.sys [20480 2008-04-14] (Microsoft Corporation)
R0 FltMgr; C:\WINXP\System32\DRIVERS\fltMgr.sys [129792 2008-04-14] (Microsoft Corporation)
U1 Fs_Rec; C:\WINXP\system32\Drivers\Fs_Rec.sys [7936 2008-04-14] (Microsoft Corporation)
R0 Ftdisk; C:\WINXP\System32\DRIVERS\ftdisk.sys [125056 2008-04-14] (Microsoft Corporation)
R3 Gpc; C:\WINXP\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Corporation)
R3 HTTP; C:\WINXP\System32\Drivers\HTTP.sys [265728 2010-09-16] (Microsoft Corporation)
R1 i8042prt; C:\WINXP\System32\DRIVERS\i8042prt.sys [52480 2008-04-14] (Microsoft Corporation)
R1 Imapi; C:\WINXP\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Corporation)
R3 Intels51; C:\WINXP\System32\DRIVERS\Intels51.sys [633220 2002-05-10] (Intel Corporation)
S3 Ip6Fw; C:\WINXP\System32\DRIVERS\Ip6Fw.sys [36608 2008-04-14] (Microsoft Corporation)
S3 IpFilterDriver; C:\WINXP\System32\DRIVERS\ipfltdrv.sys [32896 2008-04-14] (Microsoft Corporation)
S3 IpInIp; C:\WINXP\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Corporation)
R3 IpNat; C:\WINXP\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Corporation)
R1 IPSec; C:\WINXP\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Corporation)
S3 IRENUM; C:\WINXP\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Corporation)
R0 isapnp; C:\WINXP\System32\DRIVERS\isapnp.sys [37248 2008-04-14] (Microsoft Corporation)
R1 Kbdclass; C:\WINXP\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Corporation)
S3 kmixer; C:\WINXP\System32\drivers\kmixer.sys [172416 2008-04-13] (Microsoft Corporation)
R0 KSecDD; C:\WINXP\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation)
R1 mbamchameleon; C:\WINXP\system32\drivers\mbamchameleon.sys [54360 2014-10-01] (Malwarebytes Corporation)
R1 mnmdd; C:\WINXP\system32\Drivers\mnmdd.sys [4224 2008-04-14] (Microsoft Corporation)
R3 Modem; C:\WINXP\system32\Drivers\Modem.sys [30080 2010-09-16] (Microsoft Corporation)
R3 MODEMCSA; C:\WINXP\System32\drivers\MODEMCSA.sys [16128 2001-08-17] (Microsoft Corporation)
R1 Mouclass; C:\WINXP\System32\DRIVERS\mouclass.sys [23040 2010-09-16] (Microsoft Corporation)
R0 MountMgr; C:\WINXP\system32\Drivers\MountMgr.sys [42368 2008-04-14] (Microsoft Corporation)
R3 MRxDAV; C:\WINXP\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] (Microsoft Corporation)
R1 MRxSmb; C:\WINXP\System32\DRIVERS\mrxsmb.sys [457856 2011-07-15] (Microsoft Corporation)
R1 Msfs; C:\WINXP\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Corporation)
S3 MSKSSRV; C:\WINXP\System32\drivers\MSKSSRV.sys [7552 2008-04-13] (Microsoft Corporation)
S3 MSPCLOCK; C:\WINXP\System32\drivers\MSPCLOCK.sys [5376 2008-04-13] (Microsoft Corporation)
S3 MSPQM; C:\WINXP\System32\drivers\MSPQM.sys [4992 2008-04-13] (Microsoft Corporation)
R3 mssmbios; C:\WINXP\System32\DRIVERS\mssmbios.sys [15488 2010-09-16] (Microsoft Corporation)
R0 Mup; C:\WINXP\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation)
R0 NDIS; C:\WINXP\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Corporation)
R3 NdisTapi; C:\WINXP\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation)
R3 Ndisuio; C:\WINXP\System32\DRIVERS\ndisuio.sys [14592 2010-09-16] (Microsoft Corporation)
R3 NdisWan; C:\WINXP\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Corporation)
R3 NDProxy; C:\WINXP\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation)
R1 NetBIOS; C:\WINXP\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Corporation)
R1 NetBT; C:\WINXP\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Corporation)
R1 Npfs; C:\WINXP\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Corporation)
S4 Ntfs; C:\WINXP\system32\Drivers\Ntfs.sys [574976 2008-04-14] (Microsoft Corporation)
R1 Null; C:\WINXP\system32\Drivers\Null.sys [2944 2008-04-14] (Microsoft Corporation)
R3 nv; C:\WINXP\System32\DRIVERS\nv4_mini.sys [994650 2002-07-30] (NVIDIA Corporation) [File not signed]
S3 NwlnkFlt; C:\WINXP\System32\DRIVERS\nwlnkflt.sys [12416 2008-04-14] (Microsoft Corporation)
S3 NwlnkFwd; C:\WINXP\System32\DRIVERS\nwlnkfwd.sys [32512 2008-04-14] (Microsoft Corporation)
R3 Parport; C:\WINXP\System32\DRIVERS\parport.sys [80128 2010-09-16] (Microsoft Corporation)
R0 PartMgr; C:\WINXP\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Corporation)
R2 ParVdm; C:\WINXP\system32\Drivers\ParVdm.sys [6784 2008-04-14] (Microsoft Corporation)
R0 PCI; C:\WINXP\System32\DRIVERS\pci.sys [68224 2008-04-14] (Microsoft Corporation)
S4 Pcmcia; C:\WINXP\system32\Drivers\Pcmcia.sys [120192 2008-04-14] (Microsoft Corporation)
R3 PptpMiniport; C:\WINXP\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Corporation)
R3 PSched; C:\WINXP\System32\DRIVERS\psched.sys [69120 2008-04-14] (Microsoft Corporation)
R3 Ptilink; C:\WINXP\System32\DRIVERS\ptilink.sys [17792 2008-04-14] (Parallel Technologies, Inc.)
R1 RasAcd; C:\WINXP\System32\DRIVERS\rasacd.sys [8832 2008-04-14] (Microsoft Corporation)
R3 Rasl2tp; C:\WINXP\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Corporation)
R3 RasPppoe; C:\WINXP\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Corporation)
R3 Raspti; C:\WINXP\System32\DRIVERS\raspti.sys [16512 2008-04-14] (Microsoft Corporation)
R1 Rdbss; C:\WINXP\System32\DRIVERS\rdbss.sys [175744 2008-04-14] (Microsoft Corporation)
R1 RDPCDD; C:\WINXP\System32\DRIVERS\RDPCDD.sys [4224 2008-04-14] (Microsoft Corporation)
R3 rdpdr; C:\WINXP\System32\DRIVERS\rdpdr.sys [196224 2008-04-13] (Microsoft Corporation)
S3 RDPWD; C:\WINXP\system32\Drivers\RDPWD.sys [139784 2012-07-04] (Microsoft Corporation)
R1 redbook; C:\WINXP\System32\DRIVERS\redbook.sys [57600 2008-04-13] (Microsoft Corporation)
R3 rtl8139; C:\WINXP\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
S3 Secdrv; C:\WINXP\System32\DRIVERS\secdrv.sys [20480 2008-04-14] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
R3 serenum; C:\WINXP\System32\DRIVERS\serenum.sys [15744 2008-04-14] (Microsoft Corporation)
R1 Serial; C:\WINXP\System32\DRIVERS\serial.sys [64512 2008-04-14] (Microsoft Corporation)
S1 Sfloppy; C:\WINXP\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Corporation)
S3 splitter; C:\WINXP\System32\drivers\splitter.sys [6272 2008-04-13] (Microsoft Corporation)
R0 sr; C:\WINXP\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Corporation)
R3 Srv; C:\WINXP\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation)
R3 swenum; C:\WINXP\System32\DRIVERS\swenum.sys [4352 2010-09-16] (Microsoft Corporation)
S3 swmidi; C:\WINXP\System32\drivers\swmidi.sys [56576 2008-04-13] (Microsoft Corporation)
R3 sysaudio; C:\WINXP\System32\drivers\sysaudio.sys [60800 2008-04-13] (Microsoft Corporation)
R1 Tcpip; C:\WINXP\System32\DRIVERS\tcpip.sys [361600 2010-09-16] (Microsoft Corporation)
S3 TDPIPE; C:\WINXP\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation)
S3 TDTCP; C:\WINXP\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Corporation)
R1 TermDD; C:\WINXP\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation)
S4 Udfs; C:\WINXP\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Corporation)
R3 Update; C:\WINXP\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Corporation)
R3 usbehci; C:\WINXP\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation)
R3 usbhub; C:\WINXP\System32\DRIVERS\usbhub.sys [59520 2008-04-14] (Microsoft Corporation)
S3 usbprint; C:\WINXP\System32\DRIVERS\usbprint.sys [25856 2008-04-13] (Microsoft Corporation)
S3 usbscan; C:\WINXP\System32\DRIVERS\usbscan.sys [14976 2013-07-03] (Microsoft Corporation)
S3 USBSTOR; C:\WINXP\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-13] (Microsoft Corporation)
R3 usbuhci; C:\WINXP\System32\DRIVERS\usbuhci.sys [20608 2008-04-14] (Microsoft Corporation)
R1 VgaSave; C:\WINXP\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Corporation)
R0 ViaIde; C:\WINXP\System32\DRIVERS\viaide.sys [5376 2008-04-14] (Microsoft Corporation)
R3 VIAudio; C:\WINXP\System32\drivers\viaudio.sys [42752 2001-11-08] (VIA Technologies, Inc.)
R0 VolSnap; C:\WINXP\system32\Drivers\VolSnap.sys [52352 2008-04-14] (Microsoft Corporation)
R3 Wanarp; C:\WINXP\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Corporation)
R3 wdmaud; C:\WINXP\System32\drivers\wdmaud.sys [83072 2008-04-13] (Microsoft Corporation)
S3 WudfPf; C:\WINXP\System32\DRIVERS\WudfPf.sys [77568 2010-09-16] (Microsoft Corporation)
S3 WudfRd; C:\WINXP\System32\DRIVERS\wudfrd.sys [82944 2010-09-16] (Microsoft Corporation)
S3 GMSIPCI; No ImagePath
S4 IntelIde; No ImagePath
S3 MBAMProtector; \??\C:\WINXP\system32\drivers\mbam.sys [X]
U1 WS2IFSL; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-15 00:00 - 2014-12-15 00:00 - 00032539 _____ () C:\Documents and Settings\Zore.HOME-193E3C216B\Desktop\FRST.txt
2014-12-15 00:00 - 2014-12-15 00:00 - 00000000 ____D () C:\FRST
2014-12-14 23:58 - 2014-12-14 23:58 - 01111040 _____ (Farbar) C:\Documents and Settings\Zore.HOME-193E3C216B\Desktop\FRST.exe
2014-12-14 23:13 - 2014-12-14 23:13 - 00001448 _____ () C:\Documents and Settings\Zore.HOME-193E3C216B\Desktop\AdwCleaner[S4].txt
2014-12-14 22:58 - 2014-12-14 22:58 - 02166272 _____ () C:\Documents and Settings\Zore.HOME-193E3C216B\Desktop\adwcleaner_4.105-.exe
2014-12-14 21:55 - 2014-12-14 21:55 - 00881704 _____ (RaMMicHaeL) C:\Documents and Settings\Zore.HOME-193E3C216B\Desktop\unchecky_setup stiti od ubacivanja nezeljenih linkova u brouzer.exe
2014-12-14 19:29 - 2014-12-14 19:29 - 00000000 ____D () C:\Documents and Settings\Zore.HOME-193E3C216B\Application Data\Qualys
2014-12-14 18:58 - 2014-12-14 18:58 - 00034144 _____ () C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-12-14 18:32 - 2014-12-14 18:32 - 00157160 _____ () C:\WINXP\system32\FNTCACHE.DAT
2014-12-14 01:26 - 2014-12-14 01:26 - 02166272 _____ () C:\Documents and Settings\Zore.HOME-193E3C216B\Desktop\adwcleaner_4.105.exe
2014-12-14 00:44 - 2014-12-14 00:44 - 00000000 ____D () C:\AdwCleaner
2014-12-13 13:36 - 2014-12-13 13:36 - 00000641 _____ () C:\Documents and Settings\All Users.WINXP\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-13 13:36 - 2014-12-13 13:36 - 00000641 _____ () C:\Documents and Settings\All Users.WINXP\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-12 13:55 - 2014-12-12 13:55 - 00000000 ____D () C:\Program Files\ffdshow
2014-12-12 13:55 - 2014-12-12 13:55 - 00000000 ____D () C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Application Data\CodecPerformer
2014-12-12 13:55 - 2014-12-12 13:55 - 00000000 ____D () C:\Documents and Settings\All Users.WINXP\Start Menu\Programs\ffdshow
2014-12-12 13:55 - 2014-12-12 13:55 - 00000000 ____D () C:\Documents and Settings\All Users.WINXP\Start Menu\Programs\ffdshow
2014-12-12 13:55 - 2012-04-09 00:40 - 00079360 _____ () C:\WINXP\system32\ff_vfw.dll
2014-12-12 13:55 - 2011-11-25 17:13 - 00000714 _____ () C:\WINXP\system32\ff_vfw.dll.manifest
2014-12-09 17:09 - 2014-12-09 17:09 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-06 15:46 - 2014-12-13 15:51 - 00000988 _____ () C:\WINXP\Tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-813497703-1547161642-1003Core1d0116368579870.job
2014-12-06 15:44 - 2014-12-13 15:51 - 00000988 _____ () C:\WINXP\Tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-813497703-1547161642-1003Core.job
2014-12-03 19:29 - 2008-04-14 11:00 - 10096640 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\hwxcht.dll
2014-12-03 19:29 - 2008-04-14 11:00 - 01875968 _____ (Microsoft Corporation) C:\WINXP\system32\msir3jp.lex
2014-12-03 19:29 - 2008-04-14 11:00 - 01875968 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\msir3jp.lex
2014-12-03 19:29 - 2008-04-14 11:00 - 01677824 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\chsbrkr.dll
2014-12-03 19:29 - 2008-04-14 11:00 - 01677824 _____ (Microsoft Corporation) C:\WINXP\system32\chsbrkr.dll
2014-12-03 19:29 - 2008-04-14 11:00 - 01158818 _____ () C:\WINXP\system32\korwbrkr.lex
2014-12-03 19:29 - 2008-04-14 11:00 - 01158818 _____ () C:\WINXP\system32\dllcache\korwbrkr.lex
2014-12-03 19:29 - 2008-04-14 11:00 - 00838144 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\chtbrkr.dll
2014-12-03 19:29 - 2008-04-14 11:00 - 00838144 _____ (Microsoft Corporation) C:\WINXP\system32\chtbrkr.dll
2014-12-03 19:29 - 2008-04-14 11:00 - 00098304 _____ (Microsoft Corporation) C:\WINXP\system32\msir3jp.dll
2014-12-03 19:29 - 2008-04-14 11:00 - 00098304 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\msir3jp.dll
2014-12-03 19:29 - 2008-04-14 11:00 - 00070656 _____ (Microsoft Corporation) C:\WINXP\system32\korwbrkr.dll
2014-12-03 19:29 - 2008-04-14 11:00 - 00070656 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\korwbrkr.dll
2014-12-03 19:29 - 2008-04-14 11:00 - 00002060 _____ () C:\WINXP\system32\noise.jpn
2014-12-03 19:29 - 2008-04-14 11:00 - 00001486 _____ () C:\WINXP\system32\noise.kor
2014-12-03 19:28 - 2008-04-14 11:00 - 10129408 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\hwxkor.dll
2014-12-03 19:28 - 2008-04-14 11:00 - 01783864 _____ () C:\WINXP\system32\WINPY.MB
2014-12-03 19:28 - 2008-04-14 11:00 - 01564868 _____ () C:\WINXP\system32\WINSP.MB
2014-12-03 19:28 - 2008-04-14 11:00 - 01223500 _____ () C:\WINXP\system32\WINZM.MB
2014-12-03 19:28 - 2008-04-14 11:00 - 00480256 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\cintsetp.exe
2014-12-03 19:28 - 2008-04-14 11:00 - 00471102 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imskdic.dll
2014-12-03 19:28 - 2008-04-14 11:00 - 00311359 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imepadsv.exe
2014-12-03 19:28 - 2008-04-14 11:00 - 00229439 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\multibox.dll
2014-12-03 19:28 - 2008-04-14 11:00 - 00211938 _____ () C:\WINXP\system32\lcphrase.tbl
2014-12-03 19:28 - 2008-04-14 11:00 - 00198656 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\cintime.dll
2014-12-03 19:28 - 2008-04-14 11:00 - 00189986 _____ () C:\WINXP\system32\dllcache\c_1361.nls
2014-12-03 19:28 - 2008-04-14 11:00 - 00189986 _____ () C:\WINXP\system32\c_1361.nls
2014-12-03 19:28 - 2008-04-14 11:00 - 00180258 _____ () C:\WINXP\system32\dllcache\c_20000.nls
2014-12-03 19:28 - 2008-04-14 11:00 - 00180258 _____ () C:\WINXP\system32\c_20000.nls
2014-12-03 19:28 - 2008-04-14 11:00 - 00177698 _____ () C:\WINXP\system32\dllcache\c_20949.nls
2014-12-03 19:28 - 2008-04-14 11:00 - 00177698 _____ () C:\WINXP\system32\c_20949.nls
2014-12-03 19:28 - 2008-04-14 11:00 - 00173602 _____ () C:\WINXP\system32\dllcache\c_20936.nls
2014-12-03 19:28 - 2008-04-14 11:00 - 00173602 _____ () C:\WINXP\system32\dllcache\c_10008.nls
2014-12-03 19:28 - 2008-04-14 11:00 - 00173602 _____ () C:\WINXP\system32\c_20936.nls
2014-12-03 19:28 - 2008-04-14 11:00 - 00173602 _____ () C:\WINXP\system32\c_10008.nls
2014-12-03 19:28 - 2008-04-14 11:00 - 00146126 _____ () C:\WINXP\system32\array30.tab
2014-12-03 19:28 - 2008-04-14 11:00 - 00143422 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\softkey.dll
2014-12-03 19:28 - 2008-04-14 11:00 - 00134339 _____ () C:\WINXP\system32\dllcache\imekr.lex
2014-12-03 19:28 - 2008-04-14 11:00 - 00116285 _____ () C:\WINXP\system32\msdayi.tbl
2014-12-03 19:28 - 2008-04-14 11:00 - 00110566 _____ () C:\WINXP\system32\arphr.tbl
2014-12-03 19:28 - 2008-04-14 11:00 - 00108827 _____ () C:\WINXP\system32\dllcache\hanja.lex
2014-12-03 19:28 - 2008-04-14 11:00 - 00102463 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imepadsm.dll
2014-12-03 19:28 - 2008-04-14 11:00 - 00083748 _____ () C:\WINXP\system32\prcp.nls
2014-12-03 19:28 - 2008-04-14 11:00 - 00083748 _____ () C:\WINXP\system32\prc.nls
2014-12-03 19:28 - 2008-04-14 11:00 - 00083748 _____ () C:\WINXP\system32\dllcache\prcp.nls
2014-12-03 19:28 - 2008-04-14 11:00 - 00083748 _____ () C:\WINXP\system32\dllcache\prc.nls
2014-12-03 19:28 - 2008-04-14 11:00 - 00082172 _____ () C:\WINXP\system32\dllcache\bopomofo.nls
2014-12-03 19:28 - 2008-04-14 11:00 - 00082172 _____ () C:\WINXP\system32\bopomofo.nls
2014-12-03 19:28 - 2008-04-14 11:00 - 00066728 _____ () C:\WINXP\system32\dllcache\big5.nls
2014-12-03 19:28 - 2008-04-14 11:00 - 00066728 _____ () C:\WINXP\system32\big5.nls
2014-12-03 19:28 - 2008-04-14 11:00 - 00059904 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imkrinst.exe
2014-12-03 19:28 - 2008-04-14 11:00 - 00057398 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imjpdadm.exe
2014-12-03 19:28 - 2008-04-14 11:00 - 00047066 _____ () C:\WINXP\system32\ksc.nls
2014-12-03 19:28 - 2008-04-14 11:00 - 00047066 _____ () C:\WINXP\system32\dllcache\ksc.nls
2014-12-03 19:28 - 2008-04-14 11:00 - 00045109 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imjpuex.exe
2014-12-03 19:28 - 2008-04-14 11:00 - 00044370 _____ () C:\WINXP\system32\acode.tbl
2014-12-03 19:28 - 2008-04-14 11:00 - 00044370 _____ () C:\WINXP\system32\a234.tbl
2014-12-03 19:28 - 2008-04-14 11:00 - 00044032 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imekrmig.exe
2014-12-03 19:28 - 2008-04-14 11:00 - 00043242 _____ () C:\WINXP\system32\phoncode.tbl
2014-12-03 19:28 - 2008-04-14 11:00 - 00036927 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\padrs411.dll
2014-12-03 19:28 - 2008-04-14 11:00 - 00036864 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\hanjadic.dll
2014-12-03 19:28 - 2008-04-14 11:00 - 00028288 _____ () C:\WINXP\system32\xjis.nls
2014-12-03 19:28 - 2008-04-14 11:00 - 00028288 _____ () C:\WINXP\system32\dllcache\xjis.nls
2014-12-03 19:28 - 2008-04-14 11:00 - 00024114 _____ () C:\WINXP\system32\lcptr.tbl
2014-12-03 19:28 - 2008-04-14 11:00 - 00021504 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\cintlgnt.ime
2014-12-03 19:28 - 2008-04-14 11:00 - 00021504 _____ (Microsoft Corporation) C:\WINXP\system32\CINTLGNT.IME
2014-12-03 19:28 - 2008-04-14 11:00 - 00019456 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\agt0404.dll
2014-12-03 19:28 - 2008-04-14 11:00 - 00018600 _____ () C:\WINXP\system32\arrayhw.tab
2014-12-03 19:28 - 2008-04-14 11:00 - 00016312 _____ () C:\WINXP\system32\arptr.tbl
2014-12-03 19:28 - 2008-04-14 11:00 - 00016254 _____ () C:\WINXP\system32\PINTLPAE.HLP
2014-12-03 19:28 - 2008-04-14 11:00 - 00015872 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\padrs404.dll
2014-12-03 19:28 - 2008-04-14 11:00 - 00014821 _____ () C:\WINXP\system32\PINTLPAD.HLP
2014-12-03 19:28 - 2008-04-14 11:00 - 00014336 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\padrs412.dll
2014-12-03 19:28 - 2008-04-14 11:00 - 00009216 _____ (Microsoft Corporation) C:\WINXP\system32\kbdnecAT.dll
2014-12-03 19:28 - 2008-04-14 11:00 - 00009216 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdnecat.dll
2014-12-03 19:28 - 2008-04-14 11:00 - 00007680 _____ (Microsoft Corporation) C:\WINXP\system32\kbdnecNT.dll
2014-12-03 19:28 - 2008-04-14 11:00 - 00007680 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdnecnt.dll
2014-12-03 19:28 - 2008-04-14 11:00 - 00007168 _____ (Microsoft Corporation) C:\WINXP\system32\kbdnec95.dll
2014-12-03 19:28 - 2008-04-14 11:00 - 00007168 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdnec95.dll
2014-12-03 19:28 - 2008-04-14 11:00 - 00006656 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\c_is2022.dll
2014-12-03 19:28 - 2008-04-14 11:00 - 00006656 _____ (Microsoft Corporation) C:\WINXP\system32\c_is2022.dll
2014-12-03 19:28 - 2008-04-14 11:00 - 00006144 _____ (Microsoft Corporation) C:\WINXP\system32\kbd101a.dll
2014-12-03 19:28 - 2008-04-14 11:00 - 00006144 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbd101a.dll
2014-12-03 19:28 - 2008-04-14 11:00 - 00004071 _____ () C:\WINXP\system32\phon.tbl
2014-12-03 19:28 - 2008-04-14 11:00 - 00002714 _____ () C:\WINXP\system32\phonptr.tbl
2014-12-03 19:28 - 2008-04-14 11:00 - 00001460 _____ () C:\WINXP\system32\a15.tbl
2014-12-03 19:28 - 2008-04-14 11:00 - 00000700 _____ () C:\WINXP\system32\dayiptr.tbl
2014-12-03 19:28 - 2008-04-14 11:00 - 00000520 _____ () C:\WINXP\system32\dayiphr.tbl
2014-12-03 19:27 - 2008-04-14 11:00 - 13463552 _____ () C:\WINXP\system32\dllcache\hwxjpn.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00811064 _____ (Microsoft Corporation) C:\WINXP\system32\imjp81k.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00811064 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imjp81k.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00716856 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imjpcus.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00571392 _____ (Microsoft Corporation) C:\WINXP\system32\TINTLGNT.IME
2014-12-03 19:27 - 2008-04-14 11:00 - 00571392 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\tintlgnt.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00482304 _____ (Microsoft Corporation) C:\WINXP\system32\PINTLGNT.IME
2014-12-03 19:27 - 2008-04-14 11:00 - 00482304 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\pintlgnt.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00455168 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\tintsetp.exe
2014-12-03 19:27 - 2008-04-14 11:00 - 00426041 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\voicepad.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00368696 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imjpcic.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00340023 _____ (Microsoft Corporation) C:\WINXP\system32\imjp81.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00340023 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imjp81.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00315455 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imskf.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00307257 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imjpdct.exe
2014-12-03 19:27 - 2008-04-14 11:00 - 00274489 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imjputyc.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00262200 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imjputy.exe
2014-12-03 19:27 - 2008-04-14 11:00 - 00233527 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imjprw.exe
2014-12-03 19:27 - 2008-04-14 11:00 - 00218112 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\c_g18030.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00218112 _____ (Microsoft Corporation) C:\WINXP\system32\c_g18030.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00208952 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imjpmig.exe
2014-12-03 19:27 - 2008-04-14 11:00 - 00196665 _____ () C:\WINXP\system32\dllcache\imjpinst.exe
2014-12-03 19:27 - 2008-04-14 11:00 - 00175104 _____ () C:\WINXP\system32\dllcache\pintlcsa.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00173568 _____ () C:\WINXP\system32\dllcache\chtskf.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00156672 _____ (Microsoft Corporation) C:\WINXP\system32\WINZM.IME
2014-12-03 19:27 - 2008-04-14 11:00 - 00156672 _____ (Microsoft Corporation) C:\WINXP\system32\WINSP.IME
2014-12-03 19:27 - 2008-04-14 11:00 - 00156672 _____ (Microsoft Corporation) C:\WINXP\system32\WINPY.IME
2014-12-03 19:27 - 2008-04-14 11:00 - 00156672 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\winzm.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00156672 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\winsp.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00156672 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\winpy.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00155705 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imjpdsvr.exe
2014-12-03 19:27 - 2008-04-14 11:00 - 00106496 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imekrcic.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00102456 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imlang.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00097792 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\chtmbx.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00094720 _____ (Microsoft Corporation) C:\WINXP\system32\imekr61.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00094720 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imekr61.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00086073 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\voicesub.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00086016 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imekrmbx.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00081976 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\imjpdct.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00079360 _____ (Microsoft Corporation) C:\WINXP\system32\winar30.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00079360 _____ (Microsoft Corporation) C:\WINXP\system32\phon.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00079360 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\winar30.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00079360 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\phon.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00078848 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\dayi.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00078848 _____ (Microsoft Corporation) C:\WINXP\system32\dayi.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00078336 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\chajei.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00078336 _____ (Microsoft Corporation) C:\WINXP\system32\chajei.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00077824 _____ (Microsoft Corporation) C:\WINXP\system32\quick.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00077824 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\quick.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00076288 _____ (Microsoft Corporation) C:\WINXP\system32\uniime.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00076288 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\uniime.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00072704 _____ (Microsoft Corporation) C:\WINXP\system32\WINGB.IME
2014-12-03 19:27 - 2008-04-14 11:00 - 00072704 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\wingb.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00070144 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\pintlphr.exe
2014-12-03 19:27 - 2008-04-14 11:00 - 00067584 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\pmigrate.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00065536 _____ (Microsoft Corporation) C:\WINXP\system32\winime.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00065536 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\winime.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00065024 _____ (Microsoft Corporation) C:\WINXP\system32\unicdime.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00065024 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\unicdime.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00059392 _____ () C:\WINXP\system32\dllcache\imscinst.exe
2014-12-03 19:27 - 2008-04-14 11:00 - 00057399 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\cplexe.exe
2014-12-03 19:27 - 2008-04-14 11:00 - 00056320 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\chtskdic.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00053760 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\pintlcsd.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00044032 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\tintlphr.exe
2014-12-03 19:27 - 2008-04-14 11:00 - 00026112 _____ (Microsoft Corporation) C:\WINXP\system32\romanime.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00026112 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\romanime.ime
2014-12-03 19:27 - 2008-04-14 11:00 - 00019456 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\agt0804.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00019456 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\agt0412.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00019456 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\agt0411.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00015360 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\padrs804.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00011776 _____ (Microsoft Corporation) C:\WINXP\system32\miniime.tpl
2014-12-03 19:27 - 2008-04-14 11:00 - 00010240 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\tmigrate.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00007168 _____ (Microsoft Corporation) C:\WINXP\system32\kbdibm02.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00007168 _____ (Microsoft Corporation) C:\WINXP\system32\f3ahvoas.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00007168 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdibm02.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00007168 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\f3ahvoas.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00006656 _____ (Microsoft Corporation) C:\WINXP\system32\kbdlk41a.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00006656 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdlk41a.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00006144 _____ (Microsoft Corporation) C:\WINXP\system32\kbdlk41j.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00006144 _____ (Microsoft Corporation) C:\WINXP\system32\kbdax2.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00006144 _____ (Microsoft Corporation) C:\WINXP\system32\kbd106n.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00006144 _____ (Microsoft Corporation) C:\WINXP\system32\kbd101.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00006144 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdlk41j.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00006144 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdax2.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00006144 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbd106n.dll
2014-12-03 19:27 - 2008-04-14 11:00 - 00006144 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbd101.dll
2014-12-03 19:27 - 2008-04-14 03:39 - 00006144 _____ (Microsoft Corporation) C:\WINXP\system32\kbd106.dll
2014-12-03 19:27 - 2008-04-14 03:39 - 00006144 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbd106.dll
2014-12-03 19:27 - 2001-08-17 20:36 - 00008704 _____ (Microsoft Corporation) C:\WINXP\system32\kbdjpn.dll
2014-12-03 19:27 - 2001-08-17 20:36 - 00008704 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdjpn.dll
2014-12-03 19:27 - 2001-08-17 20:36 - 00008192 _____ (Microsoft Corporation) C:\WINXP\system32\kbdkor.dll
2014-12-03 19:27 - 2001-08-17 20:36 - 00008192 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdkor.dll
2014-12-03 19:27 - 2001-08-17 12:55 - 00006144 _____ (Microsoft Corporation) C:\WINXP\system32\kbd101c.dll
2014-12-03 19:27 - 2001-08-17 12:55 - 00006144 _____ (Microsoft Corporation) C:\WINXP\system32\kbd101b.dll
2014-12-03 19:27 - 2001-08-17 12:55 - 00006144 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbd101c.dll
2014-12-03 19:27 - 2001-08-17 12:55 - 00006144 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbd101b.dll
2014-12-03 19:27 - 2001-08-17 12:55 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\kbd103.dll
2014-12-03 19:27 - 2001-08-17 12:55 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbd103.dll
2014-12-03 19:26 - 2008-04-14 11:00 - 00180770 _____ () C:\WINXP\system32\dllcache\c_20932.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00180770 _____ () C:\WINXP\system32\c_20932.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_21027.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_20924.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_20424.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_20420.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_20297.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_20285.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_20284.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_20280.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_20278.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_20277.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_20273.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_20269.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_20108.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_20105.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_1149.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_1147.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_1144.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_1142.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_1047.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_21027.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_20924.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_20424.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_20420.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_20297.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_20285.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_20284.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_20280.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_20278.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_20277.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_20273.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_20269.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_20108.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_20105.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_1149.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_1147.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_1144.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_1142.nls
2014-12-03 19:26 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_1047.nls
2014-12-03 18:46 - 2008-04-14 11:00 - 00066082 ____N () C:\WINXP\system32\c_20290.nls
2014-12-03 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_20423.nls
2014-12-03 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_20290.nls
2014-12-03 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_1146.nls
2014-12-03 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_1145.nls
2014-12-03 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_1143.nls
2014-12-03 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_1141.nls
2014-12-03 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_1140.nls
2014-12-03 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_20423.nls
2014-12-03 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_1146.nls
2014-12-03 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_1145.nls
2014-12-03 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_1143.nls
2014-12-03 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_1141.nls
2014-12-03 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_1140.nls
2014-12-02 18:46 - 2008-04-14 11:00 - 00195618 ____N () C:\WINXP\system32\c_10002.nls
2014-12-02 18:46 - 2008-04-14 11:00 - 00195618 _____ () C:\WINXP\system32\dllcache\c_10002.nls
2014-12-02 18:46 - 2008-04-14 11:00 - 00177698 ____N () C:\WINXP\system32\c_10003.nls
2014-12-02 18:46 - 2008-04-14 11:00 - 00177698 _____ () C:\WINXP\system32\dllcache\c_10003.nls
2014-12-02 18:46 - 2008-04-14 11:00 - 00162850 ____N () C:\WINXP\system32\c_10001.nls
2014-12-02 18:46 - 2008-04-14 11:00 - 00162850 _____ () C:\WINXP\system32\dllcache\c_10001.nls
2014-12-02 18:46 - 2008-04-14 11:00 - 00066594 _____ () C:\WINXP\system32\dllcache\c_858.nls
2014-12-02 18:46 - 2008-04-14 11:00 - 00066594 _____ () C:\WINXP\system32\c_858.nls
2014-12-02 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_870.nls
2014-12-02 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_21025.nls
2014-12-02 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_20880.nls
2014-12-02 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_20871.nls
2014-12-02 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_20107.nls
2014-12-02 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_20106.nls
2014-12-02 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_1148.nls
2014-12-02 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_870.nls
2014-12-02 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_21025.nls
2014-12-02 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_20880.nls
2014-12-02 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_20871.nls
2014-12-02 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_20107.nls
2014-12-02 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_20106.nls
2014-12-02 18:46 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_1148.nls
2014-12-02 18:42 - 2008-04-14 11:00 - 00185344 _____ (Microsoft Corporation) C:\WINXP\system32\Thawbrkr.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00185344 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\thawbrkr.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00066594 _____ () C:\WINXP\system32\dllcache\c_864.nls
2014-12-02 18:42 - 2008-04-14 11:00 - 00066594 _____ () C:\WINXP\system32\c_864.nls
2014-12-02 18:42 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_28596.nls
2014-12-02 18:42 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_10004.nls
2014-12-02 18:42 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_28596.nls
2014-12-02 18:42 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_10004.nls
2014-12-02 18:42 - 2008-04-14 11:00 - 00010752 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\c_iscii.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00010752 _____ (Microsoft Corporation) C:\WINXP\system32\c_iscii.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00006144 ____R (Microsoft Corporation) C:\WINXP\system32\kbdinpun.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00006144 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdinpun.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 ____R (Microsoft Corporation) C:\WINXP\system32\kbdvntc.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 ____R (Microsoft Corporation) C:\WINXP\system32\kbdurdu.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 ____R (Microsoft Corporation) C:\WINXP\system32\kbdsyr2.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 ____R (Microsoft Corporation) C:\WINXP\system32\kbdsyr1.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 ____R (Microsoft Corporation) C:\WINXP\system32\kbdintel.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 ____R (Microsoft Corporation) C:\WINXP\system32\kbdintam.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 ____R (Microsoft Corporation) C:\WINXP\system32\kbdinmar.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 ____R (Microsoft Corporation) C:\WINXP\system32\kbdinkan.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 ____R (Microsoft Corporation) C:\WINXP\system32\kbdinhin.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 ____R (Microsoft Corporation) C:\WINXP\system32\kbdinguj.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 ____R (Microsoft Corporation) C:\WINXP\system32\kbdindev.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 ____R (Microsoft Corporation) C:\WINXP\system32\kbdfa.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 ____R (Microsoft Corporation) C:\WINXP\system32\kbddiv2.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 ____R (Microsoft Corporation) C:\WINXP\system32\kbddiv1.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 ____R (Microsoft Corporation) C:\WINXP\system32\kbda3.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 ____R (Microsoft Corporation) C:\WINXP\system32\kbda2.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 ____R (Microsoft Corporation) C:\WINXP\system32\kbda1.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\kbdusa.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdvntc.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdusa.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdurdu.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdsyr2.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdsyr1.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdintel.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdintam.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdinmar.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdinkan.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdinhin.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdinguj.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdindev.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdfa.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbddiv2.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbddiv1.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbda3.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbda2.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbda1.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005120 ____R (Microsoft Corporation) C:\WINXP\system32\kbdgeo.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005120 ____R (Microsoft Corporation) C:\WINXP\system32\kbdarmw.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005120 ____R (Microsoft Corporation) C:\WINXP\system32\kbdarme.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005120 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdgeo.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005120 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdarmw.dll
2014-12-02 18:42 - 2008-04-14 11:00 - 00005120 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdarme.dll
2014-12-02 18:41 - 2008-04-14 11:00 - 00066594 _____ () C:\WINXP\system32\dllcache\c_862.nls
2014-12-02 18:41 - 2008-04-14 11:00 - 00066594 _____ () C:\WINXP\system32\dllcache\c_720.nls
2014-12-02 18:41 - 2008-04-14 11:00 - 00066594 _____ () C:\WINXP\system32\c_862.nls
2014-12-02 18:41 - 2008-04-14 11:00 - 00066594 _____ () C:\WINXP\system32\c_720.nls
2014-12-02 18:41 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_708.nls
2014-12-02 18:41 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_10021.nls
2014-12-02 18:41 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\dllcache\c_10005.nls
2014-12-02 18:41 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_708.nls
2014-12-02 18:41 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_10021.nls
2014-12-02 18:41 - 2008-04-14 11:00 - 00066082 _____ () C:\WINXP\system32\c_10005.nls
2014-12-02 18:41 - 2008-04-14 11:00 - 00019456 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\agt040d.dll
2014-12-02 18:41 - 2008-04-14 11:00 - 00019456 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\agt0401.dll
2014-12-02 18:41 - 2008-04-14 11:00 - 00006144 ____R (Microsoft Corporation) C:\WINXP\system32\kbdth3.dll
2014-12-02 18:41 - 2008-04-14 11:00 - 00006144 ____R (Microsoft Corporation) C:\WINXP\system32\kbdth2.dll
2014-12-02 18:41 - 2008-04-14 11:00 - 00006144 _____ (Microsoft Corporation) C:\WINXP\system32\ftlx041e.dll
2014-12-02 18:41 - 2008-04-14 11:00 - 00006144 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdth3.dll
2014-12-02 18:41 - 2008-04-14 11:00 - 00006144 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdth2.dll
2014-12-02 18:41 - 2008-04-14 11:00 - 00006144 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\ftlx041e.dll
2014-12-02 18:41 - 2008-04-14 11:00 - 00005632 ____R (Microsoft Corporation) C:\WINXP\system32\kbdth1.dll
2014-12-02 18:41 - 2008-04-14 11:00 - 00005632 ____R (Microsoft Corporation) C:\WINXP\system32\kbdth0.dll
2014-12-02 18:41 - 2008-04-14 11:00 - 00005632 ____R (Microsoft Corporation) C:\WINXP\system32\kbdheb.dll
2014-12-02 18:41 - 2008-04-14 11:00 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdth1.dll
2014-12-02 18:41 - 2008-04-14 11:00 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdth0.dll
2014-12-02 18:41 - 2008-04-14 11:00 - 00005632 _____ (Microsoft Corporation) C:\WINXP\system32\dllcache\kbdheb.dll
2014-12-01 20:35 - 2014-12-13 13:21 - 00000826 _____ () C:\WINXP\Tasks\Adobe Flash Player Updater.job
2014-11-27 01:51 - 2014-11-27 01:52 - 00001642 _____ () C:\Documents and Settings\All Users.WINXP\Desktop\Avast Free Antivirus.lnk
2014-11-27 01:40 - 2014-11-27 01:38 - 00291352 _____ (AVAST Software) C:\WINXP\system32\aswBoot.exe
2014-11-27 01:38 - 2014-11-27 01:38 - 00043152 _____ (AVAST Software) C:\WINXP\avastSS.scr
2014-11-26 22:50 - 2014-12-10 16:21 - 00000754 _____ () C:\WINXP\WORDPAD.INI
2014-11-24 20:47 - 2014-11-24 20:47 - 00000591 _____ () C:\Documents and Settings\Zore.HOME-193E3C216B\Desktop\za Draganu.lnk
2014-11-24 16:23 - 2014-11-24 16:23 - 00000000 ____D () C:\Documents and Settings\Zore.HOME-193E3C216B\My Documents\ACD FotoAngelo
2014-11-24 16:17 - 2014-11-24 16:17 - 00000000 ____D () C:\Program Files\Common Files\ACD Systems
2014-11-24 16:17 - 2014-11-24 16:17 - 00000000 ____D () C:\Documents and Settings\All Users.WINXP\Start Menu\Programs\ACD Systems
2014-11-24 16:17 - 2014-11-24 16:17 - 00000000 ____D () C:\Documents and Settings\All Users.WINXP\Start Menu\Programs\ACD Systems
2014-11-21 15:44 - 2014-11-21 15:44 - 00000000 ____D () C:\WINXP\Microsoft.NET
2014-11-21 15:43 - 2014-11-21 15:43 - 00000000 ____D () C:\Documents and Settings\Zore.HOME-193E3C216B\Start Menu\Programs\The KMPlayer
2014-11-21 15:42 - 2014-11-21 15:42 - 00000000 ____D () C:\KMPlayer
2014-11-18 03:09 - 2014-11-18 03:09 - 00000000 ____D () C:\Documents and Settings\Zore.HOME-193E3C216B\Start Menu\Programs\1clickmoviedownloader.com
2014-11-18 02:23 - 2014-11-18 02:23 - 00000000 ____D () C:\Program Files\WinSnap
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-14 23:18 - 2014-11-06 17:54 - 00000364 ____H () C:\WINXP\Tasks\avast! Emergency Update.job
2014-12-14 23:12 - 2014-11-06 17:00 - 00000159 _____ () C:\WINXP\wiadebug.log
2014-12-14 23:11 - 2014-11-06 17:20 - 00000006 ____H () C:\WINXP\Tasks\SA.DAT
2014-12-14 23:10 - 2014-11-06 17:22 - 00000178 ___SH () C:\Documents and Settings\Zore.HOME-193E3C216B\ntuser.ini
2014-12-14 23:10 - 2014-11-06 17:20 - 00032618 _____ () C:\WINXP\SchedLgU.Txt
2014-12-14 23:10 - 2014-11-06 17:08 - 01518003 _____ () C:\WINXP\WindowsUpdate.log
2014-12-14 23:10 - 2014-11-06 17:00 - 00000050 _____ () C:\WINXP\wiaservc.log
2014-12-13 13:21 - 2014-11-07 16:47 - 00701616 _____ (Adobe Systems Incorporated) C:\WINXP\system32\FlashPlayerApp.exe
2014-12-13 13:21 - 2014-11-07 16:47 - 00071344 _____ (Adobe Systems Incorporated) C:\WINXP\system32\FlashPlayerCPLApp.cpl
2014-12-13 13:15 - 2014-11-06 19:26 - 00114904 _____ (Malwarebytes Corporation) C:\WINXP\system32\Drivers\MBAMSwissArmy.sys
2014-12-13 12:59 - 2008-04-14 10:00 - 00002206 _____ () C:\WINXP\system32\wpa.dbl
2014-12-03 19:19 - 2008-04-14 10:00 - 00000231 _____ () C:\WINXP\system.ini
2014-11-27 01:51 - 2014-11-06 17:54 - 00787800 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswSnx.sys
2014-11-27 01:49 - 2014-11-06 17:54 - 00423784 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswSP.sys
2014-11-27 01:39 - 2014-11-06 19:35 - 00024184 _____ () C:\WINXP\system32\Drivers\aswHwid.sys
2014-11-27 01:39 - 2014-11-06 17:54 - 00206248 _____ () C:\WINXP\system32\Drivers\aswVmm.sys
2014-11-27 01:39 - 2014-11-06 17:54 - 00070384 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswmonflt.sys
2014-11-27 01:39 - 2014-11-06 17:54 - 00057928 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswTdi.sys
2014-11-27 01:39 - 2014-11-06 17:54 - 00049944 _____ () C:\WINXP\system32\Drivers\aswRvrt.sys
2014-11-27 01:38 - 2014-11-06 17:54 - 00055240 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswRdr.sys
2014-11-24 20:02 - 2014-11-09 09:00 - 00025600 _____ () C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-21 15:49 - 2014-11-06 16:58 - 00410892 _____ () C:\WINXP\system32\PerfStringBackup.INI
2014-11-21 15:43 - 2014-11-06 19:58 - 00000433 _____ () C:\Documents and Settings\Zore.HOME-193E3C216B\Desktop\KMPlayer.lnk
2014-11-17 20:00 - 2014-11-06 23:03 - 00000139 _____ () C:\WINXP\msicpl.ini
Some content of TEMP:
C:\Documents and Settings\Zore\Local Settings\Temp\PIPInstaller_PTV_.exe
C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Temp\sqlite3.dll
C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINXP\explorer.exe => File is digitally signed
C:\WINXP\system32\winlogon.exe => File is digitally signed
C:\WINXP\system32\svchost.exe => File is digitally signed
C:\WINXP\system32\services.exe => File is digitally signed
C:\WINXP\system32\User32.dll => File is digitally signed
C:\WINXP\system32\userinit.exe => File is digitally signed
C:\WINXP\system32\rpcss.dll => File is digitally signed
C:\WINXP\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Zaboravio si originalni Adwaere Cleaner izvestaj da mi psotavis.
Vidim da imas Malwarebytes instaliran. Potrebno je da mi dostavis njegov izvestaj, onaj koji govori da je neki vid malware-a detektovana. Evo kako to da uradis:
• Postaviti izvestaj (export-ovati logfile) na uvid;
Ponovo pokrenuti MBAM, klik na History tab > Application Logs. Dvoklik na 'Scan Log' koji pokazuje vreme i datum upravo izvrsenog skeniranja.
1. U novom prozoru klik na 'Export' dugme, pa izabrati 'Text file (*.txt)';
2. Kada se pojavi Save File dialog, izabrati da se log sacuva na Desktop.
U tom istom prozoru, dole pod File name: upisi 'mbam' kao naziv izvestaja i klikni dugme Save.
- Po dobijenoj poruci ("Your file has been successfully exported") izvestaj koji si nazvao kao 'mbam' bice sacuvan na Desktop.
Okaci mbam.txt uz poruku koristeci opciju Prikači fajl.
--- --- --- --- ---
Logovi pokazuju tragove predhodnih infekcija, koje su nepravilno adresirane. Moram ovde izvrsiti dodatnu proveru i da ispravim neke stvari pre nego sto adresiram problem sa Firefox browserom.
1. Preuzmi sUBs-ov ComboFix ( ) sa ovog linka i sačuvaj alat na Desktop.
• Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
• Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.
2. Privremeno deaktiviraj AntiVirus program, u većini slučajeva preko desnog klika na ikonu programa u system tray. Oni mogu ometati alat tokom rada.
Ukoliko nisi siguran kako to da uradiš, isprati ovo uputstvo.
3. Dvoklikom na ikonicu pokreni ComboFix. Potom, na disclaimer prozoru klikni dugme I Agree!
• ComboFix će proveriti da li je dostupna nova verzija alata.
Klikni Yes ako je zatrazeno preuzimanje.
• Ukoliko Recovery Console nije instaliran, ComboFix će ponuditi preuzimanje i instalaciju.
Klikni Yes da bi dozvolio alatu da preuzme i instalira Recovery Console
• ComboFix će skenirati računar po fazama (Stage_#) ukupno 50 faza.
Ne kliktati okolo dok ComboFix ispituje sistem.
• Ukoliko je malware detektovan, ComboFix će zapoceti njegovo uklanjanje.
Iz tog razloga, alat će po potrebi restartovati Windows (nekad i više puta);
Napomena: Ako nakon rada alata dobiješ grešku (Illegal operation attempted on a registry key that has been marked for deletion) prilikom startovanja programa, restartovati računar i to ce rešiti problem.
4. Kada alat završi, formiraće i otvoriti izveštaj (tipična lokacija: C:\ComboFix.txt)
Iskopiraj sadržaj ComboFix.txt izveštaja u poruku.
ComboFix će takođe formirati i dodatan izveštaj (tipicna lokacija: C:\Qoobox\ComboFix-quarantined-files.txt)
Okači ComboFix-quarantined-files.txt izveštaj uz poruku koristeći opciju Prikači fajl
U redu, idemo dalje ...
Sledeci FixList za FRST bi trebao da adresira i ukloni tvoj problem.
1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:
File: c:\winxp\system32\chsbrkr.dll
File: c:\winxp\system32\korwbrkr.dll
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
FF NewTab: hxxp://www.searchalgo.com/?cid=5032
FF SearchEngineOrder.1:
FF Keyword.URL: hxxp://www.searchalgo.com/search.html?cid=5032&q=
c:\documents and settings\Zore.HOME-193E3C216B\Local Settings\Application Data\CodecPerformer
RemoveDirectory: C:\AdwCleaner
2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.
3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.
Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.
--- --- --- --- ---
Iako bi problem u ovom trenutku trebao biti resen, idemo na jos jednu dodatnu proveru ...
Preuzmi smeenk-ov zoek ( ) sa ovog linka i sačuvaj ga na Desktop.
Raspakuj arhivu u neki folder (uputstvo), a zatim:
zatvori browser i ostale pokrenute programe;
privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ;
dvoklikom pokreni zoek na ikonicu programa ;
pričekaj da se alat startuje ...
Klikni na More Options dugme i stikliraj polje ispred sledece opcije:
Auto Clean
Startup Information
Napomena: Stikliraj samo navedenu opciju, ostale opcije ne dirati ! !
Klikni na dugme i pričekaj da se skeniranje završi.
zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.
Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)
Kopiraj sadrzaj tog loga u poruku.
FixLog bi trebao da se nalazi na tvom Desktopu, na istoj lokaciji odakle je i sam alat pokrenut:
C:\Documents and Settings\Zore.HOME-193E3C216B\Desktop
Hajde ponovi postupak sa FixList jos jedan put.
A vezano za Zoek, uputstvo jasno govori da je potrebno privremeno deaktivirati zastitu ukoliko AV pravi neki problem.
Poslao: 16 Dec 2014 17:12
- Zore
- Građanin
- Pridružio: 03 Sep 2005
- Poruke: 76
- Gde živiš: Nis
magna86 HVALA TI na pomoći, uspelo je brisanje !
FixLog nije napravljen i nakon četri pokušaja normalno sa deaktiviranim AVP-om i MAM-om.
Samo sistem biva ošamućen, kao da ga je nešto tresnulo po glavi (dok se ponovo ne podigne i stabilizuje nakon nasilnog gašenja).
Zoek - Prilikom donloadovanja AVP reaguje, ne i prilikom njegovog pokretanja.
Nisam se nadao da proces traje toliko dugo ( 6 sati, verovatno slab procesor)
"Nekako mi je sad PC usporen"
I da nedužim:
Zoek.exe v5.0.0.0 Updated 29-11-2014
Tool run by Zore on уто 16.12.2014 at 10:19:27,17.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode No Internet Access Detected
Launched: C:\Documents and Settings\Zore.HOME-193E3C216B\Desktop\zoek.exe [Scan all users] [Checkboxes used]
==== System Restore Info ======================
16.12.2014 10:30:39 Zoek.exe System Restore Point Created Succesfully.
==== Empty Folders Check ======================
C:\Program Files\WinSnap deleted successfully
C:\Documents and Settings\Zore.HOME-193E3C216B\Start Menu\Programs\1clickmoviedownloader.com deleted successfully
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\{66E2F539-12B6-4870-A500-7689CDE75C5E} deleted successfully
C:\Documents and Settings\Zore\Local Settings\Application Data\GHISLER deleted successfully
C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Application Data\GHISLER deleted successfully
C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Application Data\WMTools Downloaded Files deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
ProfilePath: C:\Documents and Settings\Zore\Application Data\Mozilla\Firefox\Profiles\ofcntqab.default
user.js not found
---- FireFox user.js and prefs.js backups ----
ProfilePath: C:\Documents and Settings\ZORE~1.HOM\Application Data\Mozilla\Firefox\Profiles\lwu1g1ez.default
user.js not found
---- Lines search removed from prefs.js ----
user_pref("browser.newtab.url", "http://www.searchalgo.com/?cid=5032");
user_pref("keyword.URL", "http://www.searchalgo.com/search.html?cid=5032&q=");
---- FireFox user.js and prefs.js backups ----
==== Deleting Files \ Folders ======================
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\{66E2F539-12B6-4870-A500-7689CDE75C5E} not found
C:\Program Files\ComPlus Applications deleted
C:\FOUND.000 deleted
C:\FOUND.001 deleted
C:\FOUND.002 deleted
C:\Documents and Settings\ZORE~1.HOM\Application Data\Mozilla\Firefox\Profiles\lwu1g1ez.default\Invalidprefs.js deleted
==== Startup Registry Enabled ======================
"NetMeter"="E:\PROGRAMi\Meraci protoka internet veze\NetMeter114beta_4.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"MSPY2002"="C:\WINXP\system32\IME\PINTLGNT\ImScInst.exe /SYNC"
"KernelFaultCheck"="%systemroot%\system32\dumprep 0 -k"
"NetMeter"="E:\PROGRAMi\Meraci protoka internet veze\NetMeter114beta_4.exe"
==== Startup Registry Disabled ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
"item"="Adobe Reader Speed Launcher"
"command"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IMJPMIG8.1]
"command"="\"C:\\WINXP\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Lexmark X1100 Series]
"item"="Lexmark X1100 Series"
"command"="\"C:\\Program Files\\Lexmark X1100 Series\\lxbkbmgr.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvCplDaemon]
"command"="RUNDLL32.EXE NvQTwk,NvCplDaemon initialize"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\nwiz]
"command"="nwiz.exe /install"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PHIME2002A]
"command"="C:\\WINXP\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /IMEName"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PHIME2002ASync]
"command"="C:\\WINXP\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /SYNC"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""
==== Task Scheduler Jobs ======================
C:\WINXP\tasks\avast\Undetermined Task.exe []
C:\WINXP\tasks\Adobe Flash Player Updater.job --a------ C:\WINXP\system32\Macromed\Flash\FlashPlayerUpdateService.exe [13.12.2014 13:21]
C:\WINXP\tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-813497703-1547161642-1003Core.job --a------ C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [06.12.2014 15:44]
C:\WINXP\tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-813497703-1547161642-1003Core1d0116368579870.job --a------ C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [06.12.2014 15:44]
==== Firefox Extensions Registry ======================
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06.11.2014 17:54]
==== Firefox Extensions ======================
ProfilePath: C:\Documents and Settings\ZORE~1.HOM\Application Data\Mozilla\Firefox\Profiles\lwu1g1ez.default
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- Qualys BrowserCheck - C:\Documents and Settings\Zore.HOME-193E3C216B\Application Data\Mozilla\Firefox\Profiles\lwu1g1ez.default\extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D}
- Undetermined - wrc@avast.com
- Undetermined - {7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D}
- Qualys BrowserCheck - %ProfilePath%\extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D}
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Documents and Settings\Zore.HOME-193E3C216B\Application Data\Mozilla\Firefox\Profiles\lwu1g1ez.default
424899266BA430CCE5DDB6C1B4BE1B99 - C:\WINXP\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll - Shockwave Flash
D2377C9458EFEB094E38B8C874AA214C - C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Application Data\Google\Update\\npGoogleUpdate3.dll - Google Update
E7006BB5611298DBDD03FE3519C19AC2 - C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U25
238F239EAEFF7E3E782913D599084E18 - C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit
0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
04AF8BC83A89D9B71F7E0BCAF9FDD768 - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat
==== Chromium Look ======================
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[27.11.2014 01:24]
Avast Online Security - Zore.HOME-193E3C216B\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1060284298-813497703-1547161642-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} deleted successfully
HKEY_USERS\S-1-5-21-1060284298-813497703-1547161642-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Empty IE Cache ======================
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINXP\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINXP\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Documents and Settings\Zore\Local Settings\Application Data\Mozilla\Firefox\Profiles\ofcntqab.default\Cache emptied successfully
C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Application Data\Mozilla\Firefox\Profiles\lwu1g1ez.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Documents and Settings\Zore\Local Settings\Application Data\Opera Software\Opera Stable\Cache emptied successfully
C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Application Data\Opera Software\Opera Stable\Cache emptied successfully
C:\Documents and Settings\Zore\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=29 folders=4 4260360 bytes)
==== Empty Temp Folders ======================
C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully
C:\Documents and Settings\Zore\Local Settings\temp emptied successfully
C:\Documents and Settings\Default User.WINXP\Local Settings\temp emptied successfully
C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\temp emptied successfully
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\temp emptied successfully
C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\temp will be emptied at reboot
C:\WINXP\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINXP\Temp successfully emptied
C:\DOCUME~1\ZORE~1.HOM\LOCALS~1\Temp successfully emptied
==== Deleting Files / Folders ======================
"C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Documents and Settings\Zore.HOME-193E3C216B\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Documents and Settings\Zore.HOME-193E3C216B\Application Data\Malwarebytes" not deleted
==== EOF on уто 16.12.2014 at 16:27:23,40 ======================
Poslao: 16 Dec 2014 17:35
- magna86
- Anti Malware Fighter
Rank 2
- Pridružio: 21 Jun 2008
- Poruke: 6104
Tek sutra ti mogu odgovoriti. A do tada, postavi mi FixLog.
Dokle god ne postavis ono sto trazim, tvoj boravak u Ambulanti trajace duze. A kako sam ja malo u stisku sa vremenom, to moze bas i potrajati, a problem je prost.