Проблемът е следният - Онзи ден си пуснах интернета след 3 месеца пауза пради да го спра сичко беше добре но след като онзи ден реших да броузвам отворих гугъл хромът ми и цукнах на линк но ми изписва това след това с експлорерът но изписва това което означаваше че нямам интернет, но си отварям скайп и си чатя спокойно , обадих се на доставчикът там ми казаха че сичко при тях си върви нормално и ми казаха че може би ако си инсталирам упдейти ще се оправи , влязох в Windows Update и зададох да потърси ъпдейти но изписва това след това и в Гарена не искаше да ми зареди и казваше че няма връза с сърварът което означава че нямам интернет а аз имам , след това инсталирах файър фокс и започнах да си броузвам но когато ми трябва връзка до сървър за игра или за нешо за компютърът не става не се кънектва , незнам на какво може да се дължи питаха ме дали сам инсталвал някаква антивиръсна скоро и да инсталирах една панда преди 1 месец но я махнах защото като нямах нет не ми беше нужна дали тя може да е махнала нешо или незнам моля помогнете.

Така в раздела оптимизация пише да постна лога от hijacjthis програмата и ето го и него.(преди това сканирах с Malwarebytes' Anti-Malware там ми излязоха 24 заразени фаила , папки и ги премахнах но ме насочиха към този раздел ) та ето и резултатите :

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:44:41 PM, on 6/28/2010

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16386)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\HJT\Kaldata.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {7ea0eef7-63b4-4792-a424-76d98e792258} - (no file)

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll

O4 - HKLM\..\Run: [Norton Ghost 14.0] "C:\Program Files\Norton Ghost\Agent\VProTray.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [uVS12 Preload] C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [Google Update] "C:\Users\DENI\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')

O4 - HKUS\S-1-5-21-1357809282-3622007660-2491278935-1000\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User '?')

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe

O23 - Service: SymSnapService - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe

O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe

--

End of file - 4724 bytes

Понеже писа в друга тема, ще може ли да направиш бързо сканиране - Quick Scan с MalwareBytes' Anti-Malware. Ето как:

• Стартирайте програмата, направете обновяване на дефинициите (Update) и изберете Quick Scan, след това натиснете бутона "Сканиране" (Scan).
  
• Сканирането ще отнеме малко време, затова моля бъдете търпеливи.
  
• Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата.
  
• Уверете се, че на всички редове има отметки, и кликнете Remove Selected.
  
• Когато всичко бъде премахнато, логът ще бъде отворен в Notepad. Копирайте лога и го публикувайте в следващия си коментар в темата.
  

Забележка: Ако MalwareBytes' Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поиска да рестартира компютъра Ви и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.

Ето резултатите който излязоха от сканирането с Malwarebytes.

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4251

Windows 6.0.6000

Internet Explorer 7.0.6000.16386

6/28/2010 10:11:11 PM

mbam-log-2010-06-28 (22-11-11).txt

Scan type: Quick scan

Objects scanned: 128401

Time elapsed: 27 minute(s), 2 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 4

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 4

Files Infected: 16

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Error Repair Professional_is1 (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\ErrorRepairPro (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Casino King (Adware.Casino) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Casino King (Adware.Casino) -> Quarantined and deleted successfully.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Error Repair Professional (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.

C:\Program Files\Error Repair Professional (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.

C:\Program Files\Error Repair Professional\Backups (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.

C:\Program Files\Error Repair Professional\startbug (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.

Files Infected:

C:\Users\DENI\Documents\downloads\SetupCasino_7ccd.exe (Adware.Casino) -> Quarantined and deleted successfully.

C:\Windows\Temp\~osD855.tmp\rlls.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.

C:\Windows\Temp\~osD855.tmp\rlls64.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.

C:\Windows\Temp\~osD855.tmp\rlservice.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.

C:\Windows\Temp\~osD855.tmp\rlvknlg.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.

C:\Windows\Temp\~osD855.tmp\rlvknlg64.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Error Repair Professional\Error Repair Professional.lnk (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Error Repair Professional\Uninstall Error Repair Professional.lnk (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.

C:\Program Files\Error Repair Professional\autostart.exe (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.

C:\Program Files\Error Repair Professional\Dataprogs.dat (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.

C:\Program Files\Error Repair Professional\ErrorRepairProfessional.exe (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.

C:\Program Files\Error Repair Professional\unins000.dat (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.

C:\Program Files\Error Repair Professional\unins000.exe (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.

C:\Program Files\Error Repair Professional\Backups\Backup_22-50-3_17-3-2010.reg (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.

C:\Program Files\Error Repair Professional\Backups\Backup_23-18-56_17-3-2010.reg (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.

C:\Program Files\Error Repair Professional\Backups\Backup_23-36-7_24-6-2010.reg (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.

Добре. Сега изтегли и инсталирай SUPERAntiSpyware Free от тук. След изтеглянето ще последва обновяване на дефинициите. После натисни бутон Preferences и провери с Update дали няма нови. Настройките на програмата трябва да изглеждат ето така (Scanning Control):

После затвори с Close, следва Scan your Computer и избери логическите устройства, без флопи, преносими устройства и CD/DVD.

След това направи пълно сканиране (Complete Scan). Ако има намерени зарази, махни ги и отиди пак на Preferences. Виж съдържанието (двоен клик) на последния лог в Statistics/Logs:

и го публикувай в следващия си коментар.

Ето и лога :

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

Generated 06/29/2010 at 01:50 AM

Application Version : 4.39.1002

Core Rules Database Version : 5057

Trace Rules Database Version: 2869

Scan type : Complete Scan

Total Scan Time : 01:55:14

Memory items scanned : 532

Memory threats detected : 0

Registry items scanned : 8342

Registry threats detected : 0

File items scanned : 18857

File threats detected : 467

Adware.Tracking Cookie

C:\Users\DENI\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt

C:\Users\DENI\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt

C:\Users\DENI\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt

C:\Users\DENI\AppData\Roaming\Microsoft\Windows\Cookies\deni@doubleclick[1].txt

C:\Users\DENI\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt

C:\Users\DENI\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt

C:\Users\DENI\AppData\Roaming\Microsoft\Windows\Cookies\deni@apmebf[2].txt

C:\Users\DENI\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt

C:\Users\DENI\AppData\Roaming\Microsoft\Windows\Cookies\deni@questionmarket[2].txt

C:\Users\DENI\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt

C:\Users\DENI\AppData\Roaming\Microsoft\Windows\Cookies\deni@mediaplex[1].txt

C:\Users\DENI\AppData\Roaming\Microsoft\Windows\Cookies\deni@statcounter[1].txt

C:\Users\DENI\AppData\Roaming\Microsoft\Windows\Cookies\deni@mediafire[1].txt

C:\Users\DENI\AppData\Roaming\Microsoft\Windows\Cookies\deni@atdmt[1].txt

C:\Users\DENI\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt

C:\Users\DENI\AppData\Roaming\Microsoft\Windows\Cookies\deni@2o7[2].txt

C:\Users\DENI\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][3].txt

C:\Users\DENI\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt

.doubleclick.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.kontera.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.adultadworld.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.adultadworld.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.hornymatches.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.lfstmedia.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.imrworldwide.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.zedo.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.mediaplex.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.adtech.de [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.tacoda.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.advertising.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.adbrite.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.revsci.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

counter.search.bg [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.mediafire.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.mediafire.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

stats.goomradio.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.atdmt.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.atdmt.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.collective-media.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

adserver.adreactor.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.imrworldwide.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.hornymatches.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.invitemedia.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.realmedia.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.realmedia.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.realmedia.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.dmtracker.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.automedia.bg [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.automedia.bg [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.automedia.bg [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.test-drive.automedia.bg [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.test-drive.automedia.bg [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.at.atwola.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.vortexmediagroup.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.2o7.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.ads.pointroll.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.pointroll.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.2o7.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

media.sensis.com.au [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.azjmp.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.mywebsearch.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.mywebsearch.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.specificmedia.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

cdn4.specificclick.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

www8.addfreestats.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.ipcmedia.122.2o7.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.media.photobucket.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.eucerin.122.2o7.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.warnerbros.112.2o7.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.eb.adbureau.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

www.warezomen.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

www.warezomen.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

www.downloadserialcrack.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

www.downloadserialcrack.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.trackitdown.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.trackitdown.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

ads.trackitdown.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

ads.trackitdown.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.friendfinder.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.friendfinder.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.invitemedia.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

media.exchange.bg [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.sexbutici.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.sexbutici.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.questionmarket.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.questionmarket.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.tripod.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.tripod.lycos.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

statse.webtrendslive.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.trafficmp.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

tsprotraffic.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

adprotraffic.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.pornpuma.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.pornpuma.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.sexvek.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.sexvek.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.sex-amat.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.sex-amat.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.cgm.adbureau.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

rts.pgmediaserve.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

ads.onmedia.bg [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.account.garena.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

adserver.uproxx.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.account.garena.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.kontera.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.kontera.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.realmedia.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.247realmedia.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.bravenet.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.nike.112.2o7.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.adviva.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.smartadserver.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.fastclick.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.247realmedia.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.tns-counter.ru [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.socialmedia.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.revenue.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

server.iad.liveperson.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

server.iad.liveperson.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.paypal.112.2o7.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.adbureau.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

s04.flagcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

www5.addfreestats.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

optimize.indieclick.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.trafficmp.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.ad.velmedia.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.velmedia.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

creatives.commindo-media.de [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.rambler.ru [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.etargetnet.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.etargetnet.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.etargetnet.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.etargetnet.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.neznamovxpx.servecounterstrike.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.neznamovxpx.servecounterstrike.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.fb-friend-stats.appspot.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.fb-friend-stats.appspot.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.server.cpmstar.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

www.burstbeacon.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.burstbeacon.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.tracker.adtaily.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.tracker.adtaily.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

www7.addfreestats.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.clickbank.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.stats.adbrite.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.sonycorporate.112.2o7.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.sonyeurope.112.2o7.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.2o7.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.cgm.adbureau.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.cgm.adbureau.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.cgm.adbureau.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.ad.velmedia.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.cgm.adbureau.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.revsci.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.lfstmedia.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.casalemedia.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.casalemedia.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.casalemedia.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.pro-market.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.pro-market.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.adecn.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.legolas-media.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.burstnet.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.advertising.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.advertising.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.advertising.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.ads.pointroll.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.pointroll.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.ads.pointroll.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.ads.pointroll.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.ads.pointroll.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.ads.pointroll.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.ads.pointroll.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.ads.pointroll.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.adultfriendfinder.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.adultfriendfinder.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.clicksor.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.serving.adsrevenue.clicksor.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.serving.adsrevenue.clicksor.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.yadro.ru [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

openx.itmgmedia.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

openx.itmgmedia.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.zedo.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.zedo.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.server.cpmstar.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

ad.yieldmanager.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.invitemedia.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.doubleclick.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.clickaider.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.gostats.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.invitemedia.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

www.googleadservices.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.media6degrees.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.azjmp.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.myroitracking.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.clicksor.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.clicksor.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

www6.addfreestats.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

ads2.helpos.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

ads2.helpos.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

ads2.helpos.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

ads2.helpos.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.smartadserver.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.smartadserver.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.incentaclick.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.www.incentaclick.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.incentaclick.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.www.incentaclick.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.burstnet.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

gotacha.rotator.hadj7.adjuggler.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

gr.burstnet.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

gotacha.rotator.hadj7.adjuggler.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.pubads.g.doubleclick.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.pubads.g.doubleclick.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

m.adx.bg [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.mediafire.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.mediaplex.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.linksynergy.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.linksynergy.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.linksynergy.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.tribalfusion.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.serialitv.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.serialitv.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

ad.yieldmanager.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.adviva.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.revsci.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.revsci.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.revsci.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.revsci.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.tacoda.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.tacoda.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.tacoda.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.tacoda.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.advertising.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.advertising.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.at.atwola.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.at.atwola.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.ehg-ti.hitbox.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.hitbox.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.hitbox.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.ehg-ti.hitbox.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.trafficmp.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.trafficmp.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.trafficmp.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.trafficmp.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.trafficmp.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

www.googleadservices.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.media6degrees.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.media6degrees.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.media6degrees.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.media6degrees.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

media.exchange.bg [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.serving-sys.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.serving-sys.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.serving-sys.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.serving-sys.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.serving-sys.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.serving-sys.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.bs.serving-sys.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.engine.goodadvert.ru [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.findhotlinks.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.specificclick.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.specificclick.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.specificclick.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.specificclick.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.specificclick.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.specificclick.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.specificclick.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

ads2.weblogssl.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.list.ru [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

www.googleadservices.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.toplist.cz [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

s04.flagcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.spylog.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.openstat.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

www.googleadservices.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

ad.yieldmanager.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

delivery.usermedia.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

www.teenproblem.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.teenproblem.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.teenproblem.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.teenproblem.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

delivery.usermedia.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.clicksor.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.clicksor.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.clicksor.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

delivery.usermedia.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.bluestreak.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.fb-friend-stats2.appspot.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.fb-friend-stats2.appspot.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.fb-friend-stats2.appspot.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

fb-friend-stats2.appspot.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

www.googleadservices.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.smartadserver.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.smartadserver.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.smartadserver.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.content.yieldmanager.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.content.yieldmanager.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.azjmp.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.azjmp.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.azjmp.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.xm.xtendmedia.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.fastclick.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

click.mediadome.ru [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

click.mediadome.ru [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

click.mediadome.ru [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.statcounter.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.adbrite.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.adbrite.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.adbrite.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.adbrite.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.adbrite.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.chitika.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

ad.yieldmanager.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

ad.yieldmanager.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

ad.yieldmanager.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

ad.yieldmanager.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

ad.yieldmanager.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.fastclick.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.fastclick.net [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

.lfstmedia.com [ C:\Users\DENI\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

cdn4.specificclick.net [ C:\Users\DENI\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\8PKY345E ]

content.oddcast.com [ C:\Users\DENI\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\8PKY345E ]

media.scanscout.com [ C:\Users\DENI\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\8PKY345E ]

naiadsystems.com [ C:\Users\DENI\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\8PKY345E ]

secure-it.imrworldwide.com [ C:\Users\DENI\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\8PKY345E ]

tc-cdn-1.porned.com [ C:\Users\DENI\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\8PKY345E ]

track.mediaone.bg [ C:\Users\DENI\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\8PKY345E ]

www.trackitdown.net [ C:\Users\DENI\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\8PKY345E ]

.doubleclick.net [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.lfstmedia.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

ad.yieldmanager.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

ad.yieldmanager.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

ad.yieldmanager.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

ad.yieldmanager.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.content.yieldmanager.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

ad.yieldmanager.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.smartadserver.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.smartadserver.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.imrworldwide.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.imrworldwide.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.smartadserver.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.smartadserver.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.apmebf.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.mediaplex.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.mediaplex.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.tribalfusion.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.fastclick.net [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.fastclick.net [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.fastclick.net [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

www6.addfreestats.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.zedo.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.zedo.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.zedo.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.adbrite.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.adbrite.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.adbrite.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.adultfriendfinder.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.adultfriendfinder.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.adultfriendfinder.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.adultfriendfinder.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.adultfriendfinder.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.adultfriendfinder.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.adultfriendfinder.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.msnportal.112.2o7.net [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.atdmt.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.atdmt.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.microsoftwindows.112.2o7.net [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

ad.yieldmanager.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.bs.serving-sys.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.serving-sys.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.serving-sys.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.serving-sys.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.serving-sys.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.serving-sys.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.serving-sys.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.serving-sys.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

ads.bridgetrack.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

ads.bridgetrack.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

ads.bridgetrack.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.myroitracking.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.clicksor.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.clicksor.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.clicksor.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.clicksor.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.clicksor.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.revsci.net [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.revsci.net [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.revsci.net [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.revsci.net [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.atdmt.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.perf.overture.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.casalemedia.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.casalemedia.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.casalemedia.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.interclick.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.collective-media.net [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.collective-media.net [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.media6degrees.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.media6degrees.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.media6degrees.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.media6degrees.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

media.easyads.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.revsci.net [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.adbrite.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

counter.search.bg [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.rambler.ru [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.tracker.hdclub.com.ua [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.tracker.hdclub.com.ua [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.list.ru [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.lfstmedia.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

.adserver.adtechus.com [ C:\Users\DENI\AppData\Roaming\Mozilla\Firefox\Profiles\qx59av54.default\cookies.sqlite ]

Adware.Flash Tracking Cookie

C:\Users\DENI\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8PKY345E\WWW.TRACKITDOWN.NET

C:\Users\DENI\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8PKY345E\NAIADSYSTEMS.COM

C:\Users\DENI\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8PKY345E\SECURE-IT.IMRWORLDWIDE.COM

C:\Users\DENI\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8PKY345E\CONTENT.ODDCAST.COM

Следва:

Стъпка 1

Следвайте следната инструкция за работа с OTL:

• Изтеглете OTL.exe и го запазете на десктопа.
  
• Стартирайте файла .
  
• Направете следните настройки:
  

• Под с Copy/ Paste въведете следната информация от цитата по-долу:
  

netsvcs

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.*

%SYSTEMDRIVE%\*.exe

%systemroot%\*. /mp /s

CREATERESTOREPOINT

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\user32.dll /md5

%systemroot%\system32\ws2_32.dll /md5

• Натиснете маркираният в синьо бутон: .
  
• Като приключи проверката, ще се създадат два файла - OTL.Txt и Extras.Txt.
  

Стъпка 2

Прикачете в следващия си коментар (погледнете опцията "прикачени файлове", когато публикувате мнение) логовете от OTL: OTL.Txt, Extras.Txt.

Ето лога от OTL.txt:

OTL logfile created on: 6/29/2010 12:31:50 PM - Run 1

OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\DENI\Desktop

Windows Vista Ultimate Edition (Version = 6.0.6000) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6000.16386)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 172.00 Mb Available Physical Memory | 34.00% Memory free

1.00 Gb Paging File | 1.00 Gb Available in Paging File | 52.00% Paging File free

Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 43.95 Gb Total Space | 16.91 Gb Free Space | 38.48% Space Free | Partition Type: NTFS

Drive D: | 48.83 Gb Total Space | 17.26 Gb Free Space | 35.35% Space Free | Partition Type: NTFS

Drive E: | 56.27 Gb Total Space | 17.07 Gb Free Space | 30.33% Space Free | Partition Type: NTFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: DENI-PC

Current User Name: DENI

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 30 Days

Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\DENI\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)

PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Program Files\Norton Ghost\Agent\VProSvc.exe (Symantec Corporation)

PRC - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe (Symantec)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

========== Modules (All) ==========

MOD - C:\Users\DENI\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Windows\System32\srclient.dll (Microsoft Corporation)

MOD - C:\Windows\System32\spp.dll (Microsoft Corporation)

MOD - C:\Windows\System32\ntdll.dll (Microsoft Corporation)

MOD - C:\Windows\System32\rsaenh.dll (Microsoft Corporation)

MOD - C:\Windows\System32\xmllite.dll (Microsoft Corporation)

MOD - C:\Windows\System32\Wldap32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\ws2_32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\wbem\wmiutils.dll (Microsoft Corporation)

MOD - C:\Windows\System32\shell32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\setupapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

MOD - C:\Windows\System32\shdocvw.dll (Microsoft Corporation)

MOD - C:\Windows\System32\vssapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\user32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\usp10.dll (Microsoft Corporation)

MOD - C:\Windows\System32\vbscript.dll (Microsoft Corporation)

MOD - C:\Windows\System32\sxs.dll (Microsoft Corporation)

MOD - C:\Windows\System32\wbem\wbemcomn.dll (Microsoft Corporation)

MOD - C:\Windows\System32\shlwapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\uxtheme.dll (Microsoft Corporation)

MOD - C:\Windows\System32\wbem\wbemdisp.dll (Microsoft Corporation)

MOD - C:\Windows\System32\userenv.dll (Microsoft Corporation)

MOD - C:\Windows\System32\vsstrace.dll (Microsoft Corporation)

MOD - C:\Windows\System32\wbem\wbemsvc.dll (Microsoft Corporation)

MOD - C:\Windows\System32\sfc_os.dll (Microsoft Corporation)

MOD - C:\Windows\System32\wbem\wbemprox.dll (Microsoft Corporation)

MOD - C:\Windows\System32\version.dll (Microsoft Corporation)

MOD - C:\Windows\System32\sfc.dll (Microsoft Corporation)

MOD - C:\Windows\System32\ole32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\rpcrt4.dll (Microsoft Corporation)

MOD - C:\Windows\System32\propsys.dll (Microsoft Corporation)

MOD - C:\Windows\System32\oleaut32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\ntmarta.dll (Microsoft Corporation)

MOD - C:\Windows\System32\olepro32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\ntdsapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\secur32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\samlib.dll (Microsoft Corporation)

MOD - C:\Windows\System32\psapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\nsi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\netapi32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\msvcrt.dll (Microsoft Corporation)

MOD - C:\Windows\System32\msi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\msiltcfg.dll (Microsoft Corporation)

MOD - C:\Windows\System32\msctf.dll (Microsoft Corporation)

MOD - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

MOD - C:\Windows\System32\kernel32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\gdi32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\iertutil.dll (Microsoft Corporation)

MOD - C:\Windows\System32\imm32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\mpr.dll (Microsoft Corporation)

MOD - C:\Windows\System32\lpk.dll (Microsoft Corporation)

MOD - C:\Windows\System32\wbem\fastprox.dll (Microsoft Corporation)

MOD - C:\Windows\System32\dnsapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\comdlg32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\advapi32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\clbcatq.dll (Microsoft Corporation)

MOD - C:\Windows\System32\apphelp.dll (Microsoft Corporation)

MOD - C:\Windows\System32\authz.dll (Microsoft Corporation)

MOD - C:\Windows\System32\atl.dll (Microsoft Corporation)

MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)

MOD - C:\Windows\System32\winspool.drv (Microsoft Corporation)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)

SRV - (TeamViewer4) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe (TeamViewer GmbH)

SRV - (Norton Ghost) -- C:\Program Files\Norton Ghost\Agent\VProSvc.exe (Symantec Corporation)

SRV - (SymSnapService) -- C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe (Symantec)

SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (GarenaPEngine) -- C:\Users\DENI\AppData\Local\Temp\BCP5277.tmp ()

DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()

DRV - (adfs) -- C:\Windows\System32\drivers\adfs.sys (Adobe Systems, Inc.)

DRV - (teamviewervpn) -- C:\Windows\System32\drivers\teamviewervpn.sys (TeamViewer GmbH)

DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)

DRV - (v2imount) -- C:\Windows\System32\drivers\v2imount.sys (Symantec Corporation)

DRV - (VProEventMonitor) -- C:\Windows\System32\drivers\vproeventmonitor.sys (Symantec Corporation)

DRV - (symsnap) -- C:\Windows\system32\DRIVERS\symsnap.sys (StorageCraft)

DRV - (ISODrive) -- C:\Program Files\UltraISO\drivers\ISODrive.sys (EZB Systems, Inc.)

DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)

DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)

DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)

DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)

DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)

DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)

DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)

DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)

DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)

DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)

DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)

DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)

DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)

DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)

DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)

DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)

DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)

DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)

DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)

DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)

DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)

DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)

DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)

DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)

DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)

DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)

DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)

DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)

DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)

DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)

DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)

DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)

DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)

DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)

DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)

DRV - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)

DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)

DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)

DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)

DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)

DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)

DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)

DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)

DRV - (VIAudio) -- C:\Windows\System32\drivers\ac97via.sys (VIA Technologies, Inc.)

DRV - (nv) -- C:\Windows\System32\drivers\nv4_mini.sys (NVIDIA Corporation)

DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )

DRV - (E1G60) Intel® -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1357809282-3622007660-2491278935-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

IE - HKU\S-1-5-21-1357809282-3622007660-2491278935-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-1357809282-3622007660-2491278935-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8080

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/25 21:07:01 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/25 21:07:01 | 000,000,000 | ---D | M]

[2010/06/24 23:56:20 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2009/07/31 01:46:07 | 000,001,083 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\911bg.xml

[2009/07/31 01:46:07 | 000,002,442 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\diribg.xml

[2009/07/31 01:46:07 | 000,001,515 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pe-bg.xml

[2009/07/31 01:46:07 | 000,001,857 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\portalbgdict.xml

[2009/07/31 01:46:07 | 000,001,220 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-bg.xml

O1 HOSTS File: ([2010/01/22 01:04:11 | 000,000,791 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O1 - Hosts: 127.0.0.1 activate.adobe.com

O2 - BHO: (no name) - {7ea0eef7-63b4-4792-a424-76d98e792258} - No CLSID value found.

O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Norton Ghost 14.0] C:\Program Files\Norton Ghost\Agent\VProTray.exe (Symantec Corporation)

O4 - HKLM..\Run: [uVS12 Preload] C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe File not found

O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-21-1357809282-3622007660-2491278935-1000..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)

O4 - Startup: C:\Users\All Users\Adobe [2010/01/22 00:57:11 | 000,000,000 | ---D | M]

O4 - Startup: C:\Users\All Users\Alwil Software [2010/06/27 16:23:59 | 000,000,000 | ---D | M]

O4 - Startup: C:\Users\All Users\Apple [2010/03/27 23:24:21 | 000,000,000 | ---D | M]

O4 - Startup: C:\Users\All Users\Apple Computer [2010/03/29 00:14:42 | 000,000,000 | ---D | M]

O4 - Startup: C:\Users\All Users\Application Data [2006/11/02 16:00:38 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\All Users\Desktop [2006/11/02 16:00:38 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\All Users\Documents [2006/11/02 16:00:38 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\All Users\Estsoft [2009/11/05 18:04:39 | 000,000,000 | ---D | M]

O4 - Startup: C:\Users\All Users\Favorites [2006/11/02 16:00:38 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\All Users\FLEXnet [2010/01/22 01:06:25 | 000,000,000 | ---D | M]

O4 - Startup: C:\Users\All Users\InterVideo [2009/11/04 17:20:08 | 000,000,000 | ---D | M]

O4 - Startup: C:\Users\All Users\Malwarebytes [2010/06/28 21:28:07 | 000,000,000 | ---D | M]

O4 - Startup: C:\Users\All Users\Microsoft [2010/05/18 11:57:52 | 000,000,000 | --SD | M]

O4 - Startup: C:\Users\All Users\Skype [2009/11/27 21:39:48 | 000,000,000 | ---D | M]

O4 - Startup: C:\Users\All Users\Start Menu [2006/11/02 16:00:38 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\All Users\SUPERAntiSpyware.com [2010/06/28 23:40:10 | 000,000,000 | ---D | M]

O4 - Startup: C:\Users\All Users\Symantec [2009/11/04 10:56:31 | 000,000,000 | ---D | M]

O4 - Startup: C:\Users\All Users\Templates [2006/11/02 16:00:38 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\All Users\Ulead Systems [2010/06/24 23:53:35 | 000,000,000 | ---D | M]

O4 - Startup: C:\Users\All Users\Xerox [2010/04/06 19:48:33 | 000,000,000 | ---D | M]

O4 - Startup: C:\Users\All Users\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2010/03/27 23:41:20 | 000,000,000 | ---D | M]

O4 - Startup: C:\Users\Default\AppData [2006/11/02 14:18:34 | 000,000,000 | -H-D | M]

O4 - Startup: C:\Users\Default\Application Data [2006/11/02 16:00:38 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\Default\Cookies [2006/11/02 16:00:38 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\Default\Desktop [2006/11/02 13:23:35 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\Default\Documents [2006/11/02 16:00:38 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\Default\Downloads [2006/11/02 13:23:35 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\Default\Favorites [2006/11/02 13:23:35 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\Default\Links [2006/11/02 13:23:35 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\Default\Local Settings [2006/11/02 16:00:38 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\Default\Music [2006/11/02 13:23:35 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\Default\My Documents [2006/11/02 16:00:38 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\Default\NetHood [2006/11/02 16:00:38 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\Default\NTUSER.DAT ()

O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG ()

O4 - Startup: C:\Users\Default\ntuser.dat.LOG1 ()

O4 - Startup: C:\Users\Default\ntuser.dat.LOG2 ()

O4 - Startup: C:\Users\Default\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TM.blf ()

O4 - Startup: C:\Users\Default\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms ()

O4 - Startup: C:\Users\Default\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000002.regtrans-ms ()

O4 - Startup: C:\Users\Default\Pictures [2006/11/02 13:23:35 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\Default\PrintHood [2006/11/02 16:00:38 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\Default\Recent [2006/11/02 16:00:38 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\Default\Saved Games [2006/11/02 13:23:35 | 000,000,000 | ---D | M]

O4 - Startup: C:\Users\Default\SendTo [2006/11/02 16:00:38 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\Default\Start Menu [2006/11/02 16:00:38 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\Default\Templates [2006/11/02 16:00:38 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\Default\Videos [2006/11/02 13:23:35 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\DENI\AppData [2009/11/04 09:13:42 | 000,000,000 | -H-D | M]

O4 - Startup: C:\Users\DENI\Application Data [2009/11/04 09:10:28 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\DENI\Contacts [2010/03/18 12:32:07 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\DENI\Cookies [2009/11/04 09:10:28 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\DENI\Desktop [2010/06/29 12:31:38 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\DENI\Documents [2010/03/31 10:52:30 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\DENI\Downloads [2010/06/25 01:05:48 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\DENI\Favorites [2009/11/04 09:13:46 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\DENI\Links [2010/03/18 12:32:29 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\DENI\Local Settings [2009/11/04 09:10:28 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\DENI\Music [2009/11/04 09:13:42 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\DENI\My Documents [2009/11/04 09:10:28 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\DENI\NetHood [2009/11/04 09:10:28 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\DENI\NTUSER.DAT ()

O4 - Startup: C:\Users\DENI\ntuser.dat.LOG1 ()

O4 - Startup: C:\Users\DENI\ntuser.dat.LOG2 ()

O4 - Startup: C:\Users\DENI\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TM.blf ()

O4 - Startup: C:\Users\DENI\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms ()

O4 - Startup: C:\Users\DENI\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000002.regtrans-ms ()

O4 - Startup: C:\Users\DENI\ntuser.ini ()

O4 - Startup: C:\Users\DENI\Pictures [2010/06/29 03:19:07 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\DENI\PrintHood [2009/11/04 09:10:28 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\DENI\Recent [2009/11/04 09:10:28 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\DENI\Saved Games [2009/11/04 09:13:42 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\DENI\Searches [2010/03/18 12:32:29 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\DENI\SendTo [2009/11/04 09:10:28 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\DENI\Start Menu [2009/11/04 09:10:28 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\DENI\temp [2010/02/08 12:09:46 | 000,000,000 | ---D | M]

O4 - Startup: C:\Users\DENI\Templates [2009/11/04 09:10:28 | 000,000,000 | -HSD | M]

O4 - Startup: C:\Users\DENI\Videos [2010/02/01 21:58:03 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\DENI\{92854faa-3db6-4c16-b6fd-136e23a3f8d0} [2010/02/13 15:51:50 | 000,000,000 | ---D | M]

O4 - Startup: C:\Users\Public\Desktop [2010/06/28 23:39:29 | 000,000,000 | RH-D | M]

O4 - Startup: C:\Users\Public\Documents [2010/06/25 20:57:20 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\Public\Downloads [2006/11/02 15:49:43 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\Public\Favorites [2006/11/02 13:23:35 | 000,000,000 | RH-D | M]

O4 - Startup: C:\Users\Public\Music [2006/11/02 15:49:43 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\Public\Pictures [2006/11/02 15:49:43 | 000,000,000 | R--D | M]

O4 - Startup: C:\Users\Public\Recorded TV [2006/11/02 15:35:50 | 000,000,000 | ---D | M]

O4 - Startup: C:\Users\Public\Videos [2006/11/02 15:49:43 | 000,000,000 | R--D | M]

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O7 - HKU\S-1-5-21-1357809282-3622007660-2491278935-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.233.128.2 10.10.0.100

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\DENI\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg

O24 - Desktop BackupWallPaper: C:\Users\DENI\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg

O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/19 00:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{3a4882cd-7852-11df-b58a-001d0fc139e6}\Shell\AutoRun\command - "" = J:\2ul.exe -- File not found

O33 - MountPoints2\{3a4882cd-7852-11df-b58a-001d0fc139e6}\Shell\open\Command - "" = J:\2ul.exe -- File not found

O33 - MountPoints2\{486c5ebe-3fda-11df-9238-001d0fc139e6}\Shell\AutoRun\command - "" = J:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found

O33 - MountPoints2\{486c5ebe-3fda-11df-9238-001d0fc139e6}\Shell\open\command - "" = J:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found

O33 - MountPoints2\{791e99ac-eb4f-11de-803a-001d0fc139e6}\Shell - "" = AutoRun

O33 - MountPoints2\{791e99ac-eb4f-11de-803a-001d0fc139e6}\Shell\AutoRun\command - "" = G:\startup.exe -- File not found

O33 - MountPoints2\{791e99ae-eb4f-11de-803a-001d0fc139e6}\Shell - "" = AutoRun

O33 - MountPoints2\{791e99ae-eb4f-11de-803a-001d0fc139e6}\Shell\AutoRun\command - "" = H:\autorun.exe -- File not found

O33 - MountPoints2\{b8655c86-0666-11df-aa7a-001d0fc139e6}\Shell\AutoRun\command - "" = J:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found

O33 - MountPoints2\{b8655c86-0666-11df-aa7a-001d0fc139e6}\Shell\open\command - "" = J:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found

O33 - MountPoints2\{dffa2c8a-6a8f-11df-9635-001d0fc139e6}\Shell\AutoRun\command - "" = J:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found

O33 - MountPoints2\{dffa2c8a-6a8f-11df-9635-001d0fc139e6}\Shell\open\command - "" = J:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/06/28 23:40:10 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com

[2010/06/28 23:39:16 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware

[2010/06/28 22:40:56 | 000,000,000 | ---D | C] -- C:\HJT

[2010/06/28 22:40:56 | 000,000,000 | ---D | C] -- \HJT

[2010/06/28 21:28:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010/06/28 21:28:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010/06/28 21:28:05 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010/06/28 21:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010/06/25 21:43:16 | 000,000,000 | ---D | C] -- C:\cc9a1f71b1d3f3df2ead9015f3

[2010/06/25 21:43:16 | 000,000,000 | ---D | C] -- \cc9a1f71b1d3f3df2ead9015f3

[2010/06/25 21:42:36 | 000,000,000 | ---D | C] -- C:\3bc845c00063b72ec11711e5

[2010/06/25 21:42:36 | 000,000,000 | ---D | C] -- \3bc845c00063b72ec11711e5

[2010/06/25 21:23:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders

[2010/06/25 20:57:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment

[2010/06/24 23:56:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2010/06/02 22:53:21 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security

[2010/06/02 22:41:58 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer

[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/06/29 12:31:48 | 004,980,736 | -HS- | M] () -- C:\Users\DENI\NTUSER.DAT

[2010/06/29 11:44:24 | 000,004,672 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2010/06/29 11:44:24 | 000,004,672 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2010/06/29 11:42:23 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010/06/29 11:42:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/06/29 11:41:31 | 536,403,968 | -HS- | M] () -- C:\hiberfil.sys

[2010/06/28 23:39:29 | 000,001,800 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

[2010/06/28 21:28:21 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/06/28 02:23:57 | 000,090,112 | ---- | M] () -- C:\Windows\SPInstall.etl

[2010/06/28 00:08:44 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1357809282-3622007660-2491278935-1000Core1cb163ced6dc280.job

[2010/06/27 16:08:09 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

[2010/06/25 21:13:46 | 000,002,401 | ---- | M] () -- C:\Users\DENI\Application Data\Microsoft\Internet Explorer\Quick Launch\Skype.lnk

[2010/06/25 10:14:23 | 000,002,036 | ---- | M] () -- C:\Users\DENI\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2010/06/24 23:56:29 | 000,001,748 | ---- | M] () -- C:\Users\DENI\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2010/06/24 23:56:29 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2010/06/24 23:47:23 | 000,000,943 | ---- | M] () -- C:\Users\DENI\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2010/06/24 22:21:12 | 000,720,952 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2010/06/24 22:21:12 | 000,612,436 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010/06/24 22:21:12 | 000,104,158 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010/06/24 21:45:48 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 4.lnk

[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/06/28 23:39:29 | 000,001,800 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

[2010/06/28 21:28:21 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/06/28 00:08:44 | 000,000,852 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1357809282-3622007660-2491278935-1000Core1cb163ced6dc280.job

[2010/06/25 21:42:41 | 000,090,112 | ---- | C] () -- C:\Windows\SPInstall.etl

[2010/06/25 10:14:23 | 000,002,036 | ---- | C] () -- C:\Users\DENI\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2010/06/24 23:56:29 | 000,001,748 | ---- | C] () -- C:\Users\DENI\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2010/06/24 23:56:29 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2010/06/24 23:25:52 | 000,002,401 | ---- | C] () -- C:\Users\DENI\Application Data\Microsoft\Internet Explorer\Quick Launch\Skype.lnk

[2010/03/21 11:19:32 | 000,069,632 | ---- | C] () -- C:\Windows\System32\xmltok.dll

[2010/03/21 11:19:32 | 000,036,864 | ---- | C] () -- C:\Windows\System32\xmlparse.dll

[2010/01/31 21:08:49 | 000,168,448 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2009/12/18 00:00:03 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys

[2009/12/01 23:00:26 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini

[2009/11/17 18:21:11 | 000,028,672 | ---- | C] () -- C:\Windows\System32\newdll.dll

[2009/11/04 17:20:03 | 000,209,040 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll

[2009/11/04 17:20:03 | 000,204,944 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll

[2009/11/04 17:20:03 | 000,196,752 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll

[2009/11/04 17:20:03 | 000,196,752 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll

[2009/11/04 17:20:03 | 000,192,656 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll

[2009/11/04 17:20:03 | 000,024,720 | ---- | C] () -- C:\Windows\System32\IVIresize.dll

[2009/11/04 17:03:25 | 000,007,420 | ---- | C] () -- C:\Windows\UA000106.DLL

[2009/11/04 17:03:08 | 000,007,420 | ---- | C] () -- C:\Windows\UA000104.DLL

[2009/11/04 11:33:33 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI

[2006/11/02 15:34:23 | 000,080,010 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en

[2006/11/02 15:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006/11/02 10:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2004/09/16 14:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\System32\drivers\ADFUUD.SYS

[2004/09/16 14:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\ADFUUD.SYS

[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

========== LOP Check ==========

[2010/06/27 16:23:59 | 000,000,000 | ---D | M] -- C:\Users\All Users\Alwil Software

[2006/11/02 16:00:38 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Application Data

[2006/11/02 16:00:38 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Desktop

[2006/11/02 16:00:38 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Documents

[2006/11/02 16:00:38 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favorites

[2009/11/04 17:20:08 | 000,000,000 | ---D | M] -- C:\Users\All Users\InterVideo

[2006/11/02 16:00:38 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Start Menu

[2006/11/02 16:00:38 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Templates

[2010/06/24 23:53:35 | 000,000,000 | ---D | M] -- C:\Users\All Users\Ulead Systems

[2010/04/06 19:48:33 | 000,000,000 | ---D | M] -- C:\Users\All Users\Xerox

[2010/03/27 23:41:20 | 000,000,000 | ---D | M] -- C:\Users\All Users\{755AC846-7372-4AC8-8550-C52491DAA8BD}

[2006/11/02 14:18:34 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData

[2006/11/02 16:00:38 | 000,000,000 | -HSD | M] -- C:\Users\Default\Application Data

[2006/11/02 16:00:38 | 000,000,000 | -HSD | M] -- C:\Users\Default\Cookies

[2006/11/02 13:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Desktop

[2006/11/02 16:00:38 | 000,000,000 | R--D | M] -- C:\Users\Default\Documents

[2006/11/02 13:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Downloads

[2006/11/02 13:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Favorites

[2006/11/02 13:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Links

[2006/11/02 16:00:38 | 000,000,000 | -HSD | M] -- C:\Users\Default\Local Settings

[2006/11/02 13:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Music

[2006/11/02 16:00:38 | 000,000,000 | -HSD | M] -- C:\Users\Default\My Documents

[2006/11/02 16:00:38 | 000,000,000 | -HSD | M] -- C:\Users\Default\NetHood

[2006/11/02 13:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Pictures

[2006/11/02 16:00:38 | 000,000,000 | -HSD | M] -- C:\Users\Default\PrintHood

[2006/11/02 16:00:38 | 000,000,000 | -HSD | M] -- C:\Users\Default\Recent

[2006/11/02 13:23:35 | 000,000,000 | ---D | M] -- C:\Users\Default\Saved Games

[2006/11/02 16:00:38 | 000,000,000 | -HSD | M] -- C:\Users\Default\SendTo

[2006/11/02 16:00:38 | 000,000,000 | -HSD | M] -- C:\Users\Default\Start Menu

[2006/11/02 16:00:38 | 000,000,000 | -HSD | M] -- C:\Users\Default\Templates

[2006/11/02 13:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Videos

[2009/11/04 09:13:42 | 000,000,000 | -H-D | M] -- C:\Users\DENI\AppData

[2009/11/04 09:10:28 | 000,000,000 | -HSD | M] -- C:\Users\DENI\Application Data

[2010/03/18 12:32:07 | 000,000,000 | R--D | M] -- C:\Users\DENI\Contacts

[2009/11/04 09:10:28 | 000,000,000 | -HSD | M] -- C:\Users\DENI\Cookies

[2010/06/29 12:31:38 | 000,000,000 | R--D | M] -- C:\Users\DENI\Desktop

[2010/03/31 10:52:30 | 000,000,000 | R--D | M] -- C:\Users\DENI\Documents

[2010/06/25 01:05:48 | 000,000,000 | R--D | M] -- C:\Users\DENI\Downloads

[2009/11/04 09:13:46 | 000,000,000 | R--D | M] -- C:\Users\DENI\Favorites

[2010/03/18 12:32:29 | 000,000,000 | R--D | M] -- C:\Users\DENI\Links

[2009/11/04 09:10:28 | 000,000,000 | -HSD | M] -- C:\Users\DENI\Local Settings

[2009/11/04 09:13:42 | 000,000,000 | R--D | M] -- C:\Users\DENI\Music

[2009/11/04 09:10:28 | 000,000,000 | -HSD | M] -- C:\Users\DENI\My Documents

[2009/11/04 09:10:28 | 000,000,000 | -HSD | M] -- C:\Users\DENI\NetHood

[2010/06/29 03:19:07 | 000,000,000 | R--D | M] -- C:\Users\DENI\Pictures

[2009/11/04 09:10:28 | 000,000,000 | -HSD | M] -- C:\Users\DENI\PrintHood

[2009/11/04 09:10:28 | 000,000,000 | -HSD | M] -- C:\Users\DENI\Recent

[2009/11/04 09:13:42 | 000,000,000 | R--D | M] -- C:\Users\DENI\Saved Games

[2010/03/18 12:32:29 | 000,000,000 | R--D | M] -- C:\Users\DENI\Searches

[2009/11/04 09:10:28 | 000,000,000 | -HSD | M] -- C:\Users\DENI\SendTo

[2009/11/04 09:10:28 | 000,000,000 | -HSD | M] -- C:\Users\DENI\Start Menu

[2010/02/08 12:09:46 | 000,000,000 | ---D | M] -- C:\Users\DENI\temp

[2009/11/04 09:10:28 | 000,000,000 | -HSD | M] -- C:\Users\DENI\Templates

[2010/02/01 21:58:03 | 000,000,000 | R--D | M] -- C:\Users\DENI\Videos

[2010/02/13 15:51:50 | 000,000,000 | ---D | M] -- C:\Users\DENI\{92854faa-3db6-4c16-b6fd-136e23a3f8d0}

[2010/06/28 23:39:29 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop

[2010/06/25 20:57:20 | 000,000,000 | R--D | M] -- C:\Users\Public\Documents

[2006/11/02 15:49:43 | 000,000,000 | R--D | M] -- C:\Users\Public\Downloads

[2006/11/02 13:23:35 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites

[2006/11/02 15:49:43 | 000,000,000 | R--D | M] -- C:\Users\Public\Music

[2006/11/02 15:49:43 | 000,000,000 | R--D | M] -- C:\Users\Public\Pictures

[2006/11/02 15:35:50 | 000,000,000 | ---D | M] -- C:\Users\Public\Recorded TV

[2006/11/02 15:49:43 | 000,000,000 | R--D | M] -- C:\Users\Public\Videos

[2010/03/11 18:01:32 | 000,000,362 | ---- | M] () -- C:\Windows\Tasks\Install_NSS.job

[2010/06/29 03:24:41 | 000,032,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

Invalid Environment Variable: APPDATA

Invalid Environment Variable: APPDATA

< %SYSTEMDRIVE%\*.* >

[2006/09/19 00:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2006/11/02 12:53:57 | 000,438,840 | RHS- | M] () -- C:\bootmgr

[2009/11/04 18:51:37 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK

[2010/05/07 12:17:51 | 012,783,360 | ---- | M] () -- C:\Club Panorama Track 9.mp3

[2006/09/19 00:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys

[2003/09/10 20:49:09 | 553,312,704 | ---- | M] () -- C:\dev-mbw1.bin

[2003/09/10 13:28:04 | 751,837,968 | ---- | M] () -- C:\dev-mbw2.bin

[2009/11/04 12:55:39 | 000,171,136 | RHS- | M] () -- C:\grldr

[2010/06/29 11:41:31 | 536,403,968 | -HS- | M] () -- C:\hiberfil.sys

[2010/04/08 15:29:08 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2010/04/08 15:29:08 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2010/06/29 11:41:29 | 1073,741,824 | -HS- | M] () -- C:\pagefile.sys

[2009/11/04 19:13:05 | 000,004,096 | -HS- | M] () -- C:\VSNAP.IDX

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

[2006/11/02 12:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll

[2006/11/02 12:46:13 | 000,221,184 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

[2006/11/02 13:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2006/11/02 13:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2006/11/02 13:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2006/11/02 13:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2006/11/02 13:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\user32.dll /md5 >

[2006/11/02 12:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >

[2006/11/02 12:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll

< End of report >

Ето го и от Extras.txt :

OTL Extras logfile created on: 6/29/2010 12:31:50 PM - Run 1

OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\DENI\Desktop

Windows Vista Ultimate Edition (Version = 6.0.6000) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6000.16386)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 172.00 Mb Available Physical Memory | 34.00% Memory free

1.00 Gb Paging File | 1.00 Gb Available in Paging File | 52.00% Paging File free

Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 43.95 Gb Total Space | 16.91 Gb Free Space | 38.48% Space Free | Partition Type: NTFS

Drive D: | 48.83 Gb Total Space | 17.26 Gb Free Space | 35.35% Space Free | Partition Type: NTFS

Drive E: | 56.27 Gb Total Space | 17.07 Gb Free Space | 30.33% Space Free | Partition Type: NTFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: DENI-PC

Current User Name: DENI

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 30 Days

Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-1357809282-3622007660-2491278935-1000\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1357809282-3622007660-2491278935-1000]

"EnableNotifications" = 0

"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{AAC06C40-4949-4ABB-8CAF-3A59CE73AF43}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{1BFB1C36-3DE4-4747-81C9-142EF68F14A1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{2FFDC3EB-DA01-4E8A-A1C7-7FCAC2F3ED45}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{3DD9183C-B8BA-4D52-A48E-E89016F9CCBD}" = protocol=1 | dir=in | [email protected],-28543 |

"{40A79ABE-D77D-478B-8316-E6A6540F4E9A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{45CF79F8-9BC6-442C-A08D-DB546EB758BD}" = protocol=17 | dir=in | app=e:\after format\utorrent-1.6.exe |

"{4915BE96-A01D-4EC4-AA59-8D147E68238E}" = protocol=58 | dir=out | [email protected],-28546 |

"{4F11D545-5857-4505-8BB2-1EC1DDAC59EA}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |

"{5E7E0A96-3829-4E7D-9CD1-ACFE88B1E13E}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |

"{622EE21B-32DE-493A-8236-ADFE5144F914}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |

"{7B26434D-4B12-4001-BDF4-FEEEE2D639D3}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |

"{96B17982-90E7-40C8-B7A6-F15D0A01A883}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |

"{97366E6B-C7EE-431D-A104-D7DE6CE237DA}" = protocol=6 | dir=in | app=e:\after format\utorrent-1.6.exe |

"{A5D66EB0-D5AA-42D6-AA5A-B595B5870E4B}" = protocol=58 | dir=in | [email protected],-28545 |

"{ABFFCE2F-B2D9-459D-A806-2703FF1153C1}" = protocol=17 | dir=in | app=e:\after format\utorrent-1.6.exe |

"{BEEABCE4-B401-4682-BD3A-52F6FEF91B68}" = protocol=6 | dir=in | app=c:\windows\temp\~osd855.tmp\rlvknlg.exe |

"{DC56F0F2-D0DE-490E-A234-AC91C632F424}" = protocol=6 | dir=in | app=e:\after format\utorrent-1.6.exe |

"{EC1313EE-5CE4-4E5D-94BC-DB319A3EA34D}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |

"{F0B6762B-F890-49EF-A424-1EBA5ECA66F8}" = protocol=1 | dir=out | [email protected],-28544 |

"TCP Query User{1AB2FDC2-67F8-43FE-84E2-363604463035}C:\program files\teamviewer\version4\teamviewer.exe" = protocol=6 | dir=in | app=c:\program files\teamviewer\version4\teamviewer.exe |

"TCP Query User{2ADE7F7F-0388-4EDA-8925-A24B44E30229}C:\users\deni\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\deni\appdata\local\google\chrome\application\chrome.exe |

"TCP Query User{A2EAF673-9B20-483C-B9A1-3360BE2C080F}E:\warcraft iii\war3.exe" = protocol=6 | dir=in | app=e:\warcraft iii\war3.exe |

"TCP Query User{B4961A41-BC8A-4E72-A900-B4537BED1882}E:\warcraft iii\war3.exe" = protocol=6 | dir=in | app=e:\warcraft iii\war3.exe |

"TCP Query User{BAF31F36-4206-4972-87D6-C454B8150A9A}C:\program files\garena\garena.exe" = protocol=6 | dir=in | app=c:\program files\garena\garena.exe |

"TCP Query User{DF49637D-B27D-4628-9231-9A27AC8F18A0}C:\program files\garena\garena.exe" = protocol=6 | dir=in | app=c:\program files\garena\garena.exe |

"UDP Query User{1F525B4B-D1C4-4597-A42D-ADE62C839740}E:\warcraft iii\war3.exe" = protocol=17 | dir=in | app=e:\warcraft iii\war3.exe |

"UDP Query User{254A4947-F4B3-4CBC-A61B-BF42E7DB8B75}C:\program files\garena\garena.exe" = protocol=17 | dir=in | app=c:\program files\garena\garena.exe |

"UDP Query User{56CAE4BF-E70A-4902-BA44-BDC6790EFEA6}C:\program files\garena\garena.exe" = protocol=17 | dir=in | app=c:\program files\garena\garena.exe |

"UDP Query User{BDA1A23D-63E0-448D-90B7-F5F228BEF527}C:\users\deni\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\deni\appdata\local\google\chrome\application\chrome.exe |

"UDP Query User{CFFE558F-07F0-4DD1-AEF3-B4C5523AD56A}E:\warcraft iii\war3.exe" = protocol=17 | dir=in | app=e:\warcraft iii\war3.exe |

"UDP Query User{D2294603-2CB6-4DFF-8A1C-E83059D5E601}C:\program files\teamviewer\version4\teamviewer.exe" = protocol=17 | dir=in | app=c:\program files\teamviewer\version4\teamviewer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4

"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4

"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4

"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour

"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler

"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4

"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup

"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4

"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime

"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4

"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4

"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB

"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR

"{2EAF7E61-068E-11DF-953C-005056806466}" = Google Земя

"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4

"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player

"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4

"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4

"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin

"{42E0783D-3BA4-454B-B58A-BF26E49EB7DE}" = Ballance

"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension

"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4

"{58DB5417-E1FF-4EF6-A93C-592D35F01E84}" = Will Rock

"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4

"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support

"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4

"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{7784A172-61F1-445E-8368-601607E0DD22}" = MP3 Player Utilities 4.00

"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com

"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4

"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4

"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4

"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage

"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4

"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9

"{B0255743-165B-4BD5-8DA8-37DFB9930014}" = Norton Ghost

"{B151F020-1DEE-4716-944F-2759FC3C51DA}" = World Racing

"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect

"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4

"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player

"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module

"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4

"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1

"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4

"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help

"{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = VideoStudio

"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4

"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4

"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All

"7-Zip" = 7-Zip 4.65

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4

"ALSong_is1" = ALSong

"ALUpdate_is1" = ALTools Update

"AMV Player_is1" = AMV Player 2.0

"BSPlayer1" = BSPlayer

"CCleaner" = CCleaner (remove only)

"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com

"DAEMON Tools Toolbar" = DAEMON Tools Toolbar

"Drag Racer" = Drag Racer 1.0

"Driver Magician_is1" = Driver Magician 3.45

"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02

"FlexType 2K" = FlexType 2K

"Garena" = Garena

"GOM Player" = GOM Player

"InstallShield_{B151F020-1DEE-4716-944F-2759FC3C51DA}" = World Racing

"InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = Corel VideoStudio 12

"KLiteCodecPack_is1" = K-Lite Codec Pack 4.7.5 (Basic)

"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Mozilla Firefox (3.5.2)" = Mozilla Firefox (3.5.2)

"PC Sync Manager" = PC Sync Manager

"PianoFX STUDIO 4.0_is1" = PianoFX STUDIO 4.0

"Side 9 Screensaver" = Side 9 Screensaver

"Street Racer Europe_is1" = Street Racer Europe

"TeamViewer 4" = TeamViewer 4

"The KMPlayer" = The KMPlayer (remove only)

"Total Video Converter 3.12_is1" = Total Video Converter 3.12 080330

"Total Video Converter 3.50_is1" = Total Video Converter 3.50

"UltraISO_is1" = UltraISO Premium V8.6

"VLC media player" = VLC media player 1.0.0-rc3

"vloader 2.5" = vloader 2.5

"vloader 2.7" = vloader 2.7

"WinRAR archiver" = WinRAR archiver

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1357809282-3622007660-2491278935-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Facebook Plug-In" = Facebook Plug-In

"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 6/28/2010 3:20:21 PM | Computer Name = DENI-PC | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "C:\Program Files\QuickTime\QuickTimePlayer.exe".

Dependent

Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 6/28/2010 3:21:08 PM | Computer Name = DENI-PC | Source = Application Error | ID = 1000

Description = Faulting application DllHost.exe, version 6.0.6000.16386, time stamp

0x4549b14e, faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdc9,

exception code 0xc0000374, fault offset 0x000af1c9, process id 0x3d4, application

start time 0x01cb16f6f5cefd10.

Error - 6/28/2010 3:21:43 PM | Computer Name = DENI-PC | Source = Application Error | ID = 1000

Description = Faulting application DllHost.exe, version 6.0.6000.16386, time stamp

0x4549b14e, faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdc9,

exception code 0xc0000374, fault offset 0x000af1c9, process id 0xff4, application

start time 0x01cb16f722b584c0.

Error - 6/28/2010 3:21:48 PM | Computer Name = DENI-PC | Source = Application Error | ID = 1000

Description = Faulting application DllHost.exe, version 6.0.6000.16386, time stamp

0x4549b14e, faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdc9,

exception code 0xc0000374, fault offset 0x000af1c9, process id 0x9b0, application

start time 0x01cb16f7260412a0.

Error - 6/28/2010 7:08:09 PM | Computer Name = DENI-PC | Source = profsvc | ID = 1542

Description = Windows cannot load classes registry file. DETAIL - The system cannot

find the file specified.

Error - 6/28/2010 7:08:55 PM | Computer Name = DENI-PC | Source = Application Error | ID = 1000

Description = Faulting application DllHost.exe, version 6.0.6000.16386, time stamp

0x4549b14e, faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdc9,

exception code 0xc0000005, fault offset 0x00061884, process id 0x738, application

start time 0x01cb1716d2023d10.

Error - 6/29/2010 4:42:23 AM | Computer Name = DENI-PC | Source = profsvc | ID = 1542

Description = Windows cannot load classes registry file. DETAIL - The system cannot

find the file specified.

Error - 6/29/2010 4:42:56 AM | Computer Name = DENI-PC | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "C:\Program Files\QuickTime\QuickTimePlayer.exe".

Dependent

Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 6/29/2010 4:56:39 AM | Computer Name = DENI-PC | Source = Application Error | ID = 1000

Description = Faulting application Wow.exe, version 2.4.3.8606, time stamp 0x487658a7,

faulting module DivxDecoder.dll, version 6.0.6000.16386, time stamp 0x4549bdc9,

exception code 0xc0000135, fault offset 0x00008fc7, process id 0x44c, application

start time 0x01cb1768faaa16a0.

Error - 6/29/2010 4:57:09 AM | Computer Name = DENI-PC | Source = Application Error | ID = 1000

Description = Faulting application Wow.exe, version 2.4.3.8606, time stamp 0x487658a7,

faulting module DivxDecoder.dll, version 6.0.6000.16386, time stamp 0x4549bdc9,

exception code 0xc0000135, fault offset 0x00008fc7, process id 0xbf8, application

start time 0x01cb1769098329c0.

[ System Events ]

Error - 6/28/2010 8:08:40 PM | Computer Name = DENI-PC | Source = Microsoft-Windows-Servicing | ID = 4375

Description =

Error - 6/28/2010 8:08:40 PM | Computer Name = DENI-PC | Source = Microsoft-Windows-Servicing | ID = 4375

Description =

Error - 6/28/2010 8:08:40 PM | Computer Name = DENI-PC | Source = Microsoft-Windows-Servicing | ID = 4375

Description =

Error - 6/28/2010 8:08:40 PM | Computer Name = DENI-PC | Source = Microsoft-Windows-Servicing | ID = 4375

Description =

Error - 6/28/2010 8:08:40 PM | Computer Name = DENI-PC | Source = Microsoft-Windows-Servicing | ID = 4375

Description =

Error - 6/28/2010 8:16:40 PM | Computer Name = DENI-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20

Description =

Error - 6/29/2010 4:41:03 AM | Computer Name = DENI-PC | Source = Ntfs | ID = 262281

Description = The default transaction resource manager on volume C: encountered

a non-retryable error and could not start. The data contains the error code.

Error - 6/29/2010 4:47:52 AM | Computer Name = DENI-PC | Source = Microsoft-Windows-Servicing | ID = 4375

Description =

Error - 6/29/2010 4:54:52 AM | Computer Name = DENI-PC | Source = Service Control Manager | ID = 7034

Description =

Error - 6/29/2010 4:55:00 AM | Computer Name = DENI-PC | Source = Service Control Manager | ID = 7034

Description =

< End of report >

Ето какво следва:

Стъпка 1

Стартирайте пак OTL.exe и с Copy/ Paste под колонката Custom Scans/Fixes въведете скриптовия текст от цитата по-долу, като не забравяте да копирате скрипта 1 към 1, както и двете точки преди първия ред на скрипта!

:OTL

O4 - HKLM..\Run: [uVS12 Preload] C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe File not found

O33 - MountPoints2\{3a4882cd-7852-11df-b58a-001d0fc139e6}\Shell\AutoRun\command - "" = J:\2ul.exe -- File not found

O33 - MountPoints2\{3a4882cd-7852-11df-b58a-001d0fc139e6}\Shell\open\Command - "" = J:\2ul.exe -- File not found

O33 - MountPoints2\{486c5ebe-3fda-11df-9238-001d0fc139e6}\Shell\AutoRun\command - "" = J:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found

O33 - MountPoints2\{486c5ebe-3fda-11df-9238-001d0fc139e6}\Shell\open\command - "" = J:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found

O33 - MountPoints2\{791e99ac-eb4f-11de-803a-001d0fc139e6}\Shell - "" = AutoRun

O33 - MountPoints2\{791e99ac-eb4f-11de-803a-001d0fc139e6}\Shell\AutoRun\command - "" = G:\startup.exe -- File not found

O33 - MountPoints2\{791e99ae-eb4f-11de-803a-001d0fc139e6}\Shell - "" = AutoRun

O33 - MountPoints2\{791e99ae-eb4f-11de-803a-001d0fc139e6}\Shell\AutoRun\command - "" = H:\autorun.exe -- File not found

O33 - MountPoints2\{b8655c86-0666-11df-aa7a-001d0fc139e6}\Shell\AutoRun\command - "" = J:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found

O33 - MountPoints2\{b8655c86-0666-11df-aa7a-001d0fc139e6}\Shell\open\command - "" = J:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found

O33 - MountPoints2\{dffa2c8a-6a8f-11df-9635-001d0fc139e6}\Shell\AutoRun\command - "" = J:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found

O33 - MountPoints2\{dffa2c8a-6a8f-11df-9635-001d0fc139e6}\Shell\open\command - "" = J:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

:Files

J:\RECYCLER

:Commands

[purity]

[resethosts]

[emptytemp]

[emptyflash]

[Reboot]

След като въведете скрипта от цитата по-горе натиснете бутона, маркиран в червено:

Ще се създаде лог файл. Копирайте и поставете този файл в следващия си коментар.

Стъпка 2

Направете проверка със Sophos Anti-Rootkit. Eто как: изтеглете Sophos Anti-Rootkit от тук (иска се регистрация), стартирайте sarsfx.exe и го пуснете да сканира (Start scan). Когато сканирането завърши, пуснете Windows Explorer и отидете в папка %temp%. Там трябва да има файл с име sarscan.log. Публикувайте или го прикачете към следващия си коментар.

В крайна сметка да не се окаже че не получава DNS от доставчика...

Run Fix results :

All processes killed

========== OTL ==========

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UVS12 Preload deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3a4882cd-7852-11df-b58a-001d0fc139e6}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3a4882cd-7852-11df-b58a-001d0fc139e6}\ not found.

File J:\2ul.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3a4882cd-7852-11df-b58a-001d0fc139e6}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3a4882cd-7852-11df-b58a-001d0fc139e6}\ not found.

File J:\2ul.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{486c5ebe-3fda-11df-9238-001d0fc139e6}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{486c5ebe-3fda-11df-9238-001d0fc139e6}\ not found.

File J:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{486c5ebe-3fda-11df-9238-001d0fc139e6}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{486c5ebe-3fda-11df-9238-001d0fc139e6}\ not found.

File J:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{791e99ac-eb4f-11de-803a-001d0fc139e6}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{791e99ac-eb4f-11de-803a-001d0fc139e6}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{791e99ac-eb4f-11de-803a-001d0fc139e6}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{791e99ac-eb4f-11de-803a-001d0fc139e6}\ not found.

File G:\startup.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{791e99ae-eb4f-11de-803a-001d0fc139e6}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{791e99ae-eb4f-11de-803a-001d0fc139e6}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{791e99ae-eb4f-11de-803a-001d0fc139e6}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{791e99ae-eb4f-11de-803a-001d0fc139e6}\ not found.

File H:\autorun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b8655c86-0666-11df-aa7a-001d0fc139e6}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b8655c86-0666-11df-aa7a-001d0fc139e6}\ not found.

File J:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b8655c86-0666-11df-aa7a-001d0fc139e6}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b8655c86-0666-11df-aa7a-001d0fc139e6}\ not found.

File J:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dffa2c8a-6a8f-11df-9635-001d0fc139e6}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dffa2c8a-6a8f-11df-9635-001d0fc139e6}\ not found.

File J:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dffa2c8a-6a8f-11df-9635-001d0fc139e6}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dffa2c8a-6a8f-11df-9635-001d0fc139e6}\ not found.

File J:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe not found.

Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.

========== FILES ==========

File\Folder J:\RECYCLER not found.

========== COMMANDS ==========

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

-> No Temporary Internet Files cache folder defined!

User: Default

-> No Temporary Internet Files cache folder defined!

User: Default User

-> No Temporary Internet Files cache folder defined!

User: DENI

->Temp folder emptied: 2015224 bytes

-> No Temporary Internet Files cache folder defined!

User: Public

-> No Temporary Internet Files cache folder defined!

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 48808525 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 48.00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: DENI

User: Public

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.7.0 log created on 06292010_154325

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Колкото до анти рооткит не намерих фаил с името sarscan турсих в сички възможни папки и чрез търсачката но не го намери ...

Добре, тогава пробвай с GMER:

...................

Редактирано 29 юни 201015 г. от nologo (преглед на промените)

Извинявам се намерих фаила ... ето какво пише в него :

Sophos Anti-Rootkit Version 1.5.4 © 2009 Sophos Plc

Started logging on 6/29/2010 at 15:56:06 PM

User "DENI" on computer "DENI-PC"

Windows version 6.0 SP 0.0 build 6000 SM=0x100 PT=0x1 Win32

Info: Starting process scan.

Info: Starting registry scan.

Info: Starting disk scan of C: (NTFS).

Hidden: file C:\Users\DENI\AppData\Local\Mozilla\Firefox\Profiles\qx59av54.default\Cache\0103766Cd01

Hidden: file C:\Users\DENI\AppData\Local\Mozilla\Firefox\Profiles\qx59av54.default\Cache\886D481Ad01

Hidden: file C:\Users\DENI\AppData\Local\Mozilla\Firefox\Profiles\qx59av54.default\Cache\D97B28E1d01

Hidden: file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010009.wid

Hidden: file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010009.ci

Hidden: file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS021BD.log

Hidden: file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid

Hidden: file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.ci

Hidden: file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.dir

Hidden: file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.ci

Hidden: file C:\Windows\Temp\TMP000000036DE97BB405740CB2

Hidden: file C:\Windows\System32\drivers\sptd.sys

Hidden: file C:\Program Files\VideoLAN\VLC\plugins\libvobsub_plugin.dll

Hidden: file C:\Users\DENI\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\202832QJ\way=vod;section_1=player;section_2=garena_v2;=;u=%7Cpagename-gmp%7Cgateway-vod%7Csection_1-player%7Csection_2-garena_v2%7C-;sz=728x90;tile=1;ord=178925239974916060[1]

Hidden: file C:\Users\DENI\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P3ILQ8UH\way=vod;section_1=player;section_2=garena_v2;=;u=%7Cpagename-gmp%7Cgateway-vod%7Csection_1-player%7Csection_2-garena_v2%7C-;sz=728x90;tile=1;ord=852357072378391400[1]

Hidden: file C:\Users\DENI\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BCZ36HQV\way=vod;section_1=player;section_2=garena_v2;=;u=%7Cpagename-gmp%7Cgateway-vod%7Csection_1-player%7Csection_2-garena_v2%7C-;sz=728x90;tile=1;ord=341181089910557600[1]

Hidden: file C:\Users\DENI\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BCZ36HQV\way=vod;section_1=player;section_2=garena_v2;=;u=%7Cpagename-gmp%7Cgateway-vod%7Csection_1-player%7Csection_2-garena_v2%7C-;sz=728x90;tile=1;ord=646167475027343600[1]

Info: Starting disk scan of D: (NTFS).

Info: Starting disk scan of E: (NTFS).

Stopped logging on 6/29/2010 at 16:35:25 PM

Остави GMER, ето какво следва:

Стъпка 1

Следвайте следната инструкция за проверка с F-Secure Online Scanner:

• Изтеглете го от тук и стартирайте програмата с английски интерфейс (English). За сканиране изберете Start Scanning. Ако получите съобщение да инсталирате ActiveX се съгласете и го инсталирайте. След това натиснете ОК, зa да се съгласите с лицензионните права и за да започне сканиране.
  
• Маркирайте пълно сканиране (Full System Scan), изчакайте обновяването на дефинициите и завършването на сканирането.
  
• След като завърши сканирането, изберете Automatic cleaning (recommended) и изчакайте.
  
• Най-накрая натиснете Show report. Копирайте (Copy) и поставете (Paste) резултатите от сканирането в следващия си коментар.
  

Стъпка 2

Следвайте следната инструкция за работа с Security Check:

• Изтеглете Security Check (автор: screen317) от тук или от тук и го запишете на десктопа.
  
• Кликнете два пъти върху SecurityCheck.exe и следвайте инструкциите.
  
• Когато програмата завърши работата си, ще се отвори един текстов документ: checkup.txt.
  
• Копирайте съдържанието с Копирай (Copy) на checkup.txt и с Постави (Paste) го поставете в следващия си.
  

Относно стъпка 1 искаше Java platform инсталнах я и започна да зарейда обаче го зареди с интернет експлорер и понеже нали не мога да зареждам с него не става ...

Относно стъпка 2 ето резултатите :

Results of screen317's Security Check version 0.99.4

Windows Vista (UAC is disabled!)

Out of date service pack!!

Internet Explorer 7 Out of date!

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

McAfee Security Scan Plus

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

CCleaner (remove only)

Java DB 10.5.3.0

Java 6 Update 20

Java SE Development Kit 6 Update 20

Adobe Flash Player 10.1.53.64

Adobe Reader 9

Out of date Adobe Reader installed!

````````````````````````````````

Process Check:

objlist.exe by Laurent

````````````````````````````````

DNS Vulnerability Check:

``````````End of Log````````````

Добре, сега следва нещо по-лесно:

Стъпка 1

Следвайте следната инструкция за проверка с GooredFix:

• Изтеглете GooredFix, миръри: тук и тук. Запазете го на десктопа.
  
• Затворете всички браузъри и стартирайте GooredFix.exe (десен клик Run As Administrator). Потвърдете с Yes, за да започне сканирането.
  
• GooredFix ще провери за инфекции и след това ще се появи лог (GooredFix.txt). Копирайте (Copy) и поставете (Paste) резултатите от сканирането в следващия си коментар.
  

Стъпка 2

Следвайте следната инструкция за работа с Kenco:

• Изтеглете Kenco от тук и го запазете на десктопа.
  
• Стартирайте Kenco.exe и изчакайте програмата да свърши сканирането. Копирайте (Copy) и поставете (Paste) резултатите от сканирането в следващия си коментар.
  

Здравей denislaf

Доколкото виждам доставчика ти предоставя интернет по DHCP.

1.Имаш ли рутер?

2.Сигурно ли е,че си си под DHCP а не със статични настройки?

3.Пробвал ли си да пуснеп пинг към сървара който раздава настройките и към dir.bg да кажем да видищ какво ти отговаря?

[quote name='Born2Die' date='29 юни 2010 - 19:34 ' timestamp='1277832868' post='1737917'ю

Здравей denislaf

Доколкото виждам доставчика ти предоставя интернет по DHCP.

1.Имаш ли рутер?

2.Сигурно ли е,че си си под DHCP а не със статични настройки?

3.Пробвал ли си да пуснеп пинг към сървара който раздава настройките и към dir.bg да кажем да видищ какво ти отговаря?

Редактирано 1 юли 201015 г. от denislaf (преглед на промените)

Хм, става доста сложно. Операционната система не е обновявана (не е инсталиран последния сервизен пакет), няма антивирусна програма и т.н. Ако трябва да продължим, то може да стане с ComboFix, но преди това ще трябва да се деинсталира Daemon Tools. Може да се опита някаква поправка, но това въобще няма да е лесно...

Така , аз пък съм от Троян и работя в тукашния филиал на Оптиспринт

Вие сте под DHCP с real IP адреси , напълно е възможно да си пълен с вируси който те цакат

Имаш ли възможност поне да видиш дали си си взел настройки ? Или е някой вирус дето ти спира DHCP-то ?

Born2Die не мисля че е от вируси защото преди 3 месеца си спрях нета и сичко беще добре и няма начин да сам хванал вирус защото компа си седеше без никаква връзка с околният така да го кажа свят, но не се знае, всичко е възможно.За настройките имаш предвид това ли ?

ако можеш да ми кажеш каква информация искаш ше ти кажа ;].

До момента не е правена по-сериозна проверка с антивирусен модул за сканиране. Докато чакаш Born2Die да ти отговори, може да пуснеш един скан с ESET Online Scanner. Ето как:

• Изтеглете: ESET Online Scanner
  
• Стартирайте esetsmartinstaller_enu.exe
  
• Сложете отметка на YES, I accept the Terms of Use и изберете Start
  
• Скенерът ще започне да изтегля компонентите, които са му необходими.
  
• Уверете се, че има отметки на следните редове, включително и тези от менюто Advanced Settings:
  

• 
  
• Remove found threats
  
  
• Scan archives
  
  
• Scan for potentially unwanted applications
  
  
• Scan for potentially unsafe applications
  
  
• Enable Anti-Stealth technology
  
  

• Накрая изберете Start
  
• Скенерът ще започне да изтегля последните дефиниции.
  
• След, като сканирането завърши, изберете Finish.
  
• Отидете в папката: C:\Program Files\ESET\ESET Online Scanner и отворете файла log.txt. Копирайте съдържанието му и го поставете в следващия си коментар.
  

P.S. Имай предвид, че сканирането ще отнеме доста време, над един час. След това ще видим какво следва...

nologo мерси за всичката помощ, която ми оказа много съм ти благодарен, че отделяш от времето си да се занимаваш с мен ;].Четох коментарите в профила ти и се убеждавам, че си може би най-отзивчивият в екипът ви без да обиждам другите. Мерси отново.Колкото до ESET сега го пускам

Ето го и поредният проблем като дам страт за даунлоад на упдейт ми излиза тфа и си седи и не мога да мина нататъка

Сега пробвай това:

Стъпка 1

Следвайте следната инструкция за работа с DeFogger:

• Изтеглете DeFogger от тук и го запазете на десктопа.
  
• Стартирайте DeFogger с двоен клик на иконата и натиснете бутона Disable, за да забраните временно CD емулиращите драйвери.
  
• След въпроса дали искате да продължите, натиснете Yes.
  
• Когато програмата завърши работата си, ще се появи надпис Finished!. Натиснете ОК за изход от програмата.
  
• Ако CD емулиращите програми са забранени, ще бъде зададен въпрос за рестарт (reboot). Разрешете рестарта с ОК.
  

Стъпка 2

Следвайте следната инструкция за работа с GMER:

...................................

Редактирано 2 юли 201015 г. от nologo (преглед на промените)