Jump to content

Препоръчан пост

1. Операционна система? Windows XP/Vista/7 ?????

2. Какъв браузер използваш?

3. Иначе, други приложения: игри, късметчета, виртуални сърчица, ала-бала, имаш ли достъп до тях?

4. Можеш ли да гледаш клипчета в Youtube, Vbox7?

Link to comment
Сподели другаде

Проблемът съществува ли при други браузъри освен Mozilla Firefox? Проблемът предхождан ли е от някакаква специфична дейност, свързана с операционната дейност, в частност - web браузърите?

 

Може да опитате изчистване кеша (cache) на браузъра. За да направите това в Mozilla Firefox:

  • Стартирайте Mozilla Firefox;
  • Меню Tools -> Options -> Advanced -> таб Network;
  • Натиснете бутона Clear Now, намиращ се срещу подменю Offline Storage;

Подобни проблеми са често срещано явление, особено, ако се отнася до игри, като FarmVille и CityVille.

Link to comment
Сподели другаде

Споменатият в темата вирус, блокира влизането в самия сайт на Facebook. Проблемът на потребителя е свързан със стартиране на приложение от Facebook.
Link to comment
Сподели другаде

Сканирай с Malwarebytes' Anti-Malware. Ако тепърва инсталираш програмата, в края инсталацията ще има отметка за автоматична актуализация, не я премахвай. В противен случай обнови дефинициите й ръчно. Ако вече имаш програмата, провери дали имаш последната версия и ако нямаш, премахни твоята и инсталирай най-новата, като в края на инсталацията остави отметката за актуализация на дефинициите.

 

Инструкции за сканиране:

- стартирай програмата;

- избери Perform quick scan (Бързо сканиране) и кликни бутон Scan (Сканиране);

- след като приключи сканирането, ако не са открити заплахи, ще се отвори автоматично текстов файл (който можеш да затвориш) и програмата ще те уведоми, че не е открила нищо, след което можеш да кликнеш бутон OK и да я затвориш;

- ако са открити заплахи, кликни бутон OK и после Show results (Покажи резултатите);

- кликни бутон Remove Selected (Премахни избраните);

Ако е нужен рестарт, се съгласи и рестартирай веднага. След рестарта стартирай отново програмата, иди на подпорозиорец Logs (Дневници), маркирай последния дневник, кликни бутон Open (Отвори) и му копирай съдържанието тук. Ако не е бил нужен рестарт, трябва да се появи текстов файл - копирай му съдържанието тук.

Link to comment
Сподели другаде

  • 7 months later...

от тази зима имам проблем с Facebook защото не ми отваряше facebook и установих че имам вируси в компютъра след което компютъра стана изключително бавен но си изтеглих програмата Malwarebytes Anti-Malware и намери вируси и аз ги изтрих ама не съм сигурен дали се получи но след като го пуснах втори път нищо не откри и така след много рестарта си изчистих компютъра но пак не можех да вляза в facebook но в мрежата открих друг facebook на имe http://www.beta.facebook.com/ което не е www.facebook.com но пак си влизах и всичко си правех освен игрите обаче срокът на програмата Malwarebytes Anti-Malware и аз се опитах да го подновя но все ми излизаха долари че трябва да си го купя и аз го оставих така тя не работеше цяла зима но компютъра нямаше проблеми до вчера когато ми изчезна и чата а без чат за какво ми е facebook.Затова хора умолявам ви ако можете помогнете и за игрите и за чата.Благодаря ви предварително!

 

да не забравя не мога да вляза в www.facebook.com и от Google chrome и от Internet Explorer и от Mozila Firefox докато не стане по сериозно искам да го отстраня проблема за това HELP!

Link to comment
Сподели другаде

Изтеглете Malwarebytes' Anti-Malware Free.

  • Стартирайте инсталационния файл и инсталирайте програмата.
  • Уверете се, че са поставени отметки пред Update Malwarebytes' Anti-Malware и Launch Malwarebytes'Anti-Malware.
  • Програмата ще изтегли и инсталира автоматично наличните обновявания.
  • Стартирайте програмата.
  • Изберете Perform Quick Scan-> Scan.
  • След края на сканирането, натиснете бутон OK
  • Натиснете бутона Show Results, за да видите резултата от сканирането.
  • Уверете се, че има отметки на всеки ред.
  • Натиснете бутона Remove Selected.

В Notepad ще бъде отворен лог -файл. Моля, публикувайте съдържанието му в следващия Ви коментар.

 

Забележка: MalwareBytes' Anti-Malware може да поиска да рестартира Вашата система. При подобно запитване от страна на програмата се съгласете и позволете рестартирането на системата.

 

 

Изтеглете OTL

  • Запазете файла на Вашия десктоп.
  • Стартирайте инструмента.
  • Уверете се, че процесът на сканиране няма да бъде прекъснат.
  • В главния прозорец на програмата сложете отметка пред Scan All Users.
  • В полето Standart Registry изберете All.
  • Сложете отметки пред LOP Check и Purity Check.
  • От падащото меню File Age изберете 90 days.
  • Уверете се, че има отметкa пред Skip Microsoft Files.
  • В полето Custom Scans/Fixes поставете следния текст:

netsvcs
msconfig
safebootminimal
safebootnetwork
"%WinDir%\$NtUninstallKB*$." /30
C:\Program Files\Common Files\ComObjects\*.* /s
%SYSTEMDRIVE%\*.*
%USERPROFILE%\*.*
%USERPROFILE%\Application Data\*.*
%USERPROFILE%\Local Settings\Application Data\*.*
%AllUsersProfile%\*.*
%AllUsersProfile%\Application Data\*.*
%USERPROFILE%\My Documents\*.*
%CommonProgramFiles%\*.*
%PROGRAMFILES%\*.*
%systemroot%\system32\config\systemprofile\*.*
%windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.*
%windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.*
%windir%\temp*.*
%windir%\system32\*.
%Temp%\smtmp\1\*.*
%Temp%\smtmp\2\*.*
%Temp%\smtmp\3\*.*
%Temp%\smtmp\4\*.*
%systemroot%\system32\DBBK\*.* /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /90
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\*. /rp /s
%systemroot%\assembly\tmp\*.* /S /MD5
%systemroot%\assembly\temp\*.* /S /MD5
%systemroot%\assembly\GAC_32\*.* /S /MD5
%systemroot%\assembly\GAC_MSIL\*.* /S /MD5
>C:\commands.txt echo list vol /raw /hide /c
/wait
>C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
/wait
type c:\diskreport.txt /c
/wait
erase c:\commands.txt /hide /c
/wait
erase c:\diskreport.txt /hide /c
/md5start
smss.exe
winlogon.exe
services.exe
lsass.exe
svchost.exe
explorer.exe
userinit.exe
atapi.sys
iaStor.sys
serial.sys
disk.sys
volsnap.sys
redbook.sys
i8042prt.sys
afd.sys
netbt.sys
tcpip.sys
ipsec.sys
hlp.dat
/md5stop

 

 

Копирайте кода точно както е даден. Уверете се, че всяка от командите е на нов ред, както е в полето.

 

Натиснете бутона Run Scan. Ще започне сканиране, което няма да продължи дълго.Когато сканирането приключи автоматично ще се отворят два Notepad лог-файла - OTL.txt и Extras.txt.

 

Моля, прикачете тези два файла към следващия Ви коментар.

Link to comment
Сподели другаде

резултати от сканирането на Malwarebytes Anti-Malware

 

 

 

Malwarebytes Anti-Malware (Trial) 1.61.0.1400

www.malwarebytes.org

 

Database version: v2012.06.04.07

 

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Ali & Serkan :: SERKAN-1F3191E0 [administrator]

 

Protection: Enabled

 

6/5/2012 22:25:49

mbam-log-2012-06-05 (22-25-49).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 208526

Time elapsed: 12 minute(s), 50 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 1

E:\Documents and Settings\Ali & Serkan\Local Settings\Temp\KMP_3.2.0.0.exe (PUP.ToolbarDownloader) -> Quarantined and deleted successfully.

 

(end)

 

ето и резултатите от програмата ОТL

 

Extras.txt

 

 

 

OTL Extras logfile created on: 6.5.2012 22:54:19 - Run 1

OTL by OldTimer - Version 3.2.46.0 Folder = C:\Downloads\Программы

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000402 | Country: Bulgaria | Language: BGR | Date Format: M/d/yyyy

 

3,00 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 65,62% Memory free

4,84 Gb Paging File | 3,76 Gb Available in Paging File | 77,66% Paging File free

Paging file location(s): E:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files

Drive C: | 146,73 Gb Total Space | 128,21 Gb Free Space | 87,38% Space Free | Partition Type: NTFS

Drive E: | 319,02 Gb Total Space | 200,85 Gb Free Space | 62,96% Space Free | Partition Type: NTFS

 

Computer Name: SERKAN-1F3191E0 | User Name: Ali & Serkan | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

 

[HKEY_USERS\S-1-5-21-1078081533-1960408961-1417001333-1003\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "E:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "E:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 1

"FirewallOverride" = 0

"DisableThumbnailCache" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"2706:TCP" = 2706:TCP:*:Enabled:Inhatch P2P Streaming

"2707:TCP" = 2707:TCP:*:Enabled:Inhatch P2P Streaming

"2708:TCP" = 2708:TCP:*:Enabled:Inhatch P2P Streaming

"2709:TCP" = 2709:TCP:*:Enabled:Inhatch P2P Streaming

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10950:TCP" = 10950:TCP:*:Enabled:Inhatch P2P Streaming

"10951:TCP" = 10951:TCP:*:Enabled:Inhatch P2P Streaming

"10952:TCP" = 10952:TCP:*:Enabled:Inhatch P2P Streaming

"10953:TCP" = 10953:TCP:*:Enabled:Inhatch P2P Streaming

"49780:UDP" = 49780:UDP:*:Enabled:Inhatch P2P Streaming

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"E:\Program Files\iMesh Applications\iMesh\iMesh.exe" = E:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh

"E:\Program Files\Windows Live\Messenger\wlcsdk.exe" = E:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

"E:\Program Files\Windows Live\Messenger\msnmsgr.exe" = E:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

"E:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = E:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

"E:\Program Files\Dragon Age 2\bin_ship\DragonAge2.exe" = E:\Program Files\Dragon Age 2\bin_ship\DragonAge2.exe:*:Enabled:Dragon Age II

"E:\Program Files\Dragon Age 2\DragonAge2Launcher.exe" = E:\Program Files\Dragon Age 2\DragonAge2Launcher.exe:*:Enabled:Dragon Age II Launcher

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Games\CSSv34\hl2.exe" = C:\Games\CSSv34\hl2.exe:*:Enabled:hl2 -- ()

"E:\WINDOWS\system32\PnkBstrB.exe" = E:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()

"E:\Program Files\Counter-Strike\cstrike.exe" = E:\Program Files\Counter-Strike\cstrike.exe:*:Disabled:Half-Life Launcher

"E:\Program Files\EA SPORTS\FIFA 11\Game\fifa.exe" = E:\Program Files\EA SPORTS\FIFA 11\Game\fifa.exe:*:Enabled:FIFA 11 -- (Electronic Arts)

"E:\Program Files\Google\Google Earth\client\googleearth.exe" = E:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)

"E:\Program Files\Electronic Arts\SHIFT 2 UNLEASHED\shift2u.exe" = E:\Program Files\Electronic Arts\SHIFT 2 UNLEASHED\shift2u.exe:*:Enabled:SHIFT 2 UNLEASHED™ -- (Electronic Arts Inc.)

"E:\Program Files\Electronic Arts\Need for Speed Hot Pursuit\Launcher.exe" = E:\Program Files\Electronic Arts\Need for Speed Hot Pursuit\Launcher.exe:*:Enabled:Need for Speed Hot Pursuit -- (Electronic Arts)

"E:\Program Files\Electronic Arts\Need for Speed Hot Pursuit\NFS11.exe" = E:\Program Files\Electronic Arts\Need for Speed Hot Pursuit\NFS11.exe:*:Enabled:Need for Speed Hot Pursuit Application -- (Electronic Arts)

"E:\Program Files\Windows Live\Messenger\msnmsgr.exe" = E:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

"E:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = E:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

"E:\Program Files\Counter-Strike\hl.exe" = E:\Program Files\Counter-Strike\hl.exe:*:Enabled:Half-Life Launcher

"E:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe" = E:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe:*:Enabled:Crysis2

"E:\Program Files\Counter-Strike\hlds.exe" = E:\Program Files\Counter-Strike\hlds.exe:*:Enabled:HLDS Launcher

"E:\Program Files\Codemasters\F1 2011\F1_2011.exe" = E:\Program Files\Codemasters\F1 2011\F1_2011.exe:*:Enabled:F1 2011

"E:\Program Files\EA SPORTS\FIFA 12\Game\fifa.exe" = E:\Program Files\EA SPORTS\FIFA 12\Game\fifa.exe:*:Enabled:FIFA 12 -- (Electronic Arts)

"E:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe" = E:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker -- (Visicom Media Inc.)

"E:\Program Files\2K Sports\NBA 2K12\nba2k12.exe" = E:\Program Files\2K Sports\NBA 2K12\nba2k12.exe:*:Enabled:NBA 2K12 -- (2K Sports)

"E:\Documents and Settings\Ali & Serkan\Desktop\utorrent.exe" = E:\Documents and Settings\Ali & Serkan\Desktop\utorrent.exe:*:Enabled:µTorrent

"E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" = E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)

"E:\Program Files\Skype\Phone\Skype.exe" = E:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)

"E:\Documents and Settings\All Users\Application Data\Electronic Arts\Need For Speed World\Data\nfsw.exe" = E:\Documents and Settings\All Users\Application Data\Electronic Arts\Need For Speed World\Data\nfsw.exe:*:Enabled:Need for Speed World -- (Electronic Arts)

"E:\Program Files\uTorrent\uTorrent.exe" = E:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)

"E:\Program Files\Counter-Strike 1.6\hl.exe" = E:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)

"E:\Program Files\SoftnyxGame\WolfTeamTS\Wolfteam.bin" = E:\Program Files\SoftnyxGame\WolfTeamTS\Wolfteam.bin:*:Enabled:WolfTeam -- (Softnyx Co., Ltd.)

"E:\Program Files\GameSpy Arcade\Aphex.exe" = E:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade -- (GameSpy Industries, Inc.)

"E:\Program Files\Need for Speed 3 - Hot Pursuit\nfs3.exe" = E:\Program Files\Need for Speed 3 - Hot Pursuit\nfs3.exe:*:Enabled:Need For Speed III for Win32

"E:\Program Files\Agrar Simulator 2012\iupdate.dll" = E:\Program Files\Agrar Simulator 2012\iupdate.dll:*:Enabled:Agricultural Simulator 2012

"E:\Program Files\Agrar Simulator 2012\farm2012.dll" = E:\Program Files\Agrar Simulator 2012\farm2012.dll:*:Enabled:Agricultural Simulator 2012

"E:\Program Files\Farming Simulator 2011\FarmingSimulator2011.exe" = E:\Program Files\Farming Simulator 2011\FarmingSimulator2011.exe:*:Enabled:Farming Simulator 2011 -- (GIANTS Software GmbH)

"E:\Program Files\Farming Simulator 2011\game.exe" = E:\Program Files\Farming Simulator 2011\game.exe:*:Enabled:Farming Simulator 2011 -- (GIANTS Software GmbH)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{04E9B02B-4F85-4B73-B865-27B9B8B35877}" = NBA 2K12

"{06A395CE-60A6-471E-A73C-73634310EDB3}" = Windows Live Sync

"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant

"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

"{19CC7A03-BDBB-4EFB-B8C9-86FD2FB95334}" = Windows Live Messenger

"{1D301950-EA2F-4882-9AA0-49467756842A}" = SweetIM for Messenger 3.3

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java 7 Update 4

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{31874D00-F3E1-44CE-A79A-492CFBD585E8}" = Windows Live Writer

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX

"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11

"{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010

"{434D0FA1-3E0C-4D03-A5D4-5E1000008100}" = F1 2011

"{47E582E4-482B-47D2-B578-FE7F83F6CED4}" = Windows Live Mail

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace

"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Земя

"{5F14EAD6-1FF2-4059-9AF9-82AE944DD8BF}_is1" = WolfTeam Turkiye

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6CD0E03A-7E99-4FDE-9D7F-D0F457DB4192}" = Фотогалерия на Windows Live

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World

"{7F34A21F-2DEB-4598-BB19-611D6BD24271}" = Managed DirectX (0901)

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed Hot Pursuit

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)

"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update

"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer

"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.3

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A7631C52-DC0C-435C-8802-9FA032084D6B}" = Семейна безопасност на Windows Live

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5

"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call

"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT

"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call

"{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable

"{F2E23139-3404-4E3C-9855-7724415D62A5}" = Dragon Age II

"{F8DBD826-2387-43C5-94AD-ACA7EB55F049}" = Windows Live Essentials

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player

"AIMP3" = AIMP3

"avast!" = avast! Antivirus

"conduitEngine" = Conduit Engine

"DAEMON Tools Lite" = DAEMON Tools Lite

"Download Master_is1" = Download Master 5.12.7.1307

"EADM" = EA Download Manager

"Electronic Arts Game Updater" = Electronic Arts Game Updater

"FarmingSimulator2009EN_is1" = Farming-Simulator 2009

"FarmingSimulator2011_PLATINUMEN_is1" = Farming Simulator 2011

"GameSpy Arcade" = GameSpy Arcade

"GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010

"GFWL_{434D0FA1-3E0C-4D03-A5D4-5E1000008100}" = F1 2011

"iMesh 1 MediaBar" = MediaBar

"ImgBurn" = ImgBurn

"Inhatch web plugins" = Inhatch web plugins

"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA п»ї

"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware, версия 1.61.0.1400

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Mozilla Firefox 7.0.1 (x86 bg)" = Mozilla Firefox 7.0.1 (x86 bg)

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"MSNINST" = MSN

"nGlide" = nGlide 0.98

"NVIDIA Drivers" = NVIDIA Drivers

"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager

"Ogg Vorbis Redistributable V 1.0b (vorbis1_0_pub~343AD259_is1" = Ogg Vorbis Redistributable V 1.0b (vorbis1_0_public_release)

"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-14-05-01

"PunkBusterSvc" = PunkBuster Services

"SkypeLauncher" = SkypeLauncher

"The KMPlayer" = The KMPlayer (remove only)

"uTorrent" = µTorrent

"uTorrentBar Toolbar" = uTorrentBar Toolbar

"VLC media player" = VLC media player 2.0.0

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"Windows Searchqu Toolbar" = Windows iLivid Toolbar

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = WinRAR 4.10 (32-bit)

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-1078081533-1960408961-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}" = Prince of Persia T2T

"FoxTab FLV Player" = FoxTab FLV Player

"Google Chrome" = Google Chrome

 

========== Last 10 Event Log Errors ==========

 

[ Antivirus Events ]

Error - 5.23.2012 23:29:51 | Computer Name = SERKAN-1F3191E0 | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

E:\Documents and Settings\Ali & Serkan\My Documents\Downloads\BATTLEFIELD.COMPLETE.PC.MEGAPACK\Battlefield_2142-Razor1911\rzr-2142.iso

failed, 00000083.

 

Error - 5.24.2012 00:04:07 | Computer Name = SERKAN-1F3191E0 | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

E:\Documents and Settings\Ali & Serkan\My Documents\Downloads\BATTLEFIELD.COMPLETE.PC.MEGAPACK\Battlefield

2 Special Forces (PC)\Battlefield 2 Special Forces - Keygen - Crack\BFSF-MINI.mdf

failed, 00000084.

 

Error - 5.24.2012 01:11:52 | Computer Name = SERKAN-1F3191E0 | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

E:\Documents and Settings\Ali & Serkan\My Documents\Downloads\BATTLEFIELD.COMPLETE.PC.MEGAPACK\Battlefield_2142-Razor1911\rzr-2142.iso

failed, 00000083.

 

Error - 5.24.2012 01:31:17 | Computer Name = SERKAN-1F3191E0 | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

E:\Documents and Settings\Ali & Serkan\My Documents\Downloads\BATTLEFIELD.COMPLETE.PC.MEGAPACK\Battlefield_2142-Razor1911\rzr-2142.iso

failed, 00000083.

 

Error - 5.24.2012 15:38:08 | Computer Name = SERKAN-1F3191E0 | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

E:\Documents and Settings\Ali & Serkan\My Documents\Downloads\BATTLEFIELD.COMPLETE.PC.MEGAPACK\Battlefield.Bad.Company.2-RELOADED\rld-bbc2.iso

failed, 00000083.

 

Error - 6.5.2012 01:17:39 | Computer Name = SERKAN-1F3191E0 | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

E:\WINDOWS\SYSTEM32\MSCOMCTLX.dll failed, 00000005.

 

Error - 6.5.2012 01:41:16 | Computer Name = SERKAN-1F3191E0 | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

E:\WINDOWS\SYSTEM32\MSCOMCTLX.dll failed, 00000005.

 

Error - 6.5.2012 19:39:03 | Computer Name = SERKAN-1F3191E0 | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

E:\WINDOWS\SYSTEM32\MSCOMCTLX.dll failed, 00000005.

 

Error - 6.6.2012 01:28:27 | Computer Name = SERKAN-1F3191E0 | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

E:\WINDOWS\SYSTEM32\MSCOMCTLX.dll failed, 00000005.

 

Error - 6.6.2012 02:00:59 | Computer Name = SERKAN-1F3191E0 | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

E:\WINDOWS\System32\MSCOMCTLX.dll failed, 00000005.

 

[ Application Events ]

Error - 5.27.2012 14:17:12 | Computer Name = SERKAN-1F3191E0 | Source = Application Error | ID = 1000

Description = Faulting application Setup.exe, version 0.0.0.0, faulting module msvcrt.dll,

version 7.0.2600.5512, fault address 0x00036fa3.

 

Error - 5.27.2012 14:17:42 | Computer Name = SERKAN-1F3191E0 | Source = Application Error | ID = 1000

Description = Faulting application Setup.exe, version 0.0.0.0, faulting module msvcrt.dll,

version 7.0.2600.5512, fault address 0x00036fa3.

 

Error - 5.27.2012 14:17:43 | Computer Name = SERKAN-1F3191E0 | Source = Application Error | ID = 1000

Description = Faulting application Setup.exe, version 0.0.0.0, faulting module msvcrt.dll,

version 7.0.2600.5512, fault address 0x00036fa3.

 

Error - 5.27.2012 14:17:46 | Computer Name = SERKAN-1F3191E0 | Source = Application Error | ID = 1000

Description = Faulting application Setup.exe, version 0.0.0.0, faulting module msvcrt.dll,

version 7.0.2600.5512, fault address 0x00036fa3.

 

Error - 5.27.2012 14:17:48 | Computer Name = SERKAN-1F3191E0 | Source = Application Error | ID = 1000

Description = Faulting application Setup.exe, version 0.0.0.0, faulting module msvcrt.dll,

version 7.0.2600.5512, fault address 0x00036fa3.

 

Error - 5.27.2012 14:17:49 | Computer Name = SERKAN-1F3191E0 | Source = Application Error | ID = 1000

Description = Faulting application Setup.exe, version 0.0.0.0, faulting module msvcrt.dll,

version 7.0.2600.5512, fault address 0x00036fa3.

 

Error - 5.27.2012 14:17:50 | Computer Name = SERKAN-1F3191E0 | Source = Application Error | ID = 1000

Description = Faulting application Setup.exe, version 0.0.0.0, faulting module msvcrt.dll,

version 7.0.2600.5512, fault address 0x00036fa3.

 

Error - 5.27.2012 14:20:32 | Computer Name = SERKAN-1F3191E0 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000

Description = EventType clr20r3, P1 crack.exe, P2 0.0.0.0, P3 4eb9c010, P4 mscorlib,

P5 2.0.0.0, P6 4ef6c16f, P7 1c19, P8 2, P9 system.badimageformatexception, P10

NIL.

 

Error - 6.5.2012 00:48:58 | Computer Name = SERKAN-1F3191E0 | Source = Application Error | ID = 1000

Description = Faulting application kmplayer.exe, version 3.0.0.1439, faulting module

kmplayer.exe, version 3.0.0.1439, fault address 0x000175f6.

 

Error - 6.5.2012 00:49:45 | Computer Name = SERKAN-1F3191E0 | Source = MsiInstaller | ID = 1013

Description = Product: Kaspersky Internet Security 2011 -- Attention! Some software

on your computer is incompatible with Kaspersky Internet Security 2011. To proceed

with the installation, remove these applications.

 

[ System Events ]

Error - 5.30.2012 08:58:43 | Computer Name = SERKAN-1F3191E0 | Source = Dhcp | ID = 1000

Description = Your computer has lost the lease to its IP address 192.168.150.93

on the Network Card with network address 002511CBBE60.

 

Error - 5.30.2012 16:25:45 | Computer Name = SERKAN-1F3191E0 | Source = Dhcp | ID = 1000

Description = Your computer has lost the lease to its IP address 192.168.150.93

on the Network Card with network address 002511CBBE60.

 

Error - 5.31.2012 01:02:32 | Computer Name = SERKAN-1F3191E0 | Source = Dhcp | ID = 1000

Description = Your computer has lost the lease to its IP address 192.168.150.93

on the Network Card with network address 002511CBBE60.

 

Error - 5.31.2012 18:56:17 | Computer Name = SERKAN-1F3191E0 | Source = Dhcp | ID = 1000

Description = Your computer has lost the lease to its IP address 192.168.150.93

on the Network Card with network address 002511CBBE60.

 

Error - 5.31.2012 18:56:24 | Computer Name = SERKAN-1F3191E0 | Source = W32Time | ID = 39452689

Description = Time Provider NtpClient: An error occurred during DNS lookup of the

manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup

again in 15 minutes. The error was: A socket operation was attempted to an unreachable

host. (0x80072751)

 

Error - 5.31.2012 18:56:24 | Computer Name = SERKAN-1F3191E0 | Source = W32Time | ID = 39452701

Description = The time provider NtpClient is configured to acquire time from one

or more time sources, however none of the sources are currently accessible. No attempt

to contact a source will be made for 14 minutes. NtpClient has no source of accurate

time.

 

Error - 5.31.2012 18:56:41 | Computer Name = SERKAN-1F3191E0 | Source = W32Time | ID = 39452706

Description = The time service has detected that the system time needs to be changed

by -122561 seconds. The time service will not change the system time by more than

-54000 seconds. Verify that your time and time zone are correct, and that the time

source time.windows.com (ntp.m|0x1|192.168.150.93:123->65.55.21.15:123) is working

properly.

 

Error - 6.2.2012 01:17:12 | Computer Name = SERKAN-1F3191E0 | Source = Dhcp | ID = 1000

Description = Your computer has lost the lease to its IP address 192.168.150.93

on the Network Card with network address 002511CBBE60.

 

Error - 6.4.2012 18:10:12 | Computer Name = SERKAN-1F3191E0 | Source = Dhcp | ID = 1000

Description = Your computer has lost the lease to its IP address 192.168.150.93

on the Network Card with network address 002511CBBE60.

 

Error - 6.5.2012 23:45:32 | Computer Name = SERKAN-1F3191E0 | Source = Dhcp | ID = 1000

Description = Your computer has lost the lease to its IP address 192.168.150.93

on the Network Card with network address 002511CBBE60.

 

 

< End of report >

 

резултатите от програмата OTL

 

 

OTL.txt

 

 

OTL logfile created on: 6.5.2012 22:54:19 - Run 1

OTL by OldTimer - Version 3.2.46.0 Folder = C:\Downloads\Программы

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000402 | Country: Bulgaria | Language: BGR | Date Format: M/d/yyyy

 

3,00 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 65,62% Memory free

4,84 Gb Paging File | 3,76 Gb Available in Paging File | 77,66% Paging File free

Paging file location(s): E:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files

Drive C: | 146,73 Gb Total Space | 128,21 Gb Free Space | 87,38% Space Free | Partition Type: NTFS

Drive E: | 319,02 Gb Total Space | 200,85 Gb Free Space | 62,96% Space Free | Partition Type: NTFS

 

Computer Name: SERKAN-1F3191E0 | User Name: Ali & Serkan | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days

 

========== Processes (SafeList) ==========

 

PRC - [2012.06.05 22:48:59 | 000,596,480 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Ali & Serkan\Desktop\OTL 2.exe

PRC - [2012.06.05 22:48:59 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Downloads\Программы\OTL 2.exe

PRC - [2012.05.24 12:20:10 | 000,738,168 | ---- | M] (BitTorrent, Inc.) -- E:\Program Files\uTorrent\uTorrent.exe

PRC - [2012.05.22 18:56:51 | 001,240,088 | ---- | M] (Google Inc.) -- E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

PRC - [2012.05.16 15:45:15 | 003,906,944 | ---- | M] (SUPERAntiSpyware.com) -- E:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

PRC - [2012.05.11 16:49:08 | 004,188,224 | ---- | M] (WestByte) -- E:\Program Files\Download Master\dmaster.exe

PRC - [2012.04.09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) -- E:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe

PRC - [2012.04.04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- E:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- E:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- E:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2011.08.11 16:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- E:\Program Files\SUPERAntiSpyware\SASCore.exe

PRC - [2011.01.25 05:24:44 | 001,116,080 | ---- | M] (iMesh, Inc) -- E:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe

PRC - [2011.01.20 02:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- E:\Program Files\DAEMON Tools Lite\DTLite.exe

PRC - [2008.04.14 04:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\explorer.exe

PRC - [2006.04.27 11:47:13 | 000,102,448 | ---- | M] () -- E:\Program Files\Alwil Software\Avast4\ashDisp.exe

PRC - [2006.04.27 11:47:10 | 000,102,448 | ---- | M] () -- E:\Program Files\Alwil Software\Avast4\ashServ.exe

PRC - [2006.04.27 11:46:54 | 000,245,808 | ---- | M] (ALWIL Software) -- E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

PRC - [2006.04.27 11:46:48 | 000,364,592 | ---- | M] (ALWIL Software) -- E:\Program Files\Alwil Software\Avast4\ashWebSv.exe

PRC - [2006.04.27 11:38:54 | 000,053,248 | ---- | M] () -- E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2012.06.05 22:43:57 | 000,052,736 | ---- | M] () -- E:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll

MOD - [2012.06.05 22:43:56 | 000,065,024 | ---- | M] () -- E:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll

MOD - [2012.06.05 17:01:22 | 000,117,760 | ---- | M] () -- E:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

MOD - [2012.06.05 17:01:22 | 000,052,224 | ---- | M] () -- E:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll

MOD - [2012.05.22 18:56:50 | 000,441,880 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\ppgooglenaclpluginchrome.dll

MOD - [2012.05.22 18:56:49 | 003,922,456 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\pdf.dll

MOD - [2012.05.22 18:55:24 | 000,134,696 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\avutil-51.dll

MOD - [2012.05.22 18:55:23 | 000,250,408 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\avformat-54.dll

MOD - [2012.05.22 18:55:21 | 002,375,720 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll

MOD - [2012.05.22 18:06:23 | 008,743,584 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\gcswf32.dll

MOD - [2012.05.13 21:13:21 | 000,100,864 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.0.2\libEGL.dll

MOD - [2012.05.13 21:13:20 | 004,050,944 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.0.2\libGLESv2.dll

MOD - [2012.01.09 20:44:20 | 000,166,912 | ---- | M] () -- E:\Program Files\WinRAR\RarExt.dll

MOD - [2011.11.03 08:28:36 | 001,292,288 | ---- | M] () -- E:\WINDOWS\system32\quartz.dll

MOD - [2009.08.06 00:39:02 | 000,473,632 | ---- | M] () -- E:\Program Files\NVIDIA Corporation\nView\nvShell.dll

MOD - [2008.06.15 18:40:48 | 000,080,384 | ---- | M] () -- E:\Program Files\Download Master\unrar.dll

MOD - [2008.04.14 04:00:00 | 000,059,904 | ---- | M] () -- E:\WINDOWS\system32\devenum.dll

MOD - [2008.04.14 04:00:00 | 000,014,336 | ---- | M] () -- E:\WINDOWS\system32\msdmo.dll

MOD - [2006.04.27 11:47:13 | 000,102,448 | ---- | M] () -- E:\Program Files\Alwil Software\Avast4\ashDisp.exe

MOD - [2006.04.27 11:47:10 | 000,102,448 | ---- | M] () -- E:\Program Files\Alwil Software\Avast4\ashServ.exe

MOD - [2006.04.27 11:45:06 | 000,032,768 | ---- | M] () -- e:\Program Files\Alwil Software\Avast4\AhRuiJs.dll

MOD - [2006.04.27 11:38:54 | 000,053,248 | ---- | M] () -- E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

MOD - [2005.07.01 07:29:48 | 000,075,776 | ---- | M] () -- E:\Program Files\Alwil Software\Avast4\unacev2.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)

SRV - [2012.04.09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- E:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)

SRV - [2012.04.04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- E:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- E:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- E:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2011.08.11 16:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- E:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)

SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- e:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)

SRV - [2008.04.14 04:00:00 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- E:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)

SRV - [2008.04.14 04:00:00 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- E:\WINDOWS\system32\netdde.exe -- (NetDDE)

SRV - [2008.04.14 04:00:00 | 000,080,896 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- E:\WINDOWS\system32\wscsvc.dll -- (wscsvc)

SRV - [2008.04.14 04:00:00 | 000,073,216 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- E:\WINDOWS\system32 lntsvr.exe -- (TlntSvr)

SRV - [2008.04.14 04:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- E:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry)

SRV - [2008.04.14 04:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- E:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)

SRV - [2008.04.14 04:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- E:\WINDOWS\system32\msgsvc.dll -- (Messenger)

SRV - [2008.04.14 04:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- E:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)

SRV - [2008.04.14 04:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- E:\WINDOWS\system32\alrsvc.dll -- (Alerter)

SRV - [2007.02.05 10:11:18 | 000,075,320 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- E:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)

SRV - [2007.02.05 10:11:16 | 000,112,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- E:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe -- (SonicStage Back-End Service)

SRV - [2006.12.14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- E:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)

SRV - [2006.12.14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- E:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)

SRV - [2006.12.14 01:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- E:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)

SRV - [2006.04.27 11:47:10 | 000,102,448 | ---- | M] () [Auto | Running] -- E:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)

SRV - [2006.04.27 11:46:54 | 000,245,808 | ---- | M] (ALWIL Software) [On_Demand | Running] -- E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)

SRV - [2006.04.27 11:46:48 | 000,364,592 | ---- | M] (ALWIL Software) [On_Demand | Running] -- E:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)

SRV - [2006.04.27 11:38:54 | 000,053,248 | ---- | M] () [Auto | Running] -- E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - File not found [Kernel | On_Demand | Unknown] -- -- (av6ldlv3)

DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a8gl8n9r)

DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- E:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2011.07.22 09:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- E:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)

DRV - [2011.07.12 14:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- E:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2011.06.17 09:58:10 | 000,010,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\Program Files\SoftnyxGame\WolfTeamTS\apf001.sys -- (apf001)

DRV - [2011.01.31 16:43:44 | 000,431,672 | ---- | M] () [Kernel | Boot | Running] -- E:\WINDOWS\system32\drivers\sptd.sys -- (sptd)

DRV - [2010.04.28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- E:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)

DRV - [2009.08.11 15:19:20 | 000,056,992 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)

DRV - [2009.05.08 11:22:28 | 001,358,720 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)

DRV - [2008.10.16 08:14:00 | 000,030,720 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\l251x86.sys -- (AtcL002)

DRV - [2008.04.14 04:00:00 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- E:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)

DRV - [2008.04.14 04:00:00 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- E:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)

DRV - [2008.04.14 04:00:00 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- E:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)

DRV - [2008.04.14 04:00:00 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- E:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)

DRV - [2008.04.14 04:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- E:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)

DRV - [2008.04.14 04:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- E:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL)

DRV - [2008.04.14 04:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- E:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)

DRV - [2008.02.14 14:12:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)

DRV - [2007.06.29 15:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)

DRV - [2006.04.27 20:44:00 | 000,087,424 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- E:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2006.04.27 11:44:58 | 000,016,352 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- E:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2006.04.27 11:44:40 | 000,036,176 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- E:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2006.04.27 11:43:33 | 000,024,304 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- E:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2005.11.03 07:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- E:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)

DRV - [2005.08.10 05:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- E:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)

DRV - [2005.05.16 06:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- E:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)

 

 

========== Standard Registry (All) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = E:\WINDOWS\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.toggle.com/en/index.php?rvs=google

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.kralyeri.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms}

IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh.com/web?src=ieb&systemid=1&q={searchTerms}

IE - HKLM\..\SearchScopes\{B97F452B-91F5-43A4-B1FA-FF9C0636B31B}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = E:\WINDOWS\system32\blank.htm

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.toggle.com/en/index.php?rvs=google

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?AF=100888&babsrc=HP_ss&mntrId=90518dd8000000000000002511cbbe60

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = bg

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 07 86 0B D2 B7 CC 01 [binary data]

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://google.bg/

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - E:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=100888&babsrc=SP_ss&mntrId=90518dd8000000000000002511cbbe60

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{12995981-2FD6-4BEE-9FB0-B1674E8E5E7E}: "URL" = http://websearch.4shared.com/results?q={searchTerms}

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=PTV2&o=15851&src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=H3&apn_dtid=YYYYYYYYBG&apn_uid=D9186080-44B8-447C-B2BF-16EF45C046EB&apn_sauid=8A439500-0BB6-4BC6-AABD-AC6ED0FDC3B7

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=90518dd8000000000000002511cbbe60&tlver=1.4.19.19&affID=17161

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.yahoo.com/search?fr=chr-panda&q={searchTerms}&ei=UTF-8&type=PCAFSI1190

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}: "URL" = http://search.alot.com/web?q={searchTerms}

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{5F970FDE-702B-4ef9-920C-5F2848A5AF26}: "URL" = http://www.astroburn-search.com/search/web?q={searchTerms}

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={CAD969FE-23FB-46A9-842A-D739EA0B9DFE}&mid=c8709a06714b47d183a5d16c572f5793-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=en&ds=tt014&pr=sa&d=2012-01-14 21:20:23&v=8.0.0.34&sap=dsp&q={searchTerms}

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms}

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh.com/web?src=ieb&systemid=1&q={searchTerms}

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{9D557097-8D4B-20F7-EB58-340F7AE21494}: "URL" = http://bksly.startya.com/s/?q={searchTerms}&iesrc=IE-SearchBox&site=Yahoo&cfg=2-564-0-0

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = http://www.daemon-search.com/search?q={searchTerms}

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://yandex.ru/yandsearch?clid=165534&text={searchTerms}

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{B97F452B-91F5-43A4-B1FA-FF9C0636B31B}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7RNRN_bg

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\Moikrug: "URL" = http://moikrug.ru/persons/?clid=165534&charset=utf-8&keywords={searchTerms}&submitted=1

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\Yandex: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1060933

IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"

FF - prefs.js..browser.search.defaultthis.engineName: "Freecorder Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"

FF - prefs.js..browser.search.selectedEngine: "Freecorder Customized Web Search"

FF - prefs.js..browser.startup.homepage: "http://search.imesh.com/"

FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.4.0024

FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2

FF - prefs.js..extensions.enabledItems: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}:2.0

FF - prefs.js..extensions.enabledItems: widgetruntime@surfsecret.com:1.0

FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2

FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.2.5.2

FF - prefs.js..extensions.enabledItems: {038cb5c7-48ea-4af9-94e0-a1646542e62b}:3.2.5.2

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13

FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=2&q="

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: E:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@inhatch.com,version=0.7.5: File not found

FF - HKLM\Software\MozillaPlugins\@inhatch.com,version=0.7.61: E:\Program Files\InhatchTeam\Inhatch\npinhatch.dll (Inhatch)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: E:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: E:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: e:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: E:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: e:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: E:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011.02.05 00:20:02 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\widgetruntime@surfsecret.com: E:\Program Files\Panda Security\Panda ID Protect\Firefox

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: E:\Program Files\Mozilla Firefox\components [2011.10.15 20:59:34 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: E:\Documents and Settings\Ali & Serkan\Application Data\IDM\idmmzcc5

 

[2011.01.28 14:25:36 | 000,000,000 | ---D | M] (No name found) -- E:\Documents and Settings\Ali & Serkan\Application Data\Mozilla\Extensions

[2011.01.28 14:25:36 | 000,000,000 | ---D | M] (No name found) -- E:\Documents and Settings\Ali & Serkan\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2012.05.26 08:41:09 | 000,000,000 | ---D | M] (No name found) -- E:\Documents and Settings\Ali & Serkan\Application Data\Mozilla\Firefox\Profiles\cibf59it.default\extensions

[2012.05.26 08:40:59 | 000,000,000 | ---D | M] (ToggleEN Community Toolbar) -- E:\Documents and Settings\Ali & Serkan\Application Data\Mozilla\Firefox\Profiles\cibf59it.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}

[2012.05.26 08:41:04 | 000,000,000 | ---D | M] (Freecorder Community Toolbar) -- E:\Documents and Settings\Ali & Serkan\Application Data\Mozilla\Firefox\Profiles\cibf59it.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}

[2012.01.08 11:40:51 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- E:\Documents and Settings\Ali & Serkan\Application Data\Mozilla\Firefox\Profiles\cibf59it.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}

[2011.02.04 19:20:15 | 000,000,000 | ---D | M] (Panda Security Toolbar) -- E:\Documents and Settings\Ali & Serkan\Application Data\Mozilla\Firefox\Profiles\cibf59it.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}

[2012.05.26 08:41:09 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- E:\Documents and Settings\Ali & Serkan\Application Data\Mozilla\Firefox\Profiles\cibf59it.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

[2011.12.24 16:00:18 | 000,000,000 | ---D | M] (Browser Companion Helper) -- E:\Documents and Settings\Ali & Serkan\Application Data\Mozilla\Firefox\Profiles\cibf59it.default\extensions\bbrs_002@blabbers.com

[2011.10.22 22:47:13 | 000,000,000 | ---D | M] (Microsoft Choice Guard) -- E:\Documents and Settings\Ali & Serkan\Application Data\Mozilla\Firefox\Profiles\cibf59it.default\extensions\ChoiceGuard@Microsoft

[2012.01.22 10:53:34 | 000,000,000 | ---D | M] (Download Master Toolbar) -- E:\Documents and Settings\Ali & Serkan\Application Data\Mozilla\Firefox\Profiles\cibf59it.default\extensions\dmbarff@westbyte.com

[2012.01.22 10:53:32 | 000,000,000 | ---D | M] (Download Master Plugin) -- E:\Documents and Settings\Ali & Serkan\Application Data\Mozilla\Firefox\Profiles\cibf59it.default\extensions\dmpluginff@westbyte.com

[2012.01.22 10:53:34 | 000,000,000 | ---D | M] (Download Master Remote Download) -- E:\Documents and Settings\Ali & Serkan\Application Data\Mozilla\Firefox\Profiles\cibf59it.default\extensions\dmremote@westbyte.com

[2011.12.24 16:00:22 | 000,000,000 | ---D | M] (Babylon) -- E:\Documents and Settings\Ali & Serkan\Application Data\Mozilla\Firefox\Profiles\cibf59it.default\extensions\ffxtlbr@babylon.com

[2012.04.20 15:30:35 | 000,000,000 | ---D | M] (Bflix extension) -- E:\Documents and Settings\Ali & Serkan\Application Data\Mozilla\Firefox\Profiles\cibf59it.default\extensions\info@thebflix.com

[2012.05.26 08:40:54 | 000,000,000 | ---D | M] (Яндекс.Бар) -- E:\Documents and Settings\Ali & Serkan\Application Data\Mozilla\Firefox\Profiles\cibf59it.default\extensions\yasearch@yandex.ru

[2011.02.04 23:46:53 | 000,002,071 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Application Data\Mozilla\Firefox\Profiles\cibf59it.default\searchplugins\absearch-search.xml

[2011.12.18 11:29:38 | 000,000,923 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Application Data\Mozilla\Firefox\Profiles\cibf59it.default\searchplugins\conduit.xml

[2012.01.08 11:40:47 | 000,002,519 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Application Data\Mozilla\Firefox\Profiles\cibf59it.default\searchplugins\Search_Results.xml

[2012.05.26 08:41:28 | 000,002,167 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Application Data\Mozilla\Firefox\Profiles\cibf59it.default\searchplugins\ybqs-yandex.xml

[2011.12.11 00:01:04 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files\Mozilla Firefox\extensions

[2012.05.25 19:25:43 | 000,000,000 | ---D | M] (Skype Click to Call) -- E:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2011.10.15 20:59:34 | 000,000,000 | ---D | M] (Default) -- E:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2011.12.24 16:09:33 | 000,061,854 | ---- | M] () (No name found) -- E:\DOCUMENTS AND SETTINGS\ALI & SERKAN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\CIBF59IT.DEFAULT\EXTENSIONS\YTVDW@PGPORT.COM.XPI

[2011.09.29 00:06:01 | 000,134,104 | ---- | M] (Mozilla Foundation) -- E:\Program Files\mozilla firefox\components\browsercomps.dll

[2007.04.10 17:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- E:\Program Files\mozilla firefox\plugins\np-mswmp.dll

[2011.09.28 18:10:32 | 000,001,083 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\911bg.xml

[2011.09.28 17:48:01 | 000,001,394 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml

[2012.03.20 09:24:01 | 000,003,768 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml

[2012.01.22 00:40:45 | 000,002,310 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\babylon.xml

[2011.09.28 18:10:32 | 000,002,442 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\diribg.xml

[2011.09.28 17:48:01 | 000,002,364 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\google.xml

[2011.09.28 18:10:32 | 000,001,515 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\pe-bg.xml

[2011.09.28 18:10:32 | 000,001,857 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\portalbgdict.xml

[2012.01.08 11:40:47 | 000,002,519 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\Search_Results.xml

[2011.09.28 18:10:32 | 000,001,220 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\wikipedia-bg.xml

 

========== Chrome ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = E:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: Download Master integration plugin (Enabled) = E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ehfanjejklfmnldbbclpocdbceaeemkn\1.2_0\npDownloadMasterPlugin.dll

CHR - plugin: Skype Toolbars (Enabled) = E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll

CHR - plugin: Download Master click monitoring plug-in (Enabled) = E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\Application\plugins\npdm.dll

CHR - plugin: Adobe Acrobat (Disabled) = E:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = E:\Program Files\Windows Media Player\npdrmv2.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = E:\Program Files\Windows Media Player\npwmsdrm.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = E:\Program Files\Windows Media Player\npdsplay.dll

CHR - plugin: Google Update (Enabled) = E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Google Earth Plugin (Enabled) = E:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: VLC Web Plugin (Enabled) = E:\Program Files\VideoLAN\VLC\npvlc.dll

CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = E:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Silverlight Plug-In (Enabled) = e:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = e:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - Extension: YouTube = E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Google \u0422\u044A\u0440\u0441\u0435\u043D\u0435 = E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Download Master = E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ehfanjejklfmnldbbclpocdbceaeemkn\1.2_0\

CHR - Extension: Apps-O-Rama = E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\klchkbnfbdenjlpfaobajgmibkdiaejo\2.3.4.2_0\

CHR - Extension: Skype Click to Call = E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\

CHR - Extension: Gmail = E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

 

O1 HOSTS File: ([2011.08.25 10:20:49 | 000,202,984 | -H-- | M]) - E:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 facebook.com

O1 - Hosts: 127.0.0.1 www.facebook.com

O1 - Hosts: 127.0.0.1 af-za.facebook.com

O1 - Hosts: 127.0.0.1 az-az.facebook.com

O1 - Hosts: 127.0.0.1 id-id.facebook.com

O1 - Hosts: 127.0.0.1 ms-my.facebook.com

O1 - Hosts: 127.0.0.1 bs-ba.facebook.com

O1 - Hosts: 127.0.0.1 ca-es.facebook.com

O1 - Hosts: 127.0.0.1 cs-cz.facebook.com

O1 - Hosts: 127.0.0.1 cy-gb.facebook.com

O1 - Hosts: 127.0.0.1 da-dk.facebook.com

O1 - Hosts: 127.0.0.1 de-de.facebook.com

O1 - Hosts: 127.0.0.1 et-ee.facebook.com

O1 - Hosts: 127.0.0.1 en-gb.facebook.com

O1 - Hosts: 127.0.0.1 es-la.facebook.com

O1 - Hosts: 127.0.0.1 eo-eo.facebook.com

O1 - Hosts: 127.0.0.1 eu-es.facebook.com

O1 - Hosts: 127.0.0.1 tl-ph.facebook.com

O1 - Hosts: 127.0.0.1 fo-fo.facebook.com

O1 - Hosts: 127.0.0.1 fr-fr.facebook.com

O1 - Hosts: 127.0.0.1 fy-nl.facebook.com

O1 - Hosts: 127.0.0.1 ga-ie.facebook.com

O1 - Hosts: 127.0.0.1 gl-es.facebook.com

O1 - Hosts: 127.0.0.1 ko-kr.facebook.com

O1 - Hosts: 50053 more lines...

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - E:\Program Files\iMesh Applications\MediaBar\ToolBar\imeshdtxmltbpi.dll ()

O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files\ConduitEngine\ConduitEngin0.dll File not found

O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - E:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - e:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - E:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()

O2 - BHO: (IE 4.x-6.x BHO for Download Master) - {9961627E-4059-41B4-8E0E-A7D6B3854ADF} - E:\Program Files\Download Master\dmiehlp.dll (WestByte)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - E:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)

O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - E:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (DM Bar) - {0E1230F8-EA50-42A9-983C-D22ABC2EED3C} - E:\Program Files\Download Master\dmbar.dll (WestByte Software)

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - E:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - E:\Program Files\iMesh Applications\MediaBar\ToolBar\imeshdtxmltbpi.dll ()

O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files\ConduitEngine\ConduitEngin0.dll File not found

O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - E:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()

O3 - HKLM\..\Toolbar: (no name) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - No CLSID value found.

O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - E:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - E:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - E:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files\ConduitEngine\ConduitEngin0.dll File not found

O3 - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - E:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)

O4 - HKLM..\Run: [Adobe ARM] E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [amd_dc_opt] E:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)

O4 - HKLM..\Run: [avast!] E:\Program Files\Alwil Software\Avast4\ashDisp.exe ()

O4 - HKLM..\Run: [DATAMNGR] E:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (iMesh, Inc)

O4 - HKLM..\Run: [HDAudDeck] E:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe (VIA Technologies, Inc.)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] E:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [NvCplDaemon] E:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] E:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] E:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()

O4 - HKLM..\Run: [ROC_roc_dec12] "E:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found

O4 - HKLM..\Run: [sunJavaUpdateSched] E:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003..\Run: [DAEMON Tools Lite] E:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003..\Run: [Download Master] E:\Program Files\Download Master\dmaster.exe (WestByte)

O4 - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003..\Run: [Google Update] E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)

O4 - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003..\Run: [msnmsgr] E:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003..\Run: [skype] E:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)

O4 - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003..\Run: [sUPERAntiSpyware] E:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)

O4 - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003..\Run: [swg] E:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003..\Run: [uTorrent] E:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)

O4 - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003..\Run: [WMPNSCFG] E:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)

O4 - Startup: E:\Documents and Settings\Ali & Serkan\Start Menu\Programs\Startup\Ubisoft register.lnk = E:\Program Files\Ubisoft\Register\schedule.exe (Ubisoft)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0

O8 - Extra context menu item: E&xport to Microsoft Excel - E:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: Закачать ВСЕ при помощи Download Master - E:\Program Files\Download Master\dmieall.htm ()

O8 - Extra context menu item: Закачать при помощи Download Master - E:\Program Files\Download Master\dmie.htm ()

O8 - Extra context menu item: Передать на удаленную закачку DM - E:\Program Files\Download Master\remdown.htm ()

O9 - Extra Button: Публикуване на това в блог - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Публикуване на това в блог в Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Download Master - {8DAE90AD-4583-4977-9DD4-4360F7A45C74} - E:\Program Files\Download Master\dmaster.exe (WestByte)

O9 - Extra 'Tools' menuitem : &Download Master - {8DAE90AD-4583-4977-9DD4-4360F7A45C74} - E:\Program Files\Download Master\dmaster.exe (WestByte)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe File not found

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe File not found

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - E:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - E:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - E:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 84.54.128.6 84.54.128.8

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{25B8363C-FDC5-4AD4-8741-DA7068A8DA66}: DhcpNameServer = 84.54.128.6 84.54.128.8

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - E:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - E:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - E:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - E:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - E:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - E:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - E:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - E:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - E:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - E:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - E:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - E:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - E:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - E:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - E:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - E:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - E:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - E:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - E:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Handler v {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - E:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - E:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - E:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - E:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - E:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - E:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - E:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - E:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - E:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter ext/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - E:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O18 - Protocol\Filter ext/xml {807553E5-5146-11D5-A672-00B0D022E945} - E:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (E:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - E:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngr.dll (iMesh, Inc)

O20 - AppInit_DLLs: (E:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - E:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (e:\windows\system32\userinit.exe) - E:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UIHost - (logonui.exe) - E:\WINDOWS\System32\logonui.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - E:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - E:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)

O20 - Winlogon\Notify\!SASWinLogon: DllName - (E:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - E:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)

O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - E:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - E:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - E:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)

O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - E:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - E:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - E:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - E:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - E:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify ermsrv: DllName - (wlnotify.dll) - E:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - E:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)

O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - E:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - E:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - E:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - E:\WINDOWS\system32\stobject.dll (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - E:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - E:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - E:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O24 - Desktop Components:0 (Моята текуща начална страница) - About:Home

O24 - Desktop WallPaper: E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - E:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O29 - HKLM SecurityProviders - (msapsspc.dll) - E:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (schannel.dll) - E:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (digest.dll) - E:\WINDOWS\System32\digest.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msnsspc.dll) - E:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) - E:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) - E:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) - E:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) - E:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) - E:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011.01.08 23:26:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\G\Shell - "" = AutoRun

O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup.exe /autorun

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

NetSvcs: 6to4 - File not found

NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

 

 

SafeBootMin: !SASCORE - E:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

SafeBootNet: !SASCORE - E:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vga.sys - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

========== Files/Folders - Created Within 90 Days ==========

 

[2012.06.05 22:49:25 | 000,596,480 | ---- | C] (OldTimer Tools) -- E:\Documents and Settings\Ali & Serkan\Desktop\OTL 2.exe

[2012.06.05 17:01:10 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\Application Data\SUPERAntiSpyware.com

[2012.06.05 17:00:56 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware

[2012.06.05 17:00:53 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

[2012.06.05 17:00:53 | 000,000,000 | ---D | C] -- E:\Program Files\SUPERAntiSpyware

[2012.06.04 22:14:08 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.06.04 22:14:07 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbam.sys

[2012.06.04 22:14:07 | 000,000,000 | ---D | C] -- E:\Program Files\Malwarebytes' Anti-Malware

[2012.06.04 21:49:31 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\Desktop\Kaspersky 2011 skins

[2012.06.04 21:49:19 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\Desktop\Kaspersky activation

[2012.06.04 21:49:18 | 000,000,000 | ---D | C] -- E:\Program Files\Kaspersky Lab

[2012.05.31 18:16:09 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\Desktop\dokumenti

[2012.05.30 22:21:15 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\Desktop\Неизползвани клавишни комбинации на работния плот

[2012.05.30 14:40:34 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\Desktop\bal snimka

[2012.05.30 13:28:49 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\Desktop\snimki

[2012.05.27 11:22:22 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Start Menu\Programs\Farming Simulator 2011

[2012.05.27 11:20:43 | 000,000,000 | ---D | C] -- E:\Program Files\Farming Simulator 2011

[2012.05.27 11:15:09 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Start Menu\Programs\Farming-Simulator 2009

[2012.05.27 11:14:41 | 000,000,000 | ---D | C] -- E:\Program Files\Farming-Simulator 2009

[2012.05.26 21:40:25 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\My Documents\my games

[2012.05.26 21:22:34 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\My Documents\TowerSim

[2012.05.26 12:08:46 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Start Menu\Programs\nGlide

[2012.05.25 09:02:34 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\Desktop\Нова папка

[2012.05.24 16:29:59 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\Start Menu\Programs\GameSpy Arcade

[2012.05.23 18:25:05 | 000,000,000 | ---D | C] -- E:\1a321a97e172fc7b29dd2e

[2012.05.22 10:35:22 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\Start Menu\Programs\Counter-Strike 1.6

[2012.05.22 10:32:41 | 000,000,000 | ---D | C] -- E:\Program Files\Counter-Strike 1.6

[2012.05.21 19:46:10 | 000,000,000 | ---D | C] -- E:\WINDOWS\Sun

[2012.05.21 12:31:48 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\My Documents\Need for Speed World

[2012.05.20 21:41:53 | 000,000,000 | ---D | C] -- E:\Program Files\InhatchTeam

[2012.05.20 21:25:32 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Start Menu\Programs\Download Master

[2012.05.20 18:44:46 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Sun

[2012.05.20 18:30:30 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\Application Data\uTorrent

[2012.05.20 12:22:19 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Application Data\Sun

[2012.05.20 12:22:18 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\Java

[2012.05.20 12:21:34 | 000,000,000 | ---D | C] -- E:\Program Files\Oracle

[2012.05.20 12:21:26 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\Application Data\Oracle

[2012.05.20 12:21:21 | 000,772,504 | ---- | C] (Oracle Corporation) -- E:\WINDOWS\System32\npDeployJava1.dll

[2012.05.20 12:21:21 | 000,687,504 | ---- | C] (Oracle Corporation) -- E:\WINDOWS\System32\deployJava1.dll

[2012.05.20 12:21:21 | 000,227,720 | ---- | C] (Oracle Corporation) -- E:\WINDOWS\System32\javaws.exe

[2012.05.20 12:21:21 | 000,143,872 | ---- | C] (Oracle Corporation) -- E:\WINDOWS\System32\javacpl.cpl

[2012.05.20 12:21:02 | 000,174,024 | ---- | C] (Oracle Corporation) -- E:\WINDOWS\System32\javaw.exe

[2012.05.20 12:21:02 | 000,174,024 | ---- | C] (Oracle Corporation) -- E:\WINDOWS\System32\java.exe

[2012.05.20 12:20:49 | 000,000,000 | ---D | C] -- E:\Program Files\Java

[2012.05.20 12:20:03 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\Application Data\Sun

[2012.05.19 19:52:40 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\Application Data\Need for Speed World

[2012.05.19 19:26:04 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Electronic_Arts_Inc

[2012.05.16 18:33:15 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\Skype

[2012.05.07 10:20:23 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\My Documents\Sports Interactive

[2012.04.09 23:12:39 | 000,000,000 | -HSD | C] -- E:\Documents and Settings\All Users\Application Data\SecuROM

[2012.04.09 23:12:26 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\Rockstar Games

[2012.04.09 23:07:46 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Start Menu\Programs\Black_Box

[2012.04.08 16:35:56 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Start Menu\Programs\AIMP3

[2012.03.25 15:20:52 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\Desktop eleviziya

[2012.03.19 02:21:38 | 000,000,000 | -HSD | C] -- E:\Config.Msi

[2012.03.19 02:21:32 | 000,000,000 | ---D | C] -- E:\c450f9abec7eb1b4a1a245faae

[2012.03.18 21:06:15 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Ali & Serkan\Application Data\vlc

[2012.03.18 21:05:54 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN

[2 E:\WINDOWS\*.tmp files -> E:\WINDOWS\*.tmp -> ]

[13 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ]

[1 E:\Documents and Settings\Ali & Serkan\*.tmp files -> E:\Documents and Settings\Ali & Serkan\*.tmp -> ]

 

========== Files - Modified Within 90 Days ==========

 

[2012.06.05 22:56:01 | 000,000,998 | ---- | M] () -- E:\WINDOWS asks\GoogleUpdateTaskMachineUA.job

[2012.06.05 22:56:00 | 000,000,994 | ---- | M] () -- E:\WINDOWS asks\GoogleUpdateTaskMachineCore.job

[2012.06.05 22:48:59 | 000,596,480 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Ali & Serkan\Desktop\OTL 2.exe

[2012.06.05 22:43:11 | 000,248,739 | ---- | M] () -- E:\WINDOWS\System32\NvApps.xml

[2012.06.05 22:42:08 | 000,002,206 | ---- | M] () -- E:\WINDOWS\System32\wpa.dbl

[2012.06.05 22:41:54 | 000,000,324 | ---- | M] () -- E:\WINDOWS asks\Xjblth.job

[2012.06.05 22:41:52 | 000,002,048 | --S- | M] () -- E:\WINDOWS\bootstat.dat

[2012.06.05 22:18:49 | 000,000,784 | ---- | M] () -- E:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2012.06.05 22:09:00 | 000,001,106 | ---- | M] () -- E:\WINDOWS asks\GoogleUpdateTaskUserS-1-5-21-1078081533-1960408961-1417001333-1003UA.job

[2012.06.05 22:09:00 | 000,001,054 | ---- | M] () -- E:\WINDOWS asks\GoogleUpdateTaskUserS-1-5-21-1078081533-1960408961-1417001333-1003Core.job

[2012.06.05 17:25:02 | 000,001,110 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Start Menu\Programs\Startup\Ubisoft register.lnk

[2012.06.05 17:01:13 | 000,000,524 | ---- | M] () -- E:\WINDOWS asks\SUPERAntiSpyware Scheduled Task bcf94961-53ca-4ab6-ab60-bdafc19d02e0.job

[2012.06.05 17:01:12 | 000,000,524 | ---- | M] () -- E:\WINDOWS asks\SUPERAntiSpyware Scheduled Task 6509104d-4e3f-403e-8362-bbb1e05f2e9e.job

[2012.06.05 17:00:57 | 000,001,678 | ---- | M] () -- E:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk

[2012.06.04 21:49:17 | 000,000,847 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Desktop\Kaspersky Internet Security 2011.lnk

[2012.06.04 21:48:53 | 000,077,824 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.06.03 09:01:09 | 000,000,664 | ---- | M] () -- E:\WINDOWS\System32\d3d9caps.dat

[2012.05.26 12:08:46 | 000,048,547 | ---- | M] () -- E:\WINDOWS\System32\nglide_uninst.exe

[2012.05.25 14:13:23 | 000,002,337 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Desktop\Google Chrome.lnk

[2012.05.25 14:13:23 | 000,002,315 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2012.05.24 16:30:00 | 000,000,701 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk

[2012.05.24 12:20:10 | 000,000,648 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk

[2012.05.24 12:20:10 | 000,000,630 | ---- | M] () -- E:\Documents and Settings\All Users\Desktop\µTorrent.lnk

[2012.05.22 12:55:37 | 000,001,753 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Desktop\WolfTeam Turkiye.lnk

[2012.05.22 10:35:22 | 000,001,646 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Desktop\Counter-Strike 1.6.lnk

[2012.05.20 12:20:52 | 000,174,024 | ---- | M] (Oracle Corporation) -- E:\WINDOWS\System32\javaw.exe

[2012.05.20 12:20:52 | 000,174,024 | ---- | M] (Oracle Corporation) -- E:\WINDOWS\System32\java.exe

[2012.05.20 07:00:05 | 000,966,554 | ---- | M] () -- E:\WINDOWS\System32\perfh009.dat

[2012.05.20 07:00:05 | 000,329,554 | ---- | M] () -- E:\WINDOWS\System32\perfc009.dat

[2012.05.19 19:25:50 | 000,001,876 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Application Data\Microsoft\Internet Explorer\Quick Launch\Need For Speed World.lnk

[2012.05.19 19:25:50 | 000,001,858 | ---- | M] () -- E:\Documents and Settings\All Users\Desktop\Need For Speed World.lnk

[2012.05.16 18:30:33 | 000,118,152 | ---- | M] () -- E:\WINDOWS\System32\FNTCACHE.DAT

[2012.05.16 18:15:35 | 000,001,374 | ---- | M] () -- E:\WINDOWS\imsins.BAK

[2012.04.09 23:07:46 | 000,001,936 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Application Data\Microsoft\Internet Explorer\Quick Launch\Grand Theft Auto IV.lnk

[2012.04.09 23:07:46 | 000,001,826 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Application Data\Microsoft\Internet Explorer\Quick Launch\EFLC.lnk

[2012.04.09 12:01:07 | 000,143,360 | RHS- | M] () -- E:\WINDOWS\System32\MSCOMCTLX.dll

[2012.04.08 16:35:56 | 000,000,592 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Desktop\AIMP3.lnk

[2012.04.08 16:21:00 | 000,000,406 | RHS- | M] () -- E:\Documents and Settings\All Users\ntuser.pol

[2012.04.04 18:47:36 | 000,143,872 | ---- | M] (Oracle Corporation) -- E:\WINDOWS\System32\javacpl.cpl

[2012.04.04 18:47:24 | 000,227,720 | ---- | M] (Oracle Corporation) -- E:\WINDOWS\System32\javaws.exe

[2012.04.04 18:47:08 | 000,772,504 | ---- | M] (Oracle Corporation) -- E:\WINDOWS\System32\npDeployJava1.dll

[2012.04.04 18:47:02 | 000,687,504 | ---- | M] (Oracle Corporation) -- E:\WINDOWS\System32\deployJava1.dll

[2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbam.sys

[2012.03.18 21:05:54 | 000,000,719 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Desktop\VLC media player.lnk

[2 E:\WINDOWS\*.tmp files -> E:\WINDOWS\*.tmp -> ]

[13 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ]

[1 E:\Documents and Settings\Ali & Serkan\*.tmp files -> E:\Documents and Settings\Ali & Serkan\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2012.06.05 17:25:02 | 000,001,110 | ---- | C] () -- E:\Documents and Settings\Ali & Serkan\Start Menu\Programs\Startup\Ubisoft register.lnk

[2012.06.05 17:01:12 | 000,000,524 | ---- | C] () -- E:\WINDOWS asks\SUPERAntiSpyware Scheduled Task bcf94961-53ca-4ab6-ab60-bdafc19d02e0.job

[2012.06.05 17:01:12 | 000,000,524 | ---- | C] () -- E:\WINDOWS asks\SUPERAntiSpyware Scheduled Task 6509104d-4e3f-403e-8362-bbb1e05f2e9e.job

[2012.06.05 17:00:57 | 000,001,678 | ---- | C] () -- E:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk

[2012.06.04 22:14:08 | 000,000,784 | ---- | C] () -- E:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2012.06.04 21:49:17 | 000,000,847 | ---- | C] () -- E:\Documents and Settings\Ali & Serkan\Desktop\Kaspersky Internet Security 2011.lnk

[2012.05.26 12:08:46 | 000,048,547 | ---- | C] () -- E:\WINDOWS\System32\nglide_uninst.exe

[2012.05.24 16:30:00 | 000,000,701 | ---- | C] () -- E:\Documents and Settings\Ali & Serkan\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk

[2012.05.22 12:55:37 | 000,001,753 | ---- | C] () -- E:\Documents and Settings\Ali & Serkan\Desktop\WolfTeam Turkiye.lnk

[2012.05.22 10:35:22 | 000,001,646 | ---- | C] () -- E:\Documents and Settings\Ali & Serkan\Desktop\Counter-Strike 1.6.lnk

[2012.05.20 18:31:20 | 000,000,648 | ---- | C] () -- E:\Documents and Settings\Ali & Serkan\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk

[2012.05.20 18:31:20 | 000,000,630 | ---- | C] () -- E:\Documents and Settings\All Users\Desktop\µTorrent.lnk

[2012.05.19 19:25:50 | 000,001,876 | ---- | C] () -- E:\Documents and Settings\Ali & Serkan\Application Data\Microsoft\Internet Explorer\Quick Launch\Need For Speed World.lnk

[2012.05.19 19:25:50 | 000,001,858 | ---- | C] () -- E:\Documents and Settings\All Users\Desktop\Need For Speed World.lnk

[2012.05.08 22:10:39 | 000,000,664 | ---- | C] () -- E:\WINDOWS\System32\d3d9caps.dat

[2012.04.09 23:07:46 | 000,001,936 | ---- | C] () -- E:\Documents and Settings\Ali & Serkan\Application Data\Microsoft\Internet Explorer\Quick Launch\Grand Theft Auto IV.lnk

[2012.04.09 23:07:46 | 000,001,826 | ---- | C] () -- E:\Documents and Settings\Ali & Serkan\Application Data\Microsoft\Internet Explorer\Quick Launch\EFLC.lnk

[2012.04.09 12:01:07 | 000,143,360 | RHS- | C] () -- E:\WINDOWS\System32\MSCOMCTLX.dll

[2012.04.09 12:01:07 | 000,000,324 | ---- | C] () -- E:\WINDOWS asks\Xjblth.job

[2012.04.08 16:31:49 | 000,000,592 | ---- | C] () -- E:\Documents and Settings\Ali & Serkan\Desktop\AIMP3.lnk

[2012.04.08 07:55:59 | 000,819,200 | -HS- | C] () -- E:\WINDOWS\System32\xvidcore.dll

[2012.04.08 07:55:59 | 000,180,224 | -HS- | C] () -- E:\WINDOWS\System32\xvidvfw.dll

[2012.03.18 23:14:15 | 000,003,072 | ---- | C] () -- E:\WINDOWS\System32\iacenc.dll

[2012.03.18 23:14:15 | 000,003,072 | ---- | C] () -- E:\WINDOWS\System32\dllcache\iacenc.dll

[2012.03.18 21:05:54 | 000,000,719 | ---- | C] () -- E:\Documents and Settings\Ali & Serkan\Desktop\VLC media player.lnk

[2012.01.04 20:26:49 | 000,069,632 | R--- | C] () -- E:\WINDOWS\System32\xmltok.dll

[2012.01.04 20:26:49 | 000,036,864 | R--- | C] () -- E:\WINDOWS\System32\xmlparse.dll

[2011.12.31 17:22:57 | 000,010,240 | ---- | C] () -- E:\WINDOWS\System32\vidx16.dll

[2011.12.11 00:05:08 | 000,597,504 | ---- | C] () -- E:\WINDOWS\System32\aswBoot.exe

[2011.11.19 10:17:26 | 001,290,240 | ---- | C] () -- E:\WINDOWS\System32\glide3x.dll

[2011.11.04 10:40:28 | 000,053,248 | ---- | C] () -- E:\WINDOWS\System32\nglide_config.exe

[2011.08.31 13:00:03 | 000,054,016 | ---- | C] () -- E:\WINDOWS\System32\drivers\qntrvlti.sys

[2011.08.29 16:11:20 | 000,000,181 | ---- | C] () -- E:\WINDOWS\wininit.ini

[2011.08.27 22:16:15 | 000,012,920 | ---- | C] () -- E:\WINDOWS\System32\apl001.sys

[2011.08.27 22:16:15 | 000,010,872 | ---- | C] () -- E:\WINDOWS\System32\apf001.sys

[2011.08.22 14:40:13 | 000,246,272 | ---- | C] () -- E:\WINDOWS\unrar.exe

[2011.08.22 14:35:05 | 000,000,000 | ---- | C] () -- E:\WINDOWS\loader2.exe_ok

[2011.08.18 21:48:58 | 000,532,480 | ---- | C] () -- E:\WINDOWS\System32\CddbPlaylist2Sony.dll

[2011.04.29 19:22:41 | 000,000,572 | ---- | C] () -- E:\WINDOWS\eReg.dat

[2011.04.09 19:55:28 | 000,179,261 | ---- | C] () -- E:\WINDOWS\System32\xlive.dll.cat

[2011.02.09 17:42:11 | 000,138,056 | ---- | C] () -- E:\WINDOWS\System32\drivers\PnkBstrK.sys

[2011.02.09 17:42:10 | 000,138,056 | ---- | C] () -- E:\Documents and Settings\Ali & Serkan\Application Data\PnkBstrK.sys

[2011.02.09 17:41:53 | 000,189,248 | ---- | C] () -- E:\WINDOWS\System32\PnkBstrB.exe

[2011.02.09 17:41:52 | 000,075,064 | ---- | C] () -- E:\WINDOWS\System32\PnkBstrA.exe

[2011.02.09 17:41:51 | 002,434,856 | ---- | C] () -- E:\WINDOWS\System32\pbsvc_bc2.exe

[2011.02.02 23:00:24 | 000,307,200 | ---- | C] () -- E:\WINDOWS\System32\HCPSTool.dll

[2011.02.02 23:00:24 | 000,086,016 | ---- | C] () -- E:\WINDOWS\System32\HCPS98Tool.dll

[2011.02.01 22:54:43 | 000,000,056 | -H-- | C] () -- E:\WINDOWS\System32\ezsidmv.dat

[2011.01.31 17:33:39 | 000,354,816 | ---- | C] () -- E:\WINDOWS\System32\psisdecd.dll

[2011.01.31 17:07:15 | 000,004,096 | ---- | C] () -- E:\WINDOWS\d3dx.dat

[2011.01.28 14:25:36 | 000,000,000 | ---- | C] () -- E:\WINDOWS\nsreg.dat

[2011.01.09 00:16:18 | 000,000,376 | ---- | C] () -- E:\WINDOWS\ODBC.INI

[2011.01.09 00:04:46 | 000,077,824 | ---- | C] () -- E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011.01.08 23:50:24 | 000,000,552 | ---- | C] () -- E:\WINDOWS\System32\d3d8caps.dat

[2011.01.08 23:30:18 | 000,002,048 | --S- | C] () -- E:\WINDOWS\bootstat.dat

[2011.01.08 23:24:21 | 000,021,640 | ---- | C] () -- E:\WINDOWS\System32\emptyregdb.dat

[2011.01.08 15:16:57 | 000,004,161 | ---- | C] () -- E:\WINDOWS\ODBCINST.INI

[2011.01.08 15:15:51 | 000,118,152 | ---- | C] () -- E:\WINDOWS\System32\FNTCACHE.DAT

 

========== LOP Check ==========

 

[2012.01.16 13:57:32 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\2K Sports

[2012.06.05 20:46:01 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\AIMP3

[2011.01.26 20:39:55 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\Auslogics

[2011.12.24 16:00:14 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\Babylon

[2011.08.04 21:05:57 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\Capcom

[2011.01.31 14:21:37 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\DAEMON Tools

[2011.01.31 17:22:31 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\DAEMON Tools Lite

[2011.01.31 14:16:12 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\DAEMON Tools Pro

[2011.12.21 13:38:56 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\DMCache

[2011.12.26 01:10:01 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\Download Master

[2011.12.03 17:02:36 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\eType

[2011.01.31 18:02:36 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\FarmingSimulator2008

[2011.02.14 04:10:53 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\Fighters

[2011.01.31 12:40:28 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\GetRightToGo

[2012.01.03 12:17:54 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\go

[2011.02.18 19:45:09 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\Groove Games

[2011.12.26 00:53:25 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\IDM

[2011.02.06 05:38:35 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\imeshbandmltbpi

[2012.02.09 20:16:49 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\ImgBurn

[2011.02.21 04:21:36 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\Leadertech

[2011.02.07 14:12:11 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\mediabarim

[2011.02.06 09:55:00 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\MSNInstaller

[2012.05.19 19:52:40 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\Need for Speed World

[2011.08.20 16:15:34 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\OpenCandy

[2011.12.26 00:59:12 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\Opera

[2012.05.20 12:21:26 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\Oracle

[2011.01.09 00:23:26 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\Panda Security

[2011.02.04 19:21:38 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\pandasecuritytb

[2011.08.22 20:24:49 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\PriceGong

[2012.01.22 10:53:38 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\searchquband

[2012.02.12 13:00:34 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\searchqutoolbar

[2012.01.15 16:17:00 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\Simraceway

[2012.01.07 17:51:24 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\Sports Interactive

[2011.02.04 19:20:42 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\SurfSecret Privacy Suite

[2012.01.08 19:07:26 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\TeamViewer

[2012.01.14 22:19:58 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\TuneUp Software

[2011.01.31 13:35:27 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\Uniblue

[2012.06.05 23:03:41 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\uTorrent

[2011.01.31 17:07:15 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\Wildfire

[2012.05.25 19:25:44 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ali & Serkan\Application Data\Yandex

[2012.01.04 16:32:59 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\4Sync

[2011.02.04 23:46:54 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\Astroburn Lite

[2011.08.24 21:01:26 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\AVAST Software

[2011.12.24 16:00:14 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\Babylon

[2012.06.05 22:46:24 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\boost_interprocess

[2011.12.12 15:25:51 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\Codemasters

[2012.01.14 22:20:16 | 000,000,000 | -H-D | M] -- E:\Documents and Settings\All Users\Application Data\Common Files

[2012.05.29 10:51:40 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite

[2011.01.31 14:16:44 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro

[2011.02.05 12:11:09 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\EA Core

[2011.06.30 22:22:22 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\Easybits GO

[2012.05.19 19:25:49 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\Electronic Arts

[2011.01.11 21:13:18 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\FarmFrenzy-PizzaParty

[2011.01.11 21:10:35 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\FarmFrenzy2

[2011.02.01 17:31:07 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\FarmFrenzy3

[2011.02.14 04:11:04 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\Fighters

[2012.02.05 20:48:05 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\Graboid Inc

[2012.01.22 00:40:33 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\InstallMate

[2011.01.26 20:35:28 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\MotionDSP

[2011.08.25 11:08:32 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\Panda Security

[2011.10.09 21:33:24 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\Premium

[2011.01.26 20:35:21 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\TEMP

[2012.01.14 22:20:41 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\TuneUp Software

[2012.01.14 22:19:15 | 000,000,000 | -HSD | M] -- E:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}

[2011.02.12 20:56:11 | 000,000,000 | ---D | M] -- E:\Documents and Settings\LocalService\Application Data\Fighters

[2012.01.21 22:58:08 | 000,000,000 | ---D | M] -- E:\Documents and Settings\LocalService\Application Data\TuneUp Software

[2012.06.05 17:01:12 | 000,000,524 | ---- | M] () -- E:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 6509104d-4e3f-403e-8362-bbb1e05f2e9e.job

[2012.06.05 17:01:13 | 000,000,524 | ---- | M] () -- E:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task bcf94961-53ca-4ab6-ab60-bdafc19d02e0.job

[2012.06.05 22:41:54 | 000,000,324 | ---- | M] () -- E:\WINDOWS\Tasks\Xjblth.job

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

< "%WinDir%\$NtUninstallKB*$." /30 >

 

< C:\Program Files\Common Files\ComObjects\*.* /s >

 

< %SYSTEMDRIVE%\*.* >

[2011.12.31 17:25:51 | 000,000,003 | ---- | M] () -- E:\Bbvn.afp

[2011.12.31 17:25:51 | 000,000,003 | ---- | M] () -- E:\Btbw.afp

[2012.01.15 16:17:15 | 000,001,668 | ---- | M] () -- E:\Documents

[2011.12.31 17:25:51 | 000,000,003 | ---- | M] () -- E:\Etao.afp

[2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- E:\eula.1028.txt

[2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- E:\eula.1031.txt

[2007.11.07 09:00:40 | 000,010,134 | ---- | M] () -- E:\eula.1033.txt

[2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- E:\eula.1036.txt

[2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- E:\eula.1040.txt

[2007.11.07 09:00:40 | 000,000,118 | ---- | M] () -- E:\eula.1041.txt

[2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- E:\eula.1042.txt

[2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- E:\eula.2052.txt

[2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- E:\eula.3082.txt

[2007.11.07 09:00:40 | 000,001,110 | ---- | M] () -- E:\globdata.ini

[2007.11.07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- E:\install.exe

[2007.11.07 09:00:40 | 000,000,843 | ---- | M] () -- E:\install.ini

[2007.11.07 09:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- E:\install.res.1028.dll

[2007.11.07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- E:\install.res.1031.dll

[2007.11.07 09:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- E:\install.res.1033.dll

[2007.11.07 09:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- E:\install.res.1036.dll

[2007.11.07 09:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- E:\install.res.1040.dll

[2007.11.07 09:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- E:\install.res.1041.dll

[2007.11.07 09:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- E:\install.res.1042.dll

[2007.11.07 09:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- E:\install.res.2052.dll

[2007.11.07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- E:\install.res.3082.dll

[2012.06.05 22:41:50 | 2145,386,496 | -HS- | M] () -- E:\pagefile.sys

[2011.12.31 17:25:51 | 000,000,003 | ---- | M] () -- E:\Tbtp.afp

[2012.01.22 00:40:53 | 000,000,474 | ---- | M] () -- E:\user.js

[2007.11.07 09:00:40 | 000,005,686 | ---- | M] () -- E:\vcredist.bmp

[2007.11.07 09:09:22 | 001,442,522 | ---- | M] () -- E:\VC_RED.cab

[2007.11.07 09:12:28 | 000,232,960 | ---- | M] () -- E:\VC_RED.MSI

 

< %USERPROFILE%\*.* >

[2012.06.05 22:41:13 | 014,417,920 | -H-- | M] () -- E:\Documents and Settings\Ali & Serkan\NTUSER.DAT

[2012.06.05 23:03:59 | 000,001,024 | -H-- | M] () -- E:\Documents and Settings\Ali & Serkan\NTUSER.DAT.LOG

[2012.06.05 22:41:13 | 000,000,278 | -HS- | M] () -- E:\Documents and Settings\Ali & Serkan\ntuser.ini

[1 E:\Documents and Settings\Ali & Serkan\*.tmp files -> E:\Documents and Settings\Ali & Serkan\*.tmp -> ]

 

< %USERPROFILE%\Application Data\*.* >

[2011.01.08 15:16:25 | 000,000,062 | -HS- | M] () -- E:\Documents and Settings\Ali & Serkan\Application Data\desktop.ini

[2011.02.09 17:42:10 | 000,138,056 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Application Data\PnkBstrK.sys

 

< %USERPROFILE%\Local Settings\Application Data\*.* >

[2012.06.04 21:48:53 | 000,077,824 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011.12.12 14:26:01 | 000,018,832 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

[2012.05.29 02:05:19 | 004,241,582 | -H-- | M] () -- E:\Documents and Settings\Ali & Serkan\Local Settings\Application Data\IconCache.db

 

< %AllUsersProfile%\*.* >

[2011.10.09 17:57:38 | 000,001,024 | -H-- | M] () -- E:\Documents and Settings\All Users\NTUSER.DAT.LOG

[2012.04.08 16:21:00 | 000,000,406 | RHS- | M] () -- E:\Documents and Settings\All Users\ntuser.pol

 

< %AllUsersProfile%\Application Data\*.* >

[2011.01.08 15:16:25 | 000,000,062 | -HS- | M] () -- E:\Documents and Settings\All Users\Application Data\desktop.ini

 

< %USERPROFILE%\My Documents\*.* >

[2012.01.02 02:18:48 | 000,142,413 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\My Documents\100.JPG

[2012.01.02 02:17:45 | 000,148,549 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\My Documents\102.JPG

[2011.01.08 23:33:05 | 000,000,083 | -HS- | M] () -- E:\Documents and Settings\Ali & Serkan\My Documents\desktop.ini

[2011.01.31 16:42:35 | 011,193,664 | ---- | M] (DT Soft Ltd.) -- E:\Documents and Settings\Ali & Serkan\My Documents\DTLite4402-0131.exe

[2012.01.02 02:31:01 | 003,059,018 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\My Documents\nita 317.JPG

[2012.01.02 02:31:29 | 003,353,948 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\My Documents\nita 318.JPG

[2012.01.02 02:19:28 | 000,143,845 | ---- | M] () -- E:\Documents and Settings\Ali & Serkan\My Documents\nita 532.JPG

[2012.01.15 13:34:21 | 000,027,648 | -HS- | M] () -- E:\Documents and Settings\Ali & Serkan\My Documents\Thumbs.db

 

< %CommonProgramFiles%\*.* >

 

< %PROGRAMFILES%\*.* >

 

< %systemroot%\system32\config\systemprofile\*.* >

[2011.08.24 21:01:23 | 000,262,144 | ---- | M] () -- E:\WINDOWS\system32\config\systemprofile\NtUser.dat

[2012.01.08 19:11:25 | 000,001,024 | -H-- | M] () -- E:\WINDOWS\system32\config\systemprofile\NtUser.dat.LOG

[1 E:\WINDOWS\system32\config\systemprofile\*.tmp files -> E:\WINDOWS\system32\config\systemprofile\*.tmp -> ]

 

< %windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.* >

 

< %windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.* >

 

< %windir% emp*.* >

[2 E:\WINDOWS\*.tmp files -> E:\WINDOWS\*.tmp -> ]

 

< %windir%\system32\*. >

[2011.01.08 15:12:44 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\1025

[2011.01.08 15:12:44 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\1028

[2011.01.08 15:12:44 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\1031

[2011.01.08 15:13:12 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\1033

[2011.01.08 15:12:44 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\1037

[2011.01.08 15:12:44 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\1041

[2011.01.08 15:12:44 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\1042

[2011.01.08 15:12:44 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\1054

[2011.01.08 15:12:44 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\2052

[2011.01.08 15:12:44 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\3076

[2011.01.08 15:12:44 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\3com_dmi

[2011.02.05 12:39:13 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\appmgmt

[2011.01.08 23:28:45 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\bg-Bg

[2012.03.20 09:24:07 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\cache

[2012.02.05 20:52:54 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\CatRoot

[2012.06.05 22:44:04 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\CatRoot2

[2011.01.08 23:24:22 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\Com

[2012.01.14 22:20:39 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\config

[2011.01.08 15:12:44 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\dhcp

[2012.05.27 11:22:30 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\DirectX

[2012.05.16 18:13:05 | 000,000,000 | RHSD | M] -- E:\WINDOWS\system32\dllcache

[2012.06.05 22:41:41 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\drivers

[2011.10.22 22:45:59 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\DRVSTORE

[2011.01.08 15:14:17 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\en

[2011.02.03 15:23:28 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\en-US

[2011.01.08 15:12:44 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\export

[2011.08.01 12:13:44 | 000,000,000 | -H-D | M] -- E:\WINDOWS\system32\GroupPolicy

[2011.01.08 23:26:35 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\ias

[2011.01.08 15:13:30 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\icsxml

[2011.01.08 15:12:44 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\IME

[2011.01.08 15:12:44 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\inetsrv

[2011.02.09 17:41:45 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\LogFiles

[2011.02.05 14:07:08 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\Macromed

[2011.01.08 23:31:12 | 000,000,000 | --SD | M] -- E:\WINDOWS\system32\Microsoft

[2011.01.08 23:24:09 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\MsDtc

[2011.02.03 15:22:03 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\mui

[2011.01.08 15:14:26 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\npp

[2011.01.08 23:28:09 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\oobe

[2011.01.08 15:12:44 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\PreInstall

[2011.01.08 15:13:35 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\ras

[2011.07.04 14:00:40 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\ReinstallBackups

[2012.04.10 09:58:08 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\Restore

[2011.01.08 15:14:52 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\scripting

[2011.01.08 23:29:51 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\Setup

[2011.01.08 15:12:44 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\ShellExt

[2011.01.30 19:32:59 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\SoftwareDistribution

[2011.02.03 15:23:12 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\spool

[2011.01.08 23:54:22 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\Tools

[2011.01.08 15:15:04 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\usmt

[2011.01.11 21:37:46 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\wbem

[2011.01.08 15:12:44 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\wins

[2011.01.08 23:29:00 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\xircom

[2011.07.31 16:14:38 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\xlive

[2012.05.16 18:19:00 | 000,000,000 | ---D | M] -- E:\WINDOWS\system32\XPSViewer

 

< %Temp%\smtmp\1\*.* >

 

< %Temp%\smtmp\2\*.* >

 

< %Temp%\smtmp\3\*.* >

 

< %Temp%\smtmp\4\*.* >

 

< %systemroot%\system32\DBBK\*.* /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[2012.04.09 12:01:07 | 000,143,360 | RHS- | M] () Unable to obtain MD5 -- E:\WINDOWS\system32\MSCOMCTLX.dll

[13 E:\WINDOWS\system32\*.tmp files -> E:\WINDOWS\system32\*.tmp -> ]

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\system32\drivers\*.sys /90 >

[2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- E:\WINDOWS\system32\drivers\mbam.sys

 

< %systemroot%\system32\drivers\*.sys /lockedfiles >

[2011.01.31 16:43:44 | 000,431,672 | ---- | M] () Unable to obtain MD5 -- E:\WINDOWS\system32\drivers\sptd.sys

 

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

[2008.07.06 05:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll

 

< %systemroot%\*. /rp /s >

 

< %systemroot%\assembly mp\*.* /S /MD5 >

[2011.02.03 15:23:26 | 001,245,184 | ---- | M] () MD5=64B09796E91430982C3C2A2B17BC2FA1 -- E:\WINDOWS\assembly mp\01EFS567\WindowsBase.dll

[2011.02.03 15:23:28 | 000,094,208 | ---- | M] () MD5=E205A79EA6C06F91EA08BBE59FE83503 -- E:\WINDOWS\assembly mp\01EFS56J\WindowsFormsIntegration.dll

[2011.02.03 15:23:29 | 000,864,256 | ---- | M] () MD5=428D3714C85BACE55476C91E0D90E495 -- E:\WINDOWS\assembly mp\01ERGT67\PresentationUI.dll

[2011.02.03 15:23:29 | 000,163,840 | ---- | M] () MD5=D1E117EDDEFEB220351BE0C7B27A4646 -- E:\WINDOWS\assembly mp\0PQRGTU7\PresentationFramework.Royale.dll

[2011.02.03 15:23:28 | 000,385,024 | ---- | M] () MD5=09658EF5F16F2ABD74FE577D50C0D155 -- E:\WINDOWS\assembly mp\45IJW9AN\UIAutomationClientsideProviders.dll

[2011.02.03 15:23:30 | 000,126,976 | ---- | M] () MD5=311A345681A73C66D3EE49C5157A473B -- E:\WINDOWS\assembly mp\89MN012R\System.IdentityModel.Selectors.dll

[2011.02.03 15:23:23 | 000,131,072 | ---- | M] () MD5=80E67BFFD101CC6312B489BEE255430D -- E:\WINDOWS\assembly mp\8XYBO1ER\System.IO.Log.dll

[2011.02.03 15:23:27 | 000,540,672 | ---- | M] () MD5=6623152B2FB7DC650C6A8FE01AF71F44 -- E:\WINDOWS\assembly mp\C1EFS567\System.Workflow.Runtime.dll

[2011.02.03 15:23:28 | 000,688,128 | ---- | M] () MD5=31588B867657A7DF046AC1908550D73C -- E:\WINDOWS\assembly mp\CD2RG5I7\System.Speech.dll

[2011.02.03 15:23:29 | 000,139,264 | ---- | M] () MD5=DA8417F8973EC51F0F1859CA0B334FC5 -- E:\WINDOWS\assembly mp\CP2FS567\PresentationFramework.Classic.dll

[2011.02.03 15:23:26 | 000,368,640 | ---- | M] () MD5=34FA631FAA4B2DF8C0A92B7B5AD9D6E1 -- E:\WINDOWS\assembly mp\CP2FSHUV\System.Printing.dll

[2011.02.03 15:23:23 | 000,966,656 | ---- | M] () MD5=FEF363534B2E325A1AE11DE7B12441E3 -- E:\WINDOWS\assembly mp\GT6JW9AN\System.Runtime.Serialization.dll

[2011.02.03 15:23:28 | 000,046,104 | ---- | M] () MD5=8BA7C024070F2B7FDD98ED8A4BA41789 -- E:\WINDOWS\assembly mp\GT6JW9MZ\PresentationFontCache.exe

[2011.02.03 15:23:25 | 000,032,768 | ---- | M] () MD5=43920F2E0EF924094796AFF2CE6279AD -- E:\WINDOWS\assembly mp\GTI7WLAB\System.ServiceModel.WasHosting.dll

[2011.02.03 15:23:27 | 000,598,016 | ---- | M] () MD5=28595FA306E58AACD7DAFF001F430703 -- E:\WINDOWS\assembly mp\KLAZO12R\PresentationBuildTasks.dll

[2011.02.03 15:23:28 | 000,167,936 | ---- | M] () MD5=F303A07A6EF37B8B6DD928D97A016B75 -- E:\WINDOWS\assembly mp\KLAZOD23\UIAutomationClient.dll

[2011.02.03 15:23:29 | 005,283,840 | ---- | M] () MD5=DCC01F2F3B12AB72C5663E22140DA209 -- E:\WINDOWS\assembly mp\KLYBO1EF\PresentationFramework.dll

[2011.02.03 15:23:25 | 004,210,688 | ---- | M] () MD5=A9D42B0504EAE68C4D45692F019B543A -- E:\WINDOWS\assembly mp\KLYBO1ER\PresentationCore.dll

[2011.02.03 15:23:26 | 000,040,960 | ---- | M] () MD5=A93561FB224FA8539357C74065403630 -- E:\WINDOWS\assembly mp\KXAN0DQ3\UIAutomationProvider.dll

[2011.02.03 15:23:27 | 001,138,688 | ---- | M] () MD5=A96933F3898290AA509080A90E0C7C5F -- E:\WINDOWS\assembly mp\KXYN0PE3\System.Workflow.Activities.dll

[2011.02.03 15:23:25 | 000,032,768 | ---- | M] () MD5=93F9CC2360815D8EF955407CF92B38AA -- E:\WINDOWS\assembly mp\ODQ3GT67\PresentationCFFRasterizer.dll

[2011.02.03 15:23:24 | 005,931,008 | ---- | M] () MD5=3E284E5922C7D3D63D8B985526AE39EE -- E:\WINDOWS\assembly mp\OP2FS56J\System.ServiceModel.dll

[2011.02.03 15:23:27 | 001,630,208 | ---- | M] () MD5=C4503F6EADC2638D6898514290A7A60B -- E:\WINDOWS\assembly mp\S56VWXAN\System.Workflow.ComponentModel.dll

[2011.02.03 15:23:26 | 000,098,304 | ---- | M] () MD5=5BE33FC308914C1AE6577A908D97A4FF -- E:\WINDOWS\assembly mp\SHIVW9AB\UIAutomationTypes.dll

[2011.02.03 15:23:28 | 000,196,608 | ---- | M] () MD5=0C488A21B5A63055CB7736E3E0C75B1F -- E:\WINDOWS\assembly mp\SHU7KLYB\PresentationFramework.Aero.dll

[2011.02.03 15:23:25 | 000,528,384 | ---- | M] () MD5=A37D01E48B3908330E780466312D54A6 -- E:\WINDOWS\assembly mp\ST6J89AB\ReachFramework.dll

[2011.02.03 15:23:25 | 000,073,728 | ---- | M] () MD5=A80F41C8B2168E8B3ADD0AA4FCBDDC93 -- E:\WINDOWS\assembly mp\W9AZCP2R\System.ServiceModel.Install.dll

[2011.02.03 15:23:29 | 000,397,312 | ---- | M] () MD5=7E61032F4F2BAB036B859D3B22D26DD0 -- E:\WINDOWS\assembly mp\WLYZOD2R\PresentationFramework.Luna.dll

 

< %systemroot%\assembly emp\*.* /S /MD5 >

 

< %systemroot%\assembly\GAC_32\*.* /S /MD5 >

[2012.05.16 18:17:22 | 000,069,120 | ---- | M] () MD5=DC426A365577F27187F99EB506ECD5D1 -- E:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

[2012.05.16 18:17:30 | 000,072,192 | ---- | M] () MD5=29B35A999E341A37BE67771BE01CC275 -- E:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

[2011.02.03 15:23:22 | 000,163,840 | ---- | M] () MD5=36BDD82A92AA704034475C2DEF7FBD29 -- E:\WINDOWS\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll

[2012.05.16 18:17:37 | 000,066,728 | ---- | M] () MD5=C01B81BB10AD14DBC5C4ECD350638096 -- E:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\big5.nlp

[2012.05.16 18:17:37 | 000,082,172 | ---- | M] () MD5=EE1F60F8774D74BED8B13498F3FE737A -- E:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\bopomofo.nlp

[2012.05.16 18:17:37 | 000,116,756 | ---- | M] () MD5=F6DFDA5A31162D848634504565F6D321 -- E:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\ksc.nlp

[2012.05.16 18:17:37 | 004,550,656 | ---- | M] () MD5=3BDAE07DA44654FA393A2A2BA242EA41 -- E:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

[2012.05.16 18:17:37 | 000,059,342 | ---- | M] () MD5=DA5748A89E22A3932387E65694B25BBB -- E:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normidna.nlp

[2012.05.16 18:17:37 | 000,045,794 | ---- | M] () MD5=3831A5E217D6FA828CCE1011DA26E677 -- E:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfc.nlp

[2012.05.16 18:17:37 | 000,039,284 | ---- | M] () MD5=DBDE664E0BA4BACD0A6A04AE2232B205 -- E:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfd.nlp

[2012.05.16 18:17:37 | 000,066,384 | ---- | M] () MD5=C9B88B759FE81D59CE8EBF5A0A8EB75A -- E:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkc.nlp

[2012.05.16 18:17:37 | 000,060,294 | ---- | M] () MD5=3CAB6AB66759FCDF73B61EE262C9ACF4 -- E:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkd.nlp

[2012.05.16 18:17:37 | 000,083,748 | ---- | M] () MD5=54144F43EDF5AA8F504A30E7C1D1A7B5 -- E:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prc.nlp

[2012.05.16 18:17:37 | 000,083,748 | ---- | M] () MD5=901863C68E6523336CAC602FE9320ABC -- E:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prcp.nlp

[2012.05.16 18:17:37 | 000,262,148 | ---- | M] () MD5=FB59D247F7143C3B9683A547E808A88B -- E:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp

[2012.05.16 18:17:37 | 000,020,320 | ---- | M] () MD5=FF13BA175F0013D2311827E0D438C60B -- E:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp

[2012.05.16 18:17:37 | 000,028,288 | ---- | M] () MD5=09E420F90A329BDA68477FA4AF43CB28 -- E:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\xjis.nlp

[2012.05.16 18:14:58 | 004,214,784 | ---- | M] () MD5=E0EB0BDC866E2C0CC792B83BD2422501 -- E:\WINDOWS\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll

[2012.05.16 18:17:44 | 000,486,400 | ---- | M] () MD5=759FD3779911F89C450CCAE06B92AE3A -- E:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

[2012.05.16 18:17:45 | 002,933,248 | ---- | M] () MD5=16F96C1496CBD0965285AB19A9271D02 -- E:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

[2012.05.16 18:17:33 | 000,258,048 | ---- | M] () MD5=9631B15DB7C43C267636FF43C3075E07 -- E:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

[2012.05.16 18:17:33 | 000,113,664 | ---- | M] () MD5=E786C33D35D39C5CCB523AECC18D7BD7 -- E:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

[2012.05.16 18:14:59 | 000,368,640 | ---- | M] () MD5=E915933B0E68B61A6AC22E06BD1AD651 -- E:\WINDOWS\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll

[2012.05.16 18:17:32 | 000,261,632 | ---- | M] () MD5=F054572A92573CA32D5F3AA8C15D2BAC -- E:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

[2012.05.16 18:17:15 | 005,246,976 | ---- | M] () MD5=661268A6BEEF1C1B0D1B9137F530A9FD -- E:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

 

< %systemroot%\assembly\GAC_MSIL\*.* /S /MD5 >

[2012.05.16 18:17:26 | 000,010,752 | ---- | M] () MD5=A5A56B4957BD59D324821522FE14F751 -- E:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

[2012.05.16 18:17:16 | 000,507,904 | ---- | M] () MD5=B8FE2350B2236EE3D1CECA34E0C0FF17 -- E:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

[2012.05.16 18:17:22 | 000,013,312 | ---- | M] () MD5=107F49F1BF0FB27A6CD758EB8C4D95A0 -- E:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

[2011.02.04 19:20:59 | 000,053,248 | ---- | M] () MD5=A6D870C3E8D93E8197BE9B264E63FBB1 -- E:\WINDOWS\assembly\GAC_MSIL\diCrSysAPINet\4.2.0.37021__6ab76b58d88c4cc4\diCrSysAPINet.dll

[2011.02.04 19:20:42 | 000,200,704 | ---- | M] () MD5=76E5274C40DCC1D4DAD91B616D53579B -- E:\WINDOWS\assembly\GAC_MSIL\ICSharpCode.SharpZipLib\0.85.1.271__1b03e6acf1164f73\ICSharpCode.SharpZipLib.dll

[2012.05.16 18:17:23 | 000,008,192 | ---- | M] () MD5=6CD7461E06CB8BAEE3B16C3D7F637CD0 -- E:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

[2012.05.16 18:17:24 | 000,077,824 | ---- | M] () MD5=24F0385D06BD86A97412B8905483313E -- E:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

[2012.05.16 18:17:25 | 000,006,656 | ---- | M] () MD5=11F3AC2D47E566615819F5BF0DD18379 -- E:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

[2011.02.04 19:20:49 | 000,139,264 | ---- | M] () MD5=1DA2D67104F7889A88AF3A06E778928D -- E:\WINDOWS\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__d7e6797a04c5c135\Interop.SHDocVw.dll

[2011.02.04 19:20:46 | 000,028,672 | ---- | M] () MD5=3426FD5780DA7DE689A27BD1477DF3BE -- E:\WINDOWS\assembly\GAC_MSIL\Interop.SurfSecret_FormFiller\1.0.0.0__d7e6797a04c5c135\Interop.SurfSecret_FormFiller.dll

[2011.02.03 16:49:28 | 000,106,496 | ---- | M] () MD5=29CED3B606BA7E2B49E52931C5CB53B7 -- E:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll

[2012.05.16 18:17:34 | 000,348,160 | ---- | M] () MD5=996AAEEC01C734347DE8A72542FD1C12 -- E:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

[2011.02.03 16:49:29 | 000,733,184 | ---- | M] () MD5=31C6E94759BF4D2FBE3239FFA717967D -- E:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

[2012.05.16 18:17:35 | 000,036,864 | ---- | M] () MD5=D2A1C3150E43738BAB3D0AD9921B3E50 -- E:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

[2011.02.03 16:49:29 | 000,036,864 | ---- | M] () MD5=17C6F3F73858732DE59D6D957958E9AF -- E:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

[2011.02.03 16:49:29 | 000,802,816 | ---- | M] () MD5=37F17D4698086C90127BBD90E73D7FE2 -- E:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll

[2012.05.16 18:17:36 | 000,655,360 | ---- | M] () MD5=8A3F5B72C3F402C8D33027A4C77F55AC -- E:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

[2011.02.03 16:49:29 | 000,094,208 | ---- | M] () MD5=E32A06F647517D0DEA80F29B459E8FA2 -- E:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll

[2012.05.16 18:17:37 | 000,077,824 | ---- | M] () MD5=640BF6BB259B53BEFF59135645C63B18 -- E:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

[2012.05.16 18:17:31 | 000,749,568 | ---- | M] () MD5=EB535D00C508119EEE4042B737165A3B -- E:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

[2011.02.03 15:23:22 | 000,397,312 | ---- | M] () MD5=66F6B3248D6C39CEFA49174133A694FE -- E:\WINDOWS\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll

[2012.05.16 18:17:29 | 000,110,592 | ---- | M] () MD5=D676BC7C829F86A215676281A1032C6B -- E:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

[2012.05.16 18:17:28 | 000,372,736 | ---- | M] () MD5=226956F70AEBBBF5ACBC9ADA6522B6F6 -- E:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

[2012.05.16 18:17:31 | 000,028,672 | ---- | M] () MD5=3D61BFCBE13C2DC8F5AE20BF02145322 -- E:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

[2012.05.16 18:17:27 | 000,659,456 | ---- | M] () MD5=EFC806A1C4C6CE9F69AECE0AB72C1E34 -- E:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

[2011.02.03 16:49:28 | 000,041,984 | ---- | M] () MD5=9F065BF574C956B85DB355C32E7E995E -- E:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll

[2012.05.16 18:17:43 | 000,005,632 | ---- | M] () MD5=7E50D25F9A5BC75F22CA7AEB52176CA2 -- E:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

[2012.05.16 18:17:32 | 000,012,800 | ---- | M] () MD5=B27AA2EA41728FAF5E9642CFD2958FB9 -- E:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

[2012.05.16 18:17:26 | 000,032,768 | ---- | M] () MD5=D251A67B7D6DE2194F6E264055E020FB -- E:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

[2012.05.16 18:17:24 | 000,007,168 | ---- | M] () MD5=9659028AFA77387D6D2BF4280C10AB94 -- E:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

[2011.02.03 16:49:02 | 000,598,016 | ---- | M] () MD5=28595FA306E58AACD7DAFF001F430703 -- E:\WINDOWS\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll

[2011.02.03 16:49:00 | 000,032,768 | ---- | M] () MD5=93F9CC2360815D8EF955407CF92B38AA -- E:\WINDOWS\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll

[2011.02.03 16:49:02 | 000,046,104 | ---- | M] () MD5=8BA7C024070F2B7FDD98ED8A4BA41789 -- E:\WINDOWS\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe

[2011.02.03 16:49:02 | 000,196,608 | ---- | M] () MD5=0C488A21B5A63055CB7736E3E0C75B1F -- E:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll

[2011.02.03 16:49:02 | 000,139,264 | ---- | M] () MD5=DA8417F8973EC51F0F1859CA0B334FC5 -- E:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll

[2011.02.03 16:49:03 | 000,397,312 | ---- | M] () MD5=7E61032F4F2BAB036B859D3B22D26DD0 -- E:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll

[2011.02.03 16:49:03 | 000,163,840 | ---- | M] () MD5=D1E117EDDEFEB220351BE0C7B27A4646 -- E:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll

[2012.05.16 18:14:59 | 005,283,840 | ---- | M] () MD5=2CFE88EE740380F4B594B2DE58AA933D -- E:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll

[2011.02.03 16:49:03 | 000,864,256 | ---- | M] () MD5=428D3714C85BACE55476C91E0D90E495 -- E:\WINDOWS\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll

[2012.05.16 18:14:59 | 000,532,480 | ---- | M] () MD5=E785AE3CC6341D63346B5F899B6FE7AC -- E:\WINDOWS\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll

[2011.02.03 16:49:30 | 000,005,632 | ---- | M] () MD5=807B70A78ACE7D01F769FE502A769E67 -- E:\WINDOWS\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll

[2011.02.05 00:16:52 | 000,110,592 | ---- | M] () MD5=BD6B60E0F4FA84FF4E3089EDF9B81C9A -- E:\WINDOWS\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll

[2012.05.16 18:17:43 | 000,110,592 | ---- | M] () MD5=0AD1C94AB2D36B79B9F2B54EADEB300A -- E:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

[2011.02.03 16:49:30 | 000,045,056 | ---- | M] () MD5=B34B75256D536385B927193FB1DCBB81 -- E:\WINDOWS\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll

[2012.05.16 18:18:45 | 000,163,840 | ---- | M] () MD5=AA647B387E4086FDE32C8E976732F635 -- E:\WINDOWS\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll

[2011.02.03 16:49:34 | 000,057,344 | ---- | M] () MD5=34AAEA0DCF908A7D3C1D8C2132B0E4D4 -- E:\WINDOWS\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll

[2012.05.16 18:17:44 | 000,081,920 | ---- | M] () MD5=41BC941761FB3D1E21826C3C0E3CEEEE -- E:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

[2012.05.16 18:17:45 | 000,425,984 | ---- | M] () MD5=C1C4025B5F5311AC8BCC318B0C244D58 -- E:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

[2011.02.03 16:49:31 | 000,667,648 | ---- | M] () MD5=6617F24759BB1F3873C88AD9E0DF0435 -- E:\WINDOWS\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll

[2011.02.03 16:49:31 | 000,053,248 | ---- | M] () MD5=1FDC244EEDD9B7804C7829DA11F1522E -- E:\WINDOWS\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll

[2011.02.03 16:49:31 | 000,229,376 | ---- | M] () MD5=3FE6C3CDB01F039110152B1B0AE4980F -- E:\WINDOWS\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll

[2011.02.03 16:49:32 | 002,879,488 | ---- | M] () MD5=CB45DFC6F9E1F954A718769D02D9C312 -- E:\WINDOWS\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll

[2011.02.03 16:49:28 | 000,684,032 | ---- | M] () MD5=DDFB10C4A14ADD5D0A6C96E6DC3D29DF -- E:\WINDOWS\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll

[2011.02.03 16:51:28 | 000,294,912 | ---- | M] () MD5=2F69FF4ED483D3FF399534F99BD4694A -- E:\WINDOWS\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll

[2011.02.03 16:49:27 | 000,114,688 | ---- | M] () MD5=0A7F3B1C1A9CC722F48A7A16394F61C4 -- E:\WINDOWS\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll

[2011.02.03 16:51:29 | 000,442,368 | ---- | M] () MD5=AE975C122A442146D7D5A6A996C42F91 -- E:\WINDOWS\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll

[2011.10.22 22:44:45 | 000,236,392 | ---- | M] () MD5=A200E7209B42BAA18F438695CE45B0B9 -- E:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlServerCe\9.0.242.0__89845dcd8080cc91\System.Data.SqlServerCe.dll

[2012.05.16 18:17:45 | 000,745,472 | ---- | M] () MD5=6388F9A7AA6E22DDA2E0D84E5BCE537C -- E:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

[2012.05.16 18:17:46 | 000,970,752 | ---- | M] () MD5=97DDAFB2A7B33DC3F746EF35C9EDF892 -- E:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

[2012.05.16 18:17:17 | 005,062,656 | ---- | M] () MD5=5C368BEBD58562133856B35BDCEFEADA -- E:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

[2011.02.03 16:49:28 | 000,286,720 | ---- | M] () MD5=4C6FBCBB7E7D4E3B0CAAA42043B6A01F -- E:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll

[2012.05.16 18:17:21 | 000,188,416 | ---- | M] () MD5=F0D4CE77F1F9D9A7468335B1CE4C061B -- E:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

[2012.05.16 18:17:25 | 000,401,408 | ---- | M] () MD5=F485CF34C45F850B25A7E38B08A7C435 -- E:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

[2012.05.16 18:17:16 | 000,081,920 | ---- | M] () MD5=36ABC218228871A981027174216A2DA8 -- E:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

[2012.05.16 18:17:35 | 000,630,784 | ---- | M] () MD5=DD110208ACE51F9AAC2FFC949CB6D937 -- E:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

[2011.02.03 16:49:03 | 000,126,976 | ---- | M] () MD5=311A345681A73C66D3EE49C5157A473B -- E:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll

[2011.02.05 00:16:52 | 000,438,272 | ---- | M] () MD5=DB076F159D89B90924C465222BA128FE -- E:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll

[2011.02.03 16:48:59 | 000,131,072 | ---- | M] () MD5=80E67BFFD101CC6312B489BEE255430D -- E:\WINDOWS\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll

[2011.02.03 16:49:32 | 000,143,360 | ---- | M] () MD5=217A1E1DED132261C825313A7FB2616C -- E:\WINDOWS\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll

[2012.05.16 18:17:36 | 000,372,736 | ---- | M] () MD5=EBAADBBFB6C455E54EB6A0E47267D33C -- E:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

[2012.05.16 18:17:35 | 000,258,048 | ---- | M] () MD5=7F9F1F17D368EE1EEA7E246FD934B9EC -- E:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

[2011.02.03 16:49:34 | 000,233,472 | ---- | M] () MD5=2E66DE31546A6AB3A8160CE337E1C6BC -- E:\WINDOWS\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll

[2012.05.16 18:17:34 | 000,303,104 | ---- | M] () MD5=2849F13593D2712CCB97FFBDD3C1232E -- E:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

[2012.05.16 18:17:33 | 000,131,072 | ---- | M] () MD5=C415D86079D431E7E1E32D0835A3FE81 -- E:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

[2011.02.05 00:16:53 | 000,970,752 | ---- | M] () MD5=2CF02DF42A90A054D546BF3A85409DC4 -- E:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll

[2011.02.04 15:45:25 | 000,258,048 | ---- | M] () MD5=0DFCD96DED6DB52064203C07B927357E -- E:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

[2011.02.03 16:49:00 | 000,073,728 | ---- | M] () MD5=A80F41C8B2168E8B3ADD0AA4FCBDDC93 -- E:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll

[2011.02.05 00:16:54 | 000,032,768 | ---- | M] () MD5=764E1A3E53C5885976F2EE6E206208EF -- E:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll

[2011.02.03 16:49:27 | 000,569,344 | ---- | M] () MD5=1565B7FAFDFA6EEE16101388E57E749F -- E:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll

[2011.02.05 00:16:53 | 005,967,872 | ---- | M] () MD5=4120A37565491CA998E226BCBE8EF6E8 -- E:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll

[2012.05.16 18:17:28 | 000,114,688 | ---- | M] () MD5=50D2943D426BA91771AD87FDEC802AC3 -- E:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

[2011.02.03 16:49:02 | 000,688,128 | ---- | M] () MD5=31588B867657A7DF046AC1908550D73C -- E:\WINDOWS\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll

[2011.02.03 16:49:35 | 000,077,824 | ---- | M] () MD5=2C3559C513F7CD6F95DC382F31A6A22D -- E:\WINDOWS\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll

[2011.02.03 16:49:35 | 000,032,768 | ---- | M] () MD5=9E0D101B086297D5E166E03A8ACBF260 -- E:\WINDOWS\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll

[2011.02.03 16:51:29 | 000,229,376 | ---- | M] () MD5=CC8D03C33986926A68696DAAAB5FF2F8 -- E:\WINDOWS\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll

[2011.02.03 16:49:32 | 000,131,072 | ---- | M] () MD5=A6A5297AAD0A9BA8829D20B1CBD68D32 -- E:\WINDOWS\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll

[2011.02.03 16:51:29 | 000,139,264 | ---- | M] () MD5=E42797003722BD930D83AB26998394D8 -- E:\WINDOWS\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll

[2011.02.03 16:49:36 | 000,335,872 | ---- | M] () MD5=7E83B8040233DDCDE03CF7F0A5F2837B -- E:\WINDOWS\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll

[2012.01.01 14:17:51 | 001,277,952 | ---- | M] () MD5=821B0AAB24CB11417381F8AE881309A2 -- E:\WINDOWS\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll

[2012.05.16 18:17:20 | 000,835,584 | ---- | M] () MD5=C22D59F4EAC00510D1A86061A428C633 -- E:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

[2012.05.16 18:17:21 | 000,077,824 | ---- | M] () MD5=F27A80887F125661CAC1A6039107428F -- E:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

[2011.02.03 16:49:37 | 000,061,440 | ---- | M] () MD5=5B7868DF14D71D328EE8C1213F852393 -- E:\WINDOWS\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll

[2012.05.16 18:17:17 | 000,839,680 | ---- | M] () MD5=A89DFA6DB0C3D00559F770A214962A60 -- E:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

[2012.05.16 18:17:18 | 005,025,792 | ---- | M] () MD5=7A3C1F1942074D251CCFA44D4815AD33 -- E:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

[2011.02.03 16:49:33 | 000,012,288 | ---- | M] () MD5=044C3400A836E5FB60D4A49EAEC24544 -- E:\WINDOWS\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll

[2011.02.03 16:49:01 | 001,138,688 | ---- | M] () MD5=A96933F3898290AA509080A90E0C7C5F -- E:\WINDOWS\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll

[2011.02.03 16:49:01 | 001,630,208 | ---- | M] () MD5=C4503F6EADC2638D6898514290A7A60B -- E:\WINDOWS\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll

[2011.02.03 16:49:02 | 000,540,672 | ---- | M] () MD5=6623152B2FB7DC650C6A8FE01AF71F44 -- E:\WINDOWS\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll

[2011.02.03 16:49:27 | 000,507,904 | ---- | M] () MD5=E249D1B3114088C0D390A60643BF2BBC -- E:\WINDOWS\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll

[2011.02.03 16:49:33 | 000,139,264 | ---- | M] () MD5=64925CC79EA9E8245A4F18703CCABEC4 -- E:\WINDOWS\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll

[2012.05.16 18:17:31 | 002,048,000 | ---- | M] () MD5=EB97291E3C9E0035B47B45DBB1AF710D -- E:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

[2012.05.16 18:17:46 | 003,186,688 | ---- | M] () MD5=6D37DFFE4B89AB1E17367FEEF2327B34 -- E:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

[2011.02.03 16:49:02 | 000,167,936 | ---- | M] () MD5=F303A07A6EF37B8B6DD928D97A016B75 -- E:\WINDOWS\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll

[2011.02.03 16:49:02 | 000,385,024 | ---- | M] () MD5=09658EF5F16F2ABD74FE577D50C0D155 -- E:\WINDOWS\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll

[2011.02.03 16:49:01 | 000,040,960 | ---- | M] () MD5=A93561FB224FA8539357C74065403630 -- E:\WINDOWS\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll

[2011.02.03 16:49:01 | 000,098,304 | ---- | M] () MD5=5BE33FC308914C1AE6577A908D97A4FF -- E:\WINDOWS\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll

[2012.05.16 18:15:00 | 001,249,280 | ---- | M] () MD5=D91A6B3FDF14C0319333FC583D969126 -- E:\WINDOWS\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll

[2011.02.03 16:49:02 | 000,094,208 | ---- | M] () MD5=E205A79EA6C06F91EA08BBE59FE83503 -- E:\WINDOWS\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll

 

< type c:\diskreport.txt /c >

No captured output from command...

No captured output from command...

No captured output from command...

 

< MD5 for: AFD.SYS >

[2011.08.17 06:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=1E44BC1E83D8FD2305F8D452DB109CF9 -- E:\WINDOWS\system32\dllcache\afd.sys

[2011.08.17 06:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=1E44BC1E83D8FD2305F8D452DB109CF9 -- E:\WINDOWS\system32\drivers\afd.sys

[2011.02.16 06:22:48 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=355556D9E580915118CD7EF736653A89 -- E:\WINDOWS\$NtUninstallKB2592799$\afd.sys

[2008.10.16 08:07:58 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=38D7B715504DA4741DF35E3594FE2099 -- E:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\afd.sys

[2008.10.16 07:43:01 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7618D5218F2A614672EC61A80D854A37 -- E:\WINDOWS\$NtUninstallKB2503665$\afd.sys

[2010.03.12 11:03:23 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7E775010EF291DA96AD17CA4B17137D7 -- E:\WINDOWS\$NtUninstallKB2509553$\afd.sys

[2011.02.16 06:25:05 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=8D499B1276012EB907E7A9E0F4D8FDA4 -- E:\WINDOWS\$hf_mig$\KB2503665\SP3QFE\afd.sys

[2011.08.17 06:41:46 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=F6B7B1ECD7B41736BDB6FF4B092BCB79 -- E:\WINDOWS\$hf_mig$\KB2592799\SP3QFE\afd.sys

 

< MD5 for: ATAPI.SYS >

[2010.03.12 11:26:00 | 017,778,412 | ---- | M] () .cab file -- E:\Documents and Settings\Ali & Serkan\Desktop\windovs XP\I386\sp3.cab:atapi.sys

[2010.03.12 11:26:00 | 017,778,412 | ---- | M] () .cab file -- E:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys

[2008.04.13 22:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- E:\WINDOWS\system32\dllcache\atapi.sys

[2008.04.13 22:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- E:\WINDOWS\system32\drivers\atapi.sys

[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- E:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys

[2008.04.13 22:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- E:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys

 

< MD5 for: DISK.SYS >

[2010.03.12 11:26:00 | 017,778,412 | ---- | M] () .cab file -- E:\Documents and Settings\Ali & Serkan\Desktop\windovs XP\I386\sp3.cab:disk.sys

[2010.03.12 11:26:00 | 017,778,412 | ---- | M] () .cab file -- E:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys

[2008.04.14 04:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- E:\WINDOWS\system32\drivers\disk.sys

 

< MD5 for: EXPLORER.EXE >

[2008.04.14 04:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- E:\WINDOWS\explorer.exe

[2008.04.14 04:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- E:\WINDOWS\system32\dllcache\explorer.exe

 

< MD5 for: I8042PRT.SYS >

[2010.03.12 11:26:00 | 017,778,412 | ---- | M] () .cab file -- E:\Documents and Settings\Ali & Serkan\Desktop\windovs XP\I386\sp3.cab:i8042prt.sys

[2010.03.12 11:26:00 | 017,778,412 | ---- | M] () .cab file -- E:\WINDOWS\Driver Cache\i386\sp3.cab:i8042prt.sys

[2008.04.14 04:00:00 | 000,052,480 | ---- | M] (Microsoft Corporation) MD5=4A0B06AA8943C1E332520F7440C0AA30 -- E:\WINDOWS\system32\drivers\i8042prt.sys

 

< MD5 for: IPSEC.SYS >

[2008.04.14 04:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- E:\WINDOWS\system32\dllcache\ipsec.sys

[2008.04.14 04:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- E:\WINDOWS\system32\drivers\ipsec.sys

 

< MD5 for: LSASS.EXE >

[2008.04.14 04:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- E:\WINDOWS\system32\dllcache\lsass.exe

[2008.04.14 04:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- E:\WINDOWS\system32\lsass.exe

 

< MD5 for: NETBT.SYS >

[2008.04.14 04:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=74B2B2F5BEA5E9A3DC021D685551BD3D -- E:\WINDOWS\system32\dllcache\netbt.sys

[2008.04.14 04:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=74B2B2F5BEA5E9A3DC021D685551BD3D -- E:\WINDOWS\system32\drivers\netbt.sys

 

< MD5 for: REDBOOK.SYS >

[2010.03.12 11:26:00 | 017,778,412 | ---- | M] () .cab file -- E:\Documents and Settings\Ali & Serkan\Desktop\windovs XP\I386\sp3.cab:redbook.sys

[2010.03.12 11:26:00 | 017,778,412 | ---- | M] () .cab file -- E:\WINDOWS\Driver Cache\i386\sp3.cab:redbook.sys

[2008.04.13 15:10:28 | 000,057,600 | ---- | M] (Microsoft Corporation) MD5=F828DD7E1419B6653894A8F97A0094C5 -- E:\WINDOWS\system32\drivers\redbook.sys

 

< MD5 for: SERIAL.SYS >

[2010.03.12 11:26:00 | 017,778,412 | ---- | M] () .cab file -- E:\Documents and Settings\Ali & Serkan\Desktop\windovs XP\I386\sp3.cab:serial.sys

[2010.03.12 11:26:00 | 017,778,412 | ---- | M] () .cab file -- E:\WINDOWS\Driver Cache\i386\sp3.cab:serial.sys

[2008.04.14 04:00:00 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=CCA207A8896D4C6A0C9CE29A4AE411A7 -- E:\WINDOWS\system32\drivers\serial.sys

 

< MD5 for: SERVICES.EXE >

[2010.03.12 11:06:47 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- E:\WINDOWS\system32\dllcache\services.exe

[2010.03.12 11:06:47 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- E:\WINDOWS\system32\services.exe

 

< MD5 for: SMSS.EXE >

[2008.04.14 04:00:00 | 000,470,016 | ---- | M] (Microsoft Corporation) MD5=3C3393C92A73A3006C7B706DAC54A812 -- E:\Documents and Settings\Ali & Serkan\Desktop\windovs XP\I386\SYSTEM32\SMSS.EXE

[2008.04.14 04:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- E:\WINDOWS\system32\dllcache\smss.exe

[2008.04.14 04:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- E:\WINDOWS\system32\smss.exe

 

< MD5 for: SVCHOST.EXE >

[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- E:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

[2008.04.14 04:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- E:\WINDOWS\system32\dllcache\svchost.exe

[2008.04.14 04:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- E:\WINDOWS\system32\svchost.exe

 

< MD5 for: TCPIP.SYS >

[2010.03.12 11:07:19 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- E:\WINDOWS\system32\dllcache cpip.sys

[2010.03.12 11:07:19 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- E:\WINDOWS\system32\drivers cpip.sys

[2008.06.20 04:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- E:\WINDOWS\$hf_mig$\KB2509553\SP3QFE cpip.sys

 

< MD5 for: USERINIT.EXE >

[2008.04.14 04:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- E:\WINDOWS\system32\dllcache\userinit.exe

[2008.04.14 04:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- E:\WINDOWS\system32\userinit.exe

 

< MD5 for: VOLSNAP.SYS >

[2008.04.14 04:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- E:\WINDOWS\system32\dllcache\volsnap.sys

[2008.04.14 04:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- E:\WINDOWS\system32\drivers\volsnap.sys

 

< MD5 for: WINLOGON.EXE >

[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- E:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2008.04.14 04:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- E:\WINDOWS\system32\dllcache\winlogon.exe

[2008.04.14 04:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- E:\WINDOWS\system32\winlogon.exe

 

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========

[E:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a] -> E:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790 -> Junction

[E:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a] -> E:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e -> Junction

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 132 bytes -> E:\Documents and Settings\All Users\Application Data\TEMP:EC889888

 

< End of report >

 

мерси предварително !!!!!!!!!!!!!!!!!

Link to comment
Сподели другаде

Стартирайте отново OTL.

 

В полето Custom Scans/Fixes поставете следния текст:

 

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.toggle.co....php?rvs=google
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.kralyeri.com
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh....q={searchTerms}
IE - HKLM\..\SearchScopes\{B97F452B-91F5-43A4-B1FA-FF9C0636B31B}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.toggle.co....php?rvs=google
IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylo...000002511cbbe60
IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ferrer:source?}
IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000002511cbbe60
IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{12995981-2FD6-4BEE-9FB0-B1674E8E5E7E}: "URL" = http://websearch.4sh...q={searchTerms}
IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...BD-AC6ED0FDC3B7
IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = http://search.babylo....19&affID=17161
IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.yahoo....type=PCAFSI1190
IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}: "URL" = http://search.alot.c...q={searchTerms}
IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{5F970FDE-702B-4ef9-920C-5F2848A5AF26}: "URL" = http://www.astroburn...q={searchTerms}
IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-01-14 21:20:23&v=8.0.0.34&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh....q={searchTerms}
IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{9D557097-8D4B-20F7-EB58-340F7AE21494}: "URL" = http://bksly.startya...o&cfg=2-564-0-0
IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-se...q={searchTerms}
IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = http://www.daemon-se...q={searchTerms}
IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://yandex.ru/yan...t={searchTerms}
IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\{B97F452B-91F5-43A4-B1FA-FF9C0636B31B}: "URL" = http://www.google.co...&rlz=1I7RNRN_bg
IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\Moikrug: "URL" = http://moikrug.ru/pe...ms}&submitted=1
IE - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\SearchScopes\Yandex: "URL" = http://search.condui...&ctid=CT1060933
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.defaultthis.engineName: "Freecorder Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Freecorder Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://search.imesh.com/"
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.4.0024
FF - prefs.js..extensions.enabledItems: widgetruntime@surfsecret.com:1.0
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=2&q="
FF - HKLM\Software\MozillaPlugins\@inhatch.com,version=0.7.5: File not found
[2011.09.28 18:10:32 | 000,001,083 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\911bg.xml
[2012.03.20 09:24:01 | 000,003,768 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.01.22 00:40:45 | 000,002,310 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011.09.28 18:10:32 | 000,002,442 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\diribg.xml
[2011.09.28 18:10:32 | 000,001,515 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\pe-bg.xml
[2011.09.28 18:10:32 | 000,001,857 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\portalbgdict.xml
[2012.01.08 11:40:47 | 000,002,519 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - E:\Program Files\iMesh Applications\MediaBar\ToolBar\imeshdtxmltbpi.dll ()
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files\ConduitEngine\ConduitEngin0.dll File not found
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - E:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - E:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - E:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DM Bar) - {0E1230F8-EA50-42A9-983C-D22ABC2EED3C} - E:\Program Files\Download Master\dmbar.dll (WestByte Software)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - E:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - E:\Program Files\iMesh Applications\MediaBar\ToolBar\imeshdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files\ConduitEngine\ConduitEngin0.dll File not found
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - E:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - No CLSID value found.
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - E:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - E:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - E:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files\ConduitEngine\ConduitEngin0.dll File not found
O3 - HKU\S-1-5-21-1078081533-1960408961-1417001333-1003\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - E:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ROC_roc_dec12] "E:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup.exe /autorun
@Alternate Data Stream - 132 bytes -> E:\Documents and Settings\All Users\Application Data\TEMP:EC8898887
:Commands
[emptytemp]
[resethosts]

 

Копирайте кода точно както е даден. Уверете се, че не изтървате някое от двуеточията в началото. Уверете се също така, че всяка от командите е на нов ред, както е в полето.

 

След въвеждане на кода в полето Custom Scans/Fixes, натиснете бутона Run Fix. Потвърдете съобщението за рестартиране на системата.

 

След рестартирането на системата, ще се появи лог-файл, намиращ се в C:\_OTL\Moved Files. Моля, прикачете съответния лог -файл към следващия Ви коментар.

Link to comment
Сподели другаде

първият път като го пуснах започна но на 25-та минута ми излезе eror но пак си продължаваше да зарежда така скучно чаках го 1 час нищо не стана оставих го цели 2 часа и 10 минути и все едно и също все едно не зарежда пишеше killing procesеs........... и аз сам му дадох рестарт но пак си работеше както преди все едно нищо не съм му направил.

Пробвах втори път със същият код но този път пък изобщо не тръгна а на третия път пак зареди дълго и пак го спрях

няма ли някоя друга програма щото май компютъра ми го изпържи! не знам! но чата ми се пооправи но пак не мога да вляза в facebook нормално чрез www.facebook.com и не мога да играя игрички!!!!!!!!!!!!!!!!!!!!!!

Link to comment
Сподели другаде

Изтеглете ComboFix от BleepingComputer.

  • Затворете всички работещи приложения и програми работещи във фонов режим. Спрете временно защитата в реално време на антивирусната програма и на другите програми за сигурност. За повече информация погледнете: How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs.
  • Стартирайте Combofix.exe.
  • В новопоявилия се прозорец изберете YES.

Внимание! - По време на работата на ComboFix не бива да се движи мишката и да се натискат клавиши от клавиатурата. Просто оставете ComboFix да си свърши работата, без да използвате компютъра за други цели.

  • ComboFix ще спре временно Интернет връзката, но след като приключи работата на програмата тази връзка ще бъде възстановена автоматично.
  • ComboFix ще сканира за проблеми и за заразени файлове, като това може да отнеме известно време. Моля да бъдете търпеливи. Ако има проблем с Интернет връзката след приключване на работата на софтуера, моля да прочетете това: Manually restoring the Internet connection section.
  • Когато работата на ComboFix приключи, ще се появи лог-файл в Notepad.

Забележка: Ако получавате следната грешка – Illegal operation on a registry key that has been marked for deletion”, при стартиране на приложения след работа с ComboFix, рестартирайте системата.

 

Прикачете въпросния файл към следващия Ви коментар.

Link to comment
Сподели другаде

резултати от сканирането на Combo fix

 

 

 

ComboFix 12-06-06.02 - Ali & Serkan 06/07/2012 22:10:04.2.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1251.359.1033.18.3071.2560 [GMT -7:00]

Running from: c:\downloads\Программы\ComboFix.exe

AV: avast! antivirus 4.7.826 [VPS 0617-2] *Enabled/Outdated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

---- Previous Run -------

.

e:\docume~1\ALI&SE~1\LOCALS~1\Temp\SAS32.tmp

e:\documents and settings\Ali & Serkan\Local Settings\Temp\SAS32.tmp

E:\Documents

E:\Install.exe

e:\windows\av_ico\ico_avast_desktop.ico

e:\windows\av_ico\ico_avast_start.ico

e:\windows\btc_client_iplist.txt

e:\windows\front_ip_list.txt

e:\windows\geoiplist

e:\windows\geoiplist.rar

e:\windows\iecheck_iplist.txt

e:\windows\info1

e:\windows\iplist.txt

e:\windows\loader2.exe_ok

e:\windows\phoenix.rar

e:\windows\phoenix\kernels\phatk\__init__.py

e:\windows\phoenix\kernels\phatk\__init__.pyc

e:\windows\phoenix\kernels\phatk\BFIPatcher.py

e:\windows\phoenix\kernels\phatk\kernel.cl

e:\windows\phoenix\kernels\poclbm\__init__.py

e:\windows\phoenix\kernels\poclbm\__init__.pyc

e:\windows\phoenix\kernels\poclbm\BFIPatcher.py

e:\windows\phoenix\kernels\poclbm\kernel.cl

e:\windows\phoenix\phoenix.exe

e:\windows\proc_list1.log

e:\windows\rpcminer.rar

e:\windows\system32\Cache\04ba8cf61829deb0.fb

e:\windows\system32\Cache\272512937d9e61a4.fb

e:\windows\system32\Cache\287204568329e189.fb

e:\windows\system32\Cache\28bc8f716fd76a47.fb

e:\windows\system32\Cache\2c53092c95605355.fb

e:\windows\system32\Cache\3917078cb68ec657.fb

e:\windows\system32\Cache\590ba23ce359fd0c.fb

e:\windows\system32\Cache\610289e025a3ee9a.fb

e:\windows\system32\Cache\651c5d3cdbfb8bd1.fb

e:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb

e:\windows\system32\Cache\77f4a4ff781e75e0.fb

e:\windows\system32\Cache\a669305b0afd38c9.fb

e:\windows\system32\Cache\a8556537add6dfc5.fb

e:\windows\system32\Cache\ad10a52aff5e038d.fb

e:\windows\system32\Cache\c4d28dca2e7648be.fb

e:\windows\system32\Cache\d201ef9910cd39de.fb

e:\windows\system32\Cache\d2e94710a5708128.fb

e:\windows\system32\Cache\d79b9dfe81484ec4.fb

e:\windows\system32\Cache\e0de16f883bea794.fb

e:\windows\system32\drivers\etc\HSTS~1

e:\windows\system32\drivers\etc\hоsts

e:\windows\system32\SET1DC.tmp

e:\windows\system32\SET358.tmp

e:\windows\system32\SET4CC.tmp

e:\windows\system32\SET4E7.tmp

e:\windows\system32\SET4E9.tmp

e:\windows\system32\SET4F7.tmp

e:\windows\system32\SETD.tmp

e:\windows\system32 mp20E.tmp

e:\windows\system32 mp20F.tmp

e:\windows\system32 mp223.tmp

e:\windows\system32 mp329.tmp

e:\windows\system32 mp32A.tmp

e:\windows\ufa.rar

e:\windows\winlog-dirs.txt

e:\windows\winlog-ids.txt

e:\windows\winsetupapi.log

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_DDSERVICE

-------\Legacy_SRVBTCCLIENT

-------\Legacy_SRVIECHECK

-------\Legacy_WXPDRIVERS

-------\Legacy_Skype_C2C_Service

-------\Service_Skype C2C Service

.

.

((((((((((((((((((((((((( Files Created from 2012-05-08 to 2012-06-08 )))))))))))))))))))))))))))))))

.

.

2012-06-06 20:58 . 2012-06-06 20:58 -------- d-----w- E:\_OTL

2012-06-05 04:49 . 2012-06-05 04:49 -------- d-----w- e:\program files\Kaspersky Lab

2012-05-27 18:20 . 2012-05-27 18:26 -------- d-----w- e:\program files\Farming Simulator 2011

2012-05-27 18:14 . 2012-05-27 18:15 -------- d-----w- e:\program files\Farming-Simulator 2009

2012-05-27 04:39 . 2012-05-27 04:39 -------- d-----w- e:\windows\1C4551A64743409391E41477CD655043.TMP

2012-05-26 19:08 . 2012-05-26 19:08 48547 ----a-w- e:\windows\system32\nglide_uninst.exe

2012-05-24 23:16 . 2004-10-22 09:18 749568 ----a-w- e:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll

2012-05-24 23:16 . 2004-10-22 09:17 69715 ----a-w- e:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll

2012-05-24 23:16 . 2004-10-22 09:17 274432 ----a-w- e:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll

2012-05-24 23:16 . 2004-10-22 09:16 180224 ----a-w- e:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll

2012-05-24 23:16 . 2004-10-22 09:16 5632 ----a-w- e:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe

2012-05-24 23:16 . 2012-05-24 23:16 323716 ----a-w- e:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll

2012-05-24 23:16 . 2012-05-24 23:16 192644 ----a-w- e:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll

2012-05-24 01:25 . 2012-05-24 01:25 -------- d-----w- E:\1a321a97e172fc7b29dd2e

2012-05-22 17:32 . 2012-05-26 15:25 -------- d-----w- e:\program files\Counter-Strike 1.6

2012-05-22 02:46 . 2012-05-22 02:46 -------- d-----w- e:\windows\Sun

2012-05-21 04:41 . 2012-05-21 04:41 -------- d-----w- e:\program files\InhatchTeam

2012-05-21 01:44 . 2012-05-21 01:44 -------- d-----w- e:\documents and settings\Ali & Serkan\Local Settings\Application Data\Sun

2012-05-21 01:30 . 2012-06-08 05:12 -------- d-----w- e:\documents and settings\Ali & Serkan\Application Data\uTorrent

2012-05-20 19:22 . 2012-05-20 19:22 -------- d-----w- e:\program files\Common Files\Java

2012-05-20 19:21 . 2012-05-20 19:21 -------- d-----w- e:\program files\Oracle

2012-05-20 19:21 . 2012-05-20 19:21 -------- d-----w- e:\documents and settings\Ali & Serkan\Application Data\Oracle

2012-05-20 19:21 . 2012-04-05 01:47 143872 ----a-w- e:\windows\system32\javacpl.cpl

2012-05-20 19:21 . 2012-04-05 01:47 772504 ----a-w- e:\windows\system32\npDeployJava1.dll

2012-05-20 19:21 . 2012-04-05 01:47 687504 ----a-w- e:\windows\system32\deployJava1.dll

2012-05-20 19:20 . 2012-05-20 19:20 -------- d-----w- e:\program files\Java

2012-05-20 02:52 . 2012-05-20 02:52 -------- d-----w- e:\documents and settings\Ali & Serkan\Application Data\Need for Speed World

2012-05-20 02:26 . 2012-05-20 02:26 -------- d-----w- e:\documents and settings\Ali & Serkan\Local Settings\Application Data\Electronic_Arts_Inc

2012-05-17 01:33 . 2012-05-17 01:33 -------- d-----w- e:\program files\Common Files\Skype

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-05-31 13:22 . 2008-04-14 11:00 599040 ----a-w- e:\windows\system32\crypt32.dll

2012-04-11 13:14 . 2010-03-12 18:06 2148352 ----a-w- e:\windows\system32\ntoskrnl.exe

2012-04-11 13:12 . 2010-03-12 18:07 1862272 ----a-w- e:\windows\system32\win32k.sys

2012-04-11 12:35 . 2009-12-08 18:43 2026496 ----a-w- e:\windows\system32\ntkrnlpa.exe

2011-09-29 07:06 . 2011-10-16 03:59 134104 ----a-w- e:\program files\mozilla firefox\components\browsercomps.dll

2010-08-03 18:11 819200 --sha-w- e:\windows\system32\xvidcore.dll

2010-08-03 18:11 180224 --sha-w- e:\windows\system32\xvidvfw.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]

2011-01-24 15:45 89008 ----a-w- e:\progra~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]

2011-01-25 12:24 721288 ----a-w- e:\progra~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

2011-05-09 09:49 176936 ----a-w- e:\program files\uTorrentBar\prxtbuTo0.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "e:\program files\uTorrentBar\prxtbuTo0.dll" [2011-05-09 176936]

"{28387537-e3f9-4ed7-860c-11e69af4a8a0}"= "e:\progra~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll" [2011-01-24 89008]

.

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

.

[HKEY_CLASSES_ROOT\clsid\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "e:\program files\uTorrentBar\prxtbuTo0.dll" [2011-05-09 176936]

.

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="e:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-02-03 39408]

"DAEMON Tools Lite"="e:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]

"Download Master"="e:\program files\Download Master\dmaster.exe" [2012-05-11 4188224]

"WMPNSCFG"="e:\program files\Windows Media Player\WMPNSCFG.exe" [2009-02-05 204288]

"Skype"="e:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552]

"uTorrent"="e:\program files\uTorrent\uTorrent.exe" [2012-05-24 738168]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HDAudDeck"="e:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-05-14 33624064]

"nwiz"="e:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-08-06 1657376]

"NvMediaCenter"="e:\windows\system32\NvMcTray.dll" [2009-08-06 86016]

"NvCplDaemon"="e:\windows\system32\NvCpl.dll" [2009-08-06 13877248]

"Adobe ARM"="e:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"amd_dc_opt"="e:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]

"SunJavaUpdateSched"="e:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="e:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

e:\documents and settings\Ali & Serkan\Start Menu\Programs\Startup\

Ubisoft register.lnk - e:\program files\Ubisoft\Register\schedule.exe [2012-1-4 28672]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableSecureUIAPaths"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"Adobe Reader Speed Launcher"="e:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

"DisableThumbnailCache"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Games\\CSSv34\\hl2.exe"=

"e:\\WINDOWS\\system32\\PnkBstrB.exe"=

"e:\\Program Files\\EA SPORTS\\FIFA 11\\Game\\fifa.exe"=

"e:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=

"e:\\Program Files\\Electronic Arts\\SHIFT 2 UNLEASHED\\shift2u.exe"=

"e:\\Program Files\\Electronic Arts\\Need for Speed Hot Pursuit\\Launcher.exe"=

"e:\\Program Files\\Electronic Arts\\Need for Speed Hot Pursuit\\NFS11.exe"=

"e:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"e:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"e:\\Program Files\\EA SPORTS\\FIFA 12\\Game\\fifa.exe"=

"e:\\Program Files\\Windows iLivid Toolbar\\Datamngr\\ToolBar\\dtUser.exe"=

"e:\\Program Files\\2K Sports\\NBA 2K12\\nba2k12.exe"=

"e:\\Documents and Settings\\Ali & Serkan\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"=

"e:\\Program Files\\Skype\\Phone\\Skype.exe"=

"e:\\Documents and Settings\\All Users\\Application Data\\Electronic Arts\\Need For Speed World\\Data\\nfsw.exe"=

"e:\\Program Files\\uTorrent\\uTorrent.exe"=

"e:\\Program Files\\Counter-Strike 1.6\\hl.exe"=

"e:\\Program Files\\SoftnyxGame\\WolfTeamTS\\Wolfteam.bin"=

"e:\\Program Files\\GameSpy Arcade\\Aphex.exe"=

"e:\\Program Files\\Farming Simulator 2011\\FarmingSimulator2011.exe"=

"e:\\Program Files\\Farming Simulator 2011\\game.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"2706:TCP"= 2706:TCP:Inhatch P2P Streaming

"2707:TCP"= 2707:TCP:Inhatch P2P Streaming

"2708:TCP"= 2708:TCP:Inhatch P2P Streaming

"2709:TCP"= 2709:TCP:Inhatch P2P Streaming

"10950:TCP"= 10950:TCP:Inhatch P2P Streaming

"10951:TCP"= 10951:TCP:Inhatch P2P Streaming

"10952:TCP"= 10952:TCP:Inhatch P2P Streaming

"10953:TCP"= 10953:TCP:Inhatch P2P Streaming

"49780:UDP"= 49780:UDP:Inhatch P2P Streaming

.

R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;e:\windows\system32\drivers\nvhda32.sys [1/9/2011 00:09 56992]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;e:\windows\system32\drivers\viahduaa.sys [1/8/2011 23:58 1358720]

S2 gupdate;Услуга Google Update (gupdate);e:\program files\Google\Update\GoogleUpdate.exe [2/3/2011 01:15 136176]

S2 SkypeUpdate;Skype Updater;e:\program files\Skype\Updater\Updater.exe [2/29/2012 08:50 158856]

S3 apf001;apf001;e:\program files\SoftnyxGame\WolfTeamTS\apf001.sys [5/22/2012 12:53 10872]

S3 gupdatem;Услуга на Google Актуализация (gupdatem);e:\program files\Google\Update\GoogleUpdate.exe [2/3/2011 01:15 136176]

.

Contents of the 'Scheduled Tasks' folder

.

2012-06-08 e:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- e:\program files\Google\Update\GoogleUpdate.exe [2011-02-03 08:15]

.

2012-06-08 e:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- e:\program files\Google\Update\GoogleUpdate.exe [2011-02-03 08:15]

.

2012-06-08 e:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1960408961-1417001333-1003Core.job

- e:\documents and settings\Ali & Serkan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-28 10:25]

.

2012-06-08 e:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1960408961-1417001333-1003UA.job

- e:\documents and settings\Ali & Serkan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-28 10:25]

.

2012-06-08 e:\windows\Tasks\Xjblth.job

- e:\windows\system32\MSCOMCTLX.dll [2012-04-09 19:01]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://search.babylon.com/?AF=100888&babsrc=HP_ss&mntrId=90518dd8000000000000002511cbbe60

mStart Page = hxxp://www.kralyeri.com

IE: E&xport to Microsoft Excel - e:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

IE: Закачать ВСЕ при помощи Download Master - e:\program files\Download Master\dmieall.htm

IE: Закачать при помощи Download Master - e:\program files\Download Master\dmie.htm

IE: Передать на удаленную закачку DM - e:\program files\Download Master\remdown.htm

TCP: DhcpNameServer = 84.54.128.6 84.54.128.8

FF - ProfilePath - e:\documents and settings\Ali & Serkan\Application Data\Mozilla\Firefox\Profiles\cibf59it.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Freecorder Customized Web Search

FF - prefs.js: browser.startup.homepage - hxxp://search.imesh.com/

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=2&q=

FF - user.js: extensions.BabylonToolbar_i.id - 90518dd8000000000000002511cbbe60

FF - user.js: extensions.BabylonToolbar_i.hardId - 90518dd8000000000000002511cbbe60

FF - user.js: extensions.BabylonToolbar_i.instlDay - 15361

FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1723:40

FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar_i.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar_i.tlbrId - base

FF - user.js: extensions.BabylonToolbar_i.newTab - false

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=100888

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

.

- - - - ORPHANS REMOVED - - - -

.

BHO-{30F9B915-B755-4826-820B-08FBA6BD249D} - e:\program files\ConduitEngine\ConduitEngin0.dll

Toolbar-{30F9B915-B755-4826-820B-08FBA6BD249D} - e:\program files\ConduitEngine\ConduitEngin0.dll

Toolbar-{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - (no file)

Toolbar-10 - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - e:\program files\ConduitEngine\ConduitEngin0.dll

ShellIconOverlayIdentifiers-{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} - (no file)

ShellIconOverlayIdentifiers-{C72C6188-BEF2-46E5-A89A-52F0ED75219E} - (no file)

ShellIconOverlayIdentifiers-{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} - (no file)

ShellIconOverlayIdentifiers-{CB1EFEF8-D5E0-49D1-B768-41B48B1D7803} - (no file)

ShellIconOverlayIdentifiers-{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6} - (no file)

ShellIconOverlayIdentifiers-{9AE343CB-BA45-4618-AF6A-0230EE6FC793} - (no file)

HKLM-Run-ROC_roc_dec12 - e:\program files\AVG Secure Search\ROC_roc_dec12.exe

AddRemove-conduitEngine - e:\program files\ConduitEngine\ConduitEngineUninstall.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-06-07 22:15

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

HDAudDeck = e:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{067c751f-9175-4883-9a3d-1c16cd298bd4}]

@Denied: (Full) (Everyone)

"Model"=dword:0000003f

"Therad"=dword:0000001e

"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,

38,95,44,7c,a3,58,23,ec,af,2d,15,15,ef,a1,46,54,19,6c,0d,35,95,e0,f3,7c,6d,\

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{3e22be51-8fb6-4159-8579-7c7bb8e50224}]

@Denied: (Full) (Everyone)

"Model"=dword:000000c0

"Therad"=dword:00000015

"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,

1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]

@Denied: (Full) (Everyone)

"scansk"=hex(0):1e,dd,17,96,37,f8,24,12,de,43,f3,25,3d,43,c5,db,3e,b4,4f,73,f2,

2e,c8,98,7f,df,66,9d,b9,77,d4,28,9e,45,3c,20,b4,32,23,b8,00,00,00,00,00,00,\

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]

@Denied: (Full) (Everyone)

"scansk"=hex(0):88,ea,cf,17,3e,8b,18,71,27,18,07,e6,e6,2d,04,de,4c,8d,e9,10,cd,

28,40,73,28,cb,9e,15,65,e5,6e,08,83,60,a8,73,7e,25,a4,fb,00,00,00,00,00,00,\

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(2936)

e:\windows\system32\WININET.dll

e:\windows\system32\ieframe.dll

e:\windows\system32\webcheck.dll

e:\windows\system32\WPDShServiceObj.dll

e:\windows\system32\PortableDeviceTypes.dll

e:\windows\system32\PortableDeviceApi.dll

e:\program files\Internet Explorer\mui\0402\browselc.dll

e:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

e:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll

e:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

e:\program files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL

e:\program files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

e:\program files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll

e:\progra~1\DOWNLO~1\dmiehlp.dll

e:\windows\system32\wpdshext.dll

.

Completion time: 2012-06-07 22:17:23

ComboFix-quarantined-files.txt 2012-06-08 05:17

.

Pre-Run: 221 743 190 016 bytes free

Post-Run: 221 697 990 656 bytes free

.

- - End Of File - - 4DF376B3F9A9DB0F8F6CE6D1B515438A

Link to comment
Сподели другаде

Лог-файлът изглежда чист. Колко пъти стартирахте ComboFix?

 

Изпълнете следното:

 

Изтеглете Microsoft Fix it 50267

  • Запазете файла на Вашия десктоп.
  • Стартирайте MicrosoftFixit50267.msi и следвайте стъпките за инсталацията на fix-а.
  • Ще получите запитване за рестартиране на системата.
  • Рестартирайте системата.

Проверете дали проблемът с достъпа до Facebook е налице.

Link to comment
Сподели другаде

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Гост
Отговори на тази тема

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   Не можете да качите директно снимка. Качете или добавете изображението от линк (URL)

Loading...
×
×
  • Създай ново...