RECYCLER

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 24 Maj 2012 18:28

Vec duze vrijeme imam RECYCLER i ne mogu da ga se rijesim. Koristim aviru koja ne moze da ga detektuje. Saljem vam logove i nadam se pomoci. GMER restartuje racunar.



.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 6.0.2900.5512
Run by SLAX at 16:17:33 on 2012-05-24
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.98 [GMT 2:00]
.
AV: Avira Desktop *Enabled/Updated* {11638345-E4FC-4BEE-BB73-EC754659C5F6}
FW: FireWall *Enabled*
.
============== Running Processes ===============
.
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
D:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
D:\Program Files\Avira\AntiVir Desktop\avguard.exe
D:\Program Files\Microsoft\BingBar\SeaPort.EXE
D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Documents and Settings\SLAX\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Ovislink\Common\RalinkRegistryWriter.exe
D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
D:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
D:\Program Files\Avira\AntiVir Desktop\avshadow.exe
D:\Program Files\Avira\AntiVir Desktop\avmailc.exe
D:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
D:\WINDOWS\System32\svchost.exe -k HTTPFilter
D:\Program Files\Opera\opera.exe
D:\Program Files\GRETECH\GomPlayer\GOM.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://klit.startnow.com/?src=startpage&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=BA&install_date=20120104&user_guid=A9707543EA7C4280A6ED9B2894607BE3&machine_id=49f5d7d180f32e75ace2bd12a32b0c96&browser=IE&os=win&os_version=5.1-x86-SP3
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - d:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - d:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - d:\program files\startnow toolbar\Toolbar32.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - d:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - d:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "d:\program files\microsoft\bingbar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - d:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - d:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - d:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "d:\program files\microsoft\bingbar\BingExt.dll"
TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - d:\program files\startnow toolbar\Toolbar32.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [ctfmon.exe] d:\windows\system32\ctfmon.exe
uRun: [MsnMsgr] "d:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Google Update] "d:\documents and settings\slax\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [ATIPTA] d:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [avgnt] "d:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [Adobe ARM] "d:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "d:\program files\common files\java\java update\jusched.exe"
dRun: [CTFMON.EXE] d:\windows\system32\CTFMON.EXE
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - d:\program files\pokerstars\PokerStarsUpdate.exe
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - d:\documents and settings\slax\desktop\PartyPoker.lnk
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - d:\program files\windows live\writer\WriterBrowserExtension.dll
LSP: d:\program files\avira\antivir desktop\avsda.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: Interfaces\{0DFEEF4C-74EF-41ED-B8F9-2C648C0ACFF6} : DhcpNameServer = 10.1.0.2
TCP: Interfaces\{AE84AEDC-4FC4-47B1-BC40-E30DE2E93B80} : NameServer = 87.250.98.250 208.67.222.222
Notify: AtiExtEvent - Ati2evxx.dll
.
============= SERVICES / DRIVERS ===============
.
R1 avfwot;avfwot;d:\windows\system32\drivers\avfwot.sys [2011-10-19 112032]
R1 avkmgr;avkmgr;d:\windows\system32\drivers\avkmgr.sys [2011-10-19 36000]
R2 AntiVirFirewallService;Avira FireWall;d:\program files\avira\antivir desktop\avfwsvc.exe [2011-10-19 619472]
R2 AntiVirMailService;Avira Mail Protection;d:\program files\avira\antivir desktop\avmailc.exe [2011-10-19 375760]
R2 AntiVirSchedulerService;Avira Scheduler;d:\program files\avira\antivir desktop\sched.exe [2011-10-19 86224]
R2 AntiVirService;Avira Realtime Protection;d:\program files\avira\antivir desktop\avguard.exe [2011-10-19 110032]
R2 AntiVirWebService;Avira Web Protection;d:\program files\avira\antivir desktop\avwebgrd.exe [2011-10-19 465360]
R2 avgntflt;avgntflt;d:\windows\system32\drivers\avgntflt.sys [2011-10-19 83392]
R2 BBUpdate;BBUpdate;d:\program files\microsoft\bingbar\SeaPort.EXE [2011-6-15 249648]
R2 fssfltr;FssFltr;d:\windows\system32\drivers\fssfltr_tdi.sys [2011-7-25 54760]
R2 RalinkRegistryWriter;Ralink Registry Writer;d:\program files\ovislink\common\RalinkRegistryWriter.exe [2011-5-17 69632]
R2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;d:\program files\startnow toolbar\ToolbarUpdaterService.exe [2011-10-25 244960]
R3 avfwim;AvFw Packet Filter Service;d:\windows\system32\drivers\avfwim.sys [2011-10-19 91968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;d:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;d:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-12 257696]
S3 BBSvc;Bing Bar Update Service;d:\program files\microsoft\bingbar\BBSvc.EXE [2011-7-7 195336]
S3 fsssvc;Windows Live Family Safety Service;d:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;d:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-05-18 17:04:49 2148352 -c----w- d:\windows\system32\dllcache\ntkrnlmp.exe
2012-05-18 17:04:48 2192640 -c----w- d:\windows\system32\dllcache\ntoskrnl.exe
2012-05-18 17:04:44 2026496 -c----w- d:\windows\system32\dllcache\ntkrpamp.exe
2012-05-18 17:04:42 2069120 -c----w- d:\windows\system32\dllcache\ntkrnlpa.exe
2012-05-18 17:02:40 272128 -c----w- d:\windows\system32\dllcache\bthport.sys
2012-05-18 17:01:48 456320 -c----w- d:\windows\system32\dllcache\mrxsmb.sys
2012-05-18 15:20:59 57856 -c--a-w- d:\windows\system32\dllcache\EXCH_scripto.dll
2012-05-18 15:19:59 6144 -c--a-w- d:\windows\system32\dllcache\kbdth3.dll
2012-05-18 15:18:54 42496 -c--a-w- d:\windows\system32\dllcache\davcdata.exe
2012-05-18 15:17:59 6144 -c--a-w- d:\windows\system32\dllcache\ftpsapi2.dll
2012-05-18 15:15:17 575704 -c--a-w- d:\windows\system32\dllcache\wuapi.dll
2012-05-18 14:59:26 24661 -c--a-w- d:\windows\system32\dllcache\spxcoins.dll
2012-05-18 14:59:26 24661 ----a-w- d:\windows\system32\spxcoins.dll
2012-05-18 14:59:26 13312 -c--a-w- d:\windows\system32\dllcache\irclass.dll
2012-05-18 14:59:26 13312 ----a-w- d:\windows\system32\irclass.dll
2012-05-18 14:59:05 16535 ----a-r- d:\windows\SETF2.tmp
2012-05-18 14:59:02 1088840 ----a-r- d:\windows\SETE6.tmp
2012-05-18 14:58:59 1296669 ----a-r- d:\windows\SETE3.tmp
2012-05-18 13:00:59 -------- d-sh--w- D:\found.000
2012-04-24 19:42:55 -------- d-----w- d:\documents and settings\slax\application data\TuneUp Software
2012-04-24 19:41:26 -------- d-----w- d:\documents and settings\all users\application data\TuneUp Software
2012-04-24 19:40:32 -------- d-sh--w- d:\documents and settings\all users\application data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-04-24 19:40:30 -------- d--h--w- d:\documents and settings\all users\application data\Common Files
.
==================== Find3M ====================
.
2012-05-24 13:35:45 36000 ----a-w- d:\windows\system32\drivers\avkmgr.sys
2012-05-18 13:01:53 90112 ----a-w- d:\windows\DUMP537f.tmp
2012-05-14 20:04:18 91968 ----a-w- d:\windows\system32\drivers\avfwim.sys
2012-05-14 20:04:18 83392 ----a-w- d:\windows\system32\drivers\avgntflt.sys
2012-05-14 20:04:18 112032 ----a-w- d:\windows\system32\drivers\avfwot.sys
2012-05-05 06:59:56 70304 ----a-w- d:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-05 06:59:56 419488 ----a-w- d:\windows\system32\FlashPlayerApp.exe
2012-04-11 13:12:06 1862272 ----a-w- d:\windows\system32\win32k.sys
2012-04-11 13:10:58 2192640 ----a-w- d:\windows\system32\ntoskrnl.exe
2012-04-11 12:35:52 2069120 ----a-w- d:\windows\system32\ntkrnlpa.exe
2012-02-29 14:10:16 177664 ----a-w- d:\windows\system32\wintrust.dll
2012-02-29 14:10:16 148480 ----a-w- d:\windows\system32\imagehlp.dll
2012-02-28 18:50:30 667136 ----a-w- d:\windows\system32\wininet.dll
2012-02-28 18:50:30 61952 ----a-w- d:\windows\system32\tdc.ocx
2012-02-28 18:50:29 81920 ----a-w- d:\windows\system32\ieencode.dll
2012-02-28 13:50:54 369664 ----a-w- d:\windows\system32\html.iec
.
============= FINISH: 16:20:20.76 ===============

mycity.rs/must-login.png

mycity.rs/must-login.png

Dopuna: 24 Maj 2012 18:34

postavio sam greskom dvije iste teme

• 1Ovo se svidja korisniku: mcrule
  
  Registruj se da bi pohvalio/la poruku!

Pozdrav, slajad.



Korak 1
Preuzmi program OTL sa donjeg linka na Desktop:

download link



Dvoklikom pokreni OTL;
klikni Run Scan;
po zavrsetku skeniranja, izvestaj (koji ce biti automatski sacuvan na Desktop-u kao OTL.Txt) ce se otvoriti u Notepad-u.

Prilozi izvestaj OTL.txt uz poruku koriscenjem opcije Prikaci fajl.




Korak 2
Preuzmi MCShield sa sledeće adrese:

http://amf.mycity.rs/mcshield/MCShield-Setup.exe

Instaliraj MCShield i sačekaj da se završi uvodno skeniranje.

Kad se završi uvodno skeniranje, ubacuj sve USB memorijske uređaje redom u USB port i svaki zadrži u portu dok MCShield ne izbaci poruku da je skeniranje završeno. Ukoliko imaš više USB uređaja, zabeleži negde kojim su redom ubacivani.

Objašnjenje: U USB memorijske uređaje spadaju svi oni uređaji koji po priključivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uređaji itd.

Idi na Start -> All Programs -> MCShield -> Logs -> AllScans

Otvoriće ti se izveštaj u Notepad-u čiji sadržaj treba da postaviš u poruku



Ivance95 (AMF Tim)

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Evo prvi izvjestaj a za korak 2 ne posjedujem nikakav memorijski uredjaj tipa USB-a.



mycity.rs/must-login.png

mycity.rs/must-login.png

• 2Ovo se svidja korisnicima: TwinHeadedEagle, mcrule
  
  Registruj se da bi pohvalio/la poruku!

Korak 1
Ponovo pokreni program OTL dvoklikom na ikonicu;

U beli okvir prozora gde piše Custom Scans/Fixes iskopirati sledeći tekst:


:services
Updater Service for StartNow Toolbar

:OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://klit.startnow.com/?src=startpage&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=BA&install_date=20120104&user_guid=A9707543EA7C4280A6ED9B2894607BE3&machine_id=49f5d7d180f32e75ace2bd12a32b0c96&browser=IE&os=win&os_version=5.1-x86-SP3
IE - HKCU\..\SearchScopes,DefaultScope = {0388404D-6072-4CEB-B521-8F090FEAEE57}
IE - HKCU\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=BA&install_date=20120104&user_guid=A9707543EA7C4280A6ED9B2894607BE3&machine_id=49f5d7d180f32e75ace2bd12a32b0c96&browser=IE&os=win&os_version=5.1-x86-SP3&iesrc={referrer:source}
CHR - default_search_provider: search_url = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=BA&install_date=20120104&user_guid=A9707543EA7C4280A6ED9B2894607BE3&machine_id=49f5d7d180f32e75ace2bd12a32b0c96&browser=CR&os=win&os_version=5.1-x86-SP3
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - D:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - D:\Program Files\StartNow Toolbar\Toolbar32.dll ()

:files
D:\Program Files\StartNow Toolbar\

:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[Reboot]



Klikni taster Run Fix;


Log koji dobiješ iskopiraj ovde u poruci.



Korak 2
Ponovo pokreni OTL, i postavi mi svež log.


Ivance95 (AMF Tim)

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 26 Maj 2012 0:54

korak 1

All processes killed
========== SERVICES/DRIVERS ==========
Service Updater Service for StartNow Toolbar stopped successfully!
Service Updater Service for StartNow Toolbar deleted successfully!
Error: No service named :OTL was found to stop!
Service\Driver key :OTL not found.
Error: No service named IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = klit.startnow.com/?src=startpage&provid......1-x86-SP3 was found to stop!
Service\Driver key IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = klit.startnow.com/?src=startpage&provid......1-x86-SP3 not found.
Error: No service named IE - HKCU\..\SearchScopes,DefaultScope = {0388404D-6072-4CEB-B521-8F090FEAEE57} was found to stop!
Service\Driver key IE - HKCU\..\SearchScopes,DefaultScope = {0388404D-6072-4CEB-B521-8F090FEAEE57} not found.
Error: No service named IE - HKCU\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=BA&install_date=20120104&user_guid=A9707543EA7C4280A6ED9B2894607BE3&machine_id=49f5d7d180f32e75ace2bd12a32b0c96&browser=IE&os=win&os_version=5.1-x86-SP3&iesrc={referrer:source} was found to stop!
Service\Driver key IE - HKCU\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=BA&install_date=20120104&user_guid=A9707543EA7C4280A6ED9B2894607BE3&machine_id=49f5d7d180f32e75ace2bd12a32b0c96&browser=IE&os=win&os_version=5.1-x86-SP3&iesrc={referrer:source} not found.
Error: No service named CHR - default_search_provider: search_url = klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=BA&install_date=20120104&user_guid=A9707543EA7C4280A6ED9B2894607BE3&machine_id=49f5d7d180f32e75ace2bd12a32b0c96&browser=CR&os=win&os_version=5.1-x86-SP3 was found to stop!
Service\Driver key CHR - default_search_provider: search_url = klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=BA&install_date=20120104&user_guid=A9707543EA7C4280A6ED9B2894607BE3&machine_id=49f5d7d180f32e75ace2bd12a32b0c96&browser=CR&os=win&os_version=5.1-x86-SP3 not found.
Error: No service named O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - D:\Program Files\StartNow Toolbar\Toolbar32.dll () was found to stop!
Service\Driver key O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - D:\Program Files\StartNow Toolbar\Toolbar32.dll () not found.
Error: No service named O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - D:\Program Files\StartNow Toolbar\Toolbar32.dll () was found to stop!
Service\Driver key O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - D:\Program Files\StartNow Toolbar\Toolbar32.dll () not found.
Error: No service named :files was found to stop!
Service\Driver key :files not found.
Error: No service named D:\Program Files\StartNow Toolbar\ was found to stop!
Service\Driver key D:\Program Files\StartNow Toolbar\ not found.
Error: No service named :Commands was found to stop!
Service\Driver key :Commands not found.
Error: No service named [purity] was found to stop!
Service\Driver key [purity] not found.
Error: No service named [emptytemp] was found to stop!
Service\Driver key [emptytemp] not found.
Error: No service named [EMPTYFLASH] was found to stop!
Service\Driver key [EMPTYFLASH] not found.
Error: No service named [Reboot] was found to stop!
Service\Driver key [Reboot] not found.

OTL by OldTimer - Version 3.2.43.1 log created on 05252012_191650

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Dopuna: 26 Maj 2012 8:23

korak 2




OTL logfile created on: 5/26/2012 12:56:20 AM - Run 2
OTL by OldTimer - Version 3.2.43.1 Folder = D:\Documents and Settings\SLAX\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.73 Mb Total Physical Memory | 98.30 Mb Available Physical Memory | 19.25% Memory free
1.22 Gb Paging File | 0.56 Gb Available in Paging File | 46.15% Paging File free
Paging file location(s): d:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 50.11 Gb Total Space | 1.55 Gb Free Space | 3.10% Space Free | Partition Type: NTFS
Drive D: | 24.41 Gb Total Space | 8.64 Gb Free Space | 35.38% Space Free | Partition Type: NTFS
Drive E: | 349.88 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: DONGAGISLAX | User Name: SLAX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/24 21:58:30 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\SLAX\Desktop\OTL.exe
PRC - [2012/05/18 17:53:19 | 000,949,104 | ---- | M] (Opera Software) -- D:\Program Files\Opera\opera.exe
PRC - [2012/05/14 22:04:18 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/05/14 22:04:17 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012/05/14 22:04:16 | 000,619,472 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
PRC - [2012/05/14 22:04:16 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avmailc.exe
PRC - [2012/05/14 22:04:16 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/05/14 22:04:16 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/05/14 22:04:16 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012/03/12 22:25:06 | 000,583,680 | ---- | M] (MyCity) -- D:\Program Files\MCShield\MCShieldRTM.exe
PRC - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2008/07/09 18:33:38 | 000,069,632 | ---- | M] (Ralink Technology, Corp.) -- D:\Program Files\Ovislink\Common\RalinkRegistryWriter.exe
PRC - [2008/04/14 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2002/09/20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/18 17:54:32 | 000,276,480 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2012/05/18 17:54:32 | 000,064,000 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2012/05/18 17:54:32 | 000,046,592 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2012/05/18 17:54:31 | 000,078,336 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2012/05/18 17:54:30 | 000,316,928 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2012/05/18 17:54:30 | 000,168,448 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2012/05/18 17:54:30 | 000,076,800 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2012/05/18 17:54:30 | 000,045,568 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gsttypefindfunctions.dll
MOD - [2012/05/18 17:54:29 | 000,099,840 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2012/05/18 17:54:29 | 000,098,816 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2012/05/18 17:54:29 | 000,098,816 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2012/05/18 17:54:29 | 000,068,608 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2012/05/18 17:54:28 | 000,783,360 | ---- | M] () -- D:\Program Files\Opera\gstreamer\gstreamer.dll
MOD - [2012/05/14 22:04:18 | 000,398,288 | ---- | M] () -- D:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012/05/05 08:59:56 | 008,797,856 | ---- | M] () -- D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2011/10/19 19:21:35 | 000,447,848 | ---- | M] () -- D:\Program Files\Avira\AntiVir Desktop\libxml2.dll
MOD - [2011/10/19 19:18:30 | 000,060,264 | ---- | M] () -- D:\Program Files\Avira\AntiVir Desktop\cares.dll
MOD - [2003/12/02 15:55:14 | 000,086,016 | ---- | M] () -- D:\WINDOWS\system32\ati2evxx.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012/05/14 22:04:18 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/14 22:04:17 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012/05/14 22:04:16 | 000,619,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe -- (AntiVirFirewallService)
SRV - [2012/05/14 22:04:16 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012/05/14 22:04:16 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/05/05 09:00:00 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011/07/07 19:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- D:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2008/07/09 18:33:38 | 000,069,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- D:\Program Files\Ovislink\Common\RalinkRegistryWriter.exe -- (RalinkRegistryWriter)
SRV - [2002/09/20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/05/24 15:35:45 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012/05/14 22:04:18 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/14 22:04:18 | 000,112,032 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\avfwot.sys -- (avfwot)
DRV - [2012/05/14 22:04:18 | 000,091,968 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\avfwim.sys -- (avfwim)
DRV - [2012/05/14 22:04:18 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/10/19 19:29:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/07/09 18:33:36 | 000,491,648 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\rt61.sys -- (RT61)
DRV - [2005/08/30 17:59:00 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2005/08/30 17:58:56 | 000,008,304 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2005/08/30 17:57:18 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2003/12/02 15:57:02 | 000,641,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003/07/31 08:18:49 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2003/01/29 09:29:34 | 000,008,703 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2002/10/15 00:00:00 | 000,101,431 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\IdeChnDr.sys -- (IdeChnDr) Intel(R)
DRV - [2002/10/15 00:00:00 | 000,013,891 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\IdeBusDr.sys -- (IdeBusDr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = klit.startnow.com/?src=startpage&provid......1-x86-SP3
IE - HKCU\..\SearchScopes,DefaultScope = {0388404D-6072-4CEB-B521-8F090FEAEE57}
IE - HKCU\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=BA&install_date=20120104&user_guid=A9707543EA7C4280A6ED9B2894607BE3&machine_id=49f5d7d180f32e75ace2bd12a32b0c96&browser=IE&os=win&os_version=5.1-x86-SP3&iesrc={referrer:source}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: d:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Documents and Settings\SLAX\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Documents and Settings\SLAX\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)


[2011/05/23 21:58:23 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\SLAX\Application Data\Mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: Yahoo (Enabled)
CHR - default_search_provider: search_url = klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=BA&install_date=20120104&user_guid=A9707543EA7C4280A6ED9B2894607BE3&machine_id=49f5d7d180f32e75ace2bd12a32b0c96&browser=CR&os=win&os_version=5.1-x86-SP3
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = D:\Documents and Settings\SLAX\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = D:\Documents and Settings\SLAX\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = D:\Documents and Settings\SLAX\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = D:\Documents and Settings\SLAX\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Disabled) = D:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = D:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = D:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = D:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = D:\Documents and Settings\SLAX\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = D:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = d:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = D:\Documents and Settings\SLAX\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google \u043F\u0440\u0435\u0442\u0440\u0430\u0433\u0430 = D:\Documents and Settings\SLAX\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = D:\Documents and Settings\SLAX\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2008/04/14 14:00:00 | 000,000,734 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - D:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - D:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - D:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - D:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - D:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKCU..\Run: [MCShield Monitor] D:\Program Files\MCShield\MCShieldRTM.exe (MyCity)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - D:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Documents and Settings\SLAX\Desktop\PartyPoker.lnk ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Documents and Settings\SLAX\Desktop\PartyPoker.lnk ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} download.microsoft.com/download/E/5/6/E5611.....ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0DFEEF4C-74EF-41ED-B8F9-2C648C0ACFF6}: DhcpNameServer = 10.1.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AE84AEDC-4FC4-47B1-BC40-E30DE2E93B80}: NameServer = 87.250.98.250 208.67.222.222
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\WINDOWS\system32\userinit.exe) - D:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - D:\WINDOWS\System32\ati2evxx.dll ()
O24 - Desktop WallPaper: D:\Documents and Settings\SLAX\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\SLAX\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/24 15:59:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *sprestrt)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/25 19:16:50 | 000,000,000 | ---D | C] -- D:\_OTL
[2012/05/25 18:49:27 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\SLAX\Recent
[2012/05/25 15:05:47 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\MCShield
[2012/05/25 15:05:44 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\MCShield
[2012/05/25 15:05:43 | 000,000,000 | ---D | C] -- D:\Program Files\MCShield
[2012/05/24 21:58:30 | 000,595,968 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\SLAX\Desktop\OTL.exe
[2012/05/24 18:09:25 | 000,000,000 | ---D | C] -- D:\Documents and Settings\SLAX\Desktop\RootRepeal
[2012/05/24 17:56:27 | 000,000,000 | ---D | C] -- D:\WINDOWS\Minidump
[2012/05/24 16:17:34 | 000,000,000 | R--D | C] -- D:\Documents and Settings\SLAX\My Documents\My Videos
[2012/05/24 16:14:57 | 000,607,260 | R--- | C] (Swearware) -- D:\Documents and Settings\SLAX\Desktop\dds.scr
[2012/05/24 15:48:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2012/05/18 19:04:49 | 002,148,352 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2012/05/18 19:04:48 | 002,192,640 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2012/05/18 19:04:44 | 002,026,496 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2012/05/18 19:04:42 | 002,069,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2012/05/18 19:02:40 | 000,272,128 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\bthport.sys
[2012/05/18 19:01:48 | 000,456,320 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mrxsmb.sys
[2012/05/18 17:52:19 | 000,000,000 | ---D | C] -- D:\Program Files\Opera
[2012/05/18 17:28:32 | 000,000,000 | ---D | C] -- D:\Documents and Settings\SLAX\Desktop\tdi
[2012/05/18 17:24:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\Prefetch
[2012/05/18 17:21:40 | 000,156,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winzm.ime
[2012/05/18 17:21:39 | 000,156,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winsp.ime
[2012/05/18 17:21:39 | 000,156,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winpy.ime
[2012/05/18 17:21:38 | 000,072,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wingb.ime
[2012/05/18 17:21:38 | 000,065,536 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winime.ime
[2012/05/18 17:21:37 | 000,079,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winar30.ime
[2012/05/18 17:21:35 | 000,041,600 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\weitekp9.dll
[2012/05/18 17:21:35 | 000,031,232 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\weitekp9.sys
[2012/05/18 17:21:34 | 000,053,248 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wamreg51.dll
[2012/05/18 17:21:34 | 000,009,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wamps51.dll
[2012/05/18 17:21:33 | 000,364,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\w3svc.dll
[2012/05/18 17:21:33 | 000,076,800 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wam51.dll
[2012/05/18 17:21:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\w3svapi.dll
[2012/05/18 17:21:32 | 000,073,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\w3ext.dll
[2012/05/18 17:21:32 | 000,048,256 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\w32.dll
[2012/05/18 17:21:32 | 000,004,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2012/05/18 17:21:31 | 000,426,041 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\voicepad.dll
[2012/05/18 17:21:31 | 000,086,073 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\voicesub.dll
[2012/05/18 17:21:27 | 000,076,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\uniime.dll
[2012/05/18 17:21:27 | 000,065,024 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\unicdime.ime
[2012/05/18 17:21:26 | 000,103,424 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\uihelper.dll
[2012/05/18 17:21:25 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tsprof.exe
[2012/05/18 17:21:23 | 000,455,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tintsetp.exe
[2012/05/18 17:21:23 | 000,044,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tintlphr.exe
[2012/05/18 17:21:23 | 000,033,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tools.dll
[2012/05/18 17:21:23 | 000,010,240 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tmigrate.dll
[2012/05/18 17:21:22 | 000,571,392 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tintlgnt.ime
[2012/05/18 17:21:22 | 000,185,344 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\thawbrkr.dll
[2012/05/18 17:21:21 | 000,021,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tdipx.sys
[2012/05/18 17:21:21 | 000,019,464 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tdspx.sys
[2012/05/18 17:21:21 | 000,013,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tdasync.sys
[2012/05/18 17:21:17 | 000,046,592 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\svcext51.dll
[2012/05/18 17:21:16 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\status.dll
[2012/05/18 17:21:15 | 000,046,592 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sspifilt.dll
[2012/05/18 17:21:15 | 000,045,056 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ssinc51.dll
[2012/05/18 17:21:14 | 000,101,376 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\srusbusd.dll
[2012/05/18 17:21:12 | 000,143,422 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\softkey.dll
[2012/05/18 17:21:11 | 000,188,416 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpsmir.dll
[2012/05/18 17:21:11 | 000,039,936 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpthrd.dll
[2012/05/18 17:21:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpstup.dll
[2012/05/18 17:21:11 | 000,008,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmptrap.exe
[2012/05/18 17:21:11 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2012/05/18 17:21:10 | 000,358,400 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpincl.dll
[2012/05/18 17:21:10 | 000,259,072 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpcl.dll
[2012/05/18 17:21:10 | 000,033,280 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmp.exe
[2012/05/18 17:21:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpmib.dll
[2012/05/18 17:21:09 | 000,456,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smtpsvc.dll
[2012/05/18 17:21:09 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2012/05/18 17:21:09 | 000,010,752 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smtpapi.dll
[2012/05/18 17:21:08 | 000,236,544 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smi2smir.exe
[2012/05/18 17:21:08 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smb6w.dll
[2012/05/18 17:21:08 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smierrsm.dll
[2012/05/18 17:21:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smimsgif.dll
[2012/05/18 17:21:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smierrsy.dll
[2012/05/18 17:21:07 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm9aw.dll
[2012/05/18 17:21:07 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sma3w.dll
[2012/05/18 17:21:07 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm93w.dll
[2012/05/18 17:21:07 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm92w.dll
[2012/05/18 17:21:07 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm90w.dll
[2012/05/18 17:21:07 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm8dw.dll
[2012/05/18 17:21:06 | 000,030,208 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm87w.dll
[2012/05/18 17:21:06 | 000,030,208 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm81w.dll
[2012/05/18 17:21:06 | 000,029,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm8cw.dll
[2012/05/18 17:21:06 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm8aw.dll
[2012/05/18 17:21:06 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm89w.dll
[2012/05/18 17:21:06 | 000,025,088 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm59w.dll
[2012/05/18 17:21:05 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\simptcp.dll
[2012/05/18 17:21:01 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2012/05/18 17:21:00 | 000,221,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\seo.dll
[2012/05/18 17:20:59 | 000,057,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2012/05/18 17:20:57 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia330.dll
[2012/05/18 17:20:57 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia001.dll
[2012/05/18 17:20:57 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rw330ext.dll
[2012/05/18 17:20:57 | 000,027,648 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rw001ext.dll
[2012/05/18 17:20:57 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rwnh.dll
[2012/05/18 17:20:55 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rpcref.dll
[2012/05/18 17:20:54 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\romanime.ime
[2012/05/18 17:20:53 | 000,023,040 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2012/05/18 17:20:53 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\register.exe
[2012/05/18 17:20:50 | 000,020,736 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ramdisk.sys
[2012/05/18 17:20:50 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\quser.exe
[2012/05/18 17:20:49 | 000,077,824 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\quick.ime
[2012/05/18 17:20:49 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\query.exe
[2012/05/18 17:20:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pwsdata.dll
[2012/05/18 17:20:45 | 000,131,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pmxviceo.dll
[2012/05/18 17:20:45 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pmxmcro.dll
[2012/05/18 17:20:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pmxgl.dll
[2012/05/18 17:20:44 | 000,482,304 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pintlgnt.ime
[2012/05/18 17:20:44 | 000,070,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pintlphr.exe
[2012/05/18 17:20:44 | 000,067,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pmigrate.dll
[2012/05/18 17:20:44 | 000,053,760 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pintlcsd.dll
[2012/05/18 17:20:43 | 000,079,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\phon.ime
[2012/05/18 17:20:43 | 000,020,992 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\permchk.dll
[2012/05/18 17:20:41 | 000,036,927 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\padrs411.dll
[2012/05/18 17:20:41 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pagecnt.dll
[2012/05/18 17:20:41 | 000,015,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\padrs804.dll
[2012/05/18 17:20:41 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\padrs412.dll
[2012/05/18 17:20:40 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\padrs404.dll
[2012/05/18 17:20:35 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2012/05/18 17:20:34 | 000,044,544 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nsepm.dll
[2012/05/18 17:20:32 | 000,053,248 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nextlink.dll
[2012/05/18 17:20:28 | 000,229,439 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\multibox.dll
[2012/05/18 17:20:28 | 000,119,808 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mtstocom.exe
[2012/05/18 17:20:21 | 001,875,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msir3jp.lex
[2012/05/18 17:20:21 | 000,098,304 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msir3jp.dll
[2012/05/18 17:20:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\migregdb.exe
[2012/05/18 17:20:07 | 000,092,416 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mga.sys
[2012/05/18 17:20:07 | 000,092,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mga.dll
[2012/05/18 17:20:07 | 000,085,504 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\metada51.dll
[2012/05/18 17:20:06 | 000,037,888 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\md5filt.dll
[2012/05/18 17:20:06 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mdsync.dll
[2012/05/18 17:20:05 | 000,065,536 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2012/05/18 17:20:04 | 000,022,528 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\lpdsvc.dll
[2012/05/18 17:20:04 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\lprmon.dll
[2012/05/18 17:20:03 | 000,022,016 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\logscrpt.dll
[2012/05/18 17:20:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\lonsint.dll
[2012/05/18 17:20:02 | 000,033,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\lmmib2.dll
[2012/05/18 17:20:00 | 000,070,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\korwbrkr.dll
[2012/05/18 17:19:59 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdth3.dll
[2012/05/18 17:19:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdvntc.dll
[2012/05/18 17:19:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdusa.dll
[2012/05/18 17:19:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdurdu.dll
[2012/05/18 17:19:58 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdth2.dll
[2012/05/18 17:19:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdth1.dll
[2012/05/18 17:19:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdth0.dll
[2012/05/18 17:19:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2012/05/18 17:19:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2012/05/18 17:19:57 | 000,009,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdnecat.dll
[2012/05/18 17:19:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2012/05/18 17:19:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdnec95.dll
[2012/05/18 17:19:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2012/05/18 17:19:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2012/05/18 17:19:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdintel.dll
[2012/05/18 17:19:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdintam.dll
[2012/05/18 17:19:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinpun.dll
[2012/05/18 17:19:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinmar.dll
[2012/05/18 17:19:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinkan.dll
[2012/05/18 17:19:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinhin.dll
[2012/05/18 17:19:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinguj.dll
[2012/05/18 17:19:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdindev.dll
[2012/05/18 17:19:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdibm02.dll
[2012/05/18 17:19:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdheb.dll
[2012/05/18 17:19:54 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdgeo.dll
[2012/05/18 17:19:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdfa.dll
[2012/05/18 17:19:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbddiv2.dll
[2012/05/18 17:19:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbddiv1.dll
[2012/05/18 17:19:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdax2.dll
[2012/05/18 17:19:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbd106n.dll
[2012/05/18 17:19:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbda3.dll
[2012/05/18 17:19:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbda2.dll
[2012/05/18 17:19:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbda1.dll
[2012/05/18 17:19:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdarmw.dll
[2012/05/18 17:19:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdarme.dll
[2012/05/18 17:19:51 | 000,018,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\jupiw.dll
[2012/05/18 17:19:51 | 000,009,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iwrps.dll
[2012/05/18 17:19:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbd101a.dll
[2012/05/18 17:19:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbd101.dll
[2012/05/18 17:19:50 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iscomlog.dll
[2012/05/18 17:19:50 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\isapips.dll
[2012/05/18 17:19:49 | 000,035,328 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iprip.dll
[2012/05/18 17:19:47 | 000,257,024 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\infocomm.dll
[2012/05/18 17:19:47 | 000,015,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\inetin51.exe
[2012/05/18 17:19:47 | 000,008,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\infoctrs.dll
[2012/05/18 17:19:46 | 000,471,102 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imskdic.dll
[2012/05/18 17:19:46 | 000,315,455 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imskf.dll
[2012/05/18 17:19:45 | 000,274,489 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjputyc.dll
[2012/05/18 17:19:45 | 000,262,200 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjputy.exe
[2012/05/18 17:19:45 | 000,102,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imlang.dll
[2012/05/18 17:19:45 | 000,059,904 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imkrinst.exe
[2012/05/18 17:19:45 | 000,045,109 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpuex.exe
[2012/05/18 17:19:44 | 000,307,257 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpdct.exe
[2012/05/18 17:19:44 | 000,233,527 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjprw.exe
[2012/05/18 17:19:44 | 000,208,952 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpmig.exe
[2012/05/18 17:19:44 | 000,155,705 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2012/05/18 17:19:44 | 000,081,976 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpdct.dll
[2012/05/18 17:19:43 | 000,811,064 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjp81k.dll
[2012/05/18 17:19:43 | 000,716,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpcus.dll
[2012/05/18 17:19:43 | 000,368,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpcic.dll
[2012/05/18 17:19:43 | 000,057,398 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpdadm.exe
[2012/05/18 17:19:42 | 000,340,023 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjp81.ime
[2012/05/18 17:19:42 | 000,311,359 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imepadsv.exe
[2012/05/18 17:19:42 | 000,106,496 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imekrcic.dll
[2012/05/18 17:19:42 | 000,102,463 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imepadsm.dll
[2012/05/18 17:19:42 | 000,086,016 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imekrmbx.dll
[2012/05/18 17:19:42 | 000,044,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imekrmig.exe
[2012/05/18 17:19:41 | 000,094,720 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imekr61.ime
[2012/05/18 17:19:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iissync.exe
[2012/05/18 17:19:41 | 000,003,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iismui.dll
[2012/05/18 17:19:40 | 000,145,408 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iische51.dll
[2012/05/18 17:19:40 | 000,079,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iislog51.dll
[2012/05/18 17:19:40 | 000,060,928 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisclex4.dll
[2012/05/18 17:19:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iiscrmap.dll
[2012/05/18 17:19:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisfecnv.dll
[2012/05/18 17:19:39 | 000,025,088 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisadmin.dll
[2012/05/18 17:19:33 | 010,129,408 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hwxkor.dll
[2012/05/18 17:19:24 | 010,096,640 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hwxcht.dll
[2012/05/18 17:19:24 | 000,268,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\httpext.dll
[2012/05/18 17:19:24 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\httpod51.dll
[2012/05/18 17:19:24 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\httpmb51.dll
[2012/05/18 17:19:23 | 000,039,936 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hostmib.dll
[2012/05/18 17:19:21 | 000,036,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hanjadic.dll
[2012/05/18 17:19:20 | 000,032,256 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\gzip.dll
[2012/05/18 17:19:18 | 000,400,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsxp32.dll
[2012/05/18 17:19:18 | 000,397,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxstiff.dll
[2012/05/18 17:19:18 | 000,267,776 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxssvc.exe
[2012/05/18 17:19:18 | 000,246,272 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxst30.dll
[2012/05/18 17:19:18 | 000,192,512 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxswzrd.dll
[2012/05/18 17:19:18 | 000,154,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsui.dll
[2012/05/18 17:19:17 | 000,562,176 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsst.dll
[2012/05/18 17:19:17 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsroute.dll
[2012/05/18 17:19:17 | 000,023,552 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsmon.dll
[2012/05/18 17:19:17 | 000,023,552 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsext32.dll
[2012/05/18 17:19:17 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxssend.exe
[2012/05/18 17:19:17 | 000,008,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsperf.dll
[2012/05/18 17:19:17 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsres.dll
[2012/05/18 17:19:16 | 000,285,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxscomex.dll
[2012/05/18 17:19:16 | 000,229,376 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxscover.exe
[2012/05/18 17:19:16 | 000,142,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsclnt.exe
[2012/05/18 17:19:16 | 000,132,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsclntr.dll
[2012/05/18 17:19:16 | 000,072,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxscom.dll
[2012/05/18 17:19:16 | 000,055,296 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsevent.dll
[2012/05/18 17:19:16 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsdrv.dll
[2012/05/18 17:19:15 | 000,451,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsapi.dll
[2012/05/18 17:19:15 | 000,125,952 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ftpsv251.dll
[2012/05/18 17:19:15 | 000,111,104 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2012/05/18 17:19:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2012/05/18 17:19:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ftpmib.dll
[2012/05/18 17:19:14 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ftlx041e.dll
[2012/05/18 17:19:13 | 000,020,541 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpadmdll.dll
[2012/05/18 17:19:12 | 000,024,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2012/05/18 17:19:12 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\flattemp.exe
[2012/05/18 17:19:10 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2012/05/18 17:19:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\exstrace.dll
[2012/05/18 17:19:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2012/05/18 17:19:09 | 000,101,888 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\evntagnt.dll
[2012/05/18 17:19:09 | 000,092,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\evntwin.exe
[2012/05/18 17:19:09 | 000,024,064 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\evntcmd.exe
[2012/05/18 17:19:08 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- D:\WINDOWS\System32\dllcache\esuimgd.dll
[2012/05/18 17:19:08 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- D:\WINDOWS\System32\dllcache\esunid.dll
[2012/05/18 17:19:08 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- D:\WINDOWS\System32\dllcache\esucmd.dll
[2012/05/18 17:19:08 | 000,025,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\et4000.sys
[2012/05/18 17:18:55 | 000,078,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\dayi.ime
[2012/05/18 17:18:54 | 000,042,496 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\davcdata.exe
[2012/05/18 17:18:52 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cprofile.exe
[2012/05/18 17:18:51 | 000,057,399 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cplexe.exe
[2012/05/18 17:18:51 | 000,056,320 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\convlog.exe
[2012/05/18 17:18:51 | 000,033,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\controt.dll
[2012/05/18 17:18:51 | 000,020,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\counters.dll
[2012/05/18 17:18:49 | 000,024,064 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\compfilt.dll
[2012/05/18 17:18:47 | 000,480,256 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cintsetp.exe
[2012/05/18 17:18:47 | 000,198,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cintime.dll
[2012/05/18 17:18:47 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cintlgnt.ime
[2012/05/18 17:18:46 | 000,097,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chtmbx.dll
[2012/05/18 17:18:46 | 000,056,320 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chtskdic.dll
[2012/05/18 17:18:45 | 001,677,824 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chsbrkr.dll
[2012/05/18 17:18:45 | 000,838,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chtbrkr.dll
[2012/05/18 17:18:44 | 000,078,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chajei.ime
[2012/05/18 17:18:44 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chgport.exe
[2012/05/18 17:18:44 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chgusr.exe
[2012/05/18 17:18:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chglogon.exe
[2012/05/18 17:18:44 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\change.exe
[2012/05/18 17:18:42 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- D:\WINDOWS\System32\dllcache\cap7146.sys
[2012/05/18 17:18:41 | 000,218,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\c_g18030.dll
[2012/05/18 17:18:41 | 000,010,752 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\c_iscii.dll
[2012/05/18 17:18:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\c_is2022.dll
[2012/05/18 17:18:30 | 000,045,568 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\browscap.dll
[2012/05/18 17:18:27 | 000,009,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\authfilt.dll
[2012/05/18 17:18:26 | 000,029,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\asptxn.dll
[2012/05/18 17:18:26 | 000,010,240 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\aspperf.dll
[2012/05/18 17:18:25 | 000,369,664 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\asp51.dll
[2012/05/18 17:18:25 | 000,331,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\aqueue.dll
[2012/05/18 17:18:24 | 000,108,544 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\appconf.dll
[2012/05/18 17:18:24 | 000,045,056 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2012/05/18 17:18:23 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0804.dll
[2012/05/18 17:18:23 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0412.dll
[2012/05/18 17:18:23 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0411.dll
[2012/05/18 17:18:22 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt040d.dll
[2012/05/18 17:18:22 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0404.dll
[2012/05/18 17:18:22 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0401.dll
[2012/05/18 17:18:20 | 000,049,664 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\adrot.dll
[2012/05/18 17:18:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\admxprox.dll
[2012/05/18 17:18:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2012/05/18 17:18:19 | 000,029,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\admexs.dll
[2012/05/18 17:18:12 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wamregps.dll
[2012/05/18 17:18:11 | 000,032,827 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tcptest.exe
[2012/05/18 17:18:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tcptsat.dll
[2012/05/18 17:18:10 | 002,134,528 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smtpsnap.dll
[2012/05/18 17:18:10 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\staxmem.dll
[2012/05/18 17:18:09 | 000,189,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smtpadm.dll
[2012/05/18 17:18:09 | 000,020,536 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\shtml.dll
[2012/05/18 17:18:09 | 000,016,437 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\shtml.exe
[2012/05/18 17:18:02 | 000,076,800 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\logui.ocx
[2012/05/18 17:18:02 | 000,068,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\isatq.dll
[2012/05/18 17:18:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\infoadmn.dll
[2012/05/18 17:18:01 | 000,829,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\inetmgr.dll
[2012/05/18 17:18:01 | 000,169,984 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisui.dll
[2012/05/18 17:18:01 | 000,019,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\inetsloc.dll
[2012/05/18 17:18:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\inetmgr.exe
[2012/05/18 17:18:00 | 000,133,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisrtl.dll
[2012/05/18 17:18:00 | 000,068,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisext51.dll
[2012/05/18 17:18:00 | 000,064,512 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iismap.dll
[2012/05/18 17:18:00 | 000,030,720 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisrstas.exe
[2012/05/18 17:18:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisreset.exe
[2012/05/18 17:18:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisrstap.dll
[2012/05/18 17:17:59 | 000,208,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2012/05/18 17:17:59 | 000,020,538 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpremadm.exe
[2012/05/18 17:17:59 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2012/05/18 17:17:58 | 000,598,071 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpmmc.dll
[2012/05/18 17:17:58 | 000,188,494 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpcount.exe
[2012/05/18 17:17:58 | 000,109,328 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp98swin.exe
[2012/05/18 17:17:58 | 000,020,541 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpexedll.dll
[2012/05/18 17:17:58 | 000,014,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp98sadm.exe
[2012/05/18 17:17:57 | 000,876,653 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4awel.dll
[2012/05/18 17:17:57 | 000,102,509 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4atxt.dll
[2012/05/18 17:17:57 | 000,049,212 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4awebs.dll
[2012/05/18 17:17:57 | 000,041,020 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4avnb.dll
[2012/05/18 17:17:57 | 000,032,826 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4avss.dll
[2012/05/18 17:17:56 | 000,184,435 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4amsft.dll
[2012/05/18 17:17:56 | 000,147,513 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4apws.dll
[2012/05/18 17:17:56 | 000,082,035 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4anscp.dll
[2012/05/18 17:17:56 | 000,049,210 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4areg.dll
[2012/05/18 17:17:55 | 000,076,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2012/05/18 17:17:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\coadmin.dll
[2012/05/18 17:17:54 | 000,275,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\certwiz.ocx
[2012/05/18 17:17:54 | 000,188,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cfgwiz.exe
[2012/05/18 17:17:54 | 000,094,720 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\certmap.ocx
[2012/05/18 17:17:54 | 000,016,439 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\author.exe
[2012/05/18 17:17:53 | 000,290,816 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\adsiis51.dll
[2012/05/18 17:17:53 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\admwprox.dll
[2012/05/18 17:17:53 | 000,020,540 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\author.dll
[2012/05/18 17:17:52 | 000,016,439 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\admin.exe
[2012/05/18 17:17:51 | 000,020,540 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\admin.dll
[2012/05/18 17:15:17 | 000,575,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\wuapi.dll
[2012/05/18 17:15:17 | 000,575,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wuapi.dll
[2012/05/18 16:59:26 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- D:\WINDOWS\System32\spxcoins.dll
[2012/05/18 16:59:26 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- D:\WINDOWS\System32\dllcache\spxcoins.dll
[2012/05/18 16:59:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\irclass.dll
[2012/05/18 16:59:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\irclass.dll
[2012/05/18 15:00:59 | 000,000,000 | -HSD | C] -- D:\found.000
[2012/05/14 19:47:00 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft.NET
[7 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/05/26 00:59:01 | 000,000,830 | ---- | M] () -- D:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/05/26 00:53:04 | 000,000,974 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1644491937-839522115-1935655697-1003UA.job
[2012/05/25 22:23:51 | 000,000,664 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat
[2012/05/25 22:15:07 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2012/05/25 22:14:07 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2012/05/25 22:13:55 | 535,613,440 | -HS- | M] () -- D:\hiberfil.sys
[2012/05/25 15:05:56 | 000,000,767 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\MCShield Real-Time Monitor.lnk
[2012/05/24 21:58:30 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\SLAX\Desktop\OTL.exe
[2012/05/24 21:19:19 | 000,002,255 | ---- | M] () -- D:\Documents and Settings\SLAX\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/05/24 21:19:18 | 000,002,277 | ---- | M] () -- D:\Documents and Settings\SLAX\Desktop\Google Chrome.lnk
[2012/05/24 20:53:07 | 000,000,922 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1644491937-839522115-1935655697-1003Core.job
[2012/05/24 18:24:51 | 000,554,356 | ---- | M] () -- D:\Documents and Settings\SLAX\Desktop\MCShield_Help_SR.pdf
[2012/05/24 17:51:56 | 000,464,491 | ---- | M] () -- D:\Documents and Settings\SLAX\Desktop\RootRepeal.zip
[2012/05/24 16:23:33 | 000,302,592 | ---- | M] () -- D:\Documents and Settings\SLAX\Desktop\wyl23ss3.exe
[2012/05/24 16:14:57 | 000,607,260 | R--- | M] (Swearware) -- D:\Documents and Settings\SLAX\Desktop\dds.scr
[2012/05/24 16:08:48 | 000,061,952 | ---- | M] () -- D:\Documents and Settings\SLAX\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/24 15:48:57 | 000,001,707 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Avira Control Center.lnk
[2012/05/24 15:35:45 | 000,036,000 | ---- | M] (Avira GmbH) -- D:\WINDOWS\System32\drivers\avkmgr.sys
[2012/05/20 08:27:40 | 000,494,566 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2012/05/20 08:27:40 | 000,085,126 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2012/05/19 08:33:26 | 000,096,664 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2012/05/19 07:32:40 | 000,000,874 | ---- | M] () -- D:\Documents and Settings\SLAX\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
[2012/05/19 07:32:38 | 000,000,856 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\GOM Player.lnk
[2012/05/18 17:54:35 | 000,001,510 | ---- | M] () -- D:\Documents and Settings\SLAX\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2012/05/18 17:54:34 | 000,001,492 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Opera.lnk
[2012/05/18 17:22:33 | 000,000,288 | ---- | M] () -- D:\WINDOWS\System32\$winnt$.inf
[2012/05/18 17:17:21 | 000,316,640 | ---- | M] () -- D:\WINDOWS\WMSysPr9.prx
[2012/05/18 17:17:20 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb
[2012/05/18 17:17:20 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb
[2012/05/18 17:17:06 | 000,004,161 | ---- | M] () -- D:\WINDOWS\ODBCINST.INI
[2012/05/18 17:14:05 | 000,022,720 | ---- | M] () -- D:\WINDOWS\System32\emptyregdb.dat
[2012/05/18 17:07:38 | 000,004,444 | ---- | M] () -- D:\WINDOWS\System32\pid.PNF
[2012/05/15 15:33:46 | 000,238,844 | ---- | M] () -- D:\Documents and Settings\SLAX\My Documents\srpski_vitez_by_hunter665-d307b9u.jpg
[2012/05/15 15:33:42 | 000,023,013 | ---- | M] () -- D:\Documents and Settings\SLAX\My Documents\majica_vitez_f_a.jpg
[2012/05/15 15:31:49 | 000,057,467 | ---- | M] () -- D:\Documents and Settings\SLAX\My Documents\cavalieri_templari_motto.gif
[2012/05/15 15:31:41 | 000,022,485 | ---- | M] () -- D:\Documents and Settings\SLAX\My Documents\templari.jpg
[2012/05/14 22:04:18 | 000,137,928 | ---- | M] (Avira GmbH) -- D:\WINDOWS\System32\drivers\avipbb.sys
[2012/05/14 22:04:18 | 000,112,032 | ---- | M] (Avira GmbH) -- D:\WINDOWS\System32\drivers\avfwot.sys
[2012/05/14 22:04:18 | 000,091,968 | ---- | M] (Avira GmbH) -- D:\WINDOWS\System32\drivers\avfwim.sys
[2012/05/14 22:04:18 | 000,083,392 | ---- | M] (Avira GmbH) -- D:\WINDOWS\System32\drivers\avgntflt.sys
[2012/05/14 15:58:01 | 002,516,480 | ---- | M] () -- D:\Documents and Settings\SLAX\Desktop\myfamilytree2.0.0.0.msi
[2012/05/05 08:59:56 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerApp.exe
[2012/05/05 08:59:56 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[7 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/25 15:05:56 | 000,000,767 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\MCShield Real-Time Monitor.lnk
[2012/05/24 18:24:51 | 000,554,356 | ---- | C] () -- D:\Documents and Settings\SLAX\Desktop\MCShield_Help_SR.pdf
[2012/05/24 17:51:55 | 000,464,491 | ---- | C] () -- D:\Documents and Settings\SLAX\Desktop\RootRepeal.zip
[2012/05/24 16:23:32 | 000,302,592 | ---- | C] () -- D:\Documents and Settings\SLAX\Desktop\wyl23ss3.exe
[2012/05/18 17:54:35 | 000,001,510 | ---- | C] () -- D:\Documents and Settings\SLAX\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2012/05/18 17:54:34 | 000,001,498 | ---- | C] () -- D:\Documents and Settings\All Users\Start Menu\Programs\Opera.lnk
[2012/05/18 17:54:33 | 000,001,492 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Opera.lnk
[2012/05/18 17:20:43 | 000,175,104 | ---- | C] () -- D:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012/05/18 17:20:00 | 001,158,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/05/18 17:19:46 | 000,059,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imscinst.exe
[2012/05/18 17:19:44 | 000,196,665 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imjpinst.exe
[2012/05/18 17:19:41 | 000,134,339 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imekr.lex
[2012/05/18 17:19:29 | 013,463,552 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012/05/18 17:19:21 | 000,108,827 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hanja.lex
[2012/05/18 17:19:14 | 000,094,208 | ---- | C] () -- D:\WINDOWS\System32\dllcache\fpencode.dll
[2012/05/18 17:18:46 | 000,173,568 | ---- | C] () -- D:\WINDOWS\System32\dllcache\chtskf.dll
[2012/05/18 16:59:14 | 000,399,645 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012/05/18 16:59:14 | 000,144,484 | ---- | C] () -- D:\WINDOWS\System32\dllcache\netfx.cat
[2012/05/18 16:59:14 | 000,112,918 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tabletpc.cat
[2012/05/18 16:59:14 | 000,037,484 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MW770.CAT
[2012/05/18 16:59:14 | 000,034,747 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mediactr.cat
[2012/05/18 16:59:14 | 000,034,063 | ---- | C] () -- D:\WINDOWS\System32\dllcache\FP4.CAT
[2012/05/18 16:59:14 | 000,026,991 | ---- | C] () -- D:\WINDOWS\System32\dllcache\msn7.cat
[2012/05/18 16:59:14 | 000,016,535 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IMS.CAT
[2012/05/18 16:59:14 | 000,014,433 | ---- | C] () -- D:\WINDOWS\System32\dllcache\msn9.cat
[2012/05/18 16:59:14 | 000,013,472 | ---- | C] () -- D:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012/05/18 16:59:14 | 000,012,363 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012/05/18 16:59:14 | 000,010,027 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012/05/18 16:59:14 | 000,008,574 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012/05/18 16:59:14 | 000,007,382 | ---- | C] () -- D:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012/05/18 16:59:13 | 002,144,487 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5.CAT
[2012/05/18 16:59:13 | 001,296,669 | ---- | C] () -- D:\WINDOWS\System32\dllcache\SP3.CAT
[2012/05/18 16:59:13 | 000,797,189 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012/05/18 16:59:12 | 000,522,220 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012/05/18 15:12:14 | 535,613,440 | -HS- | C] () -- D:\hiberfil.sys
[2012/05/15 15:33:46 | 000,238,844 | ---- | C] () -- D:\Documents and Settings\SLAX\My Documents\srpski_vitez_by_hunter665-d307b9u.jpg
[2012/05/15 15:33:42 | 000,023,013 | ---- | C] () -- D:\Documents and Settings\SLAX\My Documents\majica_vitez_f_a.jpg
[2012/05/15 15:31:49 | 000,057,467 | ---- | C] () -- D:\Documents and Settings\SLAX\My Documents\cavalieri_templari_motto.gif
[2012/05/15 15:31:41 | 000,022,485 | ---- | C] () -- D:\Documents and Settings\SLAX\My Documents\templari.jpg
[2012/05/14 15:58:01 | 002,516,480 | ---- | C] () -- D:\Documents and Settings\SLAX\Desktop\myfamilytree2.0.0.0.msi
[2012/05/08 19:10:46 | 000,955,362 | ---- | C] () -- D:\Documents and Settings\SLAX\Desktop\House M.D. - Sezona_3.rar
[2012/02/15 11:35:54 | 000,003,072 | ---- | C] () -- D:\WINDOWS\System32\iacenc.dll
[2012/01/04 20:08:19 | 000,650,752 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2012/01/04 20:08:19 | 000,243,200 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll
[2012/01/04 20:08:17 | 000,079,360 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll
[2011/08/25 10:03:23 | 000,002,400 | ---- | C] () -- D:\WINDOWS\System32\ASOROSet.bin
[2011/05/17 16:12:42 | 000,000,664 | ---- | C] () -- D:\WINDOWS\System32\d3d9caps.dat
[2011/05/17 15:40:15 | 000,004,161 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2011/05/17 15:38:30 | 000,096,664 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/17 15:30:59 | 000,516,096 | ---- | C] () -- D:\WINDOWS\System32\ati2sgag.exe
[2011/05/17 15:14:54 | 000,000,044 | ---- | C] () -- D:\WINDOWS\System32\msssc.dll
[2011/05/17 15:12:35 | 000,003,173 | ---- | C] () -- D:\WINDOWS\Ascd_tmp.ini
[2011/05/17 15:12:32 | 000,005,824 | ---- | C] () -- D:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2011/05/17 14:47:52 | 000,175,616 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll
[2011/05/17 14:29:51 | 002,067,140 | R--- | C] () -- D:\WINDOWS\System32\avcodec.dll
[2011/05/17 14:06:10 | 000,061,952 | ---- | C] () -- D:\Documents and Settings\SLAX\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/17 14:01:05 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2011/05/17 13:52:00 | 000,022,720 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat

< End of report >



mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Skripta se nije pravilno izvršila, moramo da ponovimo postupak.


Korak 1
Ponovo pokreni program OTL dvoklikom na ikonicu;

U beli okvir prozora gde piše Custom Scans/Fixes iskopirati sledeći tekst:

:OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://klit.startnow.com/?src=startpage&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=BA&install_date=20120104&user_guid=A9707543EA7C4280A6ED9B2894607BE3&machine_id=49f5d7d180f32e75ace2bd12a32b0c96&browser=IE&os=win&os_version=5.1-x86-SP3
IE - HKCU\..\SearchScopes,DefaultScope = {0388404D-6072-4CEB-B521-8F090FEAEE57}
IE - HKCU\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=BA&install_date=20120104&user_guid=A9707543EA7C4280A6ED9B2894607BE3&machine_id=49f5d7d180f32e75ace2bd12a32b0c96&browser=IE&os=win&os_version=5.1-x86-SP3&iesrc={referrer:source}
CHR - default_search_provider: search_url = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=BA&install_date=20120104&user_guid=A9707543EA7C4280A6ED9B2894607BE3&machine_id=49f5d7d180f32e75ace2bd12a32b0c96&browser=CR&os=win&os_version=5.1-x86-SP3
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - D:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - D:\Program Files\StartNow Toolbar\Toolbar32.dll ()

:files
D:\Program Files\StartNow Toolbar

:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[Reboot]


Klikni taster Run Fix;


Log koji dobiješ iskopiraj ovde u poruci.



Korak 2
Ponovo pokreni OTL, i postavi mi svež log.


Gde si konkretno primetio da se pojavio folder RECYCLER? Da li imaš neki problem u radu računara?

Ivance95 (AMF Tim)

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 26 Maj 2012 20:03

korak 1

All processes killed
========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0388404D-6072-4CEB-B521-8F090FEAEE57}\ not found.
Unable to fix default_search_provider items.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}\ deleted successfully.
D:\Program Files\StartNow Toolbar\Toolbar32.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5911488E-9D1E-40ec-8CBB-06B231CC153F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\ deleted successfully.
File D:\Program Files\StartNow Toolbar\Toolbar32.dll not found.
File rity] not found.
File ptytemp] not found.
File PTYFLASH] not found.
File boot] not found.

OTL by OldTimer - Version 3.2.43.1 log created on 05262012_194315

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Dopuna: 26 Maj 2012 20:28

primjetio sam ga na particiji C, prije nekolika dana mi je otkazao sistem pa sam uradio neki restore.
primjetio sam i veliku potrosnju memorije kada je ukljucena opera ili neki drugi web browser npr trosi 900MB a pise 200 i usporeno radi.

evo korak 2


OTL logfile created on: 5/26/2012 8:04:01 PM - Run 3
OTL by OldTimer - Version 3.2.43.1 Folder = D:\Documents and Settings\SLAX\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.73 Mb Total Physical Memory | 91.91 Mb Available Physical Memory | 18.00% Memory free
1.22 Gb Paging File | 0.75 Gb Available in Paging File | 61.44% Paging File free
Paging file location(s): d:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 50.11 Gb Total Space | 1.55 Gb Free Space | 3.10% Space Free | Partition Type: NTFS
Drive D: | 24.41 Gb Total Space | 8.64 Gb Free Space | 35.39% Space Free | Partition Type: NTFS
Drive E: | 349.88 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: DONGAGISLAX | User Name: SLAX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/24 21:58:30 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\SLAX\Desktop\OTL.exe
PRC - [2012/05/18 17:53:19 | 000,949,104 | ---- | M] (Opera Software) -- D:\Program Files\Opera\opera.exe
PRC - [2012/05/14 22:04:18 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/05/14 22:04:17 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012/05/14 22:04:16 | 000,619,472 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
PRC - [2012/05/14 22:04:16 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avmailc.exe
PRC - [2012/05/14 22:04:16 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/05/14 22:04:16 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/05/14 22:04:16 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012/03/12 22:25:06 | 000,583,680 | ---- | M] (MyCity) -- D:\Program Files\MCShield\MCShieldRTM.exe
PRC - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2008/07/09 18:33:38 | 000,069,632 | ---- | M] (Ralink Technology, Corp.) -- D:\Program Files\Ovislink\Common\RalinkRegistryWriter.exe
PRC - [2008/04/14 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2002/09/20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/18 17:54:32 | 000,276,480 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2012/05/18 17:54:32 | 000,064,000 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2012/05/18 17:54:32 | 000,046,592 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2012/05/18 17:54:31 | 000,078,336 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2012/05/18 17:54:30 | 000,316,928 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2012/05/18 17:54:30 | 000,168,448 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2012/05/18 17:54:30 | 000,076,800 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2012/05/18 17:54:30 | 000,045,568 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gsttypefindfunctions.dll
MOD - [2012/05/18 17:54:29 | 000,099,840 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2012/05/18 17:54:29 | 000,098,816 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2012/05/18 17:54:29 | 000,098,816 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2012/05/18 17:54:29 | 000,068,608 | ---- | M] () -- D:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2012/05/18 17:54:28 | 000,783,360 | ---- | M] () -- D:\Program Files\Opera\gstreamer\gstreamer.dll
MOD - [2012/05/14 22:04:18 | 000,398,288 | ---- | M] () -- D:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012/05/05 08:59:56 | 008,797,856 | ---- | M] () -- D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2011/10/19 19:21:35 | 000,447,848 | ---- | M] () -- D:\Program Files\Avira\AntiVir Desktop\libxml2.dll
MOD - [2011/10/19 19:18:30 | 000,060,264 | ---- | M] () -- D:\Program Files\Avira\AntiVir Desktop\cares.dll
MOD - [2003/12/02 15:55:14 | 000,086,016 | ---- | M] () -- D:\WINDOWS\system32\ati2evxx.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012/05/14 22:04:18 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/14 22:04:17 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012/05/14 22:04:16 | 000,619,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe -- (AntiVirFirewallService)
SRV - [2012/05/14 22:04:16 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012/05/14 22:04:16 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/05/05 09:00:00 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011/07/07 19:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- D:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2008/07/09 18:33:38 | 000,069,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- D:\Program Files\Ovislink\Common\RalinkRegistryWriter.exe -- (RalinkRegistryWriter)
SRV - [2002/09/20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/05/24 15:35:45 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012/05/14 22:04:18 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/14 22:04:18 | 000,112,032 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\avfwot.sys -- (avfwot)
DRV - [2012/05/14 22:04:18 | 000,091,968 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\avfwim.sys -- (avfwim)
DRV - [2012/05/14 22:04:18 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/10/19 19:29:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/07/09 18:33:36 | 000,491,648 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\rt61.sys -- (RT61)
DRV - [2005/08/30 17:59:00 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2005/08/30 17:58:56 | 000,008,304 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2005/08/30 17:57:18 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2003/12/02 15:57:02 | 000,641,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003/07/31 08:18:49 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2003/01/29 09:29:34 | 000,008,703 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2002/10/15 00:00:00 | 000,101,431 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\IdeChnDr.sys -- (IdeChnDr) Intel(R)
DRV - [2002/10/15 00:00:00 | 000,013,891 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\IdeBusDr.sys -- (IdeBusDr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: d:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Documents and Settings\SLAX\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Documents and Settings\SLAX\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)


[2011/05/23 21:58:23 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\SLAX\Application Data\Mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: Yahoo (Enabled)
CHR - default_search_provider: search_url = klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=BA&install_date=20120104&user_guid=A9707543EA7C4280A6ED9B2894607BE3&machine_id=49f5d7d180f32e75ace2bd12a32b0c96&browser=CR&os=win&os_version=5.1-x86-SP3
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = D:\Documents and Settings\SLAX\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = D:\Documents and Settings\SLAX\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = D:\Documents and Settings\SLAX\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = D:\Documents and Settings\SLAX\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Disabled) = D:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = D:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = D:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = D:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = D:\Documents and Settings\SLAX\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = D:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = d:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = D:\Documents and Settings\SLAX\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google \u043F\u0440\u0435\u0442\u0440\u0430\u0433\u0430 = D:\Documents and Settings\SLAX\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = D:\Documents and Settings\SLAX\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2008/04/14 14:00:00 | 000,000,734 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - D:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - D:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - D:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKCU..\Run: [MCShield Monitor] D:\Program Files\MCShield\MCShieldRTM.exe (MyCity)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - D:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Documents and Settings\SLAX\Desktop\PartyPoker.lnk ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Documents and Settings\SLAX\Desktop\PartyPoker.lnk ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} download.microsoft.com/download/E/5/6/E5611.....ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0DFEEF4C-74EF-41ED-B8F9-2C648C0ACFF6}: DhcpNameServer = 10.1.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AE84AEDC-4FC4-47B1-BC40-E30DE2E93B80}: NameServer = 87.250.98.250 208.67.222.222
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\WINDOWS\system32\userinit.exe) - D:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - D:\WINDOWS\System32\ati2evxx.dll ()
O24 - Desktop WallPaper: D:\Documents and Settings\SLAX\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\SLAX\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/24 15:59:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *sprestrt)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/25 19:16:50 | 000,000,000 | ---D | C] -- D:\_OTL
[2012/05/25 18:49:27 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\SLAX\Recent
[2012/05/25 15:05:47 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\MCShield
[2012/05/25 15:05:44 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\MCShield
[2012/05/25 15:05:43 | 000,000,000 | ---D | C] -- D:\Program Files\MCShield
[2012/05/24 21:58:30 | 000,595,968 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\SLAX\Desktop\OTL.exe
[2012/05/24 18:09:25 | 000,000,000 | ---D | C] -- D:\Documents and Settings\SLAX\Desktop\RootRepeal
[2012/05/24 17:56:27 | 000,000,000 | ---D | C] -- D:\WINDOWS\Minidump
[2012/05/24 16:17:34 | 000,000,000 | R--D | C] -- D:\Documents and Settings\SLAX\My Documents\My Videos
[2012/05/24 16:14:57 | 000,607,260 | R--- | C] (Swearware) -- D:\Documents and Settings\SLAX\Desktop\dds.scr
[2012/05/24 15:48:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2012/05/18 19:04:49 | 002,148,352 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2012/05/18 19:04:48 | 002,192,640 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2012/05/18 19:04:44 | 002,026,496 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2012/05/18 19:04:42 | 002,069,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2012/05/18 19:02:40 | 000,272,128 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\bthport.sys
[2012/05/18 19:01:48 | 000,456,320 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mrxsmb.sys
[2012/05/18 17:52:19 | 000,000,000 | ---D | C] -- D:\Program Files\Opera
[2012/05/18 17:28:32 | 000,000,000 | ---D | C] -- D:\Documents and Settings\SLAX\Desktop\tdi
[2012/05/18 17:24:38 | 000,000,000 | ---D | C] -- D:\WINDOWS\Prefetch
[2012/05/18 17:21:40 | 000,156,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winzm.ime
[2012/05/18 17:21:39 | 000,156,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winsp.ime
[2012/05/18 17:21:39 | 000,156,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winpy.ime
[2012/05/18 17:21:38 | 000,072,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wingb.ime
[2012/05/18 17:21:38 | 000,065,536 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winime.ime
[2012/05/18 17:21:37 | 000,079,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winar30.ime
[2012/05/18 17:21:35 | 000,041,600 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\weitekp9.dll
[2012/05/18 17:21:35 | 000,031,232 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\weitekp9.sys
[2012/05/18 17:21:34 | 000,053,248 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wamreg51.dll
[2012/05/18 17:21:34 | 000,009,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wamps51.dll
[2012/05/18 17:21:33 | 000,364,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\w3svc.dll
[2012/05/18 17:21:33 | 000,076,800 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wam51.dll
[2012/05/18 17:21:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\w3svapi.dll
[2012/05/18 17:21:32 | 000,073,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\w3ext.dll
[2012/05/18 17:21:32 | 000,048,256 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\w32.dll
[2012/05/18 17:21:32 | 000,004,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2012/05/18 17:21:31 | 000,426,041 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\voicepad.dll
[2012/05/18 17:21:31 | 000,086,073 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\voicesub.dll
[2012/05/18 17:21:27 | 000,076,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\uniime.dll
[2012/05/18 17:21:27 | 000,065,024 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\unicdime.ime
[2012/05/18 17:21:26 | 000,103,424 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\uihelper.dll
[2012/05/18 17:21:25 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tsprof.exe
[2012/05/18 17:21:23 | 000,455,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tintsetp.exe
[2012/05/18 17:21:23 | 000,044,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tintlphr.exe
[2012/05/18 17:21:23 | 000,033,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tools.dll
[2012/05/18 17:21:23 | 000,010,240 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tmigrate.dll
[2012/05/18 17:21:22 | 000,571,392 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tintlgnt.ime
[2012/05/18 17:21:22 | 000,185,344 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\thawbrkr.dll
[2012/05/18 17:21:21 | 000,021,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tdipx.sys
[2012/05/18 17:21:21 | 000,019,464 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tdspx.sys
[2012/05/18 17:21:21 | 000,013,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tdasync.sys
[2012/05/18 17:21:17 | 000,046,592 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\svcext51.dll
[2012/05/18 17:21:16 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\status.dll
[2012/05/18 17:21:15 | 000,046,592 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sspifilt.dll
[2012/05/18 17:21:15 | 000,045,056 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ssinc51.dll
[2012/05/18 17:21:14 | 000,101,376 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\srusbusd.dll
[2012/05/18 17:21:12 | 000,143,422 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\softkey.dll
[2012/05/18 17:21:11 | 000,188,416 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpsmir.dll
[2012/05/18 17:21:11 | 000,039,936 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpthrd.dll
[2012/05/18 17:21:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpstup.dll
[2012/05/18 17:21:11 | 000,008,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmptrap.exe
[2012/05/18 17:21:11 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2012/05/18 17:21:10 | 000,358,400 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpincl.dll
[2012/05/18 17:21:10 | 000,259,072 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpcl.dll
[2012/05/18 17:21:10 | 000,033,280 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmp.exe
[2012/05/18 17:21:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpmib.dll
[2012/05/18 17:21:09 | 000,456,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smtpsvc.dll
[2012/05/18 17:21:09 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2012/05/18 17:21:09 | 000,010,752 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smtpapi.dll
[2012/05/18 17:21:08 | 000,236,544 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smi2smir.exe
[2012/05/18 17:21:08 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smb6w.dll
[2012/05/18 17:21:08 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smierrsm.dll
[2012/05/18 17:21:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smimsgif.dll
[2012/05/18 17:21:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smierrsy.dll
[2012/05/18 17:21:07 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm9aw.dll
[2012/05/18 17:21:07 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sma3w.dll
[2012/05/18 17:21:07 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm93w.dll
[2012/05/18 17:21:07 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm92w.dll
[2012/05/18 17:21:07 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm90w.dll
[2012/05/18 17:21:07 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm8dw.dll
[2012/05/18 17:21:06 | 000,030,208 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm87w.dll
[2012/05/18 17:21:06 | 000,030,208 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm81w.dll
[2012/05/18 17:21:06 | 000,029,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm8cw.dll
[2012/05/18 17:21:06 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm8aw.dll
[2012/05/18 17:21:06 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm89w.dll
[2012/05/18 17:21:06 | 000,025,088 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm59w.dll
[2012/05/18 17:21:05 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\simptcp.dll
[2012/05/18 17:21:01 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2012/05/18 17:21:00 | 000,221,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\seo.dll
[2012/05/18 17:20:59 | 000,057,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2012/05/18 17:20:57 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia330.dll
[2012/05/18 17:20:57 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia001.dll
[2012/05/18 17:20:57 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rw330ext.dll
[2012/05/18 17:20:57 | 000,027,648 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rw001ext.dll
[2012/05/18 17:20:57 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rwnh.dll
[2012/05/18 17:20:55 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\rpcref.dll
[2012/05/18 17:20:54 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\romanime.ime
[2012/05/18 17:20:53 | 000,023,040 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2012/05/18 17:20:53 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\register.exe
[2012/05/18 17:20:50 | 000,020,736 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ramdisk.sys
[2012/05/18 17:20:50 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\quser.exe
[2012/05/18 17:20:49 | 000,077,824 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\quick.ime
[2012/05/18 17:20:49 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\query.exe
[2012/05/18 17:20:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pwsdata.dll
[2012/05/18 17:20:45 | 000,131,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pmxviceo.dll
[2012/05/18 17:20:45 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pmxmcro.dll
[2012/05/18 17:20:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pmxgl.dll
[2012/05/18 17:20:44 | 000,482,304 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pintlgnt.ime
[2012/05/18 17:20:44 | 000,070,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pintlphr.exe
[2012/05/18 17:20:44 | 000,067,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pmigrate.dll
[2012/05/18 17:20:44 | 000,053,760 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pintlcsd.dll
[2012/05/18 17:20:43 | 000,079,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\phon.ime
[2012/05/18 17:20:43 | 000,020,992 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\permchk.dll
[2012/05/18 17:20:41 | 000,036,927 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\padrs411.dll
[2012/05/18 17:20:41 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pagecnt.dll
[2012/05/18 17:20:41 | 000,015,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\padrs804.dll
[2012/05/18 17:20:41 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\padrs412.dll
[2012/05/18 17:20:40 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\padrs404.dll
[2012/05/18 17:20:35 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2012/05/18 17:20:34 | 000,044,544 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nsepm.dll
[2012/05/18 17:20:32 | 000,053,248 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nextlink.dll
[2012/05/18 17:20:28 | 000,229,439 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\multibox.dll
[2012/05/18 17:20:28 | 000,119,808 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mtstocom.exe
[2012/05/18 17:20:21 | 001,875,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msir3jp.lex
[2012/05/18 17:20:21 | 000,098,304 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msir3jp.dll
[2012/05/18 17:20:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\migregdb.exe
[2012/05/18 17:20:07 | 000,092,416 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mga.sys
[2012/05/18 17:20:07 | 000,092,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mga.dll
[2012/05/18 17:20:07 | 000,085,504 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\metada51.dll
[2012/05/18 17:20:06 | 000,037,888 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\md5filt.dll
[2012/05/18 17:20:06 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mdsync.dll
[2012/05/18 17:20:05 | 000,065,536 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2012/05/18 17:20:04 | 000,022,528 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\lpdsvc.dll
[2012/05/18 17:20:04 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\lprmon.dll
[2012/05/18 17:20:03 | 000,022,016 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\logscrpt.dll
[2012/05/18 17:20:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\lonsint.dll
[2012/05/18 17:20:02 | 000,033,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\lmmib2.dll
[2012/05/18 17:20:00 | 000,070,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\korwbrkr.dll
[2012/05/18 17:19:59 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdth3.dll
[2012/05/18 17:19:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdvntc.dll
[2012/05/18 17:19:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdusa.dll
[2012/05/18 17:19:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdurdu.dll
[2012/05/18 17:19:58 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdth2.dll
[2012/05/18 17:19:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdth1.dll
[2012/05/18 17:19:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdth0.dll
[2012/05/18 17:19:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2012/05/18 17:19:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2012/05/18 17:19:57 | 000,009,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdnecat.dll
[2012/05/18 17:19:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2012/05/18 17:19:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdnec95.dll
[2012/05/18 17:19:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2012/05/18 17:19:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2012/05/18 17:19:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdintel.dll
[2012/05/18 17:19:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdintam.dll
[2012/05/18 17:19:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinpun.dll
[2012/05/18 17:19:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinmar.dll
[2012/05/18 17:19:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinkan.dll
[2012/05/18 17:19:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinhin.dll
[2012/05/18 17:19:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinguj.dll
[2012/05/18 17:19:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdindev.dll
[2012/05/18 17:19:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdibm02.dll
[2012/05/18 17:19:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdheb.dll
[2012/05/18 17:19:54 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdgeo.dll
[2012/05/18 17:19:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdfa.dll
[2012/05/18 17:19:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbddiv2.dll
[2012/05/18 17:19:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbddiv1.dll
[2012/05/18 17:19:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdax2.dll
[2012/05/18 17:19:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbd106n.dll
[2012/05/18 17:19:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbda3.dll
[2012/05/18 17:19:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbda2.dll
[2012/05/18 17:19:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbda1.dll
[2012/05/18 17:19:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdarmw.dll
[2012/05/18 17:19:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdarme.dll
[2012/05/18 17:19:51 | 000,018,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\jupiw.dll
[2012/05/18 17:19:51 | 000,009,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iwrps.dll
[2012/05/18 17:19:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbd101a.dll
[2012/05/18 17:19:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbd101.dll
[2012/05/18 17:19:50 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iscomlog.dll
[2012/05/18 17:19:50 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\isapips.dll
[2012/05/18 17:19:49 | 000,035,328 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iprip.dll
[2012/05/18 17:19:47 | 000,257,024 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\infocomm.dll
[2012/05/18 17:19:47 | 000,015,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\inetin51.exe
[2012/05/18 17:19:47 | 000,008,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\infoctrs.dll
[2012/05/18 17:19:46 | 000,471,102 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imskdic.dll
[2012/05/18 17:19:46 | 000,315,455 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imskf.dll
[2012/05/18 17:19:45 | 000,274,489 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjputyc.dll
[2012/05/18 17:19:45 | 000,262,200 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjputy.exe
[2012/05/18 17:19:45 | 000,102,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imlang.dll
[2012/05/18 17:19:45 | 000,059,904 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imkrinst.exe
[2012/05/18 17:19:45 | 000,045,109 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpuex.exe
[2012/05/18 17:19:44 | 000,307,257 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpdct.exe
[2012/05/18 17:19:44 | 000,233,527 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjprw.exe
[2012/05/18 17:19:44 | 000,208,952 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpmig.exe
[2012/05/18 17:19:44 | 000,155,705 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2012/05/18 17:19:44 | 000,081,976 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpdct.dll
[2012/05/18 17:19:43 | 000,811,064 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjp81k.dll
[2012/05/18 17:19:43 | 000,716,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpcus.dll
[2012/05/18 17:19:43 | 000,368,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpcic.dll
[2012/05/18 17:19:43 | 000,057,398 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpdadm.exe
[2012/05/18 17:19:42 | 000,340,023 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjp81.ime
[2012/05/18 17:19:42 | 000,311,359 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imepadsv.exe
[2012/05/18 17:19:42 | 000,106,496 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imekrcic.dll
[2012/05/18 17:19:42 | 000,102,463 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imepadsm.dll
[2012/05/18 17:19:42 | 000,086,016 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imekrmbx.dll
[2012/05/18 17:19:42 | 000,044,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imekrmig.exe
[2012/05/18 17:19:41 | 000,094,720 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imekr61.ime
[2012/05/18 17:19:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iissync.exe
[2012/05/18 17:19:41 | 000,003,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iismui.dll
[2012/05/18 17:19:40 | 000,145,408 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iische51.dll
[2012/05/18 17:19:40 | 000,079,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iislog51.dll
[2012/05/18 17:19:40 | 000,060,928 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisclex4.dll
[2012/05/18 17:19:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iiscrmap.dll
[2012/05/18 17:19:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisfecnv.dll
[2012/05/18 17:19:39 | 000,025,088 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisadmin.dll
[2012/05/18 17:19:33 | 010,129,408 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hwxkor.dll
[2012/05/18 17:19:24 | 010,096,640 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hwxcht.dll
[2012/05/18 17:19:24 | 000,268,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\httpext.dll
[2012/05/18 17:19:24 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\httpod51.dll
[2012/05/18 17:19:24 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\httpmb51.dll
[2012/05/18 17:19:23 | 000,039,936 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hostmib.dll
[2012/05/18 17:19:21 | 000,036,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hanjadic.dll
[2012/05/18 17:19:20 | 000,032,256 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\gzip.dll
[2012/05/18 17:19:18 | 000,400,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsxp32.dll
[2012/05/18 17:19:18 | 000,397,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxstiff.dll
[2012/05/18 17:19:18 | 000,267,776 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxssvc.exe
[2012/05/18 17:19:18 | 000,246,272 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxst30.dll
[2012/05/18 17:19:18 | 000,192,512 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxswzrd.dll
[2012/05/18 17:19:18 | 000,154,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsui.dll
[2012/05/18 17:19:17 | 000,562,176 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsst.dll
[2012/05/18 17:19:17 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsroute.dll
[2012/05/18 17:19:17 | 000,023,552 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsmon.dll
[2012/05/18 17:19:17 | 000,023,552 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsext32.dll
[2012/05/18 17:19:17 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxssend.exe
[2012/05/18 17:19:17 | 000,008,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsperf.dll
[2012/05/18 17:19:17 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsres.dll
[2012/05/18 17:19:16 | 000,285,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxscomex.dll
[2012/05/18 17:19:16 | 000,229,376 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxscover.exe
[2012/05/18 17:19:16 | 000,142,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsclnt.exe
[2012/05/18 17:19:16 | 000,132,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsclntr.dll
[2012/05/18 17:19:16 | 000,072,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxscom.dll
[2012/05/18 17:19:16 | 000,055,296 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsevent.dll
[2012/05/18 17:19:16 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsdrv.dll
[2012/05/18 17:19:15 | 000,451,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsapi.dll
[2012/05/18 17:19:15 | 000,125,952 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ftpsv251.dll
[2012/05/18 17:19:15 | 000,111,104 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2012/05/18 17:19:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2012/05/18 17:19:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ftpmib.dll
[2012/05/18 17:19:14 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ftlx041e.dll
[2012/05/18 17:19:13 | 000,020,541 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpadmdll.dll
[2012/05/18 17:19:12 | 000,024,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2012/05/18 17:19:12 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\flattemp.exe
[2012/05/18 17:19:10 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2012/05/18 17:19:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\exstrace.dll
[2012/05/18 17:19:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2012/05/18 17:19:09 | 000,101,888 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\evntagnt.dll
[2012/05/18 17:19:09 | 000,092,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\evntwin.exe
[2012/05/18 17:19:09 | 000,024,064 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\evntcmd.exe
[2012/05/18 17:19:08 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- D:\WINDOWS\System32\dllcache\esuimgd.dll
[2012/05/18 17:19:08 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- D:\WINDOWS\System32\dllcache\esunid.dll
[2012/05/18 17:19:08 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- D:\WINDOWS\System32\dllcache\esucmd.dll
[2012/05/18 17:19:08 | 000,025,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\et4000.sys
[2012/05/18 17:18:55 | 000,078,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\dayi.ime
[2012/05/18 17:18:54 | 000,042,496 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\davcdata.exe
[2012/05/18 17:18:52 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cprofile.exe
[2012/05/18 17:18:51 | 000,057,399 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cplexe.exe
[2012/05/18 17:18:51 | 000,056,320 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\convlog.exe
[2012/05/18 17:18:51 | 000,033,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\controt.dll
[2012/05/18 17:18:51 | 000,020,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\counters.dll
[2012/05/18 17:18:49 | 000,024,064 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\compfilt.dll
[2012/05/18 17:18:47 | 000,480,256 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cintsetp.exe
[2012/05/18 17:18:47 | 000,198,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cintime.dll
[2012/05/18 17:18:47 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cintlgnt.ime
[2012/05/18 17:18:46 | 000,097,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chtmbx.dll
[2012/05/18 17:18:46 | 000,056,320 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chtskdic.dll
[2012/05/18 17:18:45 | 001,677,824 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chsbrkr.dll
[2012/05/18 17:18:45 | 000,838,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chtbrkr.dll
[2012/05/18 17:18:44 | 000,078,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chajei.ime
[2012/05/18 17:18:44 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chgport.exe
[2012/05/18 17:18:44 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chgusr.exe
[2012/05/18 17:18:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chglogon.exe
[2012/05/18 17:18:44 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\change.exe
[2012/05/18 17:18:42 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- D:\WINDOWS\System32\dllcache\cap7146.sys
[2012/05/18 17:18:41 | 000,218,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\c_g18030.dll
[2012/05/18 17:18:41 | 000,010,752 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\c_iscii.dll
[2012/05/18 17:18:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\c_is2022.dll
[2012/05/18 17:18:30 | 000,045,568 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\browscap.dll
[2012/05/18 17:18:27 | 000,009,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\authfilt.dll
[2012/05/18 17:18:26 | 000,029,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\asptxn.dll
[2012/05/18 17:18:26 | 000,010,240 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\aspperf.dll
[2012/05/18 17:18:25 | 000,369,664 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\asp51.dll
[2012/05/18 17:18:25 | 000,331,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\aqueue.dll
[2012/05/18 17:18:24 | 000,108,544 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\appconf.dll
[2012/05/18 17:18:24 | 000,045,056 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2012/05/18 17:18:23 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0804.dll
[2012/05/18 17:18:23 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0412.dll
[2012/05/18 17:18:23 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0411.dll
[2012/05/18 17:18:22 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt040d.dll
[2012/05/18 17:18:22 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0404.dll
[2012/05/18 17:18:22 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\agt0401.dll
[2012/05/18 17:18:20 | 000,049,664 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\adrot.dll
[2012/05/18 17:18:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\admxprox.dll
[2012/05/18 17:18:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2012/05/18 17:18:19 | 000,029,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\admexs.dll
[2012/05/18 17:18:12 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wamregps.dll
[2012/05/18 17:18:11 | 000,032,827 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tcptest.exe
[2012/05/18 17:18:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tcptsat.dll
[2012/05/18 17:18:10 | 002,134,528 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smtpsnap.dll
[2012/05/18 17:18:10 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\staxmem.dll
[2012/05/18 17:18:09 | 000,189,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smtpadm.dll
[2012/05/18 17:18:09 | 000,020,536 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\shtml.dll
[2012/05/18 17:18:09 | 000,016,437 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\shtml.exe
[2012/05/18 17:18:02 | 000,076,800 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\logui.ocx
[2012/05/18 17:18:02 | 000,068,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\isatq.dll
[2012/05/18 17:18:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\infoadmn.dll
[2012/05/18 17:18:01 | 000,829,440 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\inetmgr.dll
[2012/05/18 17:18:01 | 000,169,984 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisui.dll
[2012/05/18 17:18:01 | 000,019,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\inetsloc.dll
[2012/05/18 17:18:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\inetmgr.exe
[2012/05/18 17:18:00 | 000,133,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisrtl.dll
[2012/05/18 17:18:00 | 000,068,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisext51.dll
[2012/05/18 17:18:00 | 000,064,512 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iismap.dll
[2012/05/18 17:18:00 | 000,030,720 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisrstas.exe
[2012/05/18 17:18:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisreset.exe
[2012/05/18 17:18:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisrstap.dll
[2012/05/18 17:17:59 | 000,208,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2012/05/18 17:17:59 | 000,020,538 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpremadm.exe
[2012/05/18 17:17:59 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2012/05/18 17:17:58 | 000,598,071 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpmmc.dll
[2012/05/18 17:17:58 | 000,188,494 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpcount.exe
[2012/05/18 17:17:58 | 000,109,328 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp98swin.exe
[2012/05/18 17:17:58 | 000,020,541 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fpexedll.dll
[2012/05/18 17:17:58 | 000,014,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp98sadm.exe
[2012/05/18 17:17:57 | 000,876,653 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4awel.dll
[2012/05/18 17:17:57 | 000,102,509 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4atxt.dll
[2012/05/18 17:17:57 | 000,049,212 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4awebs.dll
[2012/05/18 17:17:57 | 000,041,020 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4avnb.dll
[2012/05/18 17:17:57 | 000,032,826 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4avss.dll
[2012/05/18 17:17:56 | 000,184,435 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4amsft.dll
[2012/05/18 17:17:56 | 000,147,513 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4apws.dll
[2012/05/18 17:17:56 | 000,082,035 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4anscp.dll
[2012/05/18 17:17:56 | 000,049,210 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fp4areg.dll
[2012/05/18 17:17:55 | 000,076,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2012/05/18 17:17:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\coadmin.dll
[2012/05/18 17:17:54 | 000,275,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\certwiz.ocx
[2012/05/18 17:17:54 | 000,188,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cfgwiz.exe
[2012/05/18 17:17:54 | 000,094,720 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\certmap.ocx
[2012/05/18 17:17:54 | 000,016,439 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\author.exe
[2012/05/18 17:17:53 | 000,290,816 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\adsiis51.dll
[2012/05/18 17:17:53 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\admwprox.dll
[2012/05/18 17:17:53 | 000,020,540 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\author.dll
[2012/05/18 17:17:52 | 000,016,439 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\admin.exe
[2012/05/18 17:17:51 | 000,020,540 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\admin.dll
[2012/05/18 17:15:17 | 000,575,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\wuapi.dll
[2012/05/18 17:15:17 | 000,575,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wuapi.dll
[2012/05/18 16:59:26 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- D:\WINDOWS\System32\spxcoins.dll
[2012/05/18 16:59:26 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- D:\WINDOWS\System32\dllcache\spxcoins.dll
[2012/05/18 16:59:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\irclass.dll
[2012/05/18 16:59:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\irclass.dll
[2012/05/18 15:00:59 | 000,000,000 | -HSD | C] -- D:\found.000
[2012/05/14 19:47:00 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft.NET
[7 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/05/26 20:01:03 | 000,000,830 | ---- | M] () -- D:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/05/26 19:59:20 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2012/05/26 19:58:47 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2012/05/26 19:58:32 | 535,613,440 | -HS- | M] () -- D:\hiberfil.sys
[2012/05/26 19:53:07 | 000,000,974 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1644491937-839522115-1935655697-1003UA.job
[2012/05/26 09:12:26 | 000,000,664 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat
[2012/05/26 07:39:16 | 000,062,464 | ---- | M] () -- D:\Documents and Settings\SLAX\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/25 15:05:56 | 000,000,767 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\MCShield Real-Time Monitor.lnk
[2012/05/24 21:58:30 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\SLAX\Desktop\OTL.exe
[2012/05/24 21:19:19 | 000,002,255 | ---- | M] () -- D:\Documents and Settings\SLAX\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/05/24 21:19:18 | 000,002,277 | ---- | M] () -- D:\Documents and Settings\SLAX\Desktop\Google Chrome.lnk
[2012/05/24 20:53:07 | 000,000,922 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1644491937-839522115-1935655697-1003Core.job
[2012/05/24 18:24:51 | 000,554,356 | ---- | M] () -- D:\Documents and Settings\SLAX\Desktop\MCShield_Help_SR.pdf
[2012/05/24 17:51:56 | 000,464,491 | ---- | M] () -- D:\Documents and Settings\SLAX\Desktop\RootRepeal.zip
[2012/05/24 16:23:33 | 000,302,592 | ---- | M] () -- D:\Documents and Settings\SLAX\Desktop\wyl23ss3.exe
[2012/05/24 16:14:57 | 000,607,260 | R--- | M] (Swearware) -- D:\Documents and Settings\SLAX\Desktop\dds.scr
[2012/05/24 15:48:57 | 000,001,707 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Avira Control Center.lnk
[2012/05/24 15:35:45 | 000,036,000 | ---- | M] (Avira GmbH) -- D:\WINDOWS\System32\drivers\avkmgr.sys
[2012/05/20 08:27:40 | 000,494,566 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2012/05/20 08:27:40 | 000,085,126 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2012/05/19 08:33:26 | 000,096,664 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2012/05/19 07:32:40 | 000,000,874 | ---- | M] () -- D:\Documents and Settings\SLAX\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
[2012/05/19 07:32:38 | 000,000,856 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\GOM Player.lnk
[2012/05/18 17:54:35 | 000,001,510 | ---- | M] () -- D:\Documents and Settings\SLAX\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2012/05/18 17:54:34 | 000,001,492 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Opera.lnk
[2012/05/18 17:22:33 | 000,000,288 | ---- | M] () -- D:\WINDOWS\System32\$winnt$.inf
[2012/05/18 17:17:21 | 000,316,640 | ---- | M] () -- D:\WINDOWS\WMSysPr9.prx
[2012/05/18 17:17:20 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb
[2012/05/18 17:17:20 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb
[2012/05/18 17:17:06 | 000,004,161 | ---- | M] () -- D:\WINDOWS\ODBCINST.INI
[2012/05/18 17:14:05 | 000,022,720 | ---- | M] () -- D:\WINDOWS\System32\emptyregdb.dat
[2012/05/18 17:07:38 | 000,004,444 | ---- | M] () -- D:\WINDOWS\System32\pid.PNF
[2012/05/15 15:33:46 | 000,238,844 | ---- | M] () -- D:\Documents and Settings\SLAX\My Documents\srpski_vitez_by_hunter665-d307b9u.jpg
[2012/05/15 15:33:42 | 000,023,013 | ---- | M] () -- D:\Documents and Settings\SLAX\My Documents\majica_vitez_f_a.jpg
[2012/05/15 15:31:49 | 000,057,467 | ---- | M] () -- D:\Documents and Settings\SLAX\My Documents\cavalieri_templari_motto.gif
[2012/05/15 15:31:41 | 000,022,485 | ---- | M] () -- D:\Documents and Settings\SLAX\My Documents\templari.jpg
[2012/05/14 22:04:18 | 000,137,928 | ---- | M] (Avira GmbH) -- D:\WINDOWS\System32\drivers\avipbb.sys
[2012/05/14 22:04:18 | 000,112,032 | ---- | M] (Avira GmbH) -- D:\WINDOWS\System32\drivers\avfwot.sys
[2012/05/14 22:04:18 | 000,091,968 | ---- | M] (Avira GmbH) -- D:\WINDOWS\System32\drivers\avfwim.sys
[2012/05/14 22:04:18 | 000,083,392 | ---- | M] (Avira GmbH) -- D:\WINDOWS\System32\drivers\avgntflt.sys
[2012/05/14 15:58:01 | 002,516,480 | ---- | M] () -- D:\Documents and Settings\SLAX\Desktop\myfamilytree2.0.0.0.msi
[2012/05/05 08:59:56 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerApp.exe
[2012/05/05 08:59:56 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[7 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/25 15:05:56 | 000,000,767 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\MCShield Real-Time Monitor.lnk
[2012/05/24 18:24:51 | 000,554,356 | ---- | C] () -- D:\Documents and Settings\SLAX\Desktop\MCShield_Help_SR.pdf
[2012/05/24 17:51:55 | 000,464,491 | ---- | C] () -- D:\Documents and Settings\SLAX\Desktop\RootRepeal.zip
[2012/05/24 16:23:32 | 000,302,592 | ---- | C] () -- D:\Documents and Settings\SLAX\Desktop\wyl23ss3.exe
[2012/05/18 17:54:35 | 000,001,510 | ---- | C] () -- D:\Documents and Settings\SLAX\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2012/05/18 17:54:34 | 000,001,498 | ---- | C] () -- D:\Documents and Settings\All Users\Start Menu\Programs\Opera.lnk
[2012/05/18 17:54:33 | 000,001,492 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Opera.lnk
[2012/05/18 17:20:43 | 000,175,104 | ---- | C] () -- D:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012/05/18 17:20:00 | 001,158,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/05/18 17:19:46 | 000,059,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imscinst.exe
[2012/05/18 17:19:44 | 000,196,665 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imjpinst.exe
[2012/05/18 17:19:41 | 000,134,339 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imekr.lex
[2012/05/18 17:19:29 | 013,463,552 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012/05/18 17:19:21 | 000,108,827 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hanja.lex
[2012/05/18 17:19:14 | 000,094,208 | ---- | C] () -- D:\WINDOWS\System32\dllcache\fpencode.dll
[2012/05/18 17:18:46 | 000,173,568 | ---- | C] () -- D:\WINDOWS\System32\dllcache\chtskf.dll
[2012/05/18 16:59:14 | 000,399,645 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012/05/18 16:59:14 | 000,144,484 | ---- | C] () -- D:\WINDOWS\System32\dllcache\netfx.cat
[2012/05/18 16:59:14 | 000,112,918 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tabletpc.cat
[2012/05/18 16:59:14 | 000,037,484 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MW770.CAT
[2012/05/18 16:59:14 | 000,034,747 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mediactr.cat
[2012/05/18 16:59:14 | 000,034,063 | ---- | C] () -- D:\WINDOWS\System32\dllcache\FP4.CAT
[2012/05/18 16:59:14 | 000,026,991 | ---- | C] () -- D:\WINDOWS\System32\dllcache\msn7.cat
[2012/05/18 16:59:14 | 000,016,535 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IMS.CAT
[2012/05/18 16:59:14 | 000,014,433 | ---- | C] () -- D:\WINDOWS\System32\dllcache\msn9.cat
[2012/05/18 16:59:14 | 000,013,472 | ---- | C] () -- D:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012/05/18 16:59:14 | 000,012,363 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012/05/18 16:59:14 | 000,010,027 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012/05/18 16:59:14 | 000,008,574 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012/05/18 16:59:14 | 000,007,382 | ---- | C] () -- D:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012/05/18 16:59:13 | 002,144,487 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5.CAT
[2012/05/18 16:59:13 | 001,296,669 | ---- | C] () -- D:\WINDOWS\System32\dllcache\SP3.CAT
[2012/05/18 16:59:13 | 000,797,189 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012/05/18 16:59:12 | 000,522,220 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012/05/18 15:12:14 | 535,613,440 | -HS- | C] () -- D:\hiberfil.sys
[2012/05/15 15:33:46 | 000,238,844 | ---- | C] () -- D:\Documents and Settings\SLAX\My Documents\srpski_vitez_by_hunter665-d307b9u.jpg
[2012/05/15 15:33:42 | 000,023,013 | ---- | C] () -- D:\Documents and Settings\SLAX\My Documents\majica_vitez_f_a.jpg
[2012/05/15 15:31:49 | 000,057,467 | ---- | C] () -- D:\Documents and Settings\SLAX\My Documents\cavalieri_templari_motto.gif
[2012/05/15 15:31:41 | 000,022,485 | ---- | C] () -- D:\Documents and Settings\SLAX\My Documents\templari.jpg
[2012/05/14 15:58:01 | 002,516,480 | ---- | C] () -- D:\Documents and Settings\SLAX\Desktop\myfamilytree2.0.0.0.msi
[2012/05/08 19:10:46 | 000,955,362 | ---- | C] () -- D:\Documents and Settings\SLAX\Desktop\House M.D. - Sezona_3.rar
[2012/02/15 11:35:54 | 000,003,072 | ---- | C] () -- D:\WINDOWS\System32\iacenc.dll
[2012/01/04 20:08:19 | 000,650,752 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2012/01/04 20:08:19 | 000,243,200 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll
[2012/01/04 20:08:17 | 000,079,360 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll
[2011/08/25 10:03:23 | 000,002,400 | ---- | C] () -- D:\WINDOWS\System32\ASOROSet.bin
[2011/05/17 16:12:42 | 000,000,664 | ---- | C] () -- D:\WINDOWS\System32\d3d9caps.dat
[2011/05/17 15:40:15 | 000,004,161 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2011/05/17 15:38:30 | 000,096,664 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/17 15:30:59 | 000,516,096 | ---- | C] () -- D:\WINDOWS\System32\ati2sgag.exe
[2011/05/17 15:14:54 | 000,000,044 | ---- | C] () -- D:\WINDOWS\System32\msssc.dll
[2011/05/17 15:12:35 | 000,003,173 | ---- | C] () -- D:\WINDOWS\Ascd_tmp.ini
[2011/05/17 15:12:32 | 000,005,824 | ---- | C] () -- D:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2011/05/17 14:47:52 | 000,175,616 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll
[2011/05/17 14:29:51 | 002,067,140 | R--- | C] () -- D:\WINDOWS\System32\avcodec.dll
[2011/05/17 14:06:10 | 000,062,464 | ---- | C] () -- D:\Documents and Settings\SLAX\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/17 14:01:05 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2011/05/17 13:52:00 | 000,022,720 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat

< End of report >




mycity.rs/must-login.png

• 1Ovo se svidja korisniku: mcrule
  
  Registruj se da bi pohvalio/la poruku!

Korak 1
Ponovo pokreni program OTL dvoklikom na ikonicu;

U beli okvir prozora gde piše Custom Scans/Fixes iskopirati sledeći tekst:

:OTL
CHR - default_search_provider: search_url = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=BA&install_date=20120104&user_guid=A9707543EA7C4280A6ED9B2894607BE3&machine_id=49f5d7d180f32e75ace2bd12a32b0c96&browser=CR&os=win&os_version=5.1-x86-SP3



Klikni taster Run Fix;


Log koji dobiješ iskopiraj ovde u poruci.



Kada to završiš pokreni ponovo OTL, i klikni na dugme CleanUp.



Tvoj računar je čist sto se malware-a tiče. Predlažem ti da otvoriš temu u Windows potforumu, i tamo opišeš svoj problem.


Ivance95 (AMF Tim)

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

OK, hvala!


========== OTL ==========
Unable to fix default_search_provider items.

OTL by OldTimer - Version 3.2.43.1 log created on 05282012_194931