Премини към съдържанието

adasha

Потребител
  • Публикации

    220
  • Регистрация

  • Последно онлайн

Всичко публикувано от adasha

  1. Здравейте, от няколко дена съм с посочения клок, но има нещо което ме смущава. От време на време компютърът ми се изключва (все едно е спрял тока), без значение в натоварен или не режим. По пътя на логиката мисля че проблем прави захранването. Не е от температурите (сложих по-добро охлаждане, в момента с еверест показва до 54 градуса на процесора, а с всички останали програмки под 48 градуса, при макс.натоварване), не мисля че е от рама, защото го прави и при отсъствие на клок на паметта. В тази връзка ви моля да препоръчате захранване, да кажем до 50 лв, да подържа посочената клокната система + евентуално ново видео от сорта на радеон 4650 (или друга средняшка карта). Благодаря и поздрави!
  2. Здравейте, от снощи съм 13 х 230 и 850 мхц памет. Всичко изглежда нормално. Мисля че процесора може и малко повече, но с оглед захранването и охлаждането му е добре да има малко резерв. Сега ме интересува какво мислите за за паметта, а именно: Към момента е безпроблемна на 425 (пусната на 400). При условие че не прави проблеми въпреки клока, необходимо ли е да се пипат таймингите и волтажите, т.е. има ли какво още да изтискаме от нея. И друг въпрос, според Еверест Хипертранспорта е 918, губя ли нещо че не е малко по висока (нормално е 1000). Благодаря Ви предварително! ПОЗДРАВИ
  3. Ок, мерси за мнението!
  4. Системата е стабилна и при третия вариант - шина 230 х13, рам памет 800 (с клока 850) С въпросната програма, след около 5 мин работа (така ми изписа) ми изключи второто ядро, даде съобщение за някаква грешка, температурата не помня точно но може би 70+, а другото ядро профдължи да се тества. Пробвах за малко и без клок да я пусна, не даде никакаква грешка, но работеше при 70-80 градуса (източник Еверест). При другите нпрограме нямам такива проблеми. При 13 х 234 е стабилно (не си ме разбрал), но слязох 13 х 240, 13 х 238, на 236 работеше при тестовете но направи някакъв рестарт в покой и не ми хареса, пък и нали слизаме 1 под макса и така 13 х 234. P.P. Картинката e последния стабилен вариант. Волтажа е на Normal - не разбирам и не пипам, освен ако не следвам напътствия на некой дето знае какво прави. Иначе има и ръчно повдигане на стъпки. Нормал е най ниската стъпка.
  5. Вече съм го изключил.
  6. Благодаря за инфото! Скаква Рам беше и на колко се пускаше на ауто помниш ли. Интересува ме с температурите проблеми имал ли си и изобщо какви температури правеше процесора. ПОЗДРАВИ
  7. Здравейте отново, щях да пиша по рано но имах малко проблеми с температурите. Май за 2,5 г. пастата на процесора се беше поскапала, че като хвръкнаха едни температури. Наложи ми се и да сложа допъкнително вентилаторче (140 мм от един марков П3) да вкарва отдолу - отпред и обдухва радиаторите на ВК (пасивно охлаждане) и дъното, и едно китайско за два лева да вади поток (отзад, горе, под захранването). В резултат мисля че имам стабини разултати на два варианта клок: 1. Шина процесор 250, множител 12 - честота 3000, ХТ 1000 (х4), рам 374 (748) - този ми се получи и потвърди най - лесно, всмисъл създава ми субективно впечатление че е най - стабилен. Може би Мики Маус и КМ Василев имат право с теорията си за половинките и закръглянето при АМД ...... Малко ме притеснява високата шина (+25%) - но факт системата е относително стабилна. 2. Шина 234, множител 13, честота на процесора 3034, ХТ 934 (х4), шина памет 379 - при този вариант целях да постигна честота около 3100, памет около 400 (800) и ХТ около 950 - но уви, колегите с предложение 230/13 се оказаха прави - стабилност има макс на 234. Прави бяха и за директна атака с рам 800 - компа пали и смятам да изпитам и този вариант. Дори в момента го правя 230 х 13 с Рам 800 - нямам окончателни резултати. Като че ли като производителност между трите варианта няма кой знае каква разлика. Вие какво мислите? Искам да попитам и за температурите, значи процесора достига до 50 - 52 градуса мах, отделните ядра до 64 градуса (това според Еверест), тествам с Hot CPU Tester Pro 4 (lite edition). Имам и една друга - Prime95 25.6, която имам чувството ако я оставя да работи, с клок или без ще направи пожар. Забранил съм и да се доближава до машината, Та мисълта ми е че в никакъв случай компа ми не би я издържал - като температури .... Това фатално ли е? За сега толкоз, ПОЗДРАВИ!
  8. Здравейте, както обещах качвам първи резултати от опита за клок. Направих шина 250 и процесор около 3000, малко не съм наясно как (какво) да търся по нататък от свалянето таймингите на рама, който свалих като честота до минимум (както посъветва Мики Маус). Но дотогава има време - трябва да видя доколко е стабилен компа. Засега открих че дъното се позагря до 62 градуса и се нормализира на 59 (то си е горещичко по принцип) и може би ще трябва да си сложа някой по - големичък системен вентилатор. Иначе всичко изглежда наред. Прилагам една картинка. ПОЗДРАВИ
  9. Хей Мики, току що сглоби пъзела. Направо с Ctrl + F1 се отвориха опциите на чипсета (за мен беше като "сезам отвори се") и ми се запълниха голяма част от празнините. Изобщо трябва ми малко време да усмисля новата ситуация, но в общи линии смятам да ползвам указанията ти. Може би ще ги изпълня на по - малки крачки. Страхотни благодарности. Ако се сетите нещо друго, което ви се стори важно - пишете. Аз ще ви държа в течение за резултата.. Поздрави!
  10. Драги КМВасилев,мисля че вече ти писах че прочетох доста теми преди да се захвана. Също така ти обясних, че нищо не разбирам от клок, но това не може да бъде причина да не почета, да се ПОСЪВЕТВАМ с някой и да пробвам да го направя. За съжаление обаче, за теб конкретиката не съществува, и вероятно заблуден в собствената си значимост (респективно незначителност) вадиш вода от десет кладенеца - правиш оценка кой какъв труд е положил (или не е), правиш някакви вмятания за стария човек (или за паметта му, които не само че не разбирам а и си мисля че искаш да "премериш" нещо с нещото на някой друг) , откриваш "бъзик" и "сърказъм", мяташ примерчета наляво и на дясно (разбира се най-общи), което съвсем не кореспондира със строго "специфичната дейност" на конкретната машина. Обяснил съм достатъчно ясно че според мен лимитираща се явава хипертранспорт честотата, защото не зная как дая я върна - мисля си че биосът ми не ми позволява да върна онзи множител (или делител) с който да запазя хипертранспорта около 1000, рамта на 400 и по - ниска, и да вдигам само шината на процесора, а от там честотата на процесора, с което да спечеля бързодействие на цялата система. При положение че не съм го правил и не зная дали съм на прав път, потърсих тази дискусия - за точно конкретния случай. Именно затова подобни "йезуитски" напътствия, напудрени с патос на начинаещ юрист не могат да ми послужат. И уверявам те, без всякакъв сарказъм ти благодаря че започна да пишеш ника ми с главна буква. Поздрави! Разбирам че това е марката на RAM паметта. Това добре ли е или не . .?
  11. Здрасти, някак си изчетох сума ти теми преди да да започна изобщо. Просто толкова разбирам от клок или такива опции позволява дъното (за забележката за рама). В случая използвам това че с този процесор рамта работи на по ниска от дефолтната честота. За съжаление с "изявата" си не ми не ми помагаш по никакъв начин .... Или пробвай да отговориш нещо конкретно ......!? Здравей и благодаря за навременния и конкретен отговор. Захранването ми е 400 вата, а на кутията му пише APX - 400 (предполагам това е марката и модела). А марката на РАМА не се вижда без да спра компа - вижда се накакъв надпис подобен на този от репорта на Евереста TakeMS TMS1GB264C081805AE ..... Ако кажеш как да я разбера го правя. ПОЗДРАВИ
  12. Здравейте, прцесора ми е Атлон64 х2 5000+, дъното Gigabyte GA-M56S-S3,Рам 2 х 1г ддр2 800, видео Нвидиа 9400 ГТ. Имам няколко въпроса относно клок. Та значи, направил съм частичен клок - приложил съм два репорта (от Еверест и ЦПУ-З). Клокнал съм само шината на процесора (200-212), множителя на процесора е на ауто (5-13), PCI съм задал ръчно на 101. Освен тези опции имам само волтажи - не съм ги пипал. Въпросът ми е фатално ли е и ако да - до колко, това че хипер транспорт честотата ми е 1061 (нормално 1000), и мога ли още малко да клокна - да направя шината на рама на 400 (сега394), т.е хипер транспорта ще стане още малко по-висок? Температурите според мен са нормални и не ме притесняват. Прилагам линк за два репорта - на еверест и цпу - з. http://rapidshare.com/files/376091040/Report.zip.html Благодаря предварително за коментарите и препоръките ви!
  13. Здрасти, това за TTL е вече история, или поне в Комнет Бургас. Вярно до скоро го правеха, при това в двете посоки, но вече няма ..... ПОЗДРАВИ
  14. Здравейте, имам следния странен проблем с една стара система. При стартиране на компютъра, ако кабела от монитора е вкаран във видеокарта, монитора не получава никакъв сигнал от PC т.е. няма видео. Съответно ако при страртиране на системата кабела е измъкнат, а се вкара след 10-15 секунди - проблемът не съществува. Пробвано е с няколко монитора, няма външни белези по букси и дъното на компа. Системата е със следните параметри: - Дъно Asus A8M2N-LA (няма нищо общо с Асус а е някакъв хибрид HP - COMPAQ), видеото е вградено на NVIDiA - Процесор Атлон 3500+ (2200) - Рам 2 х 256 MB DDR2-533 SDRAM - Твърд Диск SAMSUNG HD160JJ/P (160 GB, 7200 RPM, SATA-II) До момента съм направил следното - преинсталирах ОС до XP SP3, всички драйвери работят коректно, ресетнах биоса съгласно инструкциите на страницата на дъното (без пронмяна), флашнах Биоса (със същата версия поради лиса на нова) - коректно но без промяна. Вече почнах да си представям че при начално зареждане и тестване на дъното, то очаква монитора да се представи (инициализира)по определен начин, и ако това не се получи . . . няма видео (според вас възможнно ли е да има такава измишльотина на HP - CompaQ). И обратно - като включа по късно кабела - плъг енд плей (или нещо такова) и всичко заработва. Иначе в момента като се изключи този проблем, системата се държи и работи коректно. С оглед наличието на PCI-E слот, подръжка на Атлон x2 процесори и ддр2 РАМ - собственикът му (студент) може да изкара някоя и друга година, докато събере парички за нова конфигурация. Само дето не знам колко пъти може да се вкарва и изкарва кабела на видеото докато нещо се счупи/изкърти. Затова моля, ако имате някакви идеи/предположения от какво може да се получава проблема - помагайте! Благодаря предварително!
  15. adasha

    DVI - HDMI

    Здравей, картината ти насича защото не използва хардуерно усилване от видео картатата. В товя случай е въпрос на настройки, защото картата ти има cuda. Поразрови се във форума - и в бг тракерите, съвсем скоро имаше решение за твоя плеър. Иначе можеш да бъдеш сигурен че разполагаш с хардуерен ресурс да гледаш това видео .. . .
  16. Здравейте, понеже след изчитане доста от постовете бях залят от "вълна от възмущение и гняв", та чак си бях приготвил пледоария (такава с огън и жупел). Причината да не изпълня първоначалния замисъл е постът който цитирам и е пряко свързана с причината линукс да не бъде моята ОС. Какво имам впредвид - неколкократно съм тръгвал да пробвам различни дистрибуции и винаги съм стигал до ситуация, в която незнам какво още да направя, незнам какво да очаквам от ОС и тя какво очаква от мен. И понеже в реалния живот не познавам никой който да използва линукс (да му врътна един телефон да го питам за какво аджеба иде реч,или поне да обясни от къде да започна), а в нета рано или късно стигаш до субекти, тотално заблудени относно собствената си значимост (респективно незначителност), всички мои опити до момента са обречени на неуспех. В допълнение, няма от къде да прочетеш постъпково, как да процедираш. Няма и как да стигнеш до функционалната философия на ОС. Допълнително усложняване се получава от множеството дистрибуции и версии. Не на последно място се оказва че и хардуера може допълнително да стопира мераците на начинаещите. Дотук с причините линукса да не е . . . .. Доколкото разбирам от цитирания пост, все пак има дистрибуция на български, че и с упътване. Дори вече я свалям. Имам обаче някои въпроси: 1. Как стои въпросът с инсталиране на повече една операционна система - подозирам сериозен проблем, защото имам XP (със затихващи функции) на C дял, и Win7 друг дял. Проблем ли ще е линукса да отиде на C - доколкото ми е извесно там се намира стартовия фаил и при евентуален формат ще загубя и Win7 на другия дял. 2. Дистрибуцията от линка е начална (образователна) - значи ли това че може да се използва за потребителси цели, примерно ще мога ли да гледам HD филми . . . 3. Ясни ли са стъпките които трябва да се следват при инсталация - примерно: 1 Настройване на видео карта - драйвер, резолюция и т.н. 2. Настройване на интернет - такава ланкарта, такива драйвери Всъщност формата на упътването може да е друг, но да не се чете между редовете - примерно написано добавете в команден ред такива и такива команди, а да не е ясно къде е и какво представлява този команден ред, т.е. всичко трябва да започва наистина от начало . . . . Може би малко се отклоних от темата, но за мен смисълът от нея е инфото което получавам. Ако някой може да отговори и има желание да го направи - благодаря предварително?! На останалите успех в словесната престрелка!
  17. Значи след като нода сигнализира 350 пъти, а междувременно аз направих връзка пак през рутера всичко изчезна. Сложих комодото от вашия линк, незнам дали правилно съм я конфигурирал, но не ми се видя нещо кой знае колко сложно. В момента продължавам да сканирам. Възможно ли като вляза директно чрез кънекция (пппое мисля) от компа, някой или нещо да се активира и ако да, какво мога да направя по въпроса. И дали тази защитна стена може нещо да помогне? Иначе периодично сканирам с Malwarebytes.
  18. Забравих че се генерират два репорта.Ето и втория: OTL Extras logfile created on: 8.3.2010 г. 18:48:17 - Run 2 OTL by OldTimer - Version 3.1.35.0 Folder = E:\Users\Administrator\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000402 | Country: България | Language: BGR | Date Format: d.M.yyyy 'г.' 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 50,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 65,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files Drive C: | 48,83 Gb Total Space | 20,01 Gb Free Space | 40,98% Space Free | Partition Type: NTFS Drive D: | 282,65 Gb Total Space | 11,71 Gb Free Space | 4,14% Space Free | Partition Type: NTFS Drive E: | 54,19 Gb Total Space | 8,73 Gb Free Space | 16,11% Space Free | Partition Type: NTFS Drive F: | 80,10 Gb Total Space | 11,90 Gb Free Space | 14,85% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: KIRIL-PC Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- E:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- E:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2437869187-950332605-955745819-500\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- E:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "E:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "E:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- E:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" File not found Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp "{209DF55F-5E5C-48A3-BC3D-A7CB1224458C}" = HP Print Diagnostic Utility "{2605461E-AB2E-49F5-8A16-64B7F3595030}" = 5600Trb "{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v. 1.3.1249.0 "{29DF8A7C-8CCD-441D-A3E9-69C565EDA5DC}" = ESET NOD32 Antivirus "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery "{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{409ECFF1-9CC7-43A8-B28A-B7F0B7CB04D1}_is1" = Classic Menu 1.51 for Office "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1 "{6AECFE2F-86D3-4EA8-B110-19CDAA343199}" = ItaEst - Taka e! "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{7DCBC3D8-8954-491D-A1B9-8C61C563B004}" = 5600_Help "{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8F9C3F7D-0C85-4AB9-A602-89385276AC80}" = Crypto "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{926CC8AE-8414-43DF-8EB4-CF26D9C3C663}" = "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007 "{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007 "{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc "{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software "{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer "{AC76BA86-7AD7-1026-7B44-A93000000001}" = Adobe Reader 9.3 - Bulgarian "{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{C0A871F9-D580-4404-9A69-A02CF3078C87}" = Bluesoleil 6.4.249.0 "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential "{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting "{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX "{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext "{EBB8BD50-4EBF-4987-807B-40F6F72F83A4}" = Ciela 5.0 "{F1000000-0001-0000-0000-074957833700}" = ABBYY FineReader 10 Professional Edition "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2DC2589-C894-43DD-BA70-8FDCA7360584}" = 5600 "{FA200000-0001-0000-0000-074957833700}" = ABBYY PDF Transformer 2.0 "AC3Filter_is1" = AC3Filter 1.63b "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AEnglish Dictionary_is1" = AEnglish Dictionary XP 1.72 "BitComet" = BitComet 1.18 "BSPlayerp" = BS.Player PRO "CCleaner" = CCleaner "CoreAVC Professional Edition" = CoreAVC Professional Edition (remove only) "DirectVobSub" = DirectVobSub (remove only) "ENTERPRISE" = Microsoft Office Enterprise 2007 "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.20 "HaaliMkx" = Haali Media Splitter "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Photosmart Essential" = HP Photosmart Essential 3.5 "HP Smart Web Printing" = HP Smart Web Printing 4.51 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "HPOCR" = OCR Software by I.R.I.S. 13.0 "IP-TV_Player" = IP-TV Player 0.28.1 "ListTV" = ListTV "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Mozilla Firefox (3.6)" = Mozilla Firefox (3.6) "Mozilla Thunderbird (3.0.3)" = Mozilla Thunderbird (3.0.3) "NVIDIA Drivers" = NVIDIA Drivers "PowerISO" = PowerISO "QuicktimeAlt_is1" = QuickTime Alternative 3.1.0 "SopCast" = SopCast 3.2.8 "TVAnts 1.0" = TVAnts 1.0 "Vtune_is1" = Vtune 7.4 "WinRAR archiver" = WinRAR archiver "Xvid_is1" = Xvid 1.2.2 final uninstall "YU2010_is1" = Your Uninstaller! 2010 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2437869187-950332605-955745819-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 7.3.2010 г. 12:18:55 | Computer Name = Kiril-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006 Description = Unable to read the performance counter strings defined for the 002 language ID. The first DWORD in the Data section contains the Win32 error code. Error - 7.3.2010 г. 16:56:16 | Computer Name = Kiril-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "e:\Users\administrator\AppData\Local\Temp\pft3baa~tmp\Vista64\RAVBg64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 7.3.2010 г. 16:56:16 | Computer Name = Kiril-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "e:\Users\administrator\AppData\Local\Temp\pft3baa~tmp\Vista64\RAVCpl64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 7.3.2010 г. 16:56:18 | Computer Name = Kiril-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "e:\Users\administrator\AppData\Local\Temp\pft3baa~tmp\Vista64\vncutil64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 7.3.2010 г. 16:56:25 | Computer Name = Kiril-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "e:\Users\administrator\AppData\Local\Temp\pft9c6f~tmp\Vista64\RAVBg64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 7.3.2010 г. 16:56:25 | Computer Name = Kiril-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "e:\Users\administrator\AppData\Local\Temp\pft9c6f~tmp\Vista64\RAVCpl64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 7.3.2010 г. 16:56:27 | Computer Name = Kiril-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "e:\Users\administrator\AppData\Local\Temp\pft9c6f~tmp\Vista64\vncutil64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 8.3.2010 г. 03:39:06 | Computer Name = Kiril-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006 Description = Unable to read the performance counter strings defined for the 002 language ID. The first DWORD in the Data section contains the Win32 error code. Error - 8.3.2010 г. 03:39:06 | Computer Name = Kiril-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006 Description = Unable to read the performance counter strings defined for the 002 language ID. The first DWORD in the Data section contains the Win32 error code. Error - 8.3.2010 г. 07:25:29 | Computer Name = Kiril-PC | Source = Application Hang | ID = 1002 Description = The program firefox.exe version 1.9.2.3667 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: bc8 Start Time: 01cabe94756b6450 Termination Time: 43 Application Path: E:\Program Files\Mozilla Firefox\firefox.exe Report Id: 46a58fb1-2aa5-11df-8ff1-00112f802541 [ Media Center Events ] Error - 31.10.2009 г. 09:14:17 | Computer Name = Kiril-PC | Source = MCUpdate | ID = 0 Description = 15:14:17 ч. - Грешка при свързване с Интернет. 15:14:17 ч. - Не е възможен контакт със сървъра.. Error - 31.10.2009 г. 09:14:29 | Computer Name = Kiril-PC | Source = MCUpdate | ID = 0 Description = 15:14:22 ч. - Грешка при свързване с Интернет. 15:14:22 ч. - Не е възможен контакт със сървъра.. Error - 5.3.2010 г. 10:17:20 | Computer Name = Kiril-PC | Source = MCUpdate | ID = 0 Description = 16:17:20 ч. - Грешка при свързване с Интернет. 16:17:20 ч. - Не е възможен контакт със сървъра.. Error - 5.3.2010 г. 10:17:34 | Computer Name = Kiril-PC | Source = MCUpdate | ID = 0 Description = 16:17:25 ч. - Грешка при свързване с Интернет. 16:17:25 ч. - Не е възможен контакт със сървъра.. [ OSession Events ] Error - 3.3.2010 г. 11:40:13 | Computer Name = Kiril-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 449 seconds with 120 seconds of active time. This session ended with a crash. [ System Events ] Error - 7.3.2010 г. 18:00:29 | Computer Name = Kiril-PC | Source = DCOM | ID = 10016 Description = Error - 7.3.2010 г. 18:00:29 | Computer Name = Kiril-PC | Source = DCOM | ID = 10016 Description = Error - 7.3.2010 г. 18:00:29 | Computer Name = Kiril-PC | Source = DCOM | ID = 10016 Description = Error - 7.3.2010 г. 18:00:29 | Computer Name = Kiril-PC | Source = DCOM | ID = 10016 Description = Error - 7.3.2010 г. 18:00:29 | Computer Name = Kiril-PC | Source = DCOM | ID = 10016 Description = Error - 7.3.2010 г. 18:00:29 | Computer Name = Kiril-PC | Source = DCOM | ID = 10016 Description = Error - 7.3.2010 г. 18:00:29 | Computer Name = Kiril-PC | Source = DCOM | ID = 10016 Description = Error - 7.3.2010 г. 18:00:29 | Computer Name = Kiril-PC | Source = DCOM | ID = 10016 Description = Error - 7.3.2010 г. 19:30:16 | Computer Name = Kiril-PC | Source = Service Control Manager | ID = 7016 Description = Услуга NVIDIA Display Driver Service съобщава невалидно текущо състояние 32. Error - 8.3.2010 г. 04:02:02 | Computer Name = Kiril-PC | Source = volsnap | ID = 393252 Description = The shadow copies of volume E: were aborted because the shadow copy storage could not grow due to a user imposed limit. < End of report >
  19. Здравейте пак, за съжаление имаме ново нашествие на същата напаст. Тази вечер реших да вляза директно в интернет (компа ми има две лан карти - влизам в интернет или през рутера свързан с едната (така имам интернет в шялата мрежа) или директно през другата, като в този случай ползвам нет само на този комп). Малко след това нода отново се раздвижи със старата индикация. Направих първоначалния скан с ОТЛ (първото действие от по -горе) и надолу публикувам резултата: OTL logfile created on: 8.3.2010 г. 18:48:17 - Run 2 OTL by OldTimer - Version 3.1.35.0 Folder = E:\Users\Administrator\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000402 | Country: България | Language: BGR | Date Format: d.M.yyyy 'г.' 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 50,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 65,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files Drive C: | 48,83 Gb Total Space | 20,01 Gb Free Space | 40,98% Space Free | Partition Type: NTFS Drive D: | 282,65 Gb Total Space | 11,71 Gb Free Space | 4,14% Space Free | Partition Type: NTFS Drive E: | 54,19 Gb Total Space | 8,73 Gb Free Space | 16,11% Space Free | Partition Type: NTFS Drive F: | 80,10 Gb Total Space | 11,90 Gb Free Space | 14,85% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: KIRIL-PC Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - E:\Users\Administrator\Desktop\OTL (2).exe (OldTimer Tools) PRC - E:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) PRC - E:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - E:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe (ABBYY) PRC - E:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) PRC - E:\Windows\explorer.exe (Microsoft Corporation) PRC - E:\Program Files\Ciela\Ciela 5.0\Server\CielaServer.exe (Ciela Soft And Publishing) PRC - E:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET) PRC - E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) PRC - E:\Program Files\IP-TV Player\IpTvPlayer.exe () PRC - E:\Program Files\Vtune\TBPANEL.exe () PRC - E:\Program Files\Ciela\Ciela 5.0\Server\Firebird-2.1.2.18118-0_Win32\bin\fbserver.exe (Firebird Project) PRC - E:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe () PRC - E:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe () PRC - E:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe () PRC - E:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe () PRC - E:\Program Files\Crypto\Crypto\TVTray.exe () ========== Modules (SafeList) ========== MOD - E:\Users\Administrator\Desktop\OTL (2).exe (OldTimer Tools) MOD - E:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16400_none_4209f94e2b866170\comctl32.dll (Microsoft Corporation) MOD - E:\Windows\System32\sspicli.dll (Microsoft Corporation) MOD - E:\Windows\System32\sechost.dll (Microsoft Corporation) MOD - E:\Windows\System32\samcli.dll (Microsoft Corporation) MOD - E:\Windows\System32\profapi.dll (Microsoft Corporation) MOD - E:\Windows\System32\netutils.dll (Microsoft Corporation) MOD - E:\Windows\System32\KernelBase.dll (Microsoft Corporation) MOD - E:\Windows\System32\dwmapi.dll (Microsoft Corporation) MOD - E:\Windows\System32\devobj.dll (Microsoft Corporation) MOD - E:\Windows\System32\cryptbase.dll (Microsoft Corporation) MOD - E:\Windows\System32\cfgmgr32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (ABBYY.Licensing.FineReader.Professional.10.0) -- E:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe (ABBYY) SRV - (CielaServerService) -- E:\Program Files\Ciela\Ciela 5.0\Server\CielaServer.exe (Ciela Soft And Publishing) SRV - (WwanSvc) -- E:\Windows\System32\wwansvc.dll (Microsoft Corporation) SRV - (WbioSrvc) -- E:\Windows\System32\wbiosrvc.dll (Microsoft Corporation) SRV - (Power) -- E:\Windows\System32\umpo.dll (Microsoft Corporation) SRV - (Themes) -- E:\Windows\System32\themeservice.dll (Microsoft Corporation) SRV - (sppuinotify) -- E:\Windows\System32\sppuinotify.dll (Microsoft Corporation) SRV - (RpcEptMapper) -- E:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SRV - (SensrSvc) -- E:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- E:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (PNRPsvc) -- E:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (p2pimsvc) -- E:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (HomeGroupProvider) -- E:\Windows\System32\provsvc.dll (Microsoft Corporation) SRV - (PNRPAutoReg) -- E:\Windows\System32\pnrpauto.dll (Microsoft Corporation) SRV - (WinDefend) -- E:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (HomeGroupListener) -- E:\Windows\System32\ListSvc.dll (Microsoft Corporation) SRV - (FontCache) -- E:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (Dhcp) -- E:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SRV - (defragsvc) -- E:\Windows\System32\defragsvc.dll (Microsoft Corporation) SRV - (BDESVC) -- E:\Windows\System32\bdesvc.dll (Microsoft Corporation) SRV - (AxInstSV) ActiveX Installer (AxInstSV) -- E:\Windows\System32\AxInstSv.dll (Microsoft Corporation) SRV - (AppIDSvc) -- E:\Windows\System32\appidsvc.dll (Microsoft Corporation) SRV - (sppsvc) -- E:\Windows\System32\sppsvc.exe (Microsoft Corporation) SRV - (EhttpSrv) -- E:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET) SRV - (ekrn) -- E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET) SRV - (FirebirdServerFirebird 2.1 Ciela) -- E:\Program Files\Ciela\Ciela 5.0\Server\Firebird-2.1.2.18118-0_Win32\bin\fbserver.exe (Firebird Project) SRV - (BlueSoleilCS) -- E:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe () SRV - (BsHelpCS) -- E:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe () SRV - (BsMobileCS) -- E:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe () ========== Driver Services (SafeList) ========== DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- E:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (nvlddmkm) -- E:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (SCDEmu) -- E:\Windows\System32\drivers\scdemu.sys (PowerISO Computing, Inc.) DRV - (cmdide) -- E:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (adpahci) -- E:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.) DRV - (adp94xx) -- E:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.) DRV - (amdsbs) -- E:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.) DRV - (adpu320) -- E:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.) DRV - (arcsas) -- E:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.) DRV - (amdsata) -- E:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices) DRV - (arc) -- E:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.) DRV - (amdxata) -- E:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices) DRV - (aliide) -- E:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (nvstor) -- E:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation) DRV - (nvraid) -- E:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- E:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation) DRV - (LSI_SAS) -- E:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation) DRV - (iaStorV) -- E:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation) DRV - (MegaSR) -- E:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.) DRV - (KSecPkg) -- E:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation) DRV - (LSI_SCSI) -- E:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation) DRV - (LSI_FC) -- E:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation) DRV - (LSI_SAS2) -- E:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation) DRV - (iirsp) -- E:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (megasas) -- E:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation) DRV - (hwpolicy) -- E:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation) DRV - (elxstor) -- E:\Windows\system32\DRIVERS\elxstor.sys (Emulex) DRV - (aic78xx) -- E:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.) DRV - (HpSAMD) -- E:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company) DRV - (FsDepends) -- E:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation) DRV - (vsmraid) -- E:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (vmbus) -- E:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation) DRV - (vhdmp) -- E:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation) DRV - (storflt) -- E:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation) DRV - (vdrvroot) -- E:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation) DRV - (storvsc) -- E:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation) DRV - (WIMMount) -- E:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation) DRV - (viaide) -- E:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.) DRV - (ql2300) -- E:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation) DRV - (rdyboost) -- E:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation) DRV - (ql40xx) -- E:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation) DRV - (SiSRaid4) -- E:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems) DRV - (pcw) -- E:\Windows\System32\drivers\pcw.sys (Microsoft Corporation) DRV - (SiSRaid2) -- E:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.) DRV - (stexstor) -- E:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology) DRV - (CNG) -- E:\Windows\System32\Drivers\cng.sys (Microsoft Corporation) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- E:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.) DRV - (rdpbus) -- E:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation) DRV - (RDPREFMP) -- E:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation) DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- E:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation) DRV - (WfpLwf) -- E:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation) DRV - (NdisCap) -- E:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) DRV - (vwififlt) -- E:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation) DRV - (vwifibus) -- E:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation) DRV - (1394ohci) -- E:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation) DRV - (UmPass) -- E:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation) DRV - (mshidkmdf) -- E:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation) DRV - (MTConfig) -- E:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation) DRV - (CompositeBus) -- E:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation) DRV - (AppID) -- E:\Windows\system32\drivers\appid.sys (Microsoft Corporation) DRV - (scfilter) -- E:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation) DRV - (s3cap) -- E:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation) DRV - (VMBusHID) -- E:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation) DRV - (discache) -- E:\Windows\System32\drivers\discache.sys (Microsoft Corporation) DRV - (HidBatt) -- E:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation) DRV - (AcpiPmi) -- E:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation) DRV - (AmdPPM) -- E:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation) DRV - (hcw85cir) -- E:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (BrUsbMdm) -- E:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- E:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.) DRV - (BrSerWdm) -- E:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.) DRV - (BrFiltLo) -- E:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp) -- E:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.) DRV - (netr73) -- E:\Windows\System32\drivers\netr73.sys (Ralink Technology, Corp.) DRV - (NVENETFD) -- E:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation) DRV - (RTL8023xp) -- E:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation ) DRV - (b57nd60x) -- E:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (ebdrv) -- E:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation) DRV - (b06bdrv) -- E:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation) DRV - (epfwwfpr) -- E:\Windows\System32\drivers\epfwwfpr.sys (ESET) DRV - (ehdrv) -- E:\Windows\System32\drivers\ehdrv.sys (ESET) DRV - (eamon) -- E:\Windows\System32\drivers\eamon.sys (ESET) DRV - (VcommMgr) -- E:\Windows\System32\drivers\VCommMgr.sys (IVT Corporation.) DRV - (BtHidBus) -- E:\Windows\System32\Drivers\BtHidBus.sys (IVT Corporation.) DRV - (Btcsrusb) -- E:\Windows\System32\drivers\btcusb.sys (IVT Corporation.) DRV - (btnetBUs) -- E:\Windows\System32\drivers\btnetBus.sys () DRV - (BlueletSCOAudio) -- E:\Windows\System32\drivers\BlueletSCOAudio.sys (IVT Corporation.) DRV - (IvtBtBUs) -- E:\Windows\System32\drivers\IvtBtBus.sys (IVT Corporation.) DRV - (VComm) -- E:\Windows\System32\drivers\VComm.sys (IVT Corporation.) DRV - (AmdLLD) -- E:\Windows\System32\drivers\AmdLLD.sys (AMD, Inc.) DRV - (TBPanel) -- E:\Windows\System32\drivers\TBPanel.sys (Windows ® 2000 DDK provider) DRV - (BTNetFilter) -- E:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys (IVT Corporation.) DRV - (PhTVTune) Crypto PC TV Radio WOS WDM TVTuner (FM1216ME) -- E:\Windows\System32\drivers\PhTVTune.sys (Philips Semiconductors) DRV - (Cap7134) -- E:\Windows\System32\drivers\Cap7134.sys (Philips Semiconductors) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2437869187-950332605-955745819-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ IE - HKU\S-1-5-21-2437869187-950332605-955745819-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = bg IE - HKU\S-1-5-21-2437869187-950332605-955745819-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 86 F3 13 7C BB CA 01 [binary data] IE - HKU\S-1-5-21-2437869187-950332605-955745819-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\S-1-5-21-2437869187-950332605-955745819-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;<local> IE - HKU\S-1-5-21-2437869187-950332605-955745819-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 221.214.208.17:3128 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT942526&SearchSource=3&q=" FF - prefs.js..browser.search.selectedEngine: "Web Search" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3 FF - prefs.js..extensions.enabledItems: [email protected]:1.6.4 FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.11 FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.3 FF - prefs.js..extensions.enabledItems: [email protected]:1.11.6 FF - prefs.js..extensions.enabledItems: [email protected]:1.80.20100224 FF - prefs.js..extensions.enabledItems: [email protected]:0.21 FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.7 FF - prefs.js..extensions.enabledItems: {daf44bf7-a45e-4450-979c-91cf07434c3d}:1.5.4 FF - prefs.js..extensions.enabledItems: {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.2 FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.7 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.15 FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.4 FF - prefs.js..extensions.enabledItems: [email protected]:1.0.1 FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.578 FF - prefs.js..extensions.enabledItems: {2abd56a2-f494-4026-8fe0-82aa6851e426}:2.5.6.0 FF - prefs.js..extensions.enabledItems: {84b24861-62f6-364b-eba5-2e5e2061d7e6}:0.9.3 FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1 FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.3pre.100305 FF - prefs.js..extensions.enabledItems: [email protected]:2 FF - prefs.js..extensions.enabledItems: 5 FF - prefs.js..extensions.enabledItems: 0 FF - prefs.js..extensions.enabledItems: 1 FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:0.9.10.2 FF - prefs.js..extensions.enabledItems: {c36177c0-224a-11da-8cd6-0800200c9a91}:3.8.1 FF - prefs.js..extensions.enabledItems: [email protected]:4.51 FF - prefs.js..network.proxy.autoconfig_url: "193.68.132.102" FF - prefs.js..network.proxy.backup.ftp: "87.119.118.26" FF - prefs.js..network.proxy.backup.ftp_port: 3128 FF - prefs.js..network.proxy.backup.gopher: "87.119.118.26" FF - prefs.js..network.proxy.backup.gopher_port: 3128 FF - prefs.js..network.proxy.backup.socks: "87.119.118.26" FF - prefs.js..network.proxy.backup.socks_port: 3128 FF - prefs.js..network.proxy.backup.ssl: "87.119.118.26" FF - prefs.js..network.proxy.backup.ssl_port: 3128 FF - prefs.js..network.proxy.ftp: "94.156.140.246" FF - prefs.js..network.proxy.ftp_port: 3128 FF - prefs.js..network.proxy.gopher: "94.156.140.246" FF - prefs.js..network.proxy.gopher_port: 3128 FF - prefs.js..network.proxy.share_proxy_settings: true FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: E:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.03.03 21:06:52 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: E:\Program Files\Mozilla Firefox\components [2010.03.03 00:17:41 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: E:\Program Files\Mozilla Firefox\plugins [2010.03.03 02:48:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.3\extensions\\Components: E:\Program Files\Mozilla Thunderbird\components [2010.03.04 13:52:57 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.3\extensions\\Plugins: E:\Program Files\Mozilla Thunderbird\plugins FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: E:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.03.03 01:30:38 | 000,000,000 | ---D | M] [2010.03.04 13:50:25 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\mozilla\Extensions [2010.03.04 13:50:25 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Administrator\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010.03.07 19:01:55 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions [2010.03.03 03:51:56 | 000,000,000 | ---D | M] (Forecastfox) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2010.03.02 19:42:06 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2010.03.02 19:42:06 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d} [2010.03.02 19:42:05 | 000,000,000 | ---D | M] (FlashGot) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010.03.02 19:42:04 | 000,000,000 | ---D | M] (Image Zoom) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} [2010.03.02 19:42:04 | 000,000,000 | ---D | M] (MediaBG Toolbar) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{2abd56a2-f494-4026-8fe0-82aa6851e426} [2010.03.02 19:42:04 | 000,000,000 | ---D | M] (PDF Download) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250} [2010.03.02 19:31:14 | 000,000,000 | ---D | M] (FEBE) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2010.03.02 19:42:04 | 000,000,000 | ---D | M] (IE Tab) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2010.03.02 19:42:04 | 000,000,000 | ---D | M] (mediaplayerconnectivity) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{84b24861-62f6-364b-eba5-2e5e2061d7e6} [2010.03.02 19:42:05 | 000,000,000 | ---D | M] (FireFTP) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2010.03.03 04:18:47 | 000,000,000 | ---D | M] (Fasterfox) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91} [2010.03.02 19:42:06 | 000,000,000 | ---D | M] (Adblock Plus) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.03.02 19:42:06 | 000,000,000 | ---D | M] (Download Statusbar) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2010.03.02 19:42:05 | 000,000,000 | ---D | M] (Extended Statusbar) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d} [2010.03.06 20:23:08 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{dc572301-7619-498c-a57d-39143191b318} [2010.03.02 19:42:06 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\[email protected] [2010.03.02 19:42:06 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\[email protected] [2010.03.02 19:42:04 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\[email protected] [2010.03.06 20:23:04 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\[email protected] [2010.03.02 19:42:04 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\[email protected] [2010.03.07 13:37:53 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\[email protected] [2010.03.02 19:42:06 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\[email protected] [2010.03.07 13:37:56 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\staged-xpis [2010.03.02 20:52:58 | 000,000,000 | ---D | M] -- E:\Program Files\mozilla firefox\extensions [2010.01.16 03:10:06 | 000,001,083 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\911bg.xml [2010.01.16 03:10:06 | 000,002,442 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\diribg.xml [2010.01.16 03:10:06 | 000,001,515 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\pe-bg.xml [2010.01.16 03:10:06 | 000,001,857 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\portalbgdict.xml [2010.01.16 03:10:06 | 000,001,220 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\wikipedia-bg.xml O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - E:\Windows\System32\drivers\etc\hosts O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - E:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Program Files\BitComet\tools\BitCometBHO_1.4.1.10.dll (BitComet) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - E:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O4 - HKLM..\Run: [amd_dc_opt] E:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) O4 - HKLM..\Run: [bonus.SSR.FR10] E:\Program Files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe (ABBYY.) O4 - HKLM..\Run: [btTray] E:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe () O4 - HKLM..\Run: [egui] E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [PWRISOVM.EXE] E:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) O4 - HKLM..\Run: [RtHDVCpl] E:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [TVTray] E:\PROGRA~1\Crypto\Crypto\TVTray.exe () O4 - HKU\S-1-5-21-2437869187-950332605-955745819-500..\Run: [TBPanel] E:\Program Files\Vtune\TBPanel.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-2437869187-950332605-955745819-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &С&валяне &с BitComet - E:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: &С&валяне на всички видео файлове с BitComet - E:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: &С&валяне на всички с BitComet - E:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Send by Bluetooth - E:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm () O8 - Extra context menu item: Send via &Message... - E:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm () O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - E:\Program Files\BitComet\tools\BitCometBHO_1.4.1.10.dll (BitComet) O9 - Extra Button: Reg Error: Key error. - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - Reg Error: Key error. File not found O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2437869187-950332605-955745819-500\..Trusted Domains: blank ([]about in Local intranet) O15 - HKU\S-1-5-21-2437869187-950332605-955745819-500\..Trusted Domains: security_Ciela50.exe ([]about in Local intranet) O15 - HKU\S-1-5-21-2437869187-950332605-955745819-500\..Trusted Domains: security_Ciela50.vshost.exe ([]about in Local intranet) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - E:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\Windows\System32\skype4com.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - E:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - E:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.02.03 20:54:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - E:\Windows\System32\ias [2009.07.14 04:37:08 | 000,000,000 | ---D | M] NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: Wmi - E:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found NetSvcs: Themes - E:\Windows\System32\themeservice.dll (Microsoft Corporation) NetSvcs: BDESVC - E:\Windows\System32\bdesvc.dll (Microsoft Corporation) SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Power - E:\Windows\System32\umpo.dll (Microsoft Corporation) SafeBootMin: Primary disk - Driver Group SafeBootMin: RpcEptMapper - E:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - E:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: Dhcp - E:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: ndiscap - E:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Power - E:\Windows\System32\umpo.dll (Microsoft Corporation) SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: RpcEptMapper - E:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - E:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - E:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - E:\Windows\system32\Rundll32.exe E:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - E:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "E:\Windows\System32\rundll32.exe" "E:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.ac3filter - E:\Windows\System32\ac3filter.acm () Drivers32: msacm.l3acm - E:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - E:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - E:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - E:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.XVID - E:\Windows\System32\xvidvfw.dll () Drivers32: vidc.yv12 - E:\Windows\System32\DivX.dll (DivX, Inc.) ========== Files/Folders - Created Within 30 Days ========== [2010.03.08 18:44:45 | 000,554,496 | ---- | C] (OldTimer Tools) -- E:\Users\Administrator\Desktop\OTL (2).exe [2010.03.07 00:05:55 | 000,000,000 | ---D | C] -- E:\Program Files\InkSaver [2010.03.06 22:00:59 | 000,000,000 | ---D | C] -- E:\Windows\System32\RTCOM [2010.03.06 22:00:29 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- E:\Windows\System32\WavesLib.dll [2010.03.06 22:00:29 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- E:\Windows\System32\SRSTSXT.dll [2010.03.06 22:00:29 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- E:\Windows\System32\SRSTSHD.dll [2010.03.06 22:00:29 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- E:\Windows\System32\SRSHP360.dll [2010.03.06 22:00:29 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- E:\Windows\System32\SRSWOW.dll [2010.03.06 22:00:24 | 000,357,576 | ---- | C] (Dolby Laboratories, Inc.) -- E:\Windows\System32\RTEEP32A.dll [2010.03.06 22:00:24 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- E:\Windows\System32\RP3DHT32.dll [2010.03.06 22:00:24 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- E:\Windows\System32\RP3DAA32.dll [2010.03.06 22:00:24 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- E:\Windows\System32\RTEED32A.dll [2010.03.06 22:00:24 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- E:\Windows\System32\RTEEL32A.dll [2010.03.06 22:00:24 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- E:\Windows\System32\RTEEG32A.dll [2010.03.06 22:00:23 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- E:\Windows\System32\MaxxAudioEQ.dll [2010.03.06 22:00:23 | 000,311,568 | ---- | C] (Waves Audio Ltd.) -- E:\Windows\System32\MaxxAudioAPO20.dll [2010.03.06 22:00:23 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- E:\Windows\System32\MaxxAudioAPO.dll [2010.03.06 22:00:19 | 001,131,280 | ---- | C] (DTS) -- E:\Windows\System32\DTSS2SpeakerDLL.dll [2010.03.06 22:00:19 | 000,961,296 | ---- | C] (DTS) -- E:\Windows\System32\DTSS2HeadphoneDLL.dll [2010.03.06 22:00:19 | 000,900,368 | ---- | C] (DTS) -- E:\Windows\System32\DTSBoostDLL.dll [2010.03.06 22:00:19 | 000,448,272 | ---- | C] (DTS) -- E:\Windows\System32\DTSBassEnhancementDLL.dll [2010.03.06 22:00:19 | 000,405,776 | ---- | C] (DTS) -- E:\Windows\System32\DTSVoiceClarityDLL.dll [2010.03.06 22:00:19 | 000,291,232 | ---- | C] (Fortemedia Corporation) -- E:\Windows\System32\FMAPO.dll [2010.03.06 22:00:19 | 000,290,064 | ---- | C] (DTS) -- E:\Windows\System32\DTSNeoPCDLL.dll [2010.03.06 22:00:19 | 000,235,280 | ---- | C] (DTS) -- E:\Windows\System32\DTSGainCompensatorDLL.dll [2010.03.06 22:00:19 | 000,223,504 | ---- | C] (DTS) -- E:\Windows\System32\DTSLimiterDLL.dll [2010.03.06 22:00:19 | 000,103,696 | ---- | C] (DTS) -- E:\Windows\System32\DTSLFXAPO.dll [2010.03.06 22:00:19 | 000,103,696 | ---- | C] (DTS) -- E:\Windows\System32\DTSGFXAPO.dll [2010.03.06 21:16:32 | 000,028,480 | ---- | C] (Philips Semiconductors) -- E:\Windows\System32\drivers\PhTVTune.sys [2010.03.06 02:57:55 | 000,000,000 | ---D | C] -- E:\_OTL [2010.03.06 02:53:08 | 000,402,176 | ---- | C] (Panda Security) -- E:\Users\Administrator\Desktop\USBVaccine.exe [2010.03.06 01:24:10 | 000,553,984 | ---- | C] (OldTimer Tools) -- E:\Users\Administrator\Desktop\OTL.exe [2010.03.06 00:00:07 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\ESET [2010.03.05 22:51:47 | 000,000,000 | ---D | C] -- E:\Program Files\Lavalys [2010.03.05 19:08:37 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\Malwarebytes [2010.03.05 19:08:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- E:\Windows\System32\drivers\mbamswissarmy.sys [2010.03.05 19:08:23 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- E:\Windows\System32\drivers\mbam.sys [2010.03.05 19:08:23 | 000,000,000 | ---D | C] -- E:\ProgramData\Malwarebytes [2010.03.05 19:08:21 | 000,000,000 | ---D | C] -- E:\Program Files\Malwarebytes' Anti-Malware [2010.03.05 16:49:20 | 000,000,000 | ---D | C] -- E:\Users\Administrator\Documents\My Scans [2010.03.04 19:47:30 | 000,000,000 | ---D | C] -- E:\Program Files\ProxyWay [2010.03.04 15:47:15 | 000,000,000 | ---D | C] -- E:\Users\Administrator\Documents\Downloads [2010.03.04 13:50:24 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\Thunderbird [2010.03.04 13:50:24 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\Thunderbird [2010.03.04 13:50:15 | 000,000,000 | ---D | C] -- E:\Program Files\Mozilla Thunderbird [2010.03.04 13:24:31 | 000,000,000 | ---D | C] -- E:\CielaAkt [2010.03.03 22:42:30 | 000,000,000 | ---D | C] -- E:\Users\Administrator\Documents\ListTV [2010.03.03 22:42:29 | 000,000,000 | ---D | C] -- E:\Program Files\ListTV [2010.03.03 22:00:41 | 000,000,000 | ---D | C] -- E:\Program Files\TVAnts [2010.03.03 21:59:28 | 000,000,000 | ---D | C] -- E:\Program Files\SopCast [2010.03.03 21:21:50 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\HpUpdate [2010.03.03 21:21:29 | 000,000,000 | ---D | C] -- E:\Windows\Hewlett-Packard [2010.03.03 21:10:15 | 000,000,000 | ---D | C] -- E:\ProgramData\WEBREG [2010.03.03 21:08:44 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\HP [2010.03.03 21:06:04 | 000,000,000 | ---D | C] -- E:\ProgramData\HP Product Assistant [2010.03.03 21:04:57 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\HP [2010.03.03 20:23:34 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\HP [2010.03.03 20:11:43 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\Hewlett-Packard [2010.03.03 20:09:41 | 000,000,000 | ---D | C] -- E:\Program Files\HP [2010.03.03 20:09:40 | 000,000,000 | -H-D | C] -- E:\Config.Msi [2010.03.03 20:07:22 | 000,000,000 | ---D | C] -- E:\ProgramData\HP [2010.03.03 17:42:17 | 000,000,000 | ---D | C] -- E:\Users\Administrator\Documents\Bluetooth [2010.03.03 17:41:58 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\bluesoleil [2010.03.03 17:38:32 | 000,000,000 | ---D | C] -- E:\Program Files\IVT Corporation [2010.03.03 03:43:05 | 000,000,000 | ---D | C] -- E:\Program Files\AEDiction [2010.03.03 03:27:43 | 000,005,632 | ---- | C] (Tracker Software) -- E:\Windows\System32\pxc25pm.dll [2010.03.03 03:27:12 | 000,000,000 | ---D | C] -- E:\Program Files\ABBYY PDF Transformer 2.0 [2010.03.03 03:22:04 | 000,034,304 | ---- | C] (AMD, Inc.) -- E:\Windows\System32\drivers\AmdLLD.sys [2010.03.03 03:22:01 | 000,000,000 | ---D | C] -- E:\Program Files\AMD [2010.03.03 03:21:19 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\Downloaded Installations [2010.03.03 03:05:35 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\ABBYY [2010.03.03 03:02:03 | 000,000,000 | ---D | C] -- E:\Program Files\ABBYY FineReader 10 [2010.03.03 03:02:03 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\ABBYY [2010.03.03 03:02:03 | 000,000,000 | ---D | C] -- E:\ProgramData\ABBYY [2010.03.03 02:51:12 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\Adobe [2010.03.03 02:48:16 | 000,000,000 | ---D | C] -- E:\ProgramData\Adobe [2010.03.03 02:48:11 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\Adobe [2010.03.03 02:48:11 | 000,000,000 | ---D | C] -- E:\Program Files\Adobe [2010.03.03 02:43:41 | 000,000,000 | ---D | C] -- E:\Program Files\BACL [2010.03.03 02:42:05 | 000,000,000 | ---D | C] -- E:\Program Files\Classic Menu for Office [2010.03.03 02:34:07 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft Works [2010.03.03 02:33:39 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft Visual Studio [2010.03.03 02:33:38 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\DESIGNER [2010.03.03 02:33:13 | 000,000,000 | ---D | C] -- E:\Windows\PCHEALTH [2010.03.03 02:33:13 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft.NET [2010.03.03 02:31:05 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft Visual Studio 8 [2010.03.03 02:30:13 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\Microsoft Help [2010.03.03 02:30:09 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft Office [2010.03.03 02:30:09 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft Help [2010.03.03 02:29:14 | 000,000,000 | RH-D | C] -- E:\MSOCache [2010.03.03 02:17:38 | 000,000,000 | R--D | C] -- E:\Users\Administrator\Pictures [2010.03.03 02:17:38 | 000,000,000 | R--D | C] -- E:\Users\Administrator\Music [2010.03.03 02:02:38 | 000,000,000 | ---D | C] -- E:\Program Files\Ciela [2010.03.03 02:01:31 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\InstallShield [2010.03.03 01:40:22 | 000,000,000 | ---D | C] -- E:\Program Files\PowerISO [2010.03.03 01:31:50 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\Ciela Soft And Publishing [2010.03.03 01:31:50 | 000,000,000 | ---D | C] -- E:\Users\Administrator\Documents\Ciela [2010.03.03 01:31:47 | 000,000,000 | ---D | C] -- E:\Windows\XSxS [2010.03.03 01:31:47 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\Xenocode [2010.03.03 01:31:47 | 000,000,000 | ---D | C] -- E:\Program Files\Xenocode [2010.03.03 01:31:45 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\Ciela Soft And Publishing [2010.03.03 01:30:38 | 000,000,000 | ---D | C] -- E:\ProgramData\ESET [2010.03.03 01:30:38 | 000,000,000 | ---D | C] -- E:\Program Files\ESET [2010.03.03 00:17:41 | 000,000,000 | ---D | C] -- E:\ProgramData\Apple Computer [2010.03.02 23:12:49 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\BSplayer PRO [2010.03.02 22:37:05 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\DivX [2010.03.02 22:37:00 | 000,000,000 | ---D | C] -- E:\Program Files\MPC HomeCinema [2010.03.02 22:19:36 | 000,000,000 | ---D | C] -- E:\Program Files\QuickTime Alternative [2010.03.02 22:18:19 | 000,000,000 | ---D | C] -- E:\Program Files\AC3Filter [2010.03.02 22:17:53 | 000,000,000 | ---D | C] -- E:\Program Files\DirectVobSub [2010.03.02 22:17:37 | 000,000,000 | ---D | C] -- E:\Program Files\Xvid [2010.03.02 22:16:35 | 000,000,000 | ---D | C] -- E:\Program Files\DivX [2010.03.02 22:16:28 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\DivX Shared [2010.03.02 21:55:20 | 000,000,000 | ---D | C] -- E:\Users\Administrator\Desktop\Други програми [2010.03.02 21:45:16 | 000,068,200 | ---- | C] (Khronos Group) -- E:\Windows\System32\OpenCL.dll [2010.03.02 21:45:13 | 000,000,000 | ---D | C] -- E:\NVIDIA [2010.03.02 20:51:01 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\skypePM [2010.03.02 20:49:44 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\Skype [2010.03.02 20:49:13 | 000,000,000 | R--D | C] -- E:\Program Files\Skype [2010.03.02 20:49:13 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\Skype [2010.03.02 20:49:11 | 000,000,000 | ---D | C] -- E:\ProgramData\Skype [2010.03.02 20:17:20 | 000,000,000 | ---D | C] -- E:\Users\Administrator\Desktop\My_Records [2010.03.02 20:17:20 | 000,000,000 | ---D | C] -- E:\Users\Administrator\Desktop\My_Movies [2010.03.02 20:09:00 | 000,000,000 | ---D | C] -- E:\Users\Administrator\Application Data [2010.03.02 19:42:17 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\Cooliris [2010.03.02 19:42:12 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\Google [2010.02.13 18:00:02 | 000,000,000 | ---D | C] -- E:\Program Files\Haali [2010.02.13 17:59:57 | 000,000,000 | ---D | C] -- E:\Program Files\CoreCodec [2010.02.13 17:54:19 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\BitComet [2010.02.13 17:54:02 | 000,000,000 | ---D | C] -- E:\Program Files\BitComet [2010.02.13 17:31:06 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\URSoft [2010.02.13 17:31:03 | 000,000,000 | ---D | C] -- E:\Program Files\Your Uninstaller 2010 [2010.02.13 17:24:40 | 000,000,000 | ---D | C] -- E:\Program Files\CCleaner [2010.02.11 11:44:10 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\WinRAR [2010.02.11 11:43:47 | 000,000,000 | ---D | C] -- E:\Program Files\WinRAR [2010.02.11 11:17:33 | 000,000,000 | ---D | C] -- E:\Program Files\MSXML 4.0 [2010.02.07 12:36:42 | 000,000,000 | ---D | C] -- E:\Polq [1 E:\Users\Administrator\AppData\Roaming\*.tmp files -> E:\Users\Administrator\AppData\Roaming\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.03.08 18:49:17 | 001,835,008 | -HS- | M] () -- E:\Users\Administrator\NTUSER.DAT [2010.03.08 18:43:38 | 000,554,496 | ---- | M] (OldTimer Tools) -- E:\Users\Administrator\Desktop\OTL (2).exe [2010.03.08 15:54:42 | 003,218,687 | ---- | M] () -- E:\Users\Administrator\Desktop\cwetowe.exe [2010.03.08 15:54:41 | 003,547,073 | ---- | M] () -- E:\Users\Administrator\Desktop\bukvi.exe [2010.03.08 15:54:40 | 003,180,632 | ---- | M] () -- E:\Users\Administrator\Desktop\figuri.exe [2010.03.08 15:46:42 | 003,930,260 | ---- | M] () -- E:\Users\Administrator\Desktop\sezoni.exe [2010.03.08 15:46:29 | 003,810,360 | ---- | M] () -- E:\Users\Administrator\Desktop\jivotni.exe [2010.03.08 15:46:01 | 003,609,442 | ---- | M] () -- E:\Users\Administrator\Desktop\broene.exe [2010.03.08 15:44:59 | 003,379,924 | ---- | M] () -- E:\Users\Administrator\Desktop\123.exe [2010.03.08 13:58:28 | 000,019,248 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.03.08 13:58:28 | 000,019,248 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.03.08 10:02:03 | 000,006,510 | ---- | M] () -- E:\Windows\System32\LOCALSERVICE.INI [2010.03.08 10:02:03 | 000,001,032 | ---- | M] () -- E:\Windows\System32\bscs.ini [2010.03.08 09:39:06 | 000,717,892 | ---- | M] () -- E:\Windows\System32\PerfStringBackup.INI [2010.03.08 09:39:06 | 000,609,896 | ---- | M] () -- E:\Windows\System32\perfh009.dat [2010.03.08 09:39:06 | 000,104,214 | ---- | M] () -- E:\Windows\System32\perfc009.dat [2010.03.08 09:35:59 | 000,000,100 | ---- | M] () -- E:\Windows\System32\LOCALDEVICE.INI [2010.03.08 09:34:55 | 000,000,006 | -H-- | M] () -- E:\Windows\tasks\SA.DAT [2010.03.08 09:34:52 | 000,067,584 | --S- | M] () -- E:\Windows\bootstat.dat [2010.03.08 09:34:45 | 1609,474,048 | -HS- | M] () -- E:\hiberfil.sys [2010.03.08 01:30:07 | 003,077,143 | -H-- | M] () -- E:\Users\Administrator\AppData\Local\IconCache.db [2010.03.07 20:00:08 | 000,000,134 | ---- | M] () -- E:\Windows\System32\REMOTEDEVICE.INI [2010.03.07 18:56:52 | 000,000,095 | ---- | M] () -- E:\Users\Administrator\AppData\Roaming\engine.dsc [2010.03.06 20:17:14 | 000,000,000 | ---- | M] () -- E:\Windows\System32\MPDef.pls [2010.03.06 17:58:53 | 001,263,104 | ---- | M] () -- E:\Users\Administrator\Desktop\NSTAT7.2010.03.06.xls [2010.03.06 17:41:07 | 000,059,392 | ---- | M] () -- E:\Users\Administrator\Desktop\nstat3.xls [2010.03.06 02:53:11 | 000,402,176 | ---- | M] (Panda Security) -- E:\Users\Administrator\Desktop\USBVaccine.exe [2010.03.06 01:24:46 | 000,553,984 | ---- | M] (OldTimer Tools) -- E:\Users\Administrator\Desktop\OTL.exe [2010.03.06 00:47:50 | 001,101,824 | ---- | M] () -- E:\Users\Administrator\Desktop\Kartinka.doc [2010.03.06 00:39:31 | 000,000,000 | ---- | M] () -- E:\Users\Administrator\Desktop\Нов Microsoft Office Word Document (2).docx [2010.03.05 22:52:58 | 000,001,134 | ---- | M] () -- E:\Users\Administrator\Desktop\EVEREST Ultimate Edition.lnk [2010.03.05 19:08:32 | 000,001,021 | ---- | M] () -- E:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.03.05 18:34:20 | 000,001,422 | ---- | M] () -- E:\Users\Administrator\Desktop\Bluetooth Headset and Microphone (2).lnk [2010.03.04 15:45:50 | 000,002,287 | ---- | M] () -- E:\Users\Administrator\Desktop\Google Chrome.lnk [2010.03.04 13:52:58 | 000,001,993 | ---- | M] () -- E:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2010.03.04 11:13:32 | 000,415,216 | ---- | M] () -- E:\Windows\System32\FNTCACHE.DAT [2010.03.03 22:42:31 | 000,000,885 | ---- | M] () -- E:\Users\Administrator\Desktop\ListTV.lnk [2010.03.03 21:59:28 | 000,000,945 | ---- | M] () -- E:\Users\Administrator\Desktop\SopCast.lnk [2010.03.03 21:24:32 | 000,110,424 | ---- | M] () -- E:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT [2010.03.03 21:19:50 | 000,001,971 | ---- | M] () -- E:\Users\Public\Desktop\HP Print Diagnostic Utility.lnk [2010.03.03 21:10:05 | 000,221,154 | ---- | M] () -- E:\Windows\hpoins19.dat [2010.03.03 21:08:37 | 000,000,513 | ---- | M] () -- E:\Windows\win.ini [2010.03.03 21:06:40 | 000,002,125 | ---- | M] () -- E:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk [2010.03.03 21:06:01 | 000,001,273 | ---- | M] () -- E:\Users\Public\Desktop\HP Solution Center.lnk [2010.03.03 21:05:35 | 000,002,069 | ---- | M] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2010.03.03 20:16:54 | 000,221,017 | ---- | M] () -- E:\Windows\hpoins19.dat.temp [2010.03.03 17:48:50 | 000,000,392 | ---- | M] () -- E:\Windows\System32\SHORTCUT.INI [2010.03.03 17:39:50 | 000,000,032 | ---- | M] () -- E:\Windows\0 [2010.03.03 17:39:49 | 000,000,000 | ---- | M] () -- E:\Windows\System32\BSPRINT.INI [2010.03.03 17:38:29 | 000,000,000 | ---- | M] () -- E:\Windows\System32\0 [2010.03.03 17:36:10 | 000,013,316 | ---- | M] () -- E:\Users\Administrator\Desktop\Обяснявам как се активира програмата.docx [2010.03.03 17:34:47 | 000,013,311 | ---- | M] () -- E:\Users\Administrator\Documents\Обяснявам как се активира програмата.docx [2010.03.03 03:43:09 | 000,000,919 | ---- | M] () -- E:\Users\Administrator\Desktop\AEnglish Dictionary.lnk [2010.03.03 02:02:40 | 000,001,854 | ---- | M] () -- E:\Users\Public\Desktop\Стартиране на Ciela Actual 5.0.lnk [2010.03.03 02:02:38 | 000,001,854 | ---- | M] () -- E:\Users\Public\Desktop\Стартиране на Ciela 5.0.lnk [2010.03.03 00:00:40 | 000,001,275 | ---- | M] () -- E:\Users\Administrator\Desktop\Изтеглени файлове.lnk [2010.03.02 23:46:06 | 000,000,761 | ---- | M] () -- E:\Users\Administrator\Desktop\My Documents.lnk [2010.03.02 23:09:32 | 000,000,730 | ---- | M] () -- E:\Users\Administrator\Desktop\Downloads.lnk [2010.03.02 20:51:02 | 000,000,048 | -H-- | M] () -- E:\Windows\System32\ezsidmv.dat [2010.03.02 20:49:13 | 000,002,503 | ---- | M] () -- E:\Users\Public\Desktop\Skype.lnk [2010.03.02 20:08:59 | 001,152,000 | ---- | M] () -- E:\Users\Administrator\Desktop\CMC_PC.exe [2010.03.02 19:52:33 | 000,001,881 | ---- | M] () -- E:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.02.13 17:54:03 | 000,000,961 | ---- | M] () -- E:\Users\Public\Desktop\BitComet.lnk [2010.02.13 17:31:04 | 000,001,040 | ---- | M] () -- E:\Users\Administrator\Desktop\Your Unin-staller!.lnk [1 E:\Users\Administrator\AppData\Roaming\*.tmp files -> E:\Users\Administrator\AppData\Roaming\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.03.08 15:54:31 | 003,547,073 | ---- | C] () -- E:\Users\Administrator\Desktop\bukvi.exe [2010.03.08 15:54:31 | 003,218,687 | ---- | C] () -- E:\Users\Administrator\Desktop\cwetowe.exe [2010.03.08 15:54:31 | 003,180,632 | ---- | C] () -- E:\Users\Administrator\Desktop\figuri.exe [2010.03.08 15:46:37 | 003,930,260 | ---- | C] () -- E:\Users\Administrator\Desktop\sezoni.exe [2010.03.08 15:46:24 | 003,810,360 | ---- | C] () -- E:\Users\Administrator\Desktop\jivotni.exe [2010.03.08 15:45:56 | 003,609,442 | ---- | C] () -- E:\Users\Administrator\Desktop\broene.exe [2010.03.08 15:44:54 | 003,379,924 | ---- | C] () -- E:\Users\Administrator\Desktop\123.exe [2010.03.06 20:17:14 | 000,000,000 | ---- | C] () -- E:\Windows\System32\MPDef.pls [2010.03.06 17:45:57 | 001,263,104 | ---- | C] () -- E:\Users\Administrator\Desktop\NSTAT7.2010.03.06.xls [2010.03.06 17:41:04 | 000,059,392 | ---- | C] () -- E:\Users\Administrator\Desktop\nstat3.xls [2010.03.06 00:47:49 | 001,101,824 | ---- | C] () -- E:\Users\Administrator\Desktop\Kartinka.doc [2010.03.06 00:39:31 | 000,000,000 | ---- | C] () -- E:\Users\Administrator\Desktop\Нов Microsoft Office Word Document (2).docx [2010.03.05 22:52:58 | 000,001,134 | ---- | C] () -- E:\Users\Administrator\Desktop\EVEREST Ultimate Edition.lnk [2010.03.05 19:08:32 | 000,001,021 | ---- | C] () -- E:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.03.05 18:34:20 | 000,001,422 | ---- | C] () -- E:\Users\Administrator\Desktop\Bluetooth Headset and Microphone (2).lnk [2010.03.04 15:45:50 | 000,002,287 | ---- | C] () -- E:\Users\Administrator\Desktop\Google Chrome.lnk [2010.03.04 13:50:21 | 000,001,993 | ---- | C] () -- E:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2010.03.03 22:42:31 | 000,000,885 | ---- | C] () -- E:\Users\Administrator\Desktop\ListTV.lnk [2010.03.03 21:59:28 | 000,000,945 | ---- | C] () -- E:\Users\Administrator\Desktop\SopCast.lnk [2010.03.03 21:19:50 | 000,001,971 | ---- | C] () -- E:\Users\Public\Desktop\HP Print Diagnostic Utility.lnk [2010.03.03 21:06:40 | 000,002,125 | ---- | C] () -- E:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk [2010.03.03 21:06:01 | 000,001,273 | ---- | C] () -- E:\Users\Public\Desktop\HP Solution Center.lnk [2010.03.03 21:05:35 | 000,002,069 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2010.03.03 20:58:19 | 000,221,154 | ---- | C] () -- E:\Windows\hpoins19.dat [2010.03.03 20:58:19 | 000,013,898 | ---- | C] () -- E:\Windows\hpomdl19.dat [2010.03.03 20:39:29 | 000,221,017 | ---- | C] () -- E:\Windows\hpoins19.dat.temp [2010.03.03 20:39:29 | 000,013,898 | ---- | C] () -- E:\Windows\hpomdl19.dat.temp [2010.03.03 20:07:36 | 000,007,237 | ---- | C] () -- E:\ProgramData\hpzinstall.log [2010.03.03 17:48:33 | 000,000,392 | ---- | C] () -- E:\Windows\System32\SHORTCUT.INI [2010.03.03 17:45:23 | 000,000,134 | ---- | C] () -- E:\Windows\System32\REMOTEDEVICE.INI [2010.03.03 17:41:52 | 000,006,510 | ---- | C] () -- E:\Windows\System32\LOCALSERVICE.INI [2010.03.03 17:41:51 | 000,000,100 | ---- | C] () -- E:\Windows\System32\LOCALDEVICE.INI [2010.03.03 17:39:49 | 000,000,000 | ---- | C] () -- E:\Windows\System32\BSPRINT.INI [2010.03.03 17:38:29 | 000,000,032 | ---- | C] () -- E:\Windows\0 [2010.03.03 17:38:29 | 000,000,000 | ---- | C] () -- E:\Windows\System32\0 [2010.03.03 17:36:09 | 000,013,316 | ---- | C] () -- E:\Users\Administrator\Desktop\Обяснявам как се активира програмата.docx [2010.03.03 17:34:47 | 000,013,311 | ---- | C] () -- E:\Users\Administrator\Documents\Обяснявам как се активира програмата.docx [2010.03.03 03:43:09 | 000,000,919 | ---- | C] () -- E:\Users\Administrator\Desktop\AEnglish Dictionary.lnk [2010.03.03 02:02:40 | 000,001,854 | ---- | C] () -- E:\Users\Public\Desktop\Стартиране на Ciela Actual 5.0.lnk [2010.03.03 02:02:38 | 000,001,854 | ---- | C] () -- E:\Users\Public\Desktop\Стартиране на Ciela 5.0.lnk [2010.03.02 23:46:09 | 000,000,761 | ---- | C] () -- E:\Users\Administrator\Desktop\My Documents.lnk [2010.03.02 23:09:34 | 000,000,730 | ---- | C] () -- E:\Users\Administrator\Desktop\Downloads.lnk [2010.03.02 22:18:20 | 000,497,664 | ---- | C] () -- E:\Windows\System32\ac3filter.acm [2010.03.02 22:17:37 | 000,819,200 | ---- | C] () -- E:\Windows\System32\xvidcore.dll [2010.03.02 22:17:37 | 000,180,224 | ---- | C] () -- E:\Windows\System32\xvidvfw.dll [2010.03.02 21:45:16 | 000,007,437 | ---- | C] () -- E:\Windows\System32\nvinfo.pb [2010.03.02 21:08:56 | 000,000,095 | ---- | C] () -- E:\Users\Administrator\AppData\Roaming\engine.dsc [2010.03.02 20:51:02 | 000,000,048 | -H-- | C] () -- E:\Windows\System32\ezsidmv.dat [2010.03.02 20:49:13 | 000,002,503 | ---- | C] () -- E:\Users\Public\Desktop\Skype.lnk [2010.03.02 20:07:41 | 001,152,000 | ---- | C] () -- E:\Users\Administrator\Desktop\CMC_PC.exe [2010.03.02 20:02:32 | 000,001,275 | ---- | C] () -- E:\Users\Administrator\Desktop\Изтеглени файлове.lnk [2010.02.13 17:54:03 | 000,000,961 | ---- | C] () -- E:\Users\Public\Desktop\BitComet.lnk [2010.02.13 17:37:05 | 000,000,091 | ---- | C] () -- E:\ProgramData\PS.log [2010.02.13 17:31:04 | 000,001,040 | ---- | C] () -- E:\Users\Administrator\Desktop\Your Unin-staller!.lnk [2009.09.14 22:11:40 | 000,000,917 | ---- | C] () -- E:\Windows\System32\CLWatson.ini [2009.09.11 23:10:58 | 001,481,728 | ---- | C] () -- E:\Windows\System32\LegitCheckControl.dll [2009.09.11 23:10:58 | 000,190,976 | ---- | C] () -- E:\Windows\System32\WgaLogon.dll [2009.09.07 21:38:29 | 000,425,984 | ---- | C] () -- E:\Windows\System32\xvid.dll [2009.09.07 00:55:11 | 000,178,176 | ---- | C] () -- E:\Windows\System32\unrar.dll [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- E:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- E:\Windows\System32\BWContextHandler.dll [2009.02.27 17:04:46 | 000,001,032 | ---- | C] () -- E:\Windows\System32\bscs.ini [2009.02.27 16:45:16 | 000,405,589 | ---- | C] () -- E:\Windows\System32\BsUI.dll [2009.02.27 16:44:50 | 000,278,647 | ---- | C] () -- E:\Windows\System32\outlookAddin.dll [2009.02.27 16:44:28 | 000,053,248 | ---- | C] () -- E:\Windows\System32\HtmPrintHelper.dll [2009.02.27 16:44:10 | 000,622,693 | ---- | C] () -- E:\Windows\System32\BSShell.dll [2009.02.27 16:41:38 | 000,098,403 | ---- | C] () -- E:\Windows\System32\Bs2Res.dll [2009.02.27 16:41:02 | 000,122,976 | ---- | C] () -- E:\Windows\System32\BsMobileSDK.dll [2009.02.27 16:40:50 | 000,028,672 | ---- | C] () -- E:\Windows\System32\BsMobileCSps.dll [2008.12.07 12:44:54 | 000,030,088 | ---- | C] () -- E:\Windows\System32\drivers\btnetBus.sys [2008.10.22 15:30:30 | 000,081,920 | ---- | C] () -- E:\Windows\System32\BsVistaCommon.dll [2008.03.07 13:54:22 | 017,907,824 | ---- | C] () -- E:\Windows\System32\BsLangInDepRes.dll ========== LOP Check ========== [2010.03.08 18:37:47 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\BitComet [2010.03.03 01:27:11 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\BSplayer PRO [2010.03.03 01:31:45 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\Ciela Soft And Publishing [2010.03.02 20:58:44 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\IP-TV Player [2009.11.23 10:59:57 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\PowerCinema [2010.03.04 13:50:24 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\Thunderbird [2010.02.13 17:31:06 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\URSoft [2009.09.07 21:08:01 | 000,000,000 | ---D | M] -- E:\Users\Kiril\AppData\Roaming\BSplayer PRO [2009.09.11 22:58:09 | 000,000,000 | ---D | M] -- E:\Users\Kiril\AppData\Roaming\IP-TV Player [2009.09.14 22:46:41 | 000,000,000 | ---D | M] -- E:\Users\Kiril\AppData\Roaming\PowerCinema [2010.03.03 17:11:46 | 000,032,564 | ---- | M] () -- E:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2009.06.10 23:42:20 | 000,000,010 | ---- | M] () -- E:\config.sys [2010.03.08 09:34:45 | 1609,474,048 | -HS- | M] () -- E:\hiberfil.sys [2010.03.08 09:34:51 | 2145,968,128 | -HS- | M] () -- E:\pagefile.sys < MD5 for: AGP440.SYS > [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- E:\Windows\System32\drivers\AGP440.sys [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- E:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- E:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- E:\Windows\System32\drivers\atapi.sys [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- E:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- E:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- E:\Windows\System32\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- E:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll < MD5 for: IASTORV.SYS > [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- E:\Windows\System32\drivers\iaStorV.sys [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- E:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- E:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- E:\Windows\System32\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- E:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- E:\Windows\System32\drivers\nvstor.sys [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- E:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- E:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- E:\Windows\System32\scecli.dll [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- E:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %PROGRAMFILES%\*. > [2010.03.07 00:32:16 | 000,000,000 | ---D | M] -- E:\Program Files\ABBYY FineReader 10 [2010.03.03 03:30:12 | 000,000,000 | ---D | M] -- E:\Program Files\ABBYY PDF Transformer 2.0 [2010.03.02 22:18:20 | 000,000,000 | ---D | M] -- E:\Program Files\AC3Filter [2010.03.03 02:48:11 | 000,000,000 | ---D | M] -- E:\Program Files\Adobe [2010.03.03 03:44:05 | 000,000,000 | ---D | M] -- E:\Program Files\AEDiction [2010.03.02 21:54:45 | 000,000,000 | ---D | M] -- E:\Program Files\AGEIA Technologies [2010.03.03 03:22:01 | 000,000,000 | ---D | M] -- E:\Program Files\AMD [2010.03.03 02:43:41 | 000,000,000 | ---D | M] -- E:\Program Files\BACL [2010.02.13 17:54:20 | 000,000,000 | ---D | M] -- E:\Program Files\BitComet [2010.02.13 17:24:40 | 000,000,000 | ---D | M] -- E:\Program Files\CCleaner [2010.03.03 02:02:38 | 000,000,000 | ---D | M] -- E:\Program Files\Ciela [2010.03.03 02:42:08 | 000,000,000 | ---D | M] -- E:\Program Files\Classic Menu for Office [2010.03.03 21:04:57 | 000,000,000 | ---D | M] -- E:\Program Files\Common Files [2010.02.13 17:59:57 | 000,000,000 | ---D | M] -- E:\Program Files\CoreCodec [2009.09.07 21:38:27 | 000,000,000 | ---D | M] -- E:\Program Files\Crypto [2010.02.13 17:37:56 | 000,000,000 | ---D | M] -- E:\Program Files\CyberLink [2010.03.02 22:17:53 | 000,000,000 | ---D | M] -- E:\Program Files\DirectVobSub [2010.03.02 22:16:40 | 000,000,000 | ---D | M] -- E:\Program Files\DivX [2009.08.29 16:02:29 | 000,000,000 | ---D | M] -- E:\Program Files\DVD Maker [2010.03.03 01:30:38 | 000,000,000 | ---D | M] -- E:\Program Files\ESET [2010.02.13 18:00:02 | 000,000,000 | ---D | M] -- E:\Program Files\Haali [2010.03.03 21:21:57 | 000,000,000 | ---D | M] -- E:\Program Files\HP [2010.03.07 00:24:53 | 000,000,000 | ---D | M] -- E:\Program Files\InkSaver [2010.03.07 00:24:56 | 000,000,000 | -H-D | M] -- E:\Program Files\InstallShield Installation Information [2010.02.11 11:23:49 | 000,000,000 | ---D | M] -- E:\Program Files\Internet Explorer [2009.09.10 22:29:20 | 000,000,000 | ---D | M] -- E:\Program Files\IP-TV Player [2010.03.03 17:38:32 | 000,000,000 | ---D | M] -- E:\Program Files\IVT Corporation [2010.03.02 22:08:02 | 000,000,000 | ---D | M] -- E:\Program Files\K-Lite Codec Pack [2010.03.05 22:51:47 | 000,000,000 | ---D | M] -- E:\Program Files\Lavalys [2010.03.03 22:42:56 | 000,000,000 | ---D | M] -- E:\Program Files\ListTV [2010.03.05 19:08:35 | 000,000,000 | ---D | M] -- E:\Program Files\Malwarebytes' Anti-Malware [2009.07.14 09:50:24 | 000,000,000 | ---D | M] -- E:\Program Files\Microsoft Games [2010.03.03 02:33:50 | 000,000,000 | ---D | M] -- E:\Program Files\Microsoft Office [2010.03.03 02:33:39 | 000,000,000 | ---D | M] -- E:\Program Files\Microsoft Visual Studio [2010.03.03 02:31:18 | 000,000,000 | ---D | M] -- E:\Program Files\Microsoft Visual Studio 8 [2010.03.03 02:38:14 | 000,000,000 | ---D | M] -- E:\Program Files\Microsoft Works [2010.03.03 02:33:13 | 000,000,000 | ---D | M] -- E:\Program Files\Microsoft.NET [2010.03.02 19:52:32 | 000,000,000 | ---D | M] -- E:\Program Files\Mozilla Firefox [2010.03.08 13:29:17 | 000,000,000 | ---D | M] -- E:\Program Files\Mozilla Thunderbird [2010.03.02 22:51:05 | 000,000,000 | ---D | M] -- E:\Program Files\MPC HomeCinema [2010.03.03 02:33:56 | 000,000,000 | ---D | M] -- E:\Program Files\MSBuild [2010.02.11 11:17:33 | 000,000,000 | ---D | M] -- E:\Program Files\MSXML 4.0 [2010.03.02 21:54:37 | 000,000,000 | ---D | M] -- E:\Program Files\NVIDIA Corporation [2009.09.08 20:35:31 | 000,000,000 | ---D | M] -- E:\Program Files\PlayReady [2010.03.03 01:40:23 | 000,000,000 | ---D | M] -- E:\Program Files\PowerISO [2010.03.04 20:08:15 | 000,000,000 | ---D | M] -- E:\Program Files\ProxyWay [2010.03.03 00:17:41 | 000,000,000 | ---D | M] -- E:\Program Files\QuickTime Alternative [2009.09.06 22:32:23 | 000,000,000 | ---D | M] -- E:\Program Files\Realtek [2009.07.14 06:52:30 | 000,000,000 | ---D | M] -- E:\Program Files\Reference Assemblies [2010.03.02 20:52:57 | 000,000,000 | R--D | M] -- E:\Program Files\Skype [2010.03.03 21:59:29 | 000,000,000 | ---D | M] -- E:\Program Files\SopCast [2010.03.06 22:01:22 | 000,000,000 | -H-D | M] -- E:\Program Files\Temp [2010.03.03 22:04:06 | 000,000,000 | ---D | M] -- E:\Program Files\TVAnts [2009.07.14 06:53:23 | 000,000,000 | -H-D | M] -- E:\Program Files\Uninstall Information [2009.09.10 21:52:39 | 000,000,000 | ---D | M] -- E:\Program Files\Vtune [2009.09.07 21:02:53 | 000,000,000 | ---D | M] -- E:\Program Files\Webteh [2009.08.29 16:02:28 | 000,000,000 | ---D | M] -- E:\Program Files\Windows Defender [2009.08.29 16:02:28 | 000,000,000 | ---D | M] -- E:\Program Files\Windows Journal [2009.08.29 16:02:29 | 000,000,000 | ---D | M] -- E:\Program Files\Windows Mail [2010.02.13 18:02:12 | 000,000,000 | ---D | M] -- E:\Program Files\Windows Media Player [2009.07.14 06:52:30 | 000,000,000 | ---D | M] -- E:\Program Files\Windows NT [2009.08.29 16:02:28 | 000,000,000 | ---D | M] -- E:\Program Files\Windows Photo Viewer [2009.07.14 06:52:32 | 000,000,000 | ---D | M] -- E:\Program Files\Windows Portable Devices [2009.08.29 16:02:29 | 000,000,000 | ---D | M] -- E:\Program Files\Windows Sidebar [2010.02.11 11:43:50 | 000,000,000 | ---D | M] -- E:\Program Files\WinRAR [2010.03.03 01:31:47 | 000,000,000 | ---D | M] -- E:\Program Files\Xenocode [2010.03.02 22:17:37 | 000,000,000 | ---D | M] -- E:\Program Files\Xvid [2010.02.13 17:31:29 | 000,000,000 | ---D | M] -- E:\Program Files\Your Uninstaller 2010 < %userprofile%\Desktop\*.* > [2010.03.08 15:44:59 | 003,379,924 | ---- | M] () -- E:\Users\Administrator\Desktop\123.exe [2010.03.03 03:43:09 | 000,000,919 | ---- | M] () -- E:\Users\Administrator\Desktop\AEnglish Dictionary.lnk [2010.03.05 18:34:20 | 000,001,422 | ---- | M] () -- E:\Users\Administrator\Desktop\Bluetooth Headset and Microphone (2).lnk [2010.03.08 15:46:01 | 003,609,442 | ---- | M] () -- E:\Users\Administrator\Desktop\broene.exe [2010.03.08 15:54:41 | 003,547,073 | ---- | M] () -- E:\Users\Administrator\Desktop\bukvi.exe [2010.03.02 20:08:59 | 001,152,000 | ---- | M] () -- E:\Users\Administrator\Desktop\CMC_PC.exe [2010.03.08 15:54:42 | 003,218,687 | ---- | M] () -- E:\Users\Administrator\Desktop\cwetowe.exe [2009.09.11 22:33:20 | 000,000,282 | -HS- | M] () -- E:\Users\Administrator\Desktop\desktop.ini [2010.03.02 23:09:32 | 000,000,730 | ---- | M] () -- E:\Users\Administrator\Desktop\Downloads.lnk [2010.03.05 22:52:58 | 000,001,134 | ---- | M] () -- E:\Users\Administrator\Desktop\EVEREST Ultimate Edition.lnk [2010.03.08 15:54:40 | 003,180,632 | ---- | M] () -- E:\Users\Administrator\Desktop\figuri.exe [2010.03.04 15:45:50 | 000,002,287 | ---- | M] () -- E:\Users\Administrator\Desktop\Google Chrome.lnk [2010.03.08 15:46:29 | 003,810,360 | ---- | M] () -- E:\Users\Administrator\Desktop\jivotni.exe [2010.03.06 00:47:50 | 001,101,824 | ---- | M] () -- E:\Users\Administrator\Desktop\Kartinka.doc [2010.03.03 22:42:31 | 000,000,885 | ---- | M] () -- E:\Users\Administrator\Desktop\ListTV.lnk [2010.03.02 23:46:06 | 000,000,761 | ---- | M] () -- E:\Users\Administrator\Desktop\My Documents.lnk [2010.03.06 17:41:07 | 000,059,392 | ---- | M] () -- E:\Users\Administrator\Desktop\nstat3.xls [2010.03.06 17:58:53 | 001,263,104 | ---- | M] () -- E:\Users\Administrator\Desktop\NSTAT7.2010.03.06.xls [2010.03.08 18:43:38 | 000,554,496 | ---- | M] (OldTimer Tools) -- E:\Users\Administrator\Desktop\OTL (2).exe [2010.03.06 01:24:46 | 000,553,984 | ---- | M] (OldTimer Tools) -- E:\Users\Administrator\Desktop\OTL.exe [2010.03.06 01:36:35 | 000,149,264 | ---- | M] () -- E:\Users\Administrator\Desktop\OTL.Txt [2010.03.08 15:46:42 | 003,930,260 | ---- | M] () -- E:\Users\Administrator\Desktop\sezoni.exe [2010.03.03 21:59:28 | 000,000,945 | ---- | M] () -- E:\Users\Administrator\Desktop\SopCast.lnk [2010.03.06 02:53:11 | 000,402,176 | ---- | M] (Panda Security) -- E:\Users\Administrator\Desktop\USBVaccine.exe [2010.02.13 17:31:04 | 000,001,040 | ---- | M] () -- E:\Users\Administrator\Desktop\Your Unin-staller!.lnk [2010.03.03 00:00:40 | 000,001,275 | ---- | M] () -- E:\Users\Administrator\Desktop\Изтеглени файлове.lnk [2010.03.06 00:39:31 | 000,000,000 | ---- | M] () -- E:\Users\Administrator\Desktop\Нов Microsoft Office Word Document (2).docx [2010.03.03 17:36:10 | 000,013,316 | ---- | M] () -- E:\Users\Administrator\Desktop\Обяснявам как се активира програмата.docx < %userprofile%\Desktop\*. > [2010.03.02 20:17:20 | 000,000,000 | ---D | M] -- E:\Users\Administrator\Desktop\My_Movies [2010.03.02 20:17:20 | 000,000,000 | ---D | M] -- E:\Users\Administrator\Desktop\My_Records [2010.03.03 04:22:59 | 000,000,000 | ---D | M] -- E:\Users\Administrator\Desktop\Други програми < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-03-05 18:01:20 ========== Alternate Data Streams ========== @Alternate Data Stream - 176 bytes -> E:\ProgramData\Temp:1CE11B51 @Alternate Data Stream - 155 bytes -> E:\ProgramData\Temp:D282699C < End of report >
  20. Ето лога: All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{DDE87865-83C5-48c4-8357-2F5B1AA84522}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DDE87865-83C5-48c4-8357-2F5B1AA84522}\ deleted successfully. Registry key HKEY_USERS\S-1-5-21-2437869187-950332605-955745819-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\blank\ deleted successfully. Registry key HKEY_USERS\S-1-5-21-2437869187-950332605-955745819-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\security_Ciela50.exe\ deleted successfully. Registry key HKEY_USERS\S-1-5-21-2437869187-950332605-955745819-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\security_Ciela50.vshost.exe\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. E:\autoexec.bat moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I\ deleted successfully. File I:\Setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I\ not found. File I:\Setup.exe not found. ADS E:\ProgramData\Temp:1CE11B51 deleted successfully. ADS E:\ProgramData\Temp:D282699C deleted successfully. ========== FILES ========== E:\Users\Administrator\AppData\Roaming\engine.tmp moved successfully. C:\RECYCLER\S-1-5-21-2000478354-162531612-682003330-500 folder moved successfully. C:\RECYCLER\S-1-5-21-2000478354-162531612-682003330-1003 folder moved successfully. C:\RECYCLER folder moved successfully. D:\RECYCLER\S-1-5-21-343818398-920026266-1417001333-500 folder moved successfully. D:\RECYCLER\S-1-5-21-2000478354-162531612-682003330-500 folder moved successfully. D:\RECYCLER\S-1-5-21-2000478354-162531612-682003330-1003 folder moved successfully. D:\RECYCLER\S-1-5-21-1085031214-1604221776-682003330-1003 folder moved successfully. D:\RECYCLER folder moved successfully. E:\RECYCLER\S-1-5-21-2000478354-162531612-682003330-500 folder moved successfully. E:\RECYCLER\S-1-5-21-2000478354-162531612-682003330-1003 folder moved successfully. E:\RECYCLER folder moved successfully. F:\RECYCLER\S-1-5-21-343818398-920026266-1417001333-500 folder moved successfully. F:\RECYCLER\S-1-5-21-2000478354-162531612-682003330-500 folder moved successfully. F:\RECYCLER\S-1-5-21-2000478354-162531612-682003330-1003 folder moved successfully. F:\RECYCLER folder moved successfully. File\Folder G:\recycler not found. File\Folder I:\recycler not found. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 3931868855 bytes ->Temporary Internet Files folder emptied: 5054046 bytes ->FireFox cache emptied: 88913410 bytes ->Google Chrome cache emptied: 7030678 bytes ->Flash cache emptied: 3287 bytes User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Kiril ->Temp folder emptied: 6708101 bytes ->Temporary Internet Files folder emptied: 23453644 bytes ->FireFox cache emptied: 78460391 bytes ->Flash cache emptied: 737 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 4059117995 bytes RecycleBin emptied: 62568823 bytes Total Files Cleaned = 7 880,00 mb OTL by OldTimer - Version 3.1.34.0 log created on 03062010_025755 Files\Folders moved on Reboot... Registry entries deleted on Reboot... Всъщност съм шернал почти всичко от компа, както и принтер вързан за него. Имам малка локална мрежа (Десктоп (инфектирания), лаптоп и разни приходящи компютри отвреме на време и трудно мога да спра шеринга. Това за комодо мога да го пробвам - ако не е много сложно конфигурирането. До вчера бяха инсталирани всички ъдейти на седмицата , сега ще погледна дали има нещо ново. Ако смятате че сме се справили с червeя, приемете искрените ми благодарности. Ако имате проблеми свързани със застраховане - например некой застраховател не ви плаща нещо което ви се полага, или просто за някаква консултация - мисля ще успея да върна жеста. Ако случайно минавате през Бургас - мога и да почерпя... ..!
  21. Ето първия репорт: OTL logfile created on: 6.3.2010 г. 01:29:50 - Run 1 OTL by OldTimer - Version 3.1.34.0 Folder = E:\Users\Administrator\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000402 | Country: България | Language: BGR | Date Format: d.M.yyyy 'г.' 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 53,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files Drive C: | 48,83 Gb Total Space | 20,01 Gb Free Space | 40,98% Space Free | Partition Type: NTFS Drive D: | 282,65 Gb Total Space | 23,58 Gb Free Space | 8,34% Space Free | Partition Type: NTFS Drive E: | 54,19 Gb Total Space | 8,31 Gb Free Space | 15,34% Space Free | Partition Type: NTFS Drive F: | 80,10 Gb Total Space | 11,90 Gb Free Space | 14,86% Space Free | Partition Type: NTFS Drive G: | 4,01 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF H: Drive not present or media not loaded Drive I: | 1,89 Gb Total Space | 1,28 Gb Free Space | 67,37% Space Free | Partition Type: FAT Computer Name: KIRIL-PC Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - E:\Users\Administrator\Desktop\OTL.exe (OldTimer Tools) PRC - E:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - E:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe (ABBYY) PRC - E:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) PRC - E:\Windows\explorer.exe (Microsoft Corporation) PRC - E:\Program Files\Ciela\Ciela 5.0\Server\CielaServer.exe (Ciela Soft And Publishing) PRC - E:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - E:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) PRC - E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET) PRC - E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) PRC - E:\Program Files\IP-TV Player\IpTvPlayer.exe () PRC - E:\Program Files\Vtune\TBPANEL.exe () PRC - E:\Program Files\Ciela\Ciela 5.0\Server\Firebird-2.1.2.18118-0_Win32\bin\fbserver.exe (Firebird Project) PRC - E:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe () PRC - E:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe () PRC - E:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe () PRC - E:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe () PRC - E:\Program Files\Lavalys\EVEREST Ultimate Edition\everest.exe (Lavalys, Inc.) PRC - E:\Program Files\Crypto\Crypto\TVTray.exe () ========== Modules (SafeList) ========== MOD - E:\Users\Administrator\Desktop\OTL.exe (OldTimer Tools) MOD - E:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16400_none_4209f94e2b866170\comctl32.dll (Microsoft Corporation) MOD - E:\Windows\System32\sspicli.dll (Microsoft Corporation) MOD - E:\Windows\System32\sechost.dll (Microsoft Corporation) MOD - E:\Windows\System32\samcli.dll (Microsoft Corporation) MOD - E:\Windows\System32\profapi.dll (Microsoft Corporation) MOD - E:\Windows\System32\netutils.dll (Microsoft Corporation) MOD - E:\Windows\System32\KernelBase.dll (Microsoft Corporation) MOD - E:\Windows\System32\dwmapi.dll (Microsoft Corporation) MOD - E:\Windows\System32\devobj.dll (Microsoft Corporation) MOD - E:\Windows\System32\cryptbase.dll (Microsoft Corporation) MOD - E:\Windows\System32\cfgmgr32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (ABBYY.Licensing.FineReader.Professional.10.0) -- E:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe (ABBYY) SRV - (CielaServerService) -- E:\Program Files\Ciela\Ciela 5.0\Server\CielaServer.exe (Ciela Soft And Publishing) SRV - (WwanSvc) -- E:\Windows\System32\wwansvc.dll (Microsoft Corporation) SRV - (WbioSrvc) -- E:\Windows\System32\wbiosrvc.dll (Microsoft Corporation) SRV - (Power) -- E:\Windows\System32\umpo.dll (Microsoft Corporation) SRV - (Themes) -- E:\Windows\System32\themeservice.dll (Microsoft Corporation) SRV - (sppuinotify) -- E:\Windows\System32\sppuinotify.dll (Microsoft Corporation) SRV - (RpcEptMapper) -- E:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SRV - (SensrSvc) -- E:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- E:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (PNRPsvc) -- E:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (p2pimsvc) -- E:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (HomeGroupProvider) -- E:\Windows\System32\provsvc.dll (Microsoft Corporation) SRV - (PNRPAutoReg) -- E:\Windows\System32\pnrpauto.dll (Microsoft Corporation) SRV - (WinDefend) -- E:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (HomeGroupListener) -- E:\Windows\System32\ListSvc.dll (Microsoft Corporation) SRV - (FontCache) -- E:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (Dhcp) -- E:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SRV - (defragsvc) -- E:\Windows\System32\defragsvc.dll (Microsoft Corporation) SRV - (BDESVC) -- E:\Windows\System32\bdesvc.dll (Microsoft Corporation) SRV - (AxInstSV) ActiveX Installer (AxInstSV) -- E:\Windows\System32\AxInstSv.dll (Microsoft Corporation) SRV - (AppIDSvc) -- E:\Windows\System32\appidsvc.dll (Microsoft Corporation) SRV - (sppsvc) -- E:\Windows\System32\sppsvc.exe (Microsoft Corporation) SRV - (EhttpSrv) -- E:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET) SRV - (ekrn) -- E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET) SRV - (FirebirdServerFirebird 2.1 Ciela) -- E:\Program Files\Ciela\Ciela 5.0\Server\Firebird-2.1.2.18118-0_Win32\bin\fbserver.exe (Firebird Project) SRV - (BlueSoleilCS) -- E:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe () SRV - (BsHelpCS) -- E:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe () SRV - (BsMobileCS) -- E:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe () ========== Driver Services (SafeList) ========== DRV - (nvlddmkm) -- E:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (SCDEmu) -- E:\Windows\System32\drivers\scdemu.sys (PowerISO Computing, Inc.) DRV - (cmdide) -- E:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (adpahci) -- E:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.) DRV - (adp94xx) -- E:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.) DRV - (amdsbs) -- E:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.) DRV - (adpu320) -- E:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.) DRV - (arcsas) -- E:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.) DRV - (amdsata) -- E:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices) DRV - (arc) -- E:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.) DRV - (amdxata) -- E:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices) DRV - (aliide) -- E:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (nvstor) -- E:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation) DRV - (nvraid) -- E:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- E:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation) DRV - (LSI_SAS) -- E:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation) DRV - (iaStorV) -- E:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation) DRV - (MegaSR) -- E:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.) DRV - (KSecPkg) -- E:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation) DRV - (LSI_SCSI) -- E:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation) DRV - (LSI_FC) -- E:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation) DRV - (LSI_SAS2) -- E:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation) DRV - (iirsp) -- E:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (megasas) -- E:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation) DRV - (hwpolicy) -- E:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation) DRV - (elxstor) -- E:\Windows\system32\DRIVERS\elxstor.sys (Emulex) DRV - (aic78xx) -- E:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.) DRV - (HpSAMD) -- E:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company) DRV - (FsDepends) -- E:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation) DRV - (vsmraid) -- E:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (vmbus) -- E:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation) DRV - (vhdmp) -- E:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation) DRV - (storflt) -- E:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation) DRV - (vdrvroot) -- E:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation) DRV - (storvsc) -- E:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation) DRV - (WIMMount) -- E:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation) DRV - (viaide) -- E:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.) DRV - (ql2300) -- E:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation) DRV - (rdyboost) -- E:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation) DRV - (ql40xx) -- E:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation) DRV - (SiSRaid4) -- E:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems) DRV - (pcw) -- E:\Windows\System32\drivers\pcw.sys (Microsoft Corporation) DRV - (SiSRaid2) -- E:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.) DRV - (stexstor) -- E:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology) DRV - (CNG) -- E:\Windows\System32\Drivers\cng.sys (Microsoft Corporation) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- E:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.) DRV - (rdpbus) -- E:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation) DRV - (RDPREFMP) -- E:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation) DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- E:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation) DRV - (WfpLwf) -- E:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation) DRV - (NdisCap) -- E:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) DRV - (vwififlt) -- E:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation) DRV - (vwifibus) -- E:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation) DRV - (1394ohci) -- E:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation) DRV - (UmPass) -- E:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation) DRV - (mshidkmdf) -- E:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation) DRV - (MTConfig) -- E:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation) DRV - (CompositeBus) -- E:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation) DRV - (AppID) -- E:\Windows\system32\drivers\appid.sys (Microsoft Corporation) DRV - (scfilter) -- E:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation) DRV - (s3cap) -- E:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation) DRV - (VMBusHID) -- E:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation) DRV - (discache) -- E:\Windows\System32\drivers\discache.sys (Microsoft Corporation) DRV - (HidBatt) -- E:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation) DRV - (AcpiPmi) -- E:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation) DRV - (AmdPPM) -- E:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation) DRV - (hcw85cir) -- E:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (BrUsbMdm) -- E:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- E:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.) DRV - (BrSerWdm) -- E:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.) DRV - (BrFiltLo) -- E:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp) -- E:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.) DRV - (netr73) -- E:\Windows\System32\drivers\netr73.sys (Ralink Technology, Corp.) DRV - (NVENETFD) -- E:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation) DRV - (RTL8023xp) -- E:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation ) DRV - (b57nd60x) -- E:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (ebdrv) -- E:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation) DRV - (b06bdrv) -- E:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- E:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (epfwwfpr) -- E:\Windows\System32\drivers\epfwwfpr.sys (ESET) DRV - (ehdrv) -- E:\Windows\System32\drivers\ehdrv.sys (ESET) DRV - (eamon) -- E:\Windows\System32\drivers\eamon.sys (ESET) DRV - (VcommMgr) -- E:\Windows\System32\drivers\VCommMgr.sys (IVT Corporation.) DRV - (BtHidBus) -- E:\Windows\System32\Drivers\BtHidBus.sys (IVT Corporation.) DRV - (Btcsrusb) -- E:\Windows\System32\drivers\btcusb.sys (IVT Corporation.) DRV - (btnetBUs) -- E:\Windows\System32\drivers\btnetBus.sys () DRV - (BlueletSCOAudio) -- E:\Windows\System32\drivers\BlueletSCOAudio.sys (IVT Corporation.) DRV - (IvtBtBUs) -- E:\Windows\System32\drivers\IvtBtBus.sys (IVT Corporation.) DRV - (VComm) -- E:\Windows\System32\drivers\VComm.sys (IVT Corporation.) DRV - (EverestDriver) -- E:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt () DRV - (AmdLLD) -- E:\Windows\System32\drivers\AmdLLD.sys (AMD, Inc.) DRV - (TBPanel) -- E:\Windows\System32\drivers\TBPanel.sys (Windows ® 2000 DDK provider) DRV - (BTNetFilter) -- E:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys (IVT Corporation.) DRV - (PhTVTune) Crypto WDM TVTuner (FM1216ME) -- E:\Windows\System32\drivers\PhTVTune.sys (Philips Semiconductors) DRV - (Cap7134) -- E:\Windows\System32\drivers\Cap7134.sys (Philips Semiconductors) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2437869187-950332605-955745819-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ IE - HKU\S-1-5-21-2437869187-950332605-955745819-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = bg IE - HKU\S-1-5-21-2437869187-950332605-955745819-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 86 F3 13 7C BB CA 01 [binary data] IE - HKU\S-1-5-21-2437869187-950332605-955745819-500\S-1-5-21-2437869187-950332605-955745819-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2437869187-950332605-955745819-500\S-1-5-21-2437869187-950332605-955745819-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;<local> IE - HKU\S-1-5-21-2437869187-950332605-955745819-500\S-1-5-21-2437869187-950332605-955745819-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 219.84.9.193:8088 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT942526&SearchSource=3&q=" FF - prefs.js..browser.search.selectedEngine: "Web Search" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3 FF - prefs.js..extensions.enabledItems: [email protected]:1.6.4 FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.11 FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.3 FF - prefs.js..extensions.enabledItems: [email protected]:1.11.6 FF - prefs.js..extensions.enabledItems: [email protected]:1.70.20100204 FF - prefs.js..extensions.enabledItems: [email protected]:0.21 FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.7 FF - prefs.js..extensions.enabledItems: {daf44bf7-a45e-4450-979c-91cf07434c3d}:1.5.4 FF - prefs.js..extensions.enabledItems: {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.2 FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.7 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.15 FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.4 FF - prefs.js..extensions.enabledItems: [email protected]:1.0.1 FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.496 FF - prefs.js..extensions.enabledItems: {2abd56a2-f494-4026-8fe0-82aa6851e426}:2.5.6.0 FF - prefs.js..extensions.enabledItems: {84b24861-62f6-364b-eba5-2e5e2061d7e6}:0.9.3 FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1 FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.3pre.100213 FF - prefs.js..extensions.enabledItems: [email protected]:2 FF - prefs.js..extensions.enabledItems: 5 FF - prefs.js..extensions.enabledItems: 0 FF - prefs.js..extensions.enabledItems: 1 FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:0.9.10.2 FF - prefs.js..extensions.enabledItems: {c36177c0-224a-11da-8cd6-0800200c9a91}:3.8.1 FF - prefs.js..extensions.enabledItems: [email protected]:4.51 FF - prefs.js..network.proxy.autoconfig_url: "193.68.132.102" FF - prefs.js..network.proxy.backup.ftp: "87.119.118.26" FF - prefs.js..network.proxy.backup.ftp_port: 3128 FF - prefs.js..network.proxy.backup.gopher: "87.119.118.26" FF - prefs.js..network.proxy.backup.gopher_port: 3128 FF - prefs.js..network.proxy.backup.socks: "87.119.118.26" FF - prefs.js..network.proxy.backup.socks_port: 3128 FF - prefs.js..network.proxy.backup.ssl: "87.119.118.26" FF - prefs.js..network.proxy.backup.ssl_port: 3128 FF - prefs.js..network.proxy.ftp: "94.156.140.246" FF - prefs.js..network.proxy.ftp_port: 3128 FF - prefs.js..network.proxy.gopher: "94.156.140.246" FF - prefs.js..network.proxy.gopher_port: 3128 FF - prefs.js..network.proxy.share_proxy_settings: true FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: E:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.03.03 21:06:52 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: E:\Program Files\Mozilla Firefox\components [2010.03.03 00:17:41 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: E:\Program Files\Mozilla Firefox\plugins [2010.03.03 02:48:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.3\extensions\\Components: E:\Program Files\Mozilla Thunderbird\components [2010.03.04 13:52:57 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.3\extensions\\Plugins: E:\Program Files\Mozilla Thunderbird\plugins FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: E:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.03.03 01:30:38 | 000,000,000 | ---D | M] [2010.03.04 13:50:25 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\mozilla\Extensions [2010.03.04 13:50:25 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Administrator\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010.03.05 18:17:18 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions [2010.03.03 03:51:56 | 000,000,000 | ---D | M] (Forecastfox) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2010.03.02 19:42:06 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2010.03.02 19:42:06 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d} [2010.03.02 19:42:05 | 000,000,000 | ---D | M] (FlashGot) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010.03.02 19:42:04 | 000,000,000 | ---D | M] (Image Zoom) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} [2010.03.02 19:42:04 | 000,000,000 | ---D | M] (MediaBG Toolbar) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{2abd56a2-f494-4026-8fe0-82aa6851e426} [2010.03.02 19:42:04 | 000,000,000 | ---D | M] (PDF Download) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250} [2010.03.02 19:31:14 | 000,000,000 | ---D | M] (FEBE) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2010.03.02 19:42:04 | 000,000,000 | ---D | M] (IE Tab) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2010.03.02 19:42:04 | 000,000,000 | ---D | M] (mediaplayerconnectivity) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{84b24861-62f6-364b-eba5-2e5e2061d7e6} [2010.03.02 19:42:05 | 000,000,000 | ---D | M] (FireFTP) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2010.03.03 04:18:47 | 000,000,000 | ---D | M] (Fasterfox) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91} [2010.03.02 19:42:06 | 000,000,000 | ---D | M] (Adblock Plus) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.03.02 19:42:06 | 000,000,000 | ---D | M] (Download Statusbar) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2010.03.02 19:42:05 | 000,000,000 | ---D | M] (Extended Statusbar) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d} [2010.03.02 19:42:04 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\{dc572301-7619-498c-a57d-39143191b318} [2010.03.02 19:42:06 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\[email protected] [2010.03.02 19:42:06 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\[email protected] [2010.03.02 19:42:04 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\[email protected] [2010.03.02 19:42:06 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\[email protected] [2010.03.02 19:42:04 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\[email protected] [2010.03.02 19:42:04 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\[email protected] [2010.03.02 19:42:06 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\[email protected] [2010.03.03 04:18:47 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fyyaahkk.default\extensions\staged-xpis [2010.03.02 20:52:58 | 000,000,000 | ---D | M] -- E:\Program Files\mozilla firefox\extensions [2010.01.16 03:10:06 | 000,001,083 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\911bg.xml [2010.01.16 03:10:06 | 000,002,442 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\diribg.xml [2010.01.16 03:10:06 | 000,001,515 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\pe-bg.xml [2010.01.16 03:10:06 | 000,001,857 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\portalbgdict.xml [2010.01.16 03:10:06 | 000,001,220 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\wikipedia-bg.xml O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - E:\Windows\System32\drivers\etc\hosts O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - E:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Program Files\BitComet\tools\BitCometBHO_1.4.1.10.dll (BitComet) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - E:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [amd_dc_opt] E:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) O4 - HKLM..\Run: [bonus.SSR.FR10] E:\Program Files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe (ABBYY.) O4 - HKLM..\Run: [btTray] E:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe () O4 - HKLM..\Run: [egui] E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [PWRISOVM.EXE] E:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) O4 - HKLM..\Run: [RtHDVCpl] E:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [TVTray] E:\PROGRA~1\Crypto\Crypto\TVTray.exe () O4 - HKU\S-1-5-21-2437869187-950332605-955745819-500..\Run: [TBPanel] E:\Program Files\Vtune\TBPanel.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-2437869187-950332605-955745819-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &С&валяне &с BitComet - E:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: &С&валяне на всички видео файлове с BitComet - E:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: &С&валяне на всички с BitComet - E:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Send by Bluetooth - E:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm () O8 - Extra context menu item: Send via &Message... - E:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm () O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - E:\Program Files\BitComet\tools\BitCometBHO_1.4.1.10.dll (BitComet) O9 - Extra Button: Reg Error: Key error. - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - Reg Error: Key error. File not found O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2437869187-950332605-955745819-500\..Trusted Domains: blank ([]about in Local intranet) O15 - HKU\S-1-5-21-2437869187-950332605-955745819-500\..Trusted Domains: security_Ciela50.exe ([]about in Local intranet) O15 - HKU\S-1-5-21-2437869187-950332605-955745819-500\..Trusted Domains: security_Ciela50.vshost.exe ([]about in Local intranet) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - E:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\Windows\System32\skype4com.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - E:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - E:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.02.03 20:54:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\Setup.exe -- File not found O33 - MountPoints2\I\Shell\verb0\command - "" = I:\Setup.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - E:\Windows\System32\ias [2009.07.14 04:37:08 | 000,000,000 | ---D | M] NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: Wmi - E:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found NetSvcs: Themes - E:\Windows\System32\themeservice.dll (Microsoft Corporation) NetSvcs: BDESVC - E:\Windows\System32\bdesvc.dll (Microsoft Corporation) SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Power - E:\Windows\System32\umpo.dll (Microsoft Corporation) SafeBootMin: Primary disk - Driver Group SafeBootMin: RpcEptMapper - E:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - E:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: Dhcp - E:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: ndiscap - E:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Power - E:\Windows\System32\umpo.dll (Microsoft Corporation) SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: RpcEptMapper - E:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - E:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - E:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - E:\Windows\system32\Rundll32.exe E:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - E:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "E:\Windows\System32\rundll32.exe" "E:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.ac3filter - E:\Windows\System32\ac3filter.acm () Drivers32: msacm.l3acm - E:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - E:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - E:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - E:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.XVID - E:\Windows\System32\xvidvfw.dll () Drivers32: vidc.yv12 - E:\Windows\System32\DivX.dll (DivX, Inc.) ========== Files/Folders - Created Within 30 Days ========== [2010.03.06 01:24:10 | 000,553,984 | ---- | C] (OldTimer Tools) -- E:\Users\Administrator\Desktop\OTL.exe [2010.03.06 00:00:07 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\ESET [2010.03.05 22:51:47 | 000,000,000 | ---D | C] -- E:\Program Files\Lavalys [2010.03.05 19:08:37 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\Malwarebytes [2010.03.05 19:08:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- E:\Windows\System32\drivers\mbamswissarmy.sys [2010.03.05 19:08:23 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- E:\Windows\System32\drivers\mbam.sys [2010.03.05 19:08:23 | 000,000,000 | ---D | C] -- E:\ProgramData\Malwarebytes [2010.03.05 19:08:21 | 000,000,000 | ---D | C] -- E:\Program Files\Malwarebytes' Anti-Malware [2010.03.05 16:49:20 | 000,000,000 | ---D | C] -- E:\Users\Administrator\Documents\My Scans [2010.03.04 19:47:30 | 000,000,000 | ---D | C] -- E:\Program Files\ProxyWay [2010.03.04 15:47:15 | 000,000,000 | ---D | C] -- E:\Users\Administrator\Documents\Downloads [2010.03.04 13:50:24 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\Thunderbird [2010.03.04 13:50:24 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\Thunderbird [2010.03.04 13:50:15 | 000,000,000 | ---D | C] -- E:\Program Files\Mozilla Thunderbird [2010.03.04 13:24:31 | 000,000,000 | ---D | C] -- E:\CielaAkt [2010.03.03 22:42:30 | 000,000,000 | ---D | C] -- E:\Users\Administrator\Documents\ListTV [2010.03.03 22:42:29 | 000,000,000 | ---D | C] -- E:\Program Files\ListTV [2010.03.03 22:00:41 | 000,000,000 | ---D | C] -- E:\Program Files\TVAnts [2010.03.03 21:59:28 | 000,000,000 | ---D | C] -- E:\Program Files\SopCast [2010.03.03 21:21:50 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\HpUpdate [2010.03.03 21:21:29 | 000,000,000 | ---D | C] -- E:\Windows\Hewlett-Packard [2010.03.03 21:10:15 | 000,000,000 | ---D | C] -- E:\ProgramData\WEBREG [2010.03.03 21:08:44 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\HP [2010.03.03 21:06:04 | 000,000,000 | ---D | C] -- E:\ProgramData\HP Product Assistant [2010.03.03 21:04:57 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\HP [2010.03.03 20:23:34 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\HP [2010.03.03 20:11:43 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\Hewlett-Packard [2010.03.03 20:09:41 | 000,000,000 | ---D | C] -- E:\Program Files\HP [2010.03.03 20:09:40 | 000,000,000 | -H-D | C] -- E:\Config.Msi [2010.03.03 20:07:22 | 000,000,000 | ---D | C] -- E:\ProgramData\HP [2010.03.03 17:42:17 | 000,000,000 | ---D | C] -- E:\Users\Administrator\Documents\Bluetooth [2010.03.03 17:41:58 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\bluesoleil [2010.03.03 17:38:32 | 000,000,000 | ---D | C] -- E:\Program Files\IVT Corporation [2010.03.03 03:43:05 | 000,000,000 | ---D | C] -- E:\Program Files\AEDiction [2010.03.03 03:27:43 | 000,005,632 | ---- | C] (Tracker Software) -- E:\Windows\System32\pxc25pm.dll [2010.03.03 03:27:12 | 000,000,000 | ---D | C] -- E:\Program Files\ABBYY PDF Transformer 2.0 [2010.03.03 03:22:04 | 000,034,304 | ---- | C] (AMD, Inc.) -- E:\Windows\System32\drivers\AmdLLD.sys [2010.03.03 03:22:01 | 000,000,000 | ---D | C] -- E:\Program Files\AMD [2010.03.03 03:21:19 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\Downloaded Installations [2010.03.03 03:05:35 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\ABBYY [2010.03.03 03:02:03 | 000,000,000 | ---D | C] -- E:\Program Files\ABBYY FineReader 10 [2010.03.03 03:02:03 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\ABBYY [2010.03.03 03:02:03 | 000,000,000 | ---D | C] -- E:\ProgramData\ABBYY [2010.03.03 02:51:12 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\Adobe [2010.03.03 02:48:16 | 000,000,000 | ---D | C] -- E:\ProgramData\Adobe [2010.03.03 02:48:11 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\Adobe [2010.03.03 02:48:11 | 000,000,000 | ---D | C] -- E:\Program Files\Adobe [2010.03.03 02:43:41 | 000,000,000 | ---D | C] -- E:\Program Files\BACL [2010.03.03 02:42:05 | 000,000,000 | ---D | C] -- E:\Program Files\Classic Menu for Office [2010.03.03 02:34:07 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft Works [2010.03.03 02:33:39 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft Visual Studio [2010.03.03 02:33:38 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\DESIGNER [2010.03.03 02:33:13 | 000,000,000 | ---D | C] -- E:\Windows\PCHEALTH [2010.03.03 02:33:13 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft.NET [2010.03.03 02:31:05 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft Visual Studio 8 [2010.03.03 02:30:13 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\Microsoft Help [2010.03.03 02:30:09 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft Office [2010.03.03 02:30:09 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft Help [2010.03.03 02:29:14 | 000,000,000 | RH-D | C] -- E:\MSOCache [2010.03.03 02:17:38 | 000,000,000 | R--D | C] -- E:\Users\Administrator\Pictures [2010.03.03 02:17:38 | 000,000,000 | R--D | C] -- E:\Users\Administrator\Music [2010.03.03 02:02:38 | 000,000,000 | ---D | C] -- E:\Program Files\Ciela [2010.03.03 02:01:31 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\InstallShield [2010.03.03 01:40:22 | 000,000,000 | ---D | C] -- E:\Program Files\PowerISO [2010.03.03 01:31:50 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\Ciela Soft And Publishing [2010.03.03 01:31:50 | 000,000,000 | ---D | C] -- E:\Users\Administrator\Documents\Ciela [2010.03.03 01:31:47 | 000,000,000 | ---D | C] -- E:\Windows\XSxS [2010.03.03 01:31:47 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\Xenocode [2010.03.03 01:31:47 | 000,000,000 | ---D | C] -- E:\Program Files\Xenocode [2010.03.03 01:31:45 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\Ciela Soft And Publishing [2010.03.03 01:30:38 | 000,000,000 | ---D | C] -- E:\ProgramData\ESET [2010.03.03 01:30:38 | 000,000,000 | ---D | C] -- E:\Program Files\ESET [2010.03.03 00:17:41 | 000,000,000 | ---D | C] -- E:\ProgramData\Apple Computer [2010.03.02 23:12:49 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\BSplayer PRO [2010.03.02 22:37:05 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\DivX [2010.03.02 22:37:00 | 000,000,000 | ---D | C] -- E:\Program Files\MPC HomeCinema [2010.03.02 22:19:36 | 000,000,000 | ---D | C] -- E:\Program Files\QuickTime Alternative [2010.03.02 22:18:19 | 000,000,000 | ---D | C] -- E:\Program Files\AC3Filter [2010.03.02 22:17:53 | 000,000,000 | ---D | C] -- E:\Program Files\DirectVobSub [2010.03.02 22:17:37 | 000,000,000 | ---D | C] -- E:\Program Files\Xvid [2010.03.02 22:16:35 | 000,000,000 | ---D | C] -- E:\Program Files\DivX [2010.03.02 22:16:28 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\DivX Shared [2010.03.02 21:55:20 | 000,000,000 | ---D | C] -- E:\Users\Administrator\Desktop\Други програми [2010.03.02 21:45:16 | 000,068,200 | ---- | C] (Khronos Group) -- E:\Windows\System32\OpenCL.dll [2010.03.02 21:45:13 | 000,000,000 | ---D | C] -- E:\NVIDIA [2010.03.02 20:51:01 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\skypePM [2010.03.02 20:49:44 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\Skype [2010.03.02 20:49:13 | 000,000,000 | R--D | C] -- E:\Program Files\Skype [2010.03.02 20:49:13 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\Skype [2010.03.02 20:49:11 | 000,000,000 | ---D | C] -- E:\ProgramData\Skype [2010.03.02 20:17:20 | 000,000,000 | ---D | C] -- E:\Users\Administrator\Desktop\My_Records [2010.03.02 20:17:20 | 000,000,000 | ---D | C] -- E:\Users\Administrator\Desktop\My_Movies [2010.03.02 20:09:00 | 000,000,000 | ---D | C] -- E:\Users\Administrator\Application Data [2010.03.02 19:42:17 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\Cooliris [2010.03.02 19:42:12 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Local\Google [2010.02.13 18:00:02 | 000,000,000 | ---D | C] -- E:\Program Files\Haali [2010.02.13 17:59:57 | 000,000,000 | ---D | C] -- E:\Program Files\CoreCodec [2010.02.13 17:54:19 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\BitComet [2010.02.13 17:54:02 | 000,000,000 | ---D | C] -- E:\Program Files\BitComet [2010.02.13 17:31:06 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\URSoft [2010.02.13 17:31:03 | 000,000,000 | ---D | C] -- E:\Program Files\Your Uninstaller 2010 [2010.02.13 17:24:40 | 000,000,000 | ---D | C] -- E:\Program Files\CCleaner [2010.02.11 11:44:10 | 000,000,000 | ---D | C] -- E:\Users\Administrator\AppData\Roaming\WinRAR [2010.02.11 11:43:47 | 000,000,000 | ---D | C] -- E:\Program Files\WinRAR [2010.02.11 11:17:33 | 000,000,000 | ---D | C] -- E:\Program Files\MSXML 4.0 [2010.02.07 12:36:42 | 000,000,000 | ---D | C] -- E:\Polq [1 E:\Users\Administrator\AppData\Roaming\*.tmp files -> E:\Users\Administrator\AppData\Roaming\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.03.06 01:31:40 | 001,835,008 | -HS- | M] () -- E:\Users\Administrator\NTUSER.DAT [2010.03.06 01:24:46 | 000,553,984 | ---- | M] (OldTimer Tools) -- E:\Users\Administrator\Desktop\OTL.exe [2010.03.06 00:47:50 | 001,101,824 | ---- | M] () -- E:\Users\Administrator\Desktop\Kartinka.doc [2010.03.06 00:39:31 | 000,000,000 | ---- | M] () -- E:\Users\Administrator\Desktop\Нов Microsoft Office Word Document (2).docx [2010.03.05 22:52:58 | 000,001,134 | ---- | M] () -- E:\Users\Administrator\Desktop\EVEREST Ultimate Edition.lnk [2010.03.05 22:52:09 | 000,713,888 | ---- | M] () -- E:\Windows\System32\PerfStringBackup.INI [2010.03.05 22:52:09 | 000,606,992 | ---- | M] () -- E:\Windows\System32\perfh009.dat [2010.03.05 22:52:09 | 000,103,370 | ---- | M] () -- E:\Windows\System32\perfc009.dat [2010.03.05 22:43:29 | 000,019,248 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.03.05 22:43:29 | 000,019,248 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.03.05 22:36:22 | 000,001,032 | ---- | M] () -- E:\Windows\System32\bscs.ini [2010.03.05 22:36:21 | 000,000,006 | -H-- | M] () -- E:\Windows\tasks\SA.DAT [2010.03.05 22:36:19 | 000,067,584 | --S- | M] () -- E:\Windows\bootstat.dat [2010.03.05 22:36:13 | 1609,474,048 | -HS- | M] () -- E:\hiberfil.sys [2010.03.05 22:15:23 | 002,393,529 | -H-- | M] () -- E:\Users\Administrator\AppData\Local\IconCache.db [2010.03.05 20:53:08 | 000,005,982 | ---- | M] () -- E:\Windows\System32\LOCALSERVICE.INI [2010.03.05 20:20:12 | 000,000,100 | ---- | M] () -- E:\Windows\System32\LOCALDEVICE.INI [2010.03.05 19:27:14 | 000,458,893 | ---- | M] () -- E:\E.rar [2010.03.05 19:08:32 | 000,001,021 | ---- | M] () -- E:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.03.05 18:34:20 | 000,001,422 | ---- | M] () -- E:\Users\Administrator\Desktop\Bluetooth Headset and Microphone (2).lnk [2010.03.05 18:34:02 | 000,000,134 | ---- | M] () -- E:\Windows\System32\REMOTEDEVICE.INI [2010.03.04 15:45:50 | 000,002,287 | ---- | M] () -- E:\Users\Administrator\Desktop\Google Chrome.lnk [2010.03.04 13:52:58 | 000,001,993 | ---- | M] () -- E:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2010.03.04 11:13:32 | 000,415,216 | ---- | M] () -- E:\Windows\System32\FNTCACHE.DAT [2010.03.03 23:31:41 | 000,000,095 | ---- | M] () -- E:\Users\Administrator\AppData\Roaming\engine.dsc [2010.03.03 22:42:31 | 000,000,885 | ---- | M] () -- E:\Users\Administrator\Desktop\ListTV.lnk [2010.03.03 21:59:28 | 000,000,945 | ---- | M] () -- E:\Users\Administrator\Desktop\SopCast.lnk [2010.03.03 21:24:32 | 000,110,424 | ---- | M] () -- E:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT [2010.03.03 21:19:50 | 000,001,971 | ---- | M] () -- E:\Users\Public\Desktop\HP Print Diagnostic Utility.lnk [2010.03.03 21:10:05 | 000,221,154 | ---- | M] () -- E:\Windows\hpoins19.dat [2010.03.03 21:08:37 | 000,000,513 | ---- | M] () -- E:\Windows\win.ini [2010.03.03 21:06:40 | 000,002,125 | ---- | M] () -- E:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk [2010.03.03 21:06:01 | 000,001,273 | ---- | M] () -- E:\Users\Public\Desktop\HP Solution Center.lnk [2010.03.03 21:05:35 | 000,002,069 | ---- | M] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2010.03.03 20:16:54 | 000,221,017 | ---- | M] () -- E:\Windows\hpoins19.dat.temp [2010.03.03 17:48:50 | 000,000,392 | ---- | M] () -- E:\Windows\System32\SHORTCUT.INI [2010.03.03 17:39:50 | 000,000,032 | ---- | M] () -- E:\Windows\0 [2010.03.03 17:39:49 | 000,000,000 | ---- | M] () -- E:\Windows\System32\BSPRINT.INI [2010.03.03 17:38:29 | 000,000,000 | ---- | M] () -- E:\Windows\System32\0 [2010.03.03 17:36:10 | 000,013,316 | ---- | M] () -- E:\Users\Administrator\Desktop\Обяснявам как се активира програмата.docx [2010.03.03 17:34:47 | 000,013,311 | ---- | M] () -- E:\Users\Administrator\Documents\Обяснявам как се активира програмата.docx [2010.03.03 17:32:41 | 000,000,000 | ---- | M] () -- E:\Users\Administrator\Desktop\Нов Microsoft Office Word Document.docx [2010.03.03 03:43:09 | 000,000,919 | ---- | M] () -- E:\Users\Administrator\Desktop\AEnglish Dictionary.lnk [2010.03.03 02:02:40 | 000,001,854 | ---- | M] () -- E:\Users\Public\Desktop\Стартиране на Ciela Actual 5.0.lnk [2010.03.03 02:02:38 | 000,001,854 | ---- | M] () -- E:\Users\Public\Desktop\Стартиране на Ciela 5.0.lnk [2010.03.03 01:37:46 | 288,534,302 | ---- | M] () -- E:\Update.rar [2010.03.03 00:00:40 | 000,001,275 | ---- | M] () -- E:\Users\Administrator\Desktop\Изтеглени файлове.lnk [2010.03.02 23:46:06 | 000,000,761 | ---- | M] () -- E:\Users\Administrator\Desktop\My Documents.lnk [2010.03.02 23:09:32 | 000,000,730 | ---- | M] () -- E:\Users\Administrator\Desktop\Downloads.lnk [2010.03.02 20:51:02 | 000,000,048 | -H-- | M] () -- E:\Windows\System32\ezsidmv.dat [2010.03.02 20:49:13 | 000,002,503 | ---- | M] () -- E:\Users\Public\Desktop\Skype.lnk [2010.03.02 20:08:59 | 001,152,000 | ---- | M] () -- E:\Users\Administrator\Desktop\CMC_PC.exe [2010.03.02 19:52:33 | 000,001,881 | ---- | M] () -- E:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.02.13 17:54:03 | 000,000,961 | ---- | M] () -- E:\Users\Public\Desktop\BitComet.lnk [2010.02.13 17:31:04 | 000,001,040 | ---- | M] () -- E:\Users\Administrator\Desktop\Your Unin-staller!.lnk [1 E:\Users\Administrator\AppData\Roaming\*.tmp files -> E:\Users\Administrator\AppData\Roaming\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.03.06 00:47:49 | 001,101,824 | ---- | C] () -- E:\Users\Administrator\Desktop\Kartinka.doc [2010.03.06 00:39:31 | 000,000,000 | ---- | C] () -- E:\Users\Administrator\Desktop\Нов Microsoft Office Word Document (2).docx [2010.03.05 22:52:58 | 000,001,134 | ---- | C] () -- E:\Users\Administrator\Desktop\EVEREST Ultimate Edition.lnk [2010.03.05 19:27:14 | 000,458,893 | ---- | C] () -- E:\E.rar [2010.03.05 19:08:32 | 000,001,021 | ---- | C] () -- E:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.03.05 18:34:20 | 000,001,422 | ---- | C] () -- E:\Users\Administrator\Desktop\Bluetooth Headset and Microphone (2).lnk [2010.03.04 15:45:50 | 000,002,287 | ---- | C] () -- E:\Users\Administrator\Desktop\Google Chrome.lnk [2010.03.04 13:50:21 | 000,001,993 | ---- | C] () -- E:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2010.03.03 22:42:31 | 000,000,885 | ---- | C] () -- E:\Users\Administrator\Desktop\ListTV.lnk [2010.03.03 21:59:28 | 000,000,945 | ---- | C] () -- E:\Users\Administrator\Desktop\SopCast.lnk [2010.03.03 21:19:50 | 000,001,971 | ---- | C] () -- E:\Users\Public\Desktop\HP Print Diagnostic Utility.lnk [2010.03.03 21:06:40 | 000,002,125 | ---- | C] () -- E:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk [2010.03.03 21:06:01 | 000,001,273 | ---- | C] () -- E:\Users\Public\Desktop\HP Solution Center.lnk [2010.03.03 21:05:35 | 000,002,069 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2010.03.03 20:58:19 | 000,221,154 | ---- | C] () -- E:\Windows\hpoins19.dat [2010.03.03 20:58:19 | 000,013,898 | ---- | C] () -- E:\Windows\hpomdl19.dat [2010.03.03 20:39:29 | 000,221,017 | ---- | C] () -- E:\Windows\hpoins19.dat.temp [2010.03.03 20:39:29 | 000,013,898 | ---- | C] () -- E:\Windows\hpomdl19.dat.temp [2010.03.03 20:07:36 | 000,007,237 | ---- | C] () -- E:\ProgramData\hpzinstall.log [2010.03.03 17:48:33 | 000,000,392 | ---- | C] () -- E:\Windows\System32\SHORTCUT.INI [2010.03.03 17:45:23 | 000,000,134 | ---- | C] () -- E:\Windows\System32\REMOTEDEVICE.INI [2010.03.03 17:41:52 | 000,005,982 | ---- | C] () -- E:\Windows\System32\LOCALSERVICE.INI [2010.03.03 17:41:51 | 000,000,100 | ---- | C] () -- E:\Windows\System32\LOCALDEVICE.INI [2010.03.03 17:39:49 | 000,000,000 | ---- | C] () -- E:\Windows\System32\BSPRINT.INI [2010.03.03 17:38:29 | 000,000,032 | ---- | C] () -- E:\Windows\0 [2010.03.03 17:38:29 | 000,000,000 | ---- | C] () -- E:\Windows\System32\0 [2010.03.03 17:36:09 | 000,013,316 | ---- | C] () -- E:\Users\Administrator\Desktop\Обяснявам как се активира програмата.docx [2010.03.03 17:34:47 | 000,013,311 | ---- | C] () -- E:\Users\Administrator\Documents\Обяснявам как се активира програмата.docx [2010.03.03 17:32:41 | 000,000,000 | ---- | C] () -- E:\Users\Administrator\Desktop\Нов Microsoft Office Word Document.docx [2010.03.03 03:43:09 | 000,000,919 | ---- | C] () -- E:\Users\Administrator\Desktop\AEnglish Dictionary.lnk [2010.03.03 02:02:40 | 000,001,854 | ---- | C] () -- E:\Users\Public\Desktop\Стартиране на Ciela Actual 5.0.lnk [2010.03.03 02:02:38 | 000,001,854 | ---- | C] () -- E:\Users\Public\Desktop\Стартиране на Ciela 5.0.lnk [2010.03.03 01:34:37 | 288,534,302 | ---- | C] () -- E:\Update.rar [2010.03.02 23:46:09 | 000,000,761 | ---- | C] () -- E:\Users\Administrator\Desktop\My Documents.lnk [2010.03.02 23:09:34 | 000,000,730 | ---- | C] () -- E:\Users\Administrator\Desktop\Downloads.lnk [2010.03.02 22:18:20 | 000,497,664 | ---- | C] () -- E:\Windows\System32\ac3filter.acm [2010.03.02 22:17:37 | 000,819,200 | ---- | C] () -- E:\Windows\System32\xvidcore.dll [2010.03.02 22:17:37 | 000,180,224 | ---- | C] () -- E:\Windows\System32\xvidvfw.dll [2010.03.02 21:45:16 | 000,007,437 | ---- | C] () -- E:\Windows\System32\nvinfo.pb [2010.03.02 21:08:56 | 000,000,095 | ---- | C] () -- E:\Users\Administrator\AppData\Roaming\engine.dsc [2010.03.02 20:51:02 | 000,000,048 | -H-- | C] () -- E:\Windows\System32\ezsidmv.dat [2010.03.02 20:49:13 | 000,002,503 | ---- | C] () -- E:\Users\Public\Desktop\Skype.lnk [2010.03.02 20:07:41 | 001,152,000 | ---- | C] () -- E:\Users\Administrator\Desktop\CMC_PC.exe [2010.03.02 20:02:32 | 000,001,275 | ---- | C] () -- E:\Users\Administrator\Desktop\Изтеглени файлове.lnk [2010.02.13 17:54:03 | 000,000,961 | ---- | C] () -- E:\Users\Public\Desktop\BitComet.lnk [2010.02.13 17:37:05 | 000,000,091 | ---- | C] () -- E:\ProgramData\PS.log [2010.02.13 17:31:04 | 000,001,040 | ---- | C] () -- E:\Users\Administrator\Desktop\Your Unin-staller!.lnk [2009.09.14 22:11:40 | 000,000,917 | ---- | C] () -- E:\Windows\System32\CLWatson.ini [2009.09.11 23:10:58 | 001,481,728 | ---- | C] () -- E:\Windows\System32\LegitCheckControl.dll [2009.09.11 23:10:58 | 000,190,976 | ---- | C] () -- E:\Windows\System32\WgaLogon.dll [2009.09.07 21:38:29 | 000,425,984 | ---- | C] () -- E:\Windows\System32\xvid.dll [2009.09.07 00:55:11 | 000,178,176 | ---- | C] () -- E:\Windows\System32\unrar.dll [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- E:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- E:\Windows\System32\BWContextHandler.dll [2009.02.27 17:04:46 | 000,001,032 | ---- | C] () -- E:\Windows\System32\bscs.ini [2009.02.27 16:45:16 | 000,405,589 | ---- | C] () -- E:\Windows\System32\BsUI.dll [2009.02.27 16:44:50 | 000,278,647 | ---- | C] () -- E:\Windows\System32\outlookAddin.dll [2009.02.27 16:44:28 | 000,053,248 | ---- | C] () -- E:\Windows\System32\HtmPrintHelper.dll [2009.02.27 16:44:10 | 000,622,693 | ---- | C] () -- E:\Windows\System32\BSShell.dll [2009.02.27 16:41:38 | 000,098,403 | ---- | C] () -- E:\Windows\System32\Bs2Res.dll [2009.02.27 16:41:02 | 000,122,976 | ---- | C] () -- E:\Windows\System32\BsMobileSDK.dll [2009.02.27 16:40:50 | 000,028,672 | ---- | C] () -- E:\Windows\System32\BsMobileCSps.dll [2008.12.07 12:44:54 | 000,030,088 | ---- | C] () -- E:\Windows\System32\drivers\btnetBus.sys [2008.10.22 15:30:30 | 000,081,920 | ---- | C] () -- E:\Windows\System32\BsVistaCommon.dll [2008.03.07 13:54:22 | 017,907,824 | ---- | C] () -- E:\Windows\System32\BsLangInDepRes.dll ========== LOP Check ========== [2010.03.04 13:22:50 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\BitComet [2010.03.03 01:27:11 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\BSplayer PRO [2010.03.03 01:31:45 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\Ciela Soft And Publishing [2010.03.02 20:58:44 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\IP-TV Player [2009.11.23 10:59:57 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\PowerCinema [2010.03.04 13:50:24 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\Thunderbird [2010.02.13 17:31:06 | 000,000,000 | ---D | M] -- E:\Users\Administrator\AppData\Roaming\URSoft [2009.09.07 21:08:01 | 000,000,000 | ---D | M] -- E:\Users\Kiril\AppData\Roaming\BSplayer PRO [2009.09.11 22:58:09 | 000,000,000 | ---D | M] -- E:\Users\Kiril\AppData\Roaming\IP-TV Player [2009.09.14 22:46:41 | 000,000,000 | ---D | M] -- E:\Users\Kiril\AppData\Roaming\PowerCinema [2010.03.03 17:11:46 | 000,032,564 | ---- | M] () -- E:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () -- E:\autoexec.bat [2009.06.10 23:42:20 | 000,000,010 | ---- | M] () -- E:\config.sys [2010.03.05 19:27:14 | 000,458,893 | ---- | M] () -- E:\E.rar [2010.03.05 22:36:13 | 1609,474,048 | -HS- | M] () -- E:\hiberfil.sys [2010.03.05 22:36:22 | 2145,968,128 | -HS- | M] () -- E:\pagefile.sys [2010.03.03 01:37:46 | 288,534,302 | ---- | M] () -- E:\Update.rar < MD5 for: AGP440.SYS > [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- E:\Windows\System32\drivers\AGP440.sys [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- E:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- E:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- E:\Windows\System32\drivers\atapi.sys [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- E:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- E:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- E:\Windows\System32\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- E:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll < MD5 for: IASTORV.SYS > [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- E:\Windows\System32\drivers\iaStorV.sys [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- E:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- E:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- E:\Windows\System32\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- E:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- E:\Windows\System32\drivers\nvstor.sys [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- E:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- E:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- E:\Windows\System32\scecli.dll [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- E:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %PROGRAMFILES%\*. > [2010.03.06 00:48:08 | 000,000,000 | ---D | M] -- E:\Program Files\ABBYY FineReader 10 [2010.03.03 03:30:12 | 000,000,000 | ---D | M] -- E:\Program Files\ABBYY PDF Transformer 2.0 [2010.03.02 22:18:20 | 000,000,000 | ---D | M] -- E:\Program Files\AC3Filter [2010.03.03 02:48:11 | 000,000,000 | ---D | M] -- E:\Program Files\Adobe [2010.03.03 03:44:05 | 000,000,000 | ---D | M] -- E:\Program Files\AEDiction [2010.03.02 21:54:45 | 000,000,000 | ---D | M] -- E:\Program Files\AGEIA Technologies [2010.03.03 03:22:01 | 000,000,000 | ---D | M] -- E:\Program Files\AMD [2010.03.03 02:43:41 | 000,000,000 | ---D | M] -- E:\Program Files\BACL [2010.02.13 17:54:20 | 000,000,000 | ---D | M] -- E:\Program Files\BitComet [2010.02.13 17:24:40 | 000,000,000 | ---D | M] -- E:\Program Files\CCleaner [2010.03.03 02:02:38 | 000,000,000 | ---D | M] -- E:\Program Files\Ciela [2010.03.03 02:42:08 | 000,000,000 | ---D | M] -- E:\Program Files\Classic Menu for Office [2010.03.03 21:04:57 | 000,000,000 | ---D | M] -- E:\Program Files\Common Files [2010.02.13 17:59:57 | 000,000,000 | ---D | M] -- E:\Program Files\CoreCodec [2009.09.07 21:38:27 | 000,000,000 | ---D | M] -- E:\Program Files\Crypto [2010.02.13 17:37:56 | 000,000,000 | ---D | M] -- E:\Program Files\CyberLink [2010.03.02 22:17:53 | 000,000,000 | ---D | M] -- E:\Program Files\DirectVobSub [2010.03.02 22:16:40 | 000,000,000 | ---D | M] -- E:\Program Files\DivX [2009.08.29 16:02:29 | 000,000,000 | ---D | M] -- E:\Program Files\DVD Maker [2010.03.03 01:30:38 | 000,000,000 | ---D | M] -- E:\Program Files\ESET [2010.02.13 18:00:02 | 000,000,000 | ---D | M] -- E:\Program Files\Haali [2010.03.03 21:21:57 | 000,000,000 | ---D | M] -- E:\Program Files\HP [2010.03.03 02:02:35 | 000,000,000 | -H-D | M] -- E:\Program Files\InstallShield Installation Information [2010.02.11 11:23:49 | 000,000,000 | ---D | M] -- E:\Program Files\Internet Explorer [2009.09.10 22:29:20 | 000,000,000 | ---D | M] -- E:\Program Files\IP-TV Player [2010.03.03 17:38:32 | 000,000,000 | ---D | M] -- E:\Program Files\IVT Corporation [2010.03.02 22:08:02 | 000,000,000 | ---D | M] -- E:\Program Files\K-Lite Codec Pack [2010.03.05 22:51:47 | 000,000,000 | ---D | M] -- E:\Program Files\Lavalys [2010.03.03 22:42:56 | 000,000,000 | ---D | M] -- E:\Program Files\ListTV [2010.03.05 19:08:35 | 000,000,000 | ---D | M] -- E:\Program Files\Malwarebytes' Anti-Malware [2009.07.14 09:50:24 | 000,000,000 | ---D | M] -- E:\Program Files\Microsoft Games [2010.03.03 02:33:50 | 000,000,000 | ---D | M] -- E:\Program Files\Microsoft Office [2010.03.03 02:33:39 | 000,000,000 | ---D | M] -- E:\Program Files\Microsoft Visual Studio [2010.03.03 02:31:18 | 000,000,000 | ---D | M] -- E:\Program Files\Microsoft Visual Studio 8 [2010.03.03 02:38:14 | 000,000,000 | ---D | M] -- E:\Program Files\Microsoft Works [2010.03.03 02:33:13 | 000,000,000 | ---D | M] -- E:\Program Files\Microsoft.NET [2010.03.02 19:52:32 | 000,000,000 | ---D | M] -- E:\Program Files\Mozilla Firefox [2010.03.05 23:31:21 | 000,000,000 | ---D | M] -- E:\Program Files\Mozilla Thunderbird [2010.03.02 22:51:05 | 000,000,000 | ---D | M] -- E:\Program Files\MPC HomeCinema [2010.03.03 02:33:56 | 000,000,000 | ---D | M] -- E:\Program Files\MSBuild [2010.02.11 11:17:33 | 000,000,000 | ---D | M] -- E:\Program Files\MSXML 4.0 [2010.03.02 21:54:37 | 000,000,000 | ---D | M] -- E:\Program Files\NVIDIA Corporation [2009.09.08 20:35:31 | 000,000,000 | ---D | M] -- E:\Program Files\PlayReady [2010.03.03 01:40:23 | 000,000,000 | ---D | M] -- E:\Program Files\PowerISO [2010.03.04 20:08:15 | 000,000,000 | ---D | M] -- E:\Program Files\ProxyWay [2010.03.03 00:17:41 | 000,000,000 | ---D | M] -- E:\Program Files\QuickTime Alternative [2009.09.06 22:32:23 | 000,000,000 | ---D | M] -- E:\Program Files\Realtek [2009.07.14 06:52:30 | 000,000,000 | ---D | M] -- E:\Program Files\Reference Assemblies [2010.03.02 20:52:57 | 000,000,000 | R--D | M] -- E:\Program Files\Skype [2010.03.03 21:59:29 | 000,000,000 | ---D | M] -- E:\Program Files\SopCast [2009.09.07 00:28:39 | 000,000,000 | -H-D | M] -- E:\Program Files\Temp [2010.03.03 22:04:06 | 000,000,000 | ---D | M] -- E:\Program Files\TVAnts [2009.07.14 06:53:23 | 000,000,000 | -H-D | M] -- E:\Program Files\Uninstall Information [2009.09.10 21:52:39 | 000,000,000 | ---D | M] -- E:\Program Files\Vtune [2009.09.07 21:02:53 | 000,000,000 | ---D | M] -- E:\Program Files\Webteh [2009.08.29 16:02:28 | 000,000,000 | ---D | M] -- E:\Program Files\Windows Defender [2009.08.29 16:02:28 | 000,000,000 | ---D | M] -- E:\Program Files\Windows Journal [2009.08.29 16:02:29 | 000,000,000 | ---D | M] -- E:\Program Files\Windows Mail [2010.02.13 18:02:12 | 000,000,000 | ---D | M] -- E:\Program Files\Windows Media Player [2009.07.14 06:52:30 | 000,000,000 | ---D | M] -- E:\Program Files\Windows NT [2009.08.29 16:02:28 | 000,000,000 | ---D | M] -- E:\Program Files\Windows Photo Viewer [2009.07.14 06:52:32 | 000,000,000 | ---D | M] -- E:\Program Files\Windows Portable Devices [2009.08.29 16:02:29 | 000,000,000 | ---D | M] -- E:\Program Files\Windows Sidebar [2010.02.11 11:43:50 | 000,000,000 | ---D | M] -- E:\Program Files\WinRAR [2010.03.03 01:31:47 | 000,000,000 | ---D | M] -- E:\Program Files\Xenocode [2010.03.02 22:17:37 | 000,000,000 | ---D | M] -- E:\Program Files\Xvid [2010.02.13 17:31:29 | 000,000,000 | ---D | M] -- E:\Program Files\Your Uninstaller 2010 < %userprofile%\Desktop\*.* > [2010.03.03 03:43:09 | 000,000,919 | ---- | M] () -- E:\Users\Administrator\Desktop\AEnglish Dictionary.lnk [2010.03.05 18:34:20 | 000,001,422 | ---- | M] () -- E:\Users\Administrator\Desktop\Bluetooth Headset and Microphone (2).lnk [2010.03.02 20:08:59 | 001,152,000 | ---- | M] () -- E:\Users\Administrator\Desktop\CMC_PC.exe [2009.09.11 22:33:20 | 000,000,282 | -HS- | M] () -- E:\Users\Administrator\Desktop\desktop.ini [2010.03.02 23:09:32 | 000,000,730 | ---- | M] () -- E:\Users\Administrator\Desktop\Downloads.lnk [2010.03.05 22:52:58 | 000,001,134 | ---- | M] () -- E:\Users\Administrator\Desktop\EVEREST Ultimate Edition.lnk [2010.03.04 15:45:50 | 000,002,287 | ---- | M] () -- E:\Users\Administrator\Desktop\Google Chrome.lnk [2010.03.06 00:47:50 | 001,101,824 | ---- | M] () -- E:\Users\Administrator\Desktop\Kartinka.doc [2010.03.03 22:42:31 | 000,000,885 | ---- | M] () -- E:\Users\Administrator\Desktop\ListTV.lnk [2010.03.02 23:46:06 | 000,000,761 | ---- | M] () -- E:\Users\Administrator\Desktop\My Documents.lnk [2010.03.06 01:24:46 | 000,553,984 | ---- | M] (OldTimer Tools) -- E:\Users\Administrator\Desktop\OTL.exe [2010.03.03 21:59:28 | 000,000,945 | ---- | M] () -- E:\Users\Administrator\Desktop\SopCast.lnk [2010.02.13 17:31:04 | 000,001,040 | ---- | M] () -- E:\Users\Administrator\Desktop\Your Unin-staller!.lnk [2010.03.03 00:00:40 | 000,001,275 | ---- | M] () -- E:\Users\Administrator\Desktop\Изтеглени файлове.lnk [2010.03.06 00:39:31 | 000,000,000 | ---- | M] () -- E:\Users\Administrator\Desktop\Нов Microsoft Office Word Document (2).docx [2010.03.03 17:32:41 | 000,000,000 | ---- | M] () -- E:\Users\Administrator\Desktop\Нов Microsoft Office Word Document.docx [2010.03.03 17:36:10 | 000,013,316 | ---- | M] () -- E:\Users\Administrator\Desktop\Обяснявам как се активира програмата.docx < %userprofile%\Desktop\*. > [2010.03.02 20:17:20 | 000,000,000 | ---D | M] -- E:\Users\Administrator\Desktop\My_Movies [2010.03.02 20:17:20 | 000,000,000 | ---D | M] -- E:\Users\Administrator\Desktop\My_Records [2010.03.03 04:22:59 | 000,000,000 | ---D | M] -- E:\Users\Administrator\Desktop\Други програми < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-03-05 18:01:20 ========== Alternate Data Streams ========== @Alternate Data Stream - 176 bytes -> E:\ProgramData\Temp:1CE11B51 @Alternate Data Stream - 155 bytes -> E:\ProgramData\Temp:D282699C < End of report > А ето и вторият: OTL Extras logfile created on: 6.3.2010 г. 01:29:50 - Run 1 OTL by OldTimer - Version 3.1.34.0 Folder = E:\Users\Administrator\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000402 | Country: България | Language: BGR | Date Format: d.M.yyyy 'г.' 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 53,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files Drive C: | 48,83 Gb Total Space | 20,01 Gb Free Space | 40,98% Space Free | Partition Type: NTFS Drive D: | 282,65 Gb Total Space | 23,58 Gb Free Space | 8,34% Space Free | Partition Type: NTFS Drive E: | 54,19 Gb Total Space | 8,31 Gb Free Space | 15,34% Space Free | Partition Type: NTFS Drive F: | 80,10 Gb Total Space | 11,90 Gb Free Space | 14,86% Space Free | Partition Type: NTFS Drive G: | 4,01 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF H: Drive not present or media not loaded Drive I: | 1,89 Gb Total Space | 1,28 Gb Free Space | 67,37% Space Free | Partition Type: FAT Computer Name: KIRIL-PC Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- E:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- E:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2437869187-950332605-955745819-500\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- E:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "E:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "E:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- E:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" File not found Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp "{209DF55F-5E5C-48A3-BC3D-A7CB1224458C}" = HP Print Diagnostic Utility "{2605461E-AB2E-49F5-8A16-64B7F3595030}" = 5600Trb "{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v. 1.3.1249.0 "{29DF8A7C-8CCD-441D-A3E9-69C565EDA5DC}" = ESET NOD32 Antivirus "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery "{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{409ECFF1-9CC7-43A8-B28A-B7F0B7CB04D1}_is1" = Classic Menu 1.51 for Office "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1 "{6AECFE2F-86D3-4EA8-B110-19CDAA343199}" = ItaEst - Taka e! "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{7DCBC3D8-8954-491D-A1B9-8C61C563B004}" = 5600_Help "{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8F9C3F7D-0C85-4AB9-A602-89385276AC80}" = Crypto "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{926CC8AE-8414-43DF-8EB4-CF26D9C3C663}" = "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007 "{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007 "{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc "{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software "{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer "{AC76BA86-7AD7-1026-7B44-A93000000001}" = Adobe Reader 9.3 - Bulgarian "{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{C0A871F9-D580-4404-9A69-A02CF3078C87}" = Bluesoleil 6.4.249.0 "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential "{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting "{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX "{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext "{EBB8BD50-4EBF-4987-807B-40F6F72F83A4}" = Ciela 5.0 "{F1000000-0001-0000-0000-074957833700}" = ABBYY FineReader 10 Professional Edition "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2DC2589-C894-43DD-BA70-8FDCA7360584}" = 5600 "{FA200000-0001-0000-0000-074957833700}" = ABBYY PDF Transformer 2.0 "AC3Filter_is1" = AC3Filter 1.63b "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AEnglish Dictionary_is1" = AEnglish Dictionary XP 1.72 "BitComet" = BitComet 1.18 "BSPlayerp" = BS.Player PRO "CCleaner" = CCleaner "CoreAVC Professional Edition" = CoreAVC Professional Edition (remove only) "DirectVobSub" = DirectVobSub (remove only) "ENTERPRISE" = Microsoft Office Enterprise 2007 "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.20 "HaaliMkx" = Haali Media Splitter "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Photosmart Essential" = HP Photosmart Essential 3.5 "HP Smart Web Printing" = HP Smart Web Printing 4.51 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "HPOCR" = OCR Software by I.R.I.S. 13.0 "IP-TV_Player" = IP-TV Player 0.28.1 "ListTV" = ListTV "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Mozilla Firefox (3.6)" = Mozilla Firefox (3.6) "Mozilla Thunderbird (3.0.3)" = Mozilla Thunderbird (3.0.3) "NVIDIA Drivers" = NVIDIA Drivers "PowerISO" = PowerISO "QuicktimeAlt_is1" = QuickTime Alternative 3.1.0 "SopCast" = SopCast 3.2.8 "TVAnts 1.0" = TVAnts 1.0 "Vtune_is1" = Vtune 7.4 "WinRAR archiver" = WinRAR archiver "Xvid_is1" = Xvid 1.2.2 final uninstall "YU2010_is1" = Your Uninstaller! 2010 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2437869187-950332605-955745819-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 5.3.2010 г. 12:05:37 | Computer Name = Kiril-PC | Source = RasClient | ID = 20227 Description = Error - 5.3.2010 г. 12:06:31 | Computer Name = Kiril-PC | Source = RasClient | ID = 20227 Description = Error - 5.3.2010 г. 14:09:41 | Computer Name = Kiril-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006 Description = Unable to read the performance counter strings defined for the 002 language ID. The first DWORD in the Data section contains the Win32 error code. Error - 5.3.2010 г. 14:09:41 | Computer Name = Kiril-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006 Description = Unable to read the performance counter strings defined for the 002 language ID. The first DWORD in the Data section contains the Win32 error code. Error - 5.3.2010 г. 14:26:55 | Computer Name = Kiril-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006 Description = Unable to read the performance counter strings defined for the 002 language ID. The first DWORD in the Data section contains the Win32 error code. Error - 5.3.2010 г. 14:26:56 | Computer Name = Kiril-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006 Description = Unable to read the performance counter strings defined for the 002 language ID. The first DWORD in the Data section contains the Win32 error code. Error - 5.3.2010 г. 16:40:35 | Computer Name = Kiril-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006 Description = Unable to read the performance counter strings defined for the 002 language ID. The first DWORD in the Data section contains the Win32 error code. Error - 5.3.2010 г. 16:40:35 | Computer Name = Kiril-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006 Description = Unable to read the performance counter strings defined for the 002 language ID. The first DWORD in the Data section contains the Win32 error code. Error - 5.3.2010 г. 16:52:09 | Computer Name = Kiril-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006 Description = Unable to read the performance counter strings defined for the 002 language ID. The first DWORD in the Data section contains the Win32 error code. Error - 5.3.2010 г. 16:52:09 | Computer Name = Kiril-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006 Description = Unable to read the performance counter strings defined for the 002 language ID. The first DWORD in the Data section contains the Win32 error code. [ Media Center Events ] Error - 31.10.2009 г. 09:14:17 | Computer Name = Kiril-PC | Source = MCUpdate | ID = 0 Description = 15:14:17 ч. - Грешка при свързване с Интернет. 15:14:17 ч. - Не е възможен контакт със сървъра.. Error - 31.10.2009 г. 09:14:29 | Computer Name = Kiril-PC | Source = MCUpdate | ID = 0 Description = 15:14:22 ч. - Грешка при свързване с Интернет. 15:14:22 ч. - Не е възможен контакт със сървъра.. Error - 5.3.2010 г. 10:17:20 | Computer Name = Kiril-PC | Source = MCUpdate | ID = 0 Description = 16:17:20 ч. - Грешка при свързване с Интернет. 16:17:20 ч. - Не е възможен контакт със сървъра.. Error - 5.3.2010 г. 10:17:34 | Computer Name = Kiril-PC | Source = MCUpdate | ID = 0 Description = 16:17:25 ч. - Грешка при свързване с Интернет. 16:17:25 ч. - Не е възможен контакт със сървъра.. [ OSession Events ] Error - 3.3.2010 г. 11:40:13 | Computer Name = Kiril-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 449 seconds with 120 seconds of active time. This session ended with a crash. [ System Events ] Error - 4.3.2010 г. 10:25:30 | Computer Name = Kiril-PC | Source = Service Control Manager | ID = 7016 Description = Услуга NVIDIA Display Driver Service съобщава невалидно текущо състояние 32. Error - 4.3.2010 г. 14:50:48 | Computer Name = Kiril-PC | Source = Service Control Manager | ID = 7016 Description = Услуга NVIDIA Display Driver Service съобщава невалидно текущо състояние 32. Error - 4.3.2010 г. 20:59:42 | Computer Name = Kiril-PC | Source = Service Control Manager | ID = 7016 Description = Услуга NVIDIA Display Driver Service съобщава невалидно текущо състояние 32. Error - 5.3.2010 г. 05:12:40 | Computer Name = Kiril-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Неуспешно инсталиране: Windows не успя да инсталира следната актуализация с грешка 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.77.353.0). Error - 5.3.2010 г. 06:14:20 | Computer Name = Kiril-PC | Source = Service Control Manager | ID = 7016 Description = Услуга NVIDIA Display Driver Service съобщава невалидно текущо състояние 32. Error - 5.3.2010 г. 13:13:09 | Computer Name = Kiril-PC | Source = volsnap | ID = 393252 Description = The shadow copies of volume E: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error - 5.3.2010 г. 14:01:27 | Computer Name = Kiril-PC | Source = Service Control Manager | ID = 7016 Description = Услуга NVIDIA Display Driver Service съобщава невалидно текущо състояние 32. Error - 5.3.2010 г. 14:18:25 | Computer Name = Kiril-PC | Source = Service Control Manager | ID = 7016 Description = Услуга NVIDIA Display Driver Service съобщава невалидно текущо състояние 32. Error - 5.3.2010 г. 16:15:42 | Computer Name = Kiril-PC | Source = Service Control Manager | ID = 7016 Description = Услуга NVIDIA Display Driver Service съобщава невалидно текущо състояние 32. Error - 5.3.2010 г. 16:36:08 | Computer Name = Kiril-PC | Source = volsnap | ID = 393245 Description = The shadow copies of volume E: were aborted during detection. < End of report >
  22. Ето линка: премахнат линкт Всъщност няма как да изолирам червея, защото той е вътре в архива и нода го трие автоматично при разархивиране. От друга страна архивът се генерира сам, така че допускам че той е червея . .. С две думи ако свалите това което съм качил бъдете внимателни .... Ако има проблем с предния линк, мога да кача гадината тук в zip - наистина става (пробвах).
  23. Прикачвам направо едно от архивчетата което се самосъздават. Според моят Нод32 е заразен е "Glacier Bkgrd.exe" - един от файловете в архива Имам проблем с прикачването. Калдата ми съобщава че не мога да прикачвам такива файлове.Някаква идея какво да правя. Иначе го архивирвам . . . но не се получава?
  24. Пробвах точно с посочената версия - не открива заплаха дори като я накарам да сканира само заразения файл.
  25. Здравейте, антивирусната ми програма - Nod32 подава сигнали за наличие на заразени файлове на единия от дяловете на компютъра ми. След известно суетене, забелязах че в отделните папки на заразения дял се появяват архиви с името на папката и големина под половин мегабайт. На компа имам инсталирани две операционни системи - XP и 7, като преди няколко дни по мистериозен начин, при деинсталиране на антивирусна програма фатално повредих ХП и се отдадох изцяло на седмицата (т.е. в момента съм ефективно само с Уин7). Конфигурацията ми е Атлон х2 5000+, дъно гигабайт GA-M56S-S3, НВидия 9400 512 мб, 2х1гб рам, хард диск 500 гб Самсунг ...... Заплахата според Нод 32 е AutoRun.Agent.TV червей. Моля помогнете да изчистя компютъра! Благодаря предварително!
  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×
×
  • Добави ново...