Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Need help, csrsc, linvdqay [Solved]


  • This topic is locked This topic is locked

#16
fartuditu

fartuditu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
I ran the fix as you explained. I made a new restore point afterwards. Here's the log from OTL:






========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sr\\"Type"|dword:00000002 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sr\\"Start"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sr\\"ErrorControl"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sr\\"Tag"|dword:00000004 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sr\\"ImagePath"|hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,73,00,72,00,2e,00,73,00,79,00,73,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sr\\"DisplayName"|"System Restore Filter Driver" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sr\\"Group"|"FSFilter System Recovery" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sr\Parameters\\"FirstRun"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sr\Parameters\\"DontBackup"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sr\Parameters\\"MachineGuid"|"{98B5A6EB-B01A-4160-8D8F-647977BF173C}" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sr\Security\\"Security"|hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sr\Enum\\"0"|"Root\\LEGACY_SR\\0000" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sr\Enum\\"Count"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sr\Enum\\"NextInstance"|dword:00000001 /E : value set successfully!
========== FILES ==========
< sc config srservice start= auto /c >
[SC] ChangeServiceConfig SUCCESS
C:\Documents and Settings\Sisavac\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Sisavac\Desktop\cmd.txt deleted successfully.
< sc start sr /c >
[SC] StartService FAILED 1058:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
C:\Documents and Settings\Sisavac\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Sisavac\Desktop\cmd.txt deleted successfully.
< sc start srservice /c >
SERVICE_NAME: srservice
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 2 START_PENDING
(NOT_STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x7d0
PID : 1052
FLAGS :
C:\Documents and Settings\Sisavac\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Sisavac\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\\"DisableSR"|DWORD:0 /E : value set successfully!
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.69.0 log created on 11132013_201104
  • 0

Advertisements


#17
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Okay, run windows updates now and make sure to get SP3. Let me know when it finishes.
  • 0

#18
fartuditu

fartuditu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Thanks for all the help so far, and sorry for the delay, i couldn't get here much sooner. I installed sp3, and one update regarding ie8 from these files:

WindowsXP-KB936929-SP3-x86-ENU.exe
IE8-WindowsXP-KB2618444-x86-ENU.exe

Automatic updates ran for 2 days and didn't do anything from what i've seen. I wasn't able to find more updates to download manually. Maybe automatic updates will take care of that in time?

I'm waiting for new instructions. Again, thank you for your time and effort, and sorry for being late to reply.
  • 0

#19
fartuditu

fartuditu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
After sp3 and ie8 update were installed, i noticed one svchost.exe taking 100% cpu, so i turned off computer and turned it on after several minutes. During startup, i had 2 rundll32.exe, one with my user name, other with no user name stated. Like before, i have my user name for some processes, and no user name for system processes. I ended svchost.exe temporarily so that i can run pc without using all the processor. I didn't run Malwarebytes scan, as im waiting for your further guidance.
  • 0

#20
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Svchost should not be consuming so much processor. I want to run a few more scans.


Download aswMBR.exe to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan. Allow it to download and use the definitions.

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image


Open OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:
    dir "%systemdrive%\*" /S /A:L /C
    netsvcs
  • Select the Scan All Users box in the middle on the top of the window
  • Click the Run Scan button. Post the log it produces in your next reply.

Also, please update MBAM and run a quick scan and attach the C:\Windows\WindowsUpdate.log to your next post (if too big, use dropbox or other sharing service).
  • 0

#21
fartuditu

fartuditu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
I followed the steps you've given me. Mbam found nothing. Here are the logs:

https://www.dropbox....ndowsUpdate.log















aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-11-15 19:09:33
-----------------------------
19:09:33.687 OS Version: Windows 5.1.2600 Service Pack 3
19:09:33.687 Number of processors: 1 586 0xA00
19:09:33.687 ComputerName: SISAVAC-8348EE1 UserName: Sisavac
19:09:34.062 Initialize success
19:15:49.812 AVAST engine defs: 13111500
19:16:14.171 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
19:16:14.171 Disk 0 Vendor: Maxtor_6Y080L0 YAR41BW0 Size: 78167MB BusType: 3
19:16:14.312 Disk 0 MBR read successfully
19:16:14.312 Disk 0 MBR scan
19:16:14.390 Disk 0 Windows XP default MBR code
19:16:14.390 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 25603 MB offset 63
19:16:14.390 Disk 0 Partition - 00 0F Extended LBA 52548 MB offset 52436160
19:16:14.406 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 52548 MB offset 52436223
19:16:14.406 Disk 0 scanning sectors +160055595
19:16:14.546 Disk 0 scanning C:\WINDOWS\system32\drivers
19:16:24.156 Service scanning
19:16:40.781 Modules scanning
19:16:55.125 Disk 0 trace - called modules:
19:16:55.140 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
19:16:55.156 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86792ab8]
19:16:55.156 3 CLASSPNP.SYS[f786ffd7] -> nt!IofCallDriver -> \Device\0000005b[0x86794f18]
19:16:55.156 5 ACPI.sys[f77e6620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x866d6940]
19:16:55.531 AVAST engine scan C:\WINDOWS
19:16:58.765 AVAST engine scan C:\WINDOWS\system32
19:18:35.109 AVAST engine scan C:\WINDOWS\system32\drivers
19:18:47.234 AVAST engine scan C:\Documents and Settings\Sisavac
19:26:39.281 AVAST engine scan C:\Documents and Settings\All Users
19:26:46.328 Scan finished successfully
19:26:55.890 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Sisavac\Desktop\MBR.dat"
19:26:55.890 The log file has been saved successfully to "C:\Documents and Settings\Sisavac\Desktop\aswMBR.txt"















OTL logfile created on: 11/15/2013 7:29:23 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Sisavac\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.48 Mb Total Physical Memory | 592.51 Mb Available Physical Memory | 57.89% Memory free
2.40 Gb Paging File | 2.09 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 25.00 Gb Total Space | 15.93 Gb Free Space | 63.73% Space Free | Partition Type: NTFS
Drive D: | 51.32 Gb Total Space | 44.49 Gb Free Space | 86.70% Space Free | Partition Type: NTFS

Computer Name: SISAVAC-8348EE1 | User Name: Sisavac | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/12 15:36:48 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/11/12 15:36:48 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/11/12 15:36:47 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/11/10 18:53:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sisavac\Desktop\OTL.exe
PRC - [2013/10/22 12:05:04 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/11/12 15:37:05 | 001,259,296 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/11/12 15:36:48 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/11/12 15:36:48 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/10/22 12:05:04 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\Sisavac\LOCALS~1\Temp\aswMBR.sys -- (aswMBR)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2008/04/14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2002/12/05 05:01:00 | 000,241,664 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce)
DRV - [2002/12/05 05:01:00 | 000,013,056 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax)
DRV - [2002/09/23 03:37:00 | 000,080,896 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2002/09/06 04:24:00 | 000,013,568 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp)
DRV - [2001/08/17 15:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1454471165-602162358-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.kongregat...ncls/cloudstone
IE - HKU\S-1-5-21-1454471165-602162358-839522115-1003\..\SearchScopes,DefaultScope = {C569304D-9604-4FCC-A5A7-FD78CD4EA1D0}
IE - HKU\S-1-5-21-1454471165-602162358-839522115-1003\..\SearchScopes\{C569304D-9604-4FCC-A5A7-FD78CD4EA1D0}: "URL" = http://www.google.co...utputEncoding?}
IE - HKU\S-1-5-21-1454471165-602162358-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.update: false
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013/10/22 00:34:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sisavac\Application Data\Mozilla\Extensions
[2013/10/24 10:54:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sisavac\Application Data\Mozilla\Firefox\Profiles\nc6hoehs.default\extensions
[2013/10/22 12:17:15 | 000,915,554 | ---- | M] () (No name found) -- C:\Documents and Settings\Sisavac\Application Data\Mozilla\Firefox\Profiles\nc6hoehs.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/10/29 16:15:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/10/29 16:16:18 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Sisavac\Local Settings\Application Data\Google\Chrome\Application\14.0.835.187\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Disabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Disabled) = internal-remoting-viewer
CHR - plugin: Native Client (Disabled) = C:\Documents and Settings\Sisavac\Local Settings\Application Data\Google\Chrome\Application\14.0.835.187\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Sisavac\Local Settings\Application Data\Google\Chrome\Application\14.0.835.187\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Disabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Disabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Java Deployment Toolkit 7.0.450.18 (Enabled) = C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java™ Platform SE 7 U45 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2013/11/10 01:31:46 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\NoDriveTypeAutoRun: NoDriveTypeAutoRun = 177
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-602162358-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1454471165-602162358-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 177
O7 - HKU\S-1-5-21-1454471165-602162358-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1454471165-602162358-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.180.0.18 95.180.1.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB12A8FE-078E-4D2A-99AD-120274A5ADA9}: DhcpNameServer = 95.180.0.18 95.180.1.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB12A8FE-078E-4D2A-99AD-120274A5ADA9}: NameServer = 8.8.4.4,8.8.8.8
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2013/10/22 00:09:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2013/11/15 19:08:15 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Sisavac\Desktop\aswmbr.exe
[2013/11/15 11:08:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2013/11/15 10:37:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2013/11/15 10:33:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/11/15 10:30:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2013/11/15 10:30:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2013/11/15 10:30:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2013/11/15 10:30:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2013/11/15 10:27:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2013/11/15 10:25:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2013/11/15 10:20:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2013/11/13 20:11:04 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/11/13 19:12:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\CC Support
[2013/11/13 11:33:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Liste
[2013/11/12 23:01:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sisavac\My Documents\Dropbox
[2013/11/12 23:00:06 | 000,000,000 | ---D | C] -- C:\Program Files\Dropbox
[2013/11/12 22:59:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Start Menu\Programs\Dropbox
[2013/11/12 22:59:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Application Data\DropboxMaster
[2013/11/12 22:58:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Application Data\Dropbox
[2013/11/12 22:57:28 | 035,483,528 | ---- | C] (Dropbox, Inc.) -- C:\Documents and Settings\Sisavac\Desktop\Dropbox 2.5.35.exe
[2013/11/12 22:09:41 | 000,360,775 | ---- | C] (Farbar) -- C:\Documents and Settings\Sisavac\Desktop\FSS.exe
[2013/11/12 22:06:53 | 000,171,344 | ---- | C] (Kaspersky Lab) -- C:\kidokiller.exe
[2013/11/12 17:17:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\NizoviObjekata
[2013/11/12 15:48:18 | 000,000,000 | ---D | C] -- C:\Sality_RegKeys
[2013/11/12 15:31:52 | 000,171,344 | ---- | C] (Kaspersky Lab ZAO) -- C:\SalityKiller.exe
[2013/11/10 19:38:10 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2013/11/10 19:37:32 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2013/11/10 19:37:27 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2013/11/10 19:37:07 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2013/11/10 19:37:02 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2013/11/10 19:36:52 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2013/11/10 19:36:29 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2013/11/10 19:36:09 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2013/11/10 19:36:05 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2013/11/10 19:36:01 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2013/11/10 19:35:54 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2013/11/10 19:35:49 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2013/11/10 19:35:44 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2013/11/10 19:35:40 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2013/11/10 19:35:21 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2013/11/10 19:35:04 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2013/11/10 19:35:00 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2013/11/10 19:34:56 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2013/11/10 19:34:48 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2013/11/10 19:34:25 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2013/11/10 19:34:09 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2013/11/10 19:34:05 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2013/11/10 19:33:48 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2013/11/10 19:33:44 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2013/11/10 19:33:40 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2013/11/10 19:33:36 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2013/11/10 19:33:33 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2013/11/10 19:33:29 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2013/11/10 19:32:53 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2013/11/10 19:32:47 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2013/11/10 19:32:42 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2013/11/10 19:32:36 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2013/11/10 19:32:33 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2013/11/10 19:32:18 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2013/11/10 19:32:15 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2013/11/10 19:31:28 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2013/11/10 19:31:24 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2013/11/10 19:31:20 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2013/11/10 19:31:16 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2013/11/10 19:31:10 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2013/11/10 19:30:47 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2013/11/10 19:30:14 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2013/11/10 19:30:10 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2013/11/10 19:30:06 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2013/11/10 19:30:02 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2013/11/10 19:29:59 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2013/11/10 19:29:28 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2013/11/10 19:29:25 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2013/11/10 19:29:21 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2013/11/10 19:29:13 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2013/11/10 19:28:42 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2013/11/10 19:28:38 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2013/11/10 19:28:35 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2013/11/10 19:28:32 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2013/11/10 19:28:02 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2013/11/10 19:27:54 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2013/11/10 19:27:50 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2013/11/10 19:27:34 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2013/11/10 19:27:31 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2013/11/10 19:27:27 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2013/11/10 19:27:24 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2013/11/10 19:27:20 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2013/11/10 19:27:17 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2013/11/10 19:27:14 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2013/11/10 19:27:10 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2013/11/10 19:27:07 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2013/11/10 19:26:58 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2013/11/10 19:26:55 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2013/11/10 19:26:33 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2013/11/10 19:26:21 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2013/11/10 19:26:15 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2013/11/10 19:25:56 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2013/11/10 19:25:53 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2013/11/10 19:25:17 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2013/11/10 19:25:14 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2013/11/10 19:25:10 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2013/11/10 19:24:57 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2013/11/10 19:23:53 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2013/11/10 19:23:40 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2013/11/10 19:23:38 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2013/11/10 19:23:35 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2013/11/10 19:22:50 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2013/11/10 19:22:46 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2013/11/10 19:22:43 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2013/11/10 19:22:38 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2013/11/10 19:22:01 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2013/11/10 19:21:46 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2013/11/10 19:21:43 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2013/11/10 19:21:34 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2013/11/10 19:21:17 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2013/11/10 19:21:14 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2013/11/10 19:21:03 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2013/11/10 19:21:00 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2013/11/10 19:20:57 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2013/11/10 19:20:53 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2013/11/10 19:20:50 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2013/11/10 19:20:47 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2013/11/10 19:20:38 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2013/11/10 19:20:34 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2013/11/10 19:20:31 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2013/11/10 19:20:28 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2013/11/10 19:20:24 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2013/11/10 19:19:21 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2013/11/10 19:18:42 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2013/11/10 19:18:20 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2013/11/10 19:18:17 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2013/11/10 19:18:15 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2013/11/10 19:18:12 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2013/11/10 19:18:12 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2013/11/10 19:18:09 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2013/11/10 19:18:00 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2013/11/10 19:17:57 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2013/11/10 19:17:54 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2013/11/10 19:17:51 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2013/11/10 19:17:46 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2013/11/10 19:17:43 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2013/11/10 19:16:43 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2013/11/10 19:15:58 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2013/11/10 19:13:55 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2013/11/10 19:13:45 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2013/11/10 19:13:08 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2013/11/10 19:13:05 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2013/11/10 19:12:50 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2013/11/10 19:12:36 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2013/11/10 19:12:34 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2013/11/10 19:12:29 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2013/11/10 19:12:27 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2013/11/10 19:12:25 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2013/11/10 19:12:23 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2013/11/10 19:12:07 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2013/11/10 19:12:02 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2013/11/10 19:12:00 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2013/11/10 19:10:29 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2013/11/10 19:10:24 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2013/11/10 19:10:15 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2013/11/10 19:10:13 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2013/11/10 19:10:12 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2013/11/10 19:10:07 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2013/11/10 19:10:06 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2013/11/10 19:10:04 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2013/11/10 19:10:03 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2013/11/10 19:10:01 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2013/11/10 19:09:40 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2013/11/10 19:09:38 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2013/11/10 19:09:34 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2013/11/10 19:09:09 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2013/11/10 19:09:08 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2013/11/10 19:09:06 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2013/11/10 19:09:05 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2013/11/10 19:09:04 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2013/11/10 19:09:03 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2013/11/10 19:09:02 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2013/11/10 19:08:52 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2013/11/10 19:08:37 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2013/11/10 19:08:27 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2013/11/10 19:08:16 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2013/11/10 19:08:16 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2013/11/10 19:08:15 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2013/11/10 19:08:14 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2013/11/10 19:08:14 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2013/11/10 19:08:11 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2013/11/10 19:08:10 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2013/11/10 19:08:10 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2013/11/10 19:08:09 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2013/11/10 19:08:07 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2013/11/10 19:08:06 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2013/11/10 19:07:30 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2013/11/10 19:07:30 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2013/11/10 19:07:29 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2013/11/10 19:07:29 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2013/11/10 19:07:28 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2013/11/10 19:07:27 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2013/11/10 19:07:26 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2013/11/10 19:07:26 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2013/11/10 19:07:24 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2013/11/10 19:07:23 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2013/11/10 19:07:22 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2013/11/10 19:07:21 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2013/11/10 19:07:21 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2013/11/10 19:07:20 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2013/11/10 19:07:19 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2013/11/10 19:07:19 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2013/11/10 19:07:18 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2013/11/10 19:07:18 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2013/11/10 19:07:13 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2013/11/10 19:07:10 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2013/11/10 19:07:09 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2013/11/10 19:07:09 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2013/11/10 19:07:08 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2013/11/10 19:07:07 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2013/11/10 19:07:06 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2013/11/10 19:07:06 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2013/11/10 19:06:16 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2013/11/10 19:06:07 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2013/11/10 19:05:48 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2013/11/10 19:05:47 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2013/11/10 19:05:46 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2013/11/10 19:05:46 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2013/11/10 19:05:45 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2013/11/10 19:05:43 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2013/11/10 19:05:39 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2013/11/10 19:05:39 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2013/11/10 19:05:37 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2013/11/10 19:05:36 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2013/11/10 19:05:36 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2013/11/10 18:53:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sisavac\Desktop\OTL.exe
[2013/11/10 01:38:24 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/11/10 01:30:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013/11/10 01:25:37 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/11/10 01:24:31 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/11/10 01:24:31 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/11/10 01:24:31 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/11/10 01:24:31 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/11/10 01:24:23 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/11/10 01:24:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sisavac\My Documents\My Videos
[2013/11/10 01:24:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sisavac\Start Menu\Programs\Administrative Tools
[2013/11/10 01:24:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/11/10 01:18:30 | 005,145,633 | R--- | C] (Swearware) -- C:\Documents and Settings\Sisavac\Desktop\ComboFix.exe
[2013/11/10 00:53:01 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
[2013/11/10 00:53:01 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/11/09 14:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Application Data\Malwarebytes
[2013/11/09 14:33:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/11/09 14:33:13 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/11/09 14:33:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/11/09 12:22:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\PaketINivoPristupa
[2013/11/08 17:36:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Sisavac\Recent
[2013/11/08 15:10:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Interfejsi
[2013/11/08 11:59:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\PripremniZadaci
[2013/11/07 18:31:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Foxit Software
[2013/11/07 18:30:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Application Data\Foxit Software
[2013/11/07 18:30:41 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2013/11/07 16:53:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\NasledjivanjeKlasaObject
[2013/11/07 15:12:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Desktop\eclipse-java-juno-SR1-win32
[2013/11/07 10:04:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\NasledjivanjeApstraktneKlase
[2013/11/06 13:46:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Nasledjivanje
[2013/11/05 22:19:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Application Data\BSplayer PRO
[2013/11/05 22:19:24 | 000,000,000 | ---D | C] -- C:\Program Files\Webteh
[2013/11/04 23:35:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Zadatak8_2012
[2013/11/01 14:09:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Zadatak7_2012
[2013/10/31 22:35:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2013/10/30 22:35:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Zadatak6_2012
[2013/10/30 21:28:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Zadatak5_2012
[2013/10/30 19:05:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Zadatak4_2012
[2013/10/30 14:13:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Zadatak3_2012
[2013/10/29 16:15:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/10/29 15:36:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Zadatak2_2012
[2013/10/29 13:23:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Zadatak1_2012
[2013/10/29 12:29:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Zadatak8_2011
[2013/10/28 21:15:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Zadatak7_2011
[2013/10/26 19:17:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Zadatak6_2011
[2013/10/25 14:39:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Zadatak5_2011
[2013/10/25 13:40:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Zadatak4_2011
[2013/10/25 01:06:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Zadatak3_2011
[2013/10/24 23:54:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Application Data\SpeedyPC Software
[2013/10/24 23:54:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Application Data\DriverCure
[2013/10/24 23:52:39 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/10/24 23:49:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeedyPC Software
[2013/10/24 23:49:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Start Menu\Programs\SpeedyPC Software
[2013/10/24 23:49:25 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedyPC Software
[2013/10/24 23:49:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpeedyPC Software
[2013/10/24 17:32:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Zadatak2_2011
[2013/10/24 17:15:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Kolokvijum1_2012
[2013/10/24 17:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Kolokvijum1_2011
[2013/10/24 16:14:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Zadatak1_2011
[2013/10/24 12:48:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\OceneStudenata
[2013/10/24 11:24:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Avion
[2013/10/23 18:35:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\EditorTeksta
[2013/10/23 08:43:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Application Data\WinRAR
[2013/10/23 08:40:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2013/10/23 08:40:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Start Menu\Programs\WinRAR
[2013/10/23 08:40:45 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013/10/23 08:36:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Application Data\uTorrent
[2013/10/22 18:34:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\BrojacReci
[2013/10/22 17:25:02 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2013/10/22 17:25:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Application Data\Avant Downloader
[2013/10/22 17:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Application Data\Avant Profiles
[2013/10/22 17:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\Avant Browser
[2013/10/22 17:16:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Local Settings\Application Data\Sun
[2013/10/22 17:12:25 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Sisavac\PrivacIE
[2013/10/22 17:10:56 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Sisavac\IETldCache
[2013/10/22 17:09:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2013/10/22 17:08:46 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013/10/22 17:08:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2013/10/22 12:55:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\AnalizatorReciIRecenica
[2013/10/22 12:07:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\bluej
[2013/10/22 12:06:35 | 000,000,000 | ---D | C] -- C:\Program Files\BlueJ
[2013/10/22 12:06:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2013/10/22 12:06:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/10/22 12:05:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Java
[2013/10/22 12:04:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Java Development Kit
[2013/10/22 12:03:47 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/10/22 12:02:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Application Data\Sun
[2013/10/22 11:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013/10/22 11:13:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Start Menu\Programs\Google Chrome
[2013/10/22 11:13:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Local Settings\Application Data\Google
[2013/10/22 01:57:46 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2013/10/22 01:57:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2013/10/22 01:57:41 | 000,000,000 | R--D | C] -- C:\Program Files
[2013/10/22 01:57:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2013/10/22 01:57:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2013/10/22 01:57:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2013/10/22 01:57:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2013/10/22 01:57:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2013/10/22 01:57:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2013/10/22 01:57:10 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2013/10/22 01:57:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2013/10/22 01:57:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2013/10/22 01:56:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2013/10/22 01:56:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2013/10/22 01:56:48 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2013/10/22 01:56:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2013/10/22 01:56:20 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/10/22 01:56:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2013/10/22 01:46:16 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2013/10/22 01:46:16 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2013/10/22 01:46:16 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2013/10/22 01:46:16 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2013/10/22 01:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2013/10/22 01:00:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Application Data\Macromedia
[2013/10/22 01:00:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Application Data\Adobe
[2013/10/22 00:59:31 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Sisavac\UserData
[2013/10/22 00:58:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Local Settings\Application Data\Adobe
[2013/10/22 00:54:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Local Settings\Application Data\Opera Software
[2013/10/22 00:54:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Application Data\Opera Software
[2013/10/22 00:54:39 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2013/10/22 00:38:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2013/10/22 00:38:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA
[2013/10/22 00:37:39 | 000,065,536 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2013/10/22 00:35:32 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013/10/22 00:34:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\My Documents\Downloads
[2013/10/22 00:32:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Local Settings\Application Data\Mozilla
[2013/10/22 00:32:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Application Data\Mozilla
[2013/10/22 00:17:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2013/10/22 00:17:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2013/10/22 00:14:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Application Data\Identities
[2013/10/22 00:14:41 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2013/10/22 00:14:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sisavac\My Documents\My Pictures
[2013/10/22 00:14:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sisavac\My Documents\My Music
[2013/10/22 00:14:35 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Sisavac\Application Data\Microsoft
[2013/10/22 00:14:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Sisavac\SendTo
[2013/10/22 00:14:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Sisavac\Application Data
[2013/10/22 00:14:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sisavac\Start Menu\Programs\Startup
[2013/10/22 00:14:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sisavac\Start Menu
[2013/10/22 00:14:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sisavac\My Documents
[2013/10/22 00:14:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sisavac\Favorites
[2013/10/22 00:14:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sisavac\Start Menu\Programs\Accessories
[2013/10/22 00:14:35 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Sisavac\Cookies
[2013/10/22 00:14:35 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Sisavac\Templates
[2013/10/22 00:14:35 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Sisavac\PrintHood
[2013/10/22 00:14:35 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Sisavac\NetHood
[2013/10/22 00:14:35 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Sisavac\Local Settings
[2013/10/22 00:14:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Local Settings\Application Data\Microsoft
[2013/10/22 00:14:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sisavac\Desktop
[2013/10/22 00:13:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013/10/22 00:13:40 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2013/10/22 00:13:39 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2013/10/22 00:13:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2013/10/22 00:13:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2013/10/22 00:13:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2013/10/22 00:11:38 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2013/10/22 00:11:38 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2013/10/22 00:10:15 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2013/10/22 00:09:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2013/10/22 00:09:40 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2013/10/22 00:09:40 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2013/10/22 00:09:24 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2013/10/22 00:08:01 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2013/10/22 00:07:48 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2013/10/22 00:07:48 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2013/10/22 00:07:37 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2013/10/22 00:07:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2013/10/22 00:06:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2013/10/22 00:06:26 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2013/10/22 00:06:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2013/10/22 00:06:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2013/10/22 00:06:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2013/10/22 00:06:09 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2013/10/22 00:06:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2013/10/22 00:05:55 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2013/10/22 00:05:52 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2013/10/22 00:05:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2013/10/22 00:05:39 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2013/10/22 00:05:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2013/10/22 00:05:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2013/10/22 00:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2013/10/22 00:04:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2013/10/22 00:04:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2013/10/22 00:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2013/10/22 00:04:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2013/10/22 00:04:41 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2013/10/22 00:04:35 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2013/10/22 00:04:30 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2013/10/22 00:03:41 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2013/10/22 00:03:39 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2013/10/22 00:03:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2013/10/22 00:03:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2013/10/22 00:03:19 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2013/10/22 00:02:55 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/11/15 19:26:55 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Sisavac\Desktop\MBR.dat
[2013/11/15 19:08:46 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Sisavac\Desktop\aswmbr.exe
[2013/11/15 15:46:21 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/11/15 15:46:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/11/15 10:36:15 | 000,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/11/15 10:36:15 | 000,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/11/15 10:35:38 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013/11/15 10:33:37 | 000,091,888 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/11/15 10:32:18 | 000,002,711 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/11/15 10:25:02 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2013/11/13 19:08:38 | 000,086,100 | ---- | M] () -- C:\Documents and Settings\Sisavac\Desktop\r6002 error.PNG
[2013/11/13 19:05:20 | 000,067,976 | ---- | M] () -- C:\Documents and Settings\Sisavac\Desktop\processes.PNG
[2013/11/13 18:58:35 | 004,009,167 | ---- | M] () -- C:\Documents and Settings\Sisavac\Desktop\ServicesRepair.exe
[2013/11/12 23:21:48 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013/11/12 23:01:30 | 000,001,002 | ---- | M] () -- C:\Documents and Settings\Sisavac\Desktop\Dropbox.lnk
[2013/11/12 22:58:28 | 035,483,528 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Sisavac\Desktop\Dropbox 2.5.35.exe
[2013/11/12 22:09:43 | 000,360,775 | ---- | M] (Farbar) -- C:\Documents and Settings\Sisavac\Desktop\FSS.exe
[2013/11/12 22:06:53 | 000,171,344 | ---- | M] (Kaspersky Lab) -- C:\kidokiller.exe
[2013/11/12 19:22:08 | 000,164,134 | ---- | M] () -- C:\Documents and Settings\Sisavac\Desktop\salitykiller (1).zip
[2013/11/12 15:47:16 | 000,006,396 | ---- | M] () -- C:\sality_regkeys.zip
[2013/11/12 15:47:16 | 000,006,396 | ---- | M] () -- C:\Documents and Settings\Sisavac\Desktop\sality_regkeys.zip
[2013/11/12 15:42:45 | 000,164,134 | ---- | M] () -- C:\Documents and Settings\Sisavac\Desktop\salitykiller.zip
[2013/11/12 15:33:51 | 005,145,633 | R--- | M] (Swearware) -- C:\Documents and Settings\Sisavac\Desktop\ComboFix.exe
[2013/11/12 15:31:09 | 000,164,134 | ---- | M] () -- C:\salitykiller.zip
[2013/11/10 18:53:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sisavac\Desktop\OTL.exe
[2013/11/10 02:29:17 | 001,390,861 | ---- | M] () -- C:\Documents and Settings\Sisavac\Desktop\HiJackThis.msi.part
[2013/11/10 01:31:46 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/11/09 14:33:15 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/05 22:25:39 | 000,000,716 | ---- | M] () -- C:\Documents and Settings\Sisavac\Desktop\Shortcut to bsplayer.exe.lnk
[2013/10/24 23:49:28 | 000,000,854 | ---- | M] () -- C:\Documents and Settings\Sisavac\Desktop\SpeedyPC Pro.lnk
[2013/10/24 17:10:04 | 000,000,554 | ---- | M] () -- C:\0
[2013/10/23 17:20:36 | 000,000,884 | RHS- | M] () -- C:\Documents and Settings\Sisavac\ntuser.pol
[2013/10/23 08:37:38 | 000,000,836 | ---- | M] () -- C:\Documents and Settings\Sisavac\Desktop\µTorrent.lnk
[2013/10/22 17:24:56 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avant Browser.lnk
[2013/10/22 17:10:58 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Sisavac\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/10/22 12:06:38 | 000,001,666 | ---- | M] () -- C:\Documents and Settings\Sisavac\Desktop\BlueJ.lnk
[2013/10/22 11:13:25 | 000,002,300 | ---- | M] () -- C:\Documents and Settings\Sisavac\Desktop\Google Chrome.lnk
[2013/10/22 11:13:25 | 000,002,278 | ---- | M] () -- C:\Documents and Settings\Sisavac\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/10/22 00:54:41 | 000,000,669 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2013/10/22 00:37:39 | 001,072,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013/10/22 00:37:39 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013/10/22 00:37:33 | 001,072,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013/10/22 00:37:33 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2013/10/22 00:32:15 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/10/22 00:16:26 | 000,003,265 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini
[2013/10/22 00:14:49 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Sisavac\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2013/10/22 00:12:20 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013/10/22 00:09:09 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/10/22 00:09:09 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013/10/22 00:09:09 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013/10/22 00:09:09 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2013/10/22 00:09:09 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2013/10/22 00:09:00 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013/10/22 00:09:00 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013/10/22 00:08:48 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2013/10/22 00:05:14 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013/10/22 00:02:23 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/11/15 19:26:55 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Sisavac\Desktop\MBR.dat
[2013/11/15 10:30:29 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2013/11/15 10:30:29 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2013/11/15 10:30:29 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2013/11/15 10:30:29 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2013/11/15 10:30:29 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2013/11/15 10:30:29 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2013/11/15 10:30:29 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2013/11/15 10:30:29 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2013/11/15 10:30:28 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2013/11/15 10:30:28 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2013/11/15 10:30:28 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2013/11/15 10:30:28 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2013/11/15 10:30:28 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2013/11/15 10:30:28 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2013/11/15 10:30:28 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2013/11/15 10:30:28 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2013/11/15 10:30:28 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2013/11/15 10:30:28 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2013/11/15 10:30:28 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2013/11/15 10:30:28 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2013/11/15 10:30:28 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2013/11/15 10:30:28 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2013/11/15 10:30:28 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2013/11/15 10:30:28 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2013/11/15 10:30:28 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2013/11/15 10:30:28 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2013/11/15 10:30:28 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2013/11/15 10:30:28 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2013/11/15 10:30:28 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2013/11/15 10:30:28 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2013/11/15 10:30:27 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2013/11/15 10:30:27 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2013/11/15 10:30:27 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2013/11/15 10:30:27 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2013/11/15 10:30:27 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2013/11/15 10:30:27 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2013/11/15 10:30:27 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2013/11/15 10:30:27 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2013/11/15 10:30:27 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2013/11/15 10:30:27 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2013/11/15 10:30:27 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2013/11/15 10:30:27 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2013/11/15 10:30:27 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2013/11/15 10:30:27 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2013/11/15 10:30:27 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2013/11/15 10:30:27 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2013/11/15 10:30:27 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2013/11/15 10:30:27 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2013/11/15 10:30:27 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2013/11/15 10:30:27 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2013/11/15 10:30:27 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2013/11/15 10:30:27 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2013/11/15 10:30:27 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2013/11/15 10:30:27 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2013/11/15 10:30:27 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2013/11/15 10:30:27 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2013/11/15 10:30:27 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2013/11/15 10:30:27 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2013/11/15 10:30:27 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2013/11/15 10:30:27 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2013/11/15 10:30:27 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2013/11/15 10:30:27 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2013/11/15 10:30:27 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2013/11/15 10:30:27 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2013/11/15 10:30:26 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2013/11/15 10:30:26 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2013/11/15 10:30:26 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2013/11/15 10:30:26 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2013/11/15 10:30:26 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2013/11/15 10:30:26 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2013/11/15 10:30:26 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2013/11/15 10:30:26 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2013/11/15 10:30:26 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2013/11/15 10:30:26 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2013/11/15 10:30:26 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2013/11/15 10:30:26 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2013/11/15 10:30:26 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2013/11/15 10:30:26 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2013/11/15 10:30:26 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2013/11/15 10:30:26 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2013/11/15 10:25:22 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2013/11/15 10:25:22 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2013/11/15 10:25:20 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2013/11/15 10:23:31 | 000,002,711 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013/11/13 19:08:38 | 000,086,100 | ---- | C] () -- C:\Documents and Settings\Sisavac\Desktop\r6002 error.PNG
[2013/11/13 19:05:20 | 000,067,976 | ---- | C] () -- C:\Documents and Settings\Sisavac\Desktop\processes.PNG
[2013/11/13 18:58:24 | 004,009,167 | ---- | C] () -- C:\Documents and Settings\Sisavac\Desktop\ServicesRepair.exe
[2013/11/12 23:01:30 | 000,001,002 | ---- | C] () -- C:\Documents and Settings\Sisavac\Desktop\Dropbox.lnk
[2013/11/12 19:22:07 | 000,164,134 | ---- | C] () -- C:\Documents and Settings\Sisavac\Desktop\salitykiller (1).zip
[2013/11/12 15:47:57 | 000,006,396 | ---- | C] () -- C:\sality_regkeys.zip
[2013/11/12 15:47:14 | 000,006,396 | ---- | C] () -- C:\Documents and Settings\Sisavac\Desktop\sality_regkeys.zip
[2013/11/12 15:42:45 | 000,164,134 | ---- | C] () -- C:\Documents and Settings\Sisavac\Desktop\salitykiller.zip
[2013/11/12 15:31:03 | 000,164,134 | ---- | C] () -- C:\salitykiller.zip
[2013/11/10 19:38:01 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2013/11/10 19:13:53 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2013/11/10 19:13:48 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2013/11/10 19:13:43 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2013/11/10 19:13:38 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2013/11/10 19:13:32 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2013/11/10 19:10:11 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2013/11/10 19:10:09 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2013/11/10 19:10:08 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2013/11/10 19:06:55 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2013/11/10 19:06:54 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2013/11/10 19:06:52 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2013/11/10 19:06:49 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2013/11/10 19:06:48 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2013/11/10 19:06:48 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2013/11/10 19:06:47 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2013/11/10 19:06:47 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2013/11/10 19:06:45 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2013/11/10 19:06:31 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2013/11/10 02:24:01 | 001,390,861 | ---- | C] () -- C:\Documents and Settings\Sisavac\Desktop\HiJackThis.msi.part
[2013/11/10 01:25:42 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013/11/10 01:25:39 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2013/11/10 01:24:31 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/11/10 01:24:31 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/11/10 01:24:31 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/11/10 01:24:31 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/11/10 01:24:31 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/11/09 14:33:15 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/05 22:25:39 | 000,000,716 | ---- | C] () -- C:\Documents and Settings\Sisavac\Desktop\Shortcut to bsplayer.exe.lnk
[2013/10/24 23:50:28 | 000,000,554 | ---- | C] () -- C:\0
[2013/10/24 23:49:28 | 000,000,854 | ---- | C] () -- C:\Documents and Settings\Sisavac\Desktop\SpeedyPC Pro.lnk
[2013/10/23 08:37:38 | 000,000,836 | ---- | C] () -- C:\Documents and Settings\Sisavac\Desktop\µTorrent.lnk
[2013/10/22 17:25:05 | 000,000,884 | RHS- | C] () -- C:\Documents and Settings\Sisavac\ntuser.pol
[2013/10/22 17:24:56 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avant Browser.lnk
[2013/10/22 12:06:38 | 000,001,666 | ---- | C] () -- C:\Documents and Settings\Sisavac\Desktop\BlueJ.lnk
[2013/10/22 11:13:25 | 000,002,300 | ---- | C] () -- C:\Documents and Settings\Sisavac\Desktop\Google Chrome.lnk
[2013/10/22 11:13:25 | 000,002,278 | ---- | C] () -- C:\Documents and Settings\Sisavac\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/10/22 01:57:45 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013/10/22 01:57:42 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2013/10/22 01:57:42 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2013/10/22 01:57:42 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2013/10/22 01:57:41 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2013/10/22 01:57:22 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2013/10/22 01:57:08 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013/10/22 01:57:08 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013/10/22 01:57:08 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2013/10/22 01:57:08 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013/10/22 01:57:08 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013/10/22 01:57:08 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2013/10/22 01:57:08 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2013/10/22 01:57:07 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2013/10/22 01:56:19 | 000,091,888 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/10/22 01:54:13 | 000,000,327 | RHS- | C] () -- C:\boot.ini
[2013/10/22 01:54:08 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2013/10/22 00:54:41 | 000,000,669 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2013/10/22 00:37:33 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013/10/22 00:37:33 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013/10/22 00:37:33 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013/10/22 00:37:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2013/10/22 00:37:18 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2013/10/22 00:37:18 | 000,015,449 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2013/10/22 00:32:15 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/10/22 00:17:31 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\drivers\jedih2rx.bin
[2013/10/22 00:17:31 | 000,000,122 | R--- | C] () -- C:\WINDOWS\System32\drivers\ramsed.bin
[2013/10/22 00:17:31 | 000,000,042 | R--- | C] () -- C:\WINDOWS\System32\drivers\jedireg.pat
[2013/10/22 00:16:25 | 000,003,265 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2013/10/22 00:16:18 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2013/10/22 00:14:49 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Sisavac\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2013/10/22 00:14:43 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Sisavac\Start Menu\Programs\Outlook Express.lnk
[2013/10/22 00:14:41 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Sisavac\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/10/22 00:14:41 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Sisavac\Start Menu\Programs\Internet Explorer.lnk
[2013/10/22 00:14:35 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Sisavac\Start Menu\Programs\Remote Assistance.lnk
[2013/10/22 00:14:35 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Sisavac\Start Menu\Programs\Windows Media Player.lnk
[2013/10/22 00:12:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/10/22 00:11:31 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2013/10/22 00:11:10 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2013/10/22 00:11:01 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2013/10/22 00:11:00 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2013/10/22 00:10:57 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2013/10/22 00:10:46 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2013/10/22 00:10:36 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2013/10/22 00:10:19 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2013/10/22 00:09:09 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/10/22 00:09:09 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2013/10/22 00:09:09 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013/10/22 00:09:09 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2013/10/22 00:09:09 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2013/10/22 00:09:00 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2013/10/22 00:09:00 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2013/10/22 00:08:58 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2013/10/22 00:07:36 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2013/10/22 00:07:21 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2013/10/22 00:06:42 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2013/10/22 00:06:42 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2013/10/22 00:06:32 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2013/10/22 00:05:16 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2013/10/22 00:05:14 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013/10/22 00:04:42 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2013/10/22 00:04:09 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2013/10/22 00:04:09 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2013/10/22 00:04:09 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2013/10/22 00:04:09 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2013/10/22 00:04:09 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2013/10/22 00:04:08 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2013/10/22 00:04:08 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2013/10/22 00:04:08 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2013/10/22 00:04:08 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2013/10/22 00:04:08 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2013/10/22 00:04:08 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2013/10/22 00:04:04 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2013/10/22 00:04:04 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2013/10/22 00:04:02 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2013/10/22 00:03:53 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2008/04/14 05:41:54 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/11/10 00:53:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/10/24 23:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedyPC Software
[2013/11/10 00:53:01 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
[2013/11/07 18:31:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Foxit Software
[2013/10/22 17:25:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sisavac\Application Data\Avant Downloader
[2013/11/06 00:34:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sisavac\Application Data\BSplayer PRO
[2013/10/24 23:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sisavac\Application Data\DriverCure
[2013/11/12 23:02:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sisavac\Application Data\Dropbox
[2013/11/12 23:01:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sisavac\Application Data\DropboxMaster
[2013/11/07 18:31:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sisavac\Application Data\Foxit Software
[2013/10/22 00:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sisavac\Application Data\Opera Software
[2013/10/24 23:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sisavac\Application Data\SpeedyPC Software
[2013/11/10 00:58:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sisavac\Application Data\uTorrent

========== Purity Check ==========



========== Custom Scans ==========

< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C has no label.
Volume Serial Number is 7C19-A8D9

< End of report >
  • 0

#22
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Is Svchost still running wild?

What happens when you visit windowsupdate.microsoft.com?
  • 0

#23
fartuditu

fartuditu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
svchost is acting up, yes. After startup, i need to end that that process, since it takes 100% processor, even some 10 minutes later. Right now i have 6 svchost.exe running, compared to usual 5 that i'm used to see. Also during startup, i lose explorer.exe i think, and then it reappears.

http://i.imgur.com/mo2AUeY.png

When i go to said microsoft page, i get redirected to this:

http://www.update.mi...n&&thankspage=5

I thought it was because Microsoft decided to remove Windows xp from further support somewhere during the next year.

I noticed i can't open volume control

http://i.imgur.com/XYMfjCQ.png

So basically i have no sound, which might be part of functionality of this instance of svchost that i turn off at startup.
  • 0

#24
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Ok. I don't think this is being caused by malware. Let's see if we can troubleshoot it. Follow these steps:

  • Reboot your computer so that the troublesome svchost is running again.
  • In the Task Manager, select View >> Select Columns and add the PID column to the view.
  • Take note of the PID for the troublesome svchost.exe, but don't stop it.
  • Open a command prompt, and type the following command:
tasklist /SVC /FI "IMAGENAME eq svchost.exe"
  • Find the troublesome svchost using its PID and write down for me the names of the services loaded under it.
Then,


Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Also, please take a screenshot of the windows updates webpage, as my browser redirects me to something different.
  • 0

#25
fartuditu

fartuditu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Troublesome svchost has PID number 1056 and here's the list of services loaded under it:


AudioSrv, CryptSvc, Dhcp, dmserver, EventSystem, lanmanserver, Netman, Nla, RasMan, Schedule, seclogon, SENS,

SharedAccess, ShellHWDetection, srservice, TapiSrv, TrkWks, W32Time, winmgmt, wscsvc, wuauserv


Here's the look of redirected update.microsoft page that i get:

http://i.imgur.com/sHRPAvq.png

I did all while running svchost.exe which consumes 100% processor, after i rebooted, as you instructed. I will now turn that process off so that i can use pc normally, until i get further instructions.

Here's the log from MiniToolBox:






MiniToolBox by Farbar Version: 13-07-2013
Ran by Sisavac (administrator) on 16-11-2013 at 15:03:11
Running from "C:\Documents and Settings\Sisavac\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/09/2013 11:02:42 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: The server name or address could not be resolved

Error: (11/09/2013 09:56:42 PM) (Source: Application Error) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.2180, faulting module , version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [explorer.exe!ws!]

Error: (11/09/2013 05:15:44 PM) (Source: Application Error) (User: )
Description: Faulting application chrome.exe, version 14.0.835.187, faulting module , version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [chrome.exe!ws!]

Error: (11/09/2013 02:31:13 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: The server name or address could not be resolved

Error: (11/09/2013 01:03:55 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: The server name or address could not be resolved

Error: (11/09/2013 01:03:26 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: The server name or address could not be resolved

Error: (11/09/2013 00:55:58 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: The server name or address could not be resolved

Error: (11/08/2013 05:37:41 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Error: (11/08/2013 05:37:41 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: The server name or address could not be resolved

Error: (11/08/2013 05:37:09 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.


System errors:
=============
Error: (11/15/2013 09:00:17 PM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\Documents and Settings\Sisavac\Application Data\Dropbox\bin\DropboxExt.22.dll.
Reference error message: The operation completed successfully.
.

Error: (11/15/2013 09:00:17 PM) (Source: SideBySide) (User: )
Description: Syntax error in manifest or policy file "The manifest file contains one or more syntax errors.
1" on line The manifest file contains one or more syntax errors.
2.

Error: (11/15/2013 09:00:17 PM) (Source: SideBySide) (User: )
Description: Component identity found in manifest does not match the identity of the component requested

Error: (11/15/2013 08:32:13 PM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\Documents and Settings\Sisavac\Application Data\Dropbox\bin\DropboxExt.22.dll.
Reference error message: The operation completed successfully.
.

Error: (11/15/2013 08:32:13 PM) (Source: SideBySide) (User: )
Description: Syntax error in manifest or policy file "The manifest file contains one or more syntax errors.
1" on line The manifest file contains one or more syntax errors.
2.

Error: (11/15/2013 08:32:13 PM) (Source: SideBySide) (User: )
Description: Component identity found in manifest does not match the identity of the component requested

Error: (11/15/2013 08:32:04 PM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\Documents and Settings\Sisavac\Application Data\Dropbox\bin\DropboxExt.22.dll.
Reference error message: The operation completed successfully.
.

Error: (11/15/2013 08:32:04 PM) (Source: SideBySide) (User: )
Description: Syntax error in manifest or policy file "The manifest file contains one or more syntax errors.
1" on line The manifest file contains one or more syntax errors.
2.

Error: (11/15/2013 08:32:04 PM) (Source: SideBySide) (User: )
Description: Component identity found in manifest does not match the identity of the component requested

Error: (11/15/2013 07:46:52 PM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\Documents and Settings\Sisavac\Application Data\Dropbox\bin\DropboxExt.22.dll.
Reference error message: The operation completed successfully.
.


Microsoft Office Sessions:
=========================
Error: (11/09/2013 11:02:42 PM) (Source: crypt32)(User: )
Description: http://www.download....hrootseq.txtThe server name or address could not be resolved

Error: (11/09/2013 09:56:42 PM) (Source: Application Error)(User: )
Description: explorer.exe6.0.2900.21800.0.0.000000000

Error: (11/09/2013 05:15:44 PM) (Source: Application Error)(User: )
Description: chrome.exe14.0.835.1870.0.0.000000000

Error: (11/09/2013 02:31:13 PM) (Source: crypt32)(User: )
Description: http://www.download....hrootseq.txtThe server name or address could not be resolved

Error: (11/09/2013 01:03:55 AM) (Source: crypt32)(User: )
Description: http://www.download....hrootseq.txtThe server name or address could not be resolved

Error: (11/09/2013 01:03:26 AM) (Source: crypt32)(User: )
Description: http://www.download....hrootseq.txtThe server name or address could not be resolved

Error: (11/09/2013 00:55:58 AM) (Source: crypt32)(User: )
Description: http://www.download....hrootseq.txtThe server name or address could not be resolved

Error: (11/08/2013 05:37:41 PM) (Source: crypt32)(User: )
Description: http://www.download....rootseq.txtThis network connection does not exist.

Error: (11/08/2013 05:37:41 PM) (Source: crypt32)(User: )
Description: http://www.download....hrootseq.txtThe server name or address could not be resolved

Error: (11/08/2013 05:37:09 PM) (Source: crypt32)(User: )
Description: http://www.download....rootseq.txtThis network connection does not exist.


=========================== Installed Programs ============================

µTorrent (Version: 3.3.2.30180)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Avant Browser (remove only) (Version: 12.5.0.0)
BlueJ (Version: 3.1.0)
BS.Player PRO (Version: 2.65.1074)
CCleaner (Version: 4.07)
CloudReading (Version: 1.0.27.1025)
Dropbox (Version: 2.5.35)
Foxit Reader (Version: 6.1.1.1031)
Google Chrome (Version: 14.0.835.187)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Java SE Development Kit 7 Update 45 (Version: 1.7.0.450)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Mozilla Firefox 24.0 (x86 en-US) (Version: 24.0)
NVIDIA Control Panel 307.83 (Version: 307.83)
NVIDIA Graphics Driver 307.83 (Version: 307.83)
NVIDIA Install Application (Version: 2.1002.109.706)
NVIDIA nView 136.53 (Version: 136.53)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
NVIDIA Windows 2000/XP nForce Drivers
Opera Stable 17.0.1241.53 (Version: 17.0.1241.53)
WebFldrs XP (Version: 9.50.7523)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR 5.00 (32-bit) (Version: 5.00.0)

========================= Devices: ================================

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Floppy disk drive
Description: Floppy disk drive
Class Guid: {4D36E980-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard floppy disk drives)
Service: flpydisk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 62%
Total physical RAM: 1023.48 MB
Available physical RAM: 388.2 MB
Total Pagefile: 2462.27 MB
Available Pagefile: 1904.91 MB
Total Virtual: 2047.88 MB
Available Virtual: 1967.7 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:25 GB) (Free:15.88 GB) NTFS
2 Drive d: () (Fixed) (Total:51.32 GB) (Free:44.49 GB) NTFS

========================= Users: ========================================

User accounts for \\

Administrator Guest HelpAssistant
Sisavac SUPPORT_388945a0 UpdatusUser

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
  • 0

Advertisements


#26
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Just a quick reply. Could you please try going to the update website with Internet Explorer and tell me what happens.

We will troubleshoot svchost later.
  • 0

#27
fartuditu

fartuditu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Ah it works with ie i suppose! I was sure i tried going to that page with ie, but obviously i didn't; thanks for mentioning. I get this page:

http://www.update.mi...t.aspx?ln=en-us



Please let me know if i should do express or custom downloads.
  • 0

#28
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
You can do custom. Make sure to choose all of the important and critical updates, optional ones are up to you.
  • 0

#29
fartuditu

fartuditu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
I'm not sure if anything is happening, i left my pc for couple of hours to dl the updates but i think nothing happened. At first i tried to download custom, but after several minutes i decided i'll restart the pc and retry. After few tries i opted for express and left the pc for hours, but nothing. During the process i turned off svchost, since it consumes cpu power, but after leaving pc to download it just reappears itself.

http://i.imgur.com/9YDGteE.png

Here's the windows log again, maybe it will help a bit.

https://www.dropbox....ndowsUpdate.log


I tried restarting the pc and going to windows update page with ie again, but without turning off svchost - still nothing. Besides two options of express and custom update, on that page i have third i didn't try:

http://i.imgur.com/IMqJU6e.png
http://i.imgur.com/IzSBkPZ.png

Also, after i turn off svchost, it reappears coupled with wmipvrse.exe, and if i turn it off again, wmipvrse turns off too. PID is different for svchost each time i think.
  • 0

#30
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
I think the updates and svchost are linked. Let's go for easy first:

Go to here and run the fixit for XP. Then try updating again.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP