Премини към съдържанието

Филтри за търсене

Показани резултати за тагове 'Решен'.

  • Търсене по таг

    Въведете тагове разделени със запетая
  • Търсене по автор

Търсене в


Форуми

  • Софтуер
    • Нови Програми
    • Търсене на Програми
    • Програми - Проблеми и Дискусии
    • Драйвери - Търсене, Проблеми, Линкове
    • Операционни системи
    • Сигурност и антивирусна защита
    • Игри
  • Хардуер
    • Общи хардуерни въпроси
    • Преносими компютри
    • Дънни платки
    • Запаметяващи устройства и памети
    • Монитори, Аудио и Видеокарти
    • Периферия
    • Овърклок и PC модинг
    • Нови конфигурации и части, въпроси, препоръки и мнения
  • Мобилни телефони, GSM, Мобилни приложения, Комуникации
    • Мобилни телефони - Въпроси, Проблеми, Софтуер
    • Съвети при избор на телефон
    • Мобилни Приложения (Apps)
    • Мобилни оператори, Мрежи, Промоции, Абонаменти, Услуги
    • Други теми относно мобилни телефони
  • Уеб дизайн, Графичен дизайн, Програмиране
    • Програмиране
    • Графичен Дизайн и Визуални изкуства
    • CMS, Форумни и Торент системи
    • Хостинг, Домейни, Уеб сървъри
    • SEO, Уеб оптимизация и стандарти
  • Битова Техника
    • Аудиотехника
    • Телевизори, Видео и Фото техника, Видео наблюдение
    • Климатици - проблеми, съвети, въпроси
    • Бойлери, Печки, Отопление
    • Друга битова техника
  • Интернет, Локални Мрежи и GPS Навигации
    • Интернет, WiFi, xDSL и Локална Мрежа
    • Биткойн и Криптовалути
    • Онлайн бизнес, AdSense, Affilate програми
    • Рутери, Модеми, Суичове
    • Facebook - проблеми, въпроси, вируси
    • Skype, VoIP - Интернет телефония
    • GPS, Навигационни системи - Въпроси, Карти, Проблеми
  • Изкуство
    • Музика
    • Кино и Телевизия
    • Поезия и Лично творчество
    • Изкуство - Изящно, Приложно и Сценично
    • Фотография и Фотографска техника
    • Литература, Книги (e-books, video trainings, tutorials & etc.)
  • Други
    • Статии и ревюта
    • Образование и обща култура
    • Религия, Мистика, Езотерика
    • История
    • Философия
    • Психология и Психотерапия
    • Новини от България и Света
    • Българите по света
    • Политика
    • Право и Юридически консултации
    • Здраве и Mедицина
    • Банки, Застраховане, Финанси, Кредити
    • Тийн Зона (Teen Zone)
    • Купувам / Продавам
    • Всичко останало
  • Хоби, Развлечение и Свободно време
    • Спорт
    • Автомобили
    • Дом и семейство
    • Домашни любимци
    • Пътешествия и туризъм
    • Кулинар
    • Изповеди
    • Празни приказки и забава
  • За kaldata.com
    • Новини относно сайта
    • Предложения, Въпроси и Проблеми свързани със сайта
  • групите за са стадото аз съм вълк единак Теми
  • Photoshop майнаци Теми
  • Аудио-видео и компютърна техника За приемане на членове
  • Аудио-видео и компютърна техника Теми
  • python3 data types
  • какви са ви любимите игри?? Темиигри за вас
  • супрески игри и рекорди Темиигри за вас

Блогове

Няма резултати

Няма резултати

Категории

  • Компютри
    • Компютърни конфигурации
    • Компютърни компоненти
    • Периферни устройства
    • Дънни платки
    • Мултимедия
    • Компютърни игри и софтуер
    • Администриране и интернет услуги
    • Компютърни аксесоари
    • Лаптопи и таблети
    • Видеокарти
    • Монитори
    • Процесори
    • Хард дискове и Памети
    • Други
  • Електроника
    • Телефони, GSM апарати
    • Аудио
    • Битова електроника
    • GPS и навигационни системи
    • Фотоапарати и обективи
    • TV и Видео
    • Други
  • Имоти
    • Гарсониери
    • Къщи и вили
    • Търговски площи
    • Гаражи
    • Апартаменти
    • Терени
    • Офиси
    • Други имоти в продажба
  • Авто-мото
    • Автомобили
    • Велосипеди
    • Лодки
    • Резервни части
    • Авто аксесоари
    • Мотоциклети
    • Скутери и ATV
    • Камиони и Автобуси
    • Авто сервизи и Rent-a-Car
    • Други
  • Работа
    • Работа в страната
    • Работа в чужбина
    • Стажове
    • Работа от вкъщи
    • Непълно работно време
  • Услуги
  • Строителство
  • Туризъм
  • Курсове и обучение
  • Домашни любимци
  • Други
  • супрески игри и рекорди Обяви
  • супрески игри и рекорди Обяви

Категории

  • Домашни любимци и Животни
  • Игри
  • Инциденти и Екстремни
  • Коли и превозни средства
  • Музика
    • Българска музика
    • Джаз
    • Електронна
    • Метъл и Рок
    • Народна и Фолклор
    • Поп и Диско
    • Поп-фолк
    • Рап и хип-хоп
    • Ритъм енд блус и соул
    • Друга
  • Новини и политика
  • Реклами
  • Смях и Развлечение
  • Спорт
  • Технологии, Компютри, Хардуер
  • ТВ Предавания и Шоу Програми
  • Хора и блогове
  • Филми и анимация
  • Други
  • Old School Hip-Hop and Electroo 80" Видео клипчета

Календари

  • Събития
  • Изложения
  • Семинари
  • Парти
  • Празници в България

Групи продукти

  • Банер Реклами

Търсене в...

Търси резултати които съдържат...


Дата

  • Начало

    Край


Последно обновяване

  • Начало

    Край


Филтриране по брой...

Регистрация

  • Начало

    Край


Група


Skype


Facebook


Google+


Twitter


ICQ


Yahoo


Интернет сайт


Град


Интереси

Открити 302 резултата

  1. Здравейте!!!Пиша Ви за пореден път, но този път не става въпрос за моята машина , а за тази на мой приятел. Проблема е следния, без да е отворен никакъв прозорец, лаптопа се товари на 80-100 % и вдига много висока температура. А когато тръне да зарежда примерно Експлорер, ужасно много бави. Ето и логовете: FRST Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-11-2014 Ran by Dzhemal (administrator) on DZHEMAL-HP on 21-11-2014 21:29:56 Running from C:\Users\Dzhemal\Desktop Loaded Profile: Dzhemal (Available profiles: Dzhemal & Guest) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe (Beijing ELEX Technology Co., Ltd.) C:\Program Files (x86)\Software Plate\svcgdp.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe () C:\Program Files (x86)\Common Files\DeviceHelper\DeviceManager.exe (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (SafeIP) C:\Program Files (x86)\SafeIP\SafeIPS.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Nullsoft) C:\Program Files (x86)\Winamp\winampa.exe () C:\Program Files (x86)\VIVACOM 3G USB MODEM\ModemListener.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_8_800_94_ActiveX.exe (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-17] (Synaptics Incorporated) HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.) HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-13] (Intel Corporation) HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-02-16] (Hewlett-Packard Development Company L.P.) HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-03-16] (EasyBits Software AS) HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [39424 2009-12-18] (Nullsoft) HKLM-x32\...\Run: [ModemListener] => C:\Program Files (x86)\VIVACOM 3G USB MODEM\ModemListener.exe [98304 2010-01-27] () HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-966336249-240343522-4042860801-1000\...\Run: [Google Update] => C:\Users\Dzhemal\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-26] (Google Inc.) HKU\S-1-5-21-966336249-240343522-4042860801-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.) HKU\S-1-5-21-966336249-240343522-4042860801-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google) HKU\S-1-5-21-966336249-240343522-4042860801-1000\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2283808 2013-11-11] (IObit) HKU\S-1-5-21-966336249-240343522-4042860801-1000\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-966336249-240343522-4042860801-1000\...\MountPoints2: {29828cb2-d0cf-11e0-a9ce-2c27d7dba7d9} - F:\AutoRun.exe HKU\S-1-5-21-966336249-240343522-4042860801-1000\...\MountPoints2: {29828cc7-d0cf-11e0-a9ce-2c27d7dba7d9} - J:\AutoRun.exe HKU\S-1-5-21-966336249-240343522-4042860801-1000\...\MountPoints2: {3a1324f1-d301-11e0-ab1e-2c27d7dba7d9} - F:\AutoRun.exe HKU\S-1-5-21-966336249-240343522-4042860801-1000\...\MountPoints2: {41892756-f045-11e0-8c31-2c27d7dba7d9} - F:\AutoRun.exe HKU\S-1-5-21-966336249-240343522-4042860801-1000\...\MountPoints2: {41892759-f045-11e0-8c31-2c27d7dba7d9} - F:\AutoRun.exe HKU\S-1-5-21-966336249-240343522-4042860801-1000\...\MountPoints2: {50066d0f-265a-11e1-b5ec-2c27d7dba7d9} - I:\autorun.exe HKU\S-1-5-21-966336249-240343522-4042860801-1000\...\MountPoints2: {c37f0e3a-c19d-11e3-a6a1-2c27d7dba7d9} - F:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-966336249-240343522-4042860801-1000\...\MountPoints2: {e165778e-d16b-11e0-8bcc-2c27d7dba7d9} - F:\AutoRun.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-966336249-240343522-4042860801-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.bg/ URLSearchHook: HKLM-x32 - Winamp Toolbar Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.) URLSearchHook: HKU\S-1-5-21-966336249-240343522-4042860801-1000 - Winamp Toolbar Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.) SearchScopes: HKLM -> DefaultScope value is missing. SearchScopes: HKLM -> {903E9084-8050-4C90-870A-226613C1C2F5} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-111095-2958-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20131222185642776&tb_oid=22-12-2013&tb_mrud=22-12-2013 SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-111095-2958-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKLM-x32 -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20131222185642776&tb_oid=22-12-2013&tb_mrud=22-12-2013 SearchScopes: HKU\S-1-5-21-966336249-240343522-4042860801-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-111095-2958-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKU\S-1-5-21-966336249-240343522-4042860801-1000 -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20131222185642776&tb_oid=22-12-2013&tb_mrud=22-12-2013 SearchScopes: HKU\S-1-5-21-966336249-240343522-4042860801-1000 -> {EF87F31E-38AE-4881-B513-151ED9619405} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms} BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit) BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus) BHO-x32: Winamp Toolbar Loader -> {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} -> C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: Proxy Help -> {F386E548-C533-472E-8C61-C026FB14FEB9} -> C:\Windows\SysWow64\Newtabs_22find.dll (Newtabs. inc) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.) Toolbar: HKU\S-1-5-21-966336249-240343522-4042860801-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File DPF: HKLM-x32 {A996E48C-D3DC-4244-89F7-AFA33EC60679} https://ebb.ubb.bg/CAPICOM/capicom.cab DPF: HKLM-x32 {B015B944-7316-49AE-AC84-ACCA9379EA32} http://77.85.205.2:90/IPCamPluginMJPEG.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-04-20] (EasyBits Software Corp.) Winsock: Catalog9 01 C:\Windows\SysWOW64\SafeIPs.dll [380608] (SafeIP) Winsock: Catalog9 02 C:\Windows\SysWOW64\SafeIPs.dll [380608] (SafeIP) Winsock: Catalog9 03 C:\Windows\SysWOW64\SafeIPs.dll [380608] (SafeIP) Winsock: Catalog9 04 C:\Windows\SysWOW64\SafeIPs.dll [380608] (SafeIP) Winsock: Catalog9 15 C:\Windows\SysWOW64\SafeIPs.dll [380608] (SafeIP) Winsock: Catalog9-x64 01 C:\Windows\system32\SafeIPs64.dll [540864] (SafeIP) Winsock: Catalog9-x64 02 C:\Windows\system32\SafeIPs64.dll [540864] (SafeIP) Winsock: Catalog9-x64 03 C:\Windows\system32\SafeIPs64.dll [540864] (SafeIP) Winsock: Catalog9-x64 04 C:\Windows\system32\SafeIPs64.dll [540864] (SafeIP) Winsock: Catalog9-x64 15 C:\Windows\system32\SafeIPs64.dll [540864] (SafeIP) Hosts: 127.0.0.1 localhost Tcpip\Parameters: [DhcpNameServer] 192.168.43.1 FireFox: ======== FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-966336249-240343522-4042860801-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Dzhemal\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-966336249-240343522-4042860801-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Dzhemal\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.8.0.14\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.8.0.14\IPSFF [2013-10-12] FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.8.0.14\coFFPlgn FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.8.0.14\coFFPlgn [2014-11-21] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Users\Dzhemal\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll No File CHR Plugin: (Shockwave Flash) - C:\Users\Dzhemal\AppData\Local\Google\Chrome\Application\39.0.2171.65\gcswf32.dll No File CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Dzhemal\AppData\Local\Google\Chrome\Application\39.0.2171.65\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Users\Dzhemal\AppData\Local\Google\Chrome\Application\39.0.2171.65\pdf.dll () CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Dzhemal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll No File CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.) CHR Plugin: (Java Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File CHR Profile: C:\Users\Dzhemal\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Google Диск) - C:\Users\Dzhemal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-09] CHR Extension: (YouTube) - C:\Users\Dzhemal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-09-01] CHR Extension: (Adblock Plus) - C:\Users\Dzhemal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-07-22] CHR Extension: (Google Търсене) - C:\Users\Dzhemal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-09-01] CHR Extension: (Skype Click to Call) - C:\Users\Dzhemal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-02-05] CHR Extension: (Google Wallet) - C:\Users\Dzhemal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23] CHR Extension: (Gmail) - C:\Users\Dzhemal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-01] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-11-22] CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\Exts\Chrome.crx [2013-09-16] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [878368 2013-10-25] (IObit) R2 DeviceManager; C:\Program Files (x86)\Common Files\DeviceHelper\DeviceManager.exe [40960 2009-11-17] () [File not signed] R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed] R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed] R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2372096 2011-02-19] (Realsil Microelectronics Inc.) [File not signed] S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151232 2013-12-02] (IObit) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation) S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed] R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation) S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [266240 2007-01-15] (Nero AG) [File not signed] R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed] R3 SafeIPS; C:\Program Files (x86)\SafeIP\SafeIPs.exe [3797184 2012-12-17] (SafeIP) R2 svcgdp; C:\Program Files (x86)\Software Plate\svcgdp.exe [224416 2012-07-02] (Beijing ELEX Technology Co., Ltd.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.8.0.14\Definitions\BASHDefs\20141118.001\BHDrvx64.sys [1587416 2014-10-16] (Symantec Corporation) R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-10-23] (Symantec Corporation) S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated) R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.8.0.14\Definitions\IPSDefs\20141120.001\IDSvia64.sys [637656 2014-11-14] (Symantec Corporation) S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [119680 2009-11-17] (TCT International Mobile Ltd) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-21] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation) R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.8.0.14\Definitions\VirusDefs\20141109.003\ENG64.SYS [129752 2014-10-24] (Symantec Corporation) R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.8.0.14\Definitions\VirusDefs\20141109.003\EX64.SYS [2137304 2014-10-24] (Symantec Corporation) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2012-01-03] () [File not signed] R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2012-04-17] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-12-24] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation) S3 utmxnjk0; No ImagePath S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X] S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] U2 wuaserv; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-21 21:28 - 2014-11-21 21:29 - 00030994 _____ () C:\Users\Dzhemal\Desktop\Addition.txt 2014-11-21 21:27 - 2014-11-21 21:30 - 00025889 _____ () C:\Users\Dzhemal\Desktop\FRST.txt 2014-11-21 21:27 - 2014-11-21 21:30 - 00000000 ____D () C:\FRST 2014-11-21 21:25 - 2014-11-21 21:27 - 02117632 _____ (Farbar) C:\Users\Dzhemal\Desktop\FRST64.exe 2014-11-21 00:25 - 2014-11-21 00:25 - 00000000 __SHD () C:\Users\Dzhemal\AppData\Local\EmieBrowserModeList 2014-11-21 00:11 - 2014-11-21 00:11 - 00007601 _____ () C:\Users\Dzhemal\AppData\Local\Resmon.ResmonCfg 2014-11-21 00:07 - 2014-11-21 00:07 - 00000056 _____ () C:\Windows\setupact.log 2014-11-21 00:07 - 2014-11-21 00:07 - 00000000 _____ () C:\Windows\setuperr.log 2014-11-21 00:06 - 2014-11-21 00:06 - 00005986 _____ () C:\Windows\PFRO.log 2014-11-21 00:05 - 2014-11-21 00:05 - 00000000 _____ () C:\asc_rdflag 2014-11-20 23:26 - 2014-11-07 21:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-11-20 23:26 - 2014-11-07 21:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-11-20 23:26 - 2014-11-06 06:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-11-20 23:26 - 2014-11-06 06:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-11-20 23:26 - 2014-11-06 05:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-11-20 23:26 - 2014-11-06 05:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-11-20 23:26 - 2014-11-06 05:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-11-20 23:26 - 2014-11-06 05:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-11-20 23:26 - 2014-11-06 05:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-11-20 23:26 - 2014-11-06 05:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-11-20 23:26 - 2014-11-06 05:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-11-20 23:26 - 2014-11-06 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-11-20 23:26 - 2014-11-06 05:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-11-20 23:26 - 2014-11-06 05:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-11-20 23:26 - 2014-11-06 05:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-11-20 23:26 - 2014-11-06 05:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-11-20 23:26 - 2014-11-06 05:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-11-20 23:26 - 2014-11-06 05:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-11-20 23:26 - 2014-11-06 05:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-20 23:26 - 2014-11-06 05:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-11-20 23:26 - 2014-11-06 05:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-11-20 23:26 - 2014-11-06 05:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-11-20 23:26 - 2014-11-06 05:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-11-20 23:26 - 2014-11-06 04:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-11-20 23:26 - 2014-11-06 04:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-11-20 23:26 - 2014-11-06 04:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-11-20 23:26 - 2014-11-06 04:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-11-20 23:26 - 2014-11-06 04:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-20 23:26 - 2014-11-06 04:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-11-20 23:26 - 2014-11-06 04:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-11-20 23:26 - 2014-11-06 04:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-11-20 23:26 - 2014-11-06 04:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-11-20 23:26 - 2014-11-06 04:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-11-20 23:26 - 2014-11-06 04:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-11-20 23:26 - 2014-11-06 04:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-11-20 23:26 - 2014-11-06 04:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-11-20 23:26 - 2014-11-06 04:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-11-20 23:26 - 2014-11-06 04:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-11-20 23:26 - 2014-11-06 04:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-11-20 23:26 - 2014-11-06 04:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-11-20 23:26 - 2014-11-06 03:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-11-20 23:26 - 2014-11-06 03:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-11-20 23:26 - 2014-11-06 03:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-11-20 23:26 - 2014-11-06 03:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-11-20 23:25 - 2014-11-06 06:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-11-20 23:25 - 2014-11-06 05:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-11-20 23:25 - 2014-11-06 05:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-11-20 23:25 - 2014-11-06 05:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-11-20 23:25 - 2014-11-06 05:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-11-20 23:25 - 2014-11-06 05:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-11-20 23:25 - 2014-11-06 05:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-11-20 23:25 - 2014-11-06 05:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-11-20 23:25 - 2014-11-06 05:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-11-20 23:25 - 2014-11-06 04:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-11-20 23:25 - 2014-11-06 04:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-11-20 23:25 - 2014-11-06 04:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-11-20 21:38 - 2014-11-21 19:53 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-20 21:38 - 2014-11-20 21:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-11-20 21:38 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-11-20 21:38 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-11-20 19:36 - 2014-09-19 11:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-11-20 19:36 - 2014-09-19 11:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-11-20 19:36 - 2014-09-19 11:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-11-20 19:36 - 2014-09-19 11:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-11-20 19:36 - 2014-09-19 11:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-11-20 19:36 - 2014-09-19 11:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-11-20 19:36 - 2014-09-19 11:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-11-20 19:36 - 2014-09-19 11:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-11-20 19:36 - 2014-09-19 11:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-11-20 19:36 - 2014-09-19 11:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-11-20 19:36 - 2014-09-19 11:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-11-20 19:36 - 2014-09-19 11:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-11-20 19:24 - 2014-11-11 05:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-11-20 19:24 - 2014-11-11 05:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2014-11-20 19:24 - 2014-11-11 04:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-11-20 19:24 - 2014-11-11 04:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll 2014-11-20 19:24 - 2014-10-14 04:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-11-20 19:24 - 2014-10-14 04:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-11-20 19:24 - 2014-10-14 03:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-11-20 19:24 - 2014-10-14 03:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-11-20 19:23 - 2014-10-14 04:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-11-20 19:23 - 2014-10-14 03:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-11-20 19:20 - 2014-10-14 04:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-11-20 19:20 - 2014-10-14 04:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-11-20 19:20 - 2014-10-14 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-11-20 19:20 - 2014-10-14 03:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2014-11-20 19:20 - 2014-10-14 03:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2014-11-20 18:41 - 2014-08-21 08:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-11-20 18:41 - 2014-08-21 08:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-11-20 18:41 - 2014-08-21 08:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-11-20 18:41 - 2014-08-21 08:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-11-20 18:36 - 2014-10-03 04:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-11-20 18:36 - 2014-10-03 04:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-11-20 18:36 - 2014-10-03 04:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-11-20 18:36 - 2014-10-03 04:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-11-20 18:36 - 2014-10-03 04:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-11-20 18:36 - 2014-10-03 03:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2014-11-20 18:36 - 2014-10-03 03:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2014-11-20 18:36 - 2014-10-03 03:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2014-11-20 18:36 - 2014-08-12 04:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2014-11-20 18:36 - 2014-08-12 03:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL 2014-11-20 18:06 - 2014-10-10 02:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-11-20 16:57 - 2014-10-25 03:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-11-20 16:57 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-11-20 16:52 - 2014-10-18 04:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-11-20 16:52 - 2014-10-18 03:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2014-11-19 23:59 - 2014-11-19 23:59 - 00000000 ____D () C:\Program Files (x86)\HTC 2014-11-19 23:57 - 2014-11-19 23:59 - 00000000 ____D () C:\Temp 2014-11-19 23:57 - 2014-11-19 23:57 - 00000000 ____D () C:\ProgramData\HTC 2014-11-19 23:57 - 2010-03-08 22:08 - 00121800 _____ (QUALCOMM Incorporated) C:\Windows\system32\Drivers\HtcVComV64.sys 2014-10-25 15:43 - 2014-10-25 15:43 - 00000000 ____D () C:\Program Files\Adblock Plus for IE 2014-10-24 23:47 - 2014-10-24 23:48 - 00000000 ____D () C:\Users\Dzhemal\Downloads\Salmon.Fishing.in.the.Yemen.2011.HDRip.XviD.BGAUDiO-SiSO 2014-10-24 17:12 - 2014-10-24 19:42 - 00000000 ____D () C:\g ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-21 21:12 - 2013-07-22 21:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-21 21:09 - 2011-08-19 21:05 - 00000000 ____D () C:\Users\Dzhemal\AppData\Roaming\Skype 2014-11-21 21:03 - 2012-06-26 16:50 - 00001016 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-966336249-240343522-4042860801-1000UA.job 2014-11-21 20:43 - 2012-08-18 16:51 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-21 20:27 - 2011-05-30 09:52 - 01801248 _____ () C:\Windows\WindowsUpdate.log 2014-11-21 18:39 - 2013-01-28 16:19 - 00000000 ____D () C:\Users\Dzhemal\Desktop\Джемал Рупчев 2012 2014-11-21 18:27 - 2013-12-22 20:50 - 00000000 ____D () C:\Users\Dzhemal\AppData\Roaming\Winamp 2014-11-21 15:03 - 2012-06-26 16:50 - 00000964 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-966336249-240343522-4042860801-1000Core.job 2014-11-21 11:50 - 2011-08-19 19:40 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-11-21 10:43 - 2009-07-14 07:13 - 00006260 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-21 09:43 - 2012-08-18 16:51 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-21 00:12 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-21 00:12 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-21 00:09 - 2014-01-07 09:43 - 00000000 ____D () C:\ProgramData\ProductData 2014-11-21 00:07 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-21 00:07 - 2009-07-14 06:45 - 00340568 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-21 00:05 - 2014-02-16 17:23 - 72785920 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak 2014-11-21 00:05 - 2014-02-16 17:23 - 00671744 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak 2014-11-21 00:05 - 2014-02-16 17:23 - 00061440 _____ () C:\Windows\system32\config\SAM.iodefrag.bak 2014-11-21 00:05 - 2014-02-16 17:23 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak 2014-11-21 00:05 - 2011-08-19 17:03 - 00000000 ____D () C:\Users\Dzhemal 2014-11-20 23:56 - 2013-07-25 19:53 - 00000000 ____D () C:\Windows\system32\MRT 2014-11-20 23:47 - 2012-12-21 23:16 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-11-20 21:38 - 2013-07-22 18:33 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-11-20 21:38 - 2013-07-22 18:33 - 00000000 ____D () C:\Users\Dzhemal\AppData\Roaming\Malwarebytes 2014-11-20 21:38 - 2013-07-22 18:33 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-11-20 21:38 - 2013-07-22 18:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-11-20 16:03 - 2011-05-30 10:01 - 00000000 ____D () C:\ProgramData\Norton 2014-11-18 17:18 - 2014-04-10 06:30 - 00003198 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForDzhemal 2014-11-18 17:18 - 2014-04-10 06:30 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForDzhemal.job 2014-11-18 00:35 - 2014-01-07 09:51 - 00002205 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk 2014-11-18 00:34 - 2011-08-28 14:21 - 00000000 ____D () C:\Users\Dzhemal\AppData\Roaming\uTorrent 2014-11-17 01:28 - 2014-03-31 18:14 - 43892736 _____ () C:\Windows\system32\config\COMPONENTS.iodefrag.bak 2014-11-14 14:58 - 2012-06-26 16:50 - 00003990 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-966336249-240343522-4042860801-1000UA 2014-11-14 14:58 - 2012-06-26 16:50 - 00003594 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-966336249-240343522-4042860801-1000Core 2014-11-14 09:38 - 2012-08-18 16:51 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-11-14 09:38 - 2012-08-18 16:51 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-11-07 08:28 - 2012-08-21 11:02 - 00000000 ____D () C:\Users\Dzhemal\Desktop\Bambina 2014-11-05 21:17 - 2013-07-09 11:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2014-11-01 17:27 - 2013-05-09 08:36 - 00000000 ____D () C:\Users\Public\Downloads\Norton 2014-10-25 09:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-10-25 07:02 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-17 17:20 ==================== End Of Log ============================ Addition Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-11-2014 Ran by Dzhemal at 2014-11-21 21:30:55 Running from C:\Users\Dzhemal\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton Internet Security (Enabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3 - ) µTorrent (HKU\S-1-5-21-966336249-240343522-4042860801-1000\...\uTorrent) (Version: 3.3.2.30488 - BitTorrent Inc.) 50 FREE MP3s +1 Free Audiobook! (HKLM-x32\...\eMusic Promotion) (Version: 1.0.0.1 - eMusic.com Inc) Adblock Plus за IE (32-битов и 64-битов) (HKLM\...\{04F1B8BC-8D13-48FB-9D17-A168BFA0A560}) (Version: 99.9 - Eyeo GmbH) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated) Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.94 - Adobe Systems Incorporated) Adobe Reader XI (11.0.03) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated) Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.0.6 - IObit) Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden Ashampoo Magical Optimizer 1.22 (HKLM-x32\...\Ashampoo Magical Optimizer_is1) (Version: 1.2.2 - Ashampoo GmbH & Co. KG) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation) Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.63.1071 - AB Team, d.o.o.) Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.3922 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden Download Updater (AOL LLC) (HKLM-x32\...\SoftwareUpdUtility) (Version: - ) <==== ATTENTION Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard) ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard) Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.) Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden Google Chrome (HKU\S-1-5-21-966336249-240343522-4042860801-1000\...\Google Chrome) (Version: 39.0.2171.65 - Google Inc.) Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden HP Connection Manager (HKLM-x32\...\{795AADBF-58C2-42D0-B779-E730702A247E}) (Version: 4.0.45.1 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{6C453C9C-38AE-494D-BF89-7AA0DE87F3E5}) (Version: 1.2.0.0 - Hewlett-Packard) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent) HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company) HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company) HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company) HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company) HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company) HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company) HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT) Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2279 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.0.5.1228 - IObit) IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC) Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden K-Lite Codec Pack 6.0.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.0 - ) Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS) Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden Malwarebytes Anti-Malware, версия 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden Nero 7 Premium (HKLM-x32\...\{FC98FBE9-E931-494C-8717-497185371033}) (Version: 7.02.4712 - Nero AG) NewTabs Uninstall (HKLM-x32\...\NewTabs) (Version: - ELEX Technology) <==== ATTENTION Norton Internet Security (HKLM-x32\...\NIS) (Version: 19.9.1.14 - Symantec Corporation) Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden Ralink RT5390 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.2.13.0 - Ralink) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.) Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden SA Dictionary 2008 Beta 4 (HKLM-x32\...\{055A5AF0-9FEB-440D-B00A-18935C7C171C}) (Version: 6.6.12 - Stefan Angelov) SafeIP (HKLM-x32\...\SAFEIP_is1) (Version: - SafeIP) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.4.11328 - Skype Technologies S.A.) Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden Software Plate (HKLM-x32\...\Software Plate) (Version: 1.0.1 - XingCloud) <==== ATTENTION Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.4.4 - Synaptics Incorporated) The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - ) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden VIVACOM 3G USB MODEM (HKLM-x32\...\VIVACOM 3G USB MODEM ALCATEL_is1) (Version: - Alcatel) WildTangent Games App (HP Games) (x32 Version: 4.0.10.16 - WildTangent) Hidden Winamp (HKLM-x32\...\Winamp) (Version: 5.57 - Nullsoft, Inc) Winamp Application Detect (HKU\S-1-5-21-966336249-240343522-4042860801-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) Winamp Toolbar (HKLM-x32\...\Winamp Toolbar) (Version: - ) <==== ATTENTION Winamp Toolbar (HKU\S-1-5-21-966336249-240343522-4042860801-1000\...\Winamp Toolbar) (Version: - ) <==== ATTENTION Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - ) Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-966336249-240343522-4042860801-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Dzhemal\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-966336249-240343522-4042860801-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Dzhemal\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.) ==================== Restore Points ========================= 02-11-2014 17:00:26 Windows Backup 09-11-2014 18:00:01 Windows Backup 16-11-2014 18:42:29 Windows Backup 17-11-2014 07:21:45 Windows Update 19-11-2014 21:47:34 Windows Update 20-11-2014 04:31:44 Windows Update 20-11-2014 21:45:07 Windows Update 21-11-2014 08:37:53 Windows Update 21-11-2014 09:34:30 Windows Update 21-11-2014 09:50:23 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2013-07-22 17:26 - 00000741 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {3219DB7E-175F-4B87-8107-981363264FD7} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation) Task: {3295386A-7074-4758-B958-E1289893B2D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-18] (Google Inc.) Task: {4244458F-6275-43A1-96A7-9E6D1A73D267} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation) Task: {49CDAC2F-0D0A-4BFE-B501-C3AB44CDBA1D} - System32\Tasks\ASC7_SkipUac_Dzhemal => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2013-11-18] (IObit) Task: {57CA1EE8-5FB9-4E8E-A104-E0405DC70F0D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard) Task: {7763808A-020E-4E55-AA5D-A528C2E856A1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe Task: {7A2EF186-422E-444D-A394-1C25FC6ABFEA} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-03-22] (CyberLink) Task: {84580A75-01D4-43F3-8772-E815648600DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-18] (Google Inc.) Task: {878BED2C-6AA2-4C05-97CE-B4AD9D1508E0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-966336249-240343522-4042860801-1000UA => C:\Users\Dzhemal\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-26] (Google Inc.) Task: {9D31538F-8BE4-42A1-9CA2-FDC7A3456732} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-966336249-240343522-4042860801-1000Core => C:\Users\Dzhemal\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-26] (Google Inc.) Task: {B58F9550-E595-4BE4-8D78-59DBD1B80F7A} - System32\Tasks\HPCeeScheduleForDzhemal => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard) Task: {B7F35B8F-DFB7-4B6F-AEB0-03C8342E329B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-22] (Adobe Systems Incorporated) Task: {BB7344DA-96B9-4934-B74A-40E023454747} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation) Task: {BF0C8C1F-2C36-461D-8DA0-8404076366C9} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [2013-11-11] (IObit) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-966336249-240343522-4042860801-1000Core.job => C:\Users\Dzhemal\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-966336249-240343522-4042860801-1000UA.job => C:\Users\Dzhemal\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForDzhemal.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (whitelisted) ============= 2011-12-14 15:50 - 2009-11-17 10:44 - 00040960 _____ () C:\Program Files (x86)\Common Files\DeviceHelper\DeviceManager.exe 2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 2011-12-14 15:50 - 2010-01-27 11:08 - 00098304 _____ () C:\Program Files (x86)\VIVACOM 3G USB MODEM\ModemListener.exe 2014-01-07 09:51 - 2013-10-25 12:07 - 01120032 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe 2014-01-07 09:51 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll 2014-01-07 09:51 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll 2014-11-21 00:08 - 2014-11-21 00:08 - 00098816 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\win32api.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00110080 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\pywintypes27.dll 2014-11-21 00:08 - 2014-11-21 00:08 - 00364544 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\pythoncom27.dll 2014-11-21 00:08 - 2014-11-21 00:08 - 00045568 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\_socket.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 01160704 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\_ssl.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00320512 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\win32com.shell.shell.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00713216 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\_hashlib.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 01175040 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\wx._core_.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00805888 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\wx._gdi_.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00811008 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\wx._windows_.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 01062400 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\wx._controls_.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00735232 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\wx._misc_.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00128512 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\_elementtree.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00127488 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\pyexpat.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00557056 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\pysqlite2._sqlite.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00087552 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\_ctypes.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00119808 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\win32file.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00108544 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\win32security.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00007168 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\hashobjs_ext.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00167936 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\win32gui.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00018432 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\win32event.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00038912 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\win32inet.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00011264 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\win32crypt.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00070656 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\wx._html2.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00027136 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\_multiprocessing.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00035840 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\win32process.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00686080 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\unicodedata.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00122368 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\wx._wizard.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00024064 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\win32pipe.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00025600 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\win32pdh.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00525640 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\windows._lib_cacheinvalidation.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00010240 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\select.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00017408 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\win32profile.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00022528 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\win32ts.pyd 2014-11-21 00:08 - 2014-11-21 00:08 - 00078336 _____ () C:\Users\Dzhemal\AppData\Local\Temp\_MEI41682\wx._animate.pyd 2014-01-07 09:51 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madExcept_.bpl 2014-01-07 09:51 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madBasic_.bpl 2014-01-07 09:51 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madDisAsm_.bpl 2014-10-25 07:15 - 2014-10-25 07:15 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9b1cac8d98bd69d3e56a26ff2f96f266\IsdiInterop.ni.dll 2011-05-30 09:50 - 2011-01-13 02:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SafeIPS => ""="service" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" MSCONFIG\startupreg: DAEMON Tools Lite => MSCONFIG\startupreg: SunJavaUpdateSched => ========================= Accounts: ========================== Administrator (S-1-5-21-966336249-240343522-4042860801-500 - Administrator - Disabled) Dzhemal (S-1-5-21-966336249-240343522-4042860801-1000 - Administrator - Enabled) => C:\Users\Dzhemal Guest (S-1-5-21-966336249-240343522-4042860801-501 - Limited - Disabled) => C:\Users\Guest ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/21/2014 10:43:18 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY) Description: Unloading the performance counter strings for service ASP.NET (ASP.NET) failed. The first DWORD in the Data section contains the error code. Error: (11/21/2014 10:43:18 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY) Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. Error: (11/21/2014 00:15:11 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY) Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. Error: (11/21/2014 00:15:11 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY) Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. Error: (11/21/2014 00:08:13 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/18/2014 08:07:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY) Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. Error: (11/18/2014 08:07:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY) Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. Error: (11/18/2014 08:02:00 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/18/2014 00:28:51 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY) Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. Error: (11/18/2014 00:28:51 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY) Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. System errors: ============= Error: (11/21/2014 08:48:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (11/21/2014 08:48:09 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (11/21/2014 08:48:09 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (11/21/2014 08:48:09 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (11/21/2014 08:48:08 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (11/21/2014 08:36:35 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (11/21/2014 08:36:34 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (11/21/2014 08:36:33 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (11/21/2014 08:11:52 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (11/21/2014 07:52:09 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. Microsoft Office Sessions: ========================= Error: (12/11/2012 01:16:48 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8123 seconds with 3420 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Processor: Intel® Pentium® CPU B940 @ 2.00GHz Percentage of memory in use: 57% Total physical RAM: 4043.86 MB Available physical RAM: 1699.19 MB Total Pagefile: 8085.9 MB Available Pagefile: 5035.25 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:342.96 GB) (Free:250.13 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive d: (RECOVERY) (Fixed) (Total:13.51 GB) (Free:1.48 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive g: (Local Disk) (Fixed) (Total:341.86 GB) (Free:140.32 GB) NTFS Drive h: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: D91F86F8) Partition 1: (Not Active) - (Size=993 KB) - (Type=42) Partition 2: (Active) - (Size=199 MB) - (Type=42) Partition 3: (Not Active) - (Size=343 GB) - (Type=42) Partition 4: (Not Active) - (Size=355.5 GB) - (Type=42) ==================== End Of Log ============================ Благодаря!!!!
  2. Здравейте, току-що моя приятелка ми донесе лаптопа си с оплаквания за забавяне и товарене на системата.Пуснах един бърз сакн с MBAM и откри бацили, но не се наемам на своя глава да го чистя, за това се обръщам към вас за помощ.Ето логовете: DDS (Ver_2011-09-30.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 Run by user at 15:29:16 on 2012-07-13 Microsoft Windows XP Home Edition 5.1.2600.3.1251.359.1033.18.3037.1903 [GMT 3:00] . AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton Internet Security *Disabled* . ============== Running Processes ================ . C:\Program Files\ATKGFNEX\GFNEXSrv.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files\ASUS\ATK Hotkey\HControl.exe C:\Program Files\ASUS\ATK Media\DMedia.exe C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Program Files\VIVACOM 3G USB MODEM\ModemListener.exe C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\ASUS\ATK Hotkey\WDC.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\SweetIM\Messenger\SweetIM.exe C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\All Users\Application Data\GameXN\GameXNGO.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k rpcss C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\System32\svchost.exe -k HTTPFilter . ============== Pseudo HJT Report =============== . uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3072253 uSearchAssistant = hxxp://search.bearshare.com//web?src=ieb&appid=119&systemid=2&sr=0&q={searchTerms} uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll uURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {EEE6C35D-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgHelper.dll BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - c:\program files\babylontoolbar\babylontoolbar\1.4.31.2\bh\BabylonToolbar.dll BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton internet security\engine\19.7.1.5\coieplg.dll BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton internet security\engine\19.7.1.5\ips\ipsbho.dll BHO: UrlHelper Class: {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - c:\program files\bearshare applications\mediabar\datamngr\IEBHO.dll BHO: Funmoods Helper Object: {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - c:\program files\funmoods\1.5.23.22\bh\escort.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: MediaBar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - c:\program files\bearshare applications\mediabar\datamngr\toolbar\bsdtxmltbpi.dll BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\19.7.1.5\coieplg.dll TB: uTorrentControl2 Toolbar: {687578B9-7132-4A7A-80E4-30EE31099E03} - c:\program files\utorrentcontrol2\prxtbuTor.dll TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll TB: MediaBar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - c:\program files\bearshare applications\mediabar\datamngr\toolbar\bsdtxmltbpi.dll TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - c:\program files\babylontoolbar\babylontoolbar\1.4.31.2\BabylonToolbarTlbr.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\19.7.1.5\coieplg.dll TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll TB: Funmoods Toolbar: {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - c:\program files\funmoods\1.5.23.22\escorTlbr.dll uRun: [Facebook Update] "c:\documents and settings\user\local settings\application data\facebook\update\FacebookUpdate.exe" /c /nocrashserver uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [GameXN GO] "c:\documents and settings\all users\application data\gamexn\GameXNGO.exe" /startup mRun: [HDAudDeck] c:\program files\via\viaudioi\hdadeck\HDeck.exe 1 mRun: [MsgTranAgt] c:\program files\asus\atk hotkey\MsgTranAgt.exe mRun: [HControlUser] c:\program files\asus\atk hotkey\HControlUser.exe mRun: [ATKHOTKEY] c:\program files\asus\atk hotkey\HControl.exe mRun: [ATKMEDIA] c:\program files\asus\atk media\DMedia.exe mRun: [ATKOSD2] c:\program files\asus\atkosd2\ATKOSD2.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [ETDWare] c:\program files\elantech\ETDCtrl.exe mRun: [ModemListener] c:\program files\vivacom 3g usb modem\ModemListener.exe start mRun: [DATAMNGR] c:\progra~1\bearsh~1\mediabar\datamngr\DATAMN~1.EXE mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe mRun: [sweetIM] c:\program files\sweetim\messenger\SweetIM.exe mRun: [sweetpacks Communicator] c:\program files\sweetim\communicator\SweetPacksUpdateManager.exe mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE uPolicies-Explorer: NoDriveTypeAutoRun = dword:323 uPolicies-Explorer: NoDriveAutoRun = dword:67108863 uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 mPolicies-Explorer: NoDriveTypeAutoRun = dword:323 mPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDriveTypeAutoRun = dword:323 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 IE: Search the Web - c:\program files\sweetim\toolbars\internet explorer\resources\menuext.html IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe TCP: NameServer = 192.168.0.1 TCP: Interfaces\{7285105B-2985-4DE1-8BEB-655EFD98B674} : DHCPNameServer = 192.168.0.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Notify: igfxcui - igfxdev.dll . ============= SERVICES / DRIVERS =============== . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1307010.005\symds.sys [2012-5-18 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1307010.005\symefa.sys [2012-5-18 905336] R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.1.3\definitions\bashdefs\20120711.002\BHDrvx86.sys [2012-7-12 821920] R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1307010.005\ccsetx86.sys [2012-5-18 132744] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1307010.005\ironx86.sys [2012-5-18 149624] R2 DeviceManager;DeviceManager;c:\program files\common files\devicehelper\devicemanager.exe -start --> c:\program files\common files\devicehelper\DeviceManager.exe -start [?] R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\19.7.1.5\ccsvchst.exe [2012-5-18 138232] R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-5-30 3048136] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-5-31 106656] R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2009-3-30 129024] R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.1.3\definitions\ipsdefs\20120712.001\IDSXpx86.sys [2012-7-13 369632] R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.1.3\definitions\virusdefs\20120712.034\NAVENG.SYS [2012-7-13 87928] R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.1.3\definitions\virusdefs\20120712.034\NAVEX15.SYS [2012-7-13 1589752] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-3-20 1057280] S2 gupdate;Услуга Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-5-26 136176] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-6-7 160944] S3 gupdatem;Услуга на Google Актуализация (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-5-26 136176] S3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:\windows\system32\drivers\jrdusbser.sys [2011-5-26 105344] . =============== Created Last 30 ================ . 2012-07-13 12:19:53 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-13 12:19:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-07-03 07:02:00 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys 2012-07-03 07:02:00 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys 2012-07-03 07:01:49 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys 2012-07-03 07:01:49 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys 2012-06-30 11:38:07 558133 ----a-w- c:\windows\system32\sqlite3.dll . ==================== Find3M ==================== . . ============= FINISH: 15:29:43,65 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume1 Install Date: 25.5.2011 г. 13:25:35 System Uptime: 12.7.2012 г. 07:23:34 (32 hours ago) . Motherboard: ASUSTeK Computer Inc. | | K50IJ Processor: Intel Pentium III Xeon processor | Socket 478 | 1895/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 233 GiB total, 213,93 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP30: 12.4.2012 г. 10:33:59 - System Checkpoint RP31: 13.4.2012 г. 19:59:50 - System Checkpoint RP32: 17.4.2012 г. 16:58:41 - System Checkpoint RP33: 22.4.2012 г. 20:23:12 - System Checkpoint RP34: 24.4.2012 г. 18:03:18 - System Checkpoint RP35: 26.4.2012 г. 18:12:45 - System Checkpoint RP36: 27.4.2012 г. 20:18:51 - System Checkpoint RP37: 28.4.2012 г. 22:16:37 - System Checkpoint RP38: 30.4.2012 г. 16:38:32 - System Checkpoint RP39: 03.5.2012 г. 21:15:50 - System Checkpoint RP40: 05.5.2012 г. 14:10:34 - System Checkpoint RP41: 08.5.2012 г. 21:53:01 - System Checkpoint RP42: 10.5.2012 г. 10:38:00 - System Checkpoint RP43: 19.5.2012 г. 11:09:30 - System Checkpoint RP44: 21.5.2012 г. 21:33:30 - System Checkpoint RP45: 24.5.2012 г. 11:14:11 - System Checkpoint RP46: 28.5.2012 г. 13:48:47 - System Checkpoint RP47: 30.5.2012 г. 12:10:45 - System Checkpoint RP48: 04.6.2012 г. 15:16:50 - System Checkpoint RP49: 15.6.2012 г. 14:26:13 - System Checkpoint RP50: 16.6.2012 г. 16:07:19 - System Checkpoint RP51: 17.6.2012 г. 21:13:29 - System Checkpoint RP52: 25.6.2012 г. 09:33:59 - System Checkpoint RP53: 27.6.2012 г. 18:44:45 - System Checkpoint RP54: 29.6.2012 г. 15:00:41 - System Checkpoint RP55: 05.7.2012 г. 18:26:28 - System Checkpoint RP56: 07.7.2012 г. 16:39:23 - System Checkpoint RP57: 10.7.2012 г. 12:00:19 - System Checkpoint RP58: 11.7.2012 г. 13:11:45 - System Checkpoint . ==== Installed Programs ====================== . µTorrent Adobe Flash Player 11 ActiveX ArcSoft Panorama Maker 5 Atheros Client Installation Program Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver ATK Generic Function Service ATK Hotkey ATK Media ATKOSD2 Babylon toolbar on IE BearShare BS.Player FREE ESET Online Scanner v3 ETDWare PS/2-x86 7.0.5.2 WHQL Facebook Video Calling 1.2.0.159 Funmoods Web Search GameXN GO Google Chrome Google Update Helper Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB976002-v5) Intel® Graphics Media Accelerator Driver Malwarebytes Anti-Malware, версия 1.62.0.1300 MediaBar Multimedia Card Reader Norton Internet Security PhotoScape Platform Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2586448) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2497640) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2510581) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2530548) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2536276) Security Update for Windows XP (KB2544521) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2559049) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982665) Skype Click to Call Skype™ 5.10 SweetIM for Messenger 3.6 SweetPacks Toolbar for Internet Explorer 4.6 Update for Windows Internet Explorer 8 (KB2447568) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676) Update for Windows XP (KB2641690) Update for Windows XP (KB898461) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) Update Manager for SweetPacks 1.0 USB 2.0 1.3M UVC WebCam uTorrentControl2 Toolbar VIA п»ї VIVACOM 3G USB MODEM WebFldrs XP Windows Internet Explorer 8 WinRAR 4.11 (32-bit) . ==== Event Viewer Messages From Past Week ======== . 13.7.2012 г. 15:14:24, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 1C4BD67B14DA has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message). 13.7.2012 г. 15:13:33, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 13.7.2012 г. 15:13:33, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 13.7.2012 г. 15:13:33, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 12.7.2012 г. 21:05:14, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 12.7.2012 г. 21:05:14, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 12.7.2012 г. 21:05:14, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 12.7.2012 г. 09:24:37, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 12.7.2012 г. 09:24:37, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 12.7.2012 г. 09:24:37, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 12.7.2012 г. 08:58:13, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 12.7.2012 г. 08:58:13, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 12.7.2012 г. 08:58:13, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 11.7.2012 г. 18:30:45, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 11.7.2012 г. 18:30:45, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 11.7.2012 г. 18:30:45, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 11.7.2012 г. 15:57:35, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 11.7.2012 г. 15:57:35, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 11.7.2012 г. 15:57:35, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 11.7.2012 г. 12:03:24, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 11.7.2012 г. 12:03:24, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 11.7.2012 г. 12:03:24, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 11.7.2012 г. 09:39:02, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 11.7.2012 г. 09:39:02, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 11.7.2012 г. 09:39:02, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 10.7.2012 г. 20:16:59, error: Service Control Manager [7023] - The IPSEC Services service terminated with the following error: The authentication service is unknown. 10.7.2012 г. 20:16:58, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 10.7.2012 г. 20:16:58, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 10.7.2012 г. 20:16:58, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 10.7.2012 г. 16:53:19, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 10.7.2012 г. 16:53:19, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 10.7.2012 г. 16:53:19, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 10.7.2012 г. 13:20:34, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 10.7.2012 г. 13:20:34, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 10.7.2012 г. 13:20:34, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 10.7.2012 г. 13:20:30, error: Service Control Manager [7023] - The IPSEC Services service terminated with the following error: The authentication service is unknown. 10.7.2012 г. 10:56:07, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 10.7.2012 г. 10:56:07, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 10.7.2012 г. 10:56:07, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 09.7.2012 г. 21:45:07, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 09.7.2012 г. 21:45:07, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 09.7.2012 г. 21:45:07, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 09.7.2012 г. 21:45:03, error: Service Control Manager [7023] - The IPSEC Services service terminated with the following error: The authentication service is unknown. 09.7.2012 г. 18:45:24, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 09.7.2012 г. 18:45:24, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 09.7.2012 г. 18:45:24, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 09.7.2012 г. 09:00:29, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 09.7.2012 г. 09:00:29, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 09.7.2012 г. 09:00:29, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 08.7.2012 г. 10:39:25, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 08.7.2012 г. 10:39:25, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 08.7.2012 г. 10:39:25, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 07.7.2012 г. 22:52:44, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 07.7.2012 г. 22:52:44, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 07.7.2012 г. 22:52:44, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 07.7.2012 г. 22:52:41, error: Service Control Manager [7023] - The IPSEC Services service terminated with the following error: The authentication service is unknown. 07.7.2012 г. 19:18:40, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 07.7.2012 г. 19:18:40, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 07.7.2012 г. 19:18:40, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 07.7.2012 г. 19:18:36, error: Service Control Manager [7023] - The IPSEC Services service terminated with the following error: The authentication service is unknown. 07.7.2012 г. 12:00:23, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 07.7.2012 г. 12:00:23, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 07.7.2012 г. 12:00:23, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 07.7.2012 г. 11:38:40, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 07.7.2012 г. 11:38:40, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 07.7.2012 г. 11:38:40, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 06.7.2012 г. 21:40:51, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 06.7.2012 г. 21:40:51, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 06.7.2012 г. 21:40:51, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 06.7.2012 г. 21:40:46, error: Service Control Manager [7023] - The IPSEC Services service terminated with the following error: The authentication service is unknown. 06.7.2012 г. 21:36:49, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 06.7.2012 г. 21:36:49, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 06.7.2012 г. 21:36:49, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 06.7.2012 г. 17:08:06, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 06.7.2012 г. 17:08:06, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 06.7.2012 г. 17:08:06, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 06.7.2012 г. 12:47:33, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 06.7.2012 г. 12:47:33, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 06.7.2012 г. 12:47:33, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 06.7.2012 г. 11:36:27, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 06.7.2012 г. 11:36:27, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 06.7.2012 г. 11:36:27, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 06.7.2012 г. 08:08:38, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 06.7.2012 г. 08:08:38, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\ASUS\ATK Hotkey\ElanTPCfg.exe. Reference error message: The operation completed successfully. . 06.7.2012 г. 08:08:38, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. . ==== End Of File ===========================
  3. Здравейте!Ето и проблема ми,след стартиране на компютъра и опит да се свържа с интернет по безжичен път ми изписва "Няма открити безжични мрежи в обсег",обновявам с ново търсене и пак същото,а мрежи има включително и собствената ми.Имам опасения за зловреден софтуер ,който ми спира интернета.Прилагам логовете. DDS (Ver_2011-09-30.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 Run by NANI at 20:11:24 on 2012-09-16 Microsoft Windows XP Home Edition 5.1.2600.3.1251.359.1033.18.2013.1505 [GMT 3:00] . AV: Panda Cloud Antivirus *Enabled/Updated* {5AD27692-540A-464E-B625-78275FA38393} AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF} . ============== Running Processes ================ . C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files\ASUS\ATK Hotkey\HControl.exe C:\Program Files\ASUS\ATK Media\DMedia.exe C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe C:\WINDOWS\PixArt\PAP7501\GUCI_AVS.exe C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe C:\Program Files\Elantech\ETDCtrl.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\WINDOWS\System32\alg.exe C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe C:\Program Files\ASUS\ATK Hotkey\WDC.exe C:\Program Files\VIVACOM 3G USB Modem\VIVACOM 3G USB Modem.exe C:\Program Files\SRWare Iron\iron.exe C:\Program Files\SRWare Iron\iron.exe C:\Program Files\SRWare Iron\iron.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uStart Page = about:blank BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe mRun: [HControlUser] c:\program files\asus\atk hotkey\HControlUser.exe mRun: [ATKHOTKEY] c:\program files\asus\atk hotkey\HControl.exe mRun: [ATKMEDIA] c:\program files\asus\atk media\DMedia.exe mRun: [ATKOSD2] c:\program files\asus\atkosd2\ATKOSD2.exe mRun: [GUCI_AVS] c:\windows\pixart\pap7501\GUCI_AVS.exe mRun: [AmIcoSinglun] c:\program files\amicosinglun\AmIcoSinglun.exe mRun: [ETDWare] c:\program files\elantech\ETDCtrl.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:28 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\program files\icq6.5\ICQ.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204 DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1347636575656 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1347636557109 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: NameServer = 212.39.90.42 212.39.90.43 TCP: Interfaces\{34B9691E-364D-4588-8E1E-FFE15026D1C7} : DHCPNameServer = 46.40.72.9 46.40.72.13 TCP: Interfaces\{6AE65D96-7030-433C-9184-198F18CFC7A3} : DHCPNameServer = 212.39.90.42 212.39.90.43 Notify: igfxcui - igfxdev.dll SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll SEH: {4F07DA45-8170-4859-9B5F-037EF2970034} - <orphaned> . ============= SERVICES / DRIVERS =============== . R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-5-20 36000] R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2012-5-20 86224] R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2012-5-20 110032] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-5-20 83392] R2 DCService.exe;DCService.exe;c:\documents and settings\all users\application data\datacardservice\DCService.exe [2010-5-8 229376] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-12-4 54760] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-14 399432] R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2009-7-29 87040] R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2011-4-22 117504] R3 GUCI_AVS;ASUS USB2.0 UVC VGA WebCam;c:\windows\system32\drivers\GUCI_AVS.sys [2010-1-21 598400] R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2011-4-22 70656] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-4-16 22856] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-1-21 1057280] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-4-16 676936] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-11 250056] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2011-4-22 101504] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872] S3 RTLWUSB;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [2008-6-27 332928] S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== File Associations =============== . ShellExec: Foxit Reader.exe: print="c:\program files\foxit software\foxit reader\Foxit Reader.exe"/p "%1" ShellExec: Foxit Reader.exe: printto="c:\program files\foxit software\foxit reader\Foxit Reader.exe"/t "%1" "%2" "%3" "%4" ShellExec: FOXITR~1.EXE: print="c:\progra~1\foxits~1\foxitr~1\FOXITR~1.EXE"/p "%1" ShellExec: FOXITR~1.EXE: printto="c:\progra~1\foxits~1\foxitr~1\FOXITR~1.EXE"/t "%1" "%2" "%3" "%4" . =============== Created Last 30 ================ . 2012-09-14 19:20:34 -------- d-----w- c:\program files\FreeSpacer 2012-09-14 19:19:26 -------- d-----w- c:\program files\Glary Utilities 2012-09-14 19:12:08 -------- d-----w- c:\program files\VS Revo Group 2012-09-14 18:49:11 -------- d-----w- c:\program files\Unlocker 2012-09-14 17:37:03 -------- d-----w- c:\windows\ServicePackFiles 2012-09-14 17:36:59 73216 ------w- c:\windows\system32\drivers\atintuxx.sys 2012-09-14 17:08:33 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-09-14 17:08:33 477168 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-09-14 17:04:32 -------- d-----w- c:\documents and settings\nani\local settings\application data\Chromium 2012-09-14 15:55:06 -------- d-----w- c:\documents and settings\nani\local settings\application data\360Amigo 2012-09-14 15:49:10 -------- d-----w- c:\documents and settings\nani\application data\uniblue 2012-09-14 15:45:45 -------- d-----w- c:\documents and settings\nani\application data\GlarySoft 2012-09-14 15:31:54 -------- d-----w- c:\documents and settings\nani\application data\Malwarebytes 2012-09-14 15:30:14 15384 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-09-14 15:29:12 -------- d-sh--w- c:\documents and settings\nani\IECompatCache 2012-09-09 15:53:47 -------- d-sh--w- c:\documents and settings\nani\PrivacIE 2012-09-09 15:53:27 -------- d-----w- c:\documents and settings\nani\application data\Avira . ==================== Find3M ==================== . 2012-09-14 19:00:31 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-09-14 19:00:31 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-09-14 17:08:16 473072 ----a-w- c:\windows\system32\deployJava1.dll 2012-09-07 14:04:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys . ============= FINISH: 20:11:52.96 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume1 Install Date: 4/7/2010 6:09:34 PM System Uptime: 9/16/2012 7:56:27 PM (1 hours ago) . Motherboard: ASUSTeK Computer Inc. | | P50IJ Processor: Intel Pentium III Xeon processor | Socket 478 | 1193/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 466 GiB total, 446.495 GiB free. D: is CDROM () E: is CDROM (CDFS) F: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller Device ID: PCI\VEN_1969&DEV_1026&SUBSYS_14F51043&REV_B0\4&2BCEBCDB&0&00E5 Manufacturer: Atheros Name: Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller PNP Device ID: PCI\VEN_1969&DEV_1026&SUBSYS_14F51043&REV_B0\4&2BCEBCDB&0&00E5 Service: L1e . ==== System Restore Points =================== . RP287: 9/16/2012 7:57:06 PM - Контролна точка на системата . ==== Installed Programs ====================== . µTorrent Пакет за езиков интерфейс на Windows 360Amigo System Speedup Free Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Alcor Micro USB Card Reader Alienforce ASUS USB2.0 UVC VGA WebCam Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver ATK Hotkey ATK Media ATKOSD2 Avira Free Antivirus BS.Player FREE CCleaner ETDWare PS/2-x86 7.0.5.7_WHQL Foxit Reader FreeSpacer 1.67 Glary Utilities 2.49.0.1600 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB976002-v5) ICQ6.5 Intel® Graphics Media Accelerator Driver Java Auto Updater Java™ 6 Update 35 Malwarebytes Anti-Malware, версия 1.65.0.1400 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2656353) Microsoft .NET Framework 1.1 Security Update (KB2656370) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Antimalware Service BG-BG Language Pack Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office File Validation Add-In Microsoft Office Live Add-in 1.5 Microsoft Office Professional Edition 2003 Microsoft Security Client BG-BG Language Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MSVCRT Panda USB Vaccine 1.0.1.4 Platform Revo Uninstaller 1.94 runtime Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Windows Internet Explorer 8 (KB2360131) Security Update for Windows Internet Explorer 8 (KB2416400) Security Update for Windows Internet Explorer 8 (KB2482017) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2530548) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2586448) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB981332) Segoe UI Skype™ 5.5 SRWare Iron 16.0.950.0 Uniblue SpeedUpMyPC 2009 Unlocker 1.9.1 Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Windows Internet Explorer 8 (KB2362765) Update for Windows Internet Explorer 8 (KB2447568) Update for Windows Internet Explorer 8 (KB2598845) Update for Windows Internet Explorer 8 (KB976662) Update for Windows Internet Explorer 8 (KB980182) Update for Windows Internet Explorer 8 (KB980302) VIVACOM 3G USB Modem VS10Runtime Web Browsers Traces Eraser v1.3 WebFldrs XP Winamp Windows Internet Explorer 8 Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool Windows Live Writer Windows Management Framework Core Windows Media Format Runtime WinRAR archiver Wise Disk Cleaner 5.83 Wise Registry Cleaner 5.8.9 . ==== Event Viewer Messages From Past Week ======== . 9/16/2012 8:00:10 PM, error: Dhcp [1002] - The IP address lease 10.56.233.111 for the Network Card with network address 001E101F3E8B has been denied by the DHCP server 10.56.159.158 (The DHCP Server sent a DHCPNACK message). 9/16/2012 7:13:18 PM, error: Service Control Manager [7000] - The ASNDIS5 Protocol Driver service failed to start due to the following error: The system cannot find the file specified. 9/16/2012 7:03:54 PM, error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23). 9/16/2012 7:03:53 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000034' while processing the file '_filelst.cfg' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. . ==== End Of File =========================== В общи линии е това.Ще съм благодарен за помощ от всякакъв характер!!!
  4. Здравейте, от днеска имам един проблем със сайта twitch.tv антивирусната ми засича това Infection Details URL:http://d1ros97qkrwjf5.cloudfront.net/42/... Process: C:%5CProgram Files (x86)%5COpera%5Copera.exe Infection: URL:Mal Пуснах 2 пъти пълна проверка с Avast , но не открива нищо.Пробвах през Mozzila Firefox нямах проблеми , но там забелязах че се стартира с начална страница claro-search.След проверка в гоогле разбрах че са вируси и ви моля за помощ как да ги премахна по бързо и лесно. Благодаря предварително DDS (Ver_2011-09-30.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.9.2 Run by Гроздан at 22:06:13 on 2013-01-03 Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1026.18.2047.916 [GMT 2:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:Windowssystem32wininit.exe C:Windowssystem32lsm.exe C:Windowssystem32svchost.exe -k DcomLaunch C:Windowssystem32svchost.exe -k RPCSS C:Windowssystem32atiesrxx.exe C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted C:Windowssystem32svchost.exe -k netsvcs C:Windowssystem32svchost.exe -k GPSvcGroup C:Windowssystem32svchost.exe -k LocalService C:Windowssystem32atieclxx.exe C:Windowssystem32svchost.exe -k NetworkService C:Program FilesAVAST SoftwareAvastAvastSvc.exe C:WindowsSystem32spoolsv.exe C:Windowssystem32svchost.exe -k LocalServiceNoNetwork C:Windowssystem32taskhost.exe C:Program FilesATI TechnologiesATI.ACEFuelFuel.Service.exe C:Windowssystem32Dwm.exe C:WindowsExplorer.EXE C:Windowsvsnp325.exe C:Program FilesDAEMON Tools ProDTShellHlp.exe C:Program FilesWindows Sidebarsidebar.exe C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation C:Program FilesAVAST SoftwareAvastAvastUI.exe C:Program Files (x86)Common FilesJavaJava Updatejusched.exe C:Windowssystem32SearchIndexer.exe C:WindowsFixCamera.exe C:Windowstsnp325.exe C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exe C:Program FilesWindows Media Playerwmpnetwk.exe C:WindowsSystem32svchost.exe -k LocalServicePeerNet C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exe C:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe C:WindowsSystem32svchost.exe -k secsvcs C:Program Files (x86)Operaopera.exe C:UsersГрозданDesktopdds.exe C:Windowssystem32taskhost.exe C:Windowssystem32conhost.exe C:Windowssystem32wbemwmiprvse.exe C:Windowssystem32SearchProtocolHost.exe C:Windowssystem32SearchFilterHost.exe C:WindowsSystem32cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.claro-search.com/?affID=117423&tt=4912_6&babsrc=HP_ss&mntrId=9cea5ff9000000000000001d608d02d7 mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre7binssv.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:Program Files (x86)Microsoft OfficeOffice14URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7binjp2ssv.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll uRun: [DAEMON Tools Pro Agent] "C:Program FilesDAEMON Tools ProDTAgent.exe" -autorun uRun: [skype] "C:Program Files (x86)SkypePhoneSkype.exe" /minimized /regrun uRun: [steam] "C:Program Files (x86)steamSteam.exe" -silent uRun: [GarenaPlus] "C:Program FilesGarena PlusGarenaMessenger.exe" -autolaunch uRun: [sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun uRun: [Clip2Net] C:Program FilesClip2Netclip2net.exe mRun: [avast] "C:Program FilesAVAST SoftwareAvastavastUI.exe" /nogui mRun: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe" mRun: [startCCC] "C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun mRun: [FixCamera] C:WindowsFixCamera.exe mRun: [tsnp325] C:Windowstsnp325.exe mRun: [Adobe Reader Speed Launcher] "C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe" mRun: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: &Експортиране към Microsoft Excel - C:PROGRA~2MICROS~1Office14EXCEL.EXE/3000 IE: &Изпрати към OneNote - C:PROGRA~2MICROS~1Office14ONBttnIE.dll/105 IE: Free YouTube to MP3 Converter - C:UsersГрозданAppDataRoamingDVDVideoSoftIEHelpersfreeyoutubetomp3converter.htm IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIELinkedNotes.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces{3B04142C-91B6-4D30-ADE4-0CA4F5A2CBD7} : DHCPNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:Program Files (x86)Common FilesMicrosoft SharedOFFICE14MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dll SSODL: WebCheck - <orphaned> x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:Program FilesMicrosoft OfficeOffice14URLREDIR.DLL x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dll x64-Run: [snp325] C:Windowsvsnp325.exe x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:Program FilesMicrosoft OfficeOffice14ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:Program FilesMicrosoft OfficeOffice14ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:Program FilesCommon FilesMicrosoft SharedOFFICE14MSOXMLMF.DLL x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-SSODL: WebCheck - <orphaned> Hosts: 127.0.0.1 genuine.microsoft.com Hosts: 127.0.0.1 mpa.one.microsoft.com Hosts: 127.0.0.1 sls.microsoft.com . ================= FIREFOX =================== . FF - ProfilePath - C:UsersГрозданAppDataRoamingMozillaFirefoxProfiles5nvbdnq5.default . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;C:WindowsSystem32driversaswSnx.sys [2012-11-26 984144] R1 aswSP;aswSP;C:WindowsSystem32driversaswSP.sys [2012-11-26 370288] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:WindowsSystem32driversdtsoftbus01.sys [2012-11-26 283200] R2 AMD External Events Utility;AMD External Events Utility;C:WindowsSystem32atiesrxx.exe [2012-11-26 204288] R2 AMD FUEL Service;AMD FUEL Service;C:Program FilesATI TechnologiesATI.ACEFuelFuel.Service.exe [2011-5-24 365568] R2 aswFsBlk;aswFsBlk;C:WindowsSystem32driversaswFsBlk.sys [2012-11-26 25232] R2 aswMonFlt;aswMonFlt;C:WindowsSystem32driversaswMonFlt.sys [2012-11-26 71600] R2 avast! Antivirus;avast! Antivirus;C:Program FilesAVAST SoftwareAvastAvastSvc.exe [2012-11-26 44808] R3 amdiox64;AMD IO Driver;C:WindowsSystem32driversamdiox64.sys [2012-11-26 46136] R3 amdkmdag;amdkmdag;C:WindowsSystem32driversatikmdag.sys [2012-11-26 9359872] R3 amdkmdap;amdkmdap;C:WindowsSystem32driversatikmpag.sys [2012-11-26 309760] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:WindowsSystem32driversAtihdW76.sys [2012-11-26 114704] R3 SNP325;USB PC Camera (SNPSTD325);C:WindowsSystem32driverssnp325.sys [2012-11-26 10733184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:Program Files (x86)SkypeUpdaterUpdater.exe [2012-11-9 160944] S3 dmvsc;dmvsc;C:WindowsSystem32driversdmvsc.sys [2011-4-12 71168] S3 MozillaMaintenance;Mozilla Maintenance Service;C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe [2012-11-26 115168] S3 osppsvc;Office Software Protection Platform;C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE [2010-1-9 4925184] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:WindowsSystem32driversrdpvideominiport.sys [2012-11-26 19456] S3 Synth3dVsc;Synth3dVsc;C:WindowsSystem32driversSynth3dVsc.sys [2011-4-12 88960] S3 terminpt;Microsoft Remote Desktop Input Driver;C:WindowsSystem32driversterminpt.sys [2012-11-26 29696] S3 TsUsbFlt;TsUsbFlt;C:WindowsSystem32driversTsUsbFlt.sys [2012-11-26 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:WindowsSystem32driversTsUsbGD.sys [2012-11-26 30208] S3 tsusbhub;tsusbhub;C:WindowsSystem32driverstsusbhub.sys [2011-4-12 117248] S3 WatAdminSvc;Услуга на технологиите за активиране на Windows;C:WindowsSystem32WatWatAdminSvc.exe [2012-11-26 1255736] . =============== Created Last 30 ================ . 2013-01-03 20:06:15 -------- d-----w- C:Users?ЁючфрэAppDataLocalMicrosoft 2013-01-01 12:38:31 9125352 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{09F9FE48-4F7D-4736-BB21-10987BCDCCF9}mpengine.dll 2012-12-31 12:56:42 -------- d-----w- C:Program FilesAIDA64 Extreme Edition 2012-12-25 23:15:07 -------- d-----w- C:Program FilesSpeedFan 2012-12-24 19:47:40 -------- d-----w- C:Program Files (x86)Red Sky 2012-12-22 15:34:57 -------- d-----w- C:ProgramDataRELOADED 2012-12-21 11:44:07 46080 ----a-w- C:WindowsSystem32atmlib.dll 2012-12-21 11:44:07 34304 ----a-w- C:WindowsSysWow64atmlib.dll 2012-12-21 11:44:03 367616 ----a-w- C:WindowsSystem32atmfd.dll 2012-12-21 11:44:02 295424 ----a-w- C:WindowsSysWow64atmfd.dll 2012-12-12 10:43:46 2048 ----a-w- C:WindowsSysWow64tzres.dll 2012-12-08 21:34:09 -------- d-----w- C:Program Files (x86)K-Lite Codec Pack 2012-12-08 01:16:24 -------- d-----w- C:FFOutput 2012-12-07 21:59:05 18816 ----a-w- C:WindowsSystem32roboot64.exe 2012-12-07 21:59:00 -------- d-----w- C:UsersГрозданAppDataRoamingsystweak 2012-12-07 21:57:56 -------- d-----w- C:UsersГрозданAppDataRoamingBabylon 2012-12-07 21:57:56 -------- d-----w- C:ProgramDataBabylon 2012-12-07 13:11:29 178688 ----a-w- C:WindowsSysWow64unrar.dll 2012-12-05 16:08:22 -------- d-----w- C:Program Files (x86)Common FilesBioWare . ==================== Find3M ==================== . 2012-11-26 19:49:19 21712 ----a-w- C:WindowsSysWow64driversDrvAgent64.SYS 2012-11-26 19:27:02 283200 ----a-w- C:WindowsSystem32driversdtsoftbus01.sys 2012-11-26 17:09:06 73656 ----a-w- C:WindowsSysWow64FlashPlayerCPLApp.cpl 2012-11-26 17:09:06 697272 ----a-w- C:WindowsSysWow64FlashPlayerApp.exe 2012-11-26 13:36:05 0 ----a-w- C:Windowsativpsrm.bin 2012-11-26 13:07:53 95208 ----a-w- C:WindowsSysWow64WindowsAccessBridge-32.dll 2012-11-26 13:07:49 821736 ----a-w- C:WindowsSysWow64npDeployJava1.dll 2012-11-26 13:07:49 746984 ----a-w- C:WindowsSysWow64deployJava1.dll 2012-11-22 03:26:40 3149824 ----a-w- C:WindowsSystem32win32k.sys 2012-11-14 06:11:44 2312704 ----a-w- C:WindowsSystem32jscript9.dll 2012-11-14 06:04:11 1392128 ----a-w- C:WindowsSystem32wininet.dll 2012-11-14 06:02:49 1494528 ----a-w- C:WindowsSystem32inetcpl.cpl 2012-11-14 05:57:46 599040 ----a-w- C:WindowsSystem32vbscript.dll 2012-11-14 05:57:35 173056 ----a-w- C:WindowsSystem32ieUnatt.exe 2012-11-14 05:52:40 2382848 ----a-w- C:WindowsSystem32mshtml.tlb 2012-11-14 02:09:22 1800704 ----a-w- C:WindowsSysWow64jscript9.dll 2012-11-14 01:58:15 1427968 ----a-w- C:WindowsSysWow64inetcpl.cpl 2012-11-14 01:57:37 1129472 ----a-w- C:WindowsSysWow64wininet.dll 2012-11-14 01:49:25 142848 ----a-w- C:WindowsSysWow64ieUnatt.exe 2012-11-14 01:48:27 420864 ----a-w- C:WindowsSysWow64vbscript.dll 2012-11-14 01:44:42 2382848 ----a-w- C:WindowsSysWow64mshtml.tlb 2012-11-09 05:45:09 2048 ----a-w- C:WindowsSystem32tzres.dll 2012-11-02 05:59:11 478208 ----a-w- C:WindowsSystem32dpnet.dll 2012-11-02 05:11:31 376832 ----a-w- C:WindowsSysWow64dpnet.dll 2012-10-30 22:51:55 984144 ----a-w- C:WindowsSystem32driversaswSnx.sys 2012-10-30 22:51:55 71600 ----a-w- C:WindowsSystem32driversaswMonFlt.sys 2012-10-30 22:51:07 41224 ----a-w- C:WindowsavastSS.scr 2012-10-16 08:38:37 135168 ----a-w- C:WindowsapppatchAppPatch64AcXtrnal.dll 2012-10-16 08:38:34 350208 ----a-w- C:WindowsapppatchAppPatch64AcLayers.dll 2012-10-16 07:39:52 561664 ----a-w- C:WindowsapppatchAcLayers.dll 2012-10-15 16:59:28 54072 ----a-w- C:WindowsSystem32driversaswRdr2.sys 2012-10-09 18:17:13 55296 ----a-w- C:WindowsSystem32dhcpcsvc6.dll 2012-10-09 18:17:13 226816 ----a-w- C:WindowsSystem32dhcpcore6.dll 2012-10-09 17:40:31 44032 ----a-w- C:WindowsSysWow64dhcpcsvc6.dll 2012-10-09 17:40:31 193536 ----a-w- C:WindowsSysWow64dhcpcore6.dll . ============= FINISH: 22:06:39,04 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft Windows 7 Ultimate Boot Device: DeviceHarddiskVolume1 Install Date: 26.11.2012 г. 10:04:08 System Uptime: 3.1.2013 г. 11:46:01 (11 hours ago) . Motherboard: ASUSTeK Computer INC. | | M2N Processor: AMD Athlon 64 X2 Dual Core Processor 5000+ | CPU 1 | 2600/200mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 225 GiB total, 186,641 GiB free. D: is CDROM () E: is FIXED (NTFS) - 241 GiB total, 134,925 GiB free. F: is CDROM () G: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP32: 13.12.2012 г. 12:11:11 - Windows Update RP33: 20.12.2012 г. 14:40:55 - Планирана контролна точка RP34: 21.12.2012 г. 13:43:42 - Windows Update RP35: 26.12.2012 г. 13:36:02 - Windows Update RP36: 1.1.2013 г. 14:38:00 - Windows Update . ==== Installed Programs ====================== . Архиватор WinRAR µTorrent 325 USB PC Camera Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.5.2 - Bulgarian AIDA64 Extreme Edition v2.70 AMD APP SDK Runtime AMD Fuel AMD VISION Engine Control Center ATI AVIVO64 Codecs ATI Catalyst Install Manager avast! Free Antivirus BS.Player FREE Catalyst Control Center - Branding Catalyst Control Center InstallProxy Catalyst Control Center Localization All Catalyst Control Center Profiles Desktop ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Clip2Net 0.9.4b CPUID CPU-Z 1.62 DAEMON Tools Pro Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dota 2 Free YouTube to MP3 Converter version 3.11.35.1031 Garena Plus HydraVision Java 7 Update 9 Java Auto Updater K-Lite Codec Pack 9.5.5 (Basic) Microsoft .NET Framework 4 Client Profile Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Excel MUI (Bulgarian) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Bulgarian) 2010 Microsoft Office Outlook MUI (Bulgarian) 2010 Microsoft Office PowerPoint MUI (Bulgarian) 2010 Microsoft Office Proof (Bulgarian) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proof (Russian) 2010 Microsoft Office Proofing (Bulgarian) 2010 Microsoft Office Publisher MUI (Bulgarian) 2010 Microsoft Office Shared 64-bit MUI (Bulgarian) 2010 Microsoft Office Shared MUI (Bulgarian) 2010 Microsoft Office Standard 2010 Microsoft Office Word MUI (Bulgarian) 2010 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Mozilla Firefox 17.0 (x86 bg) Mozilla Maintenance Service Nero 7 Lite v7.7.5.1 NVIDIA Drivers NVIDIA PhysX Opera 12.12 RaidCall Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Skype™ 6.0 Speccy SpeedFan (remove only) Star Wars: The Old Republic Steam System Requirements Lab CYRI Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Winamp . ==== End Of File ===========================
  5. Здравейте! Днес сканирах с ESET Online Scanner и това е резултата( прикачената снимка). Имам ли причина да се притеснявам и какво да направя по-нататък? Благодаря предварително!
  6. Здр имам следниа проблем : С Win7 съм и на втория ден след преинстала се вмъкна някакъв вирус който постоианно пише qqqqqqqqqqqqq към 50 60 "q" и така на всеки 30 40 секунди. + товари процесора на макс дори и при стартиране на WIN7 2 мин зарежда. Приложението което го стартира е в Temp папката "Checker.exe" дори и да го изтрия от там нещо пак го създава и END TASK да му дам пак се зарежда антивирусните не го хващат NOD32 vers 5 и "Maware bite" нищо неловят, и под SAVE MOD сканирах но без резултат. Снощи пак го преинсталнах и днес без дори да съм теглил нищо от сайтове пак почна да пише тея qqqqqqqq но вече няма тоя Checker.EXE HELP PLS. Благодаря за вниманието!!! Прилагам DDS.txt i Atach faila DDS.txt DDS (Ver_2011-09-30.01) - NTFS_AMD64 Internet Explorer: 8.0.7600.16385 Run by Ceco at 23:12:54 on 2012-12-31 Microsoft Windows 7 Ultimate 6.1.7600.0.1251.359.1033.18.4091.2465 [GMT 2:00] . AV: ESET NOD32 Antivirus 5.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1} SP: ESET NOD32 Antivirus 5.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:Windowssystem32wininit.exe C:Windowssystem32lsm.exe C:Windowssystem32svchost.exe -k DcomLaunch C:Windowssystem32svchost.exe -k RPCSS C:Windowssystem32atiesrxx.exe C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted C:Windowssystem32svchost.exe -k netsvcs C:Windowssystem32svchost.exe -k LocalService C:Windowssystem32atieclxx.exe C:Windowssystem32svchost.exe -k NetworkService C:WindowsSystem32spoolsv.exe C:Windowssystem32taskhost.exe C:Windowssystem32svchost.exe -k LocalServiceNoNetwork C:Windowssystem32Dwm.exe C:WindowsExplorer.EXE C:Program FilesESETESET NOD32 Antivirusx86ekrn.exe C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation C:Program FilesMicrosoft SQL ServerMSSQL10.SQLEXPRESSMSSQLBinnsqlservr.exe D:PROGRAMSNeroNero8Nero BackItUpNBService.exe C:WindowsSysWOW64IoctlSvc.exe C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe C:Program FilesMicrosoft SQL Server90Sharedsqlwriter.exe C:Program FilesRealtekAudioHDARAVCpl64.exe C:Program FilesSynapticsSynTPSynTPEnh.exe C:Program FilesESETESET NOD32 Antivirusegui.exe C:UsersCecoAppDataRoamingMicrosoftDTProc.exe D:PROGRAMSDAEMON Tools ProDTShellHlp.exe C:Program Files (x86)Common FilesNeroLibNMIndexStoreSvr.exe C:Program Files (x86)SkypePhoneSkype.exe C:Program FilesSynapticsSynTPSynTPHelper.exe C:Windowssystem32SearchIndexer.exe C:Program Files (x86)Common FilesNeroLibNMIndexingService.exe C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exe C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exe C:WindowsSystem32svchost.exe -k secsvcs C:Program FilesWindows Media Playerwmpnetwk.exe C:Program Files (x86)StartNow ToolbarToolbarUpdaterService.exe C:Windowssystem32taskhost.exe D:PROGRAMSBitCometBitComet.exe D:PROGRAMSFirefoxfirefox.exe C:Windowssystem32conhost.exe C:Windowssystem32wbemwmiprvse.exe C:Windowssystem32DllHost.exe C:WindowsSystem32cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://klit.startnow.com/?src=startpage&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=BG&install_date=20121230&user_guid=4EBF5AC0DBEF427D80B2CF0DF04DB3E8&machine_id=0560ca18603367dda17f8d6d907b1b36&browser=IE&os=win&os_version=6.1-x64-SP0 mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:PROGRAMSBitComettoolsBitCometBHO_1.3.3.2.dll BHO: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:Program Files (x86)StartNow ToolbarToolbar32.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll TB: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:Program Files (x86)StartNow ToolbarToolbar32.dll uRun: [integrated Driver] C:UsersCecoAppDataRoamingMicrosoftDTProc.exe uRun: [DAEMON Tools Pro Agent] "D:PROGRAMSDAEMON Tools ProDTAgent.exe" -autorun uRun: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:Program Files (x86)Common FilesNeroLibNMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 uRun: [skype] "C:Program Files (x86)SkypePhoneSkype.exe" /minimized /regrun mRun: [startCCC] "C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun mRun: [Adobe Reader Speed Launcher] "D:PROGRAMSAdobe 9ReaderReader_sl.exe" mRun: [NBKeyScan] "D:PROGRAMSNeroNero8Nero BackItUpNBKeyScan.exe" mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: &D&ownload &with BitComet - D:PROGRAMSBitCometBitComet.exe/AddLink.htm IE: &D&ownload all video with BitComet - D:PROGRAMSBitCometBitComet.exe/AddVideo.htm IE: &D&ownload all with BitComet - D:PROGRAMSBitCometBitComet.exe/AddAllLink.htm IE: E&xport to Microsoft Excel - D:PROGRAMSMICROS~1OFFICE11EXCEL.EXE/3000 IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - D:PROGRAMSBitComettoolsBitCometBHO_1.3.3.2.dll/206 TCP: NameServer = 85.217.192.60 85.217.192.61 85.217.192.1 TCP: Interfaces{B061B611-8FB7-4C92-8537-2E69ADD59E29} : DHCPNameServer = 85.217.192.60 85.217.192.61 85.217.192.1 TCP: Interfaces{C984E33F-31B9-4E60-AA18-7BDD7AEC012C} : DHCPNameServer = 192.168.11.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dll SSODL: WebCheck - <orphaned> x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll x64-Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe -s x64-Run: [synTPEnh] C:Program Files (x86)SynapticsSynTPSynTPEnh.exe x64-Run: [egui] "C:Program FilesESETESET NOD32 Antivirusegui.exe" /hide /waitservice x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:UsersCecoAppDataRoamingMozillaFirefoxProfiles6hwh5mu3.default FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - hxxp://klit.startnow.com/?src=startpage&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=BG&install_date=20121230&user_guid=4EBF5AC0DBEF427D80B2CF0DF04DB3E8&machine_id=0560ca18603367dda17f8d6d907b1b36&browser=FF&os=win&os_version=6.1-x64-SP0 FF - prefs.js: keyword.URL - hxxp://klit.startnow.com/s/?src=addrbar&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=BG&install_date=20121230&user_guid=4EBF5AC0DBEF427D80B2CF0DF04DB3E8&machine_id=0560ca18603367dda17f8d6d907b1b36&browser=FF&os=win&os_version=6.1-x64-SP0&q= FF - plugin: C:Program Files (x86)Microsoft Silverlight3.0.40818.0npctrlui.dll FF - plugin: C:WindowsSysWOW64MacromedFlashNPSWF32_11_5_502_135.dll FF - plugin: D:PROGRAMSAdobe 9Readerbrowsernppdf32.dll . ============= SERVICES / DRIVERS =============== . R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:WindowsSystem32driversdtsoftbus01.sys [2012-11-23 283200] R1 eamonm;eamonm;C:WindowsSystem32driverseamonm.sys [2012-3-14 209768] R1 vwififlt;Virtual WiFi Filter Driver;C:WindowsSystem32driversvwififlt.sys [2009-7-14 59904] R2 AMD External Events Utility;AMD External Events Utility;C:WindowsSystem32atiesrxx.exe [2012-12-29 202752] R2 ekrn;ESET Service;C:Program FilesESETESET NOD32 Antivirusx86ekrn.exe [2012-3-7 913144] R2 epfwwfpr;epfwwfpr;C:WindowsSystem32driversepfwwfpr.sys [2012-3-14 137144] R2 Skype C2C Service;Skype C2C Service;C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe [2012-12-13 3290896] R2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;C:Program Files (x86)StartNow ToolbarToolbarUpdaterService.exe [2012-6-22 265952] R3 amdkmdag;amdkmdag;C:WindowsSystem32driversatipmdag.sys [2012-12-29 6233088] R3 amdkmdap;amdkmdap;C:WindowsSystem32driversatikmpag.sys [2012-12-29 161280] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:WindowsSystem32driversk57nd60a.sys [2009-6-10 270848] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:Program Files (x86)SkypeUpdaterUpdater.exe [2012-11-9 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-12-29 250808] S3 npggsvc;nProtect GameGuard Service;C:WindowsSystem32GameMon.des -service --> C:WindowsSystem32GameMon.des -service [?] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:Program FilesMicrosoft SQL Server100Sharedsqladhlp.exe [2009-7-22 61976] S4 RsFx0103;RsFx0103 Driver;C:WindowsSystem32driversRsFx0103.sys [2009-3-30 311656] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:Program FilesMicrosoft SQL ServerMSSQL10.SQLEXPRESSMSSQLBinnSQLAGENT.EXE [2009-3-30 427880] . =============== Created Last 30 ================ . 2012-12-31 10:55:36 67584 ----a-w- C:WindowsSysWow64ff_vfw.dll 2012-12-31 10:55:35 60273 ----a-w- C:WindowsSysWow64pthreadGC2.dll 2012-12-30 21:58:25 -------- d-----w- C:Program Files (x86)StartNow Toolbar 2012-12-30 21:58:11 178688 ----a-w- C:WindowsSysWow64unrar.dll 2012-12-30 21:39:37 206336 ----a-w- C:WindowsSystem32unrar64.dll 2012-12-30 21:39:37 148992 ----a-w- C:WindowsSystem32lagarith.dll 2012-12-30 21:39:33 127488 ----a-w- C:WindowsSystem32ff_vfw.dll 2012-12-30 21:39:04 -------- d-----w- C:UsersCecoAppDataLocalPrograms 2012-12-30 21:26:39 -------- d-----w- C:Downloads 2012-12-30 19:47:54 4814568 ----a-w- C:WindowsSysWow64GameMon.des 2012-12-30 19:46:44 5174 ----a-w- C:WindowsSysWow64nppt9x.vxd 2012-12-30 19:46:44 4682 ----a-w- C:WindowsSysWow64npptNT2.sys 2012-12-30 19:46:23 -------- d-----w- C:Program FilesCommon FilesINCA Shared 2012-12-30 19:26:49 -------- d-----r- C:Program Files (x86)Skype 2012-12-30 12:45:04 -------- d-----w- C:Program Files (x86)Microsoft ActiveSync 2012-12-30 12:37:32 -------- d-----w- C:UsersCecoAppDataLocalAhead 2012-12-30 12:34:10 -------- d-----w- C:ProgramDataNero 2012-12-30 12:21:29 -------- d-----w- C:UsersCecoAppDataLocalAdobe 2012-12-29 18:57:51 -------- d-----w- C:UsersCecoAppDataRoamingMicrosoft Corporation 2012-12-29 18:52:39 78872 ----a-w- C:WindowsSystem32perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll 2012-12-29 18:52:39 50200 ----a-w- C:WindowsSysWow64perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll 2012-12-29 18:52:31 79896 ----a-w- C:WindowsSysWow64perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll 2012-12-29 18:52:31 111640 ----a-w- C:WindowsSystem32perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll 2012-12-29 18:51:45 -------- d-----w- C:WindowsSystem32RsFx 2012-12-29 18:45:44 -------- d-----w- C:Program FilesMicrosoft SQL Server 2012-12-29 18:45:28 -------- d-----w- C:Program Files (x86)Microsoft SQL Server 2012-12-29 18:44:56 -------- d-----w- C:Program FilesMicrosoft Synchronization Services 2012-12-29 18:44:56 -------- d-----w- C:Program FilesMicrosoft SQL Server Compact Edition 2012-12-29 18:44:45 -------- d-----w- C:Program Files (x86)Microsoft Synchronization Services 2012-12-29 18:44:45 -------- d-----w- C:Program Files (x86)Microsoft SQL Server Compact Edition 2012-12-29 18:43:48 -------- d-----w- C:ProgramDataPreEmptive Solutions 2012-12-29 18:39:28 -------- d-----w- C:Program Files (x86)Microsoft ASP.NET 2012-12-29 18:39:19 -------- d-----w- C:Program FilesIIS 2012-12-29 18:39:18 -------- d-----w- C:Program Files (x86)IIS 2012-12-29 18:38:34 2385952 ----a-w- C:ProgramDataMicrosoftVisualStudio10.01033ResourceCache.dll 2012-12-29 18:34:32 -------- d-----w- C:WindowsSysWow641033 2012-12-29 18:34:13 -------- d-----w- C:Program Files (x86)Microsoft F# 2012-12-29 18:34:13 -------- d-----w- C:Program Files (x86)HTML Help Workshop 2012-12-29 18:34:13 -------- d-----w- C:Program Files (x86)Common FilesMerge Modules 2012-12-29 18:27:14 -------- d-----w- C:WindowsSystem321033 2012-12-29 18:27:13 -------- d-----w- C:Program FilesMicrosoft Visual Studio 10.0 2012-12-29 18:27:13 -------- d-----w- C:Program FilesMicrosoft Help Viewer 2012-12-29 18:22:02 99176 ----a-w- C:WindowsSysWow64PresentationHostProxy.dll 2012-12-29 18:22:02 297808 ----a-w- C:WindowsSysWow64mscoree.dll 2012-12-29 18:22:02 295264 ----a-w- C:WindowsSysWow64PresentationHost.exe 2012-12-29 18:22:01 49472 ----a-w- C:WindowsSysWow64netfxperf.dll 2012-12-29 18:22:01 48960 ----a-w- C:WindowsSystem32netfxperf.dll 2012-12-29 18:22:01 444752 ----a-w- C:WindowsSystem32mscoree.dll 2012-12-29 18:22:01 320352 ----a-w- C:WindowsSystem32PresentationHost.exe 2012-12-29 18:22:01 1942856 ----a-w- C:WindowsSystem32dfshim.dll 2012-12-29 18:22:01 1130824 ----a-w- C:WindowsSysWow64dfshim.dll 2012-12-29 18:22:01 109912 ----a-w- C:WindowsSystem32PresentationHostProxy.dll 2012-12-29 18:20:26 -------- d-----w- C:WindowsPCHEALTH 2012-12-29 18:15:32 -------- d-----w- C:UsersCecoAppDataRoamingDAEMON Tools Pro 2012-12-29 18:13:42 5930496 ----a-w- C:UsersCecoAppDataRoamingMicrosoftDTProc.exe 2012-12-29 18:13:40 -------- d-----w- C:ProgramDataDAEMON Tools Pro 2012-12-29 17:52:52 -------- d-----w- C:UsersCecoAppDataLocalMacromedia 2012-12-29 17:52:29 73656 ----a-w- C:WindowsSysWow64FlashPlayerCPLApp.cpl 2012-12-29 17:52:29 697272 ----a-w- C:WindowsSysWow64FlashPlayerApp.exe 2012-12-29 17:45:17 -------- d-----w- C:Program FilesESET 2012-12-29 17:40:34 9125352 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{E35A55AD-9EDB-419E-A4CB-F4A04CB93F0E}mpengine.dll 2012-12-29 17:40:33 279656 ------w- C:WindowsSystem32MpSigStub.exe 2012-12-29 17:31:55 348160 ----a-w- C:WindowsSysWow64msvcr71.dll 2012-12-29 17:30:19 -------- d-----w- C:UsersCecoAppDataRoamingBSplayer Pro 2012-12-29 11:43:06 -------- d-----w- C:UsersCecoAppDataLocalMozilla 2012-12-29 11:30:06 -------- d-----w- C:Program FilesSynaptics 2012-12-29 11:27:32 -------- d-----w- C:UsersCecoAppDataLocalATI 2012-12-29 11:25:53 -------- d-----w- C:Program FilesATI Technologies 2012-12-29 11:25:50 -------- d-----w- C:Program FilesATI 2012-12-29 11:21:47 53248 ----a-w- C:WindowsSysWow64CSVer.dll 2012-12-29 11:21:41 -------- d-----w- C:Intel 2012-12-29 06:51:15 -------- d-----w- C:WindowsPanther 2012-12-29 06:51:01 -------- d-sh--w- C:Boot 2012-12-28 21:02:15 -------- d-----w- C:UsersCecoAppDataLocalVirtualStore 2012-12-28 20:59:24 -------- d-sh--w- C:Recovery 2012-12-28 20:53:54 0 ----a-w- C:Windowsativpsrm.bin . ==================== Find3M ==================== . 2012-12-29 18:15:36 283200 ----a-w- C:WindowsSystem32driversdtsoftbus01.sys . ============= FINISH: 23:13:12,30 =============== Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft Windows 7 Ultimate Boot Device: DeviceHarddiskVolume1 Install Date: 28.12.2012 г. 22:55:16 System Uptime: 31.12.2012 г. 12:30:04 (11 hours ago) . Motherboard: Acer | | JV50 Processor: Pentium® Dual-Core CPU T4300 @ 2.10GHz | U2E1 | 1197/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 98 GiB total, 72,251 GiB free. D: is FIXED (NTFS) - 368 GiB total, 289,858 GiB free. E: is CDROM () F: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: Description: Fingerprint Sensor Device ID: USBVID_08FF&PID_16005&2136B46&0&1 Manufacturer: Name: Fingerprint Sensor PNP Device ID: USBVID_08FF&PID_16005&2136B46&0&1 Service: . ==== System Restore Points =================== . RP1: 29.12.2012 г. 19:40:22 - Windows Update RP2: 29.12.2012 г. 19:44:04 - ESET NOD32 Antivirus е инсталиран RP3: 29.12.2012 г. 20:15:37 - Device Driver Package Install: DT Soft Ltd System devices RP4: 29.12.2012 г. 20:21:48 - Windows Update RP5: 30.12.2012 г. 14:20:28 - Installed Adobe Reader 9 - Bulgarian. RP6: 30.12.2012 г. 14:30:13 - Installed DirectX RP7: 30.12.2012 г. 14:32:53 - Installed Nero 8 Trial. Available with Windows Installer version 1.2 and later. RP8: 30.12.2012 г. 14:44:32 - Installed Microsoft Office Professional Edition 2003 . ==== Installed Programs ====================== . Adobe Flash Player 11 Plugin Adobe Reader 9 - Bulgarian ATI Catalyst Install Manager BitComet 1.13 BSPlayer Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Crystal Reports for Visual Studio DAEMON Tools Pro Dotfuscator Software Services - Community Edition ESET NOD32 Antivirus ffdshow [rev 2732] [2009-02-26] K-Lite Codec Pack 9.6.5 (64-bit) K-Lite Codec Pack 9.6.5 (Full) Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Application Error Reporting Microsoft ASP.NET MVC 2 Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools Microsoft Help Viewer 1.0 Microsoft Office Professional Edition 2003 Microsoft Silverlight Microsoft Silverlight 3 SDK Microsoft SQL Server 2008 (64-bit) Microsoft SQL Server 2008 Browser Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 Native Client Microsoft SQL Server 2008 R2 Data-Tier Application Framework Microsoft SQL Server 2008 R2 Data-Tier Application Project Microsoft SQL Server 2008 R2 Management Objects Microsoft SQL Server 2008 R2 Management Objects (x64) Microsoft SQL Server 2008 R2 Transact-SQL Language Service Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server 2008 Setup Support Files Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft SQL Server System CLR Types Microsoft SQL Server System CLR Types (x64) Microsoft SQL Server VSS Writer Microsoft Sync Framework Runtime v1.0 SP1 (x64) Microsoft Sync Framework SDK v1.0 SP1 Microsoft Sync Framework Services v1.0 SP1 (x64) Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) Microsoft Team Foundation Server 2010 Object Model - ENU Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 Microsoft Visual F# 2.0 Runtime Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Visual Studio 2010 Office Developer Tools (x64) Microsoft Visual Studio 2010 Professional - ENU Microsoft Visual Studio 2010 SharePoint Developer Tools Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio Macro Tools Mozilla Firefox 10.0.2 (x86 bg) Nero 8 neroxml PowerArchiver PX Profile Update Realtek High Definition Audio Driver Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) Skype Click to Call Skype™ 6.0 Sql Server Customer Experience Improvement Program StartNow Toolbar Synaptics Pointing Device Driver VCRedistSetup Visual Studio 2010 Prerequisites - English Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU Web Deployment Tool Winamp (remove only) . ==== Event Viewer Messages From Past Week ======== . 30.12.2012 г. 21:47:54, Error: Service Control Manager [7030] - The nProtect GameGuard Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 29.12.2012 г. 19:45:54, Error: Service Control Manager [7030] - The ESET Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. . ==== End Of File ===========================
  7. Здравейте. От скоро забелязах, че двата диска C и D се пълнят без известна за мен причина.Дори понякога при диск C нямаше и един килобайт свободно пространство.Почистих ги от ненужни файлове и програми, но нямаше голям ефект. По какви ли начини не пробвах - ефекта винаги беше минимален. Последно пробвах да изчистя с програмата CCleaner и успя да ми освободи голяма част пространства при диск C и за момента нямам проблеми с него ( не знам дали отново ще се напълни ), но при диск D нямаше резултат. В момента съм най-близо до истината, че в компютъра ми има зловреден софтуер. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-11-2014 01 Ran by User (administrator) on USER-PC on 16-11-2014 16:29:33 Running from C:\Users\User\Downloads Loaded Profile: User (Available profiles: User) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Български (България) Internet Explorer Version 10 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe () C:\Program Files\Mobogenie\MgAssist.exe (Mobogenie.com) C:\Program Files\Mobogenie3\MobogenieService.exe (TorchMedia Inc.) C:\Users\User\AppData\Local\Torch\Update\TorchCrashHandler.exe (AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe (Realtek Semiconductor Corp.) C:\Windows\RTHDCPL.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe () C:\Program Files\AVG SafeGuard toolbar\vprot.exe () C:\Program Files\Mobogenie\DaemonProcess.exe () C:\Program Files\Unlocker\UnlockerAssistant.exe (Bandoo Media Inc.) C:\Users\User\AppData\Local\iLivid\iLivid.exe (Softonic) C:\Users\User\AppData\Local\Softonic\Softonic.exe () C:\Program Files\Datecs\FlexType 2K\FType2K.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (mobogenie.com) C:\Program Files\Mobogenie3\mobogenieP2sp.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDCPL] => C:\Windows\RTHDCPL.EXE [16116224 2007-02-06] (Realtek Semiconductor Corp.) HKLM\...\Run: [skyTel] => C:\Windows\SkyTel.EXE [2879488 2006-05-23] (Realtek Semiconductor Corp.) HKLM\...\Run: [Alcmtr] => C:\Windows\ALCMTR.EXE [69632 2005-05-10] (Realtek Semiconductor Corp.) HKLM\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072 2008-10-25] (Microsoft Corporation) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [995184 2013-07-18] (Microsoft Corporation) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [vProt] => C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2640408 2014-11-06] () HKLM\...\Run: [mobilegeni daemon] => C:\Program Files\Mobogenie\DaemonProcess.exe [748736 2014-06-01] () HKLM\...\Run: [kbdsprt] => [X] HKLM\...\Run: [unlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] () HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\Run: [EA Core] => "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\Run: [AVG-Secure-Search-Update_1213b] => C:\Users\User\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=cfe8a617691547d39ae0d154265d5fc8-89c0334d3c6a5b62b955185ab8fbc974c007b18e /CMPID=1213b HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\Run: [iLivid] => C:\Users\User\AppData\Local\iLivid\iLivid.exe [6827008 2013-09-09] (Bandoo Media Inc.) HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\Run: [softonic for Windows] => C:\Users\User\AppData\Local\Softonic\Softonic.exe [4170224 2014-04-29] (Softonic) HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4826904 2014-10-30] (Piriform Ltd) HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\MountPoints2: {66178fc2-3664-11e3-b5d3-001d60b9b63b} - G:\setup.exe HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\MountPoints2: {e59f4acc-5383-11e4-95d6-001d60b9b63b} - F:\setup.exe AppInit_DLLs: C:\PROGRA~2\Wincert\WIN32C~1.DLL => C:\PROGRA~2\Wincert\WIN32C~1.DLL File Not Found IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browsemngr.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browsermngr.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe IFEO\cltmngsvc.exe: [Debugger] tasklist.exe IFEO\delta babylon.exe: [Debugger] tasklist.exe IFEO\delta tb.exe: [Debugger] tasklist.exe IFEO\delta2.exe: [Debugger] tasklist.exe IFEO\deltainstaller.exe: [Debugger] tasklist.exe IFEO\deltasetup.exe: [Debugger] tasklist.exe IFEO\deltatb.exe: [Debugger] tasklist.exe IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\iminentsetup.exe: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\rjatydimofu.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\sweetimsetup.exe: [Debugger] tasklist.exe IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FlexType 2K.lnk ShortcutTarget: FlexType 2K.lnk -> C:\Program Files\Datecs\FlexType 2K\FType2K.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Изрязване на екран и стартиране на OneNote 2007.lnk ShortcutTarget: Изрязване на екран и стартиране на OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll <===== ATTENTION ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1404993434&from=amt&uid=ST3160815AS_5RA2LTSWXXXX5RA2LTSW&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1404993434&from=amt&uid=ST3160815AS_5RA2LTSWXXXX5RA2LTSW HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&ts=1404993434&from=amt&uid=ST3160815AS_5RA2LTSWXXXX5RA2LTSW HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1404993434&from=amt&uid=ST3160815AS_5RA2LTSWXXXX5RA2LTSW&q={searchTerms} SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1404993434&from=amt&uid=ST3160815AS_5RA2LTSWXXXX5RA2LTSW&q={searchTerms} SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1404993434&from=amt&uid=ST3160815AS_5RA2LTSWXXXX5RA2LTSW&q={searchTerms} SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=1235&systemid=406&v=u11465-250&apn_uid=8953571358224052&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} SearchScopes: HKLM - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^HJ^xdm073^YYA^bg&si=pconvIE&ptb=5C62C4C4-EBC7-46CC-89A9-1CDEDF560188&ind=2014050305&n=780bf801&psa=&st=sb&searchfor={searchTerms} SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1404993434&from=amt&uid=ST3160815AS_5RA2LTSWXXXX5RA2LTSW&q={searchTerms} SearchScopes: HKCU - {0773FA4C-3093-46A9-9E15-92E8BB088A57} URL = http://www.mysearchresults.com/search?c=8004&t=11&q={searchTerms} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=94C1001D60B9B63B&affID=128129&tsp=5147 SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1404993434&from=amt&uid=ST3160815AS_5RA2LTSWXXXX5RA2LTSW&q={searchTerms} SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={F4AB6EFA-9A33-4482-97C5-19776A4B5267}&mid=cfe8a617691547d39ae0d154265d5fc8-89c0334d3c6a5b62b955185ab8fbc974c007b18e&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-0611:12:01&v=18.0.5.292&pid=safeguard&sg=&sap=dsp&q={searchTerms} SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=1235&systemid=406&v=u11465-250&apn_uid=8953571358224052&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} SearchScopes: HKCU - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^HJ^xdm073^YYA^bg&si=pconvIE&ptb=5C62C4C4-EBC7-46CC-89A9-1CDEDF560188&ind=2014050305&n=780bf801&psa=&st=sb&searchfor={searchTerms} BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Zula Games -> {2A836234-186C-41A0-9863-40BECDEDED9F} -> C:\Program Files\Zula Games\ScriptHost.dll No File BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG SafeGuard toolbar\18.1.5.512\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search) Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.5.512\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search) Tcpip\..\Interfaces\{11412AFA-D2F1-4B36-B258-39C0F2202FC1}: [NameServer] 192.168.15.12,195.24.48.5 FireFox: ======== FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default FF NewTab: chrome://quick_start/content/index.html FF DefaultSearchEngine: webssearches FF SelectedSearchEngine: webssearches FF Homepage: hxxp://istart.webssearches.com/?type=hp&ts=1404993434&from=amt&uid=ST3160815AS_5RA2LTSWXXXX5RA2LTSW FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll () FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll No File FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: TorchVLC -> C:\Users\User\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll (VideoLAN) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\911bg.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\diribg.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pe-bg.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\portalbgdict.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\webssearches.xml FF Extension: VideoDownloadConverter - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com [2014-11-12] FF Extension: Fast Start - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\Extensions\faststartff@gmail.com [2014-07-13] FF Extension: DownloadHelper - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-15] FF HKLM\...\Firefox\Extensions: [zulagames@ZulaGames.com] - C:\Users\User\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com FF Extension: Zula Games - C:\Users\User\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com [2013-10-17] FF HKLM\...\Firefox\Extensions: [speedanalysis03@SpeedAnalysis.com] - C:\Users\User\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com [2013-10-17] FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799 FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799 [2014-08-28] FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\extensions\faststartff@gmail.com Chrome: ======= CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (VideoDownloadConverter) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeljlhkkoipjimklndofjoafhpccdfjo [2014-08-02] CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-07] CHR HKLM\...\Chrome\Extension: [adldappccjhelkmbkpiibilgnnjakieg] - C:\Program Files\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvert@mindspark.com.gen1 [] CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\User\AppData\Roaming\BabSolution\CR\BabylonChrome1.crx [] CHR HKLM\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files\DefaultTab\DefaultTab.crx [] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.) S2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.) R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed] R2 MgAssistService; C:\Program Files\Mobogenie\MgAssist.exe [105664 2014-07-22] () R2 MobogenieService; C:\Program Files\Mobogenie3\MobogenieService.exe [116928 2014-11-12] (Mobogenie.com) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2013-07-18] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-07-18] (Microsoft Corporation) R2 TorchCrashHandler; C:\Users\User\AppData\Local\Torch\Update\TorchCrashHandler.exe [1217032 2014-10-29] (TorchMedia Inc.) <==== ATTENTION R2 vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search) S3 gusvc; "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [200984 2014-07-21] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-11] (AVG Technologies) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-10-15] (Disc Soft Ltd) R3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-14] (VIA Technologies, Inc. ) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-06-14] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] () S1 MpKslb3189f59; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E4CFFD5A-C876-4E80-B999-7C2C8B1B1C08}\MpKslb3189f59.sys [X] S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X] U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-16 16:28 - 2014-11-16 16:29 - 00022048 _____ () C:\Users\User\Downloads\Addition.txt 2014-11-16 16:27 - 2014-11-16 16:29 - 00022066 _____ () C:\Users\User\Downloads\FRST.txt 2014-11-16 16:26 - 2014-11-16 16:29 - 00000000 ____D () C:\FRST 2014-11-16 16:26 - 2014-11-16 16:26 - 01108992 _____ (Farbar) C:\Users\User\Downloads\FRST.exe 2014-11-16 16:13 - 2014-11-16 16:13 - 00000965 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-11-16 16:13 - 2014-11-16 16:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-11-16 16:12 - 2014-11-16 16:13 - 00000000 ____D () C:\Program Files\CCleaner 2014-11-16 16:10 - 2014-11-16 16:11 - 04976136 _____ (Piriform Ltd) C:\Users\User\Downloads\ccsetup419pro.exe 2014-11-15 22:30 - 2014-11-15 22:30 - 00000011 ____R () C:\Windows\amunres.lsl 2014-11-15 22:12 - 2014-11-16 16:19 - 00000000 ____D () C:\Program Files\Steam 2014-11-15 22:10 - 2014-11-15 22:11 - 01142392 _____ () C:\Users\User\Downloads\SteamSetup.exe 2014-11-15 14:16 - 2014-11-15 14:16 - 38381556 _____ () C:\Users\User\Downloads\HideNSeek_BM.dem 2014-11-14 23:09 - 2014-11-15 13:09 - 48651703 _____ () C:\Users\User\Downloads\flipeR.dem 2014-11-13 01:53 - 2014-11-13 01:53 - 00000000 ____D () C:\Users\User\mobogenieP2sp 2014-11-06 22:11 - 2014-11-06 22:11 - 00000000 ____D () C:\ProgramData\Avg_Update_1114tb 2014-11-03 00:05 - 2014-11-03 00:05 - 00017101 _____ () C:\Users\User\Downloads\Deja.Vu.2006.480p.BRRip.AC3.BGAUDIO-SlzD.torrent 2014-11-01 14:41 - 2014-11-01 14:41 - 222995856 _____ () C:\Users\User\cstrike 2014-11-01 14-41-20-99.avi 2014-11-01 14:40 - 2014-11-01 14:40 - 220153856 _____ () C:\Users\User\cstrike 2014-11-01 14-40-25-02.avi 2014-11-01 14:39 - 2014-11-01 14:40 - 221507616 _____ () C:\Users\User\cstrike 2014-11-01 14-39-52-28.avi 2014-11-01 14:39 - 2014-11-01 14:39 - 224203344 _____ () C:\Users\User\cstrike 2014-11-01 14-39-19-88.avi 2014-11-01 14:38 - 2014-11-01 14:39 - 219093188 _____ () C:\Users\User\cstrike 2014-11-01 14-38-42-11.avi 2014-11-01 14:38 - 2014-11-01 14:38 - 215116608 _____ () C:\Users\User\cstrike 2014-11-01 14-38-09-40.avi 2014-11-01 14:37 - 2014-11-01 14:38 - 228522404 _____ () C:\Users\User\cstrike 2014-11-01 14-37-36-12.avi 2014-11-01 14:37 - 2014-11-01 14:37 - 212516652 _____ () C:\Users\User\cstrike 2014-11-01 14-37-03-47.avi 2014-11-01 14:36 - 2014-11-01 14:37 - 230608452 _____ () C:\Users\User\cstrike 2014-11-01 14-36-30-17.avi 2014-11-01 14:33 - 2014-11-01 14:33 - 16519164 _____ () C:\Users\User\cstrike 2014-11-01 14-33-08-79.avi 2014-11-01 14:31 - 2014-11-01 14:31 - 224039848 _____ () C:\Users\User\cstrike 2014-11-01 14-31-25-65.avi 2014-11-01 14:13 - 2014-11-16 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps 2014-11-01 14:13 - 2014-11-01 14:13 - 00036079 _____ (Beepa Pty Ltd) C:\Users\Fraps\uninstall.exe 2014-11-01 14:13 - 2014-11-01 14:13 - 00000000 ____D () C:\Users\Fraps\HELP 2014-11-01 14:12 - 2014-11-01 14:13 - 00000000 ____D () C:\Users\Fraps 2014-11-01 14:11 - 2014-11-01 14:12 - 02326976 _____ (Beepa Pty Ltd) C:\Users\User\Downloads\setup.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-16 16:27 - 2013-10-16 15:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype 2014-11-16 16:22 - 2014-04-20 11:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro Evolution Soccer 2014 2014-11-16 16:22 - 2014-03-15 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Custom Strike 2014-11-16 16:22 - 2013-12-16 05:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth 2014-11-16 16:22 - 2013-12-12 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 2014-11-16 16:22 - 2013-10-30 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Casino at bet365 2014-11-16 16:22 - 2013-10-20 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker 2014-11-16 16:22 - 2013-10-17 15:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup 2014-11-16 16:22 - 2013-10-16 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2014-11-16 16:22 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles 2014-11-16 16:19 - 2013-12-21 14:56 - 00000000 ____D () C:\Users\User\AppData\Roaming\TeamViewer 2014-11-16 16:19 - 2013-10-16 15:32 - 00000000 ____D () C:\Users\User\AppData\Roaming\uTorrent 2014-11-16 16:19 - 2013-10-16 15:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\DAEMON Tools Lite 2014-11-16 16:18 - 2014-09-13 22:05 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps 2014-11-16 16:18 - 2013-10-16 15:49 - 00000000 ____D () C:\Windows\Panther 2014-11-16 15:59 - 2013-10-16 15:31 - 00000986 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-16 15:56 - 2013-10-16 15:12 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-16 14:37 - 2013-10-16 04:53 - 01106300 ____N () C:\Windows\WindowsUpdate.log 2014-11-16 07:55 - 2009-07-14 06:34 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-16 07:55 - 2009-07-14 06:34 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-16 07:54 - 2010-11-20 23:01 - 00782154 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-16 07:48 - 2014-07-17 08:40 - 00000000 ____D () C:\Program Files\Mobogenie3 2014-11-16 07:48 - 2014-02-06 10:25 - 00000000 ____D () C:\ProgramData\TorchCrashHandler 2014-11-16 07:48 - 2013-10-16 16:24 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-11-16 07:48 - 2013-10-16 15:31 - 00000982 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-16 07:48 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-15 22:30 - 2014-09-05 03:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\Software Informer 2014-11-15 22:12 - 2014-02-06 17:52 - 00000921 _____ () C:\Users\Public\Desktop\Steam.lnk 2014-11-14 22:22 - 2014-09-30 15:03 - 00000000 ____D () C:\Program Files\mozilla firefox 2014-11-13 23:56 - 2013-10-16 15:12 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-11-13 23:56 - 2013-10-16 15:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-11-10 23:06 - 2014-10-16 14:53 - 00000749 _____ () C:\Users\User\Desktop\Нов текстов документ.txt 2014-11-06 22:11 - 2014-08-28 13:53 - 00000000 ____D () C:\Program Files\AVG Security Toolbar 2014-11-05 10:54 - 2014-06-13 04:39 - 00002000 _____ () C:\Users\Public\Desktop\Google Slides.lnk 2014-11-05 10:54 - 2014-06-13 04:39 - 00001998 _____ () C:\Users\Public\Desktop\Google Sheets.lnk 2014-11-05 10:54 - 2014-06-13 04:39 - 00001988 _____ () C:\Users\Public\Desktop\Google Docs.lnk 2014-11-05 10:54 - 2014-01-27 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2014-11-04 10:51 - 2014-03-29 11:56 - 00000069 _____ () C:\Windows\NeroDigital.ini 2014-11-03 21:41 - 2014-02-06 10:24 - 00000000 ____D () C:\Users\User\AppData\Local\Torch 2014-11-03 21:40 - 2014-02-06 10:25 - 00001206 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk 2014-11-03 21:23 - 2013-11-28 23:17 - 00000000 ____D () C:\Windows\Minidump 2014-10-30 13:24 - 2013-10-16 15:28 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-10-27 23:55 - 2014-06-03 15:33 - 00002327 _____ () C:\Users\Public\Desktop\Google Chrome.lnk Files to move or delete: ==================== C:\Users\Fraps\fraps.exe C:\Users\Fraps\fraps32.dll C:\Users\Fraps\fraps64.dat C:\Users\Fraps\fraps64.dll C:\Users\Fraps\frapslcd.dll C:\Users\Fraps\uninstall.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-15 04:51 ==================== End Of Log ============================ Addition_16-11-2014_16-30-43.txt
  8. Здравейте имам съмнения, че лаптопа ми е заразен. След инсталация на нова антивирусна тъй като преди лаптопът понякога забиваше, реших да му направя проверка и с друга антивирусна, процесът wermgr.exe започна да се стартира непрекъснато и да тормози процецора и паметта. Преди време около седмица се мъчих и премахнах нежелан от мен Тулбар във Firefox - Babylon Toolbar (browser manager).Логове: dds.txt и attach.txt DDS (Ver_2011-09-30.01) - NTFS_x86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.11.2 Run by Mihail TN at 22:38:51 on 2013-01-18 Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1033.18.2047.1026 [GMT 1:00] . AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes ================ . C:Windowssystem32wininit.exe C:Windowssystem32lsm.exe C:Program FilesMicrosoft Security ClientMsMpEng.exe C:Windowssystem32atiesrxx.exe C:Windowssystem32atieclxx.exe C:Windowssystem32WLANExt.exe C:Program FilesASUSASUS Data Security ManagerADSMSrv.exe C:Windowssystem32conhost.exe C:Program FilesASUSATK HotkeyASLDRSrv.exe C:Program FilesCommon FilesAdobeARM1.0armsvc.exe C:Program FilesMicrosoftBingBar7.1.391.0BBSvc.exe C:Program FilesMalwarebytes' Anti-Malwarembamscheduler.exe C:Program FilesMalwarebytes' Anti-Malwarembamservice.exe C:Program FilesSynapticsScrybeServiceScrybeUpdater.exe C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe C:Program FilesASUSNB ProbeSPMspmgr.exe C:Windowssystem32sppsvc.exe C:Program FilesCommon FilesSRS LabsSRS HD Audio Lab Service 2SRSAudioLabService.exe C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE C:Windowssystem32wbemwmiprvse.exe C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe C:Windowssystem32wbemwmiprvse.exe C:Windowssystem32taskhost.exe C:Program FilesMalwarebytes' Anti-Malwarembamgui.exe C:Windowssystem32Dwm.exe C:WindowsExplorer.EXE C:Program FilesASUSATK HotkeyHControl.exe C:Program FilesASUSSplendidACMON.exe C:WindowsSystem32ACEngSvr.exe C:Program FilesASUSATK HotkeyATKOSD.exe C:Program FilesASUSATK HotkeyWDC.exe C:Windowssystem32taskeng.exe C:Program FilesASUSATKOSD2ATKOSD2.exe C:Program FilesSynapticsSynTPSynTPEnh.exe C:Program FilesAmIcoSingLunAmIcoSinglun.exe C:Program FilesASUSATK MediaDMedia.exe C:Program FilesUnlockerUnlockerAssistant.exe C:Program FilesSRS LabsSRS Audio EssentialsAENotifier.exe C:Program FilesRealtekAudioHDARtHDVCpl.exe C:Program FilesMicrosoft Security Clientmsseces.exe C:Program FilesATI TechnologiesATI.ACECore-StaticMOM.exe C:Program FilesSkypePhoneSkype.exe C:Program FilesSRS LabsSRS Audio EssentialsAudioEssentials.exe C:Program FilesSynapticsScrybescrybe.exe C:Program FilesSynapticsSynTPSynTPHelper.exe C:Windowssystem32SearchIndexer.exe C:Program FilesATI TechnologiesATI.ACECore-StaticCCC.exe C:Windowssystem32taskeng.exe C:Program FilesInternet ExplorerIELowutil.exe C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe C:Program FilesASUSASUS Live UpdateALU.exe C:Program FilesASUSSmartLogonsensorsrv.exe C:Program FilesProtected SearchProtectedSearch.exe C:Program FilesASUSWireless Console 3wcourier.exe C:Program FilesP4GBatteryLife.exe C:Windowssystem32taskeng.exe C:Program FilesATI TechnologiesHydraVisionHydraDM.exe C:WindowsMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe C:Windowssystem32conhost.exe C:Windowssystem32svchost.exe -k DcomLaunch C:Windowssystem32svchost.exe -k RPCSS C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted C:Windowssystem32svchost.exe -k netsvcs C:Windowssystem32svchost.exe -k LocalService C:Windowssystem32svchost.exe -k NetworkService C:Windowssystem32svchost.exe -k LocalServiceNoNetwork C:Windowssystem32svchost.exe -k imgsvc C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation . ============== Pseudo HJT Report =============== . uStart Page = hxxp://bing.com/ uSearch Bar = hxxp://www.google.com uSearch Page = hxxp://www.google.com uDefault_Search_URL = hxxp://www.google.com mStart Page = hxxp://www.google.com mSearch Bar = hxxp://www.google.com mSearch Page = hxxp://www.google.com mDefault_Search_URL = hxxp://www.google.com uProxyOverride = <local> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:program filescommon filesadobeacrobatactivexAcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:program filesjavajre7binssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:program filescommon filesmicrosoft sharedwindows liveWindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:program fileswindows livecompanioncompanioncore.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:program filesmicrosoftbingbar7.1.391.0BingExt.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:program filesjavajre7binjp2ssv.dll BHO: Cooliris Plug-In for Internet Explorer: {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - c:program filespiclensiecooliris.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - uRun: [skype] "c:program filesskypephoneSkype.exe" /minimized /regrun uRun: [sRSHDAudioLab] "c:program filessrs labssrs audio essentialsAudioEssentials.exe" auto uRun: [HydraVisionDesktopManager] "c:program filesati technologieshydravisionHydraDM.exe" mRun: [ATKOSD2] c:program filesasusatkosd2ATKOSD2.exe mRun: [synTPEnh] c:program filessynapticssyntpSynTPEnh.exe mRun: [HControl] c:windowsatk0100HControl.exe mRun: [AmIcoSinglun] c:program filesamicosinglunAmIcoSinglun.exe mRun: [ATKMEDIA] c:program filesasusatk mediaDMedia.exe mRun: [unlockerAssistant] "c:program filesunlockerUnlockerAssistant.exe" -H mRun: [sRSAENotifier] c:program filessrs labssrs audio essentialsAENotifier.exe mRun: [startCCC] "c:program filesati technologiesati.acecore-staticCLIStart.exe" MSRun mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:program filesamd avtbinkdbsync.exe" aml mRun: [RTHDVCPL] c:program filesrealtekaudiohdaRtHDVCpl.exe -s mRun: [Adobe ARM] "c:program filescommon filesadobearm1.0AdobeARM.exe" mRun: [MSC] "c:program filesmicrosoft security clientmsseces.exe" -hide -runkey uExplorerRun: [bkbitpesg] c:windowssystem32SecEditm.exe uExplorerRun: [twof] c:windowssystem32KBDTAT0.exe uExplorerRun: [VGSPXWIP] c:windowssystem32restoree.exe StartupFolder: c:progra~2micros~1windowsstartm~1programsstartupscrybe.lnk - c:windowsinstaller{147dfad8-34c3-4de1-9fca-acefde9ef810}NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:255 mPolicies-Explorer: NoDriveTypeAutoRun = dword:255 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Download with &Media Finder - c:program filesmedia finderhook.html IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:program fileswindows livecompanioncompanioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:program fileswindows livewriterWriterBrowserExtension.dll IE: {3437D640-C91A-458f-89F5-B9095EA4C28B} - {04F93351-81D2-4484-9982-0D55DEFFFAE6} - c:program filespiclensiecooliris.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab TCP: NameServer = 192.168.0.1 TCP: Interfaces{9C7A37DE-174E-4DBB-A59A-0F08EC846CD8} : DHCPNameServer = 192.168.0.1 TCP: Interfaces{9C7A37DE-174E-4DBB-A59A-0F08EC846CD8}4556C656B6F6D6 : DHCPNameServer = 10.120.136.116 TCP: Interfaces{9C7A37DE-174E-4DBB-A59A-0F08EC846CD8}A4F686 : DHCPNameServer = 192.168.0.1 TCP: Interfaces{9C7A37DE-174E-4DBB-A59A-0F08EC846CD8}D445E4024505D2C696E6B6 : DHCPNameServer = 192.168.1.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:program filescommon filesskypeSkype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:program fileswindows livephoto galleryAlbumDownloadProtocolHandler.dll Notify: WgaLogon - <no file> SSODL: WebCheck - <orphaned> LSA: Notification Packages = scecli c:program filesasusasus data security managerASPWDFLT LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:program filesgooglechromeapplication24.0.1312.52installersetup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome . ================= FIREFOX =================== . FF - ProfilePath - c:usersmihail tnappdataroamingmozillafirefoxprofileshdqcw0ik.default-1357910830971 FF - plugin: c:program filesadobereader 11.0readerairnppdf32.dll FF - plugin: c:program filesgoogleupdate1.3.21.124npGoogleUpdate3.dll FF - plugin: c:program filesjavajre7binplugin2npjp2.dll FF - plugin: c:program filesmicrosoft silverlight5.1.10411.0npctrlui.dll FF - plugin: c:program fileswindows livephoto galleryNPWLPG.dll FF - plugin: c:windowssystem32macromedflashNPSWF32_11_5_502_146.dll FF - plugin: c:windowssystem32npdeployJava1.dll FF - plugin: c:windowssystem32npmproxy.dll FF - plugin: c:windowssystem32watnpWatWeb.dll . ============= SERVICES / DRIVERS =============== . R0 lullaby;lullaby;c:windowssystem32driverslullaby.sys [2010-8-3 15416] R0 MpFilter;Microsoft Malware Protection Driver;c:windowssystem32driversMpFilter.sys [2012-8-30 193552] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:windowssystem32driversdtsoftbus01.sys [2012-5-31 242240] R1 vwififlt;Virtual WiFi Filter Driver;c:windowssystem32driversvwififlt.sys [2009-7-14 48128] R2 AdobeARMservice;Adobe Acrobat Update Service;c:program filescommon filesadobearm1.0armsvc.exe [2012-12-18 65192] R2 AMD External Events Utility;AMD External Events Utility;c:windowssystem32atiesrxx.exe [2012-11-30 217088] R2 BBSvc;BingBar Service;c:program filesmicrosoftbingbar7.1.391.0BBSvc.EXE [2012-6-11 193616] R2 MBAMScheduler;MBAMScheduler;c:program filesmalwarebytes' anti-malwarembamscheduler.exe [2013-1-18 398184] R2 MBAMService;MBAMService;c:program filesmalwarebytes' anti-malwarembamservice.exe [2013-1-18 682344] R2 ScrybeUpdater;Scrybe Updater;c:program filessynapticsscrybeserviceScrybeUpdater.exe [2011-5-27 1300264] R2 Skype C2C Service;Skype C2C Service;c:programdataskypetoolbarsskype c2c servicec2c_service.exe [2012-12-13 3290896] R2 SRSHDAudioService;SRS HDAudio Lab Service;c:program filescommon filessrs labssrs hd audio lab service 2SRSAudioLabService.exe [2012-6-25 13232] R3 amdkmdag;amdkmdag;c:windowssystem32driversatikmdag.sys [2012-11-30 10070016] R3 amdkmdap;amdkmdap;c:windowssystem32driversatikmpag.sys [2012-11-30 290304] R3 MBAMProtector;MBAMProtector;c:windowssystem32driversmbam.sys [2013-1-18 21104] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:windowssystem32driversRtsUStor.sys [2010-8-19 193640] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:windowssystem32driversSiSGB6.sys [2009-6-10 48128] R3 SRS_AE_Service;SRS Audio;c:windowssystem32driversSRS_AE_i386.sys [2012-6-21 407368] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsmicrosoft.netframeworkv4.0.30319mscorsvw.exe [2010-3-18 130384] S2 gupdate;Услуга на Google Актуализация (gupdate);c:program filesgoogleupdateGoogleUpdate.exe [2012-11-18 116648] S2 ImmunetProtect;Immunet 3.0;c:program filesimmunet3.0.8agent.exe --> c:program filesimmunet3.0.8agent.exe [?] S2 SkypeUpdate;Skype Updater;c:program filesskypeupdaterUpdater.exe [2012-11-9 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:windowssystem32macromedflashFlashPlayerUpdateService.exe [2012-4-1 251400] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:windowssystem32driversb57nd60x.sys [2009-7-13 229888] S3 BBUpdate;BBUpdate;c:program filesmicrosoftbingbar7.1.391.0SeaPort.EXE [2012-6-11 240208] S3 fssfltr;fssfltr;c:windowssystem32driversfssfltr.sys [2010-11-29 39272] S3 fsssvc;Windows Live Family Safety Service;c:program fileswindows livefamily safetyfsssvc.exe [2010-9-22 1493352] S3 gupdatem;Услуга на Google Актуализация (gupdatem);c:program filesgoogleupdateGoogleUpdate.exe [2012-11-18 116648] S3 MozillaMaintenance;Mozilla Maintenance Service;c:program filesmozilla maintenance servicemaintenanceservice.exe [2012-11-5 115760] S3 NisDrv;Microsoft Network Inspection System;c:windowssystem32driversNisDrvWFP.sys [2012-8-30 99272] S3 NisSrv;Microsoft Network Inspection;c:program filesmicrosoft security clientNisSrv.exe [2012-9-12 287824] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys [2011-3-16 15872] S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:windowssystem32driversRtsPStor.sys [2010-11-13 238184] S3 SRS_HDAL_Service;HD Audio Lab;c:windowssystem32driversSRS_HDAL_i386.sys [2011-9-14 404256] S3 TsUsbFlt;TsUsbFlt;c:windowssystem32driversTsUsbFlt.sys [2011-3-16 52224] S3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32watWatAdminSvc.exe [2010-8-4 1343400] S4 wlcrasvc;Windows Live Mesh remote connections service;c:program fileswindows livemeshwlcrasvc.exe [2010-9-22 51040] . =============== Created Last 30 ================ . 2013-01-18 17:07:33 -------- d-----w- c:usersmihail tnappdatalocalImmunet 2013-01-18 16:45:28 60872 ----a-w- c:programdatamicrosoftmicrosoft antimalwaredefinition updates{6213ce95-6db1-4459-afb8-5d5218c2769e}offreg.dll 2013-01-18 16:39:57 21104 ----a-w- c:windowssystem32driversmbam.sys 2013-01-18 16:39:57 -------- d-----w- c:program filesMalwarebytes' Anti-Malware 2013-01-18 16:29:35 740840 ----a-w- c:programdatamicrosoftmicrosoft antimalwaredefinition updatesnisbackupgapaengine.dll 2013-01-18 16:29:33 740840 ----a-w- c:programdatamicrosoftmicrosoft antimalwaredefinition updates{6f6ae3ae-39b8-4006-be58-e453885d6bf7}gapaengine.dll 2013-01-18 16:28:23 6991832 ------w- c:programdatamicrosoftmicrosoft antimalwaredefinition updates{6213ce95-6db1-4459-afb8-5d5218c2769e}mpengine.dll 2013-01-18 16:21:21 -------- d-----w- c:program filesMicrosoft Security Client 2013-01-18 11:46:13 94112 ----a-w- c:windowssystem32WindowsAccessBridge.dll 2013-01-17 20:08:25 -------- d-----w- C:Tweaking.com_Windows_Repair_Logs 2013-01-17 20:07:57 -------- d-----w- c:program filesTweaking.com 2013-01-14 09:09:54 -------- d-----w- c:usersmihail tnappdatalocalPrograms 2013-01-11 13:13:44 -------- d-----w- c:usersmihail tnappdataroamingSuperMP3Download 2013-01-11 13:13:44 -------- d-----w- c:programdataSuperMP3Download 2013-01-08 20:31:38 -------- d-----w- c:usersmihail tnappdatalocalRazer 2013-01-08 09:37:40 -------- d-----w- c:usersmihail tnappdatalocal{50A3096A-D461-4837-8DAB-406AAD9CDCD3} 2013-01-04 14:23:34 -------- d-----w- c:usersmihail tnappdatalocal{3730522B-1446-426E-AD3D-450461AAD696} 2012-12-31 16:49:10 -------- d-----w- c:usersmihail tnappdatalocal{47EEA97B-4E33-4FCE-8D6C-803B6DC82E8D} 2012-12-23 20:36:00 -------- d-----w- c:program filesHitmanPro 2012-12-23 20:33:16 12872 ----a-w- c:windowssystem32bootdelete.exe 2012-12-23 20:29:23 -------- d-----w- c:programdataHitmanPro 2012-12-22 12:21:28 -------- d-----w- c:usersmihail tnappdataroamingLibreOffice 2012-12-22 12:17:40 -------- d-----w- c:program filesLibreOffice 3.6 2012-12-22 11:12:50 -------- d-----w- c:usersmihail tnappdatalocal{76C628EE-F6B3-4829-A806-891392738D19} . ==================== Find3M ==================== . 2013-01-18 21:37:01 45056 ----a-w- c:windowssystem32acovcnt.exe 2013-01-18 11:45:52 859552 ----a-w- c:windowssystem32npdeployJava1.dll 2013-01-18 11:45:52 780192 ----a-w- c:windowssystem32deployJava1.dll 2013-01-13 22:12:39 74248 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl 2013-01-13 22:12:39 697864 ----a-w- c:windowssystem32FlashPlayerApp.exe 2012-11-13 20:53:08 2106216 ----a-w- c:windowssystem32D3DCompiler_43.dll 2012-11-13 20:53:08 1998168 ----a-w- c:windowssystem32D3DX9_43.dll 2012-11-13 20:53:00 470880 ----a-w- c:windowssystem32d3dx10_43.dll 2012-11-13 20:53:00 248672 ----a-w- c:windowssystem32d3dx11_43.dll 2009-04-08 07:31:56 106496 ----a-w- c:program filescommon filesCPInstallAction.dll 2008-08-11 18:45:20 155648 ----a-w- c:program filescommon filesMSIactionall.dll . ============= FINISH: 22:43:10,87 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft Windows 7 Ultimate Boot Device: DeviceHarddiskVolume1 Install Date: 3.8.2010 г. 15:04:13 System Uptime: 18.1.2013 г. 22:35:59 (0 hours ago) . Motherboard: ASUSTeK Computer Inc. | | F5SL Processor: Intel® Celeron® CPU 550 @ 2.00GHz | CPU 1 | 2000/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 43 GiB total, 15,825 GiB free. D: is FIXED (NTFS) - 68 GiB total, 38,174 GiB free. E: is CDROM () F: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: ImmunetNetworkMonitorDriver Device ID: ROOTLEGACY_IMMUNETNETWORKMONITORDRIVER0000 Manufacturer: Name: ImmunetNetworkMonitorDriver PNP Device ID: ROOTLEGACY_IMMUNETNETWORKMONITORDRIVER0000 Service: ImmunetNetworkMonitorDriver . ==== System Restore Points =================== . RP247: 18.1.2013 г. 12:44:54 - Installed Java 7 Update 11 RP248: 18.1.2013 г. 17:28:23 - Windows Update RP249: 18.1.2013 г. 21:44:30 - Removed Java 6 Update 37 . ==== Installed Programs ====================== . µTorrent 3D Sound Back Beta0.1 7-Zip 9.20 Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.01) AIDA64 Extreme Edition v2.50 AIMP3 Alcor Micro USB Card Reader AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD AVIVO Codecs AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Media Foundation Decoders ASUS CopyProtect ASUS Data Security Manager ASUS FancyStart ASUS Live Update ASUS MultiFrame ASUS Power4Gear Hybrid ASUS SmartLogon ASUS Splendid Video Enhancement Technology Atheros Client Installation Program ATK Hotkey ATK Media ATK0100 ACPI UTILITY ATKOSD2 AVS Audio Converter 7 AVS Update Manager 1.0 AVS4YOU Software Navigator 1.4 Bing Bar Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Cooliris for Internet Explorer D3DX10 DAEMON Tools Lite Defraggler Download Updater (AOL LLC) Feedback Tool foobar2000 v1.1.12a Google Chrome Google Update Helper HydraVision Java 7 Update 11 Java Auto Updater Junk Mail filter update K-Lite Codec Pack 6.1.0 (Full) LibreOffice 3.6 Malwarebytes Anti-Malware, версия 1.70.0.1100 Mesh Runtime Messenger Companion Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Primary Interoperability Assemblies 2005 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Motorola SM56 Speakerphone Modem Mozilla Firefox 18.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NB Probe Net4Switch Notepad++ Opera 12.12 Protected Search 1.1 Realtek High Definition Audio Driver Realtek PCI Fast Ethernet Controller Driver For Vista and Win7 Realtek PCIE Card Reader Realtek USB 2.0 Card Reader Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) SimpleTV 0.4.7 b2 Skype Click to Call Skype™ 6.0 Songr SRS Audio Essentials Synaptics Gesture Suite featuring SYNAPTICS | Scrybe Synaptics Pointing Device Driver Tweaking.com - Windows Repair (All in One) Unlocker 1.9.1 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) USB 2.0 1.3M UVC WebCam VLC media player 2.0.5 VS10RuntimeWin32 Windows 7 USB/DVD Download Tool Windows Driver Package - ATK (MTsensor) System (12/14/2006 1043.2.31.100) Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin WinRAR 4.01 (32-bit) Wireless Console 3 . ==== End Of File ===========================
  9. Здравейте, бих била благодарна, ако хвърлите едно око над това, което ме притеснява. Ето резултатите от диагностиката с MalwareBytes: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.08.28.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 toshiba :: TOSHIBA-PC [administrator] 29.8.2013 г. 16:46:29 ч. MBAM-log-2013-08-29 (17-27-50).txt Scan type: Full scan (C:|D:|E:|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 342385 Time elapsed: 39 minute(s), 46 second(s) Memory Processes Detected: 1 C:Program Files (x86)SweetIMMessengerSweetIM.exe (PUP.Optional.SweetIM) -> 4024 -> No action taken. Memory Modules Detected: 8 C:Program Files (x86)SweetIMMessengermgAdaptersProxy.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermgUpdateSupport.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermgsimcommon.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermgcommon.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermgcommunication.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermghooking.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermgxml_wrapper.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermgconfig.dll (PUP.Optional.SweetIM) -> No action taken. Registry Keys Detected: 13 HKCRCLSID{f34c9277-6577-4dff-b2d7-7d58092f272f} (PUP.Datamngr) -> No action taken. HKCUSOFTWAREMicrosoftWindowsCurrentVersionExtSettings{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> No action taken. HKCUSOFTWAREMicrosoftWindowsCurrentVersionExtStats{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> No action taken. HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Datamngr) -> No action taken. HKCRCLSID{82AC53B4-164C-4B07-A016-437A8388B81A} (PUP.Optional.SweetIM) -> No action taken. HKCRTypeLib{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} (PUP.Optional.SweetIM) -> No action taken. HKCRInterface{A439801C-961D-452C-AB42-7848E9CBD289} (PUP.Optional.SweetIM) -> No action taken. HKCRMgMediaPlayer.GifAnimator.1 (PUP.Optional.SweetIM) -> No action taken. HKCRMgMediaPlayer.GifAnimator (PUP.Optional.SweetIM) -> No action taken. HKCUSOFTWAREDataMngr_Toolbar (PUP.Optional.DataMngr) -> No action taken. HKCUSoftwareDatamngr (PUP.Optional.DataMngr) -> No action taken. HKCUSOFTWARESWEETIM (PUP.Optional.SweetIM.A) -> No action taken. HKLMSOFTWARESWEETIM (PUP.Optional.SweetIM.A) -> No action taken. Registry Values Detected: 3 HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun|SweetIM (PUP.Optional.SweetIM) -> Data: C:Program Files (x86)SweetIMMessengerSweetIM.exe -> No action taken. HKCUSoftwareSweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {15124F06-4EBB-11E2-BC61-20689DA5D4E3} -> No action taken. HKLMSoftwareSweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {15124F06-4EBB-11E2-BC61-20689DA5D4E3} -> No action taken. Registry Data Items Detected: 1 HKCUSOFTWAREMicrosoftInternet ExplorerMain|Start Page (PUP.Optional.Conduit) -> Bad: (http://search.conduit.com?SearchSource=10&CUI=UN26900632892211815&UM=2&ctid=CT3078318&SSPV=TB_CS7) Good: (http://www.google.com) -> No action taken. Folders Detected: 3 C:UserstoshibaAppDataRoamingOpenCandy (PUP.Optional.OpenCandy) -> No action taken. C:UserstoshibaAppDataRoamingOpenCandy2FC790928F794B7A8C88FCE52BED2DEF (PUP.Optional.OpenCandy) -> No action taken. C:UserstoshibaAppDataRoamingOpenCandy321CD728BD2E4B309D39408927D2AD67 (PUP.Optional.OpenCandy) -> No action taken. Files Detected: 47 C:Program Files (x86)SweetIMMessengermgAdaptersProxy.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengerSweetIM.exe (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermgUpdateSupport.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermgsimcommon.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermgcommon.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermgcommunication.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermghooking.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermgxml_wrapper.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermgconfig.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)BS_PlayerBS_PlayerToolbarHelper.exe (PUP.Optional.Conduit.A) -> No action taken. C:Program Files (x86)BS_PlayerBS_PlayerToolbarHelper1.exe (PUP.Optional.Conduit.A) -> No action taken. C:Program Files (x86)SweetIMMessengerContentPackagesActivationHandler.exe (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermgArchive.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermgFlashPlayer.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermgICQAuto.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermgICQMessengerAdapter.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermglogger.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermgMediaPlayer.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermgMsnAuto.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermgMsnMessengerAdapter.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermgSweetIM.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermgYahooAuto.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengermgYahooMessengerAdapter.dll (PUP.Optional.SweetIM) -> No action taken. C:Program Files (x86)SweetIMMessengerresourcessqlitemgSqlite3.dll (PUP.Optional.SweetIM) -> No action taken. C:UserstoshibaAppDataLocalConduitCT1750559BS_PlayerAutoUpdateHelper.exe (PUP.Optional.Conduit.A) -> No action taken. C:UserstoshibaAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE52VCTFQYZchecktbexist[1].exe (PUP.Optional.Conduit.A) -> No action taken. C:UserstoshibaAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5P8E6BXBYytbyclick_wpf[1].exe (PUP.Optional.Conduit.A) -> No action taken. C:UserstoshibaAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5PT79WS5Hytbyclick[1].exe (PUP.Optional.Conduit.A) -> No action taken. C:UserstoshibaAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5PU235UP7statisticsstub[1].exe (PUP.Optional.Conduit.A) -> No action taken. C:UserstoshibaAppDataLocalTempmgsqlite3.dll (PUP.Optional.SweetIM) -> No action taken. C:UserstoshibaAppDataLocalTempPIPInstaller_PTV_.exe (PUP.Optional.BundledToolBar.A) -> No action taken. C:UserstoshibaAppDataLocalTempShortcut_bundlesweetimsetup.exe (PUP.Optional.SweetIM) -> No action taken. C:UserstoshibaAppDataLocalTempToolbarHelper.exe (PUP.Optional.Conduit.A) -> No action taken. C:UserstoshibaAppDataLocalTempCT1750559ctbe.exe (PUP.Optional.Conduit.A) -> No action taken. C:UserstoshibaAppDataLocalTempCT1750559ieLogic.exe (PUP.Optional.Conduit.A) -> No action taken. C:UserstoshibaAppDataLocalTempCT1750559statisticsStub.exe (PUP.Optional.Conduit.A) -> No action taken. C:UserstoshibaAppDataLocalTempct3078318chLogic.exe (PUP.Optional.Conduit.A) -> No action taken. C:UserstoshibaAppDataLocalTempct3078318ctbe.exe (PUP.Optional.Conduit.A) -> No action taken. C:UserstoshibaAppDataLocalTempct3078318ieLogic.exe (PUP.Optional.Conduit.A) -> No action taken. C:UserstoshibaAppDataLocalTempct3078318spch.exe (PUP.Optional.Conduit.A) -> No action taken. C:UserstoshibaAppDataLocalTempct3078318statisticsStub.exe (PUP.Optional.Conduit.A) -> No action taken. C:UserstoshibaAppDataLocalTempnsc5EF4.tmpOCSetupHlp.dll (PUP.Optional.OpenCandy) -> No action taken. C:WindowsInstaller3cfd6e.msi (PUP.Optional.SweetIM) -> No action taken. C:WindowsInstaller3cfd86.msi (PUP.Optional.SweetIM) -> No action taken. D:филмиBS.Player 2.64 Build 1073 Finalbsplayer264.1073.exe (PUP.Optional.OpenCandy) -> No action taken. C:UserstoshibaAppDataRoamingOpenCandy2FC790928F794B7A8C88FCE52BED2DEFTuneUpUtilities2013_2200319_en-US.exe (PUP.Optional.OpenCandy) -> No action taken. C:UserstoshibaAppDataRoamingOpenCandy321CD728BD2E4B309D39408927D2AD67RealPlayerR71POC6_p2v1.exe (PUP.Optional.OpenCandy) -> No action taken. (end) DDS: DDS (Ver_2011-09-30.01) - NTFS_AMD64 Internet Explorer: 9.10.9200.16660 Run by toshiba at 19:34:21 on 2013-08-28 Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1033.18.8082.5093 [GMT 3:00] . AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47} . ============== Running Processes =============== . C:Windowssystem32wininit.exe C:Windowssystem32lsm.exe C:Windowssystem32svchost.exe -k DcomLaunch C:Windowssystem32svchost.exe -k RPCSS C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted C:Windowssystem32svchost.exe -k LocalService C:Windowssystem32svchost.exe -k netsvcs C:Windowssystem32svchost.exe -k NetworkService C:Program FilesAVAST SoftwareAvastAvastSvc.exe C:WindowsSystem32spoolsv.exe C:Windowssystem32svchost.exe -k LocalServiceNoNetwork C:Program Files (x86)ComodoDragondragon_updater.exe C:Program FilesInteliCLS ClientHeciServer.exe C:Program Files (x86)IntelIntel® Management Engine ComponentsFWServiceIntelMeFWService.exe C:Program Files (x86)IntelIntel® Management Engine ComponentsDALjhi_service.exe C:Program Files (x86)T-MobileConnection ManagerBackgroundServiceServiceManager.exe C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe C:Windowssystem32svchost.exe -k imgsvc C:Program FilesTOSHIBAPower SaverTosCoSrv.exe C:PROGRA~2VIDEOD~2bar1.bin4zbarsvc.exe C:Program Files (x86)Common FilesAVG Secure SearchvToolbarUpdater15.5.0ToolbarUpdater.exe C:Program Files (x86)Common FilesAVG Secure SearchvToolbarUpdater15.5.0loggingserver.exe C:Windowssystem32conhost.exe C:Windowssystem32svchost.exe -k bthsvcs C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation C:WindowsSystem32WUDFHost.exe C:Windowssystem32taskhost.exe C:Windowssystem32Dwm.exe C:WindowsExplorer.EXE C:Program FilesSynapticsSynTPSynTPEnh.exe C:Program FilesTOSHIBAPower SaverTPwrMain.exe C:Program FilesTOSHIBAFlashCardsTCrdMain.exe C:WindowsSystem32igfxtray.exe C:WindowsSystem32hkcmd.exe C:WindowsSystem32igfxpers.exe C:PROGRAM FILESSYNAPTICSSYNTPSYNTPHELPER.EXE C:Program Files (x86)SkypePhoneSkype.exe C:Program Files (x86)IntelIntel® USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe C:Program Files (x86)SweetIMMessengerSweetIM.exe C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe C:Program FilesAVAST SoftwareAvastAvastUI.exe C:Windowssystem32SearchIndexer.exe C:Program Files (x86)AVG Secure Searchvprot.exe C:Program Files (x86)VideoDownloadConverter_4zbar1.bin4zbrmon.exe C:Program Files (x86)T-MobileConnection ManagerBackgroundModemListener.exe C:Program FilesWindows Media Playerwmpnetwk.exe C:WindowsSystem32svchost.exe -k LocalServicePeerNet C:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe C:WindowsSystem32svchost.exe -k secsvcs C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSENotify.exe C:Program Files (x86)Operaopera.exe C:Program Files (x86)Malwarebytes' Anti-Malwarembam.exe C:Program Files (x86)IntelIntel® ME FW Recovery Agentbinismagent.exe C:Program Files (x86)IntelIntel® ME FW Recovery Agentbinupdateui.exe C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE C:Windowssystem32wuauclt.exe C:Program Files (x86)Microsoft OfficeOffice14WINWORD.EXE C:Windowssplwow64.exe C:Windowssystem32taskeng.exe C:Windowssystem32conhost.exe C:Windowssystem32DllHost.exe C:Windowssystem32wbemwmiprvse.exe C:WindowsSystem32cscript.exe . ============== Pseudo HJT Report =============== . uURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:Program Files (x86)uTorrentControl_v2prxtbuTo2.dll uURLSearchHooks: <No Name>: {93a3111f-4f74-4ed8-895e-d9708497629e} - C:Program Files (x86)VideoDownloadConverter_4zbar1.bin4zSrcAs.dll uURLSearchHooks: BS Player ControlBar Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:Program Files (x86)BS_PlayerprxtbBS_0.dll mURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:Program Files (x86)uTorrentControl_v2prxtbuTo2.dll mURLSearchHooks: BS Player ControlBar Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:Program Files (x86)BS_PlayerprxtbBS_0.dll mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll BHO: Toolbar BHO: {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:Program Files (x86)VideoDownloadConverter_4zbar1.bin4zbar.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:Program Files (x86)Microsoft OfficeOffice14GROOVEEX.DLL BHO: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:Program Files (x86)uTorrentControl_v2prxtbuTo2.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned> BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:Program Files (x86)Microsoft OfficeOffice14URLREDIR.DLL BHO: Search Assistant BHO: {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:Program Files (x86)VideoDownloadConverter_4zbar1.bin4zSrcAs.dll BHO: BS Player ControlBar Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:Program Files (x86)BS_PlayerprxtbBS_0.dll TB: uTorrentControl_v2 Toolbar: {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:Program Files (x86)uTorrentControl_v2prxtbuTo2.dll TB: BS Player ControlBar Toolbar: {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - C:Program Files (x86)BS_PlayerprxtbBS_0.dll TB: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:Program Files (x86)uTorrentControl_v2prxtbuTo2.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll TB: VideoDownloadConverter: {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:Program Files (x86)VideoDownloadConverter_4zbar1.bin4zbar.dll TB: BS Player ControlBar Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:Program Files (x86)BS_PlayerprxtbBS_0.dll uRun: [uTorrent] "C:Program Files (x86)uTorrentuTorrent.exe" /MINIMIZED uRun: [DAEMON Tools Lite] "C:Program Files (x86)DAEMON Tools LiteDTLite.exe" -autorun uRun: [skype] "C:Program Files (x86)SkypePhoneSkype.exe" /minimized /regrun mRun: [uSB3MON] "C:Program Files (x86)IntelIntel® USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe" mRun: [sweetIM] C:Program Files (x86)SweetIMMessengerSweetIM.exe mRun: [bCSSync] "C:Program Files (x86)Microsoft OfficeOffice14BCSSync.exe" /DelayServices mRun: [Adobe Reader Speed Launcher] "C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe" mRun: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe" mRun: [avast] "C:Program FilesAVAST SoftwareAvastavastUI.exe" /nogui mRun: [vProt] "C:Program Files (x86)AVG Secure Searchvprot.exe" mRun: [VideoDownloadConverter Search Scope Monitor] "C:PROGRA~2VIDEOD~2bar1.bin4zsrchmn.exe" /m=2 /w /h mRun: [VideoDownloadConverter_4z Browser Plugin Loader] C:PROGRA~2VIDEOD~2bar1.bin4zbrmon.exe mRun: [T-Mobile ModemListener] C:Program Files (x86)T-MobileConnection ManagerBackgroundModemListener.exe start mRunOnce: [Malwarebytes Anti-Malware] C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe /install /silent StartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupBLUETO~1.LNK - C:Program Files (x86)TOSHIBABluetooth MonitorBtMon2.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: E&xport to Microsoft Excel - C:PROGRA~2MICROS~1Office14EXCEL.EXE/3000 IE: Se&nd to OneNote - C:PROGRA~2MICROS~1Office14ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces{DA1D689C-6383-4AE0-87D7-85EC745289D0} : DHCPNameServer = 192.168.1.1 TCP: Interfaces{DA1D689C-6383-4AE0-87D7-85EC745289D0}244534D2144435C4 : DHCPNameServer = 192.168.1.1 TCP: Interfaces{DA1D689C-6383-4AE0-87D7-85EC745289D0}6594651434F4D4F5E45445 : DHCPNameServer = 192.168.1.1 TCP: Interfaces{DA1D689C-6383-4AE0-87D7-85EC745289D0}669666478666C6F6F627 : DHCPNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:Program Files (x86)Common FilesMicrosoft SharedOFFICE14MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dll Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:Program Files (x86)Common FilesAVG Secure SearchViProtocolInstaller15.5.0ViProtocol.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:Program Files (x86)Microsoft OfficeOffice14GROOVEEX.DLL mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:Program Files (x86)GoogleChromeApplication29.0.1547.57Installerchrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dll x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:Program FilesMicrosoft OfficeOffice14URLREDIR.DLL x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dll x64-Run: [TosSENotify] C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosWaitSrv.exe x64-Run: [TosVolRegulator] C:Program FilesTOSHIBATosVolRegulatorTosVolRegulator.exe x64-Run: [synTPEnh] C:Program Files (x86)SynapticsSynTPSynTPEnh.exe x64-Run: [TPwrMain] C:Program Files (x86)TOSHIBAPower SaverTPwrMain.EXE x64-Run: [TCrdMain] C:Program Files (x86)TOSHIBAFlashCardsTCrdMain.exe x64-Run: [igfxTray] C:WindowsSystem32igfxtray.exe x64-Run: [HotKeysCmds] C:WindowsSystem32hkcmd.exe x64-Run: [Persistence] C:WindowsSystem32igfxpers.exe x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:Program FilesMicrosoft OfficeOffice14ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:Program FilesMicrosoft OfficeOffice14ONBttnIELinkedNotes.dll x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:Program FilesCommon FilesMicrosoft SharedOFFICE14MSOXMLMF.DLL x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL . ============= SERVICES / DRIVERS =============== . R0 aswKbd;aswKbd;C:WindowsSystem32driversaswKbd.sys [2013-3-5 22600] R0 aswRvrt;aswRvrt;C:WindowsSystem32driversaswRvrt.sys [2013-3-5 65336] R0 aswVmm;aswVmm;C:WindowsSystem32driversaswVmm.sys [2013-3-5 178624] R0 BMLoad;Bytemobile Boot Time Load Driver;C:WindowsSystem32driversBMLoad.sys [2013-3-20 16512] R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:WindowsSystem32driversiusb3hcs.sys [2012-1-5 16152] R1 aswSnx;aswSnx;C:WindowsSystem32driversaswSnx.sys [2013-2-10 1025808] R1 aswSP;aswSP;C:WindowsSystem32driversaswSP.sys [2013-2-10 377920] R1 avgtp;avgtp;C:WindowsSystem32driversavgtpx64.sys [2013-2-15 45856] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:WindowsSystem32driversdtsoftbus01.sys [2012-12-25 283200] R1 vwififlt;Virtual WiFi Filter Driver;C:WindowsSystem32driversvwififlt.sys [2009-7-14 59904] R2 aswFsBlk;aswFsBlk;C:WindowsSystem32driversaswFsBlk.sys [2013-2-10 33400] R2 aswMonFlt;aswMonFlt;C:WindowsSystem32driversaswMonFlt.sys [2013-2-10 80816] R2 avast! Antivirus;avast! Antivirus;C:Program FilesAVAST SoftwareAvastAvastSvc.exe [2013-3-12 45248] R2 DragonUpdater;COMODO Dragon Update Service;C:Program Files (x86)ComodoDragondragon_updater.exe [2012-12-24 1868432] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:Program FilesInteliCLS ClientHeciServer.exe [2012-2-2 628448] R2 Intel® ME Service;Intel® ME Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsFWServiceIntelMeFWService.exe [2012-12-19 128280] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsDALJhi_service.exe [2012-12-19 161560] R2 Modem Device Helper;Modem Device Helper;C:Program Files (x86)T-MobileConnection ManagerBackgroundServiceServiceManager.exe -start --> C:Program Files (x86)T-MobileConnection ManagerBackgroundServiceServiceManager.exe -start [?] R2 Skype C2C Service;Skype C2C Service;C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe [2013-8-14 3291008] R2 UNS;Intel® Management and Security Application User Notification Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2012-12-19 363800] R2 VideoDownloadConverter_4zService;VideoDownloadConverterService;C:PROGRA~2VIDEOD~2bar1.bin4zbarsvc.exe [2013-2-17 42504] R2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0;C:Program Files (x86)Common FilesAVG Secure SearchvToolbarUpdater15.5.0ToolbarUpdater.exe [2013-8-15 1643184] R3 IntcDAud;Intel® Display Audio;C:WindowsSystem32driversIntcDAud.sys [2011-12-6 331264] R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:WindowsSystem32driversiusb3hub.sys [2012-1-5 355096] R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:WindowsSystem32driversiusb3xhc.sys [2012-1-5 786200] R3 MEIx64;Intel® Management Engine Interface ;C:WindowsSystem32driversHECIx64.sys [2012-12-19 60184] R3 osppsvc;Office Software Protection Platform;C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE [2010-1-9 4925184] R3 PGEffect;Pangu effect driver;C:WindowsSystem32driversPGEffect.sys [2012-12-19 38096] R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:WindowsSystem32driversrtwlane.sys [2012-12-26 1082472] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe [2011-11-25 138152] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576] S2 gupdate;Услуга на Google Актуализация (gupdate);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2012-12-25 116648] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-12-21 257416] S3 cphs;Intel® Content Protection HECI Service;C:WindowsSysWOW64IntelCpHeciSvc.exe [2012-5-10 276248] S3 dmvsc;dmvsc;C:WindowsSystem32driversdmvsc.sys [2011-4-12 71168] S3 gupdatem;Услуга на Google Актуализация (gupdatem);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2012-12-25 116648] S3 jrdusbser;Mobile Connector Device for Legacy Serial Communication;C:WindowsSystem32driversjrdusbser.sys [2013-3-20 119680] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:Program Files (x86)Microsoft OfficeOffice14GROOVE.EXE [2012-9-20 30785672] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:WindowsSystem32driversrdpvideominiport.sys [2010-11-21 20992] S3 RTL8167;Realtek 8167 NT Driver;C:WindowsSystem32driversRt64win7.sys [2012-12-19 565352] S3 Synth3dVsc;Synth3dVsc;C:WindowsSystem32driversSynth3dVsc.sys [2011-4-12 88960] S3 terminpt;Microsoft Remote Desktop Input Driver;C:WindowsSystem32driversterminpt.sys [2011-4-12 34816] S3 TsUsbFlt;TsUsbFlt;C:WindowsSystem32driversTsUsbFlt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:WindowsSystem32driversTsUsbGD.sys [2010-11-21 31232] S3 tsusbhub;tsusbhub;C:WindowsSystem32driverstsusbhub.sys [2011-4-12 117248] S3 WatAdminSvc;Windows Activation Technologies Service;C:WindowsSystem32WatWatAdminSvc.exe [2012-12-27 1255736] S4 SkypeUpdate;Skype Updater;C:Program Files (x86)SkypeUpdaterUpdater.exe [2013-2-28 161384] . =============== Created Last 30 ================ . 2013-08-28 14:57:25 -------- d-----w- C:UserstoshibaAppDataRoamingMalwarebytes 2013-08-28 14:53:39 -------- d-----w- C:ProgramDataMalwarebytes 2013-08-28 14:53:38 25928 ----a-w- C:WindowsSystem32driversmbam.sys 2013-08-28 14:53:38 -------- d-----w- C:Program Files (x86)Malwarebytes' Anti-Malware 2013-08-28 14:52:09 -------- d-----w- C:UserstoshibaAppDataLocalPrograms 2013-08-27 11:15:49 9515512 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{A8E226B2-60E9-4E94-9D09-FF819BD721F6}mpengine.dll 2013-08-04 22:13:02 -------- d-----w- C:Lyrics 2013-08-04 22:10:31 -------- d-----w- C:Program Files (x86)MiniLyrics . ==================== Find3M ==================== . 2013-08-21 14:35:08 71048 ----a-w- C:WindowsSysWow64FlashPlayerCPLApp.cpl 2013-08-21 14:35:08 692104 ----a-w- C:WindowsSysWow64FlashPlayerApp.exe 2013-08-14 22:00:23 45856 ----a-w- C:WindowsSystem32driversavgtpx64.sys 2013-07-26 05:13:37 2241024 ----a-w- C:WindowsSystem32wininet.dll 2013-07-26 05:12:08 3958784 ----a-w- C:WindowsSystem32jscript9.dll 2013-07-26 05:12:04 136704 ----a-w- C:WindowsSystem32iesysprep.dll 2013-07-26 05:12:03 67072 ----a-w- C:WindowsSystem32iesetup.dll 2013-07-26 03:35:08 2706432 ----a-w- C:WindowsSystem32mshtml.tlb 2013-07-26 03:13:24 1767936 ----a-w- C:WindowsSysWow64wininet.dll 2013-07-26 03:12:04 2877440 ----a-w- C:WindowsSysWow64jscript9.dll 2013-07-26 03:12:00 61440 ----a-w- C:WindowsSysWow64iesetup.dll 2013-07-26 03:12:00 109056 ----a-w- C:WindowsSysWow64iesysprep.dll 2013-07-26 02:49:14 2706432 ----a-w- C:WindowsSysWow64mshtml.tlb 2013-07-26 02:39:38 89600 ----a-w- C:WindowsSystem32RegisterIEPKEYs.exe 2013-07-26 01:59:38 71680 ----a-w- C:WindowsSysWow64RegisterIEPKEYs.exe 2013-07-25 09:25:54 1888768 ----a-w- C:WindowsSystem32WMVDECOD.DLL 2013-07-25 08:57:27 1620992 ----a-w- C:WindowsSysWow64WMVDECOD.DLL 2013-07-19 01:58:42 2048 ----a-w- C:WindowsSystem32tzres.dll 2013-07-19 01:41:01 2048 ----a-w- C:WindowsSysWow64tzres.dll 2013-07-09 06:03:30 5550528 ----a-w- C:WindowsSystem32ntoskrnl.exe 2013-07-09 05:54:22 1732032 ----a-w- C:WindowsSystem32ntdll.dll 2013-07-09 05:53:12 243712 ----a-w- C:WindowsSystem32wow64.dll 2013-07-09 05:52:52 224256 ----a-w- C:WindowsSystem32wintrust.dll 2013-07-09 05:51:16 1217024 ----a-w- C:WindowsSystem32rpcrt4.dll 2013-07-09 05:46:20 184320 ----a-w- C:WindowsSystem32cryptsvc.dll 2013-07-09 05:46:20 1472512 ----a-w- C:WindowsSystem32crypt32.dll 2013-07-09 05:46:20 139776 ----a-w- C:WindowsSystem32cryptnet.dll 2013-07-09 05:03:34 3968960 ----a-w- C:WindowsSysWow64ntkrnlpa.exe 2013-07-09 05:03:34 3913664 ----a-w- C:WindowsSysWow64ntoskrnl.exe 2013-07-09 04:53:47 1292192 ----a-w- C:WindowsSysWow64ntdll.dll 2013-07-09 04:52:33 663552 ----a-w- C:WindowsSysWow64rpcrt4.dll 2013-07-09 04:52:33 5120 ----a-w- C:WindowsSysWow64wow32.dll 2013-07-09 04:52:10 175104 ----a-w- C:WindowsSysWow64wintrust.dll 2013-07-09 04:46:31 140288 ----a-w- C:WindowsSysWow64cryptsvc.dll 2013-07-09 04:46:31 1166848 ----a-w- C:WindowsSysWow64crypt32.dll 2013-07-09 04:46:31 103936 ----a-w- C:WindowsSysWow64cryptnet.dll 2013-07-09 04:45:07 44032 ----a-w- C:Windowsapppatchacwow64.dll 2013-07-09 02:49:42 25600 ----a-w- C:WindowsSysWow64setup16.exe 2013-07-09 02:49:41 7680 ----a-w- C:WindowsSysWow64instnm.exe 2013-07-09 02:49:39 14336 ----a-w- C:WindowsSysWow64ntvdm64.dll 2013-07-09 02:49:38 2048 ----a-w- C:WindowsSysWow64user.exe 2013-07-08 17:54:48 57096 ----a-w- C:WindowsSystem32certsentry.dll 2013-07-08 17:54:48 48392 ----a-w- C:WindowsSysWow64certsentry.dll 2013-07-08 16:18:18 348160 ----a-w- C:WindowsSysWow64msvcr71.dll 2013-07-08 16:18:18 1700352 ----a-w- C:WindowsSysWow64gdiplus.dll 2013-07-08 16:18:18 1060864 ----a-w- C:WindowsSysWow64mfc71.dll 2013-07-06 06:03:53 1910208 ----a-w- C:WindowsSystem32driverstcpip.sys 2013-07-03 08:33:03 9728 ---ha-w- C:WindowsSysWow64api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-06-15 04:35:40 1111552 ----a-w- C:WindowsSystem32rdpcorets.dll 2013-06-15 04:32:16 39936 ----a-w- C:WindowsSystem32driverstssecsrv.sys 2013-06-05 03:34:27 3153920 ----a-w- C:WindowsSystem32win32k.sys 2013-06-04 06:00:13 624128 ----a-w- C:WindowsSystem32qedit.dll 2013-06-04 04:53:07 509440 ----a-w- C:WindowsSysWow64qedit.dll . ============= FINISH: 19:34:43,88 =============== Attach: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft Windows 7 Ultimate Boot Device: DeviceHarddiskVolume1 Install Date: 19.12.2012 г. 10:36:53 System Uptime: 28.8.2013 г. 15:35:43 (4 hours ago) . Motherboard: Type2 - Board Vendor Name1 | | Type2 - Board Product Name1 Processor: Intel® Celeron® CPU B830 @ 1.80GHz | U3E1 | 1296/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 80 GiB total, 43,616 GiB free. D: is FIXED (NTFS) - 516 GiB total, 353,063 GiB free. E: is CDROM () F: is CDROM (CDFS) H: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: avast! Firewall NDIS Filter Miniport Device ID: ROOTSW_ASWNDISMP0000 Manufacturer: ALWIL Software Name: avast! Firewall NDIS Filter Miniport PNP Device ID: ROOTSW_ASWNDISMP0000 Service: aswNdis . Class GUID: Description: Ethernet Controller Device ID: PCIVEN_10EC&DEV_8136&SUBSYS_FB371179&REV_054&299ABDA1&0&00E2 Manufacturer: Name: Ethernet Controller PNP Device ID: PCIVEN_10EC&DEV_8136&SUBSYS_FB371179&REV_054&299ABDA1&0&00E2 Service: . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . µTorrent Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.5.3 - Bulgarian AEnglish Dictionary XP 1.72 avast! Free Antivirus AVG Security Toolbar Bluetooth Monitor 4 BS Player Toolbar BS.Player FREE Comodo Dragon Connection Manager DAEMON Tools Lite Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition GOM Player Google Chrome Google Drive Google Update Helper Intel® Manageability Engine Firmware Recovery Agent Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology Intel® USB 3.0 eXtensible Host Controller Driver Intel® Trusted Connect Service Client Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 4 Client Profile Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 oggcodecs 0.71.0946 Opera 12.15 Realtek WLAN Driver SA Dictionary® 2012 Beta1 Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Skype Click to Call Skype™ 6.3 SweetIM for Messenger 3.7 SweetPacks bundle uninstaller Synaptics Pointing Device Driver The KMPlayer (remove only) TOSHIBA HDD/SSD Alert TOSHIBA Value Added Package TOSHIBA Web Camera Application Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition uTorrentControl_v2 Toolbar Video Download Converter version 1.0.0.0 VideoDownloadConverter Toolbar WinRAR 4.20 (32-битова версия) . ==== End Of File ===========================
  10. Ситуацията е следната.Имах проблем със Firefox,изразяваше се във това,че се затваряше бавно.Пуснах MBAM и SAS,като SAS откри въпросния Hijacker и уж го премахна успешно,но във момента браузъра работни мудно при затваряне дори забива и Explorer......Не знам дали SAS успешно е изтрил заразата,прилагам логовете от DDS: DDS (Ver_2011-09-30.01) - NTFS_AMD64 Internet Explorer: 8.0.7601.17514 Run by Night Rider at 0:38:43 on 2013-01-24 Microsoft Windows 7 Professional 6.1.7601.1.1251.359.1026.18.4094.2896 [GMT 2:00] . AV: COMODO Antivirus *Enabled/Updated* {458BB331-2324-0753-3D5F-1472EB102AC0} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D} FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB} . ============== Running Processes =============== . C:Windowssystem32wininit.exe C:Windowssystem32lsm.exe C:Windowssystem32svchost.exe -k DcomLaunch C:Windowssystem32nvvsvc.exe C:Windowssystem32svchost.exe -k RPCSS C:Program FilesCOMODOCOMODO Internet Securitycmdagent.exe C:Windowssystem32svchost.exe -k NetworkService C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted C:Windowssystem32svchost.exe -k netsvcs C:Windowssystem32svchost.exe -k GPSvcGroup C:Windowssystem32svchost.exe -k LocalService C:Windowssystem32svchost.exe -k LocalServiceNoNetwork C:Program FilesSUPERAntiSpywareSASCORE64.EXE C:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe C:WindowsSysWOW64vmnat.exe C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE C:WindowsSysWOW64vmnetdhcp.exe C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe C:Program Files (x86)Common FilesVMwareUSBvmware-usbarbitrator64.exe C:Windowssystem32SearchIndexer.exe C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation C:Windowssystem32Dwm.exe C:WindowsExplorer.EXE C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe C:Program FilesCOMODOCOMODO Internet Securitycfp.exe C:Program FilesRealtekAudioHDARAVCpl64.exe C:Program Files (x86)RocketDockRocketDock.exe C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe C:Windowssystem32nvvsvc.exe C:Windowssystem32taskhost.exe C:Program Files (x86)MSI AfterburnerMSIAfterburner.exe C:Windowssystem32SearchProtocolHost.exe C:Windowssystem32SearchFilterHost.exe C:Windowssystem32conhost.exe C:Windowssystem32wbemwmiprvse.exe C:WindowsSystem32cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll uRun: [RocketDock] "C:Program Files (x86)RocketDockRocketDock.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:255 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:255 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:PROGRA~2MICROS~1OFFICE11EXCEL.EXE/3000 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} LSP: %windir%system32vsocklib.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: Interfaces{074B130A-393F-4554-B94E-47A32B33EB3C} : NameServer = 198.153.192.40 198.153.194.40 TCP: Interfaces{6FB8467E-F4A1-4D04-AEF9-2E72D92A8709} : NameServer = 198.153.192.40,198.153.194.40 SSODL: WebCheck - <orphaned> LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll x64-Run: [COMODO Internet Security] "C:Program FilesCOMODOCOMODO Internet Securitycfp.exe" -h x64-Run: [RTHDVCPL] C:Program FilesRealtekAudioHDARAVCpl64.exe -s x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:UsersNight RiderAppDataRoamingMozillaFirefoxProfilesre5wl6x8.default FF - plugin: C:Program Files (x86)Microsoft Silverlight5.1.10411.0npctrlui.dll FF - plugin: C:WindowsSysWOW64MacromedFlashNPSWF32_11_5_502_146.dll . ============= SERVICES / DRIVERS =============== . R0 vsock;vSockets Driver;C:WindowsSystem32driversvsock.sys [2012-12-2 70296] R1 cmderd;COMODO Internet Security Eradication Driver;C:WindowsSystem32driverscmderd.sys [2012-11-7 22736] R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:WindowsSystem32driverscmdGuard.sys [2012-11-7 584056] R1 cmdHlp;COMODO Internet Security Helper Driver;C:WindowsSystem32driverscmdhlp.sys [2012-11-7 38144] R1 SASDIFSV;SASDIFSV;C:Program FilesSUPERAntiSpywaresasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:Program FilesSUPERAntiSpywaresaskutil64.sys [2011-7-12 12368] R2 !SASCORE;SAS Core Service;C:Program FilesSUPERAntiSpywareSASCore64.exe [2012-7-11 140672] R2 MBAMScheduler;MBAMScheduler;C:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe [2012-11-30 398184] R2 MBAMService;MBAMService;C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe [2012-11-30 682344] R2 VMUSBArbService;VMware USB Arbitration Service;C:Program Files (x86)Common FilesVMwareUSBvmware-usbarbitrator64.exe [2012-10-11 918680] R3 MBAMProtector;MBAMProtector;C:WindowsSystem32driversmbam.sys [2012-11-30 24176] R3 RTCore64;RTCore64;C:Program Files (x86)MSI AfterburnerRTCore64.sys [2013-1-23 13368] R3 RTL8167;Realtek 8167 NT Driver;C:WindowsSystem32driversRt64win7.sys [2011-6-10 539240] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-11-30 251400] S3 dmvsc;dmvsc;C:WindowsSystem32driversdmvsc.sys [2011-4-12 71168] S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:WindowsSystem32driversL1C62x64.sys [2009-6-10 57344] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:WindowsSystem32driversrdpvideominiport.sys [2012-11-30 19456] S3 StorSvc;Storage Service;C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136] S3 TsUsbFlt;TsUsbFlt;C:WindowsSystem32driversTsUsbFlt.sys [2012-11-30 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:WindowsSystem32driversTsUsbGD.sys [2012-11-30 30208] S3 WatAdminSvc;Услуга на технологиите за активиране на Windows;C:WindowsSystem32WatWatAdminSvc.exe [2012-11-30 1255736] . =============== Created Last 30 ================ . 2013-01-23 15:50:29 16200 ----a-w- C:Windowsstinger.sys 2013-01-23 15:48:21 -------- d-----w- C:Program Files (x86)stinger 2013-01-22 11:13:33 -------- d-----w- C:UsersNight RiderAppDataLocalDiagnostics 2013-01-13 12:38:26 -------- d-----w- C:UsersNight RiderDoctor Web 2013-01-09 09:48:09 800768 ----a-w- C:WindowsSystem32usp10.dll 2013-01-09 09:47:59 51712 ----a-w- C:WindowsSysWow64esrb.rs 2013-01-01 01:15:41 891240 ----a-w- C:WindowsSystem32nvvsvc.exe 2013-01-01 01:15:41 63336 ----a-w- C:WindowsSystem32nvshext.dll 2013-01-01 01:15:41 6200680 ----a-w- C:WindowsSystem32nvcpl.dll 2013-01-01 01:15:41 3536817 ----a-w- C:WindowsSystem32nvcoproc.bin 2013-01-01 01:15:41 3293544 ----a-w- C:WindowsSystem32nvsvc64.dll 2013-01-01 01:15:41 118120 ----a-w- C:WindowsSystem32nvmctray.dll 2013-01-01 01:15:16 -------- d-----w- C:ProgramDataNVIDIA Corporation 2012-12-28 14:16:53 -------- d-----w- C:UsersNight RiderAppDataLocalPrograms . ==================== Find3M ==================== . 2013-01-08 19:52:50 74248 ----a-w- C:WindowsSysWow64FlashPlayerCPLApp.cpl 2013-01-08 19:52:50 697864 ----a-w- C:WindowsSysWow64FlashPlayerApp.exe 2013-01-05 20:56:28 12872 ----a-w- C:WindowsSystem32bootdelete.exe 2012-12-16 17:11:22 46080 ----a-w- C:WindowsSystem32atmlib.dll 2012-12-16 14:45:03 367616 ----a-w- C:WindowsSystem32atmfd.dll 2012-12-16 14:13:28 295424 ----a-w- C:WindowsSysWow64atmfd.dll 2012-12-16 14:13:20 34304 ----a-w- C:WindowsSysWow64atmlib.dll 2012-12-14 14:49:28 24176 ----a-w- C:WindowsSystem32driversmbam.sys 2012-12-07 13:20:16 441856 ----a-w- C:WindowsSystem32Wpc.dll 2012-12-07 13:15:31 2746368 ----a-w- C:WindowsSystem32gameux.dll 2012-12-07 12:26:17 308736 ----a-w- C:WindowsSysWow64Wpc.dll 2012-12-07 12:20:43 2576384 ----a-w- C:WindowsSysWow64gameux.dll 2012-12-07 11:20:04 30720 ----a-w- C:WindowsSystem32usk.rs 2012-12-07 11:20:03 43520 ----a-w- C:WindowsSystem32csrr.rs 2012-12-07 11:20:03 23552 ----a-w- C:WindowsSystem32oflc.rs 2012-12-07 11:20:01 45568 ----a-w- C:WindowsSystem32oflc-nz.rs 2012-12-07 11:20:01 44544 ----a-w- C:WindowsSystem32pegibbfc.rs 2012-12-07 11:20:01 20480 ----a-w- C:WindowsSystem32pegi-fi.rs 2012-12-07 11:20:00 20480 ----a-w- C:WindowsSystem32pegi-pt.rs 2012-12-07 11:19:59 20480 ----a-w- C:WindowsSystem32pegi.rs 2012-12-07 11:19:58 46592 ----a-w- C:WindowsSystem32fpb.rs 2012-12-07 11:19:57 40960 ----a-w- C:WindowsSystem32cob-au.rs 2012-12-07 11:19:57 21504 ----a-w- C:WindowsSystem32grb.rs 2012-12-07 11:19:57 15360 ----a-w- C:WindowsSystem32djctq.rs 2012-12-07 11:19:56 55296 ----a-w- C:WindowsSystem32cero.rs 2012-12-07 11:19:55 51712 ----a-w- C:WindowsSystem32esrb.rs 2012-11-30 05:45:35 362496 ----a-w- C:WindowsSystem32wow64win.dll 2012-11-30 05:45:35 243200 ----a-w- C:WindowsSystem32wow64.dll 2012-11-30 05:45:35 13312 ----a-w- C:WindowsSystem32wow64cpu.dll 2012-11-30 05:45:14 215040 ----a-w- C:WindowsSystem32winsrv.dll 2012-11-30 05:43:12 16384 ----a-w- C:WindowsSystem32ntvdm64.dll 2012-11-30 05:41:07 424448 ----a-w- C:WindowsSystem32KernelBase.dll 2012-11-30 04:54:00 5120 ----a-w- C:WindowsSysWow64wow32.dll 2012-11-30 04:53:59 274944 ----a-w- C:WindowsSysWow64KernelBase.dll 2012-11-30 03:23:48 338432 ----a-w- C:WindowsSystem32conhost.exe 2012-11-30 02:44:06 25600 ----a-w- C:WindowsSysWow64setup16.exe 2012-11-30 02:44:04 7680 ----a-w- C:WindowsSysWow64instnm.exe 2012-11-30 02:44:04 14336 ----a-w- C:WindowsSysWow64ntvdm64.dll 2012-11-30 02:44:03 2048 ----a-w- C:WindowsSysWow64user.exe 2012-11-30 02:38:59 6144 ---ha-w- C:WindowsSysWow64api-ms-win-security-base-l1-1-0.dll 2012-11-30 02:38:59 4608 ---ha-w- C:WindowsSysWow64api-ms-win-core-threadpool-l1-1-0.dll 2012-11-30 02:38:59 3584 ---ha-w- C:WindowsSysWow64api-ms-win-core-xstate-l1-1-0.dll 2012-11-30 02:38:59 3072 ---ha-w- C:WindowsSysWow64api-ms-win-core-util-l1-1-0.dll 2012-11-23 03:26:31 3149824 ----a-w- C:WindowsSystem32win32k.sys 2012-11-23 03:13:57 68608 ----a-w- C:WindowsSystem32taskhost.exe 2012-11-22 04:45:03 626688 ----a-w- C:WindowsSysWow64usp10.dll 2012-11-20 05:48:49 307200 ----a-w- C:WindowsSystem32ncrypt.dll 2012-11-20 04:51:09 220160 ----a-w- C:WindowsSysWow64ncrypt.dll 2012-11-09 05:45:32 750592 ----a-w- C:WindowsSystem32win32spl.dll 2012-11-09 05:45:09 2048 ----a-w- C:WindowsSystem32tzres.dll 2012-11-09 04:43:04 492032 ----a-w- C:WindowsSysWow64win32spl.dll 2012-11-09 04:42:49 2048 ----a-w- C:WindowsSysWow64tzres.dll 2012-11-07 21:38:02 38144 ----a-w- C:WindowsSystem32driverscmdhlp.sys 2012-11-07 21:38:00 584056 ----a-w- C:WindowsSystem32driverscmdGuard.sys 2012-11-07 21:37:58 22736 ----a-w- C:WindowsSystem32driverscmderd.sys 2012-11-07 21:37:38 41240 ----a-w- C:WindowsSystem32cmdcsr.dll 2012-11-07 21:37:36 301264 ----a-w- C:WindowsSysWow64guard32.dll 2012-11-07 21:37:32 390392 ----a-w- C:WindowsSystem32guard64.dll 2012-11-02 05:59:11 478208 ----a-w- C:WindowsSystem32dpnet.dll 2012-11-02 05:11:31 376832 ----a-w- C:WindowsSysWow64dpnet.dll 2012-11-01 05:43:42 2002432 ----a-w- C:WindowsSystem32msxml6.dll 2012-11-01 05:43:42 1882624 ----a-w- C:WindowsSystem32msxml3.dll 2012-11-01 04:47:54 1389568 ----a-w- C:WindowsSysWow64msxml6.dll 2012-11-01 04:47:54 1236992 ----a-w- C:WindowsSysWow64msxml3.dll 2012-11-01 00:35:20 357016 ----a-w- C:WindowsSysWow64vmnetdhcp.exe 2012-11-01 00:35:18 933528 ----a-w- C:WindowsSystem32vnetlib64.dll 2012-11-01 00:34:58 31384 ----a-w- C:WindowsSystem32driversVMparport.sys 2012-11-01 00:34:54 67224 ----a-w- C:WindowsSystem32driversvmx86.sys 2012-11-01 00:34:52 435864 ----a-w- C:WindowsSysWow64vmnat.exe 2012-11-01 00:34:32 30360 ----a-w- C:WindowsSystem32driversvmnetuserif.sys 2012-11-01 00:34:10 62104 ----a-w- C:WindowsSystem32vmnetbridge.dll 2012-11-01 00:34:10 45720 ----a-w- C:WindowsSystem32driversvmnetbridge.sys 2012-11-01 00:34:08 48792 ----a-w- C:WindowsSystem32vnetinst.dll 2012-11-01 00:34:08 24216 ----a-w- C:WindowsSystem32driversvmnet.sys 2012-11-01 00:34:08 20120 ----a-w- C:WindowsSystem32driversvmnetadapter.sys 2012-11-01 00:34:04 32920 ----a-w- C:WindowsSystem32driversVMkbd.sys 2012-10-31 23:02:08 353280 ----a-w- C:WindowsSysWow64vmnc.dll 2012-10-26 17:01:18 237400 ----a-w- C:WindowsSystem32driversVBoxDrv.sys 2012-10-26 16:59:44 119640 ----a-w- C:WindowsSystem32driversVBoxUSBMon.sys 2012-10-26 16:59:44 105816 ----a-w- C:WindowsSystem32driversVBoxUSB.sys . ============= FINISH: 0:39:36,10 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft Windows 7 Professional Boot Device: DeviceHarddiskVolume1 Install Date: 30.11.2012 г. 17:39:34 System Uptime: 23.1.2013 г. 21:31:39 (3 hours ago) . Motherboard: Gigabyte Technology Co., Ltd. | | G31M-ES2C Processor: Intel® Pentium® Dual CPU E2220 @ 2.40GHz | Socket 775 | 3000/250mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 33 GiB total, 19,045 GiB free. D: is FIXED (NTFS) - 200 GiB total, 82,858 GiB free. E: is CDROM () F: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: Description: Device ID: USBVID_EB1A&PID_28205&21E739F&0&8 Manufacturer: Name: PNP Device ID: USBVID_EB1A&PID_28205&21E739F&0&8 Service: . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . µTorrent AC3Filter 2.5b Adobe Flash Player 11 Plugin Auslogics Disk Defrag BurnAware Free 4.5 CCleaner COMODO Internet Security Far Cry 3 HitmanPro 3.7 Malwarebytes Anti-Malware, версия 1.70.0.1100 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Office File Validation Add-In Microsoft Office Professional Edition 2003 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 18.0.1 (x86 bg) MSI Afterburner 2.3.1 NVIDIA Control Panel 306.97 NVIDIA Graphics Driver 306.97 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.12.1031 PowerISO Realtek High Definition Audio Driver RocketDock 1.3.5 Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) SpywareBlaster 4.6 SumatraPDF SUPERAntiSpyware The KMPlayer (remove only) tools-windows Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) VMware Player Windows Live ID Sign-in Assistant WinRAR archiver Wise Disk Cleaner 7.74 . ==== Event Viewer Messages From Past Week ======== . 24.1.2013 г. 00:37:28, Error: Service Control Manager [7034] - Услуга VMware Authorization Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). 23.1.2013 г. 01:30:45, Error: Service Control Manager [7034] - Услуга VMware Authorization Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). 22.1.2013 г. 14:33:53, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service NVSvc with arguments "" in order to run the server: {DCAB0989-1301-4319-BE5F-ADE89F88581C} 22.1.2013 г. 14:33:37, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 22.1.2013 г. 14:33:37, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 22.1.2013 г. 14:33:36, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 22.1.2013 г. 14:33:30, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 22.1.2013 г. 14:33:29, Error: Service Control Manager [7026] - Неуспешно зареждане на следния драйвер, който се активира с включване на компютъра или стартиране на системата: cmdGuard discache SASDIFSV SASKUTIL SCDEmu spldr Wanarpv6 21.1.2013 г. 23:44:04, Error: Service Control Manager [7034] - Услуга VMware Authorization Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). 19.1.2013 г. 20:47:34, Error: Service Control Manager [7034] - Услуга VMware Authorization Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). 18.1.2013 г. 00:08:15, Error: Service Control Manager [7034] - Услуга VMware Authorization Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). . ==== End Of File ===========================
  11. Здравейте,извинявайте че ще ви подосаждам но искам да проверим системата за гадинки.Не знам дали има,не съм забелязал проблеми но за всеки случай. P.S. Ако смятате че всичко това няма смисъл може да изтриете темата. P.S. 2 Впрочем в клетката на Avast има няколго вируса. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:16-08-2014 02 Ran by BAZZINGA (administrator) on BAZZINGA-PC on 16-08-2014 15:19:57 Running from C:UsersBAZZINGADesktop Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Български (България) Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:WindowsSystem32nvvsvc.exe (NVIDIA Corporation) C:Program FilesNVIDIA Corporation3D VisionnvSCPAPISvr.exe (NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe (NVIDIA Corporation) C:WindowsSystem32nvvsvc.exe (AVAST Software) C:Program FilesAVAST SoftwareAvastAvastSvc.exe (Nero AG) C:Program FilesHTCHTC Sync ManagerHSMServiceEntry.exe (NVIDIA Corporation) C:Program FilesNVIDIA CorporationNetServiceNvNetworkService.exe (NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe () C:Program FilesHTCInternet Pass-ThroughPassThruSvr.exe (AVAST Software) C:Program FilesAVAST SoftwareAvastavastui.exe (Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPEnh.exe (ACD Systems) C:Program FilesACD SystemsACDSee Pro7.0acdIDInTouch2.exe (Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPHelper.exe (NVIDIA Corporation) C:Program FilesNVIDIA CorporationUpdate CoreNvBackend.exe () C:Program FilesHTCHTC Sync ManagerHTC Syncadb.exe (NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe (NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe (NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplaynvtray.exe (Microsoft Corporation) C:WindowsSystem32wbemunsecapp.exe (Mozilla Corporation) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation) C:Program FilesMozilla Firefoxplugin-container.exe (Adobe Systems, Inc.) C:WindowsSystem32MacromedFlashFlashPlayerPlugin_14_0_0_179.exe (Adobe Systems, Inc.) C:WindowsSystem32MacromedFlashFlashPlayerPlugin_14_0_0_179.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKUS-1-5-21-700870279-1296939169-955356154-1000...Run: [DAEMON Tools Lite] => C:Program FilesDAEMON Tools LiteDTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKUS-1-5-21-700870279-1296939169-955356154-1000...Run: [AdobeBridge] => [X] ShellIconOverlayIdentifiers: ###MegaShellExtPending -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:ProgramDataMEGAsyncShellExtX32.dll No File ShellIconOverlayIdentifiers: ###MegaShellExtSynced -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:ProgramDataMEGAsyncShellExtX32.dll No File ShellIconOverlayIdentifiers: ###MegaShellExtSyncing -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:ProgramDataMEGAsyncShellExtX32.dll No File ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAVAST SoftwareAvastashShell.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://terra.im/ HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.bgpatch.com HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page Redirect Cache AcceptLangs = bg-BG HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page Redirect Cache_TIMESTAMP = 0x182E3D06399ACF01 HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://terra.im/ SearchScopes: HKCU - DefaultScope {4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE} URL = http://terra.im/search?q={searchTerms} SearchScopes: HKCU - {4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE} URL = http://terra.im/search?q={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll (AVAST Software) DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program FilesCommon FilesSkypeSkype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip..Interfaces{98F5848D-A25A-4B7E-B71D-86E29353AA7C}: [NameServer]212.5.148.1 212.5.149.1 FireFox: ======== FF ProfilePath: C:UsersBAZZINGAAppDataRoamingMozillaFirefoxProfilesjrgn4h8n.default FF Homepage: hxxp://facebook.com/ FF Plugin: @adobe.com/FlashPlayer -> C:Windowssystem32MacromedFlashNPSWF32_14_0_0_179.dll () FF Plugin: @nvidia.com/3DVision -> C:Program FilesNVIDIA Corporation3D Visionnpnv3dv.dll (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:Program FilesNVIDIA Corporation3D Visionnpnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:Program FilesCommon FilesAdobeOOBEPDAppCCMUtilitiesnpAdobeAAMDetect32.dll (Adobe Systems) FF user.js: detected! => C:UsersBAZZINGAAppDataRoamingMozillaFirefoxProfilesjrgn4h8n.defaultuser.js FF SearchPlugin: C:UsersBAZZINGAAppDataRoamingMozillaFirefoxProfilesjrgn4h8n.defaultsearchpluginsdefaultsearch.xml FF SearchPlugin: C:Program Filesmozilla firefoxbrowsersearchplugins911bg.xml FF SearchPlugin: C:Program Filesmozilla firefoxbrowsersearchpluginsdiribg.xml FF SearchPlugin: C:Program Filesmozilla firefoxbrowsersearchpluginspe-bg.xml FF SearchPlugin: C:Program Filesmozilla firefoxbrowsersearchpluginsportalbgdict.xml FF Extension: MEGA - C:UsersBAZZINGAAppDataRoamingMozillaFirefoxProfilesjrgn4h8n.defaultExtensionsfirefox@mega.co.nz.xpi [2014-04-12] FF Extension: Adblock Plus - C:UsersBAZZINGAAppDataRoamingMozillaFirefoxProfilesjrgn4h8n.defaultExtensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-12] FF HKLM...FirefoxExtensions: [wrc@avast.com] - C:Program FilesAVAST SoftwareAvastWebRepFF FF Extension: avast! Online Security - C:Program FilesAVAST SoftwareAvastWebRepFF [2014-04-12] Chrome: ======= CHR HKLM...ChromeExtension: [gomekmidlodglbbmalcneegieacbdmki] - C:Program FilesAVAST SoftwareAvastWebRepChromeaswWebRepChrome.crx [2014-07-21] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:Program FilesAVAST SoftwareAvastAvastSvc.exe [50344 2014-07-21] (AVAST Software) S3 BEService; C:Program FilesCommon FilesBattlEyeBEService.exe [49152 2014-04-13] () [File not signed] R2 HTCMonitorService; C:Program FilesHTCHTC Sync ManagerHSMServiceEntry.exe [87368 2013-11-18] (Nero AG) R2 NvNetworkService; C:Program FilesNVIDIA CorporationNetServiceNvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation) R2 NvStreamSvc; C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe [17536800 2014-07-25] (NVIDIA Corporation) R2 PassThru Service; C:Program FilesHTCInternet Pass-ThroughPassThruSvr.exe [166912 2013-10-17] () [File not signed] S3 SwitchBoard; C:Program FilesCommon FilesAdobeSwitchBoardSwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:Windowssystem32driversaswHwid.sys [24184 2014-07-21] () R2 aswMonFlt; C:Windowssystem32driversaswMonFlt.sys [67824 2014-07-21] (AVAST Software) R1 aswRdr; C:Windowssystem32driversaswRdr2.sys [81768 2014-07-21] (AVAST Software) R0 aswRvrt; C:Windowssystem32DriversaswRvrt.sys [49944 2014-07-21] () R1 aswSnx; C:Windowssystem32driversaswSnx.sys [779536 2014-07-21] (AVAST Software) R1 aswSP; C:Windowssystem32driversaswSP.sys [414520 2014-07-21] (AVAST Software) R2 aswStm; C:Windowssystem32driversaswStm.sys [71944 2014-07-21] (AVAST Software) R0 aswVmm; C:Windowssystem32DriversaswVmm.sys [192352 2014-07-21] () S2 atksgt; C:WindowsSystem32DRIVERSatksgt.sys [279712 2014-08-03] () R1 dtsoftbus01; C:WindowsSystem32DRIVERSdtsoftbus01.sys [243128 2014-04-12] (Disc Soft Ltd) S3 HtcVCom32; C:WindowsSystem32DRIVERSHtcVComV32.sys [105984 2009-10-27] (QUALCOMM Incorporated) R2 lirsgt; C:WindowsSystem32DRIVERSlirsgt.sys [25888 2014-08-03] () R3 NvStreamKms; C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamKms.sys [19232 2014-07-25] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:WindowsSystem32driversnvvad32v.sys [34080 2014-03-31] (NVIDIA Corporation) R1 wStLibG; C:WindowsSystem32driverswStLibG.sys [52920 2014-04-12] (StdLib) S3 EagleXNt; ??C:Windowssystem32driversEagleXNt.sys [X] S3 FairplayKD; ??C:ProgramDataMTA San Andreas AllCommontempFairplayKD.sys [X] U5 UnlockerDriver5; C:Program FilesUnlockerUnlockerDriver5.sys [4096 2010-07-04] () [File not signed] S3 VGPU; System32driversrdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the filefolder will be moved.) 2014-08-16 15:19 - 2014-08-16 15:20 - 00010294 _____ () C:UsersBAZZINGADesktopFRST.txt 2014-08-16 15:19 - 2014-08-16 15:19 - 01093632 _____ (Farbar) C:UsersBAZZINGADesktopFRST.exe 2014-08-16 15:19 - 2014-08-16 15:19 - 00000000 ____D () C:FRST 2014-08-16 06:21 - 2014-08-16 06:21 - 00000699 _____ () C:UsersPublicDesktopApocalyptic World MMO.lnk 2014-08-16 06:21 - 2014-08-16 06:21 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsApocalyptic World MMO 2014-08-16 04:53 - 2014-08-16 04:53 - 00000667 _____ () C:UsersPublicDesktopDeathmatch Z Launcher.lnk 2014-08-16 04:53 - 2014-08-16 04:53 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsDeathmatch Z 2014-08-16 03:26 - 2014-08-16 03:26 - 00000000 ____D () C:UsersBAZZINGADocumentsDMZ 2014-08-16 03:26 - 2014-08-16 03:26 - 00000000 ____D () C:UsersBAZZINGAAppDataLocalDMZ Network 2014-08-15 23:02 - 2014-08-15 23:02 - 00000000 ____D () C:UsersBAZZINGAAppDataRoamingInstallShield 2014-08-15 23:02 - 2014-08-15 23:02 - 00000000 ____D () C:ProgramDataAtheros 2014-08-15 23:02 - 2014-08-15 23:02 - 00000000 ____D () C:Program FilesAtheros 2014-08-15 23:02 - 2009-11-19 10:33 - 00051228 _____ () C:Windowssystem32athrext.cat 2014-08-15 23:02 - 2009-11-06 12:53 - 01227776 _____ (Atheros Communications, Inc.) C:Windowssystem32Driversathr.sys 2014-08-15 23:02 - 2009-11-06 12:53 - 01227776 _____ (Atheros Communications, Inc.) C:Windowssystem32athr.sys 2014-08-15 21:33 - 2014-08-15 21:33 - 00002503 _____ () C:UsersPublicDesktopSkype.lnk 2014-08-15 21:33 - 2014-08-15 21:33 - 00000000 ___RD () C:Program FilesSkype 2014-08-15 21:33 - 2014-08-15 21:33 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsSkype 2014-08-15 21:33 - 2014-08-15 21:33 - 00000000 ____D () C:Program FilesCommon FilesSkype 2014-08-15 06:54 - 2013-04-09 10:46 - 00000000 ____D () C:UsersBAZZINGADesktopBehind Space Of Realities 2013 - American Dream 2014-08-15 04:35 - 2014-08-15 04:35 - 00000000 ____D () C:UsersBAZZINGADocumentsAW 2014-08-15 04:35 - 2014-08-15 04:35 - 00000000 ____D () C:UsersBAZZINGAAppDataLocalAW 2014-08-14 15:14 - 2014-08-16 15:11 - 00002016 _____ () C:Windowssetupact.log 2014-08-14 15:14 - 2014-08-14 15:14 - 00000000 _____ () C:Windowssetuperr.log 2014-08-14 15:13 - 2014-08-16 15:10 - 00013612 _____ () C:WindowsPFRO.log 2014-08-14 03:21 - 2014-08-14 03:21 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsCCleaner 2014-08-14 03:21 - 2014-08-14 03:21 - 00000000 ____D () C:Program FilesCCleaner 2014-08-10 02:39 - 2014-08-16 06:56 - 00000000 ____D () C:ProgramDataMEGAsync 2014-08-10 02:39 - 2014-08-10 02:39 - 00000000 ____D () C:UsersBAZZINGAAppDataLocalMega Limited 2014-08-08 23:31 - 2014-08-08 23:31 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsCromm Cruac 2014-08-08 03:04 - 2014-08-08 22:50 - 00000000 ____D () C:UsersPublicDocumentsS.T.A.L.K.E.R. - Зов Припяти 2014-08-08 03:04 - 2014-08-08 03:04 - 00001137 _____ () C:UsersPublicDesktopS.T.A.L.K.E.R. - Зов Припяти.lnk 2014-08-07 22:47 - 2014-08-07 22:48 - 00000000 ____D () C:UsersBAZZINGADesktopAbsolute_Nature_3_lite_CoP 2014-08-07 22:25 - 2014-08-08 23:29 - 00000000 ____D () C:UsersBAZZINGADesktopSTCoP_Weapon_Pack_(Final) 2014-08-07 20:14 - 2014-08-07 20:15 - 214452778 _____ () C:UsersBAZZINGADesktopSTCoP_Weapon_Pack_(Final).7z 2014-08-06 05:48 - 2014-08-06 05:48 - 00000000 ____D () C:NVIDIA Corporation 2014-08-06 03:46 - 2014-08-06 03:46 - 00000000 ____D () C:UsersBAZZINGAAppDataLocalArktos Entertainment 2014-08-06 02:29 - 2014-08-06 02:29 - 00000000 ____D () C:UsersBAZZINGAAppDataLocalArktos 2014-08-05 22:49 - 2014-08-12 02:43 - 00000000 ____D () C:UsersBAZZINGAAppDataRoamingNVIDIA 2014-08-05 04:50 - 2014-08-05 04:52 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsNVIDIA Corporation 2014-08-05 04:50 - 2014-08-05 04:50 - 00000000 ____D () C:UsersBAZZINGAAppDataLocalNVIDIA 2014-08-05 04:50 - 2014-07-25 17:01 - 01291280 _____ (NVIDIA Corporation) C:Windowssystem32nvspbridge.dll 2014-08-05 04:50 - 2014-07-25 17:01 - 01126480 _____ (NVIDIA Corporation) C:Windowssystem32nvspcap.dll 2014-08-05 04:49 - 2014-08-16 15:10 - 00000000 ____D () C:ProgramDataNVIDIA 2014-08-05 04:49 - 2014-08-05 04:49 - 00000000 ____D () C:Program FilesAGEIA Technologies 2014-08-05 04:49 - 2014-07-02 22:42 - 04389848 _____ (NVIDIA Corporation) C:Windowssystem32nvcpl.dll 2014-08-05 04:49 - 2014-07-02 22:42 - 03063256 _____ (NVIDIA Corporation) C:Windowssystem32nvsvc.dll 2014-08-05 04:49 - 2014-07-02 22:42 - 02556360 _____ (NVIDIA Corporation) C:Windowssystem32nvsvcr.dll 2014-08-05 04:49 - 2014-07-02 22:42 - 00670552 _____ (NVIDIA Corporation) C:Windowssystem32nvvsvc.exe 2014-08-05 04:49 - 2014-07-02 22:42 - 00377288 _____ (NVIDIA Corporation) C:Windowssystem32nvmctray.dll 2014-08-05 04:49 - 2014-07-02 22:42 - 00062936 _____ (NVIDIA Corporation) C:Windowssystem32nvshext.dll 2014-08-05 04:49 - 2014-07-02 20:39 - 00609240 _____ (NVIDIA Corporation) C:Windowssystem32nvStreaming.exe 2014-08-05 04:49 - 2014-07-02 08:14 - 03826628 _____ () C:Windowssystem32nvcoproc.bin 2014-08-05 04:48 - 2014-07-02 23:54 - 00061728 _____ (Khronos Group) C:Windowssystem32OpenCL.dll 2014-08-05 04:45 - 2014-07-03 00:28 - 00895264 _____ (NVIDIA Corporation) C:Windowssystem32nvhdagenco3220103.dll 2014-08-05 04:45 - 2014-07-03 00:28 - 00162592 _____ (NVIDIA Corporation) C:Windowssystem32Driversnvhda32v.sys 2014-08-05 04:45 - 2014-07-03 00:28 - 00028448 _____ (NVIDIA Corporation) C:Windowssystem32nvhdap32.dll 2014-08-05 04:45 - 2014-07-02 23:54 - 24198088 _____ (NVIDIA Corporation) C:Windowssystem32nvoglv32.dll 2014-08-05 04:45 - 2014-07-02 23:54 - 16122344 _____ (NVIDIA Corporation) C:Windowssystem32nvwgf2um.dll 2014-08-05 04:45 - 2014-07-02 23:54 - 15296456 _____ (NVIDIA Corporation) C:Windowssystem32nvcompiler.dll 2014-08-05 04:45 - 2014-07-02 23:54 - 14498552 _____ (NVIDIA Corporation) C:Windowssystem32nvd3dum.dll 2014-08-05 04:45 - 2014-07-02 23:54 - 11283344 _____ (NVIDIA Corporation) C:Windowssystem32nvopencl.dll 2014-08-05 04:45 - 2014-07-02 23:54 - 11222048 _____ (NVIDIA Corporation) C:Windowssystem32nvcuda.dll 2014-08-05 04:45 - 2014-07-02 23:54 - 10681176 _____ (NVIDIA Corporation) C:Windowssystem32Driversnvlddmkm.sys 2014-08-05 04:45 - 2014-07-02 23:54 - 03988952 _____ (NVIDIA Corporation) C:Windowssystem32nvcuvid.dll 2014-08-05 04:45 - 2014-07-02 23:54 - 02814656 _____ (NVIDIA Corporation) C:Windowssystem32nvapi.dll 2014-08-05 04:45 - 2014-07-02 23:54 - 01054552 _____ (NVIDIA Corporation) C:Windowssystem32nvdispco3234052.dll 2014-08-05 04:45 - 2014-07-02 23:54 - 00907552 _____ (NVIDIA Corporation) C:Windowssystem32nvdispgenco3234052.dll 2014-08-05 04:45 - 2014-07-02 23:54 - 00907096 _____ (NVIDIA Corporation) C:Windowssystem32NvIFR.dll 2014-08-05 04:45 - 2014-07-02 23:54 - 00869152 _____ (NVIDIA Corporation) C:Windowssystem32NvFBC.dll 2014-08-05 04:45 - 2014-07-02 23:54 - 00021215 _____ () C:Windowssystem32nvinfo.pb 2014-08-05 04:18 - 2014-03-31 19:42 - 00034760 _____ (NVIDIA Corporation) C:Windowssystem32nvaudcap32v.dll 2014-08-05 04:18 - 2014-03-31 19:42 - 00034080 _____ (NVIDIA Corporation) C:Windowssystem32Driversnvvad32v.sys 2014-08-05 04:13 - 2014-08-05 04:50 - 00000000 ____D () C:Program FilesNVIDIA Corporation 2014-08-03 19:44 - 2014-08-03 19:44 - 00279712 _____ () C:Windowssystem32Driversatksgt.sys 2014-08-03 19:44 - 2014-08-03 19:44 - 00025888 _____ () C:Windowssystem32Driverslirsgt.sys 2014-08-03 01:44 - 2014-08-03 01:45 - 00001790 _____ () C:Windowsunins000.dat 2014-08-03 01:44 - 2014-08-03 01:44 - 00715038 _____ () C:Windowsunins000.exe 2014-08-03 01:44 - 2011-12-07 19:32 - 00216064 _____ ( ) C:Windowssystem32lagarith.dll 2014-08-03 01:38 - 2014-08-03 01:38 - 00000000 ____D () C:UsersBAZZINGAAppDataLocalDxtory Software 2014-08-03 01:38 - 2014-08-03 01:38 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsDxtory2.0 2014-08-03 01:38 - 2014-08-03 01:38 - 00000000 ____D () C:Program FilesExKode 2014-08-03 01:38 - 2014-06-08 22:14 - 02508336 _____ (ExKode Co. Ltd.) C:Windowssystem32DxtoryCodec.dll 2014-08-02 00:02 - 2014-08-02 00:02 - 00000710 _____ () C:UsersPublicDesktopStalkerOnline Launcher.lnk 2014-08-02 00:02 - 2014-08-02 00:02 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsStalker Online BETA 2014-07-31 01:12 - 2014-07-31 01:12 - 00000000 ____D () C:UsersBAZZINGAAppDataLocalApple 2014-07-31 01:12 - 2014-07-31 01:12 - 00000000 ____D () C:ProgramDataApple 2014-07-31 01:07 - 2014-07-31 01:08 - 00000000 ____D () C:UsersBAZZINGAAppDataRoamingYoutube Downloader HD 2014-07-30 15:56 - 2014-07-30 15:56 - 00000000 ____D () C:Program FilesMozilla Firefox 2014-07-28 06:50 - 2014-07-28 06:50 - 00000000 ____D () C:UsersBAZZINGADesktopFD_enb v2.0 by D.I.O.N 2014-07-27 19:59 - 2014-07-27 21:43 - 00000000 ____D () C:UsersBAZZINGADesktopLos Santos LS 2014-07-27 19:22 - 2014-07-27 19:22 - 00000000 ____D () C:UsersBAZZINGADesktopGoogleChromePortable 2014-07-23 01:32 - 2014-07-23 01:32 - 00000000 ____D () C:UsersBAZZINGAAppDataLocalSKIDROW 2014-07-23 01:13 - 2014-07-23 01:13 - 00000000 ____D () C:UsersBAZZINGAAppDataLocal2K Games 2014-07-21 19:16 - 2014-07-21 19:16 - 00043152 _____ (AVAST Software) C:WindowsavastSS.scr 2014-07-20 18:06 - 2014-07-20 18:06 - 00000000 ____D () C:UsersBAZZINGAAppDataRoamingTeamViewer ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the filefolder will be moved.) 2014-08-16 15:20 - 2014-08-16 15:19 - 00010294 _____ () C:UsersBAZZINGADesktopFRST.txt 2014-08-16 15:19 - 2014-08-16 15:19 - 01093632 _____ (Farbar) C:UsersBAZZINGADesktopFRST.exe 2014-08-16 15:19 - 2014-08-16 15:19 - 00000000 ____D () C:FRST 2014-08-16 15:18 - 2009-07-14 07:34 - 00026352 ____H () C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-08-16 15:18 - 2009-07-14 07:34 - 00026352 ____H () C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-08-16 15:14 - 2014-04-13 04:08 - 01648525 _____ () C:WindowsWindowsUpdate.log 2014-08-16 15:11 - 2014-08-14 15:14 - 00002016 _____ () C:Windowssetupact.log 2014-08-16 15:11 - 2014-04-18 18:11 - 00000000 ____D () C:UsersBAZZINGAAppDataLocalHTC MediaHub 2014-08-16 15:10 - 2014-08-14 15:13 - 00013612 _____ () C:WindowsPFRO.log 2014-08-16 15:10 - 2014-08-05 04:49 - 00000000 ____D () C:ProgramDataNVIDIA 2014-08-16 15:10 - 2009-07-14 07:53 - 00000006 ____H () C:WindowsTasksSA.DAT 2014-08-16 06:56 - 2014-08-10 02:39 - 00000000 ____D () C:ProgramDataMEGAsync 2014-08-16 06:33 - 2014-04-12 18:27 - 00000830 _____ () C:WindowsTasksAdobe Flash Player Updater.job 2014-08-16 06:21 - 2014-08-16 06:21 - 00000699 _____ () C:UsersPublicDesktopApocalyptic World MMO.lnk 2014-08-16 06:21 - 2014-08-16 06:21 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsApocalyptic World MMO 2014-08-16 06:03 - 2014-04-12 19:03 - 00000000 ____D () C:UsersBAZZINGAAppDataRoaminguTorrent 2014-08-16 04:53 - 2014-08-16 04:53 - 00000667 _____ () C:UsersPublicDesktopDeathmatch Z Launcher.lnk 2014-08-16 04:53 - 2014-08-16 04:53 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsDeathmatch Z 2014-08-16 03:27 - 2014-04-12 19:50 - 00110296 _____ (Malwarebytes Corporation) C:Windowssystem32DriversMBAMSwissArmy.sys 2014-08-16 03:26 - 2014-08-16 03:26 - 00000000 ____D () C:UsersBAZZINGADocumentsDMZ 2014-08-16 03:26 - 2014-08-16 03:26 - 00000000 ____D () C:UsersBAZZINGAAppDataLocalDMZ Network 2014-08-16 02:00 - 2014-06-16 02:13 - 00000000 ____D () C:UsersBAZZINGAAppDataLocalAdobe 2014-08-15 23:02 - 2014-08-15 23:02 - 00000000 ____D () C:UsersBAZZINGAAppDataRoamingInstallShield 2014-08-15 23:02 - 2014-08-15 23:02 - 00000000 ____D () C:ProgramDataAtheros 2014-08-15 23:02 - 2014-08-15 23:02 - 00000000 ____D () C:Program FilesAtheros 2014-08-15 23:02 - 2014-05-08 17:04 - 00000000 ___HD () C:Program FilesInstallShield Installation Information 2014-08-15 22:08 - 2014-04-12 19:00 - 00000000 ____D () C:UsersBAZZINGAAppDataRoamingSkype 2014-08-15 21:33 - 2014-08-15 21:33 - 00002503 _____ () C:UsersPublicDesktopSkype.lnk 2014-08-15 21:33 - 2014-08-15 21:33 - 00000000 ___RD () C:Program FilesSkype 2014-08-15 21:33 - 2014-08-15 21:33 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsSkype 2014-08-15 21:33 - 2014-08-15 21:33 - 00000000 ____D () C:Program FilesCommon FilesSkype 2014-08-15 21:33 - 2014-04-12 19:00 - 00000000 ____D () C:ProgramDataSkype 2014-08-15 18:46 - 2009-07-14 07:52 - 00000000 ___RD () C:ProgramDataMicrosoftWindowsStart MenuProgramsGames 2014-08-15 18:25 - 2014-04-12 22:33 - 00000000 ____D () C:UsersBAZZINGAAppDataRoamingNotepad++ 2014-08-15 15:20 - 2014-05-06 02:33 - 00000000 ____D () C:UsersBAZZINGAAppDataRoamingnewSI_10 2014-08-15 04:35 - 2014-08-15 04:35 - 00000000 ____D () C:UsersBAZZINGADocumentsAW 2014-08-15 04:35 - 2014-08-15 04:35 - 00000000 ____D () C:UsersBAZZINGAAppDataLocalAW 2014-08-14 23:47 - 2014-04-12 19:57 - 00000000 ____D () C:UsersBAZZINGAAppDataRoamingTS3Client 2014-08-14 15:14 - 2014-08-14 15:14 - 00000000 _____ () C:Windowssetuperr.log 2014-08-14 03:24 - 2014-04-13 05:05 - 00000000 ____D () C:WindowsPanther 2014-08-14 03:24 - 2014-04-12 19:31 - 00000000 ____D () C:UsersBAZZINGAAppDataRoamingDAEMON Tools Lite 2014-08-14 03:21 - 2014-08-14 03:21 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsCCleaner 2014-08-14 03:21 - 2014-08-14 03:21 - 00000000 ____D () C:Program FilesCCleaner 2014-08-14 00:08 - 2014-04-12 18:27 - 00699568 _____ (Adobe Systems Incorporated) C:Windowssystem32FlashPlayerApp.exe 2014-08-14 00:08 - 2014-04-12 18:27 - 00071344 _____ (Adobe Systems Incorporated) C:Windowssystem32FlashPlayerCPLApp.cpl 2014-08-14 00:02 - 2014-05-10 02:07 - 00000000 ____D () C:UsersBAZZINGADocumentsConverted 2014-08-14 00:00 - 2014-04-18 18:20 - 00000000 ____D () C:WindowsMinidump 2014-08-12 20:53 - 2009-07-14 07:33 - 03657824 _____ () C:Windowssystem32FNTCACHE.DAT 2014-08-12 15:41 - 2014-04-12 18:18 - 00069680 _____ () C:UsersBAZZINGAAppDataLocalGDIPFONTCACHEV1.DAT 2014-08-12 02:43 - 2014-08-05 22:49 - 00000000 ____D () C:UsersBAZZINGAAppDataRoamingNVIDIA 2014-08-11 03:15 - 2014-06-13 01:28 - 00000132 _____ () C:UsersBAZZINGAAppDataRoamingAdobe PNG Format CS5 Prefs 2014-08-10 02:39 - 2014-08-10 02:39 - 00000000 ____D () C:UsersBAZZINGAAppDataLocalMega Limited 2014-08-08 23:31 - 2014-08-08 23:31 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsCromm Cruac 2014-08-08 23:29 - 2014-08-07 22:25 - 00000000 ____D () C:UsersBAZZINGADesktopSTCoP_Weapon_Pack_(Final) 2014-08-08 22:50 - 2014-08-08 03:04 - 00000000 ____D () C:UsersPublicDocumentsS.T.A.L.K.E.R. - Зов Припяти 2014-08-08 03:04 - 2014-08-08 03:04 - 00001137 _____ () C:UsersPublicDesktopS.T.A.L.K.E.R. - Зов Припяти.lnk 2014-08-08 03:04 - 2014-05-19 20:47 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsGSC World Publishing 2014-08-07 22:48 - 2014-08-07 22:47 - 00000000 ____D () C:UsersBAZZINGADesktopAbsolute_Nature_3_lite_CoP 2014-08-07 20:15 - 2014-08-07 20:14 - 214452778 _____ () C:UsersBAZZINGADesktopSTCoP_Weapon_Pack_(Final).7z 2014-08-07 19:56 - 2014-04-15 20:12 - 00000000 ____D () C:UsersBAZZINGADocumentsMy Games 2014-08-06 05:48 - 2014-08-06 05:48 - 00000000 ____D () C:NVIDIA Corporation 2014-08-06 03:46 - 2014-08-06 03:46 - 00000000 ____D () C:UsersBAZZINGAAppDataLocalArktos Entertainment 2014-08-06 02:29 - 2014-08-06 02:29 - 00000000 ____D () C:UsersBAZZINGAAppDataLocalArktos 2014-08-06 02:28 - 2014-04-12 21:55 - 00000000 ____D () C:Windowssystem32directx 2014-08-05 09:20 - 2014-04-12 18:31 - 00231584 ____N (Microsoft Corporation) C:Windowssystem32MpSigStub.exe 2014-08-05 04:52 - 2014-08-05 04:50 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsNVIDIA Corporation 2014-08-05 04:51 - 2014-04-12 18:42 - 00000000 ____D () C:UsersBAZZINGAAppDataLocalNVIDIA Corporation 2014-08-05 04:51 - 2014-04-12 18:35 - 00000000 ____D () C:ProgramDataNVIDIA Corporation 2014-08-05 04:50 - 2014-08-05 04:50 - 00000000 ____D () C:UsersBAZZINGAAppDataLocalNVIDIA 2014-08-05 04:50 - 2014-08-05 04:13 - 00000000 ____D () C:Program FilesNVIDIA Corporation 2014-08-05 04:49 - 2014-08-05 04:49 - 00000000 ____D () C:Program FilesAGEIA Technologies 2014-08-05 04:49 - 2009-07-14 05:37 - 00000000 ____D () C:WindowsHelp 2014-08-03 19:44 - 2014-08-03 19:44 - 00279712 _____ () C:Windowssystem32Driversatksgt.sys 2014-08-03 19:44 - 2014-08-03 19:44 - 00025888 _____ () C:Windowssystem32Driverslirsgt.sys 2014-08-03 01:45 - 2014-08-03 01:44 - 00001790 _____ () C:Windowsunins000.dat 2014-08-03 01:44 - 2014-08-03 01:44 - 00715038 _____ () C:Windowsunins000.exe 2014-08-03 01:38 - 2014-08-03 01:38 - 00000000 ____D () C:UsersBAZZINGAAppDataLocalDxtory Software 2014-08-03 01:38 - 2014-08-03 01:38 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsDxtory2.0 2014-08-03 01:38 - 2014-08-03 01:38 - 00000000 ____D () C:Program FilesExKode 2014-08-02 03:29 - 2014-04-16 02:04 - 00000000 ____D () C:UsersBAZZINGADocumentsGTA San Andreas User Files 2014-08-02 00:02 - 2014-08-02 00:02 - 00000710 _____ () C:UsersPublicDesktopStalkerOnline Launcher.lnk 2014-08-02 00:02 - 2014-08-02 00:02 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsStalker Online BETA 2014-08-01 16:06 - 2014-07-08 02:06 - 00000000 ____D () C:UsersBAZZINGAAppDataLocalwf-launcher 2014-08-01 15:50 - 2014-07-08 02:06 - 00000000 ____D () C:ProgramDataGFACE 2014-07-31 01:18 - 2014-06-07 05:40 - 00000000 ____D () C:UsersBAZZINGAAppDataRoamingSony 2014-07-31 01:12 - 2014-07-31 01:12 - 00000000 ____D () C:UsersBAZZINGAAppDataLocalApple 2014-07-31 01:12 - 2014-07-31 01:12 - 00000000 ____D () C:ProgramDataApple 2014-07-31 01:08 - 2014-07-31 01:07 - 00000000 ____D () C:UsersBAZZINGAAppDataRoamingYoutube Downloader HD 2014-07-30 20:54 - 2014-04-12 18:44 - 00000000 ____D () C:Program FilesMozilla Maintenance Service 2014-07-30 15:56 - 2014-07-30 15:56 - 00000000 ____D () C:Program FilesMozilla Firefox 2014-07-28 06:50 - 2014-07-28 06:50 - 00000000 ____D () C:UsersBAZZINGADesktopFD_enb v2.0 by D.I.O.N 2014-07-28 06:07 - 2014-07-05 18:04 - 00000000 ____D () C:UsersBAZZINGADesktopgrass 2014-07-28 01:35 - 2014-04-12 18:27 - 00000000 ____D () C:UsersBAZZINGAAppDataRoamingAdobe 2014-07-27 21:43 - 2014-07-27 19:59 - 00000000 ____D () C:UsersBAZZINGADesktopLos Santos LS 2014-07-27 19:22 - 2014-07-27 19:22 - 00000000 ____D () C:UsersBAZZINGADesktopGoogleChromePortable 2014-07-26 01:20 - 2014-04-30 05:38 - 00000000 ____D () C:UsersBAZZINGADesktopFiles 2014-07-25 17:01 - 2014-08-05 04:50 - 01291280 _____ (NVIDIA Corporation) C:Windowssystem32nvspbridge.dll 2014-07-25 17:01 - 2014-08-05 04:50 - 01126480 _____ (NVIDIA Corporation) C:Windowssystem32nvspcap.dll 2014-07-24 16:09 - 2014-04-12 19:43 - 00000000 ____D () C:ProgramDataOrigin 2014-07-23 01:32 - 2014-07-23 01:32 - 00000000 ____D () C:UsersBAZZINGAAppDataLocalSKIDROW 2014-07-23 01:13 - 2014-07-23 01:13 - 00000000 ____D () C:UsersBAZZINGAAppDataLocal2K Games 2014-07-21 19:17 - 2014-04-12 18:19 - 00414520 _____ (AVAST Software) C:Windowssystem32Driversaswsp.sys 2014-07-21 19:17 - 2014-04-12 18:19 - 00002047 _____ () C:UsersPublicDesktopavast! Free Antivirus.lnk 2014-07-21 19:16 - 2014-07-21 19:16 - 00043152 _____ (AVAST Software) C:WindowsavastSS.scr 2014-07-21 19:16 - 2014-04-30 02:30 - 00024184 _____ () C:Windowssystem32DriversaswHwid.sys 2014-07-21 19:16 - 2014-04-12 18:19 - 00779536 _____ (AVAST Software) C:Windowssystem32Driversaswsnx.sys 2014-07-21 19:16 - 2014-04-12 18:19 - 00276432 _____ (AVAST Software) C:Windowssystem32aswBoot.exe 2014-07-21 19:16 - 2014-04-12 18:19 - 00192352 _____ () C:Windowssystem32DriversaswVmm.sys 2014-07-21 19:16 - 2014-04-12 18:19 - 00081768 _____ (AVAST Software) C:Windowssystem32DriversaswRdr2.sys 2014-07-21 19:16 - 2014-04-12 18:19 - 00071944 _____ (AVAST Software) C:Windowssystem32Driversaswstm.sys 2014-07-21 19:16 - 2014-04-12 18:19 - 00067824 _____ (AVAST Software) C:Windowssystem32DriversaswMonFlt.sys 2014-07-21 19:16 - 2014-04-12 18:19 - 00049944 _____ () C:Windowssystem32DriversaswRvrt.sys 2014-07-21 04:32 - 2014-05-04 04:01 - 00000000 ____D () C:UsersBAZZINGADesktopHRT_Pack_1.3_Enhanced_Edition_manual_installation 2014-07-20 18:06 - 2014-07-20 18:06 - 00000000 ____D () C:UsersBAZZINGAAppDataRoamingTeamViewer 2014-07-20 18:05 - 2014-07-05 19:35 - 00000768 _____ () C:UsersBAZZINGADesktopgta_sa - Пряк път.lnk 2014-07-20 03:36 - 2014-05-04 14:23 - 00000000 ____D () C:UsersBAZZINGADesktopENB Some content of TEMP: ==================== C:UsersBAZZINGAAppDataLocalTempUninstallBGPack.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:Windowsexplorer.exe => File is digitally signed C:Windowssystem32winlogon.exe => File is digitally signed C:Windowssystem32wininit.exe => File is digitally signed C:Windowssystem32svchost.exe => File is digitally signed C:Windowssystem32services.exe => File is digitally signed C:Windowssystem32User32.dll => File is digitally signed C:Windowssystem32userinit.exe => File is digitally signed C:Windowssystem32rpcss.dll => File is digitally signed C:Windowssystem32Driversvolsnap.sys => File is digitally signed LastRegBack: 2014-08-07 23:07 ==================== End Of Log ============================ Addition.txt
  12. Здравейте, от няколко дни когато стартирам фаерфокса като начална страница ми зарежда delta-home, и други които аз не желая.При сканиране с Malwarebytes Anti-Malware откри около 60 проблема.Имам диск. Това е съдържанието на файла от FRST: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2015 Ran by Boriv (administrator) on BORIS on 14-06-2015 08:47:50 Running from C:\Users\Boriv\Desktop Loaded Profiles: Boriv (Available Profiles: Boriv & Hristina) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Английски (Съединени щати) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe (XTab system) C:\Program Files\MiuiTab\ProtectService.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Nitro PDF Software) C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe (TODO: <公司名>) C:\Users\Boriv\AppData\Everything\ServiceEverything.exe (Software 2000 Limited) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE (Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe () C:\Users\Boriv\AppData\Everything\SFKEX.exe () C:\Users\Boriv\AppData\Everything\SearchBase.exe () C:\Users\Boriv\AppData\Everything\everything.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe () C:\Windows\tsnp2std.exe (Sonix) C:\Windows\vsnp2std.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (BitTorrent Inc.) C:\Users\Boriv\AppData\Roaming\uTorrent\uTorrent.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe () C:\Users\Boriv\AppData\Local\Viber\Viber.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Corporation) C:\Windows\System32\icacls.exe (LG Electronics Inc.) C:\Program Files\LG Software\LG Smart Share\Update\SmartShareTray.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2012-06-11] (Realtek Semiconductor) HKLM\...\Run: [tsnp2std] => C:\Windows\tsnp2std.exe [262144 2006-05-22] () HKLM\...\Run: [snp2std] => C:\Windows\vsnp2std.exe [675840 2006-05-15] (Sonix) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKU\S-1-5-21-1421139271-3807526133-746366484-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-1421139271-3807526133-746366484-1001\...\Run: [uTorrent] => C:\Users\Boriv\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-07] (BitTorrent Inc.) HKU\S-1-5-21-1421139271-3807526133-746366484-1001\...\Run: [skype] => C:\Program Files\Skype\Phone\Skype.exe [28785792 2015-06-02] (Skype Technologies S.A.) HKU\S-1-5-21-1421139271-3807526133-746366484-1001\...\Run: [Viber] => C:\Users\Boriv\AppData\Local\Viber\Viber.exe [80036560 2015-05-25] () HKU\S-1-5-18\...\RunOnce: [sPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-12-22] (Microsoft Corporation) Startup: C:\Users\Boriv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Изрязване на екран и стартиране на OneNote 2007.lnk [2015-01-30] ShortcutTarget: Изрязване на екран и стартиране на OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1434011380&z=e5999adf96ef3125d60ea8ag6z7cazbe5g1g7c2bac&from=ient06110&uid=ST3320620AS_9QF8MPW6XXXX9QF8MPW6 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1420138572&from=kmp&uid=ST3320620AS_9QF8MPW6XXXX9QF8MPW6&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1434011380&z=e5999adf96ef3125d60ea8ag6z7cazbe5g1g7c2bac&from=ient06110&uid=ST3320620AS_9QF8MPW6XXXX9QF8MPW6 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1420138572&from=kmp&uid=ST3320620AS_9QF8MPW6XXXX9QF8MPW6&q={searchTerms} HKU\S-1-5-21-1421139271-3807526133-746366484-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=ds&ts=1434011380&z=e5999adf96ef3125d60ea8ag6z7cazbe5g1g7c2bac&from=ient06110&uid=ST3320620AS_9QF8MPW6XXXX9QF8MPW6&q={searchTerms} HKU\S-1-5-21-1421139271-3807526133-746366484-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1434011380&z=e5999adf96ef3125d60ea8ag6z7cazbe5g1g7c2bac&from=ient06110&uid=ST3320620AS_9QF8MPW6XXXX9QF8MPW6 HKU\S-1-5-21-1421139271-3807526133-746366484-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKU\S-1-5-21-1421139271-3807526133-746366484-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1434011380&z=e5999adf96ef3125d60ea8ag6z7cazbe5g1g7c2bac&from=ient06110&uid=ST3320620AS_9QF8MPW6XXXX9QF8MPW6 HKU\S-1-5-21-1421139271-3807526133-746366484-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=ds&ts=1434011380&z=e5999adf96ef3125d60ea8ag6z7cazbe5g1g7c2bac&from=ient06110&uid=ST3320620AS_9QF8MPW6XXXX9QF8MPW6&q={searchTerms} SearchScopes: HKU\S-1-5-21-1421139271-3807526133-746366484-1001 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1421139271-3807526133-746366484-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1421139271-3807526133-746366484-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1421139271-3807526133-746366484-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1421139271-3807526133-746366484-1001 -> {516AB8DC-6CDF-43FA-B250-1817B5F25C5B} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1421139271-3807526133-746366484-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} BHO: LuckyTab Class -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> C:\Program Files\MiuiTab\SupTab.dll No File BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation) Tcpip\..\Interfaces\{3FB6B7E9-CDEE-4B8E-8123-60E10B838DDC}: [NameServer] 46.40.72.9,46.40.72.13 StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1420138572&from=kmp&uid=ST3320620AS_9QF8MPW6XXXX9QF8MPW6 FireFox: ======== FF ProfilePath: C:\Users\Boriv\AppData\Roaming\Mozilla\Firefox\Profiles\lwd4qy02.default FF NewTab: chrome://quick_start/content/index.html FF DefaultSearchEngine: delta-homes FF SelectedSearchEngine: delta-homes FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-03] () FF Plugin: @nitropdf.com/NitroPDF -> C:\Program Files\Nitro\Pro 8\npnitromozilla.dll [2013-07-24] (Nitro PDF) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\diribg.xml [2014-11-26] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\portalbgdict.xml [2014-11-26] FF Extension: QuickSearch - C:\Users\Boriv\AppData\Roaming\Mozilla\Firefox\Profiles\lwd4qy02.default\Extensions\quick_searchff@gmail.com [2015-06-11] FF Extension: Search Enginer - C:\Users\Boriv\AppData\Roaming\Mozilla\Firefox\Profiles\lwd4qy02.default\Extensions\sweetsearch@gmail.com [2015-06-11] FF Extension: signTextJS - C:\Users\Boriv\AppData\Roaming\Mozilla\Firefox\Profiles\lwd4qy02.default\Extensions\jid1-AXn9cXcB4fD1QQ@jetpack.xpi [2015-01-30] FF HKLM\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Users\Boriv\AppData\Roaming\Mozilla\Firefox\Profiles\lwd4qy02.default\extensions\quick_searchff@gmail.com FF HKLM\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\Boriv\AppData\Roaming\Mozilla\Firefox\Profiles\lwd4qy02.default\extensions\sweetsearch@gmail.com ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project) [File not signed] R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project) [File not signed] R2 IHProtect Service; C:\Program Files\MiuiTab\ProtectService.exe [125056 2015-06-11] (XTab system) R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation) R2 NitroDriverReadSpool8; C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe [196616 2013-07-24] (Nitro PDF Software) R2 ServiceEverything; C:\Users\Boriv\AppData\Everything\ServiceEverything.exe [295624 2015-06-11] (TODO: <公司名>) R3 TermService; C:\Windows\System32\termsrv.dll [523776 2014-12-22] (Microsoft Corporation) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-12-22] (Disc Soft Ltd) R3 ip100Avista; C:\Windows\System32\DRIVERS\ipfnd51.sys [31232 2010-11-23] (IC Plus Corp. ) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-06-14] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation) R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [204432 2012-06-05] (Realtek Semiconductor Corp.) R3 SNP2STD; C:\Windows\System32\DRIVERS\snp2sxp.sys [10305280 2006-06-07] () [File not signed] R1 MpKslbf6b7b5a; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1A8B2B79-CB1F-45D6-AF0B-60A3283009D1}\MpKslbf6b7b5a.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-14 08:47 - 2015-06-14 08:49 - 00014291 _____ C:\Users\Boriv\Desktop\FRST.txt 2015-06-14 08:46 - 2015-06-14 08:46 - 00000000 ____D C:\Users\Boriv\Desktop\FRST-OlderVersion 2015-06-14 08:21 - 2015-06-14 08:44 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-06-14 08:20 - 2015-06-14 08:20 - 00001060 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-06-14 08:20 - 2015-06-14 08:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-06-14 08:20 - 2015-06-14 08:20 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-06-14 08:20 - 2015-06-14 08:20 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2015-06-14 08:20 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-06-14 08:20 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-06-14 08:20 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-06-14 08:08 - 2015-06-14 08:08 - 35247384 _____ (Microsoft Corporation) C:\Users\Boriv\Desktop\mpas-fe.exe 2015-06-13 17:32 - 2015-06-13 17:32 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Boriv\Desktop\mbam-setup-2.1.6.1022.exe 2015-06-11 14:50 - 2015-06-11 14:59 - 00852480 _____ C:\Users\Hristina\Desktop\ценоразпис 06-15.xls 2015-06-11 14:10 - 2015-06-14 08:48 - 00000000 ____D C:\FRST 2015-06-11 14:08 - 2015-06-14 08:46 - 01148416 _____ (Farbar) C:\Users\Boriv\Desktop\FRST.exe 2015-06-11 11:30 - 2015-06-14 08:45 - 00000000 ____D C:\Program Files\MiuiTab 2015-06-11 11:30 - 2015-06-14 08:42 - 00000000 ____D C:\Users\Boriv\AppData\Everything 2015-06-11 11:30 - 2015-06-11 11:30 - 00000000 ____D C:\ProgramData\IHProtectUpDate 2015-06-10 20:54 - 2015-06-10 20:54 - 00000000 ____D C:\Users\Boriv\AppData\Roaming\Rovio Entertainment Ltd 2015-06-10 08:45 - 2015-06-10 08:45 - 00001937 _____ C:\Users\Hristina\Desktop\фтб 10.06.xls 2015-06-10 08:44 - 2015-06-10 08:44 - 00006316 _____ C:\Users\Hristina\Desktop\валер 10.06.xls 2015-06-10 06:15 - 2015-05-25 20:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-06-10 06:14 - 2015-06-02 22:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-06-10 06:14 - 2015-05-27 17:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-06-10 06:14 - 2015-05-23 06:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-06-10 06:14 - 2015-05-23 06:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-06-10 06:14 - 2015-05-23 06:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-06-10 06:14 - 2015-05-23 06:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-06-10 06:14 - 2015-05-23 06:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-06-10 06:14 - 2015-05-23 06:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-06-10 06:14 - 2015-05-23 06:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-06-10 06:14 - 2015-05-23 06:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-06-10 06:14 - 2015-05-23 06:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-06-10 06:14 - 2015-05-23 06:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-06-10 06:14 - 2015-05-23 06:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-06-10 06:14 - 2015-05-23 06:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-06-10 06:14 - 2015-05-23 06:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-06-10 06:14 - 2015-05-23 06:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-06-10 06:14 - 2015-05-23 06:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-06-10 06:14 - 2015-05-23 06:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-06-10 06:14 - 2015-05-23 05:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-06-10 06:14 - 2015-05-23 05:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-06-10 06:14 - 2015-05-23 05:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-06-10 06:14 - 2015-05-23 05:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-06-10 06:14 - 2015-05-23 05:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-06-10 06:14 - 2015-05-23 05:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-06-10 06:14 - 2015-05-23 05:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-06-10 06:14 - 2015-05-23 05:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-06-10 06:14 - 2015-05-23 05:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-06-10 06:14 - 2015-05-23 05:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-06-10 06:14 - 2015-05-23 05:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-06-10 06:14 - 2015-05-23 05:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-06-10 06:14 - 2015-05-23 05:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-06-10 06:14 - 2015-05-23 05:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-06-10 06:13 - 2015-05-09 06:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-06-10 06:13 - 2015-05-09 06:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-06-10 06:13 - 2015-05-09 06:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-06-10 06:13 - 2015-05-09 06:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-06-10 06:13 - 2015-05-09 06:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 04:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 04:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 04:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-06-10 06:13 - 2015-05-09 04:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-06-10 06:13 - 2015-04-29 21:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-06-10 06:13 - 2015-04-29 21:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-06-10 06:13 - 2015-04-29 21:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-06-10 06:13 - 2015-04-29 21:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-06-10 06:13 - 2015-04-29 21:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-06-10 06:13 - 2015-04-24 20:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-06-03 08:54 - 2015-06-03 08:54 - 00006867 _____ C:\Users\Hristina\Desktop\валери 04.06.xls 2015-06-03 08:50 - 2015-06-03 08:53 - 00002312 _____ C:\Users\Hristina\Desktop\фтб 04.06.xls 2015-06-02 19:26 - 2015-06-04 07:39 - 00000000 ____D C:\Program Files\Mozilla Firefox 2015-05-28 19:54 - 2015-05-28 19:54 - 00000000 ____D C:\Users\Boriv\Documents\My Games 2015-05-28 19:54 - 2015-05-28 19:54 - 00000000 ____D C:\ProgramData\Steam 2015-05-28 19:54 - 2015-05-28 19:54 - 00000000 ____D C:\ProgramData\Package Cache 2015-05-28 19:54 - 2015-05-28 19:54 - 00000000 ____D C:\ProgramData\Codemasters 2015-05-28 19:53 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2015-05-28 19:53 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2015-05-28 19:53 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2015-05-28 19:53 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2015-05-28 19:53 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2015-05-28 19:53 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2015-05-28 19:53 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2015-05-28 19:53 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2015-05-28 19:53 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2015-05-28 19:53 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2015-05-28 19:53 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2015-05-28 19:53 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2015-05-28 19:53 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2015-05-28 19:53 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2015-05-28 19:53 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2015-05-28 19:53 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2015-05-28 19:53 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2015-05-28 19:53 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2015-05-28 19:53 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2015-05-28 19:53 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2015-05-28 19:53 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2015-05-28 19:53 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2015-05-28 19:53 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2015-05-28 19:53 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2015-05-28 19:53 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll 2015-05-28 19:53 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll 2015-05-28 19:53 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2015-05-28 19:53 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2015-05-28 19:53 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2015-05-28 19:53 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2015-05-28 19:53 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2015-05-28 19:53 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2015-05-28 19:53 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2015-05-28 19:53 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2015-05-28 19:53 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2015-05-28 19:53 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2015-05-28 19:53 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2015-05-28 19:53 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll 2015-05-28 19:53 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2015-05-28 19:53 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2015-05-28 19:53 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2015-05-28 19:53 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2015-05-28 19:53 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2015-05-28 19:53 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2015-05-28 19:53 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2015-05-28 19:53 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2015-05-28 19:53 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2015-05-28 19:53 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2015-05-28 19:53 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2015-05-28 19:53 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2015-05-28 19:53 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2015-05-28 19:53 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2015-05-28 19:53 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2015-05-28 19:53 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2015-05-28 19:53 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2015-05-28 19:53 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2015-05-28 19:53 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2015-05-28 19:53 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2015-05-28 19:53 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2015-05-28 19:53 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2015-05-28 19:53 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2015-05-28 19:53 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2015-05-28 19:53 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2015-05-28 19:53 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2015-05-28 19:53 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2015-05-28 19:53 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2015-05-28 19:53 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2015-05-28 19:53 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2015-05-28 19:53 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2015-05-28 19:53 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2015-05-28 19:53 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2015-05-28 19:53 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2015-05-28 19:53 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2015-05-28 19:53 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2015-05-28 19:53 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2015-05-28 19:53 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2015-05-28 19:53 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2015-05-28 19:53 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2015-05-28 19:53 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2015-05-28 19:53 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2015-05-28 19:53 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2015-05-28 19:53 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2015-05-28 19:53 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2015-05-28 19:53 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2015-05-28 19:53 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2015-05-28 19:53 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2015-05-28 19:52 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2015-05-28 19:52 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2015-05-28 19:52 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2015-05-28 19:52 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2015-05-28 19:52 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2015-05-28 08:11 - 2015-05-28 19:53 - 00000000 ____D C:\Windows\system32\directx 2015-05-28 08:10 - 2015-05-28 08:10 - 00000649 _____ C:\Users\Boriv\Desktop\GRID Autosport.lnk 2015-05-28 08:10 - 2015-05-28 08:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRID Autosport 2015-05-27 18:22 - 2015-05-27 18:23 - 00000000 ____D C:\Users\Hristina\Desktop\Стари данни Firefox 2015-05-25 14:28 - 2015-05-25 14:33 - 202332568 _____ C:\Users\Boriv\Desktop\555555.rar ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-14 08:50 - 2014-12-22 01:36 - 00000000 ____D C:\Users\Boriv\AppData\Roaming\uTorrent 2015-06-14 08:47 - 2014-12-22 10:12 - 01712113 _____ C:\Windows\WindowsUpdate.log 2015-06-14 08:46 - 2015-02-14 12:43 - 00000000 ____D C:\Users\Boriv\AppData\Roaming\ViberPC 2015-06-14 08:46 - 2014-12-24 14:11 - 00000000 ____D C:\Users\Boriv\AppData\Roaming\Skype 2015-06-14 08:44 - 2014-12-22 00:33 - 00009196 _____ C:\Windows\PFRO.log 2015-06-14 08:44 - 2009-07-14 07:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-06-14 08:44 - 2009-07-14 07:39 - 00031317 _____ C:\Windows\setupact.log 2015-06-13 21:28 - 2009-07-14 07:34 - 00022448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-06-13 21:28 - 2009-07-14 07:34 - 00022448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-06-13 18:31 - 2014-12-22 02:12 - 00000000 ____D C:\ProgramData\firebird 2015-06-13 16:57 - 2014-12-22 21:13 - 00007597 _____ C:\Users\Boriv\AppData\Local\Resmon.ResmonCfg 2015-06-12 14:01 - 2014-12-24 09:41 - 00000000 __SHD C:\Users\Boriv\AppData\Local\EmieUserList 2015-06-12 14:01 - 2014-12-24 09:41 - 00000000 __SHD C:\Users\Boriv\AppData\Local\EmieSiteList 2015-06-12 14:01 - 2014-12-24 09:41 - 00000000 __SHD C:\Users\Boriv\AppData\Local\EmieBrowserModeList 2015-06-11 17:28 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\system32\NDF 2015-06-11 15:02 - 2015-01-07 10:13 - 00000000 ____D C:\Users\Hristina\AppData\Roaming\Skype 2015-06-11 11:29 - 2015-01-01 22:00 - 00000000 ____D C:\ProgramData\IePluginServices 2015-06-11 11:29 - 2014-12-22 00:37 - 00001411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-06-11 11:29 - 2014-12-22 00:37 - 00001399 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-06-11 11:29 - 2014-12-22 00:17 - 00001707 _____ C:\Users\Boriv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-06-11 07:57 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\rescache 2015-06-11 07:06 - 2009-07-14 07:33 - 00414560 _____ C:\Windows\system32\FNTCACHE.DAT 2015-06-11 07:04 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\system32\bg-BG 2015-06-10 23:45 - 2014-12-22 01:25 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-06-10 23:44 - 2014-12-22 00:38 - 00000000 ____D C:\Windows\system32\MRT 2015-06-10 23:40 - 2014-12-22 00:38 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-06-06 07:32 - 2014-12-24 14:10 - 00000000 ____D C:\ProgramData\Skype 2015-06-04 07:39 - 2014-12-22 00:37 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-06-03 06:55 - 2014-12-22 01:29 - 00000000 ____D C:\Users\Boriv\AppData\Local\Adobe 2015-06-03 06:53 - 2014-12-22 01:31 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-06-03 06:53 - 2014-12-22 01:31 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-06-02 22:35 - 2015-01-01 21:52 - 00000000 ____D C:\The KMPlayer 2015-06-02 22:11 - 2014-12-22 00:21 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI 2015-06-02 11:22 - 2015-02-17 12:06 - 00086016 _____ C:\Users\Hristina\Desktop\OT4ET MAGAZIN 2015.xls 2015-05-29 09:08 - 2015-02-14 12:43 - 00000993 _____ C:\Users\Boriv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk 2015-05-29 09:08 - 2015-02-14 12:43 - 00000985 _____ C:\Users\Boriv\Desktop\Viber.lnk 2015-05-29 09:08 - 2015-02-14 12:43 - 00000000 ____D C:\Users\Boriv\AppData\Local\Viber 2015-05-28 19:52 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\Microsoft.NET 2015-05-26 21:21 - 2015-04-02 18:01 - 195762745 _____ C:\Users\Boriv\Desktop\Navteq_Greece_2014.09.rar 2015-05-20 12:35 - 2015-05-14 22:50 - 00000000 ____D C:\Users\Boriv\AppData\Roaming\Nitro PDF 2015-05-18 10:49 - 2015-04-22 18:28 - 00000000 ____D C:\Users\Boriv\Desktop\Scener ==================== Files in the root of some directories ======= 2014-12-22 21:13 - 2015-06-13 16:57 - 0007597 _____ () C:\Users\Boriv\AppData\Local\Resmon.ResmonCfg Some files in TEMP: ==================== C:\Users\Boriv\AppData\Local\Temp\bitool.dll C:\Users\Boriv\AppData\Local\Temp\InitBDE.exe C:\Users\Boriv\AppData\Local\Temp\KMP_3.9.1.131.exe C:\Users\Boriv\AppData\Local\Temp\ose00000.exe C:\Users\Boriv\AppData\Local\Temp\SimBundD.exe C:\Users\Boriv\AppData\Local\Temp\SkypeSetup.exe C:\Users\Hristina\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-13 14:34 ==================== End of log ============================ Addition.txt
  13. Здравейте отново, този път става въпрос за служебния компютър /стара машинка/. Работи много бавно, блокирани страници доста често. Знам, че има някакъв проблем, но какъв точно не ми е ясно. Разчитам с ваша помощ поне малко да го посъживим. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-09-30.01).Microsoft Windows XP ProfessionalBoot Device: DeviceHarddiskVolume1Install Date: 7/27/2008 3:28:55 PMSystem Uptime: 11/27/2013 8:03:07 AM (2 hours ago).Motherboard: Gigabyte Technology Co., Ltd. | | 8I845GVMRZProcessor: Intel® Celeron® CPU 1.70GHz | Socket 478 | 1716/100mhz.==== Disk Partitions =========================.A: is RemovableC: is FIXED (NTFS) - 75 GiB total, 62.996 GiB free.D: is CDROM ()E: is CDROM ()N: is NetworkDisk (NTFS) - 194 GiB total, 98.003 GiB free..==== Disabled Device Manager Items =============.Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}Description: Multimedia Audio ControllerDevice ID: PCIVEN_8086&DEV_24C5&SUBSYS_A0021458&REV_023&13C0B0C5&0&FDManufacturer:Name: Multimedia Audio ControllerPNP Device ID: PCIVEN_8086&DEV_24C5&SUBSYS_A0021458&REV_023&13C0B0C5&0&FDService:.Class GUID: {50906CB8-BA12-11D1-BF5D-0000F805F530}Description:Device ID: ROOTMULTIPORTSERIAL0000Manufacturer:Name:PNP Device ID: ROOTMULTIPORTSERIAL0000Service:.==== System Restore Points ===================.RP1222: 11/18/2013 11:21:51 AM - Контролна точка на систематаRP1223: 11/19/2013 11:56:03 AM - Контролна точка на систематаRP1224: 11/20/2013 12:07:11 PM - Контролна точка на систематаRP1225: 11/21/2013 12:24:54 PM - Контролна точка на систематаRP1226: 11/22/2013 12:59:12 PM - Контролна точка на систематаRP1227: 11/25/2013 10:36:58 AM - Контролна точка на систематаRP1228: 11/26/2013 12:25:47 PM - Контролна точка на системата.==== Installed Programs ======================.ЗБУТ+ (Версия 2.11)Adobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader X (10.1.8)Avira Free AntivirusFar ManagerGoogle Toolbar for Internet ExplorerGoogle Update HelperHigh Definition Audio Driver Package - KB835221Hotfix for Windows Media Format 11 SDK (KB929399)Hotfix for Windows Media Player 11 (KB939683)Hotfix for Windows XP (KB952287)Hotfix for Windows XP (KB976002-v5)Intel® Extreme Graphics DriverMalwarebytes Anti-Malware, версия 1.75.0.1300Microsoft Base Smart Card Cryptographic Service Provider PackageMicrosoft Compression Client Pack 1.0 for Windows XPMicrosoft Internationalized Domain Names Mitigation APIsMicrosoft National Language Support Downlevel APIsMicrosoft Office Professional Edition 2003Microsoft User-Mode Driver Framework Feature Pack 1.0Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Mozilla Firefox 25.0.1 (x86 bg)Mozilla Maintenance ServiceMSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Pervasive System AnalyzerSecurity Update for Microsoft Windows (KB2564958)Security Update for Windows Internet Explorer 7 (KB2870699)Security Update for Windows Media Player (KB2378111)Security Update for Windows Media Player (KB2834904-v2)Security Update for Windows Media Player (KB952069)Security Update for Windows Media Player (KB954155)Security Update for Windows Media Player (KB973540)Security Update for Windows Media Player (KB975558)Security Update for Windows Media Player (KB978695)Security Update for Windows Media Player 11 (KB954154)Security Update for Windows XP (KB2115168)Security Update for Windows XP (KB2229593)Security Update for Windows XP (KB2296011)Security Update for Windows XP (KB2347290)Security Update for Windows XP (KB2387149)Security Update for Windows XP (KB2393802)Security Update for Windows XP (KB2419632)Security Update for Windows XP (KB2423089)Security Update for Windows XP (KB2440591)Security Update for Windows XP (KB2443105)Security Update for Windows XP (KB2478960)Security Update for Windows XP (KB2478971)Security Update for Windows XP (KB2479943)Security Update for Windows XP (KB2481109)Security Update for Windows XP (KB2483185)Security Update for Windows XP (KB2485663)Security Update for Windows XP (KB2506212)Security Update for Windows XP (KB2507938)Security Update for Windows XP (KB2508429)Security Update for Windows XP (KB2509553)Security Update for Windows XP (KB2510581)Security Update for Windows XP (KB2535512)Security Update for Windows XP (KB2536276-v2)Security Update for Windows XP (KB2544893-v2)Security Update for Windows XP (KB2566454)Security Update for Windows XP (KB2570947)Security Update for Windows XP (KB2584146)Security Update for Windows XP (KB2585542)Security Update for Windows XP (KB2592799)Security Update for Windows XP (KB2598479)Security Update for Windows XP (KB2603381)Security Update for Windows XP (KB2618451)Security Update for Windows XP (KB2619339)Security Update for Windows XP (KB2620712)Security Update for Windows XP (KB2631813)Security Update for Windows XP (KB2653956)Security Update for Windows XP (KB2655992)Security Update for Windows XP (KB2659262)Security Update for Windows XP (KB2661637)Security Update for Windows XP (KB2676562)Security Update for Windows XP (KB2686509)Security Update for Windows XP (KB2691442)Security Update for Windows XP (KB2698365)Security Update for Windows XP (KB2705219-v2)Security Update for Windows XP (KB2712808)Security Update for Windows XP (KB2719985)Security Update for Windows XP (KB2723135-v2)Security Update for Windows XP (KB2727528)Security Update for Windows XP (KB2753842-v2)Security Update for Windows XP (KB2757638)Security Update for Windows XP (KB2758857)Security Update for Windows XP (KB2770660)Security Update for Windows XP (KB2780091)Security Update for Windows XP (KB2802968)Security Update for Windows XP (KB2807986)Security Update for Windows XP (KB2813345)Security Update for Windows XP (KB2820197)Security Update for Windows XP (KB2820917)Security Update for Windows XP (KB2834886)Security Update for Windows XP (KB2845187)Security Update for Windows XP (KB2849470)Security Update for Windows XP (KB2850869)Security Update for Windows XP (KB2859537)Security Update for Windows XP (KB2864063)Security Update for Windows XP (KB2876217)Security Update for Windows XP (KB2876315)Security Update for Windows XP (KB923561)Security Update for Windows XP (KB941569)Security Update for Windows XP (KB946648)Security Update for Windows XP (KB950760)Security Update for Windows XP (KB950762)Security Update for Windows XP (KB950974)Security Update for Windows XP (KB951376-v2)Security Update for Windows XP (KB951698)Security Update for Windows XP (KB952004)Security Update for Windows XP (KB952954)Security Update for Windows XP (KB956572)Security Update for Windows XP (KB956802)Security Update for Windows XP (KB956844)Security Update for Windows XP (KB959426)Security Update for Windows XP (KB960803)Security Update for Windows XP (KB960859)Security Update for Windows XP (KB969059)Security Update for Windows XP (KB971657)Security Update for Windows XP (KB972270)Security Update for Windows XP (KB973507)Security Update for Windows XP (KB973869)Security Update for Windows XP (KB973904)Security Update for Windows XP (KB974112)Security Update for Windows XP (KB974318)Security Update for Windows XP (KB974392)Security Update for Windows XP (KB974571)Security Update for Windows XP (KB975025)Security Update for Windows XP (KB975560)Security Update for Windows XP (KB975713)Security Update for Windows XP (KB977816)Security Update for Windows XP (KB977914)Security Update for Windows XP (KB978338)Security Update for Windows XP (KB978542)Security Update for Windows XP (KB978706)Security Update for Windows XP (KB979309)Security Update for Windows XP (KB979482)Security Update for Windows XP (KB979687)Security Update for Windows XP (KB981997)Security Update for Windows XP (KB982132)Security Update for Windows XP (KB982665)Skype™ 6.0Update for Microsoft Windows (KB971513)Update for Windows XP (KB2492386)Update for Windows XP (KB2749655)Update for Windows XP (KB2808679)Update for Windows XP (KB2863058)Update for Windows XP (KB898461)Update for Windows XP (KB942763)Update for Windows XP (KB951978)Update for Windows XP (KB968389)Update for Windows XP (KB971029)Update for Windows XP (KB973815)WebFldrs XPWindows Internet Explorer 7Windows Internet Explorer 7 Language Interface Pack (BGR)Windows Media Format 11 runtimeWindows Media Player 11Xerox Phaser 3124Yahoo! Toolbar.==== Event Viewer Messages From Past Week ========.11/26/2013 8:24:07 AM, error: Service Control Manager [7031] - The Avira Real-Time Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.11/26/2013 8:24:05 AM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.11/21/2013 7:55:09 AM, error: Service Control Manager [7000] - The SecureUpdate service failed to start due to the following error: The system cannot find the file specified..==== End Of File ===========================Internet Explorer: 7.0.5730.13Run by Administrator at 10:14:27 on 2013-11-27Microsoft Windows XP Professional 5.1.2600.3.1251.359.1033.18.247.28 [GMT 2:00].AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}.============== Running Processes ================.C:WINDOWSsystem32spoolsv.exeC:Program FilesAviraAntiVir Desktopsched.exeC:Program FilesAviraAntiVir Desktopavguard.exeC:WINDOWSExplorer.EXEC:WINDOWSXeroxPanelMgrSSMMgr.exeC:WINDOWSsystem32igfxtray.exeC:WINDOWSsystem32hkcmd.exeC:Program FilesAviraAntiVir Desktopavgnt.exeC:WINDOWSsystem32ctfmon.exeC:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exeC:Program FilesAviraAntiVir Desktopavshadow.exeC:Program FilesAviraAntiVir DesktopAVWEBGRD.EXEC:Program FilesMozilla Firefoxfirefox.exeC:Program FilesMicrosoft OfficeOFFICE11WINWORD.EXEC:Program FilesMozilla Firefoxplugin-container.exeC:WINDOWSsystem32wbemwmiprvse.exeC:WINDOWSSystem32svchost.exe -k netsvcsC:WINDOWSsystem32svchost.exe -k NetworkServiceC:WINDOWSsystem32svchost.exe -k LocalService.============== Pseudo HJT Report ===============.uStart Page = hxxp://www.google.comuProxyServer = :0BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogle toolbarGoogleToolbar_32.dllBHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:program filesgooglegoogletoolbarnotifier5.7.9012.1008swg.dllBHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:program filesyahoo!companioninstallscpnYTSingleInstance.dllTB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:program filesgooglegoogle toolbarGoogleToolbar_32.dllTB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogle toolbarGoogleToolbar_32.dlluRun: [CTFMON.EXE] c:windowssystem32ctfmon.exeuRun: [swg] "c:program filesgooglegoogletoolbarnotifierGoogleToolbarNotifier.exe"mRun: [Xerox PanelMgr] c:windowsxeroxpanelmgrSSMMgr.exe /autorunmRun: [igfxTray] c:windowssystem32igfxtray.exemRun: [HotKeysCmds] c:windowssystem32hkcmd.exemRun: [Adobe ARM] "c:program filescommon filesadobearm1.0AdobeARM.exe"mRun: [avgnt] "c:program filesaviraantivir desktopavgnt.exe" /mindRun: [CTFMON.EXE] c:windowssystem32CTFMON.EXEStartupFolder: c:docume~1admini~1startm~1programsstartuplogon~1.lnk - c:logon.batuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-System: EnableLUA = dword:0mPolicies-Explorer: NoDriveTypeAutoRun = dword:145IE: E&xport to Microsoft Excel - c:progra~1micros~2office11EXCEL.EXE/3000IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:program filesmessengermsmsgs.exeLSP: c:program filesaviraantivir desktopavsda.dll.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option...INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option..DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabTCP: Interfaces{CADD7416-CDF9-4569-8EF7-BF724102282C} : NameServer = 192.168.1.1Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:program filescommon filesskypeSkype4COM.dllNotify: igfxcui - igfxsrvc.dllNotify: winwrv32 - winwrv32.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:windowssystem32WPDShServiceObj.dll.================= FIREFOX ===================.FF - ProfilePath - c:documents and settingsadministratorapplication datamozillafirefoxprofilesh9uxtbey.defaultFF - prefs.js: browser.search.selectedEngine - Ask.comFF - prefs.js: browser.startup.homepage - hxxps://www.google.bg/FF - prefs.js: network.proxy.type - 0FF - plugin: c:program filesadobereader 10.0readerairnppdf32.dllFF - plugin: c:program filesgoogleupdate1.3.21.165npGoogleUpdate3.dllFF - plugin: c:windowssystem32macromedflashNPSWF32_11_9_900_117.dll.============= SERVICES / DRIVERS ===============.R1 avkmgr;avkmgr;c:windowssystem32driversavkmgr.sys [2013-5-29 37352]R2 AntiVirSchedulerService;Avira Scheduler;c:program filesaviraantivir desktopsched.exe [2013-5-29 440376]R2 AntiVirService;Avira Real-Time Protection;c:program filesaviraantivir desktopavguard.exe [2013-5-29 440376]R2 AntiVirWebService;Avira Web Protection;c:program filesaviraantivir desktopavwebgrd.exe [2013-5-29 1164360]R2 avgntflt;avgntflt;c:windowssystem32driversavgntflt.sys [2013-5-29 90400]S2 gupdate;Google Update Service (gupdate);c:program filesgoogleupdateGoogleUpdate.exe [2010-9-10 136176]S2 SecureUpdateSvc;SecureUpdate;c:program filessecure speed dialiesecureupdate.exe --> c:program filessecure speed dialieSecureUpdate.exe [?]S2 SkypeUpdate;Skype Updater;c:program filesskypeupdaterUpdater.exe [2012-11-9 160944]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:windowssystem32macromedflashFlashPlayerUpdateService.exe [2012-8-17 257416]S3 AVPsys;AVPsys;??c:windowssystem32driverscdaudio.sys --> c:windowssystem32driverscdaudio.sys [?]S3 dac970nt;dac970nt;??c:windowssystem32driversvlsknl.sys --> c:windowssystem32driversvlsknl.sys [?]S3 DIGIRPS;Digi PortServer Driver;c:windowssystem32driversdigirlpt.sys [2012-6-4 42432]S3 gupdatem;Google Update Service (gupdatem);c:program filesgoogleupdateGoogleUpdate.exe [2010-9-10 136176]S3 MozillaMaintenance;Mozilla Maintenance Service;c:program filesmozilla maintenance servicemaintenanceservice.exe [2012-9-6 119408].=============== Created Last 30 ================..==================== Find3M ====================.2013-11-19 12:23:41 90400 ----a-w- c:windowssystem32driversavgntflt.sys2013-11-19 12:23:41 37352 ----a-w- c:windowssystem32driversavkmgr.sys2013-10-28 06:02:56 356556 ----a-w- c:windowssystem32PerfStringBackup.TMP2013-10-10 06:39:11 692616 ----a-w- c:windowssystem32FlashPlayerApp.exe2013-10-10 06:39:08 71048 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl.============= FINISH: 10:15:28.40 =============== И това съобщение се появява отскоро, защо ? zaet sarvar.ppt
  14. преди 4 дена имах хакерска атака и ми напълниха и компа с вируси и исписва някакви грешки при пускане DDS (Ver_2011-09-30.01) - NTFS_AMD64Internet Explorer: 9.11.9600.16428Run by TheReaver at 16:00:18 on 2013-12-25Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1026.18.8167.4962 [GMT 2:00].SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:Windowssystem32wininit.exeC:Windowssystem32lsm.exeC:Windowssystem32svchost.exe -k DcomLaunchC:Program Files (x86)Common FilesCOMODOlauncher_service.exeC:Windowssystem32svchost.exe -k RPCSSC:Windowssystem32atiesrxx.exeC:WindowsSystem32svchost.exe -k LocalServiceNetworkRestrictedC:WindowsSystem32svchost.exe -k LocalSystemNetworkRestrictedC:Windowssystem32svchost.exe -k LocalServiceC:Windowssystem32svchost.exe -k netsvcsC:Windowssystem32svchost.exe -k GPSvcGroupC:WindowsSysWOW64fsproflt2.exeC:Windowssystem32atieclxx.exeC:Windowssystem32svchost.exe -k NetworkServiceC:WindowsSystem32spoolsv.exeC:Windowssystem32svchost.exe -k LocalServiceNoNetworkD:xamppapachebinhttpd.exeC:Program Files (x86)ComodoDragondragon_updater.exeC:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonationD:xamppfilezillaftpfilezillaserver.exeC:Program Files (x86)Common FilesCOMODOGeekBuddyRSP.exeC:Program FilesHide Folders 2012hf.exeC:Windowssystem32taskhost.exeC:Windowssystem32Dwm.exeC:Program FilesMicrosoft SQL ServerMSSQL10_50.MSSQLSERVERMSSQLBinnsqlservr.exeC:WindowsExplorer.EXED:xamppapachebinhttpd.exeC:Windowssystem32taskeng.exeC:Program Files (x86)ASRock UtilityAXTUBinAsrXTU.exeC:Program FilesRealtekAudioHDARAVCpl64.exeC:Windowsvmsnap3.exeC:WindowsDomino.exeC:UsersTheReaverAppDataRoamingSearch ProtectionSearchProtection.exeC:UsersTheReaverAppDataRoaminguTorrentuTorrent.exeC:Program Files (x86)IM Magicianvicamon.exeC:Program Files (x86)IM Magicianvmonproc.exeC:Program Files (x86)AdTrustMediaPrivDog1.8.0.18trustedadssvc.exeC:Program Files (x86)Common FilesCOMODOGeekBuddyRSP.exeC:Program FilesCOMODOGeekBuddyunit_manager.exeC:Program FilesCOMODOGeekBuddyunit.exeC:Program Files (x86)RelevantKnowledgerlservice.exeC:WindowsSysWOW64rserver30RServer3.exeC:Program FilesMicrosoft SQL Server90Sharedsqlwriter.exeC:Windowssystem32svchost.exe -k imgsvcC:WindowsSysWOW64rserver30FamItrfc.ExeC:WindowsSysWOW64rserver30FamItrfc.ExeC:Program Files (x86)TeamViewerVersion9TeamViewer_Service.exeC:Windowssystem32SearchIndexer.exeC:Windowssystem32wbemwmiprvse.exeC:Program Files (x86)RelevantKnowledgerlvknlg.exeC:Windowssystem32wbemunsecapp.exeC:PROGRA~2RELEVA~1rlvknlg64.exeC:PROGRA~2RELEVA~1rlvknlg32.exeC:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exeC:WindowsSystem32svchost.exe -k secsvcsC:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exeC:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_9_900_170.exeC:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_9_900_170.exeD:CS 1.6 SERVERSDeathrun [4Fun] 4CS - For Servershlds.exeD:CS 1.6 SERVERSHNS 1CS - For Servershlds.exeD:CS 1.6 SERVERSSURF 4CS - For Servershlds.exeD:CS 1.6 SERVERSZOMBIE 3CS - For Servershlds.exeC:Program Files (x86)Mozilla Firefoxfirefox.exeC:Program Files (x86)Mozilla Firefoxplugin-container.exeC:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_9_900_170.exeC:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_9_900_170.exeC:Program Files (x86)SkypePhoneSkype.exeC:Program Files (x86)OriginOrigin.exeC:Program FilesDAUMPotPlayerPotPlayerMini64.exeC:Windowssystem32SearchProtocolHost.exeC:Windowssystem32SearchFilterHost.exeC:Windowssystem32conhost.exeC:WindowsSystem32cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exeBHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:Program Files (x86)IObitSurfing ProtectionBrowerProtectASCPlugin_Protection.dllBHO: PrivDog Extension: {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:Program Files (x86)AdTrustMediaPrivDog1.8.0.18trustedads.dlluRun: [searchProtection] "C:UsersTheReaverAppDataRoamingSearch ProtectionSearchProtection.EXE" /autostartuRun: [uTorrent] "C:UsersTheReaverAppDataRoaminguTorrentuTorrent.exe" /MINIMIZEDuRun: [RSS] wscript "C:UsersTheReaverAppDataRoamingAdobeFlash PlayerFile Cachefile.vbs" "C:UsersTheReaverAppDataRoamingAdobeFlash PlayerFile Cacherss.bat"uRun: [KiwiGuard] C:UsersTheReaverDesktopKiwiGuard-CrackedKiwiGuard-CrackedKiwiGuard.exeuRun: [firebwall] C:Program Files (x86)fireBwallfireBwall.exemRun: [iMMON] "C:Program Files (x86)IM MagicianVicamon.exe"mRun: [iMMONSUPPORT] "C:Program Files (x86)IM Magicianvmonproc.exe" /cls=IMMAGICIAN_CAMERA_MONITOR_I /exe=Vicamon.exemRun: [ComodoFSFirefox] "C:Program Files (x86)AdTrustMediaPrivDogFinalizeSetup.exe" /fmRun: [PrivDogService] "C:Program Files (x86)AdTrustMediaPrivDog1.8.0.18trustedadssvc.exe"mRun: [tvncontrol] "C:Program Files (x86)Common FilesCOMODOGeekBuddyRSP.exe" -controlservice -slaveStartupFolder: C:UsersTHEREA~1AppDataRoamingMICROS~1WindowsSTARTM~1ProgramsStartupGAMERA~1.LNK - C:UsersTheReaverAppDataRoamingGameRangerGameRangerGameRanger.exeStartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupSQLSER~1.LNK - C:Program Files (x86)Microsoft SQL Server80ToolsBinnscm.exeStartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupSTARTG~1.LNK - C:Program FilesCOMODOGeekBuddylauncher.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:0mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableLUA = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0IE: {2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - C:Program Files (x86)AdTrustMediaPrivDog1.8.0.18trustedads.dll.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option..TCP: Interfaces{90C7E2AA-A9AE-4207-95B0-24447E8CB857} : NameServer = 88.87.0.2,88.87.10.2Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:Program Files (x86)GoogleChromeApplication31.0.1650.63Installerchrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:Program Files (x86)IObitIObit UninstallerUninstallExplorer64.dllx64-BHO: PrivDog Extension: {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:Program FilesAdTrustMediaPrivDog1.8.0.18trustedads.dllx64-Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe -sx64-Run: [VMSnap3] C:WindowsVMSnap3.exex64-Run: [Domino] C:WindowsDomino.exex64-IE: {2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - C:Program FilesAdTrustMediaPrivDog1.8.0.18trustedads.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:UsersTheReaverAppDataRoamingMozillaFirefoxProfileso2bq2ky2.defaultFF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=407453&p=FF - plugin: C:Program Files (x86)GoogleUpdate1.3.22.3npGoogleUpdate3.dllFF - plugin: C:Program Files (x86)Pando NetworksMedia BoosternpPandoWebPlugin.dllFF - plugin: C:WindowsSysWOW64MacromedFlashNPSWF32_11_9_900_170.dll.---- FIREFOX POLICIES ----FF - user.js: nglayout.initialpaint.delay - 750FF - user.js: content.notify.interval - 750000FF - user.js: content.max.tokenizing.time - 2250000FF - user.js: content.switch.threshold - 750000FF - user.js: network.http.pipelining.maxrequests - 8FF - user.js: network.http.request.max-start-delay - 0FF - user.js: network.http.max-connections - 48FF - user.js: network.http.max-connections-per-server - 16FF - user.js: network.http.max-persistent-connections-per-proxy - 16FF - user.js: network.http.max-persistent-connections-per-server - 8FF - user.js: browser.turbo.enabled - trueFF - user.js: browser.display.show_image_placeholders - trueFF - user.js: browser.chrome.favicons - falseFF - user.js: browser.urlbar.autocomplete.enabled - trueFF - user.js: browser.cache.memory.capacity - 65536FF - user.js: content.notify.ontimer - trueFF - user.js: content.interrupt.parsing - trueFF - user.js: plugin.expose_full_path - trueFF - user.js: ui.submenuDelay - 0FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=32d9490d000000000000002522aa4cc7&q=FF - user.js: extensions.BabylonToolbar.id - 32d9490d000000000000002522aa4cc7FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}FF - user.js: extensions.BabylonToolbar.instlDay - 15726FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.7.2FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.7.2FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.7.222:44:07FF - user.js: extensions.BabylonToolbar.prtnrId - babylonFF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbarFF - user.js: extensions.BabylonToolbar.aflt - babsstFF - user.js: extensions.BabylonToolbar_i.smplGrp - noneFF - user.js: extensions.BabylonToolbar.tlbrId - baseFF - user.js: extensions.BabylonToolbar.instlRef - sstFF - user.js: extensions.BabylonToolbar.dfltLng - enFF - user.js: extensions.BabylonToolbar_i.excTlbr - falseFF - user.js: extensions.BabylonToolbar.excTlbr - falseFF - user.js: extensions.BabylonToolbar.admin - falseFF - user.js: extensions.BabylonToolbar_i.babTrack - affID=117023&tt=0313_7FF - user.js: extensions.BabylonToolbar_i.babExt -FF - user.js: extensions.BabylonToolbar_i.srcExt - ssFF - user.js: extensions.BabylonToolbar.autoRvrt - falseFF - user.js: extensions.BabylonToolbar.rvrt - falseFF - user.js: extensions.BabylonToolbar_i.newTab - false.============= SERVICES / DRIVERS ===============.R0 FSProFilter2;FSPro File Filter 2;C:WindowsSystem32driversFSPFltd2.sys [2013-11-20 57648]R1 CFRMD;CFRMD;C:WindowsSystem32driversCFRMD.sys [2013-5-7 37976]R1 HMD;COMODO livePCsupport Hardware Monitor Driver;C:WindowsSystem32drivershmd.sys [2013-10-7 14888]R1 ndisrd;WinpkFilter LightWeight Filter;C:WindowsSystem32driversndisrd.sys [2013-8-5 43088]R1 raddrvv3;raddrvv3;C:WindowsSysWOW64rserver30raddrvv3.sys [2009-10-9 68704]R2 AMD External Events Utility;AMD External Events Utility;C:WindowsSystem32atiesrxx.exe [2013-8-31 239616]R2 Apache2.2;Apache2.2;D:xamppapachebinhttpd.exe [2008-12-10 24636]R2 CLPSLauncher;COMODO LPS Launcher;C:Program Files (x86)Common FilesCOMODOlauncher_service.exe [2013-12-13 70352]R2 DragonUpdater;COMODO Dragon Update Service;C:Program Files (x86)ComodoDragondragon_updater.exe [2013-11-11 2098880]R2 fsproflt2;FSPro Filter Service 2;C:WindowsSysWOW64fsproflt2.exe [2013-11-20 49512]R2 GeekBuddyRSP;GeekBuddyRSP Server;C:Program Files (x86)Common FilesCOMODOGeekBuddyRSP.exe [2013-12-13 2327248]R2 RelevantKnowledge;RelevantKnowledge;C:Program Files (x86)RelevantKnowledgerlservice.exe [2013-12-13 186136]R2 RServer3;Radmin Server V3;C:WindowsSysWOW64rserver30rserver3.exe [2009-10-9 1242504]R2 TeamViewer9;TeamViewer 9;C:Program Files (x86)TeamViewerVersion9TeamViewer_Service.exe [2013-12-20 5341536]R2 UNS;Intel® Management and Security Application User Notification Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2013-11-20 2656280]R3 amdkmdag;amdkmdag;C:WindowsSystem32driversatikmdag.sys [2013-8-31 12528640]R3 amdkmdap;amdkmdap;C:WindowsSystem32driversatikmpag.sys [2013-8-31 618496]R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:WindowsSystem32driversAtihdW76.sys [2013-7-5 96256]R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:WindowsSystem32driversEtronHub3.sys [2011-2-8 39936]R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:WindowsSystem32driversEtronXHCI.sys [2011-2-8 64512]R3 MEIx64;Intel® Management Engine Interface;C:WindowsSystem32driversHECIx64.sys [2013-11-20 56344]R3 mirrorv3;mirrorv3;C:WindowsSystem32driversrminiv3.sys [2012-12-18 5632]R3 RTL8167;Realtek 8167 NT Driver;C:WindowsSystem32driversRt64win7.sys [2013-11-20 344680]R3 vvftav303;vvftav303;C:WindowsSystem32driversvvftav303.sys [2013-12-13 308096]R3 ZSMC0303;A4 TECH PC Camera H;C:WindowsSystem32driversusbVM303.sys [2013-12-13 1494656]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2012-7-9 104912]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2012-7-8 123856]S2 gupdate;Услуга на Google Актуализация (gupdate);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2013-11-21 116648]S2 hlsm;HL Server Monitor;D:CS 1.6 SERVERSDEATHRUN [FUN] (6132)hlsm.exe --> D:CS 1.6 SERVERSDEATHRUN [FUN] (6132)hlsm.exe [?]S2 LiveUpdateSvc;LiveUpdate;C:Program Files (x86)IObitLiveUpdateLiveUpdate.exe [2013-11-20 2151232]S2 SkypeUpdate;Skype Updater;C:Program Files (x86)SkypeUpdaterUpdater.exe [2013-9-5 171680]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2013-11-20 257416]S3 dmvsc;dmvsc;C:WindowsSystem32driversdmvsc.sys [2011-4-12 71168]S3 gupdatem;Услуга на Google Актуализация (gupdatem);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2013-11-21 116648]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:WindowsSystem32ieetwcollector.exe [2013-12-13 111616]S3 MozillaMaintenance;Mozilla Maintenance Service;C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe [2013-11-20 119408]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:WindowsSystem32driversrdpvideominiport.sys [2013-11-20 19456]S3 Revoflt;Revoflt;C:WindowsSystem32driversrevoflt.sys [2013-11-21 31800]S3 RTCore64;RTCore64;C:Program Files (x86)MSI AfterburnerRTCore64.sys [2013-1-23 13368]S3 Synth3dVsc;Synth3dVsc;C:WindowsSystem32driversSynth3dVsc.sys [2011-4-12 88960]S3 terminpt;Microsoft Remote Desktop Input Driver;C:WindowsSystem32driversterminpt.sys [2013-11-20 29696]S3 TsUsbFlt;TsUsbFlt;C:WindowsSystem32driversTsUsbFlt.sys [2013-11-20 57856]S3 TsUsbGD;Remote Desktop Generic USB Device;C:WindowsSystem32driversTsUsbGD.sys [2013-11-20 30208]S3 WatAdminSvc;Windows Activation Technologies Service;C:WindowsSystem32WatWatAdminSvc.exe [2013-11-20 1255736]S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:Program FilesMicrosoft SQL Server100Sharedsqladhlp.exe [2010-4-3 59744]S4 RsFx0153;RsFx0153 Driver;C:WindowsSystem32driversRsFx0153.sys [2012-6-29 321992]SUnknown tsusbhub;tsusbhub; [x].=============== Created Last 30 ================.2013-12-24 12:30:49 -------- d-----w- C:Program FilesHide Folders 20122013-12-24 10:04:12 10315576 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{9FC35C14-EFDF-4276-8687-A6985F460EBC}mpengine.dll2013-12-24 09:52:46 94208 ----a-w- C:WindowsDIIUnin.exe2013-12-24 09:52:46 2829 ----a-w- C:WindowsDIIUnin.pif2013-12-24 09:51:17 -------- d-----w- C:Program Files (x86)Diablo II2013-12-22 09:30:17 -------- d-----w- C:Program Files (x86)QS2013-12-21 09:49:11 -------- d-----w- C:UsersTheReaverAppDataRoamingComodo2013-12-21 07:51:23 -------- d-----w- C:Program Files (x86)Common FilesCOMODO2013-12-21 07:35:34 -------- d-----w- C:UsersTheReaverAppDataLocalAdTrustMedia2013-12-21 07:34:36 -------- d-----w- C:Program FilesAdTrustMedia2013-12-21 07:34:36 -------- d-----w- C:Program Files (x86)AdTrustMedia2013-12-21 07:34:35 -------- d-----w- C:ProgramDataAdtrustmedia2013-12-21 07:34:26 -------- d-----w- C:ProgramDataCOMODO2013-12-21 07:34:17 -------- d-----w- C:Program FilesCOMODO2013-12-21 07:34:10 -------- d-----w- C:UsersTheReaverAppDataLocalComodo2013-12-21 07:34:07 57096 ----a-w- C:WindowsSystem32certsentry.dll2013-12-21 07:34:07 48392 ----a-w- C:WindowsSysWow64certsentry.dll2013-12-21 07:34:02 -------- d-----w- C:Program Files (x86)Comodo2013-12-21 07:22:57 -------- d-----w- C:ISA Server 2006 SP1 Standard Edition CD2013-12-21 07:12:56 -------- d-----w- C:Program Files (x86)Sygate2013-12-21 07:12:39 -------- d-----w- C:Program Files (x86)Common FilesWise Installation Wizard2013-12-21 07:10:31 -------- d-----w- C:UsersTheReaverAppDataRoamingfirebwall2013-12-21 07:10:03 -------- d-----w- C:Program Files (x86)WinpkFilter2013-12-20 23:31:32 -------- d-----w- C:Program Files (x86)Everything2013-12-20 22:56:59 -------- d-----w- C:Program Files (x86)Anti DDoS Guardian 2.32013-12-20 22:39:34 36256 ----a-w- C:WindowsSystem32driversnblocker.sys2013-12-20 22:39:33 -------- d-----w- C:Program Files (x86)Anti DDoS Guardian 3.12013-12-18 17:56:22 -------- d-----w- C:WindowsCS 1.6 COOL EDiTiON2013-12-14 20:59:00 -------- d-----w- C:Program Files (x86)MSXML 4.02013-12-14 06:06:35 859416 ----a-w- C:WindowsSystem32rlls64.dll2013-12-14 06:06:35 593688 ----a-w- C:WindowsSysWow64rlls.dll2013-12-13 21:10:26 167424 ----a-w- C:Program FilesWindows Media Playerwmplayer.exe2013-12-13 21:10:26 164864 ----a-w- C:Program Files (x86)Windows Media Playerwmplayer.exe2013-12-13 21:10:26 12625920 ----a-w- C:WindowsSystem32wmploc.DLL2013-12-13 21:10:25 12625408 ----a-w- C:WindowsSysWow64wmploc.DLL2013-12-13 20:23:47 -------- d-----w- C:Program FilesCPUID2013-12-13 11:57:55 -------- d-----w- C:UsersTheReaverAppDataRoamingVimisoft Studio2013-12-13 11:57:47 77824 ----a-w- C:WindowsSysWow64vgf.dll2013-12-13 11:57:47 450560 ----a-w- C:WindowsSysWow64newlistview2.dll2013-12-13 11:57:47 -------- d-----w- C:Program Files (x86)Common FilesVimisoft Studio2013-12-13 11:57:30 -------- d-----w- C:Program Files (x86)Vimicro Corporation2013-12-13 11:57:16 -------- d-----w- C:Program Files (x86)IM Magician2013-12-13 11:49:04 -------- d-----w- C:WindowsEffectResources2013-12-12 22:32:08 -------- d-----w- C:Program Files (x86)RelevantKnowledge2013-12-12 22:31:34 -------- d-----w- C:Program Files (x86)Free EXE Lock2013-12-12 22:20:11 -------- d-----w- C:Program Files (x86)ELTIMA Software2013-12-12 10:10:15 -------- d-----w- C:UsersTheReaverAppDataRoamingLolClient2013-12-12 09:28:07 467984 ----a-w- C:WindowsSysWow64d3dx10_39.dll2013-12-12 09:28:07 1493528 ----a-w- C:WindowsSysWow64D3DCompiler_39.dll2013-12-12 09:28:06 3851784 ----a-w- C:WindowsSysWow64D3DX9_39.dll2013-12-12 09:27:55 -------- d-sh--w- C:WindowsSysWow64AI_RecycleBin2013-12-12 09:26:13 -------- d-----w- C:UsersTheReaverAppDataLocalPMB Files2013-12-12 09:26:12 -------- d-----w- C:ProgramDataPMB Files2013-12-12 09:26:09 -------- d-----w- C:Program Files (x86)Pando Networks2013-12-12 09:25:45 -------- d-----w- C:UsersTheReaverAppDataRoamingRiot Games2013-12-11 19:58:08 -------- d-----w- C:WindowsSysWow64directx2013-12-11 19:57:52 -------- d-----w- C:Program Files (x86)MSI Afterburner2013-12-11 11:37:34 -------- d-----w- C:Fraps2013-12-10 08:35:22 -------- d-----w- C:UsersTheReaverAppDataLocalApps2013-12-10 08:34:55 -------- d-----w- C:Program Files (x86)Active Data Recovery Software2013-12-10 08:25:13 -------- d-----w- C:UsersTheReaverAppDataLocalstorage2013-12-08 16:15:05 -------- d-----w- C:UsersTheReaverAppDataLocalMicrosoft_Corporation2013-12-08 16:13:31 57288 ----a-w- C:WindowsSysWow64perf-MSSQL10_50.MSSQLSERVER-sqlagtctr.dll2013-12-08 16:13:30 86984 ----a-w- C:WindowsSystem32perf-MSSQL10_50.MSSQLSERVER-sqlagtctr.dll2013-12-08 16:13:18 88520 ----a-w- C:WindowsSystem32perf-MSSQLSERVER-sqlctr10.52.4000.0.dll2013-12-08 16:13:18 82888 ----a-w- C:WindowsSysWow64perf-MSSQLSERVER-sqlctr10.52.4000.0.dll2013-12-08 16:12:11 -------- d-----w- C:WindowsSystem32RsFx2013-12-08 16:09:22 -------- d-----w- C:UsersTheReaverAppDataLocalMicrosoft Help2013-12-08 16:08:30 -------- d-----w- C:Program Files (x86)Microsoft Synchronization Services2013-12-08 16:08:16 -------- d-----w- C:Program Files (x86)Microsoft SQL Server Compact Edition2013-12-08 16:08:10 -------- d-----w- C:WindowsSysWow6410332013-12-08 16:08:10 -------- d-----w- C:WindowsSystem3210332013-12-08 16:04:43 -------- d-----w- C:WindowsPCHEALTH2013-12-08 16:02:41 -------- d-----w- C:Program FilesMicrosoft SQL Server2013-12-08 15:49:45 -------- d-----w- C:UsersTheReaverAppDataLocalDownloaded Installations2013-12-07 07:05:24 -------- d-----w- C:UsersTheReaverAppDataRoamingSearch Protection2013-12-07 07:05:17 -------- d-----w- C:ProgramDataYTD Video Downloader2013-12-07 07:05:04 -------- d-----w- C:Program Files (x86)GreenTree Applications2013-12-06 16:02:03 -------- d-----w- C:ProgramData{E1ED556E-3EA0-4F44-8BE7-CC5FB0F4B424}2013-12-06 16:02:03 -------- d-----w- C:ProgramData{D76294E6-03B8-4971-AF2E-3F846161A690}2013-12-05 20:05:47 -------- d-----w- C:Program Files (x86)VideoLAN2013-12-05 10:34:33 -------- d-----w- C:Program Files (x86)ASRock Utility2013-11-29 20:03:21 -------- d-----w- C:Program Files (x86)Unlocker2013-11-29 12:44:01 -------- d-----w- C:Program Files (x86)avpbg2013-11-29 12:40:47 -------- d-----w- C:ProgramDataKaspersky Lab2013-11-29 12:16:43 -------- d-----w- C:Program Files (x86)Kaspersky Lab2013-11-29 12:04:19 -------- d-s---w- C:WindowsSysWow64Microsoft2013-11-28 16:43:50 -------- d-----w- C:ProgramDataAMMYY2013-11-27 20:20:17 -------- d-----w- C:Program Files (x86)TeamViewer2013-11-27 18:59:11 -------- d-----w- C:Program Files (x86)Common FilesSteam2013-11-27 18:03:20 -------- d-----w- C:UsersTheReaverAppDataRoamingRadmin2013-11-27 11:13:35 99840 ----a-w- C:WindowsSystem32driversusbccgp.sys2013-11-27 11:13:35 52736 ----a-w- C:WindowsSystem32driversusbehci.sys2013-11-27 11:13:34 7808 ----a-w- C:WindowsSystem32driversusbd.sys2013-11-27 11:13:34 343040 ----a-w- C:WindowsSystem32driversusbhub.sys2013-11-27 11:13:34 325120 ----a-w- C:WindowsSystem32driversusbport.sys2013-11-27 11:13:34 30720 ----a-w- C:WindowsSystem32driversusbuhci.sys2013-11-27 11:13:34 25600 ----a-w- C:WindowsSystem32driversusbohci.sys2013-11-27 09:18:01 140288 ----a-w- C:WindowsSysWow64Comdlg32.ocx2013-11-27 09:18:00 1355776 ----a-w- C:WindowsSysWow64msvbvm50.dll2013-11-27 09:17:57 192569 ----a-w- C:WindowsSysWow64msrpjt40.dll2013-11-27 09:17:42 274489 ----a-w- C:WindowsSysWow64ntwdblib.dll2013-11-27 09:17:39 97552 ----a-w- C:WindowsSysWow64rdocurs.dll2013-11-27 09:17:39 376592 ----a-w- C:WindowsSysWow64msrdo20.dll2013-11-27 09:17:38 32830 ----a-w- C:WindowsSysWow64dbmsshrn.dll2013-11-27 09:17:13 -------- d-----w- C:Program Files (x86)Microsoft SQL Server2013-11-27 09:04:36 306688 ----a-w- C:WindowsIsUninst.exe2013-11-27 08:59:29 -------- d-----w- C:UsersTheReaverAppDataRoamingTeamViewer2013-11-27 08:48:29 -------- d-----w- C:WindowsSysWow64rserver302013-11-27 07:43:42 -------- d-sh--w- C:ProgramDataDSS2013-11-26 19:05:36 -------- d-----w- C:Program Files (x86)Origin Games2013-11-26 19:05:17 -------- d-----w- C:UsersTheReaverAppDataRoamingOrigin2013-11-26 19:05:16 -------- d-----w- C:UsersTheReaverAppDataLocalOrigin2013-11-26 19:03:58 -------- d-----w- C:ProgramDataOrigin2013-11-26 19:03:57 -------- d-----w- C:ProgramDataElectronic Arts2013-11-26 19:03:43 -------- d-----w- C:Program Files (x86)Origin2013-11-26 07:47:40 -------- d-----r- C:Program Files (x86)Skype2013-11-26 06:14:47 -------- d-----w- C:WindowsSystem32MRT.==================== Find3M ====================.2013-12-11 18:21:23 71048 ----a-w- C:WindowsSysWow64FlashPlayerCPLApp.cpl2013-12-11 18:21:23 692616 ----a-w- C:WindowsSysWow64FlashPlayerApp.exe2013-11-26 10:19:07 2724864 ----a-w- C:WindowsSystem32mshtml.tlb2013-11-26 10:18:23 4096 ----a-w- C:WindowsSystem32ieetwcollectorres.dll2013-11-26 09:48:07 66048 ----a-w- C:WindowsSystem32iesetup.dll2013-11-26 09:46:25 48640 ----a-w- C:WindowsSystem32ieetwproxystub.dll2013-11-26 09:23:02 2724864 ----a-w- C:WindowsSysWow64mshtml.tlb2013-11-26 09:18:39 139264 ----a-w- C:WindowsSystem32ieUnatt.exe2013-11-26 09:18:09 111616 ----a-w- C:WindowsSystem32ieetwcollector.exe2013-11-26 09:16:57 708608 ----a-w- C:WindowsSystem32jscript9diag.dll2013-11-26 08:35:02 5769216 ----a-w- C:WindowsSystem32jscript9.dll2013-11-26 08:28:16 553472 ----a-w- C:WindowsSysWow64jscript9diag.dll2013-11-26 08:16:12 4243968 ----a-w- C:WindowsSysWow64jscript9.dll2013-11-26 08:02:16 1995264 ----a-w- C:WindowsSystem32inetcpl.cpl2013-11-26 07:32:06 1928192 ----a-w- C:WindowsSysWow64inetcpl.cpl2013-11-26 07:07:57 2334208 ----a-w- C:WindowsSystem32wininet.dll2013-11-26 06:33:33 1820160 ----a-w- C:WindowsSysWow64wininet.dll2013-11-23 18:26:20 417792 ----a-w- C:WindowsSysWow64WMPhoto.dll2013-11-23 17:47:34 465920 ----a-w- C:WindowsSystem32WMPhoto.dll2013-11-21 11:44:01 447888 ----a-w- C:WindowsSystem32driversaswNdisFlt.sys2013-11-20 17:05:45 197120 ----a-w- C:WindowsSystem32credui.dll2013-11-20 17:05:45 1930752 ----a-w- C:WindowsSystem32authui.dll2013-11-20 17:05:45 190464 ----a-w- C:WindowsSystem32SmartcardCredentialProvider.dll2013-11-20 17:05:45 1796096 ----a-w- C:WindowsSysWow64authui.dll2013-11-20 17:05:45 168960 ----a-w- C:WindowsSysWow64credui.dll2013-11-20 17:05:45 152576 ----a-w- C:WindowsSysWow64SmartcardCredentialProvider.dll2013-11-20 17:03:35 404480 ----a-w- C:WindowsSystem32gdi32.dll2013-11-20 17:03:35 311808 ----a-w- C:WindowsSysWow64gdi32.dll2013-11-20 17:02:43 1474048 ----a-w- C:WindowsSystem32crypt32.dll2013-11-20 17:02:43 1168384 ----a-w- C:WindowsSysWow64crypt32.dll2013-11-20 17:01:48 497152 ----a-w- C:WindowsSystem32driversafd.sys2013-11-20 16:59:21 30720 ----a-w- C:WindowsSystem32cryptdlg.dll2013-11-20 16:59:21 24576 ----a-w- C:WindowsSysWow64cryptdlg.dll2013-11-20 16:58:28 81920 ----a-w- C:WindowsSysWow64davclnt.dll2013-11-20 16:58:28 259584 ----a-w- C:WindowsSystem32WebClnt.dll2013-11-20 16:58:28 205824 ----a-w- C:WindowsSysWow64WebClnt.dll2013-11-20 16:58:28 140800 ----a-w- C:WindowsSystem32driversmrxdav.sys2013-11-20 16:58:28 102400 ----a-w- C:WindowsSystem32davclnt.dll2013-11-20 16:56:50 461312 ----a-w- C:WindowsSystem32scavengeui.dll2013-11-20 16:55:28 109824 ----a-w- C:WindowsSystem32driversUSBAUDIO.sys2013-11-20 16:55:28 100864 ----a-w- C:WindowsSystem32driversusbcir.sys2013-11-20 16:54:46 785624 ----a-w- C:WindowsSystem32driversWdf01000.sys2013-11-20 16:54:00 633856 ----a-w- C:WindowsSystem32comctl32.dll2013-11-20 16:54:00 530432 ----a-w- C:WindowsSysWow64comctl32.dll2013-11-20 16:53:19 76800 ----a-w- C:WindowsSystem32drivershidclass.sys2013-11-20 16:53:19 32896 ----a-w- C:WindowsSystem32drivershidparse.sys2013-11-20 16:52:32 70656 ----a-w- C:WindowsSysWow64fontsub.dll2013-11-20 16:52:32 46080 ----a-w- C:WindowsSystem32atmlib.dll2013-11-20 16:52:32 41472 ----a-w- C:WindowsSystem32lpk.dll2013-11-20 16:52:32 368128 ----a-w- C:WindowsSystem32atmfd.dll2013-11-20 16:52:32 34304 ----a-w- C:WindowsSysWow64atmlib.dll2013-11-20 16:52:32 295424 ----a-w- C:WindowsSysWow64atmfd.dll2013-11-20 16:52:32 25600 ----a-w- C:WindowsSysWow64lpk.dll2013-11-20 16:52:32 14336 ----a-w- C:WindowsSystem32dciman32.dll2013-11-20 16:52:32 10240 ----a-w- C:WindowsSysWow64dciman32.dll2013-11-20 16:52:32 100864 ----a-w- C:WindowsSystem32fontsub.dll2013-11-20 16:51:50 983488 ----a-w- C:WindowsSystem32driversdxgkrnl.sys2013-11-20 16:51:50 265064 ----a-w- C:WindowsSystem32driversdxgmms1.sys2013-11-20 16:51:50 144384 ----a-w- C:WindowsSystem32cdd.dll2013-11-20 16:48:18 124112 ----a-w- C:WindowsSystem32PresentationCFFRasterizerNative_v0300.dll2013-11-20 16:48:18 102608 ----a-w- C:WindowsSysWow64PresentationCFFRasterizerNative_v0300.dll2013-11-20 16:46:51 1887232 ----a-w- C:WindowsSystem32d3d11.dll2013-11-20 16:46:51 1505280 ----a-w- C:WindowsSysWow64d3d11.dll2013-11-20 16:46:05 327168 ----a-w- C:WindowsSystem32mswsock.dll2013-11-20 16:46:05 231424 ----a-w- C:WindowsSysWow64mswsock.dll2013-11-20 16:46:05 1903552 ----a-w- C:WindowsSystem32driverstcpip.sys2013-11-20 16:44:23 62976 ----a-w- C:WindowsSystem32TSWbPrxy.exe2013-11-20 16:41:21 155584 ----a-w- C:WindowsSystem32driversataport.sys2013-11-20 16:40:48 1888768 ----a-w- C:WindowsSystem32WMVDECOD.DLL2013-11-20 16:40:48 1620992 ----a-w- C:WindowsSysWow64WMVDECOD.DLL2013-11-20 16:37:55 663552 ----a-w- C:WindowsSysWow64rpcrt4.dll2013-11-20 16:37:55 1217024 ----a-w- C:WindowsSystem32rpcrt4.dll2013-11-20 16:37:18 288088 ----a-w- C:WindowsSystem32driversFWPKCLNT.SYS2013-11-20 16:36:46 39936 ----a-w- C:WindowsSystem32driverstssecsrv.sys2013-11-20 16:36:08 224256 ----a-w- C:WindowsSystem32wintrust.dll2013-11-20 16:36:08 184320 ----a-w- C:WindowsSystem32cryptsvc.dll2013-11-20 16:36:08 175104 ----a-w- C:WindowsSysWow64wintrust.dll2013-11-20 16:36:08 140288 ----a-w- C:WindowsSysWow64cryptsvc.dll2013-11-20 16:36:08 139776 ----a-w- C:WindowsSystem32cryptnet.dll2013-11-20 16:36:08 103936 ----a-w- C:WindowsSysWow64cryptnet.dll2013-11-20 16:34:58 624128 ----a-w- C:WindowsSystem32qedit.dll2013-11-20 16:34:58 509440 ----a-w- C:WindowsSysWow64qedit.dll2013-11-20 16:29:24 751104 ----a-w- C:WindowsSystem32win32spl.dll2013-11-20 16:29:24 492544 ----a-w- C:WindowsSysWow64win32spl.dll2013-11-20 16:28:45 903168 ----a-w- C:WindowsSysWow64certutil.exe2013-11-20 16:28:45 52224 ----a-w- C:WindowsSystem32certenc.dll2013-11-20 16:28:45 43008 ----a-w- C:WindowsSysWow64certenc.dll2013-11-20 16:28:45 1192448 ----a-w- C:WindowsSystem32certutil.exe2013-11-20 16:26:26 70144 ----a-w- C:WindowsSystem32appinfo.dll2013-11-20 16:26:26 111448 ----a-w- C:WindowsSystem32consent.exe2013-11-20 16:25:51 48640 ----a-w- C:WindowsSystem32wwanprotdim.dll2013-11-20 16:25:51 230400 ----a-w- C:WindowsSystem32wwansvc.dll2013-11-20 16:25:26 474624 ----a-w- C:WindowsapppatchAcSpecfc.dll2013-11-20 16:25:26 350208 ----a-w- C:WindowsapppatchAppPatch64AcLayers.dll2013-11-20 16:25:26 308736 ----a-w- C:WindowsapppatchAppPatch64AcGenral.dll2013-11-20 16:25:26 2176512 ----a-w- C:WindowsapppatchAcGenral.dll2013-11-20 16:25:26 135168 ----a-w- C:WindowsapppatchAppPatch64AcXtrnal.dll2013-11-20 16:25:26 111104 ----a-w- C:WindowsapppatchAppPatch64acspecfc.dll2013-11-20 16:23:47 1656680 ----a-w- C:WindowsSystem32driversntfs.sys2013-11-20 16:22:41 223752 ----a-w- C:WindowsSystem32driversfvevol.sys.============= FINISH: 16:00:33,29 ===============.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-09-30.01).Microsoft Windows 7 UltimateBoot Device: DeviceHarddiskVolume1Install Date: 20.11.2013 г. 17:05:38System Uptime: 25.12.2013 г. 08:00:46 (8 hours ago).Motherboard: ASRock | | H67M-GEProcessor: Intel® Core i5-2400 CPU @ 3.10GHz | CPUSocket | 3101/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 100 GiB total, 46,398 GiB free.D: is FIXED (NTFS) - 831 GiB total, 364,807 GiB free.E: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP102: 21.12.2013 г. 13:28:20 - Инсталиране на драйверен пакет за устройство: COMODO Мрежова услугаRP103: 24.12.2013 г. 12:03:54 - Windows Update.==== Installed Programs ======================.µTorrentA4 TECH PC Camera HActive@ UNDELETE 7 EnterpriseAdobe Flash Player 11 PluginAdobe Flash Player 9 ActiveXAIDA64 Business v4.00AMD Accelerated Video TranscodingAMD Catalyst Control CenterAMD Catalyst Install ManagerAMD Drag and Drop TranscodingAMD Media Foundation DecodersASRock eXtreme Tuner v0.1.215Catalyst Control Center - BrandingCatalyst Control Center Graphics Previews CommonCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishCCleanerComodo DragonComponents SetupCounter-StrikeCPUID CPU-Z 1.67.1CS 1.6 COOL EDiTiONDaum PotPlayer 1.5.39659 x64 EditionDiablo IIDiablo II - Eastern SunEtron USB3.0 Host ControllerEverything 1.2.1.371EXE Password Protector 1.1.6.214FIFA 13foobar2000 v1.2.9Fraps (remove only)Free EXE Lock 5.4.5GameRangerGeekBuddyGoogle ChromeGoogle Update HelperHotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)IM MagicianInfinityMU SEASON 3Intel® Management Engine ComponentsIObit UninstallerK-Lite Mega Codec Pack 9.8.5League of LegendsMicrosoft .NET Framework 4.5Microsoft Application Error ReportingMicrosoft Report Viewer Redistributable 2008 (KB971119)Microsoft Report Viewer Redistributable 2008 SP1Microsoft SQL Server 2008 R2 (64-bit)Microsoft SQL Server 2008 R2 Native ClientMicrosoft SQL Server 2008 R2 PoliciesMicrosoft SQL Server 2008 R2 RsFx DriverMicrosoft SQL Server 2008 R2 Setup (English)Microsoft SQL Server 2008 Setup Support FilesMicrosoft SQL Server BrowserMicrosoft SQL Server Compact 3.5 SP2 ENUMicrosoft SQL Server Compact 3.5 SP2 Query Tools ENUMicrosoft SQL Server VSS WriterMicrosoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727Microsoft Visual Studio Tools for Applications 2.0 - ENUMozilla Firefox 26.0 (x86 bg)Mozilla Maintenance ServiceMSI Afterburner 2.3.1MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)NetTools 5.0Notepad++OriginPando Media BoosterPowerISOPrivDogRadmin Server 3.4Realtek Ethernet Controller Driver For Windows 7Realtek High Definition Audio DriverRelevantKnowledgeRevo Uninstaller Pro 3.0.8Search ProtectionSecurity Update for Microsoft .NET Framework 4.5 (KB2737083)Security Update for Microsoft .NET Framework 4.5 (KB2742613)Security Update for Microsoft .NET Framework 4.5 (KB2789648)Security Update for Microsoft .NET Framework 4.5 (KB2833957)Security Update for Microsoft .NET Framework 4.5 (KB2840642v2)Security Update for Microsoft .NET Framework 4.5 (KB2861208)Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit)Skype™ 6.11SQL Server 2008 R2 SP2 Common FilesSQL Server 2008 R2 SP2 Database Engine ServicesSQL Server 2008 R2 SP2 Database Engine SharedSQL Server 2008 R2 SP2 Management StudioSql Server Customer Experience Improvement ProgramSurfing ProtectionTeamViewer 9Ubisoft Game LauncherUpdate for Microsoft .NET Framework 4.5 (KB2750147)Update for Microsoft .NET Framework 4.5 (KB2805221)Update for Microsoft .NET Framework 4.5 (KB2805226)VLC media player 2.1.1WinPcap 3.0WinpkFilter Runtime & ToolsWinRAR 5.00 (64-битова версия)XAMPP 1.7.1YTD Video Downloader 4.7.1.==== Event Viewer Messages From Past Week ========.25.12.2013 г. 08:02:08, Error: Service Control Manager [7034] - The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).25.12.2013 г. 08:01:08, Error: Service Control Manager [7000] - The HL Server Monitor service failed to start due to the following error: The system cannot find the file specified.24.12.2013 г. 19:44:51, Error: Service Control Manager [7034] - The Apache2.2 service terminated unexpectedly. It has done this 1 time(s).24.12.2013 г. 18:55:27, Error: Service Control Manager [7034] - The HL Server Monitor service terminated unexpectedly. It has done this 1 time(s).24.12.2013 г. 18:04:43, Error: Service Control Manager [7034] - The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).24.12.2013 г. 18:03:54, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SQL Server (MSSQLSERVER) service to connect.24.12.2013 г. 18:03:54, Error: Service Control Manager [7000] - The SQL Server (MSSQLSERVER) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.24.12.2013 г. 10:06:42, Error: Service Control Manager [7034] - The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).24.12.2013 г. 10:06:10, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SQL Server (MSSQLSERVER) service to connect.24.12.2013 г. 10:06:10, Error: Service Control Manager [7000] - The SQL Server (MSSQLSERVER) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.24.12.2013 г. 08:55:09, Error: Service Control Manager [7034] - The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).24.12.2013 г. 08:54:28, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SQL Server (MSSQLSERVER) service to connect.24.12.2013 г. 08:54:28, Error: Service Control Manager [7000] - The SQL Server (MSSQLSERVER) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.24.12.2013 г. 08:02:09, Error: Service Control Manager [7034] - The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).22.12.2013 г. 13:54:34, Error: Service Control Manager [7030] - The HL Server Monitor service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.22.12.2013 г. 11:27:16, Error: Service Control Manager [7034] - The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).22.12.2013 г. 08:02:07, Error: Service Control Manager [7034] - The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).21.12.2013 г. 13:33:48, Error: Service Control Manager [7034] - The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).21.12.2013 г. 13:23:58, Error: Service Control Manager [7034] - The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).21.12.2013 г. 13:22:51, Error: Service Control Manager [7003] - The BeeThink IP Blocker Service service depends the following service: NBlocker. This service might not be installed.21.12.2013 г. 12:04:56, Error: Service Control Manager [7034] - The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).21.12.2013 г. 12:03:44, Error: Service Control Manager [7003] - The BeeThink IP Blocker Service service depends the following service: NBlocker. This service might not be installed.21.12.2013 г. 09:41:48, Error: Service Control Manager [7034] - The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).21.12.2013 г. 09:40:16, Error: Service Control Manager [7003] - The BeeThink IP Blocker Service service depends the following service: NBlocker. This service might not be installed.21.12.2013 г. 09:37:29, Error: Service Control Manager [7034] - The LiveUpdate service terminated unexpectedly. It has done this 2 time(s).21.12.2013 г. 09:37:13, Error: Service Control Manager [7034] - The Advanced SystemCare Service 7 service terminated unexpectedly. It has done this 1 time(s).21.12.2013 г. 09:36:39, Error: Service Control Manager [7030] - The Advanced SystemCare Service 7 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.21.12.2013 г. 09:36:18, Error: Service Control Manager [7034] - The AdvancedSystemCareAntivirus service terminated unexpectedly. It has done this 1 time(s).21.12.2013 г. 09:19:03, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SmcService service.21.12.2013 г. 09:16:56, Error: Service Control Manager [7034] - The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).21.12.2013 г. 09:16:26, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Teefer wpsdrvnt21.12.2013 г. 09:15:51, Error: Service Control Manager [7003] - The BeeThink IP Blocker Service service depends the following service: NBlocker. This service might not be installed.21.12.2013 г. 09:15:51, Error: Service Control Manager [7000] - The SyGate for NT, wg6n service failed to start due to the following error: This driver has been blocked from loading21.12.2013 г. 09:15:51, Error: Service Control Manager [7000] - The SyGate for NT, wg5n service failed to start due to the following error: This driver has been blocked from loading21.12.2013 г. 09:15:51, Error: Service Control Manager [7000] - The SyGate for NT, wg4n service failed to start due to the following error: This driver has been blocked from loading21.12.2013 г. 09:15:51, Error: Service Control Manager [7000] - The SyGate for NT, wg3n service failed to start due to the following error: This driver has been blocked from loading21.12.2013 г. 09:15:51, Error: Application Popup [1060] - SystemRootSysWow64Driverswg6n.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.21.12.2013 г. 09:15:51, Error: Application Popup [1060] - SystemRootSysWow64Driverswg5n.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.21.12.2013 г. 09:15:51, Error: Application Popup [1060] - SystemRootSysWow64Driverswg4n.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.21.12.2013 г. 09:15:51, Error: Application Popup [1060] - SystemRootSysWow64Driverswg3n.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.21.12.2013 г. 09:15:40, Error: Application Popup [1060] - SystemRootSysWow64DriversTeefer.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.21.12.2013 г. 09:13:19, Error: Service Control Manager [7000] - The SyGate for NT, wg6n service failed to start due to the following error: This driver has been blocked from loading21.12.2013 г. 09:13:19, Error: Service Control Manager [7000] - The SyGate for NT, wg5n service failed to start due to the following error: This driver has been blocked from loading21.12.2013 г. 09:13:19, Error: Application Popup [1060] - SystemRootSysWow64Driverswg6n.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.21.12.2013 г. 09:13:19, Error: Application Popup [1060] - SystemRootSysWow64Driverswg5n.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.21.12.2013 г. 09:13:18, Error: Service Control Manager [7000] - The SyGate for NT, wg4n service failed to start due to the following error: This driver has been blocked from loading21.12.2013 г. 09:13:18, Error: Application Popup [1060] - SystemRootSysWow64Driverswg4n.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.21.12.2013 г. 09:13:17, Error: Service Control Manager [7000] - The SyGate for NT, wg3n service failed to start due to the following error: This driver has been blocked from loading21.12.2013 г. 09:13:17, Error: Application Popup [1060] - SystemRootSysWow64Driverswg3n.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.21.12.2013 г. 09:13:16, Error: Service Control Manager [7000] - The Teefer for NT service failed to start due to the following error: This driver has been blocked from loading21.12.2013 г. 09:13:16, Error: Application Popup [1060] - SystemRootSysWow64DriversTeefer.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.21.12.2013 г. 09:13:02, Error: Service Control Manager [7000] - The wpsdrvnt service failed to start due to the following error: This driver has been blocked from loading21.12.2013 г. 09:13:02, Error: Service Control Manager [7000] - The Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.21.12.2013 г. 09:13:02, Error: Application Popup [1060] - SystemRootSysWow64driverswpsdrvnt.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.21.12.2013 г. 09:13:00, Error: Service Control Manager [7030] - The Sygate Personal Firewall Pro service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.21.12.2013 г. 08:02:08, Error: Service Control Manager [7034] - The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).21.12.2013 г. 08:01:03, Error: Service Control Manager [7003] - The BeeThink IP Blocker Service service depends the following service: NBlocker. This service might not be installed.21.12.2013 г. 05:29:58, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.21.12.2013 г. 04:49:33, Error: Service Control Manager [7034] - The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).21.12.2013 г. 04:48:29, Error: Service Control Manager [7003] - The BeeThink IP Blocker Service service depends the following service: NBlocker. This service might not be installed.20.12.2013 г. 23:36:55, Error: Service Control Manager [7034] - The Kaspersky Anti-Virus Service service terminated unexpectedly. It has done this 1 time(s).20.12.2013 г. 23:31:21, Error: Service Control Manager [7030] - The Radmin Server V3 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.20.12.2013 г. 23:25:01, Error: Service Control Manager [7034] - The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).20.12.2013 г. 23:19:23, Error: Service Control Manager [7030] - The Radmin Server V3 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.20.12.2013 г. 23:17:15, Error: Service Control Manager [7030] - The Radmin Server V3 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.20.12.2013 г. 23:06:03, Error: Service Control Manager [7031] - The Kaspersky Anti-Virus Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Рестартиране на услугата.20.12.2013 г. 21:27:31, Error: Service Control Manager [7034] - The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).20.12.2013 г. 21:21:25, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {06622D85-6856-4460-8DE1-A81921B41C4B}. The error: "5" Happened while starting this command: C:WindowsSysWOW64DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}20.12.2013 г. 21:14:26, Error: Service Control Manager [7034] - The SQL Server VSS Writer service terminated unexpectedly. It has done this 1 time(s).20.12.2013 г. 21:14:23, Error: Service Control Manager [7034] - The SQL Server (MSSQLSERVER) service terminated unexpectedly. It has done this 1 time(s).20.12.2013 г. 20:36:14, Error: Service Control Manager [7034] - The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).20.12.2013 г. 13:48:24, Error: bowser [8003] - The master browser has received a server announcement from the computer GFDDGF-79E68F5A that believes that it is the master browser for the domain on transport NetBT_Tcpip_{90C7E2AA-A9AE-4207-95B0-24447E8CB857}. The master browser is stopping or an election is being forced.18.12.2013 г. 14:58:22, Error: bowser [8003] - The master browser has received a server announcement from the computer AKY-CCB1B381A4F that believes that it is the master browser for the domain on transport NetBT_Tcpip_{90C7E2AA-A9AE-4207-95B0-24447E8CB857}. The master browser is stopping or an election is being forced..==== End Of File ===========================
  15. Здравейте, обикновено ползвам MSE и преди десетина двайсетина дни забелязах че си е била камшика и отказва да се стартира. Сложих Avira free, докато измисля какво да правя с другата. След това открих че и файъруола е чао, и съвсем ми стана готино. При опит да го включа дава грешка 0x80070424. sfc /scannow стига донякъде и спира. Систем рестор до най-старата точка която имах не помогна, тя беше само 2-3 дни назад. Сега като си гледам логовете на sfc, сканирал съм на 6/10, значи тогава съм го забелязал. Mbam намери разни ексета с готини имена в юзър фолдъра и ги затри, имаше и съобщение за ключове в регистъра относно MSE i файъруола, но явно не е направило нищо, защото въпреки че бях изключил realtime защитата на avira, се оказа че постоянно следи регисъра за странни действия и изпищя че блокира нещо/вероятно mbam/. При последващо сканиране с mbam не каза нищо повече за тези ключове, но не съм сигурен че е успяло да ги оправи. Spybot не каза нищо полезно, странно е променена?! Не я бях ползвал доста време. Не забелязвам странно поведение на системата, avira твърди, че всичко е ок след пълно сканиране. Предполагам че съм си натресъл нещо от някоя игра, а уж чета преди да реша да позволя някой крак, когато пищи вирусната. В папката на MSE всички файлове имат катинарче, при десен бутон/security пише това :No permissions have been assigned for this object.. Съвети? Благодаря предварително!Eто го резултата от sfc: C:Windowssystem32>sfc /scannow Beginning system scan. This process will take some time. Beginning verification phase of system scan.Verification 60% complete. Windows Resource Protection could not perform the requested operation. C:Windowssystem32> DDS: DDS (Ver_2011-09-30.01) - NTFS_AMD64 Internet Explorer: 9.10.9200.16721 BrowserJavaVersion: 10.45.2Run by Joro at 11:56:35 on 2013-10-22Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1033.18.8142.6067 [GMT 3:00].AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}.============== Running Processes ===============.C:Windowssystem32wininit.exeC:Windowssystem32lsm.exeC:Windowssystem32svchost.exe -k DcomLaunchC:Windowssystem32svchost.exe -k RPCSSC:Windowssystem32atiesrxx.exeC:WindowsSystem32svchost.exe -k LocalServiceNetworkRestrictedC:WindowsSystem32svchost.exe -k LocalSystemNetworkRestrictedC:Windowssystem32svchost.exe -k LocalServiceC:Windowssystem32svchost.exe -k netsvcsC:Windowssystem32svchost.exe -k GPSvcGroupC:Windowssystem32svchost.exe -k NetworkServiceC:Windowssystem32WLANExt.exeC:Windowssystem32conhost.exeC:WindowsSystem32spoolsv.exeC:Program Files (x86)AviraAntiVir Desktopsched.exeC:Program Files (x86)Common FilesAdobeARM1.0armsvc.exeC:Program Files (x86)AviraAntiVir Desktopavguard.exeC:WindowsSystem32svchost.exe -k LocalServiceNoNetworkC:Program FilesInteliCLS ClientHeciServer.exeC:Program Files (x86)IntelIntel® Management Engine ComponentsFWServiceIntelMeFWService.exeC:Program Files (x86)IntelIntel® Management Engine ComponentsDALjhi_service.exeC:Program Files (x86)RealtekRTL8187 Wireless LAN UtilityRtlService.exeC:Program Files (x86)RealtekRTL8187 Wireless LAN UtilityRtWlan.exeC:Program Files (x86)Spybot - Search & Destroy 2SDFSSvc.exeC:Windowssystem32svchost.exe -k imgsvcC:Program Files (x86)TeamViewerVersion8TeamViewer_Service.exeC:Program Files (x86)Spybot - Search & Destroy 2SDUpdSvc.exeC:Program Files (x86)AviraAntiVir Desktopavshadow.exeC:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXEC:Windowssystem32svchost.exe -k bthsvcsC:Windowssystem32SearchIndexer.exeC:Windowssystem32atieclxx.exeC:Windowssystem32taskhost.exeC:Windowssystem32Dwm.exeC:WindowsExplorer.EXEC:Program FilesSynapticsSynTPSynTPEnh.exeC:Program Files (x86)SkypePhoneSkype.exeC:UsersJoroAppDataRoamingDRPSuDrvUpdater.exeC:UsersJoroAppDataLocalAkamainetsession_win.exeC:UsersJoroAppDataLocalAkamainetsession_win.exeC:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exeC:Program Files (x86)IntelIntel® USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exeC:Program Files (x86)PowerISOPWRISOVM.EXEC:Program Files (x86)AviraAntiVir Desktopavgnt.exeC:Program Files (x86)Spybot - Search & Destroy 2SDTray.exeC:PROGRAM FILESSYNAPTICSSYNTPSYNTPHELPER.EXEC:Program FilesWindows Media Playerwmpnetwk.exeC:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonationC:Windowssystem32taskeng.exeC:Program FilesSonyVAIO Power ManagementSPMgr.exeC:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exeC:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exeC:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exeC:Program Files (x86)RealtekRealtek PCIE Card ReaderRIconMan.exeC:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exeC:Program FilesSonyVAIO Power ManagementSPMService.exeC:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exeC:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exeC:Windowssystem32wuauclt.exeC:Windowssystem32calc.exeC:Program Files (x86)VideoLANVLCvlc.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Windowssystem32taskeng.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Windowssystem32SearchProtocolHost.exeC:Windowssystem32SearchFilterHost.exeC:Windowssystem32DllHost.exeC:Windowssystem32conhost.exeC:Windowssystem32wbemwmiprvse.exeC:WindowsSystem32cscript.exe.============== Pseudo HJT Report ===============. uProxyOverride = <local>mWinlogon: Userinit = userinit.exeBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre7binssv.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:Program Files (x86)Microsoft OfficeOffice14URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7binjp2ssv.dlluRun: [skype] "C:Program Files (x86)SkypePhoneSkype.exe" /minimized /regrunuRun: [DrvUpdater] C:UsersJoroAppDataRoamingDRPSuDrvUpdater.exe /hideuRun: [Akamai NetSession Interface] "C:UsersJoroAppDataLocalAkamainetsession_win.exe"mRun: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe"mRun: [iAStorIcon] C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exemRun: [uSB3MON] "C:Program Files (x86)IntelIntel® USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe"mRun: [startCCC] "C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRunmRun: [PWRISOVM.EXE] C:Program Files (x86)PowerISOPWRISOVM.EXE -startupmRun: [avgnt] "C:Program Files (x86)AviraAntiVir Desktopavgnt.exe" /minmRun: [Aeria Ignite] "C:Program Files (x86)Aeria GamesIgniteaeriaignite.exe" silentmRun: [sDTray] "C:Program Files (x86)Spybot - Search & Destroy 2SDTray.exe"mRun: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe"mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: E&xport to Microsoft Excel - C:PROGRA~1MICROS~4Office14EXCEL.EXE/3000IE: Se&nd to OneNote - C:PROGRA~1MICROS~4Office14ONBttnIE.dll/105IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:Program Files (x86)Microsoft OfficeOffice14ONBttnIELinkedNotes.dllLSP: C:Program Files (x86)AviraAntiVir Desktopavsda.dll.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option.. TCP: NameServer = 192.168.2.1 192.168.2.1TCP: Interfaces{073B6CAD-DF3E-48AE-881F-2C7174BB5DB6} : DHCPNameServer = 192.168.10.254TCP: Interfaces{073B6CAD-DF3E-48AE-881F-2C7174BB5DB6}34954514330324734303 : DHCPNameServer = 192.168.10.254TCP: Interfaces{073B6CAD-DF3E-48AE-881F-2C7174BB5DB6}34954514546303142454 : DHCPNameServer = 192.168.10.254TCP: Interfaces{073B6CAD-DF3E-48AE-881F-2C7174BB5DB6}34954514731393141454 : DHCPNameServer = 192.168.10.254TCP: Interfaces{07620C51-CABA-4AB7-AF81-B8DC8D8729C5} : DHCPNameServer = 192.168.10.254TCP: Interfaces{07620C51-CABA-4AB7-AF81-B8DC8D8729C5}34954514441433135483 : DHCPNameServer = 192.168.10.254TCP: Interfaces{07620C51-CABA-4AB7-AF81-B8DC8D8729C5}4505D2C494E4B4F5537323532443 : DHCPNameServer = 192.168.10.254TCP: Interfaces{2A0C1D4A-98AD-466C-BD9A-05293737B463}34954514133314434414 : DHCPNameServer = 192.168.10.254TCP: Interfaces{2A0C1D4A-98AD-466C-BD9A-05293737B463}34954514334373836453 : DHCPNameServer = 192.168.10.254TCP: Interfaces{2A0C1D4A-98AD-466C-BD9A-05293737B463}34954514635313544354 : DHCPNameServer = 192.168.10.254TCP: Interfaces{3412A085-0E2E-481C-A354-D50E728FE220} : NameServer = 192.168.10.254TCP: Interfaces{3412A085-0E2E-481C-A354-D50E728FE220}34954514532353444364 : DHCPNameServer = 192.168.10.254TCP: Interfaces{3E877F08-94AF-42A5-AF0F-1B1ECF2C9024} : DHCPNameServer = 192.168.2.1 192.168.2.1TCP: Interfaces{3E877F08-94AF-42A5-AF0F-1B1ECF2C9024}052756474797F564C697F564F627F514F57596D26496 : DHCPNameServer = 192.168.1.254 192.168.71.70TCP: Interfaces{3E877F08-94AF-42A5-AF0F-1B1ECF2C9024}34954514034434336333 : DHCPNameServer = 192.168.10.254TCP: Interfaces{3E877F08-94AF-42A5-AF0F-1B1ECF2C9024}34954514932334240334 : DHCPNameServer = 192.168.10.254TCP: Interfaces{3E877F08-94AF-42A5-AF0F-1B1ECF2C9024}350756564645F6573686146344441334 : DHCPNameServer = 192.168.10.254TCP: Interfaces{63F71D8C-4499-4985-A80B-4253E603C6D2} : DHCPNameServer = 192.168.10.254TCP: Interfaces{63F71D8C-4499-4985-A80B-4253E603C6D2}34954514246334335433 : DHCPNameServer = 192.168.10.254TCP: Interfaces{63F71D8C-4499-4985-A80B-4253E603C6D2}34954514340323636373 : DHCPNameServer = 192.168.10.254TCP: Interfaces{66834B5B-C18C-44D4-A2E1-D1F8F2D9384F} : DHCPNameServer = 192.168.10.254TCP: Interfaces{66834B5B-C18C-44D4-A2E1-D1F8F2D9384F}34954514338383641364 : DHCPNameServer = 192.168.10.254TCP: Interfaces{66834B5B-C18C-44D4-A2E1-D1F8F2D9384F}34954514830344344314 : DHCPNameServer = 192.168.10.254TCP: Interfaces{66834B5B-C18C-44D4-A2E1-D1F8F2D9384F}350756564645F6573686644344245324 : DHCPNameServer = 192.168.10.254TCP: Interfaces{66834B5B-C18C-44D4-A2E1-D1F8F2D9384F}35472716B6F6673696 : DHCPNameServer = 195.14.130.170 8.8.8.8TCP: Interfaces{6B37DB53-BF44-4767-AF44-BEEE139CA606} : DHCPNameServer = 192.168.10.254TCP: Interfaces{94FC9818-1CAB-4F3E-9C07-B7958B77C8C6} : DHCPNameServer = 192.168.10.254TCP: Interfaces{94FC9818-1CAB-4F3E-9C07-B7958B77C8C6}140707C65602E4564777F627B602233663334333 : DHCPNameServer = 192.168.10.254TCP: Interfaces{94FC9818-1CAB-4F3E-9C07-B7958B77C8C6}34954514347354931443 : DHCPNameServer = 192.168.10.254TCP: Interfaces{94FC9818-1CAB-4F3E-9C07-B7958B77C8C6}350756564645F6573686642383643313 : DHCPNameServer = 192.168.10.254TCP: Interfaces{94FC9818-1CAB-4F3E-9C07-B7958B77C8C6}4505D2C494E4B4 : DHCPNameServer = 192.168.10.254TCP: Interfaces{9790064E-12C9-4DDB-9931-0F383D7D9C7B} : DHCPNameServer = 192.168.2.1 192.168.2.1TCP: Interfaces{9F7C5756-12EE-4EFC-BE0B-DB917B224556} : DHCPNameServer = 192.168.10.254TCP: Interfaces{9F7C5756-12EE-4EFC-BE0B-DB917B224556}350756564645F6573686835313635353 : DHCPNameServer = 192.168.10.254TCP: Interfaces{B45D93ED-9D61-414B-A9FB-2EC605EA0C29} : DHCPNameServer = 192.168.10.254TCP: Interfaces{B45D93ED-9D61-414B-A9FB-2EC605EA0C29}34954514532413547343 : DHCPNameServer = 192.168.10.254TCP: Interfaces{B45D93ED-9D61-414B-A9FB-2EC605EA0C29}34954514536434330353 : DHCPNameServer = 192.168.10.254TCP: Interfaces{BE9334C1-58AE-4235-A805-AE951538D54B} : DHCPNameServer = 192.168.10.254TCP: Interfaces{BE9334C1-58AE-4235-A805-AE951538D54B}34954514334373836453 : DHCPNameServer = 192.168.10.254TCP: Interfaces{BE9334C1-58AE-4235-A805-AE951538D54B}34954514733373236414 : DHCPNameServer = 192.168.10.254TCP: Interfaces{C1AFDD05-2DC5-4787-AA84-D34CBE9097D6} : DHCPNameServer = 192.168.10.254TCP: Interfaces{E2F97ED0-7C59-4F13-8092-461DC3651848} : DHCPNameServer = 192.168.10.254TCP: Interfaces{E2F97ED0-7C59-4F13-8092-461DC3651848}052756474797F564C697F564F627F514F57596D26496 : DHCPNameServer = 192.168.1.254 192.168.71.70TCP: Interfaces{E2F97ED0-7C59-4F13-8092-461DC3651848}34954514242343240303 : DHCPNameServer = 192.168.10.254TCP: Interfaces{E2F97ED0-7C59-4F13-8092-461DC3651848}34954514737303732324 : DHCPNameServer = 192.168.10.254Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:Program Files (x86)Common FilesMicrosoft SharedOFFICE14MSOXMLMF.DLLHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dllNotify: SDWinLogon - SDWinLogon.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:Program Files (x86)GoogleChromeApplication30.0.1599.101Installerchrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLLx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:Program FilesMicrosoft OfficeOffice14URLREDIR.DLLx64-Run: [synTPEnh] C:Program Files (x86)SynapticsSynTPSynTPEnh.exex64-Run: [bCSSync] "C:Program FilesMicrosoft OfficeOffice14BCSSync.exe" /DelayServicesx64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:Program FilesMicrosoft OfficeOffice14ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:Program FilesMicrosoft OfficeOffice14ONBttnIELinkedNotes.dllx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:Program FilesCommon FilesMicrosoft SharedOFFICE14MSOXMLMF.DLLx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-SSODL: WebCheck - <orphaned>x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL.============= SERVICES / DRIVERS ===============.R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:WindowsSystem32driversiusb3hcs.sys [2013-8-8 19224]R0 MpFilter;Microsoft Malware Protection Driver;C:WindowsSystem32driversMpFilter.sys [2013-6-18 247216]R0 NBVol;Nero Backup Volume Filter Driver;C:WindowsSystem32driversNBVol.sys [2013-8-27 72240]R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:WindowsSystem32driversNBVolUp.sys [2013-8-27 15920]R1 avkmgr;avkmgr;C:WindowsSystem32driversavkmgr.sys [2013-10-3 28600]R1 vwififlt;Virtual WiFi Filter Driver;C:WindowsSystem32driversvwififlt.sys [2009-7-14 59904]R2 AdobeARMservice;Adobe Acrobat Update Service;C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [2013-5-11 65640]R2 AMD External Events Utility;AMD External Events Utility;C:WindowsSystem32atiesrxx.exe [2013-8-8 235520]R2 AntiVirSchedulerService;Avira Scheduler;C:Program Files (x86)AviraAntiVir Desktopsched.exe [2013-10-3 84024]R2 AntiVirService;Avira Real-Time Protection;C:Program Files (x86)AviraAntiVir Desktopavguard.exe [2013-10-3 108088]R2 avgntflt;avgntflt;C:WindowsSystem32driversavgntflt.sys [2013-10-3 105344]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe [2013-8-8 13592]R2 IconMan_R;IconMan_R;C:Program Files (x86)RealtekRealtek PCIE Card ReaderRIconMan.exe [2013-8-8 2429544]R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:Program FilesInteliCLS ClientHeciServer.exe [2012-2-2 628448]R2 Intel® ME Service;Intel® ME Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsFWServiceIntelMeFWService.exe [2013-8-8 128280]R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsDALJhi_service.exe [2013-8-8 161560]R2 Realtek87B;Realtek87B;C:Program Files (x86)RealtekRTL8187 Wireless LAN UtilityRtlService.exe [2013-9-21 40960]R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:Program Files (x86)Spybot - Search & Destroy 2SDFSSvc.exe [2013-10-16 1817560]R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:Program Files (x86)Spybot - Search & Destroy 2SDUpdSvc.exe [2013-10-16 1033688]R2 TeamViewer8;TeamViewer 8;C:Program Files (x86)TeamViewerVersion8TeamViewer_Service.exe [2013-8-8 4153184]R2 UNS;Intel® Management and Security Application User Notification Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2013-8-8 363800]R2 VAIO Power Management;VAIO Power Management;C:Program FilesSonyVAIO Power ManagementSPMService.exe [2013-8-9 530088]R3 amdkmdag;amdkmdag;C:WindowsSystem32driversatikmdag.sys [2013-8-8 10732032]R3 amdkmdap;amdkmdap;C:WindowsSystem32driversatikmpag.sys [2013-8-8 328192]R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:WindowsSystem32driversAtihdW76.sys [2013-8-8 95248]R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:WindowsSystem32driversiusb3hub.sys [2013-8-8 356632]R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:WindowsSystem32driversiusb3xhc.sys [2013-8-8 789272]R3 MEIx64;Intel® Management Engine Interface ;C:WindowsSystem32driversHECIx64.sys [2012-7-17 62784]R3 osppsvc;Office Software Protection Platform;C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE [2010-1-9 4925184]R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:WindowsSystem32driversRtsPStor.sys [2013-8-8 339048]R3 RTL8167;Realtek 8167 NT Driver;C:WindowsSystem32driversRt64win7.sys [2013-8-9 675432]R3 SFEP;Sony Firmware Extension Parser;C:WindowsSystem32driversSFEP.sys [2013-8-9 14336]R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:WindowsSystem32driversvwifimp.sys [2009-7-14 17920]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576]S2 gupdate;Услуга на Google Актуализация (gupdate);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2013-8-8 116648]S2 NisDrv;Microsoft Network Inspection System;C:WindowsSystem32driversNisDrvWFP.sys [2012-8-30 139616]S2 SDWSCService;Spybot-S&D 2 Security Center Service;C:Program Files (x86)Spybot - Search & Destroy 2SDWSCSvc.exe [2013-10-16 171928]S2 SkypeUpdate;Skype Updater;C:Program Files (x86)SkypeUpdaterUpdater.exe [2013-6-21 162408]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2013-9-6 257416]S3 dmvsc;dmvsc;C:WindowsSystem32driversdmvsc.sys [2011-4-12 71168]S3 ggflt;SEMC USB Flash Driver Filter;C:WindowsSystem32driversggflt.sys [2013-9-24 14448]S3 gupdatem;Услуга на Google Актуализация (gupdatem);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2013-8-8 116648]S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:Program FilesMicrosoft OfficeOffice14GROOVE.EXE [2013-3-9 50921648]S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;C:WindowsSystem32driversnetr28ux.sys [2009-6-10 867328]S3 NisSrv;NisSrv;C:Program FilesMicrosoft Security ClientNisSrv.exe [2013-6-20 366600]S3 ose64;Office 64 Source Engine;C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2010-1-9 174440]S3 pwdrvio;pwdrvio;C:WindowsSystem32pwdrvio.sys [2013-8-15 19936]S3 pwdspio;pwdspio;C:WindowsSystem32pwdspio.sys [2013-8-15 13280]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:WindowsSystem32driversrdpvideominiport.sys [2013-8-9 19456]S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:WindowsSystem32driversrtl8187.sys [2013-7-9 448512]S3 Synth3dVsc;Synth3dVsc;C:WindowsSystem32driversSynth3dVsc.sys [2011-4-12 88960]S3 terminpt;Microsoft Remote Desktop Input Driver;C:WindowsSystem32driversterminpt.sys [2013-8-9 29696]S3 TsUsbFlt;TsUsbFlt;C:WindowsSystem32driversTsUsbFlt.sys [2013-8-9 57856]S3 TsUsbGD;Remote Desktop Generic USB Device;C:WindowsSystem32driversTsUsbGD.sys [2013-8-9 30208]S3 tsusbhub;tsusbhub;C:WindowsSystem32driverstsusbhub.sys [2011-4-12 117248]S4 AntiVirWebService;Avira Web Protection;C:Program Files (x86)AviraAntiVir Desktopavwebgrd.exe [2013-10-3 815160].=============== Created Last 30 ================.2013-10-19 08:01:35 -------- d-----w- C:ProgramDataOracle2013-10-19 08:01:25 96168 ----a-w- C:WindowsSysWow64WindowsAccessBridge-32.dll2013-10-18 19:04:42 -------- d-----w- C:WindowsTempE05EC5CA-41D5-B3D7-9BD3-DE03C4DD67DB-Signatures2013-10-18 18:56:23 70656 ----a-w- C:WindowsSysWow64fontsub.dll2013-10-18 18:56:23 46080 ----a-w- C:WindowsSystem32atmlib.dll2013-10-18 18:56:23 41472 ----a-w- C:WindowsSystem32lpk.dll2013-10-18 18:56:23 368128 ----a-w- C:WindowsSystem32atmfd.dll2013-10-18 18:56:23 295424 ----a-w- C:WindowsSysWow64atmfd.dll2013-10-18 18:56:23 25600 ----a-w- C:WindowsSysWow64lpk.dll2013-10-18 18:56:23 14336 ----a-w- C:WindowsSystem32dciman32.dll2013-10-18 18:56:23 10240 ----a-w- C:WindowsSysWow64dciman32.dll2013-10-18 18:56:23 100864 ----a-w- C:WindowsSystem32fontsub.dll2013-10-18 18:56:22 34304 ----a-w- C:WindowsSysWow64atmlib.dll2013-10-18 18:18:13 785624 ----a-w- C:WindowsSystem32driversWdf01000.sys2013-10-18 18:17:02 3155968 ----a-w- C:WindowsSystem32win32k.sys2013-10-18 18:17:00 983488 ----a-w- C:WindowsSystem32driversdxgkrnl.sys2013-10-18 18:17:00 633856 ----a-w- C:WindowsSystem32comctl32.dll2013-10-18 18:17:00 530432 ----a-w- C:WindowsSysWow64comctl32.dll2013-10-16 10:47:52 -------- d-----w- C:ProgramDataSpybot - Search & Destroy2013-10-16 10:47:24 17272 ----a-w- C:WindowsSystem32sdnclean64.exe2013-10-16 10:47:19 -------- d-----w- C:Program Files (x86)Spybot - Search & Destroy 22013-10-16 10:34:57 -------- d-----w- C:Program FilesCCleaner2013-10-16 10:12:59 -------- d-----w- C:UsersJoroAppDataRoamingMalwarebytes2013-10-16 10:12:53 -------- d-----w- C:ProgramDataMalwarebytes2013-10-05 15:31:47 -------- d-----w- C:UsersJoroAppDataLocalAeria Games2013-10-05 15:31:27 -------- d-----w- C:ProgramDataAeria Games2013-10-05 15:25:09 -------- d-sh--w- C:WindowsSysWow64AI_RecycleBin2013-10-05 15:25:09 -------- d-----w- C:Program Files (x86)Aeria Games2013-10-04 06:43:41 -------- d-----w- C:Antony2013-10-03 16:49:45 81112 ----a-w- C:WindowsSystem32driversavnetflt.sys2013-10-03 11:00:16 -------- d-----w- C:UsersJoroAppDataRoamingAvira2013-10-03 10:48:37 28600 ----a-w- C:WindowsSystem32driversavkmgr.sys2013-10-03 10:48:37 105344 ----a-w- C:WindowsSystem32driversavgntflt.sys2013-10-03 10:48:36 -------- d-----w- C:ProgramDataAvira2013-10-03 10:48:36 -------- d-----w- C:Program Files (x86)Avira2013-10-03 06:31:03 119808 ----a-r- C:UsersJoroAppDataRoamingMicrosoftInstaller{CCF298AF-9CE1-4B26-B251-486E98A34789}icons.exe2013-10-03 06:31:03 -------- d-----w- C:UsersJoroAppDataLocalApps2013-10-03 05:20:09 -------- d-----w- C:UsersJoroAppDataLocalAkamai2013-10-03 05:20:08 -------- d-----w- C:AeriaGames2013-09-26 04:55:18 76232 ----a-w- C:ProgramDataMicrosoftMicrosoft AntimalwareDefinition Updates{29557A82-D0F0-4417-89B5-A068BE2D7351}offreg.dll2013-09-25 17:01:20 -------- d-----w- C:Program Files (x86)EASEUS2013-09-25 12:56:43 9694160 ----a-w- C:ProgramDataMicrosoftMicrosoft AntimalwareDefinition Updates{29557A82-D0F0-4417-89B5-A068BE2D7351}mpengine.dll2013-09-24 07:56:10 27760 ----a-w- C:WindowsSystem32driversggsemc.sys2013-09-24 07:56:10 14448 ----a-w- C:WindowsSystem32driversggflt.sys2013-09-24 07:55:49 -------- d-----w- C:ProgramDataSony Ericsson2013-09-24 07:55:32 -------- d-----w- C:Program Files (x86)Sony Ericsson2013-09-23 18:33:49 9694160 ----a-w- C:ProgramDataMicrosoftMicrosoft AntimalwareDefinition UpdatesBackupmpengine.dll.==================== Find3M ====================.2013-10-21 21:29:02 151552 ----a-w- C:WindowsKMSEmulator.exe2013-10-16 10:27:11 71048 ----a-w- C:WindowsSysWow64FlashPlayerCPLApp.cpl2013-10-16 10:27:11 692616 ----a-w- C:WindowsSysWow64FlashPlayerApp.exe2013-09-22 23:28:06 1767936 ----a-w- C:WindowsSysWow64wininet.dll2013-09-22 23:27:49 2876928 ----a-w- C:WindowsSysWow64jscript9.dll2013-09-22 23:27:48 61440 ----a-w- C:WindowsSysWow64iesetup.dll2013-09-22 23:27:48 109056 ----a-w- C:WindowsSysWow64iesysprep.dll2013-09-22 22:55:10 2241024 ----a-w- C:WindowsSystem32wininet.dll2013-09-22 22:54:51 3959296 ----a-w- C:WindowsSystem32jscript9.dll2013-09-22 22:54:50 67072 ----a-w- C:WindowsSystem32iesetup.dll2013-09-22 22:54:50 136704 ----a-w- C:WindowsSystem32iesysprep.dll2013-09-21 03:38:39 2706432 ----a-w- C:WindowsSystem32mshtml.tlb2013-09-21 03:30:24 2706432 ----a-w- C:WindowsSysWow64mshtml.tlb2013-09-21 02:48:36 89600 ----a-w- C:WindowsSystem32RegisterIEPKEYs.exe2013-09-21 02:39:47 71680 ----a-w- C:WindowsSysWow64RegisterIEPKEYs.exe2013-09-14 01:10:19 497152 ----a-w- C:WindowsSystem32driversafd.sys2013-09-08 02:30:37 1903552 ----a-w- C:WindowsSystem32driverstcpip.sys2013-09-08 02:27:14 327168 ----a-w- C:WindowsSystem32mswsock.dll2013-09-08 02:03:58 231424 ----a-w- C:WindowsSysWow64mswsock.dll2013-09-04 12:12:11 343040 ----a-w- C:WindowsSystem32driversusbhub.sys2013-09-04 12:11:51 325120 ----a-w- C:WindowsSystem32driversusbport.sys2013-09-04 12:11:49 99840 ----a-w- C:WindowsSystem32driversusbccgp.sys2013-09-04 12:11:43 52736 ----a-w- C:WindowsSystem32driversusbehci.sys2013-09-04 12:11:43 30720 ----a-w- C:WindowsSystem32driversusbuhci.sys2013-09-04 12:11:42 25600 ----a-w- C:WindowsSystem32driversusbohci.sys2013-09-04 12:11:40 7808 ----a-w- C:WindowsSystem32driversusbd.sys2013-08-29 02:17:48 5549504 ----a-w- C:WindowsSystem32ntoskrnl.exe2013-08-29 02:16:35 1732032 ----a-w- C:WindowsSystem32ntdll.dll2013-08-29 02:16:28 243712 ----a-w- C:WindowsSystem32wow64.dll2013-08-29 02:16:14 859648 ----a-w- C:WindowsSystem32tdh.dll2013-08-29 02:13:28 878080 ----a-w- C:WindowsSystem32advapi32.dll2013-08-29 01:51:45 3969472 ----a-w- C:WindowsSysWow64ntkrnlpa.exe2013-08-29 01:51:45 3914176 ----a-w- C:WindowsSysWow64ntoskrnl.exe2013-08-29 01:50:31 5120 ----a-w- C:WindowsSysWow64wow32.dll2013-08-29 01:50:30 1292192 ----a-w- C:WindowsSysWow64ntdll.dll2013-08-29 01:50:16 619520 ----a-w- C:WindowsSysWow64tdh.dll2013-08-29 01:48:17 640512 ----a-w- C:WindowsSysWow64advapi32.dll2013-08-29 01:48:15 44032 ----a-w- C:Windowsapppatchacwow64.dll2013-08-29 00:49:53 25600 ----a-w- C:WindowsSysWow64setup16.exe2013-08-29 00:49:52 7680 ----a-w- C:WindowsSysWow64instnm.exe2013-08-29 00:49:52 14336 ----a-w- C:WindowsSysWow64ntvdm64.dll2013-08-29 00:49:49 2048 ----a-w- C:WindowsSysWow64user.exe2013-08-28 01:12:33 461312 ----a-w- C:WindowsSystem32scavengeui.dll2013-08-08 21:00:15 0 ----a-w- C:Windowsativpsrm.bin2013-08-05 02:25:45 155584 ----a-w- C:WindowsSystem32driversataport.sys2013-08-02 02:14:57 215040 ----a-w- C:WindowsSystem32winsrv.dll2013-08-02 02:13:34 424448 ----a-w- C:WindowsSystem32KernelBase.dll2013-08-02 01:50:42 274944 ----a-w- C:WindowsSysWow64KernelBase.dll2013-08-02 01:09:17 338432 ----a-w- C:WindowsSystem32conhost.exe2013-08-02 00:59:09 112640 ----a-w- C:WindowsSystem32smss.exe2013-08-02 00:43:05 6144 ---ha-w- C:WindowsSysWow64api-ms-win-security-base-l1-1-0.dll2013-08-02 00:43:05 4608 ---ha-w- C:WindowsSysWow64api-ms-win-core-threadpool-l1-1-0.dll2013-08-02 00:43:05 3584 ---ha-w- C:WindowsSysWow64api-ms-win-core-xstate-l1-1-0.dll2013-08-02 00:43:05 3072 ---ha-w- C:WindowsSysWow64api-ms-win-core-util-l1-1-0.dll2013-07-25 09:25:54 1888768 ----a-w- C:WindowsSystem32WMVDECOD.DLL2013-07-25 08:57:27 1620992 ----a-w- C:WindowsSysWow64WMVDECOD.DLL.============= FINISH: 11:56:57,32 =============== ATTACH:.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-09-30.01).Microsoft Windows 7 Ultimate Boot Device: DeviceHarddiskVolume1Install Date: 8.8.2013 г. 22:31:51System Uptime: 20.10.2013 г. 10:54:47 (49 hours ago).Motherboard: Sony Corporation | | VAIOProcessor: Intel® Core i3-3110M CPU @ 2.40GHz | N/A | 2400/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 146 GiB total, 67,158 GiB free.D: is FIXED (NTFS) - 785 GiB total, 25,959 GiB free.E: is CDROM ()F: is CDROM (CDFS).==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP68: 18.10.2013 г. 12:43:48 - Installed CamCliCtrlRP69: 18.10.2013 г. 21:18:38 - Windows UpdateRP70: 18.10.2013 г. 22:04:09 - Windows UpdateRP71: 19.10.2013 г. 11:00:39 - Installed Java 7 Update 45RP72: 19.10.2013 г. 15:12:29 - Installed calibre 64bit.==== Installed Programs ======================.µTorrentAdobe Flash Player 11 ActiveXAdobe Reader XI (11.0.05)AEnglish Dictionary XP 1.72Aeria IgniteAkamai NetSession InterfaceAMD APP SDK RuntimeAMD Catalyst Install ManagerAvira Free AntivirusBS.Player FREEcalibre 64bitCamCliCtrlCatalyst Control CenterCatalyst Control Center - BrandingCatalyst Control Center Graphics Previews CommonCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishCCleanerCheat Engine 6.3Definition Update for Microsoft Office 2010 (KB982726) 64-Bit EditionDishonored © Bethesda Softworks version 1Dishonored The Brigmore WitchesDivinity II - DKSDriverPack Solution UpdaterEASEUS Data Recovery Wizard Professional 5.5.1F.E.A.R. OnlineFree YouTube to MP3 Converter version 3.12.9.725Google ChromeGoogle Update HelperHD Tune Pro 5.00HDD RegeneratorHeaven Benchmark version 4.0Intel® Control CenterIntel® Manageability Engine Firmware Recovery AgentIntel® Management Engine ComponentsIntel® Rapid Storage TechnologyIntel® USB 3.0 eXtensible Host Controller DriverIntel® Trusted Connect Service ClientJava 7 Update 45Java Auto UpdaterLost Planet 3Microsoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Groove MUI (English) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office Office 32-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional Plus 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 32-bit MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Word MUI (English) 2010Microsoft Security ClientMicrosoft Security EssentialsMicrosoft SilverlightMicrosoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Nero 8 MicroNero Backup DriversNVIDIA PhysXPowerISOQualcomm Atheros WiFi Driver InstallationRealtek PCIE Card ReaderREALTEK Wireless LAN Driver and UtilityRed Alert II & Yuri's RevengeSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)Security Update for Microsoft Excel 2010 (KB2826033) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687423) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826023) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826035) 64-Bit EditionSecurity Update for Microsoft Outlook 2010 (KB2794707) 64-Bit EditionService Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit EditionSkype™ 6.6Spybot - Search & DestroySynaptics Pointing Device DriverTeamViewer 8The Bureau: XCOM DeclassifiedTom Clancy's Splinter Cell® Blacklist™Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2836939)Update for Microsoft .NET Framework 4 Extended (KB2836939v3)Update for Microsoft Access 2010 (KB2553446) 64-Bit EditionUpdate for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2589298) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2589375) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2760598) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2794737) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2825640) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2826026) 64-Bit EditionUpdate for Microsoft OneNote 2010 (KB2810072) 64-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2553145) 64-Bit EditionUpdate for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit EditionUpdate for Microsoft Word 2010 (KB2827323) 64-Bit EditionUplayVLC media player 2.0.8VPMx64Windows 7 USB/DVD Download ToolWinRAR archiver.==== Event Viewer Messages From Past Week ========.19.10.2013 г. 18:16:38, Error: Disk [11] - The driver detected a controller error on DeviceHarddisk1DR2.19.10.2013 г. 00:29:07, Error: Service Control Manager [7003] - The Spybot-S&D 2 Security Center Service service depends the following service: wscsvc. This service might not be installed.19.10.2013 г. 00:28:59, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.19.10.2013 г. 00:28:59, Error: Service Control Manager [7003] - The Microsoft Network Inspection System service depends the following service: BFE. This service might not be installed.19.10.2013 г. 00:28:59, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.19.10.2013 г. 00:28:55, Error: Service Control Manager [7000] - The Microsoft Antimalware Service service failed to start due to the following error: Access is denied.18.10.2013 г. 22:09:09, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.132.0).18.10.2013 г. 22:04:51, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Security Essentials - KB2866337 (4.3.219.0).18.10.2013 г. 21:35:38, Error: Service Control Manager [7003] - The Spybot-S&D 2 Security Center Service service depends the following service: wscsvc. This service might not be installed.18.10.2013 г. 21:35:32, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.18.10.2013 г. 21:35:32, Error: Service Control Manager [7003] - The Microsoft Network Inspection System service depends the following service: BFE. This service might not be installed.18.10.2013 г. 21:35:32, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.18.10.2013 г. 21:35:26, Error: Service Control Manager [7000] - The Microsoft Antimalware Service service failed to start due to the following error: Access is denied.18.10.2013 г. 21:34:16, Error: Service Control Manager [7003] - The Spybot-S&D 2 Security Center Service service depends the following service: wscsvc. This service might not be installed.18.10.2013 г. 21:34:11, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.18.10.2013 г. 21:34:11, Error: Service Control Manager [7003] - The Microsoft Network Inspection System service depends the following service: BFE. This service might not be installed.18.10.2013 г. 21:34:11, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.18.10.2013 г. 21:34:05, Error: Service Control Manager [7000] - The Microsoft Antimalware Service service failed to start due to the following error: Access is denied.17.10.2013 г. 11:19:27, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Realtek87B service.17.10.2013 г. 11:19:03, Error: Service Control Manager [7003] - The Spybot-S&D 2 Security Center Service service depends the following service: wscsvc. This service might not be installed.17.10.2013 г. 11:18:55, Error: Service Control Manager [7003] - The Microsoft Network Inspection System service depends the following service: BFE. This service might not be installed.17.10.2013 г. 11:18:54, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.17.10.2013 г. 11:18:54, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.17.10.2013 г. 11:18:52, Error: Service Control Manager [7000] - The Microsoft Antimalware Service service failed to start due to the following error: Access is denied.16.10.2013 г. 13:25:22, Error: Service Control Manager [7003] - The Microsoft Network Inspection System service depends the following service: BFE. This service might not be installed.16.10.2013 г. 13:25:21, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.16.10.2013 г. 13:25:21, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.16.10.2013 г. 13:25:20, Error: Service Control Manager [7000] - The Microsoft Antimalware Service service failed to start due to the following error: Access is denied.16.10.2013 г. 12:47:50, Error: Service Control Manager [7003] - The Microsoft Network Inspection System service depends the following service: BFE. This service might not be installed.16.10.2013 г. 12:47:50, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.16.10.2013 г. 12:47:49, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.16.10.2013 г. 12:47:44, Error: Service Control Manager [7000] - The Microsoft Antimalware Service service failed to start due to the following error: Access is denied..==== End Of File ===========================
  16. Здравейте, Проблема е че ми отваря Pagesinxt.com вместо www.lpfc.net. Няколко пъти ми отвори Pagesinxt.com вместо www.arenabg.com , но за сега проблема с арената изчезна и си се отваря нормално. Пробвах няколко спай клинара, но нито те нито антивирусната засича нещо. (На работа сме с офицялна антивирусна "Панда" и там също не открива проблем и страницата си е отваря нормално.) Операционата система на кокмпютърат ми е Win 7 64b SP 1. Ползвам IE 9 и Google chrome като браузери. DDS (Ver_2011-09-30.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.10.2Run by Gecata at 20:57:57 on 2013-01-11Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1033.18.8086.4417 [GMT 2:00].AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:Windowssystem32wininit.exeC:Windowssystem32lsm.exeC:Windowssystem32svchost.exe -k DcomLaunchC:Windowssystem32nvvsvc.exeC:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exeC:Windowssystem32svchost.exe -k RPCSSC:WindowsSystem32svchost.exe -k LocalServiceNetworkRestrictedC:WindowsSystem32svchost.exe -k LocalSystemNetworkRestrictedC:Windowssystem32svchost.exe -k netsvcsC:Windowssystem32svchost.exe -k LocalServiceC:Windowssystem32svchost.exe -k NetworkServiceC:Program FilesAVAST SoftwareAvastAvastSvc.exeC:Program FilesNVIDIA CorporationDisplaynvxdsync.exeC:Windowssystem32nvvsvc.exeC:Windowssystem32Dwm.exeC:WindowsSystem32spoolsv.exeC:Windowssystem32taskhost.exeC:Windowssystem32svchost.exe -k LocalServiceNoNetworkC:Program Files (x86)Common FilesAdobeARM1.0armsvc.exeC:Program FilesInteliCLS ClientHeciServer.exeC:Program Files (x86)IntelIntel® Management Engine ComponentsFWServiceIntelMeFWService.exeC:Program FilesIntelIntel® Smart Connect Technology AgentiSCTAgent.exeC:Program Files (x86)IntelIntel® Management Engine ComponentsDALjhi_service.exeC:Windowssystem32svchost.exe -k imgsvcC:Program FilesMicrosoft Mouse and Keyboard Centeritype.exeC:Program FilesMicrosoft Mouse and Keyboard Centeripoint.exeC:Program Files (x86)IntelIntel® USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exeC:Program FilesAVAST SoftwareAvastAvastUI.exeC:Program Files (x86)Common FilesJavaJava Updatejusched.exeC:Windowssystem32SearchIndexer.exeC:Program FilesWindows Media Playerwmpnetwk.exeC:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonationC:WindowsSystem32svchost.exe -k LocalServicePeerNetC:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exeC:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exeC:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exeC:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exeC:WindowsSystem32svchost.exe -k secsvcsC:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exeC:Windowsexplorer.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)Mumblemumble.exeC:GamesWoTWorldOfTanks.exeC:Program Files (x86)SkypePhoneSkype.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Windowssystem32NOTEPAD.EXEC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Windowssystem32taskeng.exeC:Windowssystem32conhost.exeC:Windowssystem32wbemwmiprvse.exeC:WindowsSystem32cscript.exe.============== Pseudo HJT Report ===============.uStart Page = about:blankmWinlogon: Userinit = c:windowssyswow64userinit.exe,BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre7binssv.dllBHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7binjp2ssv.dllTB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dllmRun: [iAStorIcon] C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIconLaunch.exe "C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe" 60mRun: [uSB3MON] "C:Program Files (x86)IntelIntel® USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe"mRun: [avast] "C:Program FilesAVAST SoftwareAvastavastUI.exe" /noguimRun: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe"mRun: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe"mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cabTCP: NameServer = 77.77.167.55 77.77.167.56TCP: Interfaces{7DD19921-7956-473B-8D87-F6F7737B03B7} : DHCPNameServer = 77.77.167.55 77.77.167.56Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dllSSODL: WebCheck - <orphaned>x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dllx64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dllx64-Run: [igfxTray] C:WindowsSystem32igfxtray.exex64-Run: [HotKeysCmds] C:WindowsSystem32hkcmd.exex64-Run: [Persistence] C:WindowsSystem32igfxpers.exex64-Run: [intelliType Pro] "C:Program FilesMicrosoft Mouse and Keyboard Centeritype.exe"x64-Run: [intelliPoint] "C:Program FilesMicrosoft Mouse and Keyboard Centeripoint.exe"x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R0 asahci64;asahci64;C:WindowsSystem32driversasahci64.sys [2011-9-21 49760]R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:WindowsSystem32driversiusb3hcs.sys [2012-12-17 16152]R1 AsrAppCharger;AsrAppCharger;C:WindowsSystem32driversAsrAppCharger.sys [2012-12-17 17192]R1 aswSnx;aswSnx;C:WindowsSystem32driversaswSnx.sys [2012-12-18 984144]R1 aswSP;aswSP;C:WindowsSystem32driversaswSP.sys [2012-12-18 370288]R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:WindowsSystem32driversHWiNFO64A.SYS [2012-12-18 29672]R2 AdobeARMservice;Adobe Acrobat Update Service;C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [2012-12-18 65192]R2 aswFsBlk;aswFsBlk;C:WindowsSystem32driversaswFsBlk.sys [2012-12-18 25232]R2 aswMonFlt;aswMonFlt;C:WindowsSystem32driversaswMonFlt.sys [2012-12-18 71600]R2 avast! Antivirus;avast! Antivirus;C:Program FilesAVAST SoftwareAvastAvastSvc.exe [2012-12-18 44808]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe [2012-12-17 13632]R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:Program FilesInteliCLS ClientHeciServer.exe [2012-2-2 628448]R2 Intel® ME Service;Intel® ME Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsFWServiceIntelMeFWService.exe [2012-12-17 128280]R2 ISCTAgent;ISCT Always Updated Agent;C:Program FilesIntelIntel® Smart Connect Technology AgentiSCTAgent.exe [2012-2-9 133632]R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsDALJhi_service.exe [2012-12-17 161560]R2 nvUpdatusService;NVIDIA Update Service Daemon;C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe [2012-12-17 1260472]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe [2012-12-29 383416]R2 UNS;Intel® Management and Security Application User Notification Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2012-12-17 363800]R3 asmthub3;ASMedia USB3 Hub Service;C:WindowsSystem32driversasmthub3.sys [2011-3-4 126952]R3 asmtxhci;ASMEDIA XHCI Service;C:WindowsSystem32driversasmtxhci.sys [2011-3-4 390632]R3 ikbevent;Intel Upper keyboard Class Filter Driver;C:WindowsSystem32driversikbevent.sys [2012-2-9 25536]R3 imsevent;Intel Upper Mouse Class Filter Driver;C:WindowsSystem32driversimsevent.sys [2012-2-9 25536]R3 IntcDAud;Intel® Display Audio;C:WindowsSystem32driversIntcDAud.sys [2012-12-17 331264]R3 ISCT;Intel® Smart Connect Technology Device Driver;C:WindowsSystem32driversISCTD64.sys [2012-2-9 44992]R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:WindowsSystem32driversiusb3hub.sys [2012-12-17 356120]R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:WindowsSystem32driversiusb3xhc.sys [2012-12-17 788760]R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:WindowsSystem32driversk57nd60a.sys [2011-5-9 425000]R3 MEIx64;Intel® Management Engine Interface ;C:WindowsSystem32driversHECIx64.sys [2012-12-17 60184]R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);C:WindowsSystem32driversWPRO_41_2001.sys [2012-12-17 34752]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576]S2 gupdate;Google Update Service (gupdate);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2012-12-17 116648]S2 SkypeUpdate;Skype Updater;C:Program Files (x86)SkypeUpdaterUpdater.exe [2012-11-9 160944]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-12-17 251400]S3 cphs;Intel® Content Protection HECI Service;C:WindowsSysWOW64IntelCpHeciSvc.exe [2012-12-17 276288]S3 dmvsc;dmvsc;C:WindowsSystem32driversdmvsc.sys [2010-11-21 71168]S3 gupdatem;Google Update Service (gupdatem);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2012-12-17 116648]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:WindowsSystem32driversrdpvideominiport.sys [2010-11-21 20992]S3 Synth3dVsc;Synth3dVsc;C:WindowsSystem32driversSynth3dVsc.sys [2010-11-21 88960]S3 terminpt;Microsoft Remote Desktop Input Driver;C:WindowsSystem32driversterminpt.sys [2010-11-21 34816]S3 TsUsbFlt;TsUsbFlt;C:WindowsSystem32driversTsUsbFlt.sys [2010-11-21 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:WindowsSystem32driversTsUsbGD.sys [2010-11-21 31232]S3 tsusbhub;tsusbhub;C:WindowsSystem32driverstsusbhub.sys [2010-11-21 117248]S3 WatAdminSvc;Windows Activation Technologies Service;C:WindowsSystem32WatWatAdminSvc.exe [2012-7-13 1255736].=============== Created Last 30 ================.2013-01-11 17:37:12 -------- d-----w- C:WindowsERUNT2013-01-11 17:36:59 -------- d-----w- C:JRT2013-01-11 17:13:54 -------- d-----w- C:WindowsSystem32appmgmt2013-01-11 17:13:20 94656 ----a-w- C:WindowsSystem32WPRO_41_2001woem.tmp2013-01-11 16:55:07 -------- d-----w- C:Program FilesEnigma Software Group2013-01-11 16:54:58 -------- d-----w- C:Windows83B952C7F8F34CA3B4C533C85B24E478.TMP2013-01-11 16:54:58 -------- d-----w- C:Program Files (x86)Common FilesWise Installation Wizard2013-01-11 16:16:32 -------- d-----w- C:UsersGecataAppDataLocalOpera2013-01-11 16:04:30 -------- d-----w- C:UsersGecataAppDataRoamingMalwarebytes2013-01-11 16:04:22 -------- d-----w- C:ProgramDataMalwarebytes2013-01-11 16:04:10 -------- d-----w- C:UsersGecataAppDataLocalPrograms2013-01-11 15:55:34 9125352 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{6A13E628-C770-4918-A422-3073D816D9E4}mpengine.dll2013-01-09 18:11:09 -------- d-----w- C:Program FilesMicrosoft Mouse and Keyboard Center2013-01-08 19:25:09 9389888 ----a-w- C:WindowsSystem32nvcuda.dll2012-12-29 00:54:24 550328 ----a-w- C:WindowsSysWow64nvStreaming.exe2012-12-26 21:21:47 859072 ----a-w- C:WindowsSysWow64npDeployJava1.dll2012-12-26 21:21:47 779704 ----a-w- C:WindowsSysWow64deployJava1.dll2012-12-26 21:21:46 95184 ----a-w- C:WindowsSysWow64WindowsAccessBridge-32.dll2012-12-24 09:13:46 -------- d-----w- C:UsersGecataAppDataLocalElevatedDiagnostics2012-12-23 08:56:45 -------- d-----w- C:Program Files (x86)SpeedFan2012-12-22 20:49:26 -------- d-----w- C:UsersGecataAppDataLocalCrashDumps2012-12-21 15:47:07 46080 ----a-w- C:WindowsSystem32atmlib.dll2012-12-21 15:47:07 367616 ----a-w- C:WindowsSystem32atmfd.dll2012-12-21 15:47:07 34304 ----a-w- C:WindowsSysWow64atmlib.dll2012-12-21 15:47:07 295424 ----a-w- C:WindowsSysWow64atmfd.dll2012-12-19 08:37:39 -------- d-----w- C:UsersGecataAppDataLocalAdobe2012-12-18 20:49:15 29672 ----a-w- C:WindowsSystem32driversHWiNFO64A.SYS2012-12-18 20:48:52 -------- d-----w- C:Program FilesHWiNFO642012-12-18 19:28:10 5632 ----a-w- C:Program Files (x86)Common FilesInstallShieldProfessionalRunTime1150Intel32DotNetInstaller.exe2012-12-18 17:18:14 -------- d-----w- C:WindowsSystem32wbemFrameworkrootOpenHardwareMonitor2012-12-18 17:18:14 -------- d-----w- C:WindowsSystem32wbemFrameworkroot2012-12-18 17:18:14 -------- d-----w- C:WindowsSystem32wbemFramework2012-12-18 16:24:54 -------- d-----w- C:Program Files (x86)Winamp Detect2012-12-18 16:02:45 -------- d-----w- C:Program Files (x86)Common FilesPX Storage Engine2012-12-18 10:27:34 -------- d-----w- C:Program Files (x86)GRETECH2012-12-18 08:48:53 -------- d-----w- C:ProgramDataCurse Client2012-12-18 08:03:09 984144 ----a-w- C:WindowsSystem32driversaswSnx.sys2012-12-18 08:03:09 71600 ----a-w- C:WindowsSystem32driversaswMonFlt.sys2012-12-18 08:03:09 54072 ----a-w- C:WindowsSystem32driversaswRdr2.sys2012-12-18 08:03:02 41224 ----a-w- C:WindowsavastSS.scr2012-12-18 07:50:54 -------- d-----w- C:ProgramDataAVAST Software2012-12-18 07:50:54 -------- d-----w- C:Program FilesAVAST Software2012-12-18 07:42:11 9728 ----a-w- C:WindowsSystem32Wdfres.dll2012-12-18 07:42:11 785512 ----a-w- C:WindowsSystem32driversWdf01000.sys2012-12-18 07:42:11 54376 ----a-w- C:WindowsSystem32driversWdfLdr.sys2012-12-18 07:42:11 2560 ----a-w- C:WindowsSystem32driversen-USwdf01000.sys.mui2012-12-18 07:41:00 294912 ----a-w- C:WindowsSystem32browserchoice.exe2012-12-18 07:39:37 1659760 ----a-w- C:WindowsSystem32driversntfs.sys2012-12-18 07:36:24 2622464 ----a-w- C:WindowsSystem32wucltux.dll2012-12-18 07:36:22 99840 ----a-w- C:WindowsSystem32wudriver.dll2012-12-18 07:36:22 36864 ----a-w- C:WindowsSystem32wuapp.exe2012-12-18 07:36:22 186752 ----a-w- C:WindowsSystem32wuwebv.dll2012-12-18 07:15:33 -------- d-----w- C:WindowsPanther2012-12-17 22:40:12 -------- d-----w- C:UsersGecataAppDataRoamingWargaming.net2012-12-17 22:38:11 -------- d-----w- C:WindowsSysWow64directx2012-12-17 22:34:37 -------- d-----w- C:Program Files (x86)uTorrent2012-12-17 22:34:29 -------- d-----w- C:UsersGecataAppDataRoaminguTorrent2012-12-17 22:31:51 453456 ----a-w- C:WindowsSysWow64d3dx10_42.dll2012-12-17 22:31:51 235344 ----a-w- C:WindowsSysWow64d3dx11_42.dll2012-12-17 22:31:51 1892184 ----a-w- C:WindowsSysWow64D3DX9_42.dll2012-12-17 22:31:47 -------- d-----w- C:ProgramDataCCP2012-12-17 22:31:24 -------- d-----w- C:UsersGecataAppDataLocalCCP2012-12-17 22:24:17 -------- d-----w- C:Games2012-12-17 22:20:35 -------- d-----w- C:UsersGecataAppDataRoamingNVIDIA2012-12-17 21:55:07 -------- d-----w- C:UsersGecataAppDataRoamingMumble2012-12-17 21:54:57 -------- d-----w- C:Program Files (x86)Mumble2012-12-17 21:51:04 -------- d-----w- C:UsersGecataAppDataLocalGoogle2012-12-17 21:50:59 -------- d-----w- C:UsersGecataAppDataLocalDeployment2012-12-17 21:50:59 -------- d-----w- C:UsersGecataAppDataLocalApps2012-12-17 21:46:37 -------- d-----r- C:Program Files (x86)Skype2012-12-17 21:45:11 -------- d-----w- C:Program Files (x86)NVIDIA Corporation2012-12-17 21:45:10 884152 ----a-w- C:WindowsSystem32nvvsvc.exe2012-12-17 21:45:10 63928 ----a-w- C:WindowsSystem32nvshext.dll2012-12-17 21:45:10 6382008 ----a-w- C:WindowsSystem32nvcpl.dll2012-12-17 21:45:10 3455416 ----a-w- C:WindowsSystem32nvsvc64.dll2012-12-17 21:45:10 118712 ----a-w- C:WindowsSystem32nvmctray.dll2012-12-17 21:45:06 -------- d-----w- C:ProgramDataNVIDIA Corporation2012-12-17 21:44:58 2824656 ----a-w- C:WindowsSystem32nvapi64.dll2012-12-17 21:44:58 2504248 ----a-w- C:WindowsSysWow64nvapi.dll2012-12-17 21:44:58 20450232 ----a-w- C:WindowsSysWow64nvoglv32.dll2012-12-17 21:44:58 1813432 ----a-w- C:WindowsSystem32nvdispco64.dll2012-12-17 21:44:58 1504696 ----a-w- C:WindowsSystem32nvdispgenco64.dll2012-12-17 21:44:45 -------- d-----w- C:Program FilesNVIDIA Corporation2012-12-17 21:44:34 -------- d-----w- C:NVIDIA2012-12-17 21:43:28 74248 ----a-w- C:WindowsSysWow64FlashPlayerCPLApp.cpl2012-12-17 21:43:28 697864 ----a-w- C:WindowsSysWow64FlashPlayerApp.exe2012-12-17 21:38:47 -------- d-----w- C:Program Files (x86)Common FilesIntel Corporation2012-12-17 21:36:19 17192 ----a-w- C:WindowsSystem32driversAsrAppCharger.sys2012-12-17 21:36:18 -------- d-----w- C:Program FilesASRock Utility2012-12-17 21:36:05 34752 ----a-w- C:WindowsSystem32driversWPRO_41_2001.sys2012-12-17 21:35:03 -------- d-----w- C:Program Files (x86)ASM106xSATA2012-12-17 21:34:14 -------- d-----w- C:Program Files (x86)ASM104xUSB32012-12-17 21:34:04 16152 ----a-w- C:WindowsSystem32driversiusb3hcs.sys2012-12-17 21:33:58 788760 ----a-w- C:WindowsSystem32driversiusb3xhc.sys2012-12-17 21:33:57 356120 ----a-w- C:WindowsSystem32driversiusb3hub.sys2012-12-17 21:32:35 15128 ----a-w- C:WindowsSystem32driversIntelMEFWVer.dll2012-12-17 21:32:15 -------- d-----w- C:UsersGecataAppDataRoamingIntel Corporation2012-12-17 21:31:42 -------- d-----w- C:Program Files (x86)Common FilespostureAgent2012-12-17 21:31:41 60184 ----a-w- C:WindowsSystem32driversHECIx64.sys2012-12-17 21:30:11 569152 ----a-w- C:WindowsSystem32driversiaStor.sys2012-12-17 21:30:03 -------- d-----w- C:Program FilesBroadcom2012-12-17 21:29:57 -------- d-sh--w- C:WindowsInstaller2012-12-17 21:24:44 53248 ----a-r- C:WindowsSysWow64CSVer.dll2012-12-17 21:24:38 -------- d-----w- C:Intel2012-12-17 21:23:34 1698408 ----a-r- C:WindowsRtlExUpd.dll2012-12-17 21:23:34 -------- d-----w- C:Program Files (x86)Temp2012-12-17 21:23:33 757760 ----a-w- C:Program Files (x86)Common FilesInstallShieldProfessionalRunTime1150Intel32iKernel.dll2012-12-17 21:23:33 69715 ----a-w- C:Program Files (x86)Common FilesInstallShieldProfessionalRunTime1150Intel32ctor.dll2012-12-17 21:23:33 65024 ----a-w- C:Program Files (x86)Common FilesInstallShieldProfessionalRunTime1150Intel32ISBEW64.exe2012-12-17 21:23:33 32768 ----a-w- C:Program Files (x86)Common FilesInstallShieldProfessionalRunTimeObjectps.dll2012-12-17 21:23:33 274432 ----a-w- C:Program Files (x86)Common FilesInstallShieldProfessionalRunTime1150Intel32iscript.dll2012-12-17 21:23:33 204800 ----a-w- C:Program Files (x86)Common FilesInstallShieldProfessionalRunTime1150Intel32iuser.dll2012-12-17 21:23:33 200836 ----a-w- C:Program Files (x86)Common FilesInstallShieldProfessionalRunTime1150Intel32iGdi.dll2012-12-17 21:23:32 331908 ----a-w- C:Program Files (x86)Common FilesInstallShieldProfessionalRunTime1150Intel32setup.dll.==================== Find3M ====================.2012-12-07 13:20:16 441856 ----a-w- C:WindowsSystem32Wpc.dll2012-12-07 13:15:31 2746368 ----a-w- C:WindowsSystem32gameux.dll2012-12-07 12:26:17 308736 ----a-w- C:WindowsSysWow64Wpc.dll2012-12-07 12:20:43 2576384 ----a-w- C:WindowsSysWow64gameux.dll2012-12-07 11:20:04 30720 ----a-w- C:WindowsSystem32usk.rs2012-12-07 11:20:03 43520 ----a-w- C:WindowsSystem32csrr.rs2012-12-07 11:20:03 23552 ----a-w- C:WindowsSystem32oflc.rs2012-12-07 11:20:01 45568 ----a-w- C:WindowsSystem32oflc-nz.rs2012-12-07 11:20:01 44544 ----a-w- C:WindowsSystem32pegibbfc.rs2012-12-07 11:20:01 20480 ----a-w- C:WindowsSystem32pegi-fi.rs2012-12-07 11:20:00 20480 ----a-w- C:WindowsSystem32pegi-pt.rs2012-12-07 11:19:59 20480 ----a-w- C:WindowsSystem32pegi.rs2012-12-07 11:19:58 46592 ----a-w- C:WindowsSystem32fpb.rs2012-12-07 11:19:57 40960 ----a-w- C:WindowsSystem32cob-au.rs2012-12-07 11:19:57 21504 ----a-w- C:WindowsSystem32grb.rs2012-12-07 11:19:57 15360 ----a-w- C:WindowsSystem32djctq.rs2012-12-07 11:19:56 55296 ----a-w- C:WindowsSystem32cero.rs2012-12-07 11:19:55 51712 ----a-w- C:WindowsSystem32esrb.rs2012-11-30 05:45:35 362496 ----a-w- C:WindowsSystem32wow64win.dll2012-11-30 05:45:35 243200 ----a-w- C:WindowsSystem32wow64.dll2012-11-30 05:45:35 13312 ----a-w- C:WindowsSystem32wow64cpu.dll2012-11-30 05:45:14 215040 ----a-w- C:WindowsSystem32winsrv.dll2012-11-30 05:43:12 16384 ----a-w- C:WindowsSystem32ntvdm64.dll2012-11-30 05:41:07 424448 ----a-w- C:WindowsSystem32KernelBase.dll2012-11-30 04:54:00 5120 ----a-w- C:WindowsSysWow64wow32.dll2012-11-30 04:53:59 274944 ----a-w- C:WindowsSysWow64KernelBase.dll2012-11-30 03:23:48 338432 ----a-w- C:WindowsSystem32conhost.exe2012-11-30 02:44:06 25600 ----a-w- C:WindowsSysWow64setup16.exe2012-11-30 02:44:04 7680 ----a-w- C:WindowsSysWow64instnm.exe2012-11-30 02:44:04 14336 ----a-w- C:WindowsSysWow64ntvdm64.dll2012-11-30 02:44:03 2048 ----a-w- C:WindowsSysWow64user.exe2012-11-30 02:38:59 6144 ---ha-w- C:WindowsSysWow64api-ms-win-security-base-l1-1-0.dll2012-11-30 02:38:59 4608 ---ha-w- C:WindowsSysWow64api-ms-win-core-threadpool-l1-1-0.dll2012-11-30 02:38:59 3584 ---ha-w- C:WindowsSysWow64api-ms-win-core-xstate-l1-1-0.dll2012-11-30 02:38:59 3072 ---ha-w- C:WindowsSysWow64api-ms-win-core-util-l1-1-0.dll2012-11-23 03:26:31 3149824 ----a-w- C:WindowsSystem32win32k.sys2012-11-23 03:13:57 68608 ----a-w- C:WindowsSystem32taskhost.exe2012-11-22 05:44:23 800768 ----a-w- C:WindowsSystem32usp10.dll2012-11-22 04:45:03 626688 ----a-w- C:WindowsSysWow64usp10.dll2012-11-20 05:48:49 307200 ----a-w- C:WindowsSystem32ncrypt.dll2012-11-20 04:51:09 220160 ----a-w- C:WindowsSysWow64ncrypt.dll2012-11-14 06:11:44 2312704 ----a-w- C:WindowsSystem32jscript9.dll2012-11-14 06:04:11 1392128 ----a-w- C:WindowsSystem32wininet.dll2012-11-14 06:02:49 1494528 ----a-w- C:WindowsSystem32inetcpl.cpl2012-11-14 05:57:46 599040 ----a-w- C:WindowsSystem32vbscript.dll2012-11-14 05:57:35 173056 ----a-w- C:WindowsSystem32ieUnatt.exe2012-11-14 05:52:40 2382848 ----a-w- C:WindowsSystem32mshtml.tlb2012-11-14 02:09:22 1800704 ----a-w- C:WindowsSysWow64jscript9.dll2012-11-14 01:58:15 1427968 ----a-w- C:WindowsSysWow64inetcpl.cpl2012-11-14 01:57:37 1129472 ----a-w- C:WindowsSysWow64wininet.dll2012-11-14 01:49:25 142848 ----a-w- C:WindowsSysWow64ieUnatt.exe2012-11-14 01:48:27 420864 ----a-w- C:WindowsSysWow64vbscript.dll2012-11-14 01:44:42 2382848 ----a-w- C:WindowsSysWow64mshtml.tlb2012-11-09 05:45:32 750592 ----a-w- C:WindowsSystem32win32spl.dll2012-11-09 05:45:09 2048 ----a-w- C:WindowsSystem32tzres.dll2012-11-09 04:43:04 492032 ----a-w- C:WindowsSysWow64win32spl.dll2012-11-09 04:42:49 2048 ----a-w- C:WindowsSysWow64tzres.dll2012-11-02 13:38:36 862664 ----a-w- C:WindowsSysWow64msvcr110.dll2012-11-02 13:38:36 828872 ----a-w- C:WindowsSystem32msvcr110.dll2012-11-02 13:38:36 661448 ----a-w- C:WindowsSystem32msvcp110.dll2012-11-02 13:38:36 534480 ----a-w- C:WindowsSysWow64msvcp110.dll2012-11-02 13:38:36 354264 ----a-w- C:WindowsSystem32vccorlib110.dll2012-11-02 13:38:36 251864 ----a-w- C:WindowsSysWow64vccorlib110.dll2012-11-02 05:59:11 478208 ----a-w- C:WindowsSystem32dpnet.dll2012-11-02 05:11:31 376832 ----a-w- C:WindowsSysWow64dpnet.dll2012-11-01 05:43:42 2002432 ----a-w- C:WindowsSystem32msxml6.dll2012-11-01 05:43:42 1882624 ----a-w- C:WindowsSystem32msxml3.dll2012-11-01 04:47:54 1389568 ----a-w- C:WindowsSysWow64msxml6.dll2012-11-01 04:47:54 1236992 ----a-w- C:WindowsSysWow64msxml3.dll2012-10-16 08:38:37 135168 ----a-w- C:WindowsapppatchAppPatch64AcXtrnal.dll2012-10-16 08:38:34 350208 ----a-w- C:WindowsapppatchAppPatch64AcLayers.dll2012-10-16 07:39:52 561664 ----a-w- C:WindowsapppatchAcLayers.dll.============= FINISH: 20:58:05,35 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-09-30.01).Microsoft Windows 7 Ultimate Boot Device: DeviceHarddiskVolume1Install Date: 17.12.2012 г. 23:18:48System Uptime: 11.1.2013 г. 19:35:20 (1 hours ago).Motherboard: ASRock | | Z77 Extreme4Processor: Intel® Core i5-3570K CPU @ 3.40GHz | CPUSocket | 3298/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 119 GiB total, 70,943 GiB free.D: is FIXED (NTFS) - 120 GiB total, 119,758 GiB free.E: is FIXED (NTFS) - 812 GiB total, 618,187 GiB free.F: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {4d36e968-e325-11ce-bfc1-08002be10318}Description: Intel® HD Graphics 4000Device ID: PCIVEN_8086&DEV_0162&SUBSYS_01621849&REV_093&11583659&0&10Manufacturer: Intel CorporationName: Intel® HD Graphics 4000PNP Device ID: PCIVEN_8086&DEV_0162&SUBSYS_01621849&REV_093&11583659&0&10Service: igfx.==== System Restore Points ===================.RP20: 4.1.2013 г. 17:30:07 - Windows UpdateRP21: 8.1.2013 г. 17:46:05 - Windows UpdateRP22: 9.1.2013 г. 19:41:51 - Windows UpdateRP23: 9.1.2013 г. 20:10:20 - Windows UpdateRP24: 9.1.2013 г. 20:11:05 - DCInstallRestorePointRP25: 11.1.2013 г. 18:30:29 - Windows UpdateRP26: 11.1.2013 г. 18:34:24 - Installed STOPzilla. Available with Windows Installer version 1.2 and later.RP27: 11.1.2013 г. 18:40:17 - StopZILLA! Restore Point.RP28: 11.1.2013 г. 19:13:45 - Removed SpyHunterRP29: 11.1.2013 г. 19:14:18 - Removed STOPzilla. Available with Windows Installer version 1.2 and later..==== Installed Programs ======================.µTorrent7-Zip 9.20 (x64 edition)Adobe Flash Player 11 ActiveXAdobe Reader XI (11.0.01)Asmedia ASM104x USB 3.0 Host Controller DriverAsmedia ASM106x SATA Host Controller DriverASRock App Charger v1.0.5avast! Free AntivirusBroadcom NetLink ControllerCurse ClientGOM PlayerGoogle ChromeGoogle Update HelperHWiNFO64 Version 4.08Intel® Control CenterIntel® Manageability Engine Firmware Recovery AgentIntel® Management Engine ComponentsIntel® OpenCL CPU RuntimeIntel® Processor GraphicsIntel® Rapid Storage TechnologyIntel® Smart Connect Technology 2.0 x64Intel® USB 3.0 eXtensible Host Controller DriverIntel® Trusted Connect Service ClientJava 7 Update 10Java Auto UpdaterMicrosoft .NET Framework 4 Client ProfileMicrosoft Mouse and Keyboard CenterMicrosoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Mumble 1.2.3NVIDIA 3D Vision Controller Driver 310.90NVIDIA 3D Vision Driver 310.90NVIDIA Control Panel 310.90NVIDIA Graphics Driver 310.90NVIDIA Install ApplicationNVIDIA PhysXNVIDIA PhysX System Software 9.12.1031NVIDIA Stereoscopic 3D DriverNVIDIA Update 1.11.3NVIDIA Update ComponentsSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Skype™ 6.0Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)WinampWinamp Detector Plug-in.==== End Of File =========================== Благодаря предварително за отделеното време.
  17. И така,обръщам се за вашата помощ,тъй като много пъти сте доказали,че си разбирате от работата колеги.Проблема е следния нещо от типа на дроупъра пълни диск С: и на него не остава място.Блокира и прегази avg internet security 2013,явно без особен зор,блоkира онлайн скенера на NOD32 а също и Malwarebytes Anti-malware.Успях да деинсталирам блокиралата AVG,пробвах да го ликвидирам с LIVE CD-Avira имаше временен ефект.Така,че опрях до вас и се надявам на помощ възможно най-бързо.Благодаря предварително!!!Ето и логовите DDS (Ver_2011-09-30.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2Run by NANI at 19:37:18 on 2012-12-19Microsoft Windows XP Professional 5.1.2600.3.1251.359.1033.18.991.534 [GMT 2:00]..============== Running Processes ================.C:WINDOWSsystem32spoolsv.exeC:WINDOWSExplorer.EXEC:Program FilesComodoDragondragon_updater.exeC:Program FilesJavajre7binjqs.exeC:WINDOWSsystem32wscntfy.exeC:WINDOWSSystem32alg.exeC:WINDOWStsnp325.exeC:WINDOWSvsnp325.exeC:WINDOWSSOUNDMAN.EXEC:Program FilesCommon FilesJavaJava Updatejusched.exeC:WINDOWSsystem32ctfmon.exeC:Program FilesSRWare Ironiron.exeC:Program FilesSRWare Ironiron.exeC:Program FilesSRWare Ironiron.exeC:WINDOWSsystem32wbemwmiprvse.exeC:WINDOWSSystem32svchost.exe -k netsvcsC:WINDOWSsystem32svchost.exe -k NetworkServiceC:WINDOWSsystem32svchost.exe -k imgsvcC:WINDOWSsystem32svchost.exe -k LocalService.============== Pseudo HJT Report ===============.uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1750559mStart Page = about:blankuURLSearchHooks: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:program filesbs_playerprxtbBS_P.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:program filesjavajre7binssv.dllBHO: AlterGeoBHO Class: {9BFBA68E-E21B-458E-AE12-FE85E903D2C0} - LocalServer32 - <no file>BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:program filesjavajre7binjp2ssv.dllBHO: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:program filesbs_playerprxtbBS_P.dllTB: BS Player Toolbar: {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - c:program filesbs_playerprxtbBS_P.dllTB: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:program filesbs_playerprxtbBS_P.dlluRun: [CTFMON.EXE] c:windowssystem32ctfmon.exemRun: [siSPower] Rundll32.exe SiSPower.dll,ModeAgentmRun: [tsnp325] c:windowstsnp325.exemRun: [snp325] c:windowsvsnp325.exemRun: [soundMan] SOUNDMAN.EXEmRun: [sunJavaUpdateSched] "c:program filescommon filesjavajava updatejusched.exe"dRun: [CTFMON.EXE] c:windowssystem32ctfmon.exedRunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32uPolicies-Explorer: NoDriveTypeAutoRun = dword:255mPolicies-Explorer: NoDriveTypeAutoRun = dword:145IE: E&xport to Microsoft Excel - c:progra~1micros~2office11EXCEL.EXE/3000IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option..DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1340927323640TCP: NameServer = 192.168.1.1TCP: Interfaces{1C28D9D8-E4AA-461B-A1A8-395F811E6798} : DHCPNameServer = 192.168.1.1Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:program filescommon filesskypeSkype4COM.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:windowssystem32wpdshserviceobj.dll.============= SERVICES / DRIVERS ===============.R0 DasBoot;Panda AntiMalware Support;SystemRootSystemRootsystem32driversDasBoot.SYS --> SystemRootSystemRootsystem32driversDasBoot.SYS [?]R0 DasBootF;Panda AntiMalware Support MF;SystemRootSystemRootsystem32driversDasBootF.SYS --> SystemRootSystemRootsystem32driversDasBootF.SYS [?]R0 PRSBDRVR;Nemesis Link;SystemRootSystemRootsystem32driversPRSBDRVR.SYS --> SystemRootSystemRootsystem32driversPRSBDRVR.SYS [?]R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:windowssystem32driverssfdrv01a.sys [2006-7-5 63352]R1 AmgHips;AmgHips;c:windowssystem32driversAmgHips.sys [2012-3-6 25248]R2 DragonUpdater;COMODO Dragon Update Service;c:program filescomododragondragon_updater.exe [2012-12-17 1868432]R3 SNP325;USB PC Camera (SNPSTD325);c:windowssystem32driverssnp325.sys [2012-3-7 10260864]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsmicrosoft.netframeworkv4.0.30319mscorsvw.exe [2010-3-18 130384]S2 gupdate;Услуга на Google Актуализация (gupdate);c:program filesgoogleupdateGoogleUpdate.exe [2012-4-15 116648]S2 SkypeUpdate;Skype Updater;c:program filesskypeupdaterUpdater.exe [2012-11-9 160944]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:windowssystem32macromedflashFlashPlayerUpdateService.exe [2012-6-4 250808]S3 gupdatem;Услуга на Google Актуализация (gupdatem);c:program filesgoogleupdateGoogleUpdate.exe [2012-4-15 116648]S3 MBAMSwissArmy;MBAMSwissArmy;c:windowssystem32driversmbamswissarmy.sys [2012-12-19 40776]S3 WinRM;Windows Remote Management (WS-Management);c:windowssystem32svchost.exe -k WINRM [2008-4-14 14336]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:windowsmicrosoft.netframeworkv4.0.30319wpfWPFFontCache_v0400.exe [2010-3-18 753504].=============== Created Last 30 ================.2012-12-19 17:22:31 42760 ----a-w- c:windowssystem32certsentry.dll2012-12-19 17:22:31 -------- d-----w- c:documents and settingsnanilocal settingsapplication dataCOMODO2012-12-19 17:08:46 -------- d-----w- c:documents and settingsall usersapplication dataComodo2012-12-19 17:08:25 -------- d-----w- c:program filesComodo2012-12-19 06:39:52 40776 ----a-w- c:windowssystem32driversmbamswissarmy.sys2012-12-18 22:51:44 -------- d-----w- c:documents and settingsnaniapplication dataIObit2012-12-18 21:26:28 -------- d-----w- c:windowssystem32cache2012-12-18 20:47:53 -------- d-----r- c:program filesSkype2012-12-18 16:51:16 -------- d-----w- c:documents and settingsnaniapplication dataAVG2012-12-18 16:50:33 -------- d-----w- c:documents and settingsall usersapplication dataAVG2012-12-18 16:50:13 -------- d-sh--w- c:documents and settingsall usersapplication data{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}2012-12-18 16:47:44 -------- d-----w- c:documents and settingsnaniapplication dataTuneUp Software2012-12-18 00:06:45 -------- d-----w- c:program filesGlary Utilities2012-12-18 00:06:45 -------- d-----w- c:documents and settingsnaniapplication dataGlarySoft2012-12-18 00:02:46 -------- d-----w- c:documents and settingsnaniapplication dataMalwarebytes2012-12-17 21:41:44 -------- d-----w- c:program filesDustBuster2012-12-17 06:54:39 8872 ----a-w- c:windowssystem32driversDasBootI.SYS2012-12-17 06:54:39 8872 ----a-w- c:windowssystem32driversDasBootE.SYS2012-12-17 06:54:39 59048 ----a-w- c:windowssystem32driversDasBootF.SYS2012-12-17 06:54:39 30888 ----a-w- c:windowssystem32driversDasPtct.SYS2012-12-17 06:54:39 27304 ----a-w- c:windowssystem32driversDasBootK.SYS2012-12-17 06:54:39 -------- d-----w- c:windowssystem32DBBK2012-12-17 06:54:38 3072 ----a-w- c:windowssystem32driversDasBootD.SYS2012-12-17 06:54:38 27432 ----a-w- c:windowssystem32driversPRSBDRVR.SYS2012-12-17 06:54:38 237096 ----a-w- c:windowssystem32driversDasBootS.SYS2012-12-17 06:54:38 20648 ----a-w- c:windowssystem32driversDasBoot.SYS2012-12-17 00:54:42 4224 ----a-w- c:windowssystem32driversbeep.sys2012-12-17 00:15:08 -------- d-----w- c:documents and settingsall usersapplication dataBackup2012-12-12 12:06:04 16363960 ----a-w- c:windowssystem32FlashPlayerInstaller.exe2012-12-03 20:02:06 -------- d-----w- c:documents and settingsnanilocal settingsapplication dataMozilla2012-12-02 21:24:32 -------- d-----w- c:program filesESET2012-12-02 19:20:40 -------- d-----w- c:program filesSRWare Iron2012-11-26 22:27:22 -------- d-----w- c:documents and settingsnanilocal settingsapplication dataMFAData2012-11-26 22:27:22 -------- d-----w- c:documents and settingsall usersapplication dataMFAData2012-11-26 22:13:43 -------- d-----w- c:windowsSxsCaPendDel2012-11-26 17:50:52 181808 ----a-w- c:windowsRegBootClean.exe2012-11-26 17:29:23 92304 ----a-w- c:windowssystem32driverstmtdi.sys2012-11-22 00:32:25 -------- d-----w- c:documents and settingsnaniapplication dataMSNInstaller.==================== Find3M ====================.2012-12-12 13:05:39 73656 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl2012-12-12 13:05:39 697272 ----a-w- c:windowssystem32FlashPlayerApp.exe2012-11-13 01:25:12 1866368 ----a-w- c:windowssystem32win32k.sys2012-11-07 23:38:16 32640 ----a-w- c:windowssystem32driverscmdhlp.sys2012-11-07 23:38:14 497952 ----a-w- c:windowssystem32driverscmdGuard.sys2012-11-07 23:38:13 18096 ----a-w- c:windowssystem32driverscmderd.sys2012-11-07 23:37:35 34024 ----a-w- c:windowssystem32cmdcsr.dll2012-11-07 23:37:34 301264 ----a-w- c:windowssystem32guard32.dll2012-11-06 00:41:17 290560 ----a-w- c:windowssystem32atmfd.dll2012-11-02 02:02:42 375296 ----a-w- c:windowssystem32dpnet.dll2012-11-01 12:17:54 916992 ----a-w- c:windowssystem32wininet.dll2012-11-01 12:17:54 43520 ------w- c:windowssystem32licmgr10.dll2012-11-01 12:17:54 1469440 ------w- c:windowssystem32inetcpl.cpl2012-11-01 00:35:34 385024 ------w- c:windowssystem32html.iec2012-10-12 16:09:40 22400 ----a-w- c:windowssystem32RegistryDefragBootTime.exe2012-10-02 18:04:21 58368 ----a-w- c:windowssystem32synceng.dll2012-09-24 20:16:36 93672 ----a-w- c:windowssystem32WindowsAccessBridge.dll.============= FINISH: 19:37:27,76 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-09-30.01).Microsoft Windows XP ProfessionalBoot Device: DeviceHarddiskVolume1Install Date: 06.3.2012 г. 11:17:35System Uptime: 19.12.2012 г. 19:28:11 (0 hours ago).Motherboard: Foxconn | | 662 7MAProcessor: Intel® Pentium® 4 CPU 3.40GHz | Socket 775 | 3400/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 20 GiB total, 0,151 GiB free.D: is FIXED (NTFS) - 213 GiB total, 44,995 GiB free.E: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.No restore point in system..==== Installed Programs ======================.µTorrentПакет за съвместимост за системата Office 2007Adobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAshampoo Burning Studio 6 FREE v.6.80BS.Player FREECanon MP Navigator EX 1.0CCleanerComodo DragonDriver Genius Professional EditionDustBuster 2.9.5.1ESET Online Scanner v3Foxit ReaderGlary Utilities 2.51.0.1666Google Update HelperHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Java 7 Update 9Java Auto UpdaterJavaFX 2.1.1K-Lite Codec Pack 8.4.0 (Full)Microsoft .NET Framework 1.1Microsoft .NET Framework 1.1 Security Update (KB2656370)Microsoft .NET Framework 1.1 Security Update (KB2698023)Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 SP1Microsoft .NET Framework 4 Client ProfileMicrosoft Office Professional Edition 2003Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219PowerISORevo Uninstaller 1.94Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Windows Internet Explorer 7 (KB2544521)Security Update for Windows Internet Explorer 7 (KB2647516)Security Update for Windows Internet Explorer 7 (KB938127-v2)Security Update for Windows Internet Explorer 7 (KB958215)Security Update for Windows Internet Explorer 8 (KB2510531)Security Update for Windows Internet Explorer 8 (KB2544521)Security Update for Windows Internet Explorer 8 (KB2618444)Security Update for Windows Internet Explorer 8 (KB2647516)Security Update for Windows Internet Explorer 8 (KB2675157)Security Update for Windows Internet Explorer 8 (KB2699988)Security Update for Windows Internet Explorer 8 (KB2722913)Security Update for Windows Internet Explorer 8 (KB2744842)Security Update for Windows Internet Explorer 8 (KB2761465)Security Update for Windows Internet Explorer 8 (KB982381)Security Update for Windows XP (KB2510581)Security Update for Windows XP (KB923789)Security Update for Windows XP (KB975713)SiS Mirage GraphicsSkype™ 6.0SRWare Iron, версия 23.0.1300.0Unlocker 1.9.1Update for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Windows Internet Explorer 8 (KB2598845)Update for Windows Internet Explorer 8 (KB2632503)WebFldrs XPWinampWinDjView 1.0.3Windows Internet Explorer 7 Multilingual User Interface (MUI)Windows Internet Explorer 8Windows Management Framework CoreWinRAR 4.11 (32-bit)XnView 1.98.2.==== Event Viewer Messages From Past Week ========.19.12.2012 г. 19:31:30, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.19.12.2012 г. 19:17:51, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.19.12.2012 г. 17:31:07, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.19.12.2012 г. 17:29:44, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.19.12.2012 г. 17:29:44, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.19.12.2012 г. 17:29:44, error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: The system cannot find the file specified.19.12.2012 г. 14:58:41, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.19.12.2012 г. 14:57:18, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.19.12.2012 г. 14:57:18, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.19.12.2012 г. 14:57:18, error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: The system cannot find the file specified.19.12.2012 г. 14:57:01, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.19.12.2012 г. 12:51:14, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.19.12.2012 г. 12:49:50, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.19.12.2012 г. 12:49:50, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.19.12.2012 г. 11:47:28, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.19.12.2012 г. 11:46:06, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.19.12.2012 г. 10:10:23, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.19.12.2012 г. 10:08:58, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.19.12.2012 г. 10:08:58, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.19.12.2012 г. 00:20:53, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.19.12.2012 г. 00:19:29, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.18.12.2012 г. 21:27:19, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.18.12.2012 г. 21:25:57, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.18.12.2012 г. 21:13:58, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.18.12.2012 г. 21:12:34, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.18.12.2012 г. 21:07:30, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.18.12.2012 г. 21:06:07, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.18.12.2012 г. 20:52:02, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.18.12.2012 г. 20:50:39, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.18.12.2012 г. 20:50:39, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.18.12.2012 г. 18:44:46, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.18.12.2012 г. 18:43:23, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.18.12.2012 г. 18:43:23, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.18.12.2012 г. 13:18:58, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.18.12.2012 г. 13:17:35, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.18.12.2012 г. 13:17:35, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.18.12.2012 г. 02:01:42, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.18.12.2012 г. 02:00:19, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.18.12.2012 г. 02:00:19, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.18.12.2012 г. 01:15:34, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.18.12.2012 г. 01:14:10, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.18.12.2012 г. 01:14:10, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.18.12.2012 г. 00:21:59, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.18.12.2012 г. 00:20:36, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.18.12.2012 г. 00:20:36, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.18.12.2012 г. 00:20:28, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.18.12.2012 г. 00:17:28, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:17:26, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:17:25, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:58, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:57, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:56, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:55, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:54, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:52, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:51, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:50, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:49, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:48, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:47, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:46, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:45, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:44, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:43, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:42, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:40, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:39, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:38, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:37, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:36, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:35, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:34, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:32, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:11:31, error: Service Control Manager [7024] - The AVG Брандмауэр service terminated with service-specific error 3758162007 (0xE0010057).18.12.2012 г. 00:09:52, error: Service Control Manager [7034] - The AVGIDSAgent service terminated unexpectedly. It has done this 1 time(s).17.12.2012 г. 23:59:45, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: uagp3517.12.2012 г. 23:59:45, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.17.12.2012 г. 23:58:11, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.17.12.2012 г. 23:13:37, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.17.12.2012 г. 23:04:50, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).17.12.2012 г. 22:51:40, error: EventLog [6004] - A driver packet received from the I/O subsystem was invalid. The data is the packet.17.12.2012 г. 19:26:10, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.17.12.2012 г. 15:17:37, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.17.12.2012 г. 09:05:43, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.17.12.2012 г. 08:59:36, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.17.12.2012 г. 03:06:45, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.17.12.2012 г. 02:54:42, error: Service Control Manager [7000] - The Beep service failed to start due to the following error: The maximum number of secrets that may be stored in a single system has been exceeded.17.12.2012 г. 02:19:10, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.17.12.2012 г. 02:06:36, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.17.12.2012 г. 01:12:34, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: uagp3517.12.2012 г. 01:12:34, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.17.12.2012 г. 01:10:57, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.17.12.2012 г. 00:55:46, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.17.12.2012 г. 00:27:16, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for ImagePath with the following error: Access is denied.17.12.2012 г. 00:27:13, error: Service Control Manager [7000] - The Beep service failed to start due to the following error: Access is denied.17.12.2012 г. 00:25:57, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.17.12.2012 г. 00:16:05, error: Service Control Manager [7000] - The Beep service failed to start due to the following error: The maximum number of secrets that may be stored in a single system has been exceeded.17.12.2012 г. 00:02:49, error: Service Control Manager [7000] - The Beep service failed to start due to the following error: The maximum number of secrets that may be stored in a single system has been exceeded.16.12.2012 г. 23:41:29, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.16.12.2012 г. 23:25:53, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.16.12.2012 г. 19:46:18, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.16.12.2012 г. 19:44:55, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.16.12.2012 г. 19:44:55, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.16.12.2012 г. 15:17:34, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.16.12.2012 г. 15:16:11, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.16.12.2012 г. 15:16:11, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.16.12.2012 г. 11:10:21, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.16.12.2012 г. 11:08:58, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.16.12.2012 г. 11:08:58, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.16.12.2012 г. 10:00:44, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.16.12.2012 г. 09:59:21, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.16.12.2012 г. 09:59:21, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.16.12.2012 г. 09:35:15, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.16.12.2012 г. 09:33:51, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.16.12.2012 г. 09:33:51, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.16.12.2012 г. 08:23:15, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.16.12.2012 г. 08:21:51, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.16.12.2012 г. 08:21:51, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.15.12.2012 г. 23:53:09, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: uagp3515.12.2012 г. 23:53:09, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.15.12.2012 г. 23:51:45, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.15.12.2012 г. 23:51:45, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.15.12.2012 г. 21:18:34, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.15.12.2012 г. 21:17:12, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.15.12.2012 г. 21:17:12, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.15.12.2012 г. 17:58:08, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.15.12.2012 г. 17:56:46, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.15.12.2012 г. 17:56:46, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.15.12.2012 г. 08:33:57, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.15.12.2012 г. 08:32:35, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.15.12.2012 г. 08:32:35, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.15.12.2012 г. 08:32:19, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.14.12.2012 г. 19:54:58, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.14.12.2012 г. 19:53:35, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.14.12.2012 г. 19:53:35, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.14.12.2012 г. 13:57:29, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.14.12.2012 г. 13:56:07, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.14.12.2012 г. 13:56:07, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.13.12.2012 г. 23:12:07, error: Service Control Manager [7000] - The Beep service failed to start due to the following error: The maximum number of secrets that may be stored in a single system has been exceeded.13.12.2012 г. 18:45:18, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.13.12.2012 г. 18:43:55, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.13.12.2012 г. 18:43:55, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.13.12.2012 г. 15:11:25, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.13.12.2012 г. 15:10:00, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.13.12.2012 г. 15:10:00, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.12.12.2012 г. 22:26:15, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.12.12.2012 г. 22:24:51, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.12.12.2012 г. 22:24:51, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.12.12.2012 г. 13:46:08, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.12.12.2012 г. 13:44:45, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.12.12.2012 г. 13:44:45, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.12.12.2012 г. 07:29:25, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.12.12.2012 г. 07:28:02, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.12.12.2012 г. 07:28:02, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied..==== End Of File ===========================Това е!
  18. Без да искам стартирах един съмнителен файл извън "сандъка" и се оказа миньор, премахнах го, но искам мнение дали системата е изчистена напълно. Благодаря предварително за отделеното време!! DDS (Ver_2011-09-30.01) - NTFS_x86 Internet Explorer: 9.11.9600.16428 BrowserJavaVersion: 10.45.2Run by Andrei at 12:14:25 on 2013-12-04Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1026.18.2048.802 [GMT 2:00].SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ================.C:Windowssystem32wininit.exeC:Windowssystem32lsm.exeC:Program FilesBitdefenderBitdefendervsserv.exeC:Program FilesCreativeShared FilesCTAudSvc.exeC:WindowsSystem32spoolsv.exeC:Windowssystem32taskhost.exeC:Windowssystem32Dwm.exeC:WindowsExplorer.EXEC:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXEC:Windowssystem32taskeng.exeC:Program FilesMicrosoft Mouse and Keyboard Centeritype.exeC:Program FilesMicrosoft Mouse and Keyboard Centeripoint.exeC:Program FilesBitdefenderBitdefenderupdatesrv.exeC:WindowsSystem32rundll32.exeC:Program FilesBitdefenderBitdefenderbdagent.exeC:Program FilesCyberGhost 5Service.exeC:Program FilesATI TechnologiesATI.ACECore-StaticMOM.exeC:Program FilesATI TechnologiesATI.ACECore-StaticCCC.exeC:Program FilesOpera18.0.1284.49opera.exeC:Program FilesOpera18.0.1284.49opera.exeC:Program FilesOpera18.0.1284.49opera.exeC:Program FilesOpera18.0.1284.49opera.exeC:Program FilesOpera18.0.1284.49opera.exeC:Program FilesOpera18.0.1284.49opera.exeC:Program FilesBitdefenderBitdefenderseccenter.exeC:Windowssystem32sppsvc.exeC:Windowssystem32conhost.exeC:Windowssystem32wbemwmiprvse.exeC:Windowssystem32svchost.exe -k DcomLaunchC:Windowssystem32svchost.exe -k RPCSSC:WindowsSystem32svchost.exe -k LocalServiceNetworkRestrictedC:WindowsSystem32svchost.exe -k LocalSystemNetworkRestrictedC:Windowssystem32svchost.exe -k LocalServiceC:Windowssystem32svchost.exe -k netsvcsC:Windowssystem32svchost.exe -k GPSvcGroupC:Windowssystem32svchost.exe -k NetworkServiceC:Windowssystem32svchost.exe -k LocalServiceNoNetworkC:WindowsSystem32svchost.exe -k HPZ12C:WindowsSystem32svchost.exe -k HPZ12C:Windowssystem32svchost.exe -k imgsvcC:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted.============== Pseudo HJT Report ===============.uStart Page = hxxps://www.google.bg/mStart Page = about:blankuProxyServer = 200.31.172.35:8080BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:program filescommon filesadobeacrobatactivexAcroIEHelperShim.dllBHO: Bitdefender Wallet: {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - c:program filesbitdefenderbitdefenderpmbxie.dllBHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:program filesjavajre7binssv.dllBHO: Adobe Acrobat Create PDF Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:program filescommon filesadobeacrobatwcieactivexAcroIEFavClient.dllBHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - c:program fileslogitechsetpointpSetPointSmooth.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:program filesmicrosoft officeoffice14URLREDIR.DLLBHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:program filesjavajre7binjp2ssv.dllBHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:program filescommon filesadobeacrobatwcieactivexAcroIEFavClient.dllBHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - c:program filesadblock plus for ieAdblockPlus32.dllTB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:program filescommon filesadobeacrobatwcieactivexAcroIEFavClient.dllTB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:program filescommon filesadobeacrobatwcieactivexAcroIEFavClient.dllmRun: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntrymRun: [Bdagent] "c:program filesbitdefenderbitdefenderbdagent.exe"mRun: [StartCCC] "c:program filesati technologiesati.acecore-staticCLIStart.exe" MSRundRun: [Bitdefender Wallet Agent] "c:program filesbitdefenderbitdefenderpmbxag.exe"dRun: [Bitdefender Wallet] "c:program filesbitdefenderbitdefenderpwdmanui.exe" --hidden --nowizarddRun: [Bitdefender Wallet Application Agent] "c:program filesbitdefenderbitdefenderbdapppassmgr.exe"uPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-System: ConsentPromptBehaviorAdmin = dword:0mPolicies-System: ConsentPromptBehaviorUser = dword:0mPolicies-System: EnableLUA = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0IE: &Експортиране към Microsoft Excel - c:progra~1micros~2office14EXCEL.EXE/3000IE: Append Link Target to Existing PDF - c:program filescommon filesadobeacrobatwcieactivexAcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Append to Existing PDF - c:program filescommon filesadobeacrobatwcieactivexAcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert Link Target to Adobe PDF - c:program filescommon filesadobeacrobatwcieactivexAcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert to Adobe PDF - c:program filescommon filesadobeacrobatwcieactivexAcroIEFavClient.dll/AcroIECapture.htmlDPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1379945116496DPF: {7B43048F-DA7A-458F-AF35-D825BDBB6816} - hxxp://83.143.145.93/codebase/NetVideoOCX.cabDPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cabDPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cabTCP: Interfaces{EB592CC3-457B-41D9-A37D-9829A8F0C2DA} : NameServer = 93.152.128.1,93.152.160.5Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:program filescommon filesmicrosoft sharedoffice14MSOXMLMF.DLLHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:program filescommon filesskypeSkype4COM.dllNotify: LBTWlgn - c:program filescommon fileslogishrdbluetoothLBTWlgn.dllSSODL: WebCheck - <orphaned>SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:program filessuperantispywareSASSEH.DLLmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:program filesgooglechromeapplication31.0.1650.57installerchrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome.============= SERVICES / DRIVERS ===============.R0 avc3;avc3;c:windowssystem32driversavc3.sys [2013-10-8 640560]R0 Bhbase;Baidu Hook Base;c:windowssystem32driversBhbase.sys [2013-9-23 47456]R0 gzflt;gzflt;c:windowssystem32driversgzflt.sys [2013-10-8 165744]R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:program filescommon filesbitdefenderbitdefender firewallbdfndisf6.sys [2013-10-8 78144]R1 bdfwfpf;bdfwfpf;c:program filescommon filesbitdefenderbitdefender firewallbdfwfpf.sys [2013-10-8 90704]R1 SASDIFSV;SASDIFSV;c:program filessuperantispywaresasdifsv.sys [2011-7-22 12880]R1 SASKUTIL;SASKUTIL;c:program filessuperantispywareSASKUTIL.SYS [2011-7-12 67664]R2 CGVPNCliService;CyberGhost VPN 5 Client Service;c:program filescyberghost 5Service.exe [2013-12-1 26600]R2 osppsvc;Office Software Protection Platform;c:program filescommon filesmicrosoft sharedofficesoftwareprotectionplatformOSPPSVC.EXE [2010-1-9 4640000]R2 UPDATESRV;Bitdefender Desktop Update Service;c:program filesbitdefenderbitdefenderupdatesrv.exe [2013-10-16 54424]R3 amdiox86;AMD IO Driver;c:windowssystem32driversamdiox86.sys [2013-3-9 37944]R3 amdkmdag;amdkmdag;c:windowssystem32driversatikmdag.sys [2013-4-30 10070016]R3 amdkmdap;amdkmdap;c:windowssystem32driversatikmpag.sys [2013-4-30 290304]R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:windowssystem32driversAtihdW73.sys [2012-5-14 86656]R3 avchv;avchv Function Driver;c:windowssystem32driversavchv.sys [2013-3-9 242504]R3 avckf;avckf;c:windowssystem32driversavckf.sys [2013-10-8 490144]R3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;c:windowssystem32driversBazisVirtualCDBus.sys [2011-6-4 117584]R3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32driversRt86win7.sys [2013-9-1 669912]S3 AMD External Events Utility;AMD External Events Utility;c:windowssystem32atiesrxx.exe [2013-4-30 217088]S3 AMD FUEL Service;AMD FUEL Service;c:program filesati technologiesati.acefuelFuel.Service.exe [2012-11-16 291840]S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:windowssystem32driversb57nd60x.sys [2009-7-14 229888]S3 bdfwfpf_pc;bdfwfpf_pc;c:program filescommon filesbitdefenderbitdefender firewallbdfwfpf_pc.sys [2013-10-8 108008]S3 BDSandBox;BDSandBox;c:windowssystem32driversbdsandbox.sys [2013-10-8 66832]S3 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsmicrosoft.netframeworkv4.0.30319mscorsvw.exe [2013-9-11 105144]S3 DLKRT32;D-Link DGE-528T Gigabit Ethernet Adapter Driver;c:windowssystem32driversDLKRT32.sys [2013-3-10 277608]S3 dmvsc;dmvsc;c:windowssystem32driversdmvsc.sys [2011-4-12 62464]S3 ggflt;SEMC USB Flash Driver Filter;c:windowssystem32driversggflt.sys [2013-3-30 12400]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:windowssystem32ieetwcollector.exe [2013-11-7 108032]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys [2013-3-9 14848]S3 Sony PC Companion;Sony PC Companion;c:program filessonysony pc companionPCCService.exe [2013-3-11 155824]S3 Synth3dVsc;Synth3dVsc;c:windowssystem32driversSynth3dVsc.sys [2011-4-12 77184]S3 TeamViewer9;TeamViewer 9;c:program filesteamviewerversion9TeamViewer_Service.exe [2013-12-3 5316448]S3 terminpt;Microsoft Remote Desktop Input Driver;c:windowssystem32driversterminpt.sys [2013-3-9 24064]S3 TsUsbFlt;TsUsbFlt;c:windowssystem32driversTsUsbFlt.sys [2013-11-13 49152]S3 TsUsbGD;Remote Desktop Generic USB Device;c:windowssystem32driversTsUsbGD.sys [2013-3-9 27136]S3 tsusbhub;tsusbhub;c:windowssystem32driverstsusbhub.sys [2011-4-12 112640]S3 WatAdminSvc;Услуга на технологиите за активиране на Windows;c:windowssystem32watWatAdminSvc.exe [2013-3-9 1343400]S4 !SASCORE;SAS Core Service;c:program filessuperantispywareSASCore.exe [2013-5-23 119056]S4 AdobeARMservice;Adobe Acrobat Update Service;c:program filescommon filesadobearm1.0armsvc.exe [2012-9-23 65192]S4 BdDesktopParental;Bitdefender Desktop Parental Control;c:program filesbitdefenderbitdefenderbdparentalservice.exe [2013-10-16 69880]S4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:program filescommon filescreative labs sharedserviceCTAELicensing.exe [2013-3-9 79360]S4 gupdate;Услуга на Google Актуализация (gupdate);c:program filesgoogleupdateGoogleUpdate.exe [2013-3-9 116648]S4 gupdatem;Услуга на Google Актуализация (gupdatem);c:program filesgoogleupdateGoogleUpdate.exe [2013-3-9 116648].=============== File Associations ===============.ShellExec: Opera.exe: open="c:program filesoperaLauncher.exe" "%1".=============== Created Last 30 ================.2013-12-03 09:54:18 -------- d-----w- c:program filesCCleaner2013-12-03 06:58:49 -------- d-----w- c:program filesUnlockroot2013-12-01 10:37:55 -------- d-----w- c:usersandreiappdatalocalCyberGhost2013-12-01 10:37:37 -------- d-----w- c:program filesTAP-Windows2013-12-01 10:37:12 -------- d-----w- c:program filesCyberGhost 52013-11-30 08:15:59 53248 ----a-r- c:usersandreiappdataroamingmicrosoftinstaller{3ee9bcae-e9a9-45e5-9b1c-83a4d357e05c}ARPPRODUCTICON.exe2013-11-30 08:14:45 -------- d-----w- c:usersandreiappdataroamingLogishrd2013-11-29 20:27:02 71048 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl2013-11-29 20:27:02 692616 ----a-w- c:windowssystem32FlashPlayerApp.exe2013-11-29 19:08:39 -------- d-----w- c:usersandreiappdatalocalMacromedia2013-11-28 19:48:35 63920 ----a-w- c:windowssystem32driversvmx_svga.sys2013-11-28 19:48:32 11440 ----a-w- c:windowssystem32driversvmmouse.sys2013-11-28 19:48:29 143344 ----a-w- c:windowssystem32driversvmhgfs.sys2013-11-28 19:48:26 98928 ----a-w- c:windowssystem32driversvmci.sys2013-11-28 19:48:23 25136 ----a-w- c:windowssystem32driversvmaudio.sys2013-11-28 19:48:20 107120 ----a-w- c:windowssystem32driversvm3dmp.sys2013-11-28 19:48:16 118784 ----a-w- c:windowssystem32driversE1G60I32.sys2013-11-28 19:48:10 39424 ----a-w- c:windowssystem32wpnpinst.exe2013-11-28 19:48:06 278528 ----a-w- c:windowssystem32unregmp2.exe2013-11-28 19:48:02 164352 ----a-w- c:windowssystem32SearchProtocolHost.exe2013-11-28 19:47:58 428032 ----a-w- c:windowssystem32SearchIndexer.exe2013-11-28 19:47:55 86528 ----a-w- c:windowssystem32SearchFilterHost.exe2013-11-28 19:47:51 180736 ----a-w- c:windowssystem32hwrreg.exe2013-11-28 19:47:49 34816 ----a-w- c:windowssystem32hwrcomp.exe2013-11-28 19:45:37 -------- d-----w- c:windowssystem32SPReview2013-11-28 19:45:33 386464 ----a-w- c:windowssystem32spoolprtprocsw32x86TPWinPrn.dll2013-11-28 19:45:30 22528 ----a-w- c:windowssystem32spoolprtprocsw32x86jnwppr.dll2013-11-28 19:43:04 -------- d-----w- c:windowssystem32EventProviders2013-11-28 19:41:00 27136 ----a-w- c:windowssystem32wsepno.dll2013-11-28 19:40:57 182272 ----a-w- c:windowssystem32wmpsrcwp.dll2013-11-28 19:40:53 105472 ----a-w- c:windowssystem32wmpshell.dll2013-11-28 19:40:50 144384 ----a-w- c:windowssystem32wmpps.dll2013-11-28 19:40:44 738816 ----a-w- c:windowssystem32wmpmde.dll2013-11-28 19:39:44 12625408 ----a-w- c:windowssystem32wmploc.DLL2013-11-28 19:39:33 1624064 ----a-w- c:windowssystem32WMPEncEn.dll2013-11-28 19:39:29 352256 ----a-w- c:windowssystem32wmpeffects.dll2013-11-28 19:39:25 299520 ----a-w- c:windowssystem32wmpdxm.dll2013-11-28 19:39:22 170496 ----a-w- c:windowssystem32WmpDui.dll2013-11-28 19:39:19 22528 ----a-w- c:windowssystem32wmpcm.dll2013-11-28 19:38:23 2048 ----a-w- c:windowssystem32wmerror.dll2013-11-28 19:38:20 63088 ----a-w- c:windowssystem32vsocklib.dll2013-11-28 19:38:17 16432 ----a-w- c:windowssystem32vmx_mode.dll2013-11-28 19:38:14 173232 ----a-w- c:windowssystem32vmx_fb.dll2013-11-28 19:38:11 50800 ----a-w- c:windowssystem32vmhgfs.dll2013-11-28 19:38:08 34416 ----a-w- c:windowssystem32vmGuestLibJava.dll2013-11-28 19:38:05 53360 ----a-w- c:windowssystem32vmGuestLib.dll2013-11-28 19:38:01 219248 ----a-w- c:windowssystem32vm3dum.dll2013-11-28 19:37:44 3223152 ----a-w- c:windowssystem32vm3dgl.dll2013-11-28 19:37:35 1548288 ----a-w- c:windowssystem32tquery.dll2013-11-28 19:37:32 111912 ----a-w- c:windowssystem32TPVMW32.dll2013-11-28 19:37:29 9072 ----a-w- c:windowssystem32TPVMMonUIjpn.dll2013-11-28 19:37:27 9064 ----a-w- c:windowssystem32TPVMMonUIdeu.dll2013-11-28 19:37:24 79176 ----a-w- c:windowssystem32TPVMMonUI.dll2013-11-28 19:37:21 9576 ----a-w- c:windowssystem32TPVMMonjpn.dll2013-11-28 19:37:18 23904 ----a-w- c:windowssystem32TPVMMondeu.dll2013-11-28 19:37:14 316736 ----a-w- c:windowssystem32TPVMMon.dll2013-11-28 19:37:09 484192 ----a-w- c:windowssystem32TPSvc.dll2013-11-28 19:37:06 144664 ----a-w- c:windowssystem32tprdpw32.dll2013-11-28 19:37:03 7168 ----a-w- c:windowssystem32sysprepMCE.dll2013-11-28 19:35:58 266752 ----a-w- c:windowssystem32MediaMetadataHandler.dll2013-11-28 19:27:30 -------- d-----w- c:windowsehome2013-11-28 19:17:56 -------- d-----w- c:programdataWeskysoft2013-11-28 19:17:21 -------- d-----w- c:program filesDLLSuite2013-11-20 18:58:45 -------- d-----r- c:program filesSkype2013-11-19 15:35:59 -------- d-----w- c:program filesFinalWire2013-11-13 16:38:00 74512 ----a-w- c:windowssystem32bdsandboxuiskin.dll2013-11-13 16:37:57 27168 ----a-w- c:windowssystem32bdsandboxuh.dll2013-11-13 16:04:42 32256 ----a-w- c:windowssystem32TsUsbGDCoInstaller.dll2013-11-13 16:04:41 53248 ----a-w- c:windowssystem32tsgqec.dll2013-11-13 16:04:41 50176 ----a-w- c:windowssystem32MsRdpWebAccess.dll2013-11-13 16:04:41 49152 ----a-w- c:windowssystem32driversTsUsbFlt.sys2013-11-13 16:04:41 17920 ----a-w- c:windowssystem32wksprtPS.dll2013-11-13 16:04:41 14336 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyExtension.dll2013-11-13 16:04:41 12800 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyControl.exe2013-11-13 16:04:40 855552 ----a-w- c:windowssystem32rdvidcrl.dll2013-11-13 16:04:40 76288 ----a-w- c:windowssystem32TSWbPrxy.exe2013-11-13 16:04:40 5698048 ----a-w- c:windowssystem32mstscax.dll2013-11-13 16:04:40 350208 ----a-w- c:windowssystem32wksprt.exe2013-11-13 16:04:40 1068544 ----a-w- c:windowssystem32mstsc.exe2013-11-07 21:08:21 -------- d-----w- c:program filesAdblock Plus for IE2013-11-05 17:00:26 -------- d-----w- c:usersandreiappdataroamingTeamViewer2013-11-05 16:55:30 -------- d-----w- c:program filesTeamViewer.==================== Find3M ====================.2013-11-30 08:15:45 16400 ----a-w- c:windowssystem32driversLNonPnP.sys2013-11-28 19:37:03 301568 ----a-w- c:windowssystem32srchadmin.dll2013-11-28 19:35:57 68096 ----a-w- c:windowssystem32Mcx2Svc.dll2013-11-28 19:35:54 87552 ----a-w- c:windowssystem32mcsrchPH.dll2013-11-28 19:35:51 727040 ----a-w- c:windowssystem32mcmde.dll2013-11-28 19:35:45 19968 ----a-w- c:windowssystem32jnwmon.dll2013-11-28 19:35:42 219648 ----a-w- c:windowssystem32iTVData.dll2013-11-28 19:35:39 18944 ----a-w- c:windowssystem32inetppui.dll2013-11-28 19:35:36 126464 ----a-w- c:windowssystem32inetpp.dll2013-11-28 19:35:22 4096 ----a-w- c:windowssystem32dxmasf.dll2013-11-28 19:35:19 18432 ----a-w- c:windowssystem32corpol.dll2013-11-28 19:35:16 73216 ----a-w- c:windowssystem32admparse.dll2013-11-28 19:35:13 131584 ----a-w- c:windowssystem32aaclient.dll2013-11-13 16:37:57 66832 ----a-w- c:windowssystem32driversbdsandbox.sys2013-10-16 05:12:49 94632 ----a-w- c:windowssystem32WindowsAccessBridge.dll2013-10-12 01:57:21 657920 ----a-w- c:windowssystem32nshwfp.dll2013-10-12 01:56:41 681472 ----a-w- c:windowssystem32IKEEXT.DLL2013-10-12 01:56:33 216576 ----a-w- c:windowssystem32FWPUCLNT.DLL2013-10-12 01:55:55 496128 ----a-w- c:windowssystem32BFE.DLL2013-10-08 10:44:55 72704 ----a-w- c:windowssystem32driversbdvedisk.sys2013-10-08 10:22:28 505454 ----a-w- c:programdata1381227585.bdinstall.bin2013-10-08 10:06:39 244742 ----a-w- c:programdata1381226742.bdinstall.bin2013-10-05 19:57:25 1168384 ----a-w- c:windowssystem32crypt32.dll2013-10-04 02:02:25 1796608 ----a-w- c:windowssystem32authui.dll2013-10-04 01:58:50 152576 ----a-w- c:windowssystem32SmartcardCredentialProvider.dll2013-10-04 01:56:25 168960 ----a-w- c:windowssystem32credui.dll2013-10-03 01:58:07 305152 ----a-w- c:windowssystem32gdi32.dll2013-10-02 02:46:11 3072 ----a-w- c:windowssystem32driversen-ustsusbflt.sys.mui2013-09-25 02:01:08 136640 ----a-w- c:windowssystem32driversksecpkg.sys2013-09-25 02:01:06 67520 ----a-w- c:windowssystem32driversksecdd.sys2013-09-25 01:57:53 792576 ----a-w- c:windowssystem32TSWorkspace.dll2013-09-25 01:57:46 99840 ----a-w- c:windowssystem32sspicli.dll2013-09-25 01:57:26 22016 ----a-w- c:windowssystem32secur32.dll2013-09-25 01:57:24 247808 ----a-w- c:windowssystem32schannel.dll2013-09-25 01:56:42 220160 ----a-w- c:windowssystem32ncrypt.dll2013-09-25 01:56:02 1038848 ----a-w- c:windowssystem32lsasrv.dll2013-09-25 00:49:20 22016 ----a-w- c:windowssystem32lsass.exe2013-09-25 00:49:18 15872 ----a-w- c:windowssystem32sspisrv.dll2013-09-24 03:04:56 357432 ----a-w- c:windowssystem32LavasoftProxy.dll2013-09-14 01:51:34 240576 ----a-w- c:windowssystem32driversnetio.sys2013-09-14 00:57:08 338944 ----a-w- c:windowssystem32driversafd.sys2013-09-11 18:21:54 863344 ----a-w- c:windowssystem32msvcr110_clr0400.dll2013-09-11 18:21:54 501872 ----a-w- c:windowssystem32msvcp110_clr0400.dll2013-09-11 18:21:54 28776 ----a-w- c:windowssystem32aspnet_counters.dll2013-09-11 18:21:54 18000 ----a-w- c:windowssystem32msvcr100_clr0400.dll2013-09-08 02:03:58 231424 ----a-w- c:windowssystem32mswsock.dll2013-09-07 02:06:48 1309120 ----a-w- c:windowssystem32driverstcpip.sys2013-09-07 02:06:39 187840 ----a-w- c:windowssystem32driversFWPKCLNT.SYS.============= FINISH: 12:14:48.55 ===============.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-09-30.01).Microsoft Windows 7 Ultimate Boot Device: DeviceHarddiskVolume1Install Date: 8.3.2013 г. 23:20:55System Uptime: 4.12.2013 г. 12:11:04 (0 hours ago).Motherboard: MICRO-STAR INTERNATIONAL CO., LTD | | MS-7100Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ | Socket 939 | 2500/250mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 112 GiB total, 89.29 GiB free.D: is FIXED (NTFS) - 5 GiB total, 1.916 GiB free.E: is FIXED (NTFS) - 60 GiB total, 53.519 GiB free.F: is FIXED (NTFS) - 634 GiB total, 136.958 GiB free.G: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.No restore point in system..==== Installed Programs ======================.µTorrent13101310_Help1310Trb32 Bit HP CIO Components InstallerAdblock Plus for IEAdblock Plus for IE (32-bit)Adobe Acrobat XI ProAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Shockwave Player 12.0AIDA64 Extreme v4.00AIO_CDB_ProductContextAIO_CDB_SoftwareAIO_ScanAMD Accelerated Video TranscodingAMD Catalyst Install ManagerAMD Drag and Drop TranscodingAMD FuelAMD Media Foundation DecodersAMD VISION Engine Control CenterAshampoo Burning Studio 2013 v.11.0.5Bitdefender Internet SecurityBufferChmCatalyst Control Center - BrandingCatalyst Control Center Graphics Previews CommonCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-utilityCCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishCCleanerCreative Audio Control PanelCreative Sound Blaster PropertiesCyberGhost 5Daum PotPlayer 1.5.40688Definition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDLL Suite 2013DocProcDriver FusioneRegFlashtoolfoobar2000 v1.2.8GetDizGoogle ChromeHashTab 5.1.0.23HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. BHPPhotoGadgetIntel(R) Update ManagerIntel® SSD ToolboxJava 7 Update 45Java Auto UpdaterLogitech SetPoint 6.61Malwarebytes Anti-Malware, версия 1.75.0.1300Microsoft .NET Framework 4.5.1Microsoft CorporationMicrosoft Mouse and Keyboard CenterMicrosoft Office Access MUI (Bulgarian) 2010Microsoft Office Excel MUI (Bulgarian) 2010Microsoft Office Groove MUI (Bulgarian) 2010Microsoft Office InfoPath MUI (Bulgarian) 2010Microsoft Office OneNote MUI (Bulgarian) 2010Microsoft Office Outlook MUI (Bulgarian) 2010Microsoft Office PowerPoint MUI (Bulgarian) 2010Microsoft Office Professional Plus 2010Microsoft Office Proof (Bulgarian) 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (German) 2010Microsoft Office Proof (Russian) 2010Microsoft Office Proofing (Bulgarian) 2010Microsoft Office Proofing Tools 2013 – българскиMicrosoft Office Publisher MUI (Bulgarian) 2010Microsoft Office Shared MUI (Bulgarian) 2010Microsoft Office Word MUI (Bulgarian) 2010Microsoft SilverlightMicrosoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)NetworkNVIDIA DriversOCR Software by I.R.I.S. 13.0Opera 12.16Opera Stable 18.0.1284.49ScanScreamer RadioSecurity Update for Microsoft Excel 2010 (KB2826033) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553284) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687423) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2760781) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826023) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826035) 32-Bit EditionSecurity Update for Microsoft Outlook 2010 (KB2837597) 32-Bit EditionService Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit EditionSkype™ 6.11Sony Ericsson Update EngineSony PC Companion 2.10.181SUPERAntiSpywareswMSMTAP-Windows 9.9.2TeamViewer 9ToolboxUltraISO Premium V9.6UnCleanerUnloadSupportUpdate for Microsoft Access 2010 (KB2553446) 32-Bit EditionUpdate for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589298) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589352) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589375) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2597087) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760598) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2794737) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2825640) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2826026) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2810072) 32-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2553145) 32-Bit EditionUpdate for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit EditionUpdate for Microsoft Word 2010 (KB2827323) 32-Bit EditionVista Shortcut ManagerVoodooShield version 1.27WebRegWinCDEmuWindows Media Player Firefox PluginWinRAR 5.00 (32-битова версия).==== Event Viewer Messages From Past Week ========.30.11.2013 г. 10:25:34, Error: Service Control Manager [7001] - Услуга WinHTTP Web Proxy Auto-Discovery Service зависи от услуга DHCP Client, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 10:25:32, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 10:25:32, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 10:25:31, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 10:19:25, Error: Service Control Manager [7001] - Услуга WinHTTP Web Proxy Auto-Discovery Service зависи от услуга DHCP Client, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 10:19:24, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 10:19:24, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 10:19:23, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 10:12:29, Error: Service Control Manager [7001] - Услуга WinHTTP Web Proxy Auto-Discovery Service зависи от услуга DHCP Client, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 10:12:27, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 10:12:27, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 10:12:26, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 10:07:34, Error: Service Control Manager [7001] - Услуга WinHTTP Web Proxy Auto-Discovery Service зависи от услуга DHCP Client, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 10:07:31, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}30.11.2013 г. 10:07:26, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 10:07:26, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}30.11.2013 г. 10:07:24, Error: Service Control Manager [7026] - Неуспешно зареждане на следния драйвер, който се активира с включване на компютъра или стартиране на системата: avc3 bdselfpr Bhbase discache gzflt SASDIFSV SASKUTIL spldr trufos Wanarpv630.11.2013 г. 10:07:24, Error: Service Control Manager [7001] - Услуга Creative Audio Service зависи от услуга Windows Audio, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира.30.11.2013 г. 10:07:24, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 10:07:24, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 09:51:45, Error: Service Control Manager [7001] - Услуга WinHTTP Web Proxy Auto-Discovery Service зависи от услуга DHCP Client, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 09:51:43, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 09:51:43, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 09:51:43, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 09:34:31, Error: Service Control Manager [7001] - Услуга WinHTTP Web Proxy Auto-Discovery Service зависи от услуга DHCP Client, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 09:34:29, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 09:34:29, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 09:34:29, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 09:27:42, Error: Service Control Manager [7001] - Услуга WinHTTP Web Proxy Auto-Discovery Service зависи от услуга DHCP Client, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 09:27:40, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 09:27:40, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.30.11.2013 г. 09:27:40, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.3.12.2013 г. 08:43:20, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}3.12.2013 г. 08:39:14, Error: Service Control Manager [7001] - Услуга Network List Service зависи от услуга Network Location Awareness, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира.3.12.2013 г. 08:39:14, Error: Service Control Manager [7001] - Услуга Network List Service зависи от услуга Network Location Awareness, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира.3.12.2013 г. 08:39:14, Error: Service Control Manager [7001] - Услуга Network List Service зависи от услуга Network Location Awareness, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира.3.12.2013 г. 08:39:14, Error: Service Control Manager [7001] - Услуга Network List Service зависи от услуга Network Location Awareness, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира.3.12.2013 г. 08:39:14, Error: Service Control Manager [7001] - Услуга Network List Service зависи от услуга Network Location Awareness, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира.3.12.2013 г. 08:39:14, Error: Service Control Manager [7001] - Услуга Network List Service зависи от услуга Network Location Awareness, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира.3.12.2013 г. 08:39:13, Error: Service Control Manager [7001] - Услуга Network List Service зависи от услуга Network Location Awareness, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира.3.12.2013 г. 08:39:13, Error: Service Control Manager [7001] - Услуга Network List Service зависи от услуга Network Location Awareness, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира.3.12.2013 г. 08:39:13, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}3.12.2013 г. 08:39:13, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}3.12.2013 г. 08:39:12, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}3.12.2013 г. 08:39:07, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}3.12.2013 г. 08:39:05, Error: Service Control Manager [7026] - Неуспешно зареждане на следния драйвер, който се активира с включване на компютъра или стартиране на системата: AFD avc3 BdfNdisf bdfwfpf bdselfpr Bhbase CSC DfsC discache gzflt NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx trufos Wanarpv6 WfpLwf ws2ifsl3.12.2013 г. 08:39:05, Error: Service Control Manager [7001] - Услуга Workstation зависи от услуга Network Store Interface Service, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира.3.12.2013 г. 08:39:05, Error: Service Control Manager [7001] - Услуга SMB MiniRedirector Wrapper and Engine зависи от услуга Redirected Buffering Sub Sysytem, която не може да бъде стартирана поради следната грешка: Свързано към системата устройство не функционира.3.12.2013 г. 08:39:05, Error: Service Control Manager [7001] - Услуга SMB 2.0 MiniRedirector зависи от услуга SMB MiniRedirector Wrapper and Engine, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира.3.12.2013 г. 08:39:05, Error: Service Control Manager [7001] - Услуга SMB 1.x MiniRedirector зависи от услуга SMB MiniRedirector Wrapper and Engine, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира.3.12.2013 г. 08:39:05, Error: Service Control Manager [7001] - Услуга Network Store Interface Service зависи от услуга NSI proxy service driver., която не може да бъде стартирана поради следната грешка: Свързано към системата устройство не функционира.3.12.2013 г. 08:39:05, Error: Service Control Manager [7001] - Услуга Network Location Awareness зависи от услуга Network Store Interface Service, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира.3.12.2013 г. 08:39:05, Error: Service Control Manager [7001] - Услуга IP Helper зависи от услуга Network Store Interface Service, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира.3.12.2013 г. 08:39:05, Error: Service Control Manager [7001] - Услуга DNS Client зависи от услуга Драйвер за поддържане на TDI при NetIO онаследяване, която не може да бъде стартирана поради следната грешка: Свързано към системата устройство не функционира.3.12.2013 г. 08:39:05, Error: Service Control Manager [7001] - Услуга DHCP Client зависи от услуга Ancillary Function Driver for Winsock, която не може да бъде стартирана поради следната грешка: Свързано към системата устройство не функционира.3.12.2013 г. 08:39:05, Error: Service Control Manager [7001] - Услуга CyberGhost VPN 5 Client Service зависи от услуга DHCP Client, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира.3.12.2013 г. 08:39:05, Error: Service Control Manager [7001] - Услуга Creative Audio Service зависи от услуга Windows Audio, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира.29.11.2013 г. 22:28:28, Error: Service Control Manager [7001] - Услуга WinHTTP Web Proxy Auto-Discovery Service зависи от услуга DHCP Client, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.29.11.2013 г. 22:28:26, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.29.11.2013 г. 22:28:26, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.29.11.2013 г. 22:28:26, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.29.11.2013 г. 22:24:26, Error: Service Control Manager [7001] - Услуга WinHTTP Web Proxy Auto-Discovery Service зависи от услуга DHCP Client, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.29.11.2013 г. 22:24:24, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.29.11.2013 г. 22:24:24, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.29.11.2013 г. 22:24:23, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.29.11.2013 г. 21:49:04, Error: Service Control Manager [7001] - Услуга WinHTTP Web Proxy Auto-Discovery Service зависи от услуга DHCP Client, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.29.11.2013 г. 21:49:02, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.29.11.2013 г. 21:49:02, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.29.11.2013 г. 21:49:01, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.29.11.2013 г. 17:27:32, Error: Service Control Manager [7001] - Услуга WinHTTP Web Proxy Auto-Discovery Service зависи от услуга DHCP Client, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.29.11.2013 г. 17:27:30, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.29.11.2013 г. 17:27:30, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.29.11.2013 г. 17:27:29, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.29.11.2013 г. 08:30:59, Error: Schannel [36888] - The following fatal alert was generated: 43. The internal error state is 552.29.11.2013 г. 08:30:59, Error: Schannel [36876] - The certificate received from the remote server has not validated correctly. The error code is 0x80092013. The SSL connection request has failed. The attached data contains the server certificate.29.11.2013 г. 08:30:56, Error: Schannel [36888] - The following fatal alert was generated: 43. The internal error state is 552.29.11.2013 г. 08:30:56, Error: Schannel [36876] - The certificate received from the remote server has not validated correctly. The error code is 0x80092013. The SSL connection request has failed. The attached data contains the server certificate.29.11.2013 г. 08:30:54, Error: Schannel [36888] - The following fatal alert was generated: 43. The internal error state is 552.29.11.2013 г. 08:30:54, Error: Schannel [36876] - The certificate received from the remote server has not validated correctly. The error code is 0x80092013. The SSL connection request has failed. The attached data contains the server certificate.28.11.2013 г. 21:58:32, Error: Service Control Manager [7001] - Услуга WinHTTP Web Proxy Auto-Discovery Service зависи от услуга DHCP Client, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.28.11.2013 г. 21:58:30, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.28.11.2013 г. 21:58:30, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.28.11.2013 г. 21:58:29, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.28.11.2013 г. 21:54:39, Error: Service Control Manager [7001] - Услуга WinHTTP Web Proxy Auto-Discovery Service зависи от услуга DHCP Client, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.28.11.2013 г. 21:54:37, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.28.11.2013 г. 21:54:37, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.28.11.2013 г. 21:54:36, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.28.11.2013 г. 18:09:47, Error: Service Control Manager [7001] - Услуга WinHTTP Web Proxy Auto-Discovery Service зависи от услуга DHCP Client, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.28.11.2013 г. 18:09:45, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.28.11.2013 г. 18:09:45, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.28.11.2013 г. 18:09:45, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.28.11.2013 г. 08:38:46, Error: Service Control Manager [7001] - Услуга WinHTTP Web Proxy Auto-Discovery Service зависи от услуга DHCP Client, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.28.11.2013 г. 08:38:44, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.28.11.2013 г. 08:38:44, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.28.11.2013 г. 08:38:43, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.27.11.2013 г. 21:10:09, Error: Service Control Manager [7001] - Услуга WinHTTP Web Proxy Auto-Discovery Service зависи от услуга DHCP Client, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.27.11.2013 г. 21:10:06, Error: Service Control Manager [7001] - Услуга WinHTTP Web Proxy Auto-Discovery Service зависи от услуга DHCP Client, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.27.11.2013 г. 14:52:55, Error: Service Control Manager [7001] - Услуга WinHTTP Web Proxy Auto-Discovery Service зависи от услуга DHCP Client, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.27.11.2013 г. 14:52:53, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.27.11.2013 г. 14:52:53, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.27.11.2013 г. 14:52:52, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.27.11.2013 г. 08:19:45, Error: Service Control Manager [7001] - Услуга WinHTTP Web Proxy Auto-Discovery Service зависи от услуга DHCP Client, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.27.11.2013 г. 08:19:43, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.27.11.2013 г. 08:19:43, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея.27.11.2013 г. 08:19:42, Error: Service Control Manager [7001] - Услуга Computer Browser зависи от услуга Server, която не може да бъде стартирана поради следната грешка: Услугата не може да бъде стартирана, защото е дезактивирана или защото няма разрешени устройства, асоциирани с нея..==== End Of File ===========================
  19. Здравейте, имам лаптоп Тоshiba satellitе, който в последно време стана бавен когато съм в интернет. Попринцип отварям 10на таба и си работи ок, но сгеа зарежда бавно което ме наведе на мисълта, че имам вирус. Пуснах аваст да сканира и намери WIN 32 Malware gen. Не съм го трила от антивирусната,защото не знам дали може да го премахне както трябва. Мисля да сваля Malwarebytes' Anti-Malware да сканира. Ако може да ми помогнете да го изтрия и да проверя дали няма и други вируси. Благодаря DDS (Ver_2011-09-30.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16421 Run by VESELA at 15:01:41 on 2012-09-04 Microsoft Windows 7 Home Premium 6.1.7601.1.1251.359.1033.18.5607.3276 [GMT 3:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\WTouch\WTouchService.exe C:\Windows\system32\atieclxx.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Program Files\WTouch\WTouchUser.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\Explorer.EXE C:\Windows\system32\Pen_Tablet.exe C:\Windows\system32\WTablet\Pen_TabletUser.exe C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe C:\Windows\system32\Pen_Tablet.exe C:\Program Files\Toshiba\Power Saver\TPwrMain.exe C:\Program Files\Toshiba\FlashCards\TCrdMain.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Toshiba\TECO\Teco.exe C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe C:\Windows\system32\TODDSrv.exe C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe C:\Program Files\TOSHIBA\TECO\TecoService.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Windows\system32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe C:\Windows\system32\DllHost.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe c:\Program Files (x86)\Nero\Update\NASvc.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe C:\Windows\system32\taskeng.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA uSearch Bar = Preserve mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll uRun: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun mRun: [NBAgent] "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [iTSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START mRun: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui dRun: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP StartupFolder: C:\Users\VESELA\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\TRDCRE~1.LNK - C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TOSHIB~1.LNK - C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {97F922BD-8563-4184-87EE-8C4ACA438823} - {5D29E593-73A5-400A-B3BD-6B7A1AF05A31} - C:\Program Files\Toshiba\BulletinBoard\TosBBCom.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab TCP: NameServer = 192.168.94.1 85.187.216.3 TCP: Interfaces\{EC987100-A9DD-4878-87F3-047D0A4FDECD} : DHCPNameServer = 192.168.94.1 85.187.216.3 TCP: Interfaces\{EC987100-A9DD-4878-87F3-047D0A4FDECD}\34F6E6E6563647966697D20527F626F6F6B6 : DHCPNameServer = 192.168.210.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe x64-Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe x64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe x64-Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-IE: {97F922BD-8563-4184-87EE-8C4ACA438823} - {5D29E593-73A5-400A-B3BD-6B7A1AF05A31} - C:\Program Files\Toshiba\BulletinBoard\TosBBCom64.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\VESELA\AppData\Roaming\Mozilla\Firefox\Profiles\w9e33dcd.default\ FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-1-17 969200] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-1-17 359464] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2011-12-16 279616] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-10-10 204288] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-1-17 25232] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-1-17 71600] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-9-1 44808] R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200] R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-3-29 598312] R2 TabletServicePen;TabletServicePen;C:\Windows\System32\Pen_Tablet.exe [2012-8-27 5556520] R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-2-10 112080] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\Toshiba\TECO\TecoService.exe [2011-4-7 294328] R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\Windows\System32\drivers\TVALZFL.sys [2009-6-19 14472] R2 WTouchService;WTouch Service;C:\Program Files\WTouch\WTouchService.exe [2012-8-27 127784] R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2011-10-10 9263616] R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2011-10-10 300544] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-10-10 116752] R3 BtFilter;Bluetooth LowerFilter Class Filter Driver;C:\Windows\System32\drivers\btfilter.sys [2011-10-10 42096] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-2-9 77424] R3 PGEffect;Pangu effect driver;C:\Windows\System32\drivers\PGEffect.sys [2011-10-10 38096] R3 QIOMem;Generic IO & Memory Access;C:\Windows\System32\drivers\QIOMem.sys [2009-6-15 12800] R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-10-10 54136] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-8 137632] R3 TPCHSrv;TPCH Service;C:\Program Files\Toshiba\TPHM\TPCHSrv.exe [2011-7-1 828856] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-17 136176] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-30 250056] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-17 136176] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 51740536] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-26 114144] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864] S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864] S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-1-9 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-09-04 09:17:30 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0D145B5C-E7D9-4398-BE6D-6A363536D589}\offreg.dll 2012-09-04 08:13:06 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0D145B5C-E7D9-4398-BE6D-6A363536D589}\mpengine.dll 2012-09-02 21:50:45 73696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll 2012-08-27 14:37:14 290088 ------w- C:\Windows\System32\Touch_Tablet.dll 2012-08-27 14:37:14 245032 ------w- C:\Windows\SysWow64\Touch_Tablet.dll 2012-08-27 14:37:04 -------- d-----w- C:\Program Files (x86)\TabletPlugins 2012-08-27 14:36:36 7543592 ------w- C:\Windows\System32\PenTablet.cpl 2012-08-27 14:36:32 12848 ----a-w- C:\Windows\System32\drivers\wacommousefilter.sys 2012-08-27 14:36:25 15656 ----a-w- C:\Windows\System32\drivers\wacomvhid.sys 2012-08-27 14:36:16 -------- d-----w- C:\Windows\System32\WTablet 2012-08-27 14:35:55 284160 ------w- C:\Windows\SysWow64\Wintab32.dll 2012-08-27 14:35:54 490280 ------w- C:\Windows\System32\Pen_Tablet.dll 2012-08-27 14:35:54 416040 ------w- C:\Windows\SysWow64\Pen_Tablet.dll 2012-08-27 14:35:50 5556520 ------w- C:\Windows\System32\Pen_Tablet.exe 2012-08-17 14:18:29 503808 ----a-w- C:\Windows\System32\srcore.dll 2012-08-17 14:18:29 43008 ----a-w- C:\Windows\SysWow64\srclient.dll 2012-08-17 14:18:25 751104 ----a-w- C:\Windows\System32\win32spl.dll 2012-08-17 14:18:25 559104 ----a-w- C:\Windows\System32\spoolsv.exe 2012-08-17 14:18:24 67072 ----a-w- C:\Windows\splwow64.exe 2012-08-17 14:18:24 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll 2012-08-17 14:17:16 59392 ----a-w- C:\Windows\System32\browcli.dll 2012-08-17 14:17:16 41984 ----a-w- C:\Windows\SysWow64\browcli.dll 2012-08-17 14:17:16 136704 ----a-w- C:\Windows\System32\browser.dll 2012-08-17 14:17:13 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-08-17 14:17:12 956928 ----a-w- C:\Windows\System32\localspl.dll 2012-08-06 14:48:48 -------- d-----w- C:\Users\VESELA\AppData\Local\{A45595B8-0C41-48AF-8C87-26518E6E8AA4} 2012-08-06 14:48:47 -------- d-----w- C:\Users\VESELA\AppData\Local\{9C8EE35B-BAB7-463F-858E-E8AEFD05F3C6} . ==================== Find3M ==================== . 2012-08-21 09:13:13 969200 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2012-08-21 09:13:12 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2012-08-21 09:13:12 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2012-08-21 09:12:33 41224 ----a-w- C:\Windows\avastSS.scr 2012-08-17 15:59:22 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-17 15:59:22 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb . ============= FINISH: 15:02:29.14 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 16/12/2011 20:27:51 System Uptime: 04/09/2012 11:15:08 (4 hours ago) . Motherboard: AMD | | Torpedo Processor: AMD A6-3400M APU with Radeon™ HD Graphics | Socket FS1 | 896/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 297 GiB total, 234.012 GiB free. D: is FIXED (NTFS) - 298 GiB total, 185.554 GiB free. E: is CDROM () F: is CDROM () G: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP88: 17/08/2012 23:55:50 - Windows Update RP89: 21/08/2012 10:32:41 - Windows Update RP90: 24/08/2012 10:38:58 - Windows Update RP91: 28/08/2012 12:16:35 - Windows Update RP92: 04/09/2012 11:12:11 - Windows Update . ==== Installed Programs ====================== . µTorrent Adobe AIR Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe Camera Raw 4.0 Adobe Color Common Settings Adobe ExtendScript Toolkit 2 Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Help Viewer CS3 Adobe Illustrator CS4 Adobe Illustrator CS5 Adobe InDesign CS3 Adobe InDesign CS3 Icon Handler Adobe Linguistics CS3 Adobe Photoshop CS5 Adobe Reader X (10.1.4) MUI Adobe Setup Adobe SING CS3 Adobe Stock Photos CS3 Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS3 AMD VISION Engine Control Center Apple Application Support Apple Software Update ArchiCAD 15 R1 INT Atheros Bluetooth Filter Driver Package Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver Atheros Driver Installation Program ATI Catalyst Install Manager avast! Free Antivirus Bamboo Bandisoft MPEG-1 Decoder BBC iPlayer Desktop Bluetooth Stack for Windows by Toshiba Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Conexant HD Audio Control ActiveX Windows Live Mesh pentru conexiuni la distan?a D3DX10 DAEMON Tools Lite Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition doPDF 7.2 printer DTS+AC3 Filter Fotogalerija Windows Live Galerie foto Windows Live GOM Player Google Chrome Google Toolbar for Internet Explorer Google Update Helper High-Definition Video Playback Java Auto Updater Java™ 6 Update 20 Junk Mail filter update K-Lite Codec Pack 5.5.0 (64-bit) Kontrola Windows Live Mesh ActiveX za daljinske veze Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2010 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 32-bit MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Primary Interoperability Assemblies 2005 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Minilyrics Mozilla Firefox 15.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 10 Movie ThemePack Basic Nero BackItUp 10 Nero BackItUp 10 Help (CHM) Nero BurnRights 10 Nero BurnRights 10 Help (CHM) Nero Control Center 10 Nero ControlCenter 10 Help (CHM) Nero Core Components 10 Nero Express 10 Nero Express 10 Help (CHM) Nero InfoTool 10 Nero InfoTool 10 Help (CHM) Nero Kwik Media Nero Multimedia Suite 10 Essentials Nero RescueAgent 10 Nero RescueAgent 10 Help (CHM) Nero StartSmart 10 Nero StartSmart 10 Help (CHM) Nero Update NeroKwikMedia Help (CHM) PlayReady PC Runtime amd64 Posta Windows Live PowerArchiver 2010 QuickTime Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Excel 2010 (KB2597166) 64-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2553322) 64-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2553431) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553260) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2589322) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 64-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2598287) 64-Bit Edition Skype™ 5.10 Synaptics Pointing Device Driver TOSHIBA Assist TOSHIBA Bulletin Board TOSHIBA ConfigFree TOSHIBA Disc Creator TOSHIBA eco Utility TOSHIBA Face Recognition TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert Toshiba Manuals TOSHIBA Online Product Information TOSHIBA PC Health Monitor TOSHIBA Places Icon Utility TOSHIBA Recovery Media Creator TOSHIBA Recovery Media Creator Reminder TOSHIBA ReelTime TOSHIBA Service Station TOSHIBA Sleep Utility TOSHIBA Supervisor Password TOSHIBA TEMPRO TOSHIBA Value Added Package TOSHIBA Web Camera Application TOSHIBA Wireless LAN Indicator TRORMCLauncher Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition Update for Microsoft Office 2010 (KB2553272) 64-Bit Edition Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2598289) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition WebTablet IE Plugin WebTablet Netscape Plugin Winamp Winamp Detector Plug-in Windows Live Communications Platform Windows Live Essentials Windows Live Foto-galerija Windows Live Galerija fotografija Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Mesh ActiveX kontrola za daljinske veze Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Posta Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WMV9/VC-1 Video Playback . ==== Event Viewer Messages From Past Week ======== . 31/08/2012 11:24:34, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Notebook Performance Tuning Service (TEMPRO) service to connect. 30/08/2012 18:34:09, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user VESELA-TOSHIBA\VESELA SID (S-1-5-21-2119856864-1918505592-3212183323-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 04/09/2012 13:34:22, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10. 03/09/2012 11:18:14, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WTouchService service. . ==== End Of File ===========================
  20. Здравейте имам странен проблем с компютъра,например като чатя във фейсбук или скайп започва да праща някакви линкове,също така работи бавно и не се показват целите прозорци. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:06-08-2015 Ran by W (administrator) on W-F081D34368844 (07-08-2015 12:39:14) Running from C:\Documents and Settings\W\Desktop Loaded Profiles: W (Available Profiles: W & Administrator) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States) Internet Explorer Version 7 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe () C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe (Skype Technologies S.A.) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe () C:\Program Files\TeamViewer3\TeamViewer_Host.exe (TeamViewer GmbH) C:\Program Files\TeamViewer3\TeamViewer.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe () C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe () C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation) C:\WINDOWS\system32\osk.exe (Microsoft Corporation) C:\WINDOWS\system32\msswchx.exe (IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [14854144 2005-09-22] (Realtek Semiconductor Corp.) HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.) HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2005-09-20] (Intel Corporation) HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [114688 2005-09-20] (Intel Corporation) HKLM\...\Run: [bluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent HKLM\...\Run: [btTray] => C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe [278016 2009-02-27] () HKLM\...\Run: [] => [X] HKU\S-1-5-19\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\S-1-5-19\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-20\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\S-1-5-20\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-21-1757981266-1004336348-1606980848-1003\...\Run: [skype] => C:\Program Files\Skype\Phone\Skype.exe [53288576 2015-06-30] (Skype Technologies S.A.) HKU\S-1-5-21-1757981266-1004336348-1606980848-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-1757981266-1004336348-1606980848-1003\...\Run: [Google Update] => C:\Documents and Settings\W\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [107912 2014-10-27] (Google Inc.) HKU\S-1-5-18\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32 HKU\S-1-5-18\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-18\...\RunOnce: [RunNarrator] => C:\WINDOWS\system32\Narrator.exe [53760 2008-04-14] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\S-1-5-21-1757981266-1004336348-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.mail.ru/?ieverfix=1&fr=ieverfix_sg HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1757981266-1004336348-1606980848-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-1757981266-1004336348-1606980848-1003 -> {105E99FF-8B9A-4492-B155-06194B9056D2} URL = http://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-1757981266-1004336348-1606980848-1003 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = http://go.mail.ru/search?q={SearchTerms}&ieverfix=1&fr=ieverfix_dse BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-07-06] (IObit) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12] (Microsoft Corporation) BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.) DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-12] (Microsoft Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 89.215.233.2 89.215.246.40 Tcpip\..\Interfaces\{A0223CA6-B160-42B4-A7BB-61FD22352FCD}: [DhcpNameServer] 89.215.233.2 89.215.246.40 FireFox: ======== FF ProfilePath: C:\Documents and Settings\W\Application Data\Mozilla\Firefox\Profiles\7iz7rnn2.default FF SelectedSearchEngine: Поиск@Mail.Ru FF Homepage: google.bg FF Keyword.URL: hxxp://go.mail.ru/search?fr=ntg&q= FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-07-06] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll [2013-06-26] (Adobe Systems, Inc.) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin HKU\S-1-5-21-1757981266-1004336348-1606980848-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\W\Local Settings\Application Data\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.) FF Plugin HKU\S-1-5-21-1757981266-1004336348-1606980848-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\W\Local Settings\Application Data\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\diribg.xml [2015-02-27] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\portalbgdict.xml [2015-02-27] FF Extension: Address Bar Search - C:\Documents and Settings\W\Application Data\Mozilla\Firefox\Profiles\7iz7rnn2.default\Extensions\{4D6A6C8E-1EB2-46e1-8CAA-40DAFDE3ED93} [2014-10-29] FF Extension: Adblock Plus - C:\Documents and Settings\W\Application Data\Mozilla\Firefox\Profiles\7iz7rnn2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-06] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-08-07] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-08-07] Chrome: ======= CHR Profile: C:\Documents and Settings\W\Local Settings\Application Data\Google\Chrome\User Data\Default CHR Extension: (Skype Click to Call) - C:\Documents and Settings\W\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-06] CHR Extension: (Google Wallet) - C:\Documents and Settings\W\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-22] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14] StartMenuInternet: chrome.exe - C:\Documents and Settings\W\Local Settings\Application Data\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [850432 2009-02-27] () [File not signed] R3 BsHelpCS; C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [98407 2009-02-27] () [File not signed] R2 BsMobileCS; C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe [143467 2009-02-27] () [File not signed] S2 HidServ; C:\WINDOWS\System32\svchost.exe [14336 2008-04-14] (Microsoft Corporation) S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit) R2 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3290304 2012-11-22] (Skype Technologies S.A.) R2 TeamViewer; C:\Program Files\TeamViewer3\TeamViewer_Host.exe [94208 2008-01-28] () [File not signed] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 BT; C:\WINDOWS\System32\DRIVERS\btnetdrv.sys [14088 2008-12-07] (IVT Corporation.) S3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [39304 2009-01-03] (IVT Corporation.) R0 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [20744 2009-01-07] (IVT Corporation.) R3 btnetBUs; C:\WINDOWS\System32\Drivers\btnetBus.sys [30088 2008-12-07] () S3 BTNetFilter; C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys [22416 2006-11-22] (IVT Corporation.) R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [232512 2012-04-03] (DT Soft Ltd) R3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [26248 2008-07-02] (IVT Corporation.) R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [15808 2013-12-24] (IObit) R3 VComm; C:\WINDOWS\System32\DRIVERS\VComm.sys [14856 2008-01-21] (IVT Corporation.) R3 VcommMgr; C:\WINDOWS\System32\Drivers\VcommMgr.sys [31880 2009-01-08] (IVT Corporation.) R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [223104 2004-10-27] (Marvell) S3 ALSysIO; \??\C:\DOCUME~1\W\LOCALS~1\Temp\ALSysIO.sys [X] U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33800 2008-11-25] (IVT Corporation.) S4 IntelIde; No ImagePath U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-07 12:39 - 2015-08-07 12:39 - 00012145 _____ C:\Documents and Settings\W\Desktop\FRST.txt 2015-08-07 12:39 - 2015-08-07 12:39 - 00000000 ____D C:\FRST 2015-08-07 12:37 - 2015-08-07 12:37 - 01673728 _____ (Farbar) C:\Documents and Settings\W\Desktop\FRST.exe 2015-08-07 10:56 - 2015-08-07 12:35 - 00000000 ____D C:\Program Files\Mozilla Firefox 2015-08-06 11:04 - 2015-08-06 11:13 - 00004839 _____ C:\WINDOWS\setupapi.log ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-07 12:39 - 2015-07-06 18:05 - 00000000 ____D C:\Documents and Settings\W\Local Settings\Temp 2015-08-07 12:38 - 2015-05-31 20:03 - 00000000 ____D C:\Documents and Settings\W\My Documents\Изтегляния 2015-08-07 12:35 - 2012-04-25 20:59 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-08-07 12:35 - 2012-03-31 18:44 - 00422658 _____ C:\WINDOWS\WindowsUpdate.log 2015-08-07 12:33 - 2012-03-31 21:36 - 00360124 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-08-07 12:30 - 2012-06-28 10:13 - 00006244 _____ C:\WINDOWS\system32\LOCALSERVICE.INI 2015-08-07 12:30 - 2012-03-31 19:11 - 00000000 ____D C:\WINDOWS\system32\Lang 2015-08-07 12:29 - 2014-02-13 22:07 - 00000270 _____ C:\WINDOWS\Tasks\SmartDefrag3_Update.job 2015-08-07 12:29 - 2012-03-31 19:21 - 00000982 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-07 12:29 - 2012-03-31 18:56 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-08-07 12:29 - 2009-02-27 17:04 - 00001047 _____ C:\WINDOWS\system32\bscs.ini 2015-08-07 11:05 - 2015-07-06 14:08 - 00032644 _____ C:\WINDOWS\SchedLgU.Txt 2015-08-07 11:05 - 2012-03-31 18:57 - 00000178 ___SH C:\Documents and Settings\W\ntuser.ini 2015-08-07 11:01 - 2012-03-31 19:21 - 00000986 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-07 10:54 - 2012-09-15 13:00 - 00001010 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1004336348-1606980848-1003Core1cd9328f877505a.job 2015-08-07 10:54 - 2012-03-31 22:21 - 00001062 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1004336348-1606980848-1003UA.job 2015-08-06 16:02 - 2012-04-01 19:29 - 00000000 ____D C:\Documents and Settings\W\Application Data\Skype 2015-08-06 10:56 - 2012-03-31 22:22 - 00002250 _____ C:\Documents and Settings\W\Desktop\Google Chrome.lnk 2015-08-05 20:16 - 2001-08-23 10:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2015-08-04 15:58 - 2015-07-06 18:09 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ProductData 2015-07-26 13:17 - 2013-03-14 21:48 - 00000182 _____ C:\drwtsn32.log 2015-07-23 15:06 - 2012-04-03 14:12 - 00000000 ____D C:\Program Files\TeamViewer3 2015-07-17 22:03 - 2015-05-29 20:15 - 00000286 _____ C:\WINDOWS\Tasks\Program Manager.job 2015-07-10 14:46 - 2012-05-10 11:58 - 00000000 ____D C:\Documents and Settings\W\Desktop\imoti ==================== Files in the root of some directories ======= 2012-04-04 20:59 - 2015-02-17 18:21 - 0016896 _____ () C:\Documents and Settings\W\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of log ============================ Addition.txt
  21. Здравейте! При стартиране на Опера като начална страница всеки път се отварят различни сайтове без да съм ги задавала. При сканиране с Malwarebytes Anti-Malware излезнаха HiJack и domredi.com 1. Някои от проблемите програмата сложи под карантина и аз съответно ги изтрих. Но проблемът продължава.След това сканирах с avira_free_antivirus_en и бяха открити Warnings:18. Ще съм много благодарна ако проверите, има ли действително за какво да се притеснявам. Преди време ползвах услугите ви за друг проблем и останах много доволна.Благодаря предварително!Прилагам и DDS анализите: DDS (Ver_2011-09-30.01) - NTFS_AMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_33 Run by admin at 3:25:55 on 2012-08-14 Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1033.18.4095.2500 [GMT 3:00] . AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\vVX3000.exe C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Microsoft LifeCam\MSCamS64.exe c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\TCCARGO\tccargo.exe C:\Program Files (x86)\Trans\trans.exe C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\Ask.com\Updater\Updater.exe C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\PROGRA~2\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k WindowsMobile C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe C:\Program Files (x86)\TeamViewer\Version7\tv_x64.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\taskhost.exe C:\Windows\system32\WUDFHost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Opera\opera.exe C:\Program Files (x86)\Opera\pluginwrapper\opera_plugin_wrapper.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\conhost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://search.babylon.com/?babsrc=HP_Prot mStart Page = hxxp://home.sweetim.com/?st=1&barid={C8B60AA0-D32F-11E0-9D73-002185720B57} mDefault_Page_URL = hxxp://www.yahoo.com/?ilc=8 uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll uURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll mURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: {D4027C7F-154A-4066-A1AD-4243D8127440} - <orphaned> BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll TB: uTorrentControl2 Toolbar: {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [Google Update] "C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [TC Login] c:\tccargo\tccargo.exe --autostart uRun: [Green Christmas Tree] C:\Users\admin\Pictures\GreenChristmasTree.exe uRun: [Messenger (Yahoo!)] ~"C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet uRun: [Facebook Update] "C:\Users\admin\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver uRun: [RGSC] C:\Users\admin\Desktop\Games\Rockstar Games Social Club\RGSCLauncher.exe /silent uRun: [Trans] C:\Program Files (x86)\Trans\trans.exe uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED uRun: [auiqptq] C:\Users\admin\AppData\Local\yjtixd.exe mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s mRun: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 IE: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab TCP: NameServer = 84.238.212.1 192.168.0.1 TCP: Interfaces\{70070C10-E0CF-45DB-8C32-2587B406A6EE} : DHCPNameServer = 84.238.212.1 192.168.0.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe x64-Run: [skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe x64-Run: [VX3000] C:\Windows\vVX3000.exe x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\8tcqd6hp.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon) FF - prefs.js: browser.startup.homepage - hxxp://domredi.com/1/ FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=STC-US&o=1716&locale=en_EU&apn_uid=A31759C3-62C7-40C3-A02A-F5298D1F4FE7&apn_ptnrs=^AAO&apn_sauid=1F84DCBD-C0CF-4222-837C-A57059B3F42D&apn_dtid=^YYYYYY^YY^BG&&q= FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll FF - plugin: C:\Program Files (x86)\Sony Online Entertainment\npsoe.dll FF - plugin: C:\Program Files (x86)\Sony Online Entertainment\npsoeact.dll FF - plugin: C:\Users\admin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll FF - plugin: C:\Users\admin\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Users\admin\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll FF - plugin: C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.BabylonToolbar_i.newTab - false FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(extensions.BabylonToolbar_i.babTrack, affID=109217 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - c0f12f2700000000000000064f72be4d FF - user.js: extensions.BabylonToolbar_i.hardId - c0f12f2700000000000000064f72be4d FF - user.js: extensions.BabylonToolbar_i.instlDay - 15453 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1721:40:03 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . ============= SERVICES / DRIVERS =============== . R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2012-5-13 27760] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-5-13 86224] R2 AntiVirService;Avira Realtime Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-5-13 110032] R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2012-5-13 98848] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-30 655944] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-5-20 2218600] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-6-19 3048136] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-4-7 378472] R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-7-16 2673064] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-12-8 24904] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2011-5-20 174184] R3 RTL85n64;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;C:\Windows\System32\drivers\RTL85n64.sys [2009-6-10 378368] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-31 250056] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-5-26 20992] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-5-26 59392] S3 WatAdminSvc;Услуга на технологиите за активиране на Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-5-24 1255736] SUnknown tsusbhub;tsusbhub; [x] . =============== Created Last 30 ================ . 2012-08-10 14:08:42 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A6D1CD9F-1C45-4AD2-9D7E-F83D2FE94DB1}\mpengine.dll 2012-08-07 16:54:51 -------- d-----w- C:\Program Files (x86)\smartdl 2012-08-01 17:13:16 184700 ----a-w- C:\torrent.exe 2012-07-20 07:24:17 -------- d-----w- C:\Users\admin\temp . ==================== Find3M ==================== . 2012-08-02 23:11:09 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-02 23:11:09 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-07-03 10:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-06-12 03:08:36 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-02 12:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-02 12:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-31 09:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe . ============= FINISH: 3:26:20,83 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 20.5.2011 г. 18:11:10 System Uptime: 14.8.2012 г. 02:49:36 (1 hours ago) . Motherboard: ACER | | MCP73PV Processor: Intel® Core™2 Quad CPU Q8200 @ 2.33GHz | SOCKET775 M/B | 2336/333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 154 GiB total, 36,033 GiB free. D: is FIXED (NTFS) - 298 GiB total, 273,954 GiB free. E: is FIXED (NTFS) - 596 GiB total, 74,916 GiB free. F: is FIXED (NTFS) - 144 GiB total, 23,553 GiB free. G: is CDROM (CDFS) H: is Removable I: is Removable J: is Removable K: is Removable L: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: Description: Coprocessor Device ID: PCI\VEN_10DE&DEV_07DA&SUBSYS_01371025&REV_A2\3&267A616A&0&1B Manufacturer: Name: Coprocessor PNP Device ID: PCI\VEN_10DE&DEV_07DA&SUBSYS_01371025&REV_A2\3&267A616A&0&1B Service: . ==== System Restore Points =================== . RP298: 9.8.2012 г. 13:44:39 - Scheduled Checkpoint . ==== Installed Programs ====================== . ЗБУТ+ (Версия 2.13) Гари Поттер и Принц-Полукровка v1.0 µTorrent 1.1 1ClickDownloader Activision® Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.3) Ashampoo Burning Studio 10.0.1 Ask Toolbar Ask Toolbar Updater Assassin's Creed Assassin's Creed Brotherhood v 1.0 Assassin's Creed Revelations v1.0 Rus-Eng Asterix and Obelix XXL2 Asterix at the Olympic Games Avira Free Antivirus Babylon toolbar on IE Batman Arkham Asylum Batman: Arkham Asylum Battlefield 2™ Battlefield 3 version 1.0 Bugs Bunny & Taz - Time Busters Canon MP280 series MP Drivers Compatibility Pack for the 2007 Office system Crystal Reports 2008 Runtime SP2 Deep Black : Reloaded Disney Tangled Ed, Edd n Eddy - The Mis-Edventures Facebook Video Calling 1.2.0.159 FIFA 11 Ford Racing 2 Ford Racing 3 Garfield Ghostbusters - The Videogame Google Chrome GTA San Andreas B-13 NFS 2011 Harry Potter and the Deathly Hallows Part 2 version 1.5 Harry Potter and the Deathly Hallows™ - Part 2 Harry Potter and the Deathly Hallows™ - Part 2 Demo Harry Potter and the Deathly Hallows™ - Part 1 Harry Potter and the Goblet of Fire™ Harry Potter and the Order of Phoenix v1.0 Harry Potter II HHD Software Free Hex Editor Neo 4.97 Ice Age 3 James Bond 007™ - Blood Stone Java Auto Updater Java™ 6 Update 33 Jungle Kartz LEGO Star Wars II LEGO Universe LEGO® Batman™ LEGO® Harry Potter™: Years 1-4 LEGO® Harry Potter™: Years 5-7 LEGO® Indiana Jones™ LEGO® Indiana Jones™ 2 LEGO® Indiana Jones™ 2: The Adventure Continues LEGO® Pirates of the Caribbean The Video Game Malwarebytes Anti-Malware, версия 1.62.0.1300 Martial Arts Capoeira Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Corporation Microsoft Games for Windows - LIVE Microsoft Games for Windows - LIVE Redistributable Microsoft LifeCam Microsoft Office File Validation Add-In Microsoft Office Professional Edition 2003 Microsoft Silverlight Microsoft SQL Server 2005 Microsoft SQL Server 2005 Express Edition Microsoft SQL Server 2005 Tools Express Edition Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 11.0 (x86 bg) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NVIDIA 3D Vision Controller Driver NVIDIA 3D Vision Controller Driver 270.61 NVIDIA 3D Vision Driver 270.61 NVIDIA Control Panel 270.61 NVIDIA Graphics Driver 270.61 NVIDIA HD Audio Driver 1.2.22.1 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.10.0514 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.1.34 NVIDIA Update Components Opera 12.01 Pando Media Booster Pole Position 2012 version 1.0 Pro Evolution Soccer 2012 1.01 Realtek High Definition Audio Driver Renegade Ops Republic Heroes Rockstar Games Social Club Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Skype Click to Call Skype™ 5.10 SOE Web Installer Spider-Man™ - Shattered Dimensions Spider-Man: Web of Shadows Stateshift SweetIM for Messenger 3.6 SweetPacks Toolbar for Internet Explorer 4.4 TC Login TeamViewer 7 The Adventures of Tintin - The Secret of the Unicorn 1.0 The Cursed Crusade version 1.0 The Hulk™ The KMPlayer (remove only) The Three Musketeers - D'Artagnan and the 12 Jewels Toy Soldiers TrackMania 2 - Canyon TRANS 4.0.17.3152 Ubisoft Game Launcher Unity Web Player Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) uTorrentControl2 Toolbar VirtualCloneDrive Winamp Winamp Detector Plug-in Windows 7 Codec Pack 2.6.1 Windows Mobile Device Center WinRAR archiver Wizard101 World of Tanks Yahoo! BrowserPlus 2.9.8 Yahoo! Messenger Yahoo! Software Update Yahoo! Toolbar . ==== Event Viewer Messages From Past Week ======== . 9.8.2012 г. 08:21:00, Error: volsnap [25] - The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied. 9.8.2012 г. 07:31:33, Error: Service Control Manager [7000] - Услуга atksgt не може да бъде стартирана поради следната грешка: Зареждането на този драйвер е блокирано 9.8.2012 г. 07:31:33, Error: Application Popup [875] - Driver atksgt.sys has been blocked from loading. 8.8.2012 г. 02:51:22, Error: Service Control Manager [7000] - Услуга atksgt не може да бъде стартирана поради следната грешка: Зареждането на този драйвер е блокирано 8.8.2012 г. 02:51:22, Error: Application Popup [875] - Driver atksgt.sys has been blocked from loading. 7.8.2012 г. 08:07:27, Error: Service Control Manager [7000] - Услуга atksgt не може да бъде стартирана поради следната грешка: Зареждането на този драйвер е блокирано 7.8.2012 г. 08:07:27, Error: Application Popup [875] - Driver atksgt.sys has been blocked from loading. 14.8.2012 г. 02:50:02, Error: Service Control Manager [7000] - Услуга atksgt не може да бъде стартирана поради следната грешка: Зареждането на този драйвер е блокирано 14.8.2012 г. 02:50:02, Error: Application Popup [875] - Driver atksgt.sys has been blocked from loading. 14.8.2012 г. 01:12:51, Error: Service Control Manager [7000] - Услуга atksgt не може да бъде стартирана поради следната грешка: Зареждането на този драйвер е блокирано 14.8.2012 г. 01:12:51, Error: Application Popup [875] - Driver atksgt.sys has been blocked from loading. 13.8.2012 г. 22:04:26, Error: Service Control Manager [7000] - Услуга atksgt не може да бъде стартирана поради следната грешка: Зареждането на този драйвер е блокирано 13.8.2012 г. 22:04:26, Error: Application Popup [875] - Driver atksgt.sys has been blocked from loading. 13.8.2012 г. 20:00:50, Error: Service Control Manager [7000] - Услуга atksgt не може да бъде стартирана поради следната грешка: Зареждането на този драйвер е блокирано 13.8.2012 г. 20:00:50, Error: Application Popup [875] - Driver atksgt.sys has been blocked from loading. 13.8.2012 г. 08:46:05, Error: Service Control Manager [7000] - Услуга atksgt не може да бъде стартирана поради следната грешка: Зареждането на този драйвер е блокирано 13.8.2012 г. 08:46:05, Error: Application Popup [875] - Driver atksgt.sys has been blocked from loading. 12.8.2012 г. 19:19:18, Error: Service Control Manager [7000] - Услуга atksgt не може да бъде стартирана поради следната грешка: Зареждането на този драйвер е блокирано 12.8.2012 г. 19:19:18, Error: Application Popup [875] - Driver atksgt.sys has been blocked from loading. 12.8.2012 г. 17:24:25, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR7. 12.8.2012 г. 17:24:25, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR7. 12.8.2012 г. 17:24:24, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR7. 12.8.2012 г. 17:24:24, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR7. 12.8.2012 г. 17:24:23, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR7. 12.8.2012 г. 07:56:58, Error: Service Control Manager [7000] - Услуга atksgt не може да бъде стартирана поради следната грешка: Зареждането на този драйвер е блокирано 12.8.2012 г. 07:56:58, Error: Application Popup [875] - Driver atksgt.sys has been blocked from loading. 11.8.2012 г. 07:42:08, Error: Service Control Manager [7000] - Услуга atksgt не може да бъде стартирана поради следната грешка: Зареждането на този драйвер е блокирано 11.8.2012 г. 07:42:08, Error: Application Popup [875] - Driver atksgt.sys has been blocked from loading. 10.8.2012 г. 06:08:11, Error: Service Control Manager [7000] - Услуга atksgt не може да бъде стартирана поради следната грешка: Зареждането на този драйвер е блокирано 10.8.2012 г. 06:08:11, Error: Application Popup [875] - Driver atksgt.sys has been blocked from loading. . ==== End Of File ===========================
  22. Здравейте!При отваряне на линк от приятел по скайп спря да работи Google търсачката.В момента работи Моzilla Firefox,но и при нея не се отварят видео файлове.С програмата Malwarebyte открих 78 елемента,които изтрих.Сега Google отваря страници,но на тях нищо не е активно.Моля помогнете ми! .DDS (Ver_2011-09-30.01) - NTFS_x86 Internet Explorer: 9.0.8112.16421 Run by Home at 11:48:14 on 2012-11-25 Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1033.18.1535.667 [GMT 2:00] . AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Program Files\D-Link\DWA-123\ALPBCSVC.exe C:\ProgramData\GLOBUL Connection Manager\OnlineUpdate\ouc.exe C:\ProgramData\DatacardService\HWDeviceService.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe C:\Program Files\Microsoft Security Client\NisSrv.exe C:\Windows\system32\taskhost.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\ProgramData\DatacardService\DCSHelper.exe C:\Windows\SOUNDMAN.EXE C:\Windows\PixArt\Pac207\Monitor.exe C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe C:\Windows\system32\taskeng.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Aeria Games\Ignite\aeriaignite.exe C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\System32\spool\drivers\w32x86\3\E_FATIFBE.EXE C:\Users\Home\AppData\Local\Akamai\netsession_win.exe C:\Program Files\FilesFrog Update Checker\update_checker.exe C:\Windows\system32\SearchIndexer.exe C:\Users\Home\AppData\Local\Akamai\netsession_win.exe C:\Program Files\PC Speed Maximizer\SPMReminder.exe D:\Program Files\Mozilla Firefox\firefox.exe D:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\AUDIODG.EXE C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\svchost.exe -k Akamai C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.bg/ uSearch Bar = Preserve mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={66B59D52-21E4-11E2-A6AE-0015F29177DD} uProxyOverride = <local> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: IB Updater: {336D0C35-8A85-403a-B9D2-65C292C39087} - c:\program files\ib updater\Extension32.dll BHO: 4sharedExt: {95525BD9-6136-4A26-8263-9CEE295D442D} - c:\program files\4shared toolbar\4sharedExt32.dll BHO: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll TB: 4shared Toolbar: {95080B13-AA71-4EE8-B951-7E98221E1ED5} - c:\program files\4shared toolbar\4sharedbar32.dll TB: 4shared Toolbar: {95080B13-AA71-4EE8-B951-7E98221E1ED5} - c:\program files\4shared toolbar\4sharedbar32.dll uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun uRun: [EPSON SX110 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatifbe.exe /fu "c:\windows\temp\E_S8221.tmp" /EF "HKCU" uRun: [Akamai NetSession Interface] "c:\users\home\appdata\local\akamai\netsession_win.exe" uRun: [sDP] c:\program files\filesfrog update checker\update_checker.exe /auto uRun: [speedUpMyPC] "c:\program files\uniblue\speedupmypc\launcher.exe" -d 20000 uRun: [PC Speed Maximizer] c:\program files\pc speed maximizer\SPMLauncher.exe mRun: [soundMan] SOUNDMAN.EXE mRun: [Monitor] c:\windows\pixart\pac207\Monitor.exe mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe mRun: [sSDMonitor] c:\program files\common files\pc tools\smonitor\SSDMonitor.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [Aeria Ignite] "c:\program files\aeria games\ignite\aeriaignite.exe" silent mRun: [sweetpacks Communicator] c:\program files\sweetim\communicator\SweetPacksUpdateManager.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: &4shared Search - c:\program files\4shared toolbar\4sharedbar32.dll/MENUSEARCH.HTM IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: NameServer = 192.168.0.1 TCP: Interfaces\{2B7515F8-7F12-49F7-AAF7-46519883D678} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{2B7515F8-7F12-49F7-AAF7-46519883D678}\46C696E6B6 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{2B7515F8-7F12-49F7-AAF7-46519883D678}\C696E6B6379737 : DHCPNameServer = 212.116.136.2 212.116.128.2 TCP: Interfaces\{2B7515F8-7F12-49F7-AAF7-46519883D678}\D4F62796A7 : DHCPNameServer = 192.168.43.1 TCP: Interfaces\{31632317-CFCD-4995-B11A-BCE4F026747D} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{8015E814-9654-43D6-B038-7C3993681EF2} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{955D30E1-343A-4E5B-A7B4-E3571E25AFD0} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{955D30E1-343A-4E5B-A7B4-E3571E25AFD0}\4505D2C494E4B4F5733323935434 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{9AC1DD28-767D-4982-91CB-2F2C6998230F} : DHCPNameServer = 192.168.0.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - c:\users\home\appdata\roaming\mozilla\firefox\profiles\qrubrgos.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - BS Player Customized Web Search FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT1750559&SearchSource=13 FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&q= FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll FF - plugin: c:\users\home\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll FF - plugin: c:\users\home\appdata\roaming\mozilla\firefox\profiles\qrubrgos.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\plugins\np-mswmp.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npmproxy.dll FF - plugin: d:\program files\google\picasa3\npPicasa3.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.BabylonToolbar_i.id - b0a0a610000000000000b8a386010e4f FF - user.js: extensions.BabylonToolbar_i.hardId - b0a0a610000000000000b8a386010e4f FF - user.js: extensions.BabylonToolbar_i.instlDay - 15523 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.instlRef - sst FF - user.js: extensions.BabylonToolbar.autoRvrt - false FF - user.js: extensions.BabylonToolbar_i.newTab - false FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=b0a0a610000000000000b8a386010e4f&q= FF - user.js: extensions.BabylonToolbar.id - b0a0a610000000000000b8a386010e4f FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB} FF - user.js: extensions.BabylonToolbar.instlDay - 15655 FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.3.8 FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.3.8 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.3.810:50:30 FF - user.js: extensions.BabylonToolbar.prtnrId - babylon FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar.tlbrId - base FF - user.js: extensions.BabylonToolbar.instlRef - na FF - user.js: extensions.BabylonToolbar.dfltLng - en FF - user.js: extensions.BabylonToolbar.excTlbr - false FF - user.js: extensions.BabylonToolbar.admin - false FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=17425&tt=4512_7 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - def . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552] R1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\drivers\anodlwf.sys [2012-5-27 12800] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128] R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2009-7-14 20992] R2 DWA-123_PBC_WPS;DWA-123_PBC_WPS Service;c:\program files\d-link\dwa-123\ALPBCSVC.exe [2012-5-27 61440] R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\datacardservice\HWDeviceService.exe [2011-3-14 271712] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-11-23 399432] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-11-23 676936] R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 99272] R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2011-12-20 793048] R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2012-3-29 73216] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-11-23 22856] R3 netr28u;D-Link dnetr28u USB Extensible Wireless LAN Card Driver;c:\windows\system32\drivers\Dnetr28u.sys [2012-5-27 1165152] R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-9-12 287824] R3 PAC207;SoC PC-Camera;c:\windows\system32\drivers\PFC027.SYS [2006-12-5 507136] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 GLOBUL Connection Manager. RunOuc;GLOBUL Connection Manager. OUC;c:\users\home\globul\globul connection manager\updatedog\ouc.exe [2012-3-29 655712] S2 gupdate;Услуга Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-6-2 136176] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-17 250808] S3 apf001;apf001;c:\windows\system32\apf001.sys [2012-2-18 10872] S3 apf003;apf003;c:\windows\system32\apf003.sys [2012-7-3 13232] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2012-3-29 102784] S3 gupdatem;Услуга на Google Актуализация (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-6-2 136176] S3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\drivers\ew_jucdcacm.sys [2012-3-29 90368] S3 netr73;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\drivers\netr73.sys [2010-2-24 562464] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-6-25 15872] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-25 52224] S3 WatAdminSvc;WatAdminSvc;c:\windows\system32\wat\WatAdminSvc.exe [2011-6-2 1343400] . =============== Created Last 30 ================ . 2012-11-24 17:31:16 6812136 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{42285a1f-fb7f-4e11-ba7c-ee820b007be3}\mpengine.dll 2012-11-23 17:16:01 -------- d-----w- c:\users\home\appdata\roaming\Malwarebytes 2012-11-23 17:15:28 -------- d-----w- c:\programdata\Malwarebytes 2012-11-23 17:15:22 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-11-23 17:15:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-11-22 18:58:17 689664 ----a-w- c:\users\home\appdata\roaming\601D.exe 2012-11-22 18:58:14 15678 ----a-w- c:\users\home\appdata\roaming\530C.exe 2012-11-22 15:50:58 15678 ----a-w- c:\users\home\appdata\roaming\D481.exe 2012-11-22 15:18:08 689664 ----a-w- c:\users\home\appdata\roaming\C3D8.exe 2012-11-22 15:18:03 15678 ----a-w- c:\users\home\appdata\roaming\B34D.exe 2012-11-22 14:59:22 689664 ----a-w- c:\users\home\appdata\roaming\9E5F.exe 2012-11-22 14:59:18 15678 ----a-w- c:\users\home\appdata\roaming\8D85.exe 2012-11-22 12:06:14 15678 ----a-w- c:\users\home\appdata\roaming\1BB9.exe 2012-11-22 11:57:38 6812136 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2012-11-15 09:58:27 9728 ----a-w- c:\windows\system32\Wdfres.dll 2012-11-15 09:58:27 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2012-11-15 09:58:27 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2012-11-15 09:57:17 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2012-11-15 09:57:16 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2012-11-15 09:57:14 73216 ----a-w- c:\windows\system32\WUDFSvc.dll 2012-11-15 09:57:14 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll 2012-11-15 09:57:11 613888 ----a-w- c:\windows\system32\WUDFx.dll 2012-11-15 09:57:11 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2012-11-15 09:57:11 196608 ----a-w- c:\windows\system32\WUDFHost.exe 2012-11-15 06:23:09 78336 ----a-w- c:\windows\system32\synceng.dll 2012-11-15 06:23:08 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-11-15 06:23:01 499712 ----a-w- c:\windows\system32\iphlpsvc.dll 2012-11-15 06:23:01 242176 ----a-w- c:\windows\system32\nlasvc.dll 2012-11-15 06:23:01 175104 ----a-w- c:\windows\system32\netcorehc.dll 2012-11-15 06:23:01 156672 ----a-w- c:\windows\system32\ncsi.dll 2012-11-15 06:23:01 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-11-15 06:23:00 52224 ----a-w- c:\windows\system32\nlaapi.dll 2012-11-15 06:23:00 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2012-11-15 06:23:00 18944 ----a-w- c:\windows\system32\netevent.dll 2012-11-15 06:22:53 193536 ----a-w- c:\windows\system32\dhcpcore6.dll 2012-11-15 06:22:52 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll 2012-11-11 08:52:04 -------- d-----w- c:\program files\LEGO Software 2012-11-11 08:50:35 -------- d-----w- c:\program files\Babylon 2012-11-11 08:49:25 -------- d-----w- c:\users\home\appdata\roaming\PC Speed Maximizer 2012-11-11 08:48:21 -------- d-----w- c:\users\home\appdata\roaming\Uniblue 2012-11-11 08:48:03 -------- d-----w- c:\program files\Uniblue 2012-11-11 08:48:01 -------- d-----w- c:\program files\PC Speed Maximizer 2012-11-11 07:39:39 -------- d-----w- c:\program files\FilesFrog Update Checker 2012-11-11 07:39:27 -------- d-----w- c:\program files\Perion 2012-11-11 07:39:23 632656 ----a-w- c:\windows\system32\msvcr80.dll 2012-11-11 07:39:23 554832 ----a-w- c:\windows\system32\msvcp80.dll 2012-11-11 07:39:23 479232 ----a-w- c:\windows\system32\msvcm80.dll 2012-11-11 07:39:22 28160 ----a-w- c:\windows\system32\ImHttpComm.dll 2012-11-11 07:39:22 -------- d-----w- c:\windows\system32\ARFC 2012-11-11 07:39:20 -------- d-----w- c:\windows\system32\WNLT 2012-11-11 07:39:12 -------- d-----w- c:\program files\IB Updater 2012-10-29 16:19:10 -------- d-----w- c:\programdata\SweetIM 2012-10-29 16:19:10 -------- d-----w- c:\program files\SweetIM 2012-10-29 16:08:24 -------- d-----w- c:\programdata\boost_interprocess 2012-10-29 16:00:09 -------- d-----w- c:\users\home\appdata\local\Torch . ==================== Find3M ==================== . 2012-10-29 14:39:25 821736 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-10-29 14:39:25 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-10-09 13:36:49 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-10-09 13:36:49 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-10-08 07:56:24 1800704 ----a-w- c:\windows\system32\jscript9.dll 2012-10-08 07:48:03 1129472 ----a-w- c:\windows\system32\wininet.dll 2012-10-08 07:47:44 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2012-10-08 07:44:05 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-10-08 07:43:21 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-10-08 07:40:56 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-09-14 18:28:53 2048 ----a-w- c:\windows\system32\tzres.dll 2012-08-31 17:18:09 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys 2012-08-30 19:03:50 99272 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-08-30 19:03:50 193552 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-08-30 17:12:02 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-08-30 17:12:02 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe . ============= FINISH: 11:49:10,14 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 2.6.2011 г. 03:32:49 System Uptime: 25.11.2012 г. 08:56:57 (3 hours ago) . Motherboard: ASUSTeK Computer INC. | | 'K8N' Processor: AMD Athlon™ 64 Processor 3200+ | Socket 754 | 2210/200mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 30 GiB total, 2,295 GiB free. D: is FIXED (NTFS) - 123 GiB total, 59,362 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318} Description: Conexant 23881 Video Capture (Cx23881 for Japan Final release) Device ID: PCI\VEN_14F1&DEV_8800&SUBSYS_00000000&REV_05\4&22775069&0&4870 Manufacturer: Conexant Name: Conexant 23881 Video Capture (Cx23881 for Japan Final release) PNP Device ID: PCI\VEN_14F1&DEV_8800&SUBSYS_00000000&REV_05\4&22775069&0&4870 Service: CX23880 . ==== System Restore Points =================== . RP377: 24.11.2012 г. 20:25:14 - Removed SweetPacks bundle uninstaller . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) µTorrent 4shared Toolbar Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.5.2 Adobe Shockwave Player 11.6 Aeria Ignite Akamai NetSession Interface Akamai NetSession Interface Service BS.Player FREE D-Link DWA-123 Eden Eternal EPSON Scan EPSON SX110 Series Printer Uninstall EVEREST Ultimate Edition v5.50 FilesFrog Update Checker GLOBUL Connection Manager Google Земя Google Chrome Google SketchUp 8 Google Update Helper IB Updater 2.0.0.110 IB Updater Service JavaFX 2.1.1 LEGO Universe Malwarebytes Anti-Malware version 1.65.1.1000 Microsoft .NET Framework 4 Client Profile Microsoft Antimalware Service BG-BG Language Pack Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Security Client Microsoft Security Client BG-BG Language Pack Microsoft Security Essentials Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 4.0.1 (x86 bg) Mozilla Firefox 8.0.1 (x86 bg) Nero 7 Premium Nokia Connectivity Cable Driver Norton Security Scan Pando Media Booster PC Speed Maximizer v3.0 PC Tools Registry Mechanic 11.0 Picasa 3 Realtek AC'97 Audio SA Dictionary 2004 Datacenter Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition Skype Toolbars Skype™ 5.10 SweetPacks bundle uninstaller swMSM Uniblue SpeedUpMyPC Unity Web Player Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update Manager for SweetPacks 1.1 VLC media player 1.0.2 WinRAR archiver XBMC . ==== Event Viewer Messages From Past Week ======== . 25.11.2012 г. 09:10:00, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.329.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft...������Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 25.11.2012 г. 09:01:30, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} as /. The error: "5" Happened while starting this command: C:\Windows\System32\slui.exe -Embedding 25.11.2012 г. 08:57:31, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the GLOBUL Connection Manager. OUC service to connect. 25.11.2012 г. 08:57:31, Error: Service Control Manager [7000] - The GLOBUL Connection Manager. OUC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 25.11.2012 г. 08:57:08, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 24.11.2012 г. 18:55:53, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service. 24.11.2012 г. 17:22:04, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the GLOBUL Connection Manager. OUC service to connect. 24.11.2012 г. 17:22:04, Error: Service Control Manager [7000] - The GLOBUL Connection Manager. OUC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 24.11.2012 г. 17:21:42, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 24.11.2012 г. 17:18:27, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 24.11.2012 г. 17:18:27, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 24.11.2012 г. 17:18:27, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 24.11.2012 г. 17:16:42, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 24.11.2012 г. 17:16:42, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 24.11.2012 г. 17:16:42, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 24.11.2012 г. 17:16:42, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 24.11.2012 г. 17:16:42, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 24.11.2012 г. 17:16:42, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 24.11.2012 г. 17:16:40, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 24.11.2012 г. 17:16:40, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 24.11.2012 г. 17:16:40, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 24.11.2012 г. 17:16:40, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 24.11.2012 г. 17:16:40, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 24.11.2012 г. 17:16:39, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 24.11.2012 г. 17:16:32, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 24.11.2012 г. 17:16:20, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 24.11.2012 г. 17:16:20, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 24.11.2012 г. 17:16:20, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 24.11.2012 г. 17:16:15, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter spldr Wanarpv6 24.11.2012 г. 17:16:15, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 24.11.2012 г. 17:16:15, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 24.11.2012 г. 17:16:15, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 24.11.2012 г. 17:16:11, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d3 (0x8b55ff8b, 0x00000000, 0x00000000, 0x82ad0089). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112412-34203-01. 24.11.2012 г. 15:48:11, Error: Microsoft-Windows-Eventlog [23] - The event logging service encountered an error (res=32) while initializing logging resources for channel Microsoft-Windows-LanguagePackSetup/Operational. 24.11.2012 г. 12:47:05, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 24.11.2012 г. 09:50:04, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the GLOBUL Connection Manager. OUC service to connect. 24.11.2012 г. 09:50:04, Error: Service Control Manager [7000] - The GLOBUL Connection Manager. OUC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 24.11.2012 г. 09:49:41, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 23.11.2012 г. 23:36:05, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the GLOBUL Connection Manager. OUC service to connect. 23.11.2012 г. 23:36:05, Error: Service Control Manager [7000] - The GLOBUL Connection Manager. OUC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 23.11.2012 г. 23:35:43, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 23.11.2012 г. 22:08:06, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the GLOBUL Connection Manager. OUC service to connect. 23.11.2012 г. 22:08:06, Error: Service Control Manager [7000] - The GLOBUL Connection Manager. OUC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 23.11.2012 г. 22:07:44, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 23.11.2012 г. 22:04:16, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the GLOBUL Connection Manager. OUC service to connect. 23.11.2012 г. 22:04:16, Error: Service Control Manager [7000] - The GLOBUL Connection Manager. OUC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 23.11.2012 г. 22:03:52, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 23.11.2012 г. 18:36:26, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} as /. The error: "5" Happened while starting this command: C:\Windows\System32\slui.exe -Embedding 23.11.2012 г. 18:25:55, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the GLOBUL Connection Manager. OUC service to connect. 23.11.2012 г. 18:25:55, Error: Service Control Manager [7000] - The GLOBUL Connection Manager. OUC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 23.11.2012 г. 18:25:27, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 23.11.2012 г. 11:20:56, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the GLOBUL Connection Manager. OUC service to connect. 23.11.2012 г. 11:20:56, Error: Service Control Manager [7000] - The GLOBUL Connection Manager. OUC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 23.11.2012 г. 11:20:20, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 23.11.2012 г. 10:22:03, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} as /. The error: "5" Happened while starting this command: C:\Windows\System32\slui.exe -Embedding 23.11.2012 г. 10:11:51, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 22.11.2012 г. 20:57:19, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the GLOBUL Connection Manager. OUC service to connect. 22.11.2012 г. 20:57:19, Error: Service Control Manager [7000] - The GLOBUL Connection Manager. OUC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 22.11.2012 г. 20:56:56, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 22.11.2012 г. 17:16:44, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the GLOBUL Connection Manager. OUC service to connect. 22.11.2012 г. 17:16:44, Error: Service Control Manager [7000] - The GLOBUL Connection Manager. OUC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 22.11.2012 г. 17:16:20, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 22.11.2012 г. 16:58:11, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the GLOBUL Connection Manager. OUC service to connect. 22.11.2012 г. 16:58:11, Error: Service Control Manager [7000] - The GLOBUL Connection Manager. OUC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 22.11.2012 г. 16:57:47, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 22.11.2012 г. 13:48:52, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} as /. The error: "5" Happened while starting this command: C:\Windows\System32\slui.exe -Embedding 22.11.2012 г. 13:45:53, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the GLOBUL Connection Manager. OUC service to connect. 22.11.2012 г. 13:45:53, Error: Service Control Manager [7000] - The GLOBUL Connection Manager. OUC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 22.11.2012 г. 13:45:31, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 21.11.2012 г. 19:59:23, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 21.11.2012 г. 18:33:48, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the GLOBUL Connection Manager. OUC service to connect. 21.11.2012 г. 18:33:48, Error: Service Control Manager [7000] - The GLOBUL Connection Manager. OUC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 21.11.2012 г. 18:33:26, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 21.11.2012 г. 18:22:34, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} as /. The error: "5" Happened while starting this command: C:\Windows\System32\slui.exe -Embedding 21.11.2012 г. 08:46:43, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the GLOBUL Connection Manager. OUC service to connect. 21.11.2012 г. 08:46:43, Error: Service Control Manager [7000] - The GLOBUL Connection Manager. OUC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 21.11.2012 г. 08:46:19, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 20.11.2012 г. 21:30:04, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 20.11.2012 г. 16:07:44, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} as /. The error: "5" Happened while starting this command: C:\Windows\System32\slui.exe -Embedding 20.11.2012 г. 14:25:17, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the GLOBUL Connection Manager. OUC service to connect. 20.11.2012 г. 14:25:17, Error: Service Control Manager [7000] - The GLOBUL Connection Manager. OUC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 20.11.2012 г. 14:24:54, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 19.11.2012 г. 19:17:35, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} as /. The error: "5" Happened while starting this command: C:\Windows\System32\slui.exe -Embedding 19.11.2012 г. 19:14:29, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the GLOBUL Connection Manager. OUC service to connect. 19.11.2012 г. 19:14:29, Error: Service Control Manager [7000] - The GLOBUL Connection Manager. OUC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 19.11.2012 г. 19:14:07, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 18.11.2012 г. 20:40:17, Error: Service Control Manager [7023] - The SPP Notification Service service terminated with the following error: Access is denied. 18.11.2012 г. 19:40:17, Error: Service Control Manager [7023] - The SPP Notification Service service terminated with the following error: Access is denied. 18.11.2012 г. 18:40:21, Error: Service Control Manager [7023] - The SPP Notification Service service terminated with the following error: Access is denied. 18.11.2012 г. 17:40:19, Error: Service Control Manager [7023] - The SPP Notification Service service terminated with the following error: Access is denied. 18.11.2012 г. 16:40:17, Error: Service Control Manager [7023] - The SPP Notification Service service terminated with the following error: Access is denied. 18.11.2012 г. 15:40:17, Error: Service Control Manager [7023] - The SPP Notification Service service terminated with the following error: Access is denied. 18.11.2012 г. 14:40:17, Error: Service Control Manager [7023] - The SPP Notification Service service terminated with the following error: Access is denied. 18.11.2012 г. 10:56:52, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 18.11.2012 г. 10:34:34, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service. 18.11.2012 г. 10:28:55, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the GLOBUL Connection Manager. OUC service to connect. 18.11.2012 г. 10:28:55, Error: Service Control Manager [7000] - The GLOBUL Connection Manager. OUC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 18.11.2012 г. 10:28:30, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. . ==== End Of File ===========================
  23. Здравейте , Мисля,че съм заразен с въпросният вирус,защото като търся нещо в Google ме пренасочва към ipv4.google.com/sorry/... и трябва да въведа знаци (CAPTCHA) за да продължа напред. Сканирах с Аваст и Malwarebytes A-M, също така почистих с Ccleaner, но без никакъв резултат.Надявам се вие да ми помогнете FRST LOG: ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe () C:\Windows\vsnp325.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe () C:\Windows\FixCamera.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Opera Software) C:\Program Files (x86)\Opera\opera.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [snp325] => C:\Windows\vsnp325.exe [835584 2007-05-10] () HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-25] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [FixCamera] => C:\Windows\FixCamera.exe [20480 2007-07-11] () HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated) HKU\S-1-5-21-1948220024-2437248343-2704207394-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd) HKU\S-1-5-21-1948220024-2437248343-2704207394-1000\...\Run: [uTorrent] => "C:\Users\D>744=\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: avast! Online Security -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Гроздан\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall) FF Plugin-x32: @raidcall.kr/RCplugin -> C:\Users\Гроздан\AppData\Roaming\RCKR\plugins\nprcplugin.dll (Raidcall) FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-30] Chrome: ======= ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-05-25] (Advanced Micro Devices, Inc.) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-10-30] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-10-30] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-10-30] () R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-11-26] (DT Soft Ltd) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-16] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] () R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R3 SNP325; C:\Windows\System32\DRIVERS\snp325.sys [10719104 2007-07-24] (Sonix Co. Ltd.) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 GGSAFERDriver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-16 19:04 - 2014-09-16 19:04 - 00009381 _____ () C:\Users\Гроздан\Desktop\FRST.txt 2014-09-16 19:03 - 2014-09-16 19:04 - 00000000 ____D () C:\FRST 2014-09-16 19:02 - 2014-09-16 19:03 - 02105856 _____ (Farbar) C:\Users\Гроздан\Desktop\FRST64.exe 2014-09-16 14:32 - 2014-09-16 14:32 - 00000000 ____D () C:\Users\Гроздан\AppData\Local\Adobe 2014-09-11 20:23 - 2014-09-11 20:23 - 00000000 ____D () C:\Users\Гроздан\AppData\Roaming\Grand Theft Auto IV 2014-09-11 20:23 - 2014-09-11 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics 2014-09-10 17:55 - 2014-08-15 18:48 - 17868288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-09-10 17:55 - 2014-08-15 18:36 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-09-10 17:55 - 2014-08-15 18:35 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-09-10 17:55 - 2014-08-15 18:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-09-10 17:55 - 2014-08-15 18:31 - 01384960 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-09-10 17:55 - 2014-08-15 18:30 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-09-10 17:55 - 2014-08-15 18:30 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-09-10 17:55 - 2014-08-15 18:30 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-09-10 17:55 - 2014-08-15 18:29 - 02156032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-09-10 17:55 - 2014-08-15 18:29 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-09-10 17:55 - 2014-08-15 18:29 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-09-10 17:55 - 2014-08-15 18:29 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-09-10 17:55 - 2014-08-15 18:29 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-09-10 17:55 - 2014-08-15 18:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-09-10 17:55 - 2014-08-15 18:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-09-10 17:55 - 2014-08-15 18:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-09-10 17:55 - 2014-08-15 18:29 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-09-10 17:55 - 2014-08-15 18:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-09-10 17:55 - 2014-08-15 18:28 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-09-10 17:55 - 2014-08-15 18:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-09-10 17:55 - 2014-08-15 18:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-09-10 17:55 - 2014-08-15 17:51 - 12363264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-09-10 17:55 - 2014-08-15 17:42 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-09-10 17:55 - 2014-08-15 17:42 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-09-10 17:55 - 2014-08-15 17:37 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-09-10 17:55 - 2014-08-15 17:37 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-09-10 17:55 - 2014-08-15 17:36 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-09-10 17:55 - 2014-08-15 17:35 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-09-10 17:55 - 2014-08-15 17:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-09-10 17:55 - 2014-08-15 17:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-09-10 17:55 - 2014-08-15 17:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-09-10 17:55 - 2014-08-15 17:35 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-09-10 17:55 - 2014-08-15 17:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-09-10 17:55 - 2014-08-15 17:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-09-10 17:55 - 2014-08-15 17:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-09-10 17:55 - 2014-08-15 17:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-09-10 17:55 - 2014-08-15 17:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-09-10 17:55 - 2014-08-15 17:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-09-10 17:55 - 2014-08-15 17:34 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-09-10 17:55 - 2014-08-15 17:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-09-10 17:55 - 2014-08-15 17:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-09-10 17:55 - 2014-08-15 17:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-09-10 17:44 - 2014-08-01 14:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-09-10 17:44 - 2014-08-01 14:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-09-10 17:44 - 2014-07-07 05:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-09-10 17:44 - 2014-07-07 05:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-09-10 17:44 - 2014-07-07 04:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-09-10 17:44 - 2014-07-07 04:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-09-10 17:44 - 2014-07-07 04:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-09-03 12:26 - 2014-09-16 14:04 - 00003304 _____ () C:\Windows\System32\Tasks\gg_uac_daemon_Гроздан 2014-08-31 14:28 - 2014-08-31 14:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-08-28 12:24 - 2014-08-23 05:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-28 12:24 - 2014-08-23 04:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-28 12:24 - 2014-08-23 03:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-22 13:20 - 2014-05-14 19:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-08-22 13:20 - 2014-05-14 19:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-08-22 13:20 - 2014-05-14 19:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2014-08-22 13:20 - 2014-05-14 19:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-08-22 13:20 - 2014-05-14 19:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-08-22 13:20 - 2014-05-14 19:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-08-22 13:20 - 2014-05-14 19:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2014-08-22 13:20 - 2014-05-14 19:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-08-22 13:20 - 2014-05-14 19:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-08-22 13:20 - 2014-05-14 19:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2014-08-22 13:20 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-08-22 13:20 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-08-22 13:20 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-08-22 13:20 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-16 19:04 - 2014-09-16 19:04 - 00009381 _____ () C:\Users\Гроздан\Desktop\FRST.txt 2014-09-16 19:04 - 2014-09-16 19:03 - 00000000 ____D () C:\FRST 2014-09-16 19:03 - 2014-09-16 19:02 - 02105856 _____ (Farbar) C:\Users\Гроздан\Desktop\FRST64.exe 2014-09-16 18:46 - 2014-01-21 01:18 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-16 18:17 - 2014-04-13 13:22 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-16 16:27 - 2012-11-26 21:32 - 00000000 ____D () C:\Users\Гроздан\AppData\Roaming\uTorrent 2014-09-16 14:32 - 2014-09-16 14:32 - 00000000 ____D () C:\Users\Гроздан\AppData\Local\Adobe 2014-09-16 14:17 - 2012-11-26 11:03 - 01193009 ____N () C:\Windows\WindowsUpdate.log 2014-09-16 14:11 - 2009-07-14 07:45 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-16 14:11 - 2009-07-14 07:45 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-16 14:05 - 2012-11-26 15:34 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-09-16 14:04 - 2014-09-03 12:26 - 00003304 _____ () C:\Windows\System32\Tasks\gg_uac_daemon_Гроздан 2014-09-16 14:04 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-14 17:43 - 2012-11-27 18:44 - 00000000 ____D () C:\Program Files (x86)\steam 2014-09-14 17:43 - 2012-11-26 21:48 - 00000000 ____D () C:\Users\Гроздан\AppData\Roaming\DAEMON Tools Pro 2014-09-13 21:31 - 2012-11-28 00:15 - 00000000 ____D () C:\Users\Гроздан\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-09-12 14:16 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-09-11 20:23 - 2014-09-11 20:23 - 00000000 ____D () C:\Users\Гроздан\AppData\Roaming\Grand Theft Auto IV 2014-09-11 20:23 - 2014-09-11 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics 2014-09-11 17:02 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\rescache 2014-09-10 21:46 - 2014-01-21 01:18 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-10 21:46 - 2014-01-21 01:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-10 21:46 - 2014-01-21 01:18 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-10 18:02 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG 2014-09-10 18:02 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\bg-BG 2014-09-10 17:54 - 2012-11-26 12:50 - 00769944 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-09-10 17:54 - 2009-07-14 08:13 - 00769944 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-10 17:53 - 2013-07-11 09:15 - 00000000 ____D () C:\Windows\system32\MRT 2014-09-10 17:46 - 2012-11-26 12:23 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-09-07 15:47 - 2012-11-27 18:17 - 00000000 ____D () C:\Users\Гроздан\AppData\Roaming\Skype 2014-08-31 14:28 - 2014-08-31 14:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-08-31 14:28 - 2013-02-17 16:36 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-08-31 14:28 - 2012-11-27 18:17 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-08-31 14:28 - 2012-11-26 15:16 - 00000000 ____D () C:\ProgramData\Skype 2014-08-28 12:27 - 2009-07-14 07:45 - 00408224 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-25 22:52 - 2014-08-15 15:19 - 00000000 ____D () C:\Program Files\CCleaner 2014-08-25 06:53 - 2010-11-21 06:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-08-23 05:07 - 2014-08-28 12:24 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-23 04:45 - 2014-08-28 12:24 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-23 03:59 - 2014-08-28 12:24 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-22 12:33 - 2009-07-14 08:08 - 00032538 _____ () C:\Windows\Tasks\SCHEDLGU.TXT ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-07 17:58 ==================== End Of Log ============================ Addition.txt
×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.