Премини към съдържанието
  • Добре дошли!

    Добре дошли в нашите форуми, пълни с полезна информация. Имате проблем с компютъра или телефона си? Публикувайте нова тема и ще намерите решение на всичките си проблеми. Общувайте свободно и открийте безброй нови приятели.

    Моля, регистрирайте се за да публикувате тема и да получите пълен достъп до всички функции.

     

Архивирана тема

Темата е твърде стара и е архивирана. Не можете да добавяте нови отговори в нея, но винаги можете да публикувате нова тема, в която да продължи дискусията. Регистрирайте се или влезте във вашия профил за да публикувате нова тема.

kefche2003

Уникално забавяне на компютъра - може би вирус?

Препоръчан отговор


Здравейте,

Тук съм във връзка с това, че компютъра ми не държи УНИКАЛНО странно. Игри като Minecraft u Bad Company 2 преди ми вървяха перфектно, но сега има забавяне на клавишите над 0,5 секунди. Клавиатурата ми не е стара, не е и нова, но проблемът не може да е от нея. Предполагам, че е вирус, защото изчистих регистрите с Advansed System Cape 7 Pro, препоръчан ми от един професионалист. Междувременно Avira(антивирусната с която съм и нямам много големи намерения да я снемам) ми открива вирусчета под наименование: TR/Expl.Nuker.NSNuke.D , TR/WINWEBSEC.AJ91, и още много, намиращи се в SYSTEM VOLUME INFORMATION. Можете да видите снимката ми за повече вируси. Когато пиша, (включително и сега) буквите се появяват едва след секундичка. Никога компютъра ми не е бил толкова бавен. Ако мислите, че е от RAM , видеокарта или процесор - не е! RAM - 4GB, Видеокартата е новичка с 1GB памет а процесора е Intel Core 2 DUO 2.8 Ghz. Да призная-това стана на 10 април, а на осми спряха поддръжката на XP. Моля, не ме карайте да си сменям ОС от ХР на друга. Знам опастностите. ХР ми е напълно достатъчна.

Давам списък на продуктите на защита, които притежавам, за да ви помогна поне малко :wink12:

AvirA Free Antivirus

Comodo Free Firewall

SuperAntiSPYWARE Free Editon

Advansed System Care 7 PRO (ако функцията за сканиране на Malware се брои за антивирусна.)

 

Благодаря Ви предварително,

kefche2003

FRST log:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-04-2014 01Ran by jivko (administrator) on PC on 13-04-2014 13:16:04Running from C:Documents and SettingsjivkoDesktopMicrosoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)Internet Explorer Version 8Boot Mode: NormalThe only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(IObit) D:Advanced SystemCare 7ASCService.exe(NVIDIA Corporation) C:WINDOWSsystem32nvsvc32.exe(COMODO) C:Program FilesCOMODOCOMODO Internet Securitycmdagent.exe(Avira Operations GmbH & Co. KG) C:Program FilesAviraAntiVir Desktopsched.exe(IObit) D:Advanced SystemCare 7Monitor.exe(VIA Technologies, Inc.) C:Program FilesVIAVIAudioiHDADeckHDeck.exe(PixArt Imaging Incorporation) C:WINDOWSPixArtPAP7501GUCI_AVS.exe(PixArt Imaging Incorporation) C:WINDOWSPixArtPAP7501PACTray.exe(Schildpatio-30 BV) C:Program FilesNetWatcherProNetWatcherPro.exe(Google Inc.) C:Program FilesGoogleUpdate1.3.23.9GoogleCrashHandler.exe(Avira Operations GmbH & Co. KG) C:Program FilesAviraAntiVir Desktopavgnt.exe(Intel Corporation) D:NestizaIntel appUpIntelAppStorebinismagent.exe(Lavasoft) C:Documents and SettingsAll UsersApplication DataAd-Aware Browsing Protectionadawarebp.exe(COMODO) C:Program FilesCOMODOCOMODO Internet Securitycistray.exe(Intel Corporation) D:NestizaIntel appUpIntelAppStorebinAppUp.exe(SUPERAntiSpyware.com) C:Program FilesSUPERAntiSpywareSASCORE.EXE(Avira Operations GmbH & Co. KG) C:Program FilesAviraAntiVir Desktopavguard.exe(AdTrustMedia) C:Program FilesAdTrustMediaPrivDog2.1.0.19trustedadssvc.exe(Oracle Corporation) C:Program FilesCommon FilesJavaJava Updatejusched.exe(BlueStack Systems, Inc.) C:Program FilesBlueStacksHD-Agent.exe(Microsoft Corporation) D:Office12GrooveMonitor.exe(BlueStack Systems, Inc.) C:Program FilesBlueStacksHD-LogRotatorService.exe(LogMeIn Inc.) D:HAMA4ihamachi-2-ui.exe(Akamai Technologies, Inc.) C:Documents and SettingsjivkoLocal SettingsApplication DataAkamainetsession_win.exe(Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe(Akamai Technologies, Inc.) C:Documents and SettingsjivkoLocal SettingsApplication DataAkamainetsession_win.exe(LogMeIn, Inc.) D:HAMA4iLMIGuardianSvc.exe() D:VIVA JukeboxStyle Jukebox.exe() C:WINDOWSDatecsFlex2K.exe(Oracle Corporation) C:Program FilesJavajre7binjqs.exe(Dropbox, Inc.) C:Documents and SettingsjivkoApplication DataDropboxbinDropbox.exe(IObit) C:Program FilesIObitLiveUpdateLiveUpdate.exe() C:WINDOWSsystem32PnkBstrA.exe(LogMeIn Inc.) D:HAMA4ihamachi-2.exe(LogMeIn, Inc.) D:HAMA4iLMIGuardianSvc.exe(Avira Operations GmbH & Co. KG) C:Program FilesAviraAntiVir Desktopavshadow.exe() D:Advanced SystemCare 7RealTimeProtector.exe(Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe(Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe(Microsoft Corporation) C:WINDOWSMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exe(Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe(COMODO) C:Program FilesCOMODOCOMODO Internet Securitycavwp.exe(Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe(Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe(COMODO) C:Program FilesCOMODOCOMODO Internet Securitycis.exe(Skype Technologies S.A.) C:Program FilesSkypePhoneSkype.exe(Mozilla Corporation) C:Program FilesMozilla Firefoxfirefox.exe(Mozilla Corporation) C:Program FilesMozilla Firefoxplugin-container.exe() C:WINDOWSsystem32PnkBstrB.exe(Avira Operations GmbH & Co. KG) c:program filesaviraantivir desktopavcenter.exe(COMODO) C:Program FilesCOMODOCOMODO Internet Securitycis.exe==================== Registry (Whitelisted) ==================HKLM...Run: [HDAudDeck] - C:Program FilesVIAVIAudioiHDADeckHDeck.exe [33603584 2009-04-06] (VIA Technologies, Inc.)HKLM...Run: [REGSHAVE] - C:Program FilesREGSHAVEREGSHAVE.EXE [53248 2002-02-04] (FUJI PHOTO FILM CO., LTD.)HKLM...Run: [GUCI_AVS] - C:WINDOWSPixArtPAP7501GUCI_AVS.exe [323584 2007-12-10] (PixArt Imaging Incorporation)HKLM...Run: [PACTray] - C:WINDOWSPixArtPAP7501PACTray.exe [319488 2008-11-14] (PixArt Imaging Incorporation)HKLM...Run: [NetWatcherPro] - C:Program FilesNetWatcherProNetWatcherPro.exe [524288 1998-04-20] (Schildpatio-30 BV)HKLM...Run: [NvMediaCenter] - C:WINDOWSsystem32NvMcTray.dll [110696 2010-10-16] (NVIDIA Corporation)HKLM...Run: [NvCplDaemon] - C:WINDOWSsystem32NvCpl.dll [13851752 2010-10-16] (NVIDIA Corporation)HKLM...Run: [nwiz] - C:Program FilesNVIDIA CorporationnViewnwiz.exe [1753192 2010-08-26] ()HKLM...Run: [avgnt] - C:Program FilesAviraAntiVir Desktopavgnt.exe [689744 2014-03-13] (Avira Operations GmbH & Co. KG)HKLM...Run: [Intel AppUp(R) center] - D:NestizaIntel appUpIntelAppStorebinismagent.exe [156000 2013-07-04] (Intel Corporation)HKLM...Run: [Ad-Aware Browsing Protection] - C:Documents and SettingsAll UsersApplication DataAd-Aware Browsing Protectionadawarebp.exe [542632 2013-01-31] (Lavasoft)HKLM...Run: [COMODO Internet Security] - C:Program FilesCOMODOCOMODO Internet Securitycistray.exe [1225944 2014-03-25] (COMODO)HKLM...Run: [Intel AppUp(R) center Systray] - D:NestizaIntel appUpIntelAppStorebinAppUp.exe [928992 2013-07-04] (Intel Corporation)HKLM...Run: [PrivDogService] - C:Program FilesAdTrustMediaPrivDog2.1.0.19trustedadssvc.exe [662696 2014-04-08] (AdTrustMedia)HKLM...Run: [SunJavaUpdateSched] - C:Program FilesCommon FilesJavaJava Updatejusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM...Run: [LogMeIn Hamachi Ui] - D:HAMA4ihamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)HKU.DEFAULT...Run: [GoogleChromeAutoLaunch_BB7E6CE705E9E15ABCB72D3060D30B1F] - C:Program FilesGoogleChromeApplicationchrome.exe [841032 2014-04-02] (Google Inc.)HKU.DEFAULT...PoliciesExplorer: [NoCDBurning] 1HKUS-1-5-19...PoliciesExplorer: [NoCDBurning] 1HKUS-1-5-20...PoliciesExplorer: [NoCDBurning] 1HKUS-1-5-21-1409082233-573735546-725345543-1003...Run: [GoogleChromeAutoLaunch_391185D95CC2064269C2A988A8D5B391] - C:Program FilesGoogleChromeApplicationchrome.exe [841032 2014-04-02] (Google Inc.)HKUS-1-5-21-1409082233-573735546-725345543-1003...Run: [Style Jukebox] - D:VIVA JukeboxStyle Jukebox.exe [8739840 2014-02-27] ()HKUS-1-5-21-1409082233-573735546-725345543-1003...PoliciesExplorer: [NoCDBurning] 1HKUS-1-5-21-1409082233-573735546-725345543-1003...MountPoints2: {96d98ecb-2415-11e3-9a1d-002618d338cf} - G:Startme.exeHKUS-1-5-21-1409082233-573735546-725345543-1003...MountPoints2: {bddcf6ca-9151-11e3-aee2-002618d338cf} - G:autorun.exeStartup: C:Documents and SettingsAll UsersStart MenuProgramsStartupFlexType 2K.lnkShortcutTarget: FlexType 2K.lnk -> C:WINDOWSDatecsFlex2K.exe ()Startup: C:Documents and SettingsjivkoStart MenuProgramsStartupDropbox.lnkShortcutTarget: Dropbox.lnk -> C:Documents and SettingsjivkoApplication DataDropboxbinDropbox.exe (Dropbox, Inc.)==================== Internet (Whitelisted) ====================HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.bg/HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://www.google.com/ieURLSearchHook: ATTENTION ==> Default URLSearchHook is missing.URLSearchHook: HKCU - (No Name) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} -  No FileSearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10401&src=crm&q={searchTerms}&locale=en_BG&apn_ptnrs=^ABZ&apn_dtid=^YYYYYY^YY^BG&apn_uid=aec7538b-df32-4b5a-819e-fa53ad9910fd&apn_sauid=55E9A90D-DD02-4305-B1FA-F47CEC3B3356BHO: Помощник за връзки на Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll (Adobe Systems Incorporated)BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:Program FilesIObitIObit UninstallerUninstallExplorer32.dll (IObit)BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:Office12GrooveShellExtensions.dll (Microsoft Corporation)BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre7binssv.dll (Oracle Corporation)BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:Program FilesIObitSurfing ProtectionBrowerProtectASCPlugin_Protection.dll (IObit)BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre7binjp2ssv.dll (Oracle Corporation)BHO: PrivDog Extension - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:Program FilesAdTrustMediaPrivDog2.1.0.19trustedads.dll (AdTrustMedia)Toolbar: HKLM - No Name - {6c97a91e-4524-4019-86af-2aa2d567bf5c} -  No FileToolbar: HKLM - ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:Program FilesIObitIObit UninstallerUninstallExplorer32.dll (IObit)Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:WINDOWSsystem32browseui.dll (Microsoft Corporation)Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:WINDOWSsystem32SHELL32.dll (Microsoft Corporation)Toolbar: HKCU - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No FileToolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No FileDPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabHandler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:Program FilesCommon FilesMicrosoft SharedWeb FoldersPKMCDO.DLL (Microsoft Corporation)Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:Office12GrooveSystemServices.dll (Microsoft Corporation)Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program FilesCommon FilesSkypeSkype4COM.dll (Skype Technologies)ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:Program FilesSUPERAntiSpywareSASSEH.DLL [113024 2011-08-04] (SuperAdBlocker.com)TcpipParameters: [DhcpNameServer] 192.168.1.1FireFox:========FF ProfilePath: C:Documents and SettingsjivkoApplication DataMozillaFirefoxProfilesib2hakcz.defaultFF user.js: detected! => C:Documents and SettingsjivkoApplication DataMozillaFirefoxProfilesib2hakcz.defaultuser.jsFF SearchEngineOrder.1: Ask.comFF SelectedSearchEngine: GoogleFF Homepage: about:newtabFF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=FF Plugin: @adobe.com/FlashPlayer - C:WINDOWSsystem32MacromedFlashNPSWF32_12_0_0_77.dll ()FF Plugin: @Google.com/GoogleEarthPlugin - C:Program FilesGoogleGoogle Earthpluginnpgeplugin.dll (Google)FF Plugin: @IObit.com/np_Asc_Plugin - C:Program FilesIObitSurfing ProtectionBrowerProtectnp_Asc_plugin.dll (IObit)FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:Program FilesJavajre7bindtpluginnpDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:Program FilesJavajre7binplugin2npjp2.dll (Oracle Corporation)FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:Program FilesMicrosoft Silverlight5.1.30214.0npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/WPF,version=3.5 - C:WINDOWSMicrosoft.NETFrameworkv3.5Windows Presentation FoundationNPWPF.dll (Microsoft Corporation)FF Plugin: @tools.google.com/Google Update;version=3 - C:Program FilesGoogleUpdate1.3.23.9npGoogleUpdate3.dll (Google Inc.)FF Plugin: @tools.google.com/Google Update;version=9 - C:Program FilesGoogleUpdate1.3.23.9npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:Documents and SettingsjivkoLocal SettingsApplication DataUnityWebPlayerloadernpUnity3D32.dll (Unity Technologies ApS)FF Plugin HKCU: intel.com/AppUp - D:NestizaIntel appUpIntelAppStorebinnpAppUp.dll (Intel)FF Plugin ProgramFiles/Appdata: C:Program Filesmozilla firefoxpluginsNPOFF12.DLL (Microsoft Corporation)FF Plugin ProgramFiles/Appdata: C:Program Filesmozilla firefoxpluginsnppdf32.dll (Adobe Systems Inc.)FF SearchPlugin: C:Documents and SettingsjivkoApplication DataMozillaFirefoxProfilesib2hakcz.defaultsearchpluginsaskcom.xmlFF SearchPlugin: C:Documents and SettingsjivkoApplication DataMozillaFirefoxProfilesib2hakcz.defaultsearchpluginsdaemon-search.xmlFF SearchPlugin: C:Documents and SettingsjivkoApplication DataMozillaFirefoxProfilesib2hakcz.defaultsearchpluginsfirefox-.xmlFF SearchPlugin: C:Program Filesmozilla firefoxbrowsersearchplugins911bg.xmlFF SearchPlugin: C:Program Filesmozilla firefoxbrowsersearchpluginsdiribg.xmlFF SearchPlugin: C:Program Filesmozilla firefoxbrowsersearchpluginspe-bg.xmlFF SearchPlugin: C:Program Filesmozilla firefoxbrowsersearchpluginsportalbgdict.xmlFF Extension: ClipConverter Desktop - C:Documents and SettingsjivkoApplication DataMozillaExtensions{ec8030f7-c20a-464f-9b0e-13a3a9e97384}[email protected] [2013-11-30]FF Extension: 20-20 3D Viewer - IKEA - C:Documents and SettingsjivkoApplication Data[email protected]2020Technologies.com [2013-12-03]FF Extension: Ads Removal - C:Documents and SettingsjivkoApplication [email protected]dsremoval.net [2014-02-25]FF Extension: Ant Video Downloader - C:Documents and SettingsjivkoApplication [email protected]nt.com [2014-04-08]FF Extension: Advanced SystemCare Surfing Protection - C:Documents and SettingsjivkoApplication DataMozil[email protected]iobit.com [2013-11-27]FF Extension: Battlefield Heroes Updater - C:Documents and SettingsjivkoApplication DataMozillaFi[email protected]ea.com [2013-03-08]FF Extension: Battlefield Play4Free - C:Documents and SettingsjivkoApplication DataMozil[email protected]ea.com [2013-09-14]FF Extension: GFACE Experience Plugin - C:Documents and SettingsjivkoApplication DataMozilla[email protected]crytek.com [2013-11-06]FF Extension: Lavasoft Search Plugin - C:Documents and SettingsjivkoApplication DataMozi[email protected]jetpack [2013-03-28]FF Extension: PrivDog - C:Documents and SettingsjivkoApplication [email protected]ustMedia.com [2013-12-18]FF Extension: Firefox OS Simulator - C:Documents and SettingsjivkoApplication [email protected]lla.org [2014-03-16]FF Extension: Ad-Aware Security Add-on - C:Documents and SettingsjivkoApplication DataMozillaFirefoxProfilesib2hakcz.defaultExtensions{87934c42-161d-45bc-8cef-ef18abe2a30c} [2013-03-28]FF Extension: DownloadHelper - C:Documents and SettingsjivkoApplication DataMozillaFirefoxProfilesib2hakcz.defaultExtensions{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]FF Extension: AVG Do Not Track - C:Documents and SettingsjivkoApplication DataMozillaFirefoxProfilesib2hakcz.defaultExtensions{F53C93F1-07D5-430c-86D4-C9531B27DFAF} [2013-04-01]FF Extension: ABV Notifier - C:Documents and SettingsjivkoApplication [email protected]netinfo.bg.xpi [2013-03-02]FF Extension: ClipConverter - C:Documents and SettingsjivkoApplication Da[email protected]clipconverter.cc.xpi [2012-12-18]FF Extension: PrivDog - C:Documents and SettingsjivkoApplication [email protected]ustMedia.com.xpi [2014-04-09]FF Extension: Webutation - C:Documents and SettingsjivkoApplication DataMozillaFirefoxProfilesib2hakcz.defaultExtensions{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi [2013-07-04]FF Extension: Destroy the Web - C:Documents and SettingsjivkoApplication DataMozillaFirefoxProfilesib2hakcz.defaultExtensions{7BDB48D1-CD94-4B99-A5A4-E418B9EE6532}.xpi [2013-01-18]FF HKLM...FirefoxExtensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:WINDOWSMicrosoft.NETFrameworkv3.5Windows Presentation FoundationDotNetAssistantExtensionFF Extension: Microsoft .NET Framework Assistant - C:WINDOWSMicrosoft.NETFrameworkv3.5Windows Presentation FoundationDotNetAssistantExtension []Chrome:=======CHR HomePage: hxxp://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=9CB29B5C4E05FE0E9919375154596CE2CHR Plugin: (Shockwave Flash) - C:Program FilesGoogleChromeApplication34.0.1847.116PepperFlashpepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:Program FilesGoogleChromeApplication34.0.1847.116ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:Program FilesGoogleChromeApplication34.0.1847.116pdf.dll ()CHR Plugin: (Adobe Acrobat) - C:Program FilesAdobeReader 8.0ReaderBrowsernppdf32.dll (Adobe Systems Inc.)CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:Program FilesJavajre6binnew_pluginnpdeployJava1.dll No FileCHR Plugin: (Java(TM) Platform SE 6 U29) - C:Program FilesJavajre6binnew_pluginnpjp2.dll No FileCHR Plugin: (Microsoft® DRM) - C:Program FilesWindows Media Playernpdrmv2.dll (Microsoft Corporation)CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:Program FilesWindows Media Playernpdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))CHR Plugin: (Microsoft® DRM) - C:Program FilesWindows Media Playernpwmsdrm.dll (Microsoft Corporation)CHR Plugin: (Unity Player) - C:Documents and SettingsjivkoLocal SettingsApplication DataUnityWebPlayerloadernpUnity3D32.dll (Unity Technologies ApS)CHR Plugin: (Google Earth Plugin) - C:Program FilesGoogleGoogle Earthpluginnpgeplugin.dll (Google)CHR Plugin: (Google Update) - C:Program FilesGoogleUpdate1.3.21.135npGoogleUpdate3.dll No FileCHR Plugin: (Shockwave Flash) - C:WINDOWSsystem32MacromedFlashNPSWF32_11_6_602_171.dll No FileCHR Extension: (Google Docs) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2013-02-28]CHR Extension: (Google Drive) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2013-02-28]CHR Extension: (YouTube) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-28]CHR Extension: (Gun Bros) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsciamkmigckbgfajcieiflmkedohjjohh [2013-04-21]CHR Extension: (PrivDog) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionscmaiofennmphjldldcpphcechfnnohja [2013-11-16]CHR Extension: (Google Search) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionscoobgpohoikkiipiblmjeljniedjpjpf [2013-02-28]CHR Extension: (GFACE Experience Plugin) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsejdlfmdbdibkbfdpjocdaolcheehmpol [2013-09-15]CHR Extension: (Ads Removal) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsfopdddcinljmpmioaklghcalngfhbaen [2014-02-25]CHR Extension: (Cut the Rope) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsgkddaofiamhgfjmaccfcfpfolpgbeomj [2013-04-06]CHR Extension: (Typing Test - KeyHero) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsjkcieoaeooeidmpaopkpjpjfakidlabm [2013-04-06]CHR Extension: (Little Alchemy) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsknkapnclbofjjgicpkfoagdjohlfjhpd [2013-04-06]CHR Extension: (Rally youbeQ) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionslcohfeeacabgogccgmhpgicpdcconlkc [2013-03-30]CHR Extension: (SecureSearch) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionslfffjahnfbocnaooecgijfnbpcfekoik [2013-03-28]CHR Extension: (BeGone) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsndfpieflbjbdpgklkeolbmbdkfdiicfk [2013-03-23]CHR Extension: (Advanced SystemCare Surfing Protection) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsnfengeggddojhakldhlpjdlddgkkjkdd [2014-01-26]CHR Extension: (Angry Birds Star Wars) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsnlmkchpbobilnepmmnjllhcnbbcgjfnb [2013-04-21]CHR Extension: (Google Wallet) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2013-09-15]CHR Extension: (Battlefield Play4Free) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsoiokahphinmbmakkehgelkmpolmnbkdh [2013-09-14]CHR Extension: (Gmail) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2013-02-28]CHR HKLM...ChromeExtension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:Documents and SettingsAll UsersApplication Dataadawaretbshortcutschromeadawaretb.crx [2013-02-04]CHR HKLM...ChromeExtension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:Program FilesIObitSurfing ProtectionBrowerProtectASC_GhromePlugin.crx [2013-11-27]CHR HKCU...ChromeExtension: [cmaiofennmphjldldcpphcechfnnohja] - C:Documents and SettingsjivkoLocal SettingsApplication DataAdTrustMediaPrivDogPrivDog_chrome.crx [2014-04-09]========================== Services (Whitelisted) =================R2 !SASCORE; C:Program FilesSUPERAntiSpywareSASCORE.EXE [116608 2012-09-09] (SUPERAntiSpyware.com)R2 AdvancedSystemCareService7; D:Advanced SystemCare 7ASCService.exe [878368 2013-10-25] (IObit)R2 AntiVirSchedulerService; C:Program FilesAviraAntiVir Desktopsched.exe [440400 2014-03-13] (Avira Operations GmbH & Co. KG)R2 AntiVirService; C:Program FilesAviraAntiVir Desktopavguard.exe [440400 2014-03-13] (Avira Operations GmbH & Co. KG)S2 appdrvrem01; C:WINDOWSSystem32appdrvrem01.exe [316888 2014-02-14] (Protection Technology)S2 BstHdAndroidSvc; C:Program FilesBlueStacksHD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)R2 BstHdLogRotatorSvc; C:Program FilesBlueStacksHD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)R2 cmdAgent; C:Program FilesCOMODOCOMODO Internet Securitycmdagent.exe [5302384 2014-03-25] (COMODO)S3 cmdvirth; C:Program FilesCOMODOCOMODO Internet Securitycmdvirth.exe [1663192 2014-03-25] (COMODO)R2 Hamachi2Svc; D:HAMA4ihamachi-2.exe [1678672 2014-02-26] (LogMeIn Inc.)R2 JavaQuickStarterService; C:Program FilesJavajre7binjqs.exe [182696 2013-12-18] (Oracle Corporation)R2 LiveUpdateSvc; C:Program FilesIObitLiveUpdateLiveUpdate.exe [2151200 2013-10-25] (IObit)S3 Microsoft Office Groove Audit Service; D:Office12GrooveAuditService.exe [65888 2008-10-25] (Microsoft Corporation)R2 PnkBstrA; C:WINDOWSsystem32PnkBstrA.exe [76888 2014-02-08] ()R2 PnkBstrB; C:WINDOWSsystem32PnkBstrB.exe [282296 2014-04-13] ()S3 Sony PC Companion; C:Program FilesSonySony PC CompanionPCCService.exe [155824 2013-02-04] (Avanquest Software)S3 twssrv; D:Twistertwssrv.exe [30536 2013-07-10] (Filseclab Corporation)==================== Drivers (Whitelisted) ====================R1 appdrv01; C:WINDOWSSystem32Driversappdrv01.sys [3332784 2014-02-14] (Protection Technology)R2 avgntflt; C:WINDOWSSystem32DRIVERSavgntflt.sys [90400 2013-12-17] (Avira Operations GmbH & Co. KG)R1 avipbb; C:WINDOWSSystem32DRIVERSavipbb.sys [135648 2013-12-17] (Avira Operations GmbH & Co. KG)R1 avkmgr; C:WINDOWSSystem32DRIVERSavkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)R2 BstHdDrv; C:Program FilesBlueStacksHD-Hypervisor-x86.sys [106256 2013-12-20] (BlueStack Systems)S3 CBPSp50; C:WINDOWSSystem32DriversCBPSp50.sys [27072 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))S3 CCDECODE; C:WINDOWSSystem32DRIVERSCCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)R1 cmderd; C:WINDOWSSystem32DRIVERScmderd.sys [15704 2014-03-25] (COMODO)R1 cmdGuard; C:WINDOWSSystem32DRIVERScmdguard.sys [607448 2014-03-25] (COMODO)R1 cmdHlp; C:WINDOWSSystem32DRIVERScmdhlp.sys [29912 2014-03-25] (COMODO)S3 ffsmon; D:Twisterx86ffsmon.sys [26976 2012-09-04] (Filseclab Corp.)S3 fildds; D:Twisterfildds.sys [40712 2013-04-11] (Filseclab Corporation)S3 filmfd; D:Twisterfilmfd.sys [87816 2013-04-11] (Filseclab Corporation)S3 filppd; D:Twisterfilppd.sys [26960 2012-09-28] (Filseclab Corporation)S3 gfiark; C:WINDOWSSystem32driversgfiark.sys [41584 2013-04-11] (ThreatTrack Security)R0 gfibto; C:WINDOWSSystem32driversgfibto.sys [13560 2013-03-28] (GFI Software)R0 giveio; C:WINDOWSSystem32giveio.sys [5248 1996-04-03] ()R3 GUCI_AVS; C:WINDOWSSystem32DRIVERSGUCI_AVS.sys [580992 2008-12-05] (PixArt Imaging Incorporation)R3 hamachi; C:WINDOWSSystem32DRIVERShamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)R0 Inspect; C:WINDOWSSystem32DRIVERSinspect.sys [104792 2014-03-25] (COMODO)R3 monfilt; C:WINDOWSSystem32driversmonfilt.sys [1389056 2008-02-14] (Creative Technology Ltd.)R3 MTsensor; C:WINDOWSSystem32DRIVERSASACPI.sys [5810 2004-08-13] ()S3 NdisIP; C:WINDOWSSystem32DRIVERSNdisIP.sys [10880 2008-04-14] (Microsoft Corporation)R3 NVHDA; C:WINDOWSSystem32driversnvhda32.sys [100712 2010-09-07] (NVIDIA Corporation)R3 PnkBstrK; C:WINDOWSsystem32driversPnkBstrK.sys [139048 2014-04-13] ()S3 rt2870; C:WINDOWSSystem32DRIVERSrt2870.sys [529408 2007-10-28] (Ralink Technology, Corp.)R1 SASDIFSV; C:Program FilesSUPERAntiSpywareSASDIFSV.SYS [12880 2011-08-04] (SUPERAdBlocker.com and SUPERAntiSpyware.com)R1 SASKUTIL; C:Program FilesSUPERAntiSpywareSASKUTIL.SYS [67664 2011-08-04] (SUPERAdBlocker.com and SUPERAntiSpyware.com)R0 sfsync04; C:WINDOWSSystem32driverssfsync04.sys [50176 2006-03-24] (Protection Technology (StarForce))R0 sfvfs02; C:WINDOWSSystem32driverssfvfs02.sys [63488 2005-11-03] (Protection Technology)R0 SmartDefragDriver; C:WINDOWSSystem32DriversSmartDefragDriver.sys [15808 2013-12-24] (IObit)R0 speedfan; C:WINDOWSSystem32speedfan.sys [25240 2011-03-18] (Almico Software)R0 sptd; C:WINDOWSSystem32Driverssptd.sys [466008 2012-12-08] (Duplex Secure Ltd.)R1 ssmdrv; C:WINDOWSSystem32DRIVERSssmdrv.sys [28520 2012-08-27] (Avira GmbH)R1 StarOpen; C:WINDOWSsystem32DriversStarOpen.sys [5632 2010-07-19] ()R3 VIAHdAudAddService; C:WINDOWSSystem32driversviahduaa.sys [1086208 2009-03-26] (VIA Technologies, Inc.)U3 aquef0on; C:WINDOWSsystem32Driversaquef0on.sys [0 ] (Microsoft Corporation)S0 52a70da2ad07dc37; SystemRootSystem32Drivers52a70da2ad07dc37.sys [X]S3 CBPMp50; System32DriversCBPMp50.sys [X]S3 esgiguard; No ImagePathS3 FairplayKD; ??C:Documents and SettingsAll UsersApplication DataMTA San Andreas AllCommontempFairplayKD.sys [X]S4 IntelIde; No ImagePathU5 ScsiPort; C:WINDOWSsystem32driversscsiport.sys [96384 2008-04-14] (Microsoft Corporation)S3 VBoxNetFlt; system32DRIVERSVBoxNetFlt.sys [X]U1 WS2IFSL;==================== NetSvcs (Whitelisted) ======================================= One Month Created Files and Folders ========2014-04-13 13:16 - 2014-04-13 13:16 - 00029518 _____ () C:Documents and SettingsjivkoDesktopFRST.txt2014-04-13 13:15 - 2014-04-13 13:16 - 00000000 ____D () C:FRST2014-04-13 13:15 - 2014-04-13 13:15 - 01145856 _____ (Farbar) C:Documents and SettingsjivkoDesktopFRST.exe2014-04-13 13:05 - 2014-04-13 13:05 - 00000478 _____ () C:Documents and SettingsjivkoDesktopStartup Manager.lnk2014-04-13 13:05 - 2014-04-13 13:05 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsStartup Manager2014-04-13 13:05 - 2014-04-13 13:05 - 00000000 ____D () C:Documents and SettingsAll UsersApplication DataStartup Manager2014-04-13 13:04 - 2014-04-13 13:04 - 01017888 _____ (Glenn Van Loon ) C:Documents and SettingsjivkoDesktopStM_setup242-re.exe2014-04-13 12:51 - 2014-04-13 12:51 - 00000866 _____ () C:Documents and SettingsAll UsersDesktopIObit Uninstaller.lnk2014-04-12 19:03 - 2014-04-12 19:03 - 00000580 _____ () C:Documents and SettingsAll UsersDesktopMTA San Andreas 1.3.lnk2014-04-12 19:03 - 2014-04-12 19:03 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsMTA San Andreas 1.32014-04-12 19:03 - 2014-04-12 19:03 - 00000000 ____D () C:Documents and SettingsAll UsersApplication DataMTA San Andreas All2014-04-12 18:04 - 2014-04-12 18:09 - 00000000 ____D () C:Documents and SettingsjivkoDesktopgta2014-04-12 15:21 - 2014-04-13 09:02 - 00000440 _____ () C:WINDOWSTasksCOMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job2014-04-12 15:03 - 2014-04-12 20:27 - 00065536 _____ () C:WINDOWSsystem32configCOMODO I.evt2014-04-12 10:44 - 2014-04-13 06:47 - 00000222 _____ () C:WINDOWSTasksMicrosoft Windows XP End of Service Notification Logon.job2014-04-12 10:44 - 2014-04-12 15:17 - 00000216 _____ () C:WINDOWSTasksMicrosoft Windows XP End of Service Notification Monthly.job2014-04-12 10:43 - 2014-04-12 10:43 - 00000000 _____ () C:asc_rdflag2014-04-11 22:18 - 2014-04-11 22:18 - 00000000 __SHD () C:Documents and SettingsLocalServiceIETldCache2014-04-11 19:09 - 2014-04-11 19:09 - 00000332 _____ () C:Documents and SettingsjivkoDesktopGhost Recon Phantoms - EU.appref-ms2014-04-11 13:35 - 2014-04-11 13:35 - 00013333 _____ () C:WINDOWSKB2936068-IE8.log2014-04-11 13:35 - 2014-04-11 13:35 - 00000000 __HDC () C:WINDOWS$NtUninstallKB2922229$2014-04-11 13:35 - 2014-03-06 20:59 - 11113472 ____N (Microsoft Corporation) C:WINDOWSsystem32SET11B.tmp2014-04-11 13:35 - 2014-03-06 20:59 - 06021632 ____N (Microsoft Corporation) C:WINDOWSsystem32SET113.tmp2014-04-11 13:35 - 2014-03-06 20:59 - 02006016 ____N (Microsoft Corporation) C:WINDOWSsystem32SET119.tmp2014-04-11 13:35 - 2014-03-06 20:59 - 01216000 ____N (Microsoft Corporation) C:WINDOWSsystem32SET10E.tmp2014-04-11 13:35 - 2014-03-06 20:59 - 00920064 ____N (Microsoft Corporation) C:WINDOWSsystem32SET10D.tmp2014-04-11 13:35 - 2014-03-06 20:59 - 00630272 ____N (Microsoft Corporation) C:WINDOWSsystem32SET115.tmp2014-04-11 13:35 - 2014-03-06 20:59 - 00105984 ____N (Microsoft Corporation) C:WINDOWSsystem32SET10F.tmp2014-04-11 13:35 - 2014-03-06 20:59 - 00055296 ____N (Microsoft Corporation) C:WINDOWSsystem32SET114.tmp2014-04-11 13:34 - 2014-04-11 13:35 - 00006558 _____ () C:WINDOWSKB2922229.log2014-04-11 13:34 - 2014-04-11 13:34 - 00006037 _____ () C:WINDOWSKB2929961.log2014-04-11 13:34 - 2014-04-11 13:34 - 00000000 __HDC () C:WINDOWS$NtUninstallKB2930275$2014-04-11 13:34 - 2014-04-11 13:34 - 00000000 __HDC () C:WINDOWS$NtUninstallKB2929961$2014-04-11 13:33 - 2014-04-11 13:34 - 00006597 _____ () C:WINDOWSKB2930275.log2014-04-11 13:33 - 2014-04-11 13:33 - 00005705 _____ () C:WINDOWSKB2934207.log2014-04-11 13:33 - 2014-04-11 13:33 - 00000000 __HDC () C:WINDOWS$NtUninstallKB2934207$2014-04-11 13:33 - 2014-02-26 04:59 - 00013312 ____N (Microsoft Corporation) C:WINDOWSsystem32xp_eos.exe2014-04-11 13:33 - 2014-02-26 04:59 - 00013312 ____C (Microsoft Corporation) C:WINDOWSsystem32dllcachexp_eos.exe2014-04-11 13:33 - 2013-09-04 14:28 - 00017272 ____N (Microsoft Corporation) C:WINDOWSsystem32spmsg.dll2014-04-11 13:33 - 2013-09-04 14:28 - 00017272 ____N (Microsoft Corporation) C:WINDOWSsystem32_000005_.tmp.dll2014-04-09 16:34 - 2014-04-09 16:34 - 00010691 _____ () C:Documents and SettingsjivkoDesktopimages.jpeg2014-04-07 09:20 - 2014-04-07 09:20 - 00000000 ____D () C:Program FilesMozilla Firefox2014-04-06 18:04 - 2014-04-06 18:04 - 00000000 ____D () C:Documents and SettingsjivkoApplication DataStyle Jukebox Settings2014-04-06 17:50 - 2014-04-06 17:50 - 00000495 _____ () C:Documents and SettingsAll UsersDesktopVIVA Jukebox.lnk2014-04-06 17:49 - 2014-04-06 17:50 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsVIVA Jukebox2014-04-06 17:49 - 2014-04-06 17:49 - 00000000 ____D () C:WINDOWSsystem32Presets2014-03-28 21:51 - 2014-03-28 21:51 - 00000940 _____ () C:Documents and SettingsjivkoDesktopUntitled88.cpp2014-03-28 20:34 - 2014-03-28 20:34 - 00000000 ____D () C:Documents and SettingsjivkoDesktoptictactoe2014-03-28 20:33 - 2014-03-28 20:32 - 00045182 _____ () C:Documents and SettingsjivkoDesktoptictactoe.zip2014-03-28 20:22 - 2014-03-28 20:22 - 00005821 _____ () C:Documents and SettingsjivkoDesktopUntitled8.cpp2014-03-27 15:13 - 2014-03-27 15:13 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsnovaPDF Standard Desktop 72014-03-27 15:13 - 2014-03-19 16:08 - 00024864 _____ (Softland) C:WINDOWSsystem32novamns7.dll2014-03-27 15:13 - 2014-03-19 16:08 - 00021792 _____ (Softland) C:WINDOWSsystem32novamis7.dll2014-03-27 15:13 - 2014-01-10 16:42 - 00007549 _____ () C:WINDOWSsystem32novas7.ctm2014-03-26 21:44 - 2014-03-26 21:44 - 00000000 ___RD () C:Documents and SettingsjivkoDesktop2014-03-25 16:38 - 2014-03-26 21:48 - 01522501 _____ () C:Documents and SettingsjivkoDesktopДвижението за национално освобождение.pptx2014-03-24 21:15 - 2014-03-24 21:15 - 00000000 ____D () C:Documents and SettingsjivkoStart MenuProgramsSan Andreas Multiplayer2014-03-24 21:07 - 2004-10-18 15:04 - 00161280 _____ (Firelight Technologies Pty, Ltd) C:WINDOWSsystem32fmod.dll2014-03-24 21:07 - 2004-08-06 14:49 - 00265785 _____ (RAD Game Tools, Inc.) C:WINDOWSsystem32pixomatic.dll2014-03-24 21:07 - 2004-01-06 11:43 - 00188416 _____ (Creative Technology Ltd) C:WINDOWSsystem32eax.dll2014-03-24 21:07 - 2003-01-30 07:04 - 01500160 _____ (Borland Corporation) C:WINDOWSsystem32cc3260mt.dll2014-03-24 21:07 - 2002-02-01 08:00 - 00022016 _____ (Borland Software Corporation) C:WINDOWSsystem32borlndmm.dll2014-03-24 21:07 - 2002-01-05 07:37 - 00344064 _____ (Microsoft Corporation) C:WINDOWSsystem32Msvcr70.dll2014-03-24 21:07 - 2002-01-05 04:40 - 00487424 _____ (Microsoft Corporation) C:WINDOWSsystem32Msvcp70.dll2014-03-24 21:07 - 2002-01-05 04:38 - 00054784 _____ (Microsoft Corporation) C:WINDOWSsystem32msvci70.dll2014-03-23 18:21 - 2014-03-28 21:51 - 00110080 _____ () C:Documents and SettingsjivkoDesktopUntitled88.exe2014-03-23 18:21 - 2014-03-28 21:51 - 00058427 _____ () C:Documents and SettingsjivkoDesktopUntitled88.obj2014-03-23 18:14 - 2014-03-23 18:14 - 00001739 _____ () C:Documents and SettingsAll UsersDesktopSony PC Companion 2.1.lnk2014-03-23 18:14 - 2014-03-23 18:14 - 00000000 ____D () C:Program FilesSony2014-03-23 18:14 - 2014-03-23 18:14 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsSony2014-03-23 18:14 - 2014-03-23 18:14 - 00000000 ____D () C:Documents and SettingsAll UsersApplication DataSony2014-03-23 17:53 - 2014-03-22 14:15 - 00002203 _____ () C:Documents and SettingsjivkoDesktopUntitled88.o2014-03-23 17:52 - 2014-03-22 13:36 - 00909638 _____ () C:Documents and SettingsjivkoDesktopMy Computer.exe2014-03-21 20:37 - 2014-03-21 20:37 - 00000619 _____ () C:Documents and SettingsjivkoDesktop22333.cpp2014-03-21 20:36 - 2014-03-21 20:47 - 00000000 ____D () C:Documents and SettingsjivkoApplication DataQtProject2014-03-21 20:35 - 2014-03-21 20:35 - 00000000 ____D () C:Documents and SettingsjivkoStart MenuProgramsQt 5.2.12014-03-21 19:30 - 2014-03-21 20:37 - 00148992 _____ () C:Documents and SettingsjivkoDesktop22333.exe2014-03-21 19:30 - 2014-03-21 20:37 - 00110828 _____ () C:Documents and SettingsjivkoDesktop22333.obj2014-03-21 17:03 - 2014-03-21 17:03 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsuGet VGI2014-03-19 19:33 - 2014-03-19 19:44 - 00000000 ____D () C:Documents and SettingsjivkoMy DocumentsJustCause2014-03-19 19:14 - 2014-03-19 19:14 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsKAPITALSIN2014-03-18 21:29 - 2014-03-18 21:41 - 00000000 ____D () C:Documents and SettingsjivkoLocal SettingsApplication DataRockstar Games2014-03-18 21:26 - 2014-03-24 21:10 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsRockstar Games2014-03-18 21:15 - 2014-03-18 21:15 - 00000000 ____D () C:WINDOWSsystem32xlive2014-03-18 21:15 - 2014-03-18 21:15 - 00000000 ____D () C:Program FilesMicrosoft Games for Windows - LIVE2014-03-18 19:57 - 2014-03-24 21:15 - 00000000 ____D () C:Documents and SettingsjivkoMy DocumentsGTA San Andreas User Files2014-03-18 19:54 - 2014-03-18 19:54 - 00059544 _____ () C:Documents and SettingsjivkoDesktopUP UP AND AWAY.zip2014-03-18 19:52 - 2014-03-18 19:52 - 00059781 _____ () C:Documents and SettingsjivkoDesktopFREEFALL.zip2014-03-16 11:59 - 2014-03-16 11:59 - 00000000 ____D () C:Documents and Settingsjivko.android2014-03-15 21:17 - 2014-03-15 21:17 - 00001637 _____ () C:Documents and SettingsjivkoDesktopUntitled8#2.cpp2014-03-15 19:05 - 2014-03-28 20:08 - 00158208 _____ () C:Documents and SettingsjivkoDesktopUntitled8.exe2014-03-15 19:05 - 2014-03-28 20:08 - 00114357 _____ () C:Documents and SettingsjivkoDesktopUntitled8.obj==================== One Month Modified Files and Folders =======2014-04-13 13:16 - 2014-04-13 13:16 - 00029518 _____ () C:Documents and SettingsjivkoDesktopFRST.txt2014-04-13 13:16 - 2014-04-13 13:15 - 00000000 ____D () C:FRST2014-04-13 13:15 - 2014-04-13 13:15 - 01145856 _____ (Farbar) C:Documents and SettingsjivkoDesktopFRST.exe2014-04-13 13:11 - 2009-12-05 19:43 - 00000984 _____ () C:WINDOWSTasksGoogleUpdateTaskMachineUA.job2014-04-13 13:05 - 2014-04-13 13:05 - 00000478 _____ () C:Documents and SettingsjivkoDesktopStartup Manager.lnk2014-04-13 13:05 - 2014-04-13 13:05 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsStartup Manager2014-04-13 13:05 - 2014-04-13 13:05 - 00000000 ____D () C:Documents and SettingsAll UsersApplication DataStartup Manager2014-04-13 13:04 - 2014-04-13 13:04 - 01017888 _____ (Glenn Van Loon ) C:Documents and SettingsjivkoDesktopStM_setup242-re.exe2014-04-13 12:54 - 2013-07-04 11:53 - 00005282 _____ () C:WINDOWSsetupact.log2014-04-13 12:51 - 2014-04-13 12:51 - 00000866 _____ () C:Documents and SettingsAll UsersDesktopIObit Uninstaller.lnk2014-04-13 12:51 - 2013-11-27 14:04 - 00000866 _____ () C:Documents and SettingsjivkoStart MenuUninstall Programs.lnk2014-04-13 12:51 - 2013-10-22 15:59 - 00000000 ____D () C:Documents and SettingsjivkoApplication DataDropbox2014-04-13 12:51 - 2013-06-13 10:01 - 00000000 ____D () C:Program FilesIObit2014-04-13 12:51 - 2013-06-13 09:57 - 00000000 ____D () C:Documents and SettingsjivkoApplication DataIObit2014-04-13 12:47 - 2009-11-10 17:06 - 00000000 ____D () C:Documents and SettingsjivkoApplication DataSkype2014-04-13 12:29 - 2010-11-03 21:38 - 00000000 ____D () C:WINDOWSsystem32NtmsData2014-04-13 12:23 - 2009-11-10 15:47 - 00000000 ____D () C:WINDOWSRegistration2014-04-13 12:20 - 2012-07-01 19:09 - 00000830 _____ () C:WINDOWSTasksAdobe Flash Player Updater.job2014-04-13 11:43 - 2010-09-25 19:09 - 00282296 _____ () C:WINDOWSsystem32PnkBstrB.xtr2014-04-13 11:43 - 2010-09-25 19:04 - 00139048 _____ () C:WINDOWSsystem32DriversPnkBstrK.sys2014-04-13 11:43 - 2010-09-25 19:03 - 00282296 _____ () C:WINDOWSsystem32PnkBstrB.exe2014-04-13 10:38 - 2010-09-25 19:03 - 00282296 _____ () C:WINDOWSsystem32PnkBstrB.ex02014-04-13 09:47 - 2013-12-08 19:29 - 00000000 ____D () C:Documents and SettingsLocalServiceLocal SettingsApplication DataLogMeIn Hamachi2014-04-13 09:02 - 2014-04-12 15:21 - 00000440 _____ () C:WINDOWSTasksCOMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job2014-04-13 07:21 - 2013-06-13 15:02 - 00000440 _____ () C:WINDOWSTasksCOMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job2014-04-13 07:05 - 2013-02-28 09:24 - 00000260 _____ () C:WINDOWSTasksWGASetup.job2014-04-13 06:50 - 2014-02-13 15:38 - 00000278 _____ () C:WINDOWSTasksSmartDefrag3_Update.job2014-04-13 06:50 - 2014-01-09 21:06 - 00000429 _____ () C:WINDOWSsystem32Driversetchosts.ics2014-04-13 06:49 - 2009-11-10 15:48 - 01413354 _____ () C:WINDOWSWindowsUpdate.log2014-04-13 06:48 - 2014-02-14 07:29 - 00008391 _____ () C:autoupdate.log2014-04-13 06:48 - 2013-12-08 19:29 - 00000000 ____D () C:Documents and SettingsjivkoLocal SettingsApplication DataLogMeIn Hamachi2014-04-13 06:48 - 2013-06-21 09:44 - 00000159 _____ () C:WINDOWSwiadebug.log2014-04-13 06:48 - 2013-06-21 09:44 - 00000052 _____ () C:WINDOWSwiaservc.log2014-04-13 06:47 - 2014-04-12 10:44 - 00000222 _____ () C:WINDOWSTasksMicrosoft Windows XP End of Service Notification Logon.job2014-04-13 06:47 - 2014-02-18 16:01 - 00000394 _____ () C:WINDOWSTasksProgramUpdateCheck.job2014-04-13 06:47 - 2014-02-18 16:01 - 00000378 _____ () C:WINDOWSTasksFreeFileViewerUpdateChecker.job2014-04-13 06:47 - 2013-11-27 14:04 - 00000228 _____ () C:WINDOWSTasksASC7_PerformanceMonitor.job2014-04-13 06:47 - 2009-12-05 19:43 - 00000980 _____ () C:WINDOWSTasksGoogleUpdateTaskMachineCore.job2014-04-13 06:47 - 2009-11-10 15:51 - 00000006 ____H () C:WINDOWSTasksSA.DAT2014-04-12 20:27 - 2014-04-12 15:03 - 00065536 _____ () C:WINDOWSsystem32configCOMODO I.evt2014-04-12 20:27 - 2014-01-05 22:05 - 00476016 _____ () C:Documents and SettingsLocalServiceLocal SettingsApplication DataFontCache3.0.0.0.dat2014-04-12 20:27 - 2010-11-25 23:44 - 00000314 _____ () C:WINDOWSNetWatcherPro.ini2014-04-12 20:27 - 2009-11-10 19:42 - 00000000 ____D () C:Documents and SettingsjivkoApplication DatauTorrent2014-04-12 20:27 - 2009-11-10 15:51 - 00032652 _____ () C:WINDOWSSchedLgU.Txt2014-04-12 19:31 - 2013-02-25 16:39 - 00000000 ____D () C:Documents and SettingsjivkoDesktopИгри2014-04-12 19:03 - 2014-04-12 19:03 - 00000580 _____ () C:Documents and SettingsAll UsersDesktopMTA San Andreas 1.3.lnk2014-04-12 19:03 - 2014-04-12 19:03 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsMTA San Andreas 1.32014-04-12 19:03 - 2014-04-12 19:03 - 00000000 ____D () C:Documents and SettingsAll UsersApplication DataMTA San Andreas All2014-04-12 18:09 - 2014-04-12 18:04 - 00000000 ____D () C:Documents and SettingsjivkoDesktopgta2014-04-12 17:10 - 2009-11-10 16:49 - 00000132 _____ () C:WINDOWSwinamp.ini2014-04-12 15:17 - 2014-04-12 10:44 - 00000216 _____ () C:WINDOWSTasksMicrosoft Windows XP End of Service Notification Monthly.job2014-04-12 15:16 - 2013-06-14 15:32 - 00241744 _____ () C:WINDOWSsystem32Driversfvstore.dat2014-04-12 15:03 - 2014-02-18 16:03 - 00000000 ____D () C:Documents and SettingsLocalServiceLocal SettingsApplication DataFileTypeAssistant2014-04-12 15:03 - 2014-02-18 16:01 - 00000450 _____ () C:WINDOWSTasksProgramRefresh-ATFST.job2014-04-12 15:03 - 2014-02-18 16:01 - 00000000 ____D () C:Program FilesFile Type Assistant2014-04-12 10:44 - 2009-11-10 23:40 - 00285312 _____ () C:WINDOWSsystem32FNTCACHE.DAT2014-04-12 10:44 - 2001-08-23 17:00 - 00002206 _____ () C:WINDOWSsystem32wpa.dbl2014-04-12 10:43 - 2014-04-12 10:43 - 00000000 _____ () C:asc_rdflag2014-04-12 10:43 - 2013-11-30 17:05 - 43896832 _____ () C:WINDOWSsystem32configsoftware.iodefrag.bak2014-04-12 10:43 - 2013-11-30 17:05 - 00331776 _____ () C:WINDOWSsystem32configdefault.iodefrag.bak2014-04-12 10:43 - 2013-11-30 17:05 - 00053248 _____ () C:WINDOWSsystem32configSECURITY.iodefrag.bak2014-04-12 10:43 - 2013-11-30 17:05 - 00028672 _____ () C:WINDOWSsystem32configSAM.iodefrag.bak2014-04-11 22:19 - 2009-11-10 15:51 - 00000000 __SHD () C:Documents and SettingsLocalService2014-04-11 22:18 - 2014-04-11 22:18 - 00000000 __SHD () C:Documents and SettingsLocalServiceIETldCache2014-04-11 20:12 - 2013-01-27 14:05 - 00000000 ____D () C:Documents and SettingsjivkoApplication Data.minecraft2014-04-11 19:10 - 2013-04-15 19:59 - 00000000 ____D () C:Documents and SettingsjivkoStart MenuProgramsUbisoft2014-04-11 19:10 - 2013-04-15 19:59 - 00000000 ____D () C:Documents and SettingsjivkoLocal SettingsApplication DataDeployment2014-04-11 19:09 - 2014-04-11 19:09 - 00000332 _____ () C:Documents and SettingsjivkoDesktopGhost Recon Phantoms - EU.appref-ms2014-04-11 13:35 - 2014-04-11 13:35 - 00013333 _____ () C:WINDOWSKB2936068-IE8.log2014-04-11 13:35 - 2014-04-11 13:35 - 00000000 __HDC () C:WINDOWS$NtUninstallKB2922229$2014-04-11 13:35 - 2014-04-11 13:34 - 00006558 _____ () C:WINDOWSKB2922229.log2014-04-11 13:35 - 2013-08-03 18:53 - 00027405 _____ () C:WINDOWSupdspapi.log2014-04-11 13:35 - 2013-07-04 11:53 - 00354075 _____ () C:WINDOWSiis6.log2014-04-11 13:35 - 2013-07-04 11:53 - 00327732 _____ () C:WINDOWSFaxSetup.log2014-04-11 13:35 - 2013-07-04 11:53 - 00156668 _____ () C:WINDOWSocgen.log2014-04-11 13:35 - 2013-07-04 11:53 - 00149539 _____ () C:WINDOWStsoc.log2014-04-11 13:35 - 2013-07-04 11:53 - 00108578 _____ () C:WINDOWScomsetup.log2014-04-11 13:35 - 2013-07-04 11:53 - 00100078 _____ () C:WINDOWSmsmqinst.log2014-04-11 13:35 - 2013-07-04 11:53 - 00065774 _____ () C:WINDOWSntdtcsetup.log2014-04-11 13:35 - 2013-07-04 11:53 - 00057399 _____ () C:WINDOWSnetfxocm.log2014-04-11 13:35 - 2013-07-04 11:53 - 00022525 _____ () C:WINDOWSMedCtrOC.log2014-04-11 13:35 - 2013-07-04 11:53 - 00018126 _____ () C:WINDOWSocmsn.log2014-04-11 13:35 - 2013-07-04 11:53 - 00016483 _____ () C:WINDOWStabletoc.log2014-04-11 13:35 - 2013-07-04 11:53 - 00016377 _____ () C:WINDOWSmsgsocm.log2014-04-11 13:35 - 2013-07-04 11:53 - 00001374 _____ () C:WINDOWSimsins.log2014-04-11 13:35 - 2013-07-04 11:53 - 00001374 _____ () C:WINDOWSimsins.BAK2014-04-11 13:35 - 2013-02-28 09:31 - 00000000 ____D () C:WINDOWSie8updates2014-04-11 13:34 - 2014-04-11 13:34 - 00006037 _____ () C:WINDOWSKB2929961.log2014-04-11 13:34 - 2014-04-11 13:34 - 00000000 __HDC () C:WINDOWS$NtUninstallKB2930275$2014-04-11 13:34 - 2014-04-11 13:34 - 00000000 __HDC () C:WINDOWS$NtUninstallKB2929961$2014-04-11 13:34 - 2014-04-11 13:33 - 00006597 _____ () C:WINDOWSKB2930275.log2014-04-11 13:33 - 2014-04-11 13:33 - 00005705 _____ () C:WINDOWSKB2934207.log2014-04-11 13:33 - 2014-04-11 13:33 - 00000000 __HDC () C:WINDOWS$NtUninstallKB2934207$2014-04-11 13:33 - 2014-02-10 08:18 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsHyperCam 32014-04-11 13:33 - 2014-01-13 16:36 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsPinnacle Game Profiler2014-04-11 13:33 - 2013-02-25 16:38 - 00000000 ____D () C:Documents and SettingsjivkoDesktopАнтивирусни програми2014-04-11 13:29 - 2013-11-30 15:16 - 43896832 _____ () C:WINDOWSsystem32configsoftware.iobit2014-04-11 13:29 - 2013-11-30 15:16 - 00331776 _____ () C:WINDOWSsystem32configdefault.iobit2014-04-11 13:29 - 2013-11-30 15:16 - 00053248 _____ () C:WINDOWSsystem32configSECURITY.iobit2014-04-11 13:29 - 2013-11-30 15:16 - 00028672 _____ () C:WINDOWSsystem32configSAM.iobit2014-04-11 13:29 - 2009-11-10 15:52 - 00000000 ____D () C:Documents and Settingsjivko2014-04-11 13:29 - 2009-11-10 15:51 - 00000000 __SHD () C:Documents and SettingsNetworkService2014-04-09 17:39 - 2010-11-03 22:43 - 00000664 _____ () C:WINDOWSsystem32d3d9caps.dat2014-04-09 16:34 - 2014-04-09 16:34 - 00010691 _____ () C:Documents and SettingsjivkoDesktopimages.jpeg2014-04-08 12:38 - 2012-04-24 19:35 - 00000000 ____D () C:Program FilesMozilla Maintenance Service2014-04-07 09:20 - 2014-04-07 09:20 - 00000000 ____D () C:Program FilesMozilla Firefox2014-04-06 19:00 - 2013-12-07 14:45 - 00000000 ___RD () C:Documents and SettingsjivkoDesktopkefche's disk #22014-04-06 18:04 - 2014-04-06 18:04 - 00000000 ____D () C:Documents and SettingsjivkoApplication DataStyle Jukebox Settings2014-04-06 17:50 - 2014-04-06 17:50 - 00000495 _____ () C:Documents and SettingsAll UsersDesktopVIVA Jukebox.lnk2014-04-06 17:50 - 2014-04-06 17:49 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsVIVA Jukebox2014-04-06 17:49 - 2014-04-06 17:49 - 00000000 ____D () C:WINDOWSsystem32Presets2014-04-06 16:38 - 2013-08-10 11:23 - 00000000 ____D () C:Documents and SettingsjivkoLocal SettingsApplication DataAkamai2014-04-06 16:38 - 2009-11-10 23:41 - 00594932 _____ () C:WINDOWSsystem32PerfStringBackup.INI2014-04-06 16:36 - 2013-11-27 14:04 - 00000000 ____D () C:Documents and SettingsAll UsersApplication DataProductData2014-03-28 21:51 - 2014-03-28 21:51 - 00000940 _____ () C:Documents and SettingsjivkoDesktopUntitled88.cpp2014-03-28 21:51 - 2014-03-23 18:21 - 00110080 _____ () C:Documents and SettingsjivkoDesktopUntitled88.exe2014-03-28 21:51 - 2014-03-23 18:21 - 00058427 _____ () C:Documents and SettingsjivkoDesktopUntitled88.obj2014-03-28 21:51 - 2014-02-20 15:19 - 00000000 ____D () C:Documents and SettingsjivkoApplication DataCodeBlocks2014-03-28 20:34 - 2014-03-28 20:34 - 00000000 ____D () C:Documents and SettingsjivkoDesktoptictactoe2014-03-28 20:32 - 2014-03-28 20:33 - 00045182 _____ () C:Documents and SettingsjivkoDesktoptictactoe.zip2014-03-28 20:22 - 2014-03-28 20:22 - 00005821 _____ () C:Documents and SettingsjivkoDesktopUntitled8.cpp2014-03-28 20:16 - 2001-08-23 17:00 - 00001374 _____ () C:WINDOWSwin.ini2014-03-28 20:08 - 2014-03-15 19:05 - 00158208 _____ () C:Documents and SettingsjivkoDesktopUntitled8.exe2014-03-28 20:08 - 2014-03-15 19:05 - 00114357 _____ () C:Documents and SettingsjivkoDesktopUntitled8.obj2014-03-28 12:18 - 2013-12-19 16:44 - 00000000 ____D () C:Program FilesMicrosoft Silverlight2014-03-27 20:20 - 2013-12-19 16:44 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsMicrosoft Silverlight2014-03-27 15:13 - 2014-03-27 15:13 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsnovaPDF Standard Desktop 72014-03-26 21:48 - 2014-03-25 16:38 - 01522501 _____ () C:Documents and SettingsjivkoDesktopДвижението за национално освобождение.pptx2014-03-26 21:44 - 2014-03-26 21:44 - 00000000 ___RD () C:Documents and SettingsjivkoDesktop2014-03-26 19:34 - 2013-09-19 16:27 - 00000000 ____D () C:Documents and SettingsjivkoApplication Datavlc2014-03-25 22:22 - 2013-04-25 11:05 - 00104792 _____ (COMODO) C:WINDOWSsystem32Driversinspect.sys2014-03-25 22:22 - 2013-04-23 15:04 - 00363504 _____ (COMODO) C:WINDOWSsystem32guard32.dll2014-03-25 22:22 - 2013-04-15 18:39 - 00607448 _____ (COMODO) C:WINDOWSsystem32DriverscmdGuard.sys2014-03-25 22:22 - 2013-04-15 18:39 - 00029912 _____ (COMODO) C:WINDOWSsystem32Driverscmdhlp.sys2014-03-25 22:22 - 2013-04-15 18:39 - 00015704 _____ (COMODO) C:WINDOWSsystem32Driverscmderd.sys2014-03-25 22:22 - 2013-04-15 18:38 - 00284888 _____ (COMODO) C:WINDOWSsystem32cmdvrt32.dll2014-03-25 22:22 - 2013-04-15 18:38 - 00040664 _____ (COMODO) C:WINDOWSsystem32cmdkbd32.dll2014-03-25 22:22 - 2013-04-15 18:38 - 00036000 _____ (COMODO) C:WINDOWSsystem32cmdcsr.dll2014-03-25 18:01 - 2011-09-13 16:01 - 00702976 ___SH () C:Documents and SettingsjivkoDesktopThumbs.db2014-03-24 21:15 - 2014-03-24 21:15 - 00000000 ____D () C:Documents and SettingsjivkoStart MenuProgramsSan Andreas Multiplayer2014-03-24 21:15 - 2014-03-18 19:57 - 00000000 ____D () C:Documents and SettingsjivkoMy DocumentsGTA San Andreas User Files2014-03-24 21:10 - 2014-03-18 21:26 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsRockstar Games2014-03-24 20:02 - 2014-01-11 17:05 - 00000000 ____D () C:Documents and SettingsjivkoMy DocumentsEuro Truck Simulator 22014-03-23 18:19 - 2013-07-04 11:55 - 00743032 _____ () C:WINDOWSDPINST.LOG2014-03-23 18:14 - 2014-03-23 18:14 - 00001739 _____ () C:Documents and SettingsAll UsersDesktopSony PC Companion 2.1.lnk2014-03-23 18:14 - 2014-03-23 18:14 - 00000000 ____D () C:Program FilesSony2014-03-23 18:14 - 2014-03-23 18:14 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsSony2014-03-23 18:14 - 2014-03-23 18:14 - 00000000 ____D () C:Documents and SettingsAll UsersApplication DataSony2014-03-23 18:14 - 2009-11-10 16:00 - 00000000 ___HD () C:Program FilesInstallShield Installation Information2014-03-23 18:11 - 2013-06-20 21:30 - 00520406 _____ () C:WINDOWSsetupapi.log2014-03-23 18:05 - 2009-12-07 14:31 - 00099328 _____ () C:Documents and SettingsjivkoLocal SettingsApplication DataDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini2014-03-22 14:15 - 2014-03-23 17:53 - 00002203 _____ () C:Documents and SettingsjivkoDesktopUntitled88.o2014-03-22 13:36 - 2014-03-23 17:52 - 00909638 _____ () C:Documents and SettingsjivkoDesktopMy Computer.exe2014-03-21 20:47 - 2014-03-21 20:36 - 00000000 ____D () C:Documents and SettingsjivkoApplication DataQtProject2014-03-21 20:47 - 2014-03-09 21:51 - 00000000 ____D () C:Documents and SettingsjivkoDesktopC++2014-03-21 20:37 - 2014-03-21 20:37 - 00000619 _____ () C:Documents and SettingsjivkoDesktop22333.cpp2014-03-21 20:37 - 2014-03-21 19:30 - 00148992 _____ () C:Documents and SettingsjivkoDesktop22333.exe2014-03-21 20:37 - 2014-03-21 19:30 - 00110828 _____ () C:Documents and SettingsjivkoDesktop22333.obj2014-03-21 20:35 - 2014-03-21 20:35 - 00000000 ____D () C:Documents and SettingsjivkoStart MenuProgramsQt 5.2.12014-03-21 17:03 - 2014-03-21 17:03 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsuGet VGI2014-03-21 17:03 - 2014-03-04 18:37 - 00000444 _____ () C:Documents and SettingsAll UsersDesktopuGet.lnk2014-03-19 19:44 - 2014-03-19 19:33 - 00000000 ____D () C:Documents and SettingsjivkoMy DocumentsJustCause2014-03-19 19:14 - 2014-03-19 19:14 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsKAPITALSIN2014-03-19 16:08 - 2014-03-27 15:13 - 00024864 _____ (Softland) C:WINDOWSsystem32novamns7.dll2014-03-19 16:08 - 2014-03-27 15:13 - 00021792 _____ (Softland) C:WINDOWSsystem32novamis7.dll2014-03-19 11:15 - 2013-07-04 11:54 - 00003552 _____ () C:WINDOWSspupdsvc.log2014-03-18 21:41 - 2014-03-18 21:29 - 00000000 ____D () C:Documents and SettingsjivkoLocal SettingsApplication DataRockstar Games2014-03-18 21:31 - 2013-10-05 14:50 - 00107888 _____ (Sony DADC Austria AG.) C:WINDOWSsystem32CmdLineExt.dll2014-03-18 21:26 - 2013-07-04 11:53 - 00061195 _____ () C:WINDOWSWMFDist11.log2014-03-18 21:17 - 2013-07-04 11:52 - 00016598 _____ () C:WINDOWSWudf01000Inst.log2014-03-18 21:16 - 2013-10-05 14:44 - 00160125 _____ () C:WINDOWSDirectX.log2014-03-18 21:16 - 2009-11-10 15:48 - 00000000 ____D () C:WINDOWSsystem32DirectX2014-03-18 21:15 - 2014-03-18 21:15 - 00000000 ____D () C:WINDOWSsystem32xlive2014-03-18 21:15 - 2014-03-18 21:15 - 00000000 ____D () C:Program FilesMicrosoft Games for Windows - LIVE2014-03-18 20:02 - 2009-11-29 17:25 - 00000116 _____ () C:WINDOWSNeroDigital.ini2014-03-18 19:54 - 2014-03-18 19:54 - 00059544 _____ () C:Documents and SettingsjivkoDesktopUP UP AND AWAY.zip2014-03-18 19:52 - 2014-03-18 19:52 - 00059781 _____ () C:Documents and SettingsjivkoDesktopFREEFALL.zip2014-03-16 11:59 - 2014-03-16 11:59 - 00000000 ____D () C:Documents and Settingsjivko.android2014-03-16 11:59 - 2009-11-10 16:32 - 00000000 ____D () C:Documents and SettingsjivkoLocal SettingsApplication DataMozilla2014-03-16 11:59 - 2009-11-10 16:32 - 00000000 ____D () C:Documents and SettingsjivkoApplication DataMozilla2014-03-15 21:17 - 2014-03-15 21:17 - 00001637 _____ () C:Documents and SettingsjivkoDesktopUntitled8#2.cppFiles to move or delete:====================C:Documents and SettingsjivkoApplication DataCamLayout.iniC:Documents and SettingsjivkoApplication DataCamShapes.iniC:Documents and SettingsjivkoTempWmicBatchFile.batSome content of TEMP:====================C:Documents and SettingsjivkoLocal SettingsTempAcDeltree.exeC:Documents and SettingsjivkoLocal SettingsTempAutoRun.exeC:Documents and SettingsjivkoLocal SettingsTempAutoRunGUI.dllC:Documents and SettingsjivkoLocal SettingsTempavgnt.exeC:Documents and SettingsjivkoLocal SettingsTempCH.dllC:Documents and SettingsjivkoLocal SettingsTempdrm_dyndata_7370014.dllC:Documents and SettingsjivkoLocal SettingsTempDTLite4481-0347.exeC:Documents and SettingsjivkoLocal SettingsTempFreeFileViewerSetup.exeC:Documents and SettingsjivkoLocal SettingsTempi4jdel0.exeC:Documents and SettingsjivkoLocal SettingsTempjre-7u51-windows-i586-iftw.exeC:Documents and SettingsjivkoLocal SettingsTempose00000.exeC:Documents and SettingsjivkoLocal SettingsTempResource_AcceptRate.exeC:Documents and SettingsjivkoLocal SettingsTempResource_Toolbar.exeC:Documents and SettingsjivkoLocal SettingsTempUninstall.exeC:Documents and SettingsjivkoLocal SettingsTemputt49B.tmp.exeC:Documents and SettingsjivkoLocal SettingsTemp_is1EE.exeC:Documents and SettingsxxxLocal SettingsTempavgnt.exe==================== Bamital & volsnap Check =================C:WINDOWSexplorer.exe => MD5 is legitC:WINDOWSsystem32winlogon.exe => MD5 is legitC:WINDOWSsystem32svchost.exe => MD5 is legitC:WINDOWSsystem32services.exe => MD5 is legitC:WINDOWSsystem32User32.dll => MD5 is legitC:WINDOWSsystem32userinit.exe => MD5 is legitC:WINDOWSsystem32rpcss.dll => MD5 is legitC:WINDOWSsystem32Driversvolsnap.sys => MD5 is legit==================== End Of Log ============================

Качил съм Addition лога.

post-347780-0-90629400-1397382260_thumb.

post-347780-0-04225500-1397382265_thumb.

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Няма нищо уникално. Има раздел за вируси. Посети тази тема и изпълни стъпките там. Колегите от HJT Team ще помогнат

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Да ме прощава екипа на антивирусният отдел,че пиша където не ми е работата.

Авторът на темата,от толкова много антивирусни програми,работещи едновременно,вие какво очаквате? Оставете си само една.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Да ме прощава екипа на антивирусният отдел,че пиша където не ми е работата.

Авторът на темата,от толкова много антивирусни програми,работещи едновременно,вие какво очаквате? Оставете си само една.

Прави сте, но единствените, кито работят постоянно са Avira u Comodo. Останалите са вид scan and destroy и те не защитават компютъра постоянно. Все пак благодаря! ;)

 

 

Няма нищо уникално. Има раздел за вируси. Посети тази тема и изпълни стъпките там. Колегите от HJT Team ще помогнат

Бихте ли повторили на простоцарски? Не съм много умен... :help wanted4:

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Е,поне можеш ли да четеш?

Влизаш в линка,даден от уважаемият Emokostov. Четеш и следваш указанията.Това е.


Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Прави сте, но единствените, кито работят постоянно са Avira u Comodo. Останалите са вид scan and destroy и те не защитават компютъра постоянно. Все пак благодаря! ;)

 

 

Бихте ли повторили на простоцарски? Не съм много умен... :help wanted4:

Напротив умен си и прочети линка, който съм ти дал. 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте..! Комбинацията Avira и защитната стена на Comodo е добра..!

Деинсталирайте по стандартен начин Twister Antivirus, Advanced SystemCare 7 и ESET Online Scanner. След това направете повторно сканиране с Farbar Recovery Scan Tool .Публикувайте дневниците в следващия си пост.

 

 

 

Предполагам, че е вирус, защото изчистих регистрите с Advansed System Cape 7 Pro,

 

 

Това е грешка..Защо си мислите че като почистите регистрите ще се отървете от вирус..Странна теория..особено с тази програма ...но компютъра си е ваш..и вие решавате..!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте..! Комбинацията Avira и защитната стена на Comodo е добра..!

Деинсталирайте по стандартен начин Twister Antivirus, Advanced SystemCare 7 и ESET Online Scanner. След това направете повторно сканиране с Farbar Recovery Scan Tool .Публикувайте дневниците в следващия си пост.

 

 

 

 

Това е грешка..Защо си мислите че като почистите регистрите ще се отървете от вирус..Странна теория..особено с тази програма ...но компютъра си е ваш..и вие решавате..!

Благодаря,

 

Справих се отлично според мен с първите две програми, но при ESET Online Scanner ми изписва това, което е показано на картинката. Такава папка също НЯМА. Как да отстраня нежеланата програма?

Вижте качените от мен картинки и ако не ви дам отговор на вашите упътвания до 48 часа пишете на e-mail [email protected] (МОЛЯ :wors: )

post-347780-0-13167600-1397408918_thumb.

post-347780-0-84528100-1397408961_thumb.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Добре, да кажем, че сме готови.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-04-2014 01Ran by jivko (administrator) on PC on 14-04-2014 13:29:21Running from C:Documents and SettingsjivkoDesktopMicrosoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)Internet Explorer Version 8Boot Mode: NormalThe only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(NVIDIA Corporation) C:WINDOWSsystem32nvsvc32.exe(COMODO) C:Program FilesCOMODOCOMODO Internet Securitycmdagent.exe(Avira Operations GmbH & Co. KG) C:Program FilesAviraAntiVir Desktopsched.exe(Google Inc.) C:Program FilesGoogleUpdate1.3.23.9GoogleCrashHandler.exe(VIA Technologies, Inc.) C:Program FilesVIAVIAudioiHDADeckHDeck.exe(PixArt Imaging Incorporation) C:WINDOWSPixArtPAP7501GUCI_AVS.exe(PixArt Imaging Incorporation) C:WINDOWSPixArtPAP7501PACTray.exe(Schildpatio-30 BV) C:Program FilesNetWatcherProNetWatcherPro.exe(Avira Operations GmbH & Co. KG) C:Program FilesAviraAntiVir Desktopavgnt.exe(Intel Corporation) D:NestizaIntel appUpIntelAppStorebinismagent.exe(Lavasoft) C:Documents and SettingsAll UsersApplication DataAd-Aware Browsing Protectionadawarebp.exe(COMODO) C:Program FilesCOMODOCOMODO Internet Securitycistray.exe(Intel Corporation) D:NestizaIntel appUpIntelAppStorebinAppUp.exe(AdTrustMedia) C:Program FilesAdTrustMediaPrivDog2.1.0.19trustedadssvc.exe(Oracle Corporation) C:Program FilesCommon FilesJavaJava Updatejusched.exe(LogMeIn Inc.) D:HAMA4ihamachi-2-ui.exe(SUPERAntiSpyware.com) C:Program FilesSUPERAntiSpywareSASCORE.EXE(Avira Operations GmbH & Co. KG) C:Program FilesAviraAntiVir Desktopavguard.exe(Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe() D:VIVA JukeboxStyle Jukebox.exe(BlueStack Systems, Inc.) C:Program FilesBlueStacksHD-LogRotatorService.exe(LogMeIn, Inc.) D:HAMA4iLMIGuardianSvc.exe() C:WINDOWSDatecsFlex2K.exe(Dropbox, Inc.) C:Documents and SettingsjivkoApplication DataDropboxbinDropbox.exe(Oracle Corporation) C:Program FilesJavajre7binjqs.exe(IObit) C:Program FilesIObitLiveUpdateLiveUpdate.exe() C:WINDOWSsystem32PnkBstrA.exe(Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe(Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe(Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe(LogMeIn Inc.) D:HAMA4ihamachi-2.exe(LogMeIn, Inc.) D:HAMA4iLMIGuardianSvc.exe(Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe(Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe(Avira Operations GmbH & Co. KG) C:Program FilesAviraAntiVir Desktopavshadow.exe(Microsoft Corporation) C:WINDOWSMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exe(COMODO) C:Program FilesCOMODOCOMODO Internet Securitycavwp.exe(COMODO) C:Program FilesCOMODOCOMODO Internet Securitycis.exe() C:WINDOWSsystem32PnkBstrB.exe(Mozilla Corporation) C:Program FilesMozilla Firefoxfirefox.exe(Mozilla Corporation) C:Program FilesMozilla Firefoxplugin-container.exe==================== Registry (Whitelisted) ==================HKLM...Run: [IgfxTray] => C:WINDOWSsystem32igfxtray.exe [141336 2009-04-29] (Intel Corporation)HKLM...Run: [HotKeysCmds] => C:WINDOWSsystem32hkcmd.exe [173592 2009-04-29] (Intel Corporation)HKLM...Run: [Persistence] => C:WINDOWSsystem32igfxpers.exe [142872 2009-04-29] (Intel Corporation)HKLM...Run: [HDAudDeck] => C:Program FilesVIAVIAudioiHDADeckHDeck.exe [33603584 2009-04-06] (VIA Technologies, Inc.)HKLM...Run: [REGSHAVE] => C:Program FilesREGSHAVEREGSHAVE.EXE [53248 2002-02-04] (FUJI PHOTO FILM CO., LTD.)HKLM...Run: [GUCI_AVS] => C:WINDOWSPixArtPAP7501GUCI_AVS.exe [323584 2007-12-10] (PixArt Imaging Incorporation)HKLM...Run: [PACTray] => C:WINDOWSPixArtPAP7501PACTray.exe [319488 2008-11-14] (PixArt Imaging Incorporation)HKLM...Run: [NetWatcherPro] => C:Program FilesNetWatcherProNetWatcherPro.exe [524288 1998-04-20] (Schildpatio-30 BV)HKLM...Run: [NvMediaCenter] => C:WINDOWSsystem32NvMcTray.dll [110696 2010-10-16] (NVIDIA Corporation)HKLM...Run: [NvCplDaemon] => C:WINDOWSsystem32NvCpl.dll [13851752 2010-10-16] (NVIDIA Corporation)HKLM...Run: [nwiz] => C:Program FilesNVIDIA CorporationnViewnwiz.exe [1753192 2010-08-26] ()HKLM...Run: [avgnt] => C:Program FilesAviraAntiVir Desktopavgnt.exe [689744 2014-03-13] (Avira Operations GmbH & Co. KG)HKLM...Run: [Intel AppUp(R) center] => D:NestizaIntel appUpIntelAppStorebinismagent.exe [156000 2013-07-04] (Intel Corporation)HKLM...Run: [Ad-Aware Browsing Protection] => C:Documents and SettingsAll UsersApplication DataAd-Aware Browsing Protectionadawarebp.exe [542632 2013-01-31] (Lavasoft)HKLM...Run: [COMODO Internet Security] => C:Program FilesCOMODOCOMODO Internet Securitycistray.exe [1225944 2014-03-25] (COMODO)HKLM...Run: [Intel AppUp(R) center Systray] => D:NestizaIntel appUpIntelAppStorebinAppUp.exe [928992 2013-07-04] (Intel Corporation)HKLM...Run: [PrivDogService] => C:Program FilesAdTrustMediaPrivDog2.1.0.19trustedadssvc.exe [662696 2014-04-08] (AdTrustMedia)HKLM...Run: [SunJavaUpdateSched] => C:Program FilesCommon FilesJavaJava Updatejusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM...Run: [LogMeIn Hamachi Ui] => D:HAMA4ihamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)HKLM...Run: [DAEMON Tools Lite] => D:DTLDAEMON Tools LiteDTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)HKU.DEFAULT...Run: [CTFMON.EXE] => C:WINDOWSsystem32CTFMON.EXE [15360 2008-04-14] (Microsoft Corporation)HKU.DEFAULT...Run: [GoogleChromeAutoLaunch_BB7E6CE705E9E15ABCB72D3060D30B1F] => C:Program FilesGoogleChromeApplicationchrome.exe [841032 2014-04-02] (Google Inc.)HKU.DEFAULT...PoliciesExplorer: [NoCDBurning] 1HKUS-1-5-19...Run: [CTFMON.EXE] => C:WINDOWSsystem32CTFMON.EXE [15360 2008-04-14] (Microsoft Corporation)HKUS-1-5-19...PoliciesExplorer: [NoCDBurning] 1HKUS-1-5-20...Run: [CTFMON.EXE] => C:WINDOWSsystem32CTFMON.EXE [15360 2008-04-14] (Microsoft Corporation)HKUS-1-5-20...PoliciesExplorer: [NoCDBurning] 1HKUS-1-5-21-1409082233-573735546-725345543-1003...Run: [ctfmon.exe] => C:WINDOWSsystem32ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)HKUS-1-5-21-1409082233-573735546-725345543-1003...Run: [GoogleChromeAutoLaunch_391185D95CC2064269C2A988A8D5B391] => C:Program FilesGoogleChromeApplicationchrome.exe [841032 2014-04-02] (Google Inc.)HKUS-1-5-21-1409082233-573735546-725345543-1003...Run: [Style Jukebox] => D:VIVA JukeboxStyle Jukebox.exe [8739840 2014-02-27] ()HKUS-1-5-21-1409082233-573735546-725345543-1003...RunOnce: [FlashPlayerUpdate] - C:WINDOWSsystem32MacromedFlashFlashUtil32_12_0_0_77_Plugin.exe [841096 2014-03-12] (Adobe Systems Incorporated)HKUS-1-5-21-1409082233-573735546-725345543-1003...PoliciesExplorer: [NoCDBurning] 1HKUS-1-5-21-1409082233-573735546-725345543-1003...MountPoints2: {96d98ecb-2415-11e3-9a1d-002618d338cf} - G:Startme.exeHKUS-1-5-21-1409082233-573735546-725345543-1003...MountPoints2: {bddcf6ca-9151-11e3-aee2-002618d338cf} - G:autorun.exeStartup: C:Documents and SettingsAll UsersStart MenuProgramsStartupFlexType 2K.lnkShortcutTarget: FlexType 2K.lnk -> C:WINDOWSDatecsFlex2K.exe ()Startup: C:Documents and SettingsjivkoStart MenuProgramsStartupDropbox.lnkShortcutTarget: Dropbox.lnk -> C:Documents and SettingsjivkoApplication DataDropboxbinDropbox.exe (Dropbox, Inc.)==================== Internet (Whitelisted) ====================HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.bg/HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://www.google.com/ieURLSearchHook: ATTENTION ==> Default URLSearchHook is missing.URLSearchHook: HKCU - (No Name) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} -  No FileSearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10401&src=crm&q={searchTerms}&locale=en_BG&apn_ptnrs=^ABZ&apn_dtid=^YYYYYY^YY^BG&apn_uid=aec7538b-df32-4b5a-819e-fa53ad9910fd&apn_sauid=55E9A90D-DD02-4305-B1FA-F47CEC3B3356BHO: Помощник за връзки на Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll (Adobe Systems Incorporated)BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:Program FilesIObitIObit UninstallerUninstallExplorer32.dll (IObit)BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:Office12GrooveShellExtensions.dll (Microsoft Corporation)BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre7binssv.dll (Oracle Corporation)BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:Program FilesIObitSurfing ProtectionBrowerProtectASCPlugin_Protection.dll (IObit)BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre7binjp2ssv.dll (Oracle Corporation)BHO: PrivDog Extension - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:Program FilesAdTrustMediaPrivDog2.1.0.19trustedads.dll (AdTrustMedia)Toolbar: HKLM - No Name - {6c97a91e-4524-4019-86af-2aa2d567bf5c} -  No FileToolbar: HKLM - ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:Program FilesIObitIObit UninstallerUninstallExplorer32.dll (IObit)Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:WINDOWSsystem32browseui.dll (Microsoft Corporation)Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:WINDOWSsystem32SHELL32.dll (Microsoft Corporation)Toolbar: HKCU - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No FileToolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No FileDPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabHandler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:Program FilesCommon FilesMicrosoft SharedWeb FoldersPKMCDO.DLL (Microsoft Corporation)Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:Office12GrooveSystemServices.dll (Microsoft Corporation)Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program FilesCommon FilesSkypeSkype4COM.dll (Skype Technologies)ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:Program FilesSUPERAntiSpywareSASSEH.DLL [113024 2011-08-04] (SuperAdBlocker.com)TcpipParameters: [DhcpNameServer] 192.168.1.1FireFox:========FF ProfilePath: C:Documents and SettingsjivkoApplication DataMozillaFirefoxProfilesib2hakcz.defaultFF user.js: detected! => C:Documents and SettingsjivkoApplication DataMozillaFirefoxProfilesib2hakcz.defaultuser.jsFF SearchEngineOrder.1: Ask.comFF SelectedSearchEngine: GoogleFF Homepage: about:newtabFF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=FF Plugin: @adobe.com/FlashPlayer - C:WINDOWSsystem32MacromedFlashNPSWF32_12_0_0_77.dll ()FF Plugin: @Google.com/GoogleEarthPlugin - C:Program FilesGoogleGoogle Earthpluginnpgeplugin.dll (Google)FF Plugin: @IObit.com/np_Asc_Plugin - C:Program FilesIObitSurfing ProtectionBrowerProtectnp_Asc_plugin.dll (IObit)FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:Program FilesJavajre7bindtpluginnpDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:Program FilesJavajre7binplugin2npjp2.dll (Oracle Corporation)FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:Program FilesMicrosoft Silverlight5.1.30214.0npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/WPF,version=3.5 - C:WINDOWSMicrosoft.NETFrameworkv3.5Windows Presentation FoundationNPWPF.dll (Microsoft Corporation)FF Plugin: @tools.google.com/Google Update;version=3 - C:Program FilesGoogleUpdate1.3.23.9npGoogleUpdate3.dll (Google Inc.)FF Plugin: @tools.google.com/Google Update;version=9 - C:Program FilesGoogleUpdate1.3.23.9npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:Documents and SettingsjivkoLocal SettingsApplication DataUnityWebPlayerloadernpUnity3D32.dll (Unity Technologies ApS)FF Plugin HKCU: intel.com/AppUp - D:NestizaIntel appUpIntelAppStorebinnpAppUp.dll (Intel)FF Plugin ProgramFiles/Appdata: C:Program Filesmozilla firefoxpluginsNPOFF12.DLL (Microsoft Corporation)FF Plugin ProgramFiles/Appdata: C:Program Filesmozilla firefoxpluginsnppdf32.dll (Adobe Systems Inc.)FF SearchPlugin: C:Documents and SettingsjivkoApplication DataMozillaFirefoxProfilesib2hakcz.defaultsearchpluginsaskcom.xmlFF SearchPlugin: C:Documents and SettingsjivkoApplication DataMozillaFirefoxProfilesib2hakcz.defaultsearchpluginsdaemon-search.xmlFF SearchPlugin: C:Documents and SettingsjivkoApplication DataMozillaFirefoxProfilesib2hakcz.defaultsearchpluginsfirefox-.xmlFF SearchPlugin: C:Program Filesmozilla firefoxbrowsersearchplugins911bg.xmlFF SearchPlugin: C:Program Filesmozilla firefoxbrowsersearchpluginsdiribg.xmlFF SearchPlugin: C:Program Filesmozilla firefoxbrowsersearchpluginspe-bg.xmlFF SearchPlugin: C:Program Filesmozilla firefoxbrowsersearchpluginsportalbgdict.xmlFF Extension: ClipConverter Desktop - C:Documents and SettingsjivkoApplication DataMozillaExtensions{ec8030f7-c20a-464f-9b0e-13a3a9e97384}[email protected] [2013-11-30]FF Extension: 20-20 3D Viewer - IKEA - C:Documents and SettingsjivkoApplication Data[email protected]2020Technologies.com [2013-12-03]FF Extension: Ads Removal - C:Documents and SettingsjivkoApplication [email protected]dsremoval.net [2014-02-25]FF Extension: Ant Video Downloader - C:Documents and SettingsjivkoApplication [email protected]nt.com [2014-04-08]FF Extension: Advanced SystemCare Surfing Protection - C:Documents and SettingsjivkoApplication DataMozil[email protected]iobit.com [2013-11-27]FF Extension: Battlefield Heroes Updater - C:Documents and SettingsjivkoApplication DataMozillaFi[email protected]ea.com [2013-03-08]FF Extension: Battlefield Play4Free - C:Documents and SettingsjivkoApplication DataMozil[email protected]ea.com [2013-09-14]FF Extension: GFACE Experience Plugin - C:Documents and SettingsjivkoApplication DataMozilla[email protected]crytek.com [2013-11-06]FF Extension: Lavasoft Search Plugin - C:Documents and SettingsjivkoApplication DataMozi[email protected]jetpack [2013-03-28]FF Extension: PrivDog - C:Documents and SettingsjivkoApplication [email protected]ustMedia.com [2013-12-18]FF Extension: Firefox OS Simulator - C:Documents and SettingsjivkoApplication [email protected]lla.org [2014-03-16]FF Extension: Ad-Aware Security Add-on - C:Documents and SettingsjivkoApplication DataMozillaFirefoxProfilesib2hakcz.defaultExtensions{87934c42-161d-45bc-8cef-ef18abe2a30c} [2013-03-28]FF Extension: DownloadHelper - C:Documents and SettingsjivkoApplication DataMozillaFirefoxProfilesib2hakcz.defaultExtensions{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]FF Extension: AVG Do Not Track - C:Documents and SettingsjivkoApplication DataMozillaFirefoxProfilesib2hakcz.defaultExtensions{F53C93F1-07D5-430c-86D4-C9531B27DFAF} [2013-04-01]FF Extension: ABV Notifier - C:Documents and SettingsjivkoApplication [email protected]netinfo.bg.xpi [2013-03-02]FF Extension: ClipConverter - C:Documents and SettingsjivkoApplication Da[email protected]clipconverter.cc.xpi [2012-12-18]FF Extension: PrivDog - C:Documents and SettingsjivkoApplication [email protected]ustMedia.com.xpi [2014-04-09]FF Extension: Webutation - C:Documents and SettingsjivkoApplication DataMozillaFirefoxProfilesib2hakcz.defaultExtensions{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi [2013-07-04]FF Extension: Destroy the Web - C:Documents and SettingsjivkoApplication DataMozillaFirefoxProfilesib2hakcz.defaultExtensions{7BDB48D1-CD94-4B99-A5A4-E418B9EE6532}.xpi [2013-01-18]FF HKLM...FirefoxExtensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:WINDOWSMicrosoft.NETFrameworkv3.5Windows Presentation FoundationDotNetAssistantExtensionFF Extension: Microsoft .NET Framework Assistant - C:WINDOWSMicrosoft.NETFrameworkv3.5Windows Presentation FoundationDotNetAssistantExtension []Chrome: =======CHR HomePage: hxxp://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=9CB29B5C4E05FE0E9919375154596CE2CHR Plugin: (Shockwave Flash) - C:Program FilesGoogleChromeApplication34.0.1847.116PepperFlashpepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:Program FilesGoogleChromeApplication34.0.1847.116ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:Program FilesGoogleChromeApplication34.0.1847.116pdf.dll ()CHR Plugin: (Adobe Acrobat) - C:Program FilesAdobeReader 8.0ReaderBrowsernppdf32.dll (Adobe Systems Inc.)CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:Program FilesJavajre6binnew_pluginnpdeployJava1.dll No FileCHR Plugin: (Java(TM) Platform SE 6 U29) - C:Program FilesJavajre6binnew_pluginnpjp2.dll No FileCHR Plugin: (Microsoft® DRM) - C:Program FilesWindows Media Playernpdrmv2.dll (Microsoft Corporation)CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:Program FilesWindows Media Playernpdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))CHR Plugin: (Microsoft® DRM) - C:Program FilesWindows Media Playernpwmsdrm.dll (Microsoft Corporation)CHR Plugin: (Unity Player) - C:Documents and SettingsjivkoLocal SettingsApplication DataUnityWebPlayerloadernpUnity3D32.dll (Unity Technologies ApS)CHR Plugin: (Google Earth Plugin) - C:Program FilesGoogleGoogle Earthpluginnpgeplugin.dll (Google)CHR Plugin: (Google Update) - C:Program FilesGoogleUpdate1.3.21.135npGoogleUpdate3.dll No FileCHR Plugin: (Shockwave Flash) - C:WINDOWSsystem32MacromedFlashNPSWF32_11_6_602_171.dll No FileCHR Extension: (Google Docs) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2013-02-28]CHR Extension: (Google Drive) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2013-02-28]CHR Extension: (YouTube) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-28]CHR Extension: (Gun Bros) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsciamkmigckbgfajcieiflmkedohjjohh [2013-04-21]CHR Extension: (PrivDog) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionscmaiofennmphjldldcpphcechfnnohja [2013-11-16]CHR Extension: (Google Search) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionscoobgpohoikkiipiblmjeljniedjpjpf [2013-02-28]CHR Extension: (GFACE Experience Plugin) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsejdlfmdbdibkbfdpjocdaolcheehmpol [2013-09-15]CHR Extension: (Ads Removal) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsfopdddcinljmpmioaklghcalngfhbaen [2014-02-25]CHR Extension: (Cut the Rope) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsgkddaofiamhgfjmaccfcfpfolpgbeomj [2013-04-06]CHR Extension: (Typing Test - KeyHero) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsjkcieoaeooeidmpaopkpjpjfakidlabm [2013-04-06]CHR Extension: (Little Alchemy) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsknkapnclbofjjgicpkfoagdjohlfjhpd [2013-04-06]CHR Extension: (Rally youbeQ) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionslcohfeeacabgogccgmhpgicpdcconlkc [2013-03-30]CHR Extension: (SecureSearch) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionslfffjahnfbocnaooecgijfnbpcfekoik [2013-03-28]CHR Extension: (BeGone) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsndfpieflbjbdpgklkeolbmbdkfdiicfk [2013-03-23]CHR Extension: (Advanced SystemCare Surfing Protection) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsnfengeggddojhakldhlpjdlddgkkjkdd [2014-01-26]CHR Extension: (Angry Birds Star Wars) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsnlmkchpbobilnepmmnjllhcnbbcgjfnb [2013-04-21]CHR Extension: (Google Wallet) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2013-09-15]CHR Extension: (Battlefield Play4Free) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsoiokahphinmbmakkehgelkmpolmnbkdh [2013-09-14]CHR Extension: (Gmail) - C:Documents and SettingsjivkoLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2013-02-28]CHR HKLM...ChromeExtension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:Documents and SettingsAll UsersApplication Dataadawaretbshortcutschromeadawaretb.crx [2013-02-04]CHR HKLM...ChromeExtension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:Program FilesIObitSurfing ProtectionBrowerProtectASC_GhromePlugin.crx [2013-11-27]CHR HKCU...ChromeExtension: [cmaiofennmphjldldcpphcechfnnohja] - C:Documents and SettingsjivkoLocal SettingsApplication DataAdTrustMediaPrivDogPrivDog_chrome.crx [2014-04-09]========================== Services (Whitelisted) =================R2 !SASCORE; C:Program FilesSUPERAntiSpywareSASCORE.EXE [116608 2012-09-09] (SUPERAntiSpyware.com)R2 AntiVirSchedulerService; C:Program FilesAviraAntiVir Desktopsched.exe [440400 2014-03-13] (Avira Operations GmbH & Co. KG)R2 AntiVirService; C:Program FilesAviraAntiVir Desktopavguard.exe [440400 2014-03-13] (Avira Operations GmbH & Co. KG)S2 appdrvrem01; C:WINDOWSSystem32appdrvrem01.exe [316888 2014-02-14] (Protection Technology)S2 BstHdAndroidSvc; C:Program FilesBlueStacksHD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)R2 BstHdLogRotatorSvc; C:Program FilesBlueStacksHD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)R2 cmdAgent; C:Program FilesCOMODOCOMODO Internet Securitycmdagent.exe [5302384 2014-03-25] (COMODO)S3 cmdvirth; C:Program FilesCOMODOCOMODO Internet Securitycmdvirth.exe [1663192 2014-03-25] (COMODO)R2 Hamachi2Svc; D:HAMA4ihamachi-2.exe [1678672 2014-02-26] (LogMeIn Inc.)R2 JavaQuickStarterService; C:Program FilesJavajre7binjqs.exe [182696 2013-12-18] (Oracle Corporation)R2 LiveUpdateSvc; C:Program FilesIObitLiveUpdateLiveUpdate.exe [2151200 2013-10-25] (IObit)S3 Microsoft Office Groove Audit Service; D:Office12GrooveAuditService.exe [65888 2008-10-25] (Microsoft Corporation)R2 PnkBstrA; C:WINDOWSsystem32PnkBstrA.exe [76888 2014-02-08] ()R2 PnkBstrB; C:WINDOWSsystem32PnkBstrB.exe [282296 2014-04-14] ()S3 Sony PC Companion; C:Program FilesSonySony PC CompanionPCCService.exe [155824 2013-02-04] (Avanquest Software)==================== Drivers (Whitelisted) ====================R1 appdrv01; C:WINDOWSSystem32Driversappdrv01.sys [3332784 2014-02-14] (Protection Technology)R2 avgntflt; C:WINDOWSSystem32DRIVERSavgntflt.sys [90400 2013-12-17] (Avira Operations GmbH & Co. KG)R1 avipbb; C:WINDOWSSystem32DRIVERSavipbb.sys [135648 2013-12-17] (Avira Operations GmbH & Co. KG)R1 avkmgr; C:WINDOWSSystem32DRIVERSavkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)R2 BstHdDrv; C:Program FilesBlueStacksHD-Hypervisor-x86.sys [106256 2013-12-20] (BlueStack Systems)S3 CBPSp50; C:WINDOWSSystem32DriversCBPSp50.sys [27072 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))S3 CCDECODE; C:WINDOWSSystem32DRIVERSCCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)R1 cmderd; C:WINDOWSSystem32DRIVERScmderd.sys [15704 2014-03-25] (COMODO)R1 cmdGuard; C:WINDOWSSystem32DRIVERScmdguard.sys [607448 2014-03-25] (COMODO)R1 cmdHlp; C:WINDOWSSystem32DRIVERScmdhlp.sys [29912 2014-03-25] (COMODO)S3 gfiark; C:WINDOWSSystem32driversgfiark.sys [41584 2013-04-11] (ThreatTrack Security)R0 gfibto; C:WINDOWSSystem32driversgfibto.sys [13560 2013-03-28] (GFI Software)R0 giveio; C:WINDOWSSystem32giveio.sys [5248 1996-04-03] ()R3 GUCI_AVS; C:WINDOWSSystem32DRIVERSGUCI_AVS.sys [580992 2008-12-05] (PixArt Imaging Incorporation)R3 hamachi; C:WINDOWSSystem32DRIVERShamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)R0 Inspect; C:WINDOWSSystem32DRIVERSinspect.sys [104792 2014-03-25] (COMODO)R3 monfilt; C:WINDOWSSystem32driversmonfilt.sys [1389056 2008-02-14] (Creative Technology Ltd.)R3 MTsensor; C:WINDOWSSystem32DRIVERSASACPI.sys [5810 2004-08-13] ()S3 NdisIP; C:WINDOWSSystem32DRIVERSNdisIP.sys [10880 2008-04-14] (Microsoft Corporation)R3 NVHDA; C:WINDOWSSystem32driversnvhda32.sys [100712 2010-09-07] (NVIDIA Corporation)R3 PnkBstrK; C:WINDOWSsystem32driversPnkBstrK.sys [139048 2014-04-14] ()S3 rt2870; C:WINDOWSSystem32DRIVERSrt2870.sys [529408 2007-10-28] (Ralink Technology, Corp.)R1 SASDIFSV; C:Program FilesSUPERAntiSpywareSASDIFSV.SYS [12880 2011-08-04] (SUPERAdBlocker.com and SUPERAntiSpyware.com)R1 SASKUTIL; C:Program FilesSUPERAntiSpywareSASKUTIL.SYS [67664 2011-08-04] (SUPERAdBlocker.com and SUPERAntiSpyware.com)R0 sfsync04; C:WINDOWSSystem32driverssfsync04.sys [50176 2006-03-24] (Protection Technology (StarForce))R0 sfvfs02; C:WINDOWSSystem32driverssfvfs02.sys [63488 2005-11-03] (Protection Technology)R0 SmartDefragDriver; C:WINDOWSSystem32DriversSmartDefragDriver.sys [15808 2013-12-24] (IObit)R0 speedfan; C:WINDOWSSystem32speedfan.sys [25240 2011-03-18] (Almico Software)R0 sptd; C:WINDOWSSystem32Driverssptd.sys [466008 2012-12-08] (Duplex Secure Ltd.)R1 ssmdrv; C:WINDOWSSystem32DRIVERSssmdrv.sys [28520 2012-08-27] (Avira GmbH)R1 StarOpen; C:WINDOWSsystem32DriversStarOpen.sys [5632 2010-07-19] ()R3 VIAHdAudAddService; C:WINDOWSSystem32driversviahduaa.sys [1086208 2009-03-26] (VIA Technologies, Inc.)U3 abrqsxb2; C:WINDOWSsystem32Driversabrqsxb2.sys [0 ] (Microsoft Corporation)S0 52a70da2ad07dc37; SystemRootSystem32Drivers52a70da2ad07dc37.sys [X]S3 CBPMp50; System32DriversCBPMp50.sys [X]S3 esgiguard; No ImagePathS3 FairplayKD; ??C:Documents and SettingsAll UsersApplication DataMTA San Andreas AllCommontempFairplayKD.sys [X]S4 IntelIde; No ImagePathU5 ScsiPort; C:WINDOWSsystem32driversscsiport.sys [96384 2008-04-14] (Microsoft Corporation)S3 VBoxNetFlt; system32DRIVERSVBoxNetFlt.sys [X]U1 WS2IFSL; ==================== NetSvcs (Whitelisted) ======================================= One Month Created Files and Folders ========2014-04-14 13:28 - 2014-04-14 13:28 - 00000000 ____D () C:Documents and SettingsjivkoDesktopFRST-OlderVersion2014-04-13 20:10 - 2014-04-13 20:10 - 00000000 ____D () C:WINDOWSTasksImCleanDisabled2014-04-13 18:22 - 2014-04-13 18:22 - 23417398 _____ () C:Documents and SettingsjivkoDesktopPrezentacii.zip2014-04-13 18:18 - 2014-04-13 18:18 - 199172474 _____ () C:Documents and SettingsjivkoDesktopkefche's disk #2.zip2014-04-13 18:17 - 2014-04-13 18:17 - 00000496 _____ () C:Documents and SettingsjivkoDesktopShortcut to The.Best.Of.100.Power.Point.lnk2014-04-13 14:36 - 2014-04-13 14:36 - 00000000 ____D () C:Documents and SettingsjivkoStart MenuProgramsSisulizer2014-04-13 13:44 - 2014-04-13 15:45 - 00000000 ____D () C:Documents and SettingsjivkoApplication DataQTranslate2014-04-13 13:44 - 2014-04-13 13:44 - 00000000 ____D () C:Documents and SettingsjivkoStart MenuProgramsQTranslate2014-04-13 13:16 - 2014-04-14 13:29 - 00029438 _____ () C:Documents and SettingsjivkoDesktopFRST.txt2014-04-13 13:16 - 2014-04-13 13:17 - 00044926 _____ () C:Documents and SettingsjivkoDesktopAddition.txt2014-04-13 13:15 - 2014-04-14 13:29 - 00000000 ____D () C:FRST2014-04-13 13:15 - 2014-04-14 13:28 - 01146368 _____ (Farbar) C:Documents and SettingsjivkoDesktopFRST.exe2014-04-13 13:05 - 2014-04-13 13:05 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsStartup Manager2014-04-13 13:05 - 2014-04-13 13:05 - 00000000 ____D () C:Documents and SettingsAll UsersApplication DataStartup Manager2014-04-12 19:03 - 2014-04-12 19:03 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsMTA San Andreas 1.32014-04-12 19:03 - 2014-04-12 19:03 - 00000000 ____D () C:Documents and SettingsAll UsersApplication DataMTA San Andreas All2014-04-12 18:04 - 2014-04-13 16:16 - 00000000 ___RD () C:Documents and SettingsjivkoDesktopgtaSERVER.exe2014-04-12 15:21 - 2014-04-14 11:29 - 00000440 _____ () C:WINDOWSTasksCOMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job2014-04-12 15:03 - 2014-04-13 20:28 - 00065536 _____ () C:WINDOWSsystem32configCOMODO I.evt2014-04-12 10:44 - 2014-04-14 11:26 - 00000222 _____ () C:WINDOWSTasksMicrosoft Windows XP End of Service Notification Logon.job2014-04-12 10:44 - 2014-04-12 15:17 - 00000216 _____ () C:WINDOWSTasksMicrosoft Windows XP End of Service Notification Monthly.job2014-04-12 10:43 - 2014-04-12 10:43 - 00000000 _____ () C:asc_rdflag2014-04-11 22:18 - 2014-04-11 22:18 - 00000000 __SHD () C:Documents and SettingsLocalServiceIETldCache2014-04-11 13:35 - 2014-04-11 13:35 - 00013333 _____ () C:WINDOWSKB2936068-IE8.log2014-04-11 13:35 - 2014-04-11 13:35 - 00000000 __HDC () C:WINDOWS$NtUninstallKB2922229$2014-04-11 13:35 - 2014-03-06 20:59 - 11113472 ____N (Microsoft Corporation) C:WINDOWSsystem32SET11B.tmp2014-04-11 13:35 - 2014-03-06 20:59 - 06021632 ____N (Microsoft Corporation) C:WINDOWSsystem32SET113.tmp2014-04-11 13:35 - 2014-03-06 20:59 - 02006016 ____N (Microsoft Corporation) C:WINDOWSsystem32SET119.tmp2014-04-11 13:35 - 2014-03-06 20:59 - 01216000 ____N (Microsoft Corporation) C:WINDOWSsystem32SET10E.tmp2014-04-11 13:35 - 2014-03-06 20:59 - 00920064 ____N (Microsoft Corporation) C:WINDOWSsystem32SET10D.tmp2014-04-11 13:35 - 2014-03-06 20:59 - 00630272 ____N (Microsoft Corporation) C:WINDOWSsystem32SET115.tmp2014-04-11 13:35 - 2014-03-06 20:59 - 00105984 ____N (Microsoft Corporation) C:WINDOWSsystem32SET10F.tmp2014-04-11 13:35 - 2014-03-06 20:59 - 00055296 ____N (Microsoft Corporation) C:WINDOWSsystem32SET114.tmp2014-04-11 13:34 - 2014-04-11 13:35 - 00006558 _____ () C:WINDOWSKB2922229.log2014-04-11 13:34 - 2014-04-11 13:34 - 00006037 _____ () C:WINDOWSKB2929961.log2014-04-11 13:34 - 2014-04-11 13:34 - 00000000 __HDC () C:WINDOWS$NtUninstallKB2930275$2014-04-11 13:34 - 2014-04-11 13:34 - 00000000 __HDC () C:WINDOWS$NtUninstallKB2929961$2014-04-11 13:33 - 2014-04-11 13:34 - 00006597 _____ () C:WINDOWSKB2930275.log2014-04-11 13:33 - 2014-04-11 13:33 - 00005705 _____ () C:WINDOWSKB2934207.log2014-04-11 13:33 - 2014-04-11 13:33 - 00000000 __HDC () C:WINDOWS$NtUninstallKB2934207$2014-04-11 13:33 - 2014-02-26 04:59 - 00013312 ____N (Microsoft Corporation) C:WINDOWSsystem32xp_eos.exe2014-04-11 13:33 - 2014-02-26 04:59 - 00013312 ____C (Microsoft Corporation) C:WINDOWSsystem32dllcachexp_eos.exe2014-04-11 13:33 - 2013-09-04 14:28 - 00017272 ____N (Microsoft Corporation) C:WINDOWSsystem32spmsg.dll2014-04-11 13:33 - 2013-09-04 14:28 - 00017272 ____N (Microsoft Corporation) C:WINDOWSsystem32_000005_.tmp.dll2014-04-07 09:20 - 2014-04-13 18:10 - 00000000 ____D () C:Program FilesMozilla Firefox2014-04-06 18:04 - 2014-04-06 18:04 - 00000000 ____D () C:Documents and SettingsjivkoApplication DataStyle Jukebox Settings2014-04-06 17:50 - 2014-04-06 17:50 - 00000495 _____ () C:Documents and SettingsAll UsersDesktopVIVA Jukebox.lnk2014-04-06 17:49 - 2014-04-06 17:50 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsVIVA Jukebox2014-04-06 17:49 - 2014-04-06 17:49 - 00000000 ____D () C:WINDOWSsystem32Presets2014-03-28 21:51 - 2014-03-28 21:51 - 00000940 _____ () C:Documents and SettingsjivkoDesktopUntitled88.cpp2014-03-27 15:13 - 2014-03-27 15:13 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsnovaPDF Standard Desktop 72014-03-27 15:13 - 2014-03-19 16:08 - 00024864 _____ (Softland) C:WINDOWSsystem32novamns7.dll2014-03-27 15:13 - 2014-03-19 16:08 - 00021792 _____ (Softland) C:WINDOWSsystem32novamis7.dll2014-03-27 15:13 - 2014-01-10 16:42 - 00007549 _____ () C:WINDOWSsystem32novas7.ctm2014-03-26 21:44 - 2014-04-13 18:10 - 00000000 ___RD () C:Documents and SettingsjivkoDesktop 2014-03-25 16:38 - 2014-03-26 21:48 - 01522501 _____ () C:Documents and SettingsjivkoDesktopДвижението за национално освобождение.pptx2014-03-24 21:15 - 2014-03-24 21:15 - 00000000 ____D () C:Documents and SettingsjivkoStart MenuProgramsSan Andreas Multiplayer2014-03-24 21:07 - 2004-10-18 15:04 - 00161280 _____ (Firelight Technologies Pty, Ltd) C:WINDOWSsystem32fmod.dll2014-03-24 21:07 - 2004-08-06 14:49 - 00265785 _____ (RAD Game Tools, Inc.) C:WINDOWSsystem32pixomatic.dll2014-03-24 21:07 - 2004-01-06 11:43 - 00188416 _____ (Creative Technology Ltd) C:WINDOWSsystem32eax.dll2014-03-24 21:07 - 2003-01-30 07:04 - 01500160 _____ (Borland Corporation) C:WINDOWSsystem32cc3260mt.dll2014-03-24 21:07 - 2002-02-01 08:00 - 00022016 _____ (Borland Software Corporation) C:WINDOWSsystem32borlndmm.dll2014-03-24 21:07 - 2002-01-05 07:37 - 00344064 _____ (Microsoft Corporation) C:WINDOWSsystem32Msvcr70.dll2014-03-24 21:07 - 2002-01-05 04:40 - 00487424 _____ (Microsoft Corporation) C:WINDOWSsystem32Msvcp70.dll2014-03-24 21:07 - 2002-01-05 04:38 - 00054784 _____ (Microsoft Corporation) C:WINDOWSsystem32msvci70.dll2014-03-23 18:14 - 2014-03-23 18:14 - 00001739 _____ () C:Documents and SettingsAll UsersDesktopSony PC Companion 2.1.lnk2014-03-23 18:14 - 2014-03-23 18:14 - 00000000 ____D () C:Program FilesSony2014-03-23 18:14 - 2014-03-23 18:14 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsSony2014-03-23 18:14 - 2014-03-23 18:14 - 00000000 ____D () C:Documents and SettingsAll UsersApplication DataSony2014-03-23 17:53 - 2014-03-22 14:15 - 00002203 _____ () C:Documents and SettingsjivkoDesktopUntitled88.o2014-03-23 17:52 - 2014-03-22 13:36 - 00909638 _____ () C:Documents and SettingsjivkoDesktopMy Computer.exe2014-03-21 20:36 - 2014-03-21 20:47 - 00000000 ____D () C:Documents and SettingsjivkoApplication DataQtProject2014-03-21 20:35 - 2014-03-21 20:35 - 00000000 ____D () C:Documents and SettingsjivkoStart MenuProgramsQt 5.2.12014-03-21 17:03 - 2014-03-21 17:03 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsuGet VGI2014-03-19 19:33 - 2014-03-19 19:44 - 00000000 ____D () C:Documents and SettingsjivkoMy DocumentsJustCause2014-03-19 19:14 - 2014-03-19 19:14 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsKAPITALSIN2014-03-18 21:29 - 2014-03-18 21:41 - 00000000 ____D () C:Documents and SettingsjivkoLocal SettingsApplication DataRockstar Games2014-03-18 21:26 - 2014-03-24 21:10 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsRockstar Games2014-03-18 21:15 - 2014-03-18 21:15 - 00000000 ____D () C:WINDOWSsystem32xlive2014-03-18 21:15 - 2014-03-18 21:15 - 00000000 ____D () C:Program FilesMicrosoft Games for Windows - LIVE2014-03-18 19:57 - 2014-03-24 21:15 - 00000000 ____D () C:Documents and SettingsjivkoMy DocumentsGTA San Andreas User Files2014-03-16 11:59 - 2014-03-16 11:59 - 00000000 ____D () C:Documents and Settingsjivko.android2014-03-15 21:17 - 2014-03-15 21:17 - 00001637 _____ () C:Documents and SettingsjivkoDesktopUntitled8#2.cpp2014-03-15 19:05 - 2014-03-28 20:08 - 00114357 _____ () C:Documents and SettingsjivkoDesktopUntitled8.obj==================== One Month Modified Files and Folders =======2014-04-14 13:29 - 2014-04-13 13:16 - 00029438 _____ () C:Documents and SettingsjivkoDesktopFRST.txt2014-04-14 13:29 - 2014-04-13 13:15 - 00000000 ____D () C:FRST2014-04-14 13:28 - 2014-04-14 13:28 - 00000000 ____D () C:Documents and SettingsjivkoDesktopFRST-OlderVersion2014-04-14 13:28 - 2014-04-13 13:15 - 01146368 _____ (Farbar) C:Documents and SettingsjivkoDesktopFRST.exe2014-04-14 13:20 - 2012-07-01 19:09 - 00000830 _____ () C:WINDOWSTasksAdobe Flash Player Updater.job2014-04-14 13:11 - 2009-12-05 19:43 - 00000984 _____ () C:WINDOWSTasksGoogleUpdateTaskMachineUA.job2014-04-14 12:59 - 2010-09-25 19:09 - 00282296 _____ () C:WINDOWSsystem32PnkBstrB.xtr2014-04-14 12:59 - 2010-09-25 19:04 - 00139048 _____ () C:WINDOWSsystem32DriversPnkBstrK.sys2014-04-14 12:59 - 2010-09-25 19:03 - 00282296 _____ () C:WINDOWSsystem32PnkBstrB.exe2014-04-14 12:51 - 2013-12-08 19:29 - 00000000 ____D () C:Documents and SettingsLocalServiceLocal SettingsApplication DataLogMeIn Hamachi2014-04-14 12:51 - 2013-06-13 15:02 - 00000440 _____ () C:WINDOWSTasksCOMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job2014-04-14 11:29 - 2014-04-12 15:21 - 00000440 _____ () C:WINDOWSTasksCOMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job2014-04-14 11:29 - 2014-02-13 15:38 - 00000278 _____ () C:WINDOWSTasksSmartDefrag3_Update.job2014-04-14 11:29 - 2014-01-09 21:06 - 00000429 _____ () C:WINDOWSsystem32Driversetchosts.ics2014-04-14 11:29 - 2013-02-28 09:24 - 00000260 _____ () C:WINDOWSTasksWGASetup.job2014-04-14 11:28 - 2013-12-08 19:29 - 00000000 ____D () C:Documents and SettingsjivkoLocal SettingsApplication DataLogMeIn Hamachi2014-04-14 11:28 - 2013-10-22 15:59 - 00000000 ____D () C:Documents and SettingsjivkoApplication DataDropbox2014-04-14 11:28 - 2009-11-10 15:48 - 01424342 _____ () C:WINDOWSWindowsUpdate.log2014-04-14 11:27 - 2013-06-21 09:44 - 00000159 _____ () C:WINDOWSwiadebug.log2014-04-14 11:27 - 2013-06-21 09:44 - 00000052 _____ () C:WINDOWSwiaservc.log2014-04-14 11:26 - 2014-04-12 10:44 - 00000222 _____ () C:WINDOWSTasksMicrosoft Windows XP End of Service Notification Logon.job2014-04-14 11:26 - 2014-02-18 16:01 - 00000394 _____ () C:WINDOWSTasksProgramUpdateCheck.job2014-04-14 11:26 - 2014-02-18 16:01 - 00000378 _____ () C:WINDOWSTasksFreeFileViewerUpdateChecker.job2014-04-14 11:26 - 2014-01-10 19:22 - 00000278 _____ () C:WINDOWSTasksGame_Booster_AutoUpdate.job2014-04-14 11:26 - 2013-06-13 09:57 - 00000000 ____D () C:Documents and SettingsjivkoApplication DataIObit2014-04-14 11:26 - 2009-12-05 19:43 - 00000980 _____ () C:WINDOWSTasksGoogleUpdateTaskMachineCore.job2014-04-14 11:26 - 2009-11-10 15:51 - 00000006 ____H () C:WINDOWSTasksSA.DAT2014-04-13 20:28 - 2014-04-12 15:03 - 00065536 _____ () C:WINDOWSsystem32configCOMODO I.evt2014-04-13 20:28 - 2014-01-05 22:05 - 00476016 _____ () C:Documents and SettingsLocalServiceLocal SettingsApplication DataFontCache3.0.0.0.dat2014-04-13 20:28 - 2010-11-25 23:44 - 00000314 _____ () C:WINDOWSNetWatcherPro.ini2014-04-13 20:28 - 2009-11-10 15:51 - 00032544 _____ () C:WINDOWSSchedLgU.Txt2014-04-13 20:10 - 2014-04-13 20:10 - 00000000 ____D () C:WINDOWSTasksImCleanDisabled2014-04-13 19:14 - 2010-09-25 19:03 - 00282296 _____ () C:WINDOWSsystem32PnkBstrB.ex02014-04-13 18:32 - 2010-02-27 17:00 - 00000000 ____D () C:Documents and SettingsjivkoApplication DataMedia Player Classic2014-04-13 18:32 - 2009-11-10 19:42 - 00000000 ____D () C:Documents and SettingsjivkoApplication DatauTorrent2014-04-13 18:32 - 2009-11-10 16:49 - 00000000 ____D () C:Program FilesWinamp2014-04-13 18:28 - 2013-11-27 14:04 - 00000000 ____D () C:Documents and SettingsAll UsersApplication DataProductData2014-04-13 18:22 - 2014-04-13 18:22 - 23417398 _____ () C:Documents and SettingsjivkoDesktopPrezentacii.zip2014-04-13 18:22 - 2014-03-09 21:51 - 00000000 ____D () C:Documents and SettingsjivkoDesktopC++2014-04-13 18:22 - 2013-02-25 16:38 - 00000000 ____D () C:Documents and SettingsjivkoDesktopАнтивирусни програми2014-04-13 18:18 - 2014-04-13 18:18 - 199172474 _____ () C:Documents and SettingsjivkoDesktopkefche's disk #2.zip2014-04-13 18:17 - 2014-04-13 18:17 - 00000496 _____ () C:Documents and SettingsjivkoDesktopShortcut to The.Best.Of.100.Power.Point.lnk2014-04-13 18:10 - 2014-04-07 09:20 - 00000000 ____D () C:Program FilesMozilla Firefox2014-04-13 18:10 - 2014-03-26 21:44 - 00000000 ___RD () C:Documents and SettingsjivkoDesktop 2014-04-13 18:10 - 2014-01-11 17:05 - 00000000 ____D () C:Documents and SettingsjivkoMy DocumentsEuro Truck Simulator 22014-04-13 18:10 - 2014-01-11 16:58 - 00000000 ____D () C:Documents and SettingsAll UsersDocumentsDaossoft RAR Password Recovery2014-04-13 18:10 - 2013-08-05 17:17 - 00000000 ____D () C:Documents and SettingsjivkoLocal SettingsApplication DataWarframe2014-04-13 18:10 - 2013-03-16 18:04 - 00000000 ____D () C:Documents and SettingsjivkoLocal SettingsApplication Datagctmp2014-04-13 18:10 - 2013-02-25 16:39 - 00000000 ____D () C:Documents and SettingsjivkoDesktopИгри2014-04-13 18:10 - 2013-01-28 13:07 - 00000000 ____D () C:Documents and SettingsjivkoDesktopРазни неща2014-04-13 18:10 - 2011-01-06 16:39 - 00000000 ____D () C:Program FilesNeighbours From Hell 52014-04-13 18:10 - 2010-11-25 19:52 - 00000000 ____D () C:Program FilesNetWatcherPro2014-04-13 18:10 - 2010-07-18 17:54 - 00000000 ____D () C:Program FilesFinePixViewer2014-04-13 18:10 - 2009-11-11 11:14 - 00000000 ____D () C:Documents and SettingsjivkoMy DocumentsИзтегляния2014-04-13 18:10 - 2009-11-10 16:24 - 00000000 ____D () C:Program FilesK-Lite Codec Pack2014-04-13 18:10 - 2009-11-10 16:23 - 00000000 ____D () C:Program FilesWinRAR2014-04-13 17:59 - 2013-07-04 11:53 - 00005342 _____ () C:WINDOWSsetupact.log2014-04-13 17:48 - 2009-11-10 17:06 - 00000000 ____D () C:Documents and SettingsjivkoApplication DataSkype2014-04-13 16:47 - 2010-11-03 21:38 - 00000000 ____D () C:WINDOWSsystem32NtmsData2014-04-13 16:16 - 2014-04-12 18:04 - 00000000 ___RD () C:Documents and SettingsjivkoDesktopgtaSERVER.exe2014-04-13 15:45 - 2014-04-13 13:44 - 00000000 ____D () C:Documents and SettingsjivkoApplication DataQTranslate2014-04-13 15:03 - 2014-02-18 16:03 - 00000000 ____D () C:Documents and SettingsLocalServiceLocal SettingsApplication DataFileTypeAssistant2014-04-13 15:03 - 2014-02-18 16:01 - 00000450 _____ () C:WINDOWSTasksProgramRefresh-ATFST.job2014-04-13 15:03 - 2014-02-18 16:01 - 00000000 ____D () C:Program FilesFile Type Assistant2014-04-13 14:36 - 2014-04-13 14:36 - 00000000 ____D () C:Documents and SettingsjivkoStart MenuProgramsSisulizer2014-04-13 13:44 - 2014-04-13 13:44 - 00000000 ____D () C:Documents and SettingsjivkoStart MenuProgramsQTranslate2014-04-13 13:37 - 2009-11-10 16:00 - 00000000 ___HD () C:Program FilesInstallShield Installation Information2014-04-13 13:17 - 2014-04-13 13:16 - 00044926 _____ () C:Documents and SettingsjivkoDesktopAddition.txt2014-04-13 13:05 - 2014-04-13 13:05 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsStartup Manager2014-04-13 13:05 - 2014-04-13 13:05 - 00000000 ____D () C:Documents and SettingsAll UsersApplication DataStartup Manager2014-04-13 12:51 - 2013-11-27 14:04 - 00000866 _____ () C:Documents and SettingsjivkoStart MenuUninstall Programs.lnk2014-04-13 12:51 - 2013-06-13 10:01 - 00000000 ____D () C:Program FilesIObit2014-04-13 12:23 - 2009-11-10 15:47 - 00000000 ____D () C:WINDOWSRegistration2014-04-12 19:03 - 2014-04-12 19:03 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsMTA San Andreas 1.32014-04-12 19:03 - 2014-04-12 19:03 - 00000000 ____D () C:Documents and SettingsAll UsersApplication DataMTA San Andreas All2014-04-12 17:10 - 2009-11-10 16:49 - 00000132 _____ () C:WINDOWSwinamp.ini2014-04-12 15:17 - 2014-04-12 10:44 - 00000216 _____ () C:WINDOWSTasksMicrosoft Windows XP End of Service Notification Monthly.job2014-04-12 15:16 - 2013-06-14 15:32 - 00241744 _____ () C:WINDOWSsystem32Driversfvstore.dat2014-04-12 10:44 - 2009-11-10 23:40 - 00285312 _____ () C:WINDOWSsystem32FNTCACHE.DAT2014-04-12 10:44 - 2001-08-23 17:00 - 00002206 _____ () C:WINDOWSsystem32wpa.dbl2014-04-12 10:43 - 2014-04-12 10:43 - 00000000 _____ () C:asc_rdflag2014-04-12 10:43 - 2013-11-30 17:05 - 43896832 _____ () C:WINDOWSsystem32configsoftware.iodefrag.bak2014-04-12 10:43 - 2013-11-30 17:05 - 00331776 _____ () C:WINDOWSsystem32configdefault.iodefrag.bak2014-04-12 10:43 - 2013-11-30 17:05 - 00053248 _____ () C:WINDOWSsystem32configSECURITY.iodefrag.bak2014-04-12 10:43 - 2013-11-30 17:05 - 00028672 _____ () C:WINDOWSsystem32configSAM.iodefrag.bak2014-04-11 22:19 - 2009-11-10 15:51 - 00000000 __SHD () C:Documents and SettingsLocalService2014-04-11 22:18 - 2014-04-11 22:18 - 00000000 __SHD () C:Documents and SettingsLocalServiceIETldCache2014-04-11 20:12 - 2013-01-27 14:05 - 00000000 ____D () C:Documents and SettingsjivkoApplication Data.minecraft2014-04-11 19:10 - 2013-04-15 19:59 - 00000000 ____D () C:Documents and SettingsjivkoStart MenuProgramsUbisoft2014-04-11 19:10 - 2013-04-15 19:59 - 00000000 ____D () C:Documents and SettingsjivkoLocal SettingsApplication DataDeployment2014-04-11 13:35 - 2014-04-11 13:35 - 00013333 _____ () C:WINDOWSKB2936068-IE8.log2014-04-11 13:35 - 2014-04-11 13:35 - 00000000 __HDC () C:WINDOWS$NtUninstallKB2922229$2014-04-11 13:35 - 2014-04-11 13:34 - 00006558 _____ () C:WINDOWSKB2922229.log2014-04-11 13:35 - 2013-08-03 18:53 - 00027405 _____ () C:WINDOWSupdspapi.log2014-04-11 13:35 - 2013-07-04 11:53 - 00354075 _____ () C:WINDOWSiis6.log2014-04-11 13:35 - 2013-07-04 11:53 - 00327732 _____ () C:WINDOWSFaxSetup.log2014-04-11 13:35 - 2013-07-04 11:53 - 00156668 _____ () C:WINDOWSocgen.log2014-04-11 13:35 - 2013-07-04 11:53 - 00149539 _____ () C:WINDOWStsoc.log2014-04-11 13:35 - 2013-07-04 11:53 - 00108578 _____ () C:WINDOWScomsetup.log2014-04-11 13:35 - 2013-07-04 11:53 - 00100078 _____ () C:WINDOWSmsmqinst.log2014-04-11 13:35 - 2013-07-04 11:53 - 00065774 _____ () C:WINDOWSntdtcsetup.log2014-04-11 13:35 - 2013-07-04 11:53 - 00057399 _____ () C:WINDOWSnetfxocm.log2014-04-11 13:35 - 2013-07-04 11:53 - 00022525 _____ () C:WINDOWSMedCtrOC.log2014-04-11 13:35 - 2013-07-04 11:53 - 00018126 _____ () C:WINDOWSocmsn.log2014-04-11 13:35 - 2013-07-04 11:53 - 00016483 _____ () C:WINDOWStabletoc.log2014-04-11 13:35 - 2013-07-04 11:53 - 00016377 _____ () C:WINDOWSmsgsocm.log2014-04-11 13:35 - 2013-07-04 11:53 - 00001374 _____ () C:WINDOWSimsins.log2014-04-11 13:35 - 2013-07-04 11:53 - 00001374 _____ () C:WINDOWSimsins.BAK2014-04-11 13:35 - 2013-02-28 09:31 - 00000000 ____D () C:WINDOWSie8updates2014-04-11 13:34 - 2014-04-11 13:34 - 00006037 _____ () C:WINDOWSKB2929961.log2014-04-11 13:34 - 2014-04-11 13:34 - 00000000 __HDC () C:WINDOWS$NtUninstallKB2930275$2014-04-11 13:34 - 2014-04-11 13:34 - 00000000 __HDC () C:WINDOWS$NtUninstallKB2929961$2014-04-11 13:34 - 2014-04-11 13:33 - 00006597 _____ () C:WINDOWSKB2930275.log2014-04-11 13:33 - 2014-04-11 13:33 - 00005705 _____ () C:WINDOWSKB2934207.log2014-04-11 13:33 - 2014-04-11 13:33 - 00000000 __HDC () C:WINDOWS$NtUninstallKB2934207$2014-04-11 13:33 - 2014-02-10 08:18 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsHyperCam 32014-04-11 13:33 - 2014-01-13 16:36 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsPinnacle Game Profiler2014-04-11 13:29 - 2013-11-30 15:16 - 43896832 _____ () C:WINDOWSsystem32configsoftware.iobit2014-04-11 13:29 - 2013-11-30 15:16 - 00331776 _____ () C:WINDOWSsystem32configdefault.iobit2014-04-11 13:29 - 2013-11-30 15:16 - 00053248 _____ () C:WINDOWSsystem32configSECURITY.iobit2014-04-11 13:29 - 2013-11-30 15:16 - 00028672 _____ () C:WINDOWSsystem32configSAM.iobit2014-04-11 13:29 - 2009-11-10 15:52 - 00000000 ____D () C:Documents and Settingsjivko2014-04-11 13:29 - 2009-11-10 15:51 - 00000000 __SHD () C:Documents and SettingsNetworkService2014-04-09 17:39 - 2010-11-03 22:43 - 00000664 _____ () C:WINDOWSsystem32d3d9caps.dat2014-04-08 12:38 - 2012-04-24 19:35 - 00000000 ____D () C:Program FilesMozilla Maintenance Service2014-04-06 18:04 - 2014-04-06 18:04 - 00000000 ____D () C:Documents and SettingsjivkoApplication DataStyle Jukebox Settings2014-04-06 17:50 - 2014-04-06 17:50 - 00000495 _____ () C:Documents and SettingsAll UsersDesktopVIVA Jukebox.lnk2014-04-06 17:50 - 2014-04-06 17:49 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsVIVA Jukebox2014-04-06 17:49 - 2014-04-06 17:49 - 00000000 ____D () C:WINDOWSsystem32Presets2014-04-06 16:38 - 2013-08-10 11:23 - 00000000 ____D () C:Documents and SettingsjivkoLocal SettingsApplication DataAkamai2014-04-06 16:38 - 2009-11-10 23:41 - 00594932 _____ () C:WINDOWSsystem32PerfStringBackup.INI2014-03-28 21:51 - 2014-03-28 21:51 - 00000940 _____ () C:Documents and SettingsjivkoDesktopUntitled88.cpp2014-03-28 21:51 - 2014-02-20 15:19 - 00000000 ____D () C:Documents and SettingsjivkoApplication DataCodeBlocks2014-03-28 20:16 - 2001-08-23 17:00 - 00001374 _____ () C:WINDOWSwin.ini2014-03-28 20:08 - 2014-03-15 19:05 - 00114357 _____ () C:Documents and SettingsjivkoDesktopUntitled8.obj2014-03-28 12:18 - 2013-12-19 16:44 - 00000000 ____D () C:Program FilesMicrosoft Silverlight2014-03-27 20:20 - 2013-12-19 16:44 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsMicrosoft Silverlight2014-03-27 15:13 - 2014-03-27 15:13 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsnovaPDF Standard Desktop 72014-03-26 21:48 - 2014-03-25 16:38 - 01522501 _____ () C:Documents and SettingsjivkoDesktopДвижението за национално освобождение.pptx2014-03-26 19:34 - 2013-09-19 16:27 - 00000000 ____D () C:Documents and SettingsjivkoApplication Datavlc2014-03-25 22:22 - 2013-04-25 11:05 - 00104792 _____ (COMODO) C:WINDOWSsystem32Driversinspect.sys2014-03-25 22:22 - 2013-04-23 15:04 - 00363504 _____ (COMODO) C:WINDOWSsystem32guard32.dll2014-03-25 22:22 - 2013-04-15 18:39 - 00607448 _____ (COMODO) C:WINDOWSsystem32DriverscmdGuard.sys2014-03-25 22:22 - 2013-04-15 18:39 - 00029912 _____ (COMODO) C:WINDOWSsystem32Driverscmdhlp.sys2014-03-25 22:22 - 2013-04-15 18:39 - 00015704 _____ (COMODO) C:WINDOWSsystem32Driverscmderd.sys2014-03-25 22:22 - 2013-04-15 18:38 - 00284888 _____ (COMODO) C:WINDOWSsystem32cmdvrt32.dll2014-03-25 22:22 - 2013-04-15 18:38 - 00040664 _____ (COMODO) C:WINDOWSsystem32cmdkbd32.dll2014-03-25 22:22 - 2013-04-15 18:38 - 00036000 _____ (COMODO) C:WINDOWSsystem32cmdcsr.dll2014-03-25 18:01 - 2011-09-13 16:01 - 00702976 ___SH () C:Documents and SettingsjivkoDesktopThumbs.db2014-03-24 21:15 - 2014-03-24 21:15 - 00000000 ____D () C:Documents and SettingsjivkoStart MenuProgramsSan Andreas Multiplayer2014-03-24 21:15 - 2014-03-18 19:57 - 00000000 ____D () C:Documents and SettingsjivkoMy DocumentsGTA San Andreas User Files2014-03-24 21:10 - 2014-03-18 21:26 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsRockstar Games2014-03-23 18:19 - 2013-07-04 11:55 - 00743032 _____ () C:WINDOWSDPINST.LOG2014-03-23 18:14 - 2014-03-23 18:14 - 00001739 _____ () C:Documents and SettingsAll UsersDesktopSony PC Companion 2.1.lnk2014-03-23 18:14 - 2014-03-23 18:14 - 00000000 ____D () C:Program FilesSony2014-03-23 18:14 - 2014-03-23 18:14 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsSony2014-03-23 18:14 - 2014-03-23 18:14 - 00000000 ____D () C:Documents and SettingsAll UsersApplication DataSony2014-03-23 18:11 - 2013-06-20 21:30 - 00520406 _____ () C:WINDOWSsetupapi.log2014-03-23 18:05 - 2009-12-07 14:31 - 00099328 _____ () C:Documents and SettingsjivkoLocal SettingsApplication DataDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini2014-03-22 14:15 - 2014-03-23 17:53 - 00002203 _____ () C:Documents and SettingsjivkoDesktopUntitled88.o2014-03-22 13:36 - 2014-03-23 17:52 - 00909638 _____ () C:Documents and SettingsjivkoDesktopMy Computer.exe2014-03-21 20:47 - 2014-03-21 20:36 - 00000000 ____D () C:Documents and SettingsjivkoApplication DataQtProject2014-03-21 20:35 - 2014-03-21 20:35 - 00000000 ____D () C:Documents and SettingsjivkoStart MenuProgramsQt 5.2.12014-03-21 17:03 - 2014-03-21 17:03 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsuGet VGI2014-03-21 17:03 - 2014-03-04 18:37 - 00000444 _____ () C:Documents and SettingsAll UsersDesktopuGet.lnk2014-03-19 19:44 - 2014-03-19 19:33 - 00000000 ____D () C:Documents and SettingsjivkoMy DocumentsJustCause2014-03-19 19:14 - 2014-03-19 19:14 - 00000000 ____D () C:Documents and SettingsAll UsersStart MenuProgramsKAPITALSIN2014-03-19 16:08 - 2014-03-27 15:13 - 00024864 _____ (Softland) C:WINDOWSsystem32novamns7.dll2014-03-19 16:08 - 2014-03-27 15:13 - 00021792 _____ (Softland) C:WINDOWSsystem32novamis7.dll2014-03-19 11:15 - 2013-07-04 11:54 - 00003552 _____ () C:WINDOWSspupdsvc.log2014-03-18 21:41 - 2014-03-18 21:29 - 00000000 ____D () C:Documents and SettingsjivkoLocal SettingsApplication DataRockstar Games2014-03-18 21:31 - 2013-10-05 14:50 - 00107888 _____ (Sony DADC Austria AG.) C:WINDOWSsystem32CmdLineExt.dll2014-03-18 21:26 - 2013-07-04 11:53 - 00061195 _____ () C:WINDOWSWMFDist11.log2014-03-18 21:17 - 2013-07-04 11:52 - 00016598 _____ () C:WINDOWSWudf01000Inst.log2014-03-18 21:16 - 2013-10-05 14:44 - 00160125 _____ () C:WINDOWSDirectX.log2014-03-18 21:16 - 2009-11-10 15:48 - 00000000 ____D () C:WINDOWSsystem32DirectX2014-03-18 21:15 - 2014-03-18 21:15 - 00000000 ____D () C:WINDOWSsystem32xlive2014-03-18 21:15 - 2014-03-18 21:15 - 00000000 ____D () C:Program FilesMicrosoft Games for Windows - LIVE2014-03-18 20:02 - 2009-11-29 17:25 - 00000116 _____ () C:WINDOWSNeroDigital.ini2014-03-16 11:59 - 2014-03-16 11:59 - 00000000 ____D () C:Documents and Settingsjivko.android2014-03-16 11:59 - 2009-11-10 16:32 - 00000000 ____D () C:Documents and SettingsjivkoLocal SettingsApplication DataMozilla2014-03-16 11:59 - 2009-11-10 16:32 - 00000000 ____D () C:Documents and SettingsjivkoApplication DataMozilla2014-03-15 21:17 - 2014-03-15 21:17 - 00001637 _____ () C:Documents and SettingsjivkoDesktopUntitled8#2.cppFiles to move or delete:====================C:Documents and SettingsjivkoApplication DataCamLayout.iniC:Documents and SettingsjivkoApplication DataCamShapes.iniC:Documents and SettingsjivkoTempWmicBatchFile.batSome content of TEMP:====================C:Documents and SettingsjivkoLocal SettingsTempAcDeltree.exeC:Documents and SettingsjivkoLocal SettingsTempAutoRun.exeC:Documents and SettingsjivkoLocal SettingsTempAutoRunGUI.dllC:Documents and SettingsjivkoLocal SettingsTempavgnt.exeC:Documents and SettingsjivkoLocal SettingsTempCH.dllC:Documents and SettingsjivkoLocal SettingsTempdrm_dyndata_7370014.dllC:Documents and SettingsjivkoLocal SettingsTempDTLite4481-0347.exeC:Documents and SettingsjivkoLocal SettingsTempFreeFileViewerSetup.exeC:Documents and SettingsjivkoLocal SettingsTempi4jdel0.exeC:Documents and SettingsjivkoLocal SettingsTempIcqUpdater.exeC:Documents and SettingsjivkoLocal SettingsTempjre-7u51-windows-i586-iftw.exeC:Documents and SettingsjivkoLocal SettingsTempose00000.exeC:Documents and SettingsjivkoLocal SettingsTempResource_AcceptRate.exeC:Documents and SettingsjivkoLocal SettingsTempResource_Toolbar.exeC:Documents and SettingsjivkoLocal SettingsTempUninstall.exeC:Documents and SettingsjivkoLocal SettingsTemputt49B.tmp.exeC:Documents and SettingsjivkoLocal SettingsTemp_is1EE.exeC:Documents and SettingsxxxLocal SettingsTempavgnt.exe==================== Bamital & volsnap Check =================C:WINDOWSexplorer.exe => MD5 is legitC:WINDOWSsystem32winlogon.exe => MD5 is legitC:WINDOWSsystem32svchost.exe => MD5 is legitC:WINDOWSsystem32services.exe => MD5 is legitC:WINDOWSsystem32User32.dll => MD5 is legitC:WINDOWSsystem32userinit.exe => MD5 is legitC:WINDOWSsystem32rpcss.dll => MD5 is legitC:WINDOWSsystem32Driversvolsnap.sys => MD5 is legit==================== End Of Log ============================

Качил съм и Addition лога.

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Публикувано изображение Изтеглете прикачения файл и го запазете там, където сте свалили FRST.exe => fixlist.txt
Стартирайте отново FRST.exe и натиснете бутона Fix веднъж и изчакайте.
Ще се създаде нов лог файла FixLog.txt. Прикачете съдържанието му в следващия си коментар.

 

 

След това:

 

Публикувано изображениеМоля, изтеглете и стартирайте програмата AdwCleaner(by Xplode):

  • [*]Затворете всички стартирани програми и браузъри [*]Кликнете два пъти върху
adwcleaner.exe за да стартирате инструмента. [*]Натиснете OK, за да потвърдите, че всички стартирани програми ще бъдат затворени. [*]Маркирайте Clean [*]Вашият компютър ще се рестартира автоматично. Текстовия файл ще се отвори след рестарта. [*]Моля, да публикувате съдържанието на този лог в отговора си [*]Можете да намерите лога,който автоматично се запомня тук C:AdwCleaner[s0].txt

Публикувано изображение

Публикувано изображение Моля, изтеглете Junkware Removal Tool (by Thisisu ) и запазете на вашия десктоп.

  • [*]Спрете временно работата на защитните програми. [*]Стартирайте инструмента
JRT.exe [*]Ще се отвори ДОС прозорец. Натиснете което и да е копче от клавиатурата. [*]Затворете излишните приложения и всички браузъри и изчакайте проверката да завърши. [*]Ще се появи лог файл (който можете да намерите и ръчно на десктопа с името JRT.txt). [*]Моля копирайте съдържанието на лог файла в следващия си пост.

Публикувано изображение


Публикувано изображение  Моля, изтеглете Malwarebytes Anti -Malware и го запомнете на вашия работен плот .
  Кликнете два пъти върху mbam-setup-consumer-2.0.0.1000.exe и следвайте инструкциите, за да инсталирате програмата .
  В краяна инсатлацията  , трябва да има отметка на следното :

  • [*]Launch Malwarebytes Anti-Malware (Стартиране на Malwarebytes Anti -Malware) [*]14-дневен пробен период  е предварително избран . Можете да премахнете отметката от това, ако желаете, това няма да се ограничи възможностите за сканиране и премахване на програмата.

Щракнете върху Finish.

  • [*]В секцията
Settings = > Detection and Protection => Detection Options, се поставя отметка в квадратчето 'Scan for rootkits'. [*]В главния прозорец на програмата , щракнете върху 'Update Now' [*]След актуализацията завърши, кликнете на бутона " 'Scan Now  " . [*]Ако има налична актуализация , щракнете върху бутона Update Now button . [*]Ще стартира Threat Scan. [*]Когато сканирането приключи, ако има някакви открити зарази , щракнете върху Apply Actions за да се позволи на Mbam да почисти засеченото. . [*]В повечето случаи , ще се изиска рестартиране [*]   След рестарта ,стартирайте Mbam още веднъж. [*]   Кликнете на History tab > Application Logs . [*]   Кликнете два пъти върху реда , който показва датата и часа на сканирането . [*]   Кликнете върху " Copy да Clipboard " [*]   Поставете  съдържанието на клипборда в следващия си  отговор.  

 

 

Публикувано изображение Изтеглете Security Check (автор: screen317) от тук

  • [*]Кликнете два пъти върху
SecurityCheck.exe и следвайте инструкциите. [*]Когато програмата завърши работата си, ще се отвори един текстов документ: checkup.txt. [*]Копирайте съдържанието на checkup.txt с Копирай (Copy) и с Постави (Paste) го поставете в следващия си коментар.

 

 

За финал,подгответе свежи дневници с програмата Farbar Recovery Scan Tool..!

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Публикувано изображение Изтеглете прикачения файл и го запазете там, където сте свалили FRST.exe => Публикувано изображениеfixlist.txt

Стартирайте отново FRST.exe и натиснете бутона Fix веднъж и изчакайте.

Ще се създаде нов лог файла FixLog.txt. Прикачете съдържанието му в следващия си коментар.

 

 

След това:

 

Публикувано изображениеМоля, изтеглете и стартирайте програмата AdwCleaner(by Xplode):

[*]Затворете всички стартирани програми и браузъри

[*]Кликнете два пъти върху adwcleaner.exe за да стартирате инструмента.

[*]Натиснете OK, за да потвърдите, че всички стартирани програми ще бъдат затворени.

[*]Маркирайте Clean

[*]Вашият компютър ще се рестартира автоматично. Текстовия файл ще се отвори след рестарта.

[*]Моля, да публикувате съдържанието на този лог в отговора си

[*]Можете да намерите лога,който автоматично се запомня тук C:AdwCleaner[s0].txt

Публикувано изображение

Публикувано изображение Моля, изтеглете Junkware Removal Tool (by Thisisu ) и запазете на вашия десктоп.

[*]Спрете временно работата на защитните програми.

[*]Стартирайте инструмента JRT.exe

[*]Ще се отвори ДОС прозорец. Натиснете което и да е копче от клавиатурата.

[*]Затворете излишните приложения и всички браузъри и изчакайте проверката да завърши.

[*]Ще се появи лог файл (който можете да намерите и ръчно на десктопа с името JRT.txt).

[*]Моля копирайте съдържанието на лог файла в следващия си пост.

Публикувано изображение

Публикувано изображение  Моля, изтеглете Malwarebytes Anti -Malware и го запомнете на вашия работен плот .

  Кликнете два пъти върху mbam-setup-consumer-2.0.0.1000.exe и следвайте инструкциите, за да инсталирате програмата .

  В краяна инсатлацията  , трябва да има отметка на следното :

[*]Launch Malwarebytes Anti-Malware (Стартиране на Malwarebytes Anti -Malware)

[*]14-дневен пробен период  е предварително избран . Можете да премахнете отметката от това, ако желаете, това няма да се ограничи възможностите за сканиране и премахване на програмата.

Щракнете върху Finish.

[*]В секцията Settings = > Detection and Protection => Detection Options, се поставя отметка в квадратчето 'Scan for rootkits'.

[*]В главния прозорец на програмата , щракнете върху 'Update Now'

[*]След актуализацията завърши, кликнете на бутона " 'Scan Now  " .

[*]Ако има налична актуализация , щракнете върху бутона Update Now button .

[*]Ще стартира Threat Scan.

[*]Когато сканирането приключи, ако има някакви открити зарази , щракнете върху Apply Actions за да се позволи на Mbam да почисти засеченото. .

[*]В повечето случаи , ще се изиска рестартиране

[*]   След рестарта ,стартирайте Mbam още веднъж.

[*]   Кликнете на History tab > Application Logs .

[*]   Кликнете два пъти върху реда , който показва датата и часа на сканирането .

[*]   Кликнете върху " Copy да Clipboard "

[*]   Поставете  съдържанието на клипборда в следващия си  отговор.  

 

 

Публикувано изображение Изтеглете Security Check (автор: screen317) от тук

[*]Кликнете два пъти върху SecurityCheck.exe и следвайте инструкциите.

[*]Когато програмата завърши работата си, ще се отвори един текстов документ: checkup.txt.

[*]Копирайте съдържанието на checkup.txt с Копирай (Copy) и с Постави (Paste) го поставете в следващия си коментар.

 

 

За финал,подгответе свежи дневници с програмата Farbar Recovery Scan Tool..!

За да е по-кратко, ще коментирам за части. 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 14-04-2014Ran by jivko at 2014-04-15 14:23:50 Run:1Running from C:Documents and SettingsjivkoDesktopBoot Mode: Normal==============================================Content of fixlist:*****************startURLSearchHook: ATTENTION ==> Default URLSearchHook is missing.URLSearchHook: HKCU - (No Name) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} -  No FileToolbar: HKLM - No Name - {6c97a91e-4524-4019-86af-2aa2d567bf5c} -  No FileToolbar: HKCU - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No FileToolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No FileS0 52a70da2ad07dc37; SystemRootSystem32Drivers52a70da2ad07dc37.sysSystemRootSystem32Drivers52a70da2ad07dc37.sysU3 abrqsxb2; C:WINDOWSsystem32Driversabrqsxb2.sys C:WINDOWSsystem32Driversabrqsxb2.sys C:Documents and SettingsjivkoApplication DataCamLayout.iniC:Documents and SettingsjivkoApplication DataCamShapes.iniC:Documents and SettingsjivkoTempWmicBatchFile.batC:Documents and SettingsjivkoLocal SettingsTempAcDeltree.exeC:Documents and SettingsjivkoLocal SettingsTempAutoRun.exeC:Documents and SettingsjivkoLocal SettingsTempAutoRunGUI.dllC:Documents and SettingsjivkoLocal SettingsTempavgnt.exeC:Documents and SettingsjivkoLocal SettingsTempCH.dllC:Documents and SettingsjivkoLocal SettingsTempdrm_dyndata_7370014.dllC:Documents and SettingsjivkoLocal SettingsTempDTLite4481-0347.exeC:Documents and SettingsjivkoLocal SettingsTempFreeFileViewerSetup.exeC:Documents and SettingsjivkoLocal SettingsTempi4jdel0.exeC:Documents and SettingsjivkoLocal SettingsTempIcqUpdater.exeC:Documents and SettingsjivkoLocal SettingsTempjre-7u51-windows-i586-iftw.exeC:Documents and SettingsjivkoLocal SettingsTempose00000.exeC:Documents and SettingsjivkoLocal SettingsTempResource_AcceptRate.exeC:Documents and SettingsjivkoLocal SettingsTempResource_Toolbar.exeC:Documents and SettingsjivkoLocal SettingsTempUninstall.exeC:Documents and SettingsjivkoLocal SettingsTemputt49B.tmp.exeC:Documents and SettingsjivkoLocal SettingsTemp_is1EE.exeC:Documents and SettingsxxxLocal SettingsTempavgnt.exeAlternateDataStreams: C:Documents and SettingsAll UsersApplication DataMTA San Andreas All:NTAlternateDataStreams: C:Documents and SettingsjivkoDesktopScreenshot 2014-02-23 16.34.09.png:com.dropbox.attributesAlternateDataStreams: C:Documents and SettingsjivkoDesktopScreenshot 2014-04-13 20.11.59.png:com.dropbox.attributesAlternateDataStreams: C:Documents and SettingsjivkoDesktopScreenshot 2014-04-13 20.15.02.png:com.dropbox.attributesMSCONFIGstartupreg: kzfoselr => bzogtoetkygkxvkcp.exeMSCONFIGstartupreg: mhtiskxjxinoyt =>MSCONFIGstartupreg: phqcjyirckm => urfwicrfvipsebpg.exeend*****************Default URLSearchHook was restored successfully .HKCUSoftwareMicrosoftInternet ExplorerURLSearchHooks{6c97a91e-4524-4019-86af-2aa2d567bf5c} => Value deleted successfully.HKLMSOFTWAREMicrosoftInternet ExplorerToolbar{6c97a91e-4524-4019-86af-2aa2d567bf5c} => Value deleted successfully.HKCRCLSID{6c97a91e-4524-4019-86af-2aa2d567bf5c} => Key not found.HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser{32099AAC-C132-4136-9E9A-4E364A424E17} => Value deleted successfully.HKCRCLSID{32099AAC-C132-4136-9E9A-4E364A424E17} => Key not found.HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.HKCRCLSID{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.52a70da2ad07dc37 => Service deleted successfully.abrqsxb2 => Service not found."C:WINDOWSsystem32Driversabrqsxb2.sys" => File/Directory not found.C:Documents and SettingsjivkoApplication DataCamLayout.ini => Moved successfully.C:Documents and SettingsjivkoApplication DataCamShapes.ini => Moved successfully.C:Documents and SettingsjivkoTempWmicBatchFile.bat => Moved successfully.C:Documents and SettingsjivkoLocal SettingsTempAcDeltree.exe => Moved successfully.C:Documents and SettingsjivkoLocal SettingsTempAutoRun.exe => Moved successfully.C:Documents and SettingsjivkoLocal SettingsTempAutoRunGUI.dll => Moved successfully.C:Documents and SettingsjivkoLocal SettingsTempavgnt.exe => Moved successfully.C:Documents and SettingsjivkoLocal SettingsTempCH.dll => Moved successfully.C:Documents and SettingsjivkoLocal SettingsTempdrm_dyndata_7370014.dll => Moved successfully.C:Documents and SettingsjivkoLocal SettingsTempDTLite4481-0347.exe => Moved successfully.C:Documents and SettingsjivkoLocal SettingsTempFreeFileViewerSetup.exe => Moved successfully.C:Documents and SettingsjivkoLocal SettingsTempi4jdel0.exe => Moved successfully.C:Documents and SettingsjivkoLocal SettingsTempIcqUpdater.exe => Moved successfully.C:Documents and SettingsjivkoLocal SettingsTempjre-7u51-windows-i586-iftw.exe => Moved successfully.C:Documents and SettingsjivkoLocal SettingsTempose00000.exe => Moved successfully.C:Documents and SettingsjivkoLocal SettingsTempResource_AcceptRate.exe => Moved successfully.C:Documents and SettingsjivkoLocal SettingsTempResource_Toolbar.exe => Moved successfully.C:Documents and SettingsjivkoLocal SettingsTempUninstall.exe => Moved successfully.C:Documents and SettingsjivkoLocal SettingsTemputt49B.tmp.exe => Moved successfully.C:Documents and SettingsjivkoLocal SettingsTemp_is1EE.exe => Moved successfully.C:Documents and SettingsxxxLocal SettingsTempavgnt.exe => Moved successfully.C:Documents and SettingsAll UsersApplication DataMTA San Andreas All => ":NT" ADS removed successfully.C:Documents and SettingsjivkoDesktopScreenshot 2014-02-23 16.34.09.png => ":com.dropbox.attributes" ADS removed successfully.C:Documents and SettingsjivkoDesktopScreenshot 2014-04-13 20.11.59.png => ":com.dropbox.attributes" ADS removed successfully.C:Documents and SettingsjivkoDesktopScreenshot 2014-04-13 20.15.02.png => ":com.dropbox.attributes" ADS removed successfully.==== End of Fixlog ====

Качил съм всичко. Благодаря за инструкциите.

Malwarebytes log:

Malwarebytes Anti-Malwarewww.malwarebytes.orgScan Date: 15.4.2014 г.Scan Time: 18:08:45Logfile: Administrator: YesVersion: 2.00.1.1004Malware Database: v2014.04.15.06Rootkit Database: v2014.03.27.01License: TrialMalware Protection: EnabledMalicious Website Protection: EnabledChameleon: DisabledOS: Windows XP Service Pack 3CPU: x86File System: NTFSUser: jivkoScan Type: Threat ScanResult: CompletedObjects Scanned: 297568Time Elapsed: 14 min, 32 secMemory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledDeep Rootkit Scan: EnabledShuriken: EnabledPUP: EnabledPUM: EnabledProcesses: 0(No malicious items detected)Modules: 0(No malicious items detected)Registry Keys: 0(No malicious items detected)Registry Values: 0(No malicious items detected)Registry Data: 0(No malicious items detected)Folders: 0(No malicious items detected)Files: 0(No malicious items detected)Physical Sectors: 0(No malicious items detected)(end)

 UNSUPPORTED OPERATING SYSTEM! ABORTED! Май това не значи много добре.. не ми поддържа ОС...

JRT.txt

AdwCleanerS0.txt

AdwCleanerR0.txt

Fixlog.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

След процедурите до тук ,какво е положението със системата ви..? Наблюдавате ли първоначалните проблеми..?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

След процедурите до тук ,какво е положението със системата ви..? Наблюдавате ли първоначалните проблеми..?

Всъщност, за съжаление, не. Направих дефраг на диска, помогна, за ден, но проблема продължава. Усещам, че проблема намаля/или така ми се струва/. А честно казано, се опасявам, че съм хванал някое ТорнТВ, защото в Старт-Програмс има торн ТВ и ту в папката се появява едно Торн ТВ, ту пише /емти/. За Секюрити Чек...? какво да правя?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

А честно казано, се опасявам, че съм хванал някое ТорнТВ, защото в Старт-Програмс има торн ТВ и ту в папката се появява едно Торн ТВ, ту пише /емти/.

 

Премахнахме го..но мисля че това е най - малкия ви проблем..!

 

Folder Deleted : C:Documents and SettingsjivkoStart MenuProgramsTornTV.com

 

 

 

Публикувано изображение Изтеглете ComboFix Публикувано изображение от тук и го запазете на десктопа си.

How to use ComboFix

Публикувано изображение Изключете вашата антивирусна и антишпионска програма, обикновено това става чрез натискане на десния бутон на мишката върху иконата на програма в системния трей.

Бележка: Ако не можете я спрете или не сте сигурни коя програма да изключите, моля прегледайте информацията от този линк: How to disable your security applications by amateur

Публикувано изображение Стартирайте Combo-Fix.com Публикувано изображение и следвайте инструкциите.

Когато процесът приключи успешно, инструментът ще създаде лог файл. Моля, включете съдържанието на C:ComboFix.txt в следващия Ви коментар в тази тема.

Публикувано изображение Моля, не прикачвайте лог файла/овете от програмата, а го/ги копирайте и поставете в следващия Ви коментар в тази тема.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

 

Премахнахме го..но мисля че това е най - малкия ви проблем..!

 

 

 

 

Публикувано изображение Изтеглете ComboFix Публикувано изображение от тук и го запазете на десктопа си.

How to use ComboFix

Публикувано изображение Изключете вашата антивирусна и антишпионска програма, обикновено това става чрез натискане на десния бутон на мишката върху иконата на програма в системния трей.

Бележка: Ако не можете я спрете или не сте сигурни коя програма да изключите, моля прегледайте информацията от този линк: How to disable your security applications by amateur

Публикувано изображение Стартирайте Combo-Fix.com Публикувано изображение и следвайте инструкциите.

Когато процесът приключи успешно, инструментът ще създаде лог файл. Моля, включете съдържанието на C:ComboFix.txt в следващия Ви коментар в тази тема.

Публикувано изображение Моля, не прикачвайте лог файла/овете от програмата, а го/ги копирайте и поставете в следващия Ви коментар в тази тема.

post-347780-0-43579300-1397653413_thumb.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Е и...? Прочетохте ли инструкцията...

 

 

Публикувано изображение Изключете вашата антивирусна или антишпионска програма, обикновено това става чрез натискане на десния бутон на мишката върху иконата на програма в системния трей.
Бележка: Ако не можете я спрете или не сте сигурни коя програма да изключите, моля прегледайте информацията от този линк: How to disable your security applications by amateur

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Е и...? Прочетохте ли инструкцията...

Изключил съм ВСИЧКИ защити без изключение.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Прекрасно....тогава очаквам дневника от  Комбофикс..! :)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Прекрасно....тогава очаквам дневника от  Комбофикс..! :) -

 

 

 

 

Здравейте отново след празниците, реших да не Ви притеснявам! След работата с ComboFix забелязвам огромно подобрение с проблема, който имаше. Ако не ви се работи повече по проблема, можем да заключим темата.  ;) 

ComboFix 14-04-20.01 - jivko 04.2014 г.  15:32:03.1.2 - x86Microsoft Windows XP Professional  5.1.2600.3.1251.359.1033.18.3327.1814 [GMT 3:00]Running from: c:documents and settingsjivkoDesktopkalDATAComboFix.exeAV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}FW: COMODO Firewall *Disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B} * Created a new restore point..(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))..c:documents and settingsjivkoWINDOWSc:windowssystem32_000004_.tmp.dllc:windowssystem32_000005_.tmp.dllc:windowssystem32_000006_.tmp.dllc:windowssystem32_000007_.tmp.dllc:windowssystem32_000008_.tmp.dllc:windowssystem32_000011_.tmp.dllc:windowssystem32SET10D.tmpc:windowssystem32SET10E.tmpc:windowssystem32SET10F.tmpc:windowssystem32SET113.tmpc:windowssystem32SET114.tmpc:windowssystem32SET115.tmpc:windowssystem32SET119.tmpc:windowssystem32SET11B.tmpc:windowssystem32SET2A5.tmpc:windowssystem32SET2AC.tmpc:windowssystem32SET2AF.tmpc:windowssystem32SET2B0.tmpc:windowssystem32SET2B1.tmpc:windowssystem32SET2B5.tmpc:windowssystem32SET2B6.tmpc:windowssystem32SET2B7.tmpc:windowssystem32SET2BB.tmpc:windowssystem32SET2BD.tmpc:windowssystem32SET2DF.tmpc:windowssystem32SET9D1.tmpc:windowssystem32SETADE.tmpc:windowssystem32SETADF.tmpc:windowssystem32SETAE0.tmpc:windowssystem32SETAE4.tmpc:windowssystem32SETAE5.tmpc:windowssystem32SETAE6.tmpc:windowssystem32SETAEC.tmpc:windowssystem32SETAEE.tmp..(((((((((((((((((((((((((   Files Created from 2014-03-21 to 2014-04-21  )))))))))))))))))))))))))))))))..2014-04-16 06:12 . 2014-04-16 06:14	--------	d-----w-	c:documents and settingsjivkoLocal SettingsApplication Dataadawarebp2014-04-15 14:53 . 2014-04-21 12:11	107736	----a-w-	c:windowssystem32driversMBAMSwissArmy.sys2014-04-15 14:52 . 2014-04-15 14:52	--------	d-----w-	c:documents and settingsAll UsersApplication DataMalwarebytes2014-04-15 14:52 . 2014-04-03 06:51	50648	----a-w-	c:windowssystem32driversmbamchameleon.sys2014-04-15 14:52 . 2014-04-03 06:50	23256	----a-w-	c:windowssystem32driversmbam.sys2014-04-15 14:25 . 2014-04-15 14:25	--------	d-----w-	c:windowsERUNT2014-04-15 13:53 . 2014-04-15 13:55	--------	d-----w-	C:AdwCleaner2014-04-13 10:44 . 2014-04-13 12:45	--------	d-----w-	c:documents and settingsjivkoApplication DataQTranslate2014-04-13 10:15 . 2014-04-15 11:23	--------	d-----w-	C:FRST2014-04-13 10:05 . 2014-04-13 10:05	--------	d-----w-	c:documents and settingsAll UsersApplication DataStartup Manager2014-04-12 16:03 . 2014-04-12 16:03	--------	d---a-w-	c:documents and settingsAll UsersApplication DataMTA San Andreas All2014-04-11 19:18 . 2014-04-11 19:18	--------	d-sh--w-	c:documents and settingsLocalServiceIETldCache2014-04-11 10:33 . 2014-02-26 01:59	13312	-c----w-	c:windowssystem32dllcachexp_eos.exe2014-04-11 10:33 . 2014-02-26 01:59	13312	------w-	c:windowssystem32xp_eos.exe2014-04-06 15:04 . 2014-04-06 15:04	--------	d-----w-	c:documents and settingsjivkoApplication DataStyle Jukebox Settings2014-04-06 14:49 . 2014-04-06 14:49	--------	d-----w-	c:windowssystem32Presets2014-03-27 12:13 . 2014-03-19 13:08	24864	----a-w-	c:windowssystem32novamns7.dll2014-03-27 12:13 . 2014-03-19 13:08	21792	----a-w-	c:windowssystem32novamis7.dll2014-03-24 18:07 . 2004-10-18 12:04	161280	----a-w-	c:windowssystem32fmod.dll2014-03-24 18:07 . 2004-08-06 11:49	265785	----a-w-	c:windowssystem32pixomatic.dll2014-03-24 18:07 . 2004-01-06 08:43	188416	----a-w-	c:windowssystem32eax.dll2014-03-24 18:07 . 2003-01-30 04:04	1500160	----a-w-	c:windowssystem32cc3260mt.dll2014-03-24 18:07 . 2002-02-01 05:00	22016	----a-w-	c:windowssystem32borlndmm.dll2014-03-24 18:07 . 2002-01-05 01:38	54784	----a-w-	c:windowssystem32msvci70.dll2014-03-24 18:07 . 2002-01-05 04:37	344064	----a-w-	c:windowssystem32Msvcr70.dll2014-03-24 18:07 . 2002-01-05 01:40	487424	----a-w-	c:windowssystem32Msvcp70.dll2014-03-23 15:14 . 2014-03-23 15:14	--------	d-----w-	c:program filesSony2014-03-23 15:14 . 2014-03-23 15:14	--------	d-----w-	c:documents and settingsAll UsersApplication DataSony...((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))).2014-04-16 14:51 . 2010-09-25 16:04	139048	----a-w-	c:windowssystem32driversPnkBstrK.sys2014-04-16 14:51 . 2010-09-25 16:09	282296	----a-w-	c:windowssystem32PnkBstrB.xtr2014-04-16 14:51 . 2010-09-25 16:03	282296	----a-w-	c:windowssystem32PnkBstrB.exe2014-04-15 08:34 . 2010-09-25 16:03	282296	----a-w-	c:windowssystem32PnkBstrB.ex02014-03-25 19:22 . 2013-04-25 08:05	104792	----a-w-	c:windowssystem32driversinspect.sys2014-03-25 19:22 . 2013-04-15 15:39	607448	----a-w-	c:windowssystem32driverscmdGuard.sys2014-03-25 19:22 . 2013-04-15 15:39	29912	----a-w-	c:windowssystem32driverscmdhlp.sys2014-03-25 19:22 . 2013-04-15 15:39	15704	----a-w-	c:windowssystem32driverscmderd.sys2014-03-25 19:22 . 2013-04-15 15:38	36000	----a-w-	c:windowssystem32cmdcsr.dll2014-03-25 19:22 . 2013-04-23 12:04	363504	----a-w-	c:windowssystem32guard32.dll2014-03-25 19:22 . 2013-04-15 15:38	284888	----a-w-	c:windowssystem32cmdvrt32.dll2014-03-25 19:22 . 2013-04-15 15:38	40664	----a-w-	c:windowssystem32cmdkbd32.dll2014-03-18 18:31 . 2013-10-05 11:50	107888	----a-w-	c:windowssystem32CmdLineExt.dll2014-03-12 18:21 . 2012-03-29 17:16	692616	----a-w-	c:windowssystem32FlashPlayerApp.exe2014-03-12 18:21 . 2011-05-25 06:19	71048	----a-w-	c:windowssystem32FlashPlayerCPLApp.cpl2014-03-06 17:59 . 2004-08-04 00:56	1469440	------w-	c:windowssystem32inetcpl.cpl2014-03-06 17:59 . 2004-08-04 00:56	43520	------w-	c:windowssystem32licmgr10.dll2014-03-06 17:59 . 2004-08-04 00:56	18944	----a-w-	c:windowssystem32corpol.dll2014-03-06 00:46 . 2004-08-03 22:59	385024	------w-	c:windowssystem32html.iec2014-02-15 09:37 . 2014-02-15 09:37	112640	----a-w-	c:documents and settingsAll UsersApplication DataMicrosoftVCExpress9.01033ResourceCache.dll2014-02-15 09:37 . 2014-02-15 09:37	416	----a-w-	c:documents and settingsAll UsersApplication DataMicrosoftMSDN9.01033ResourceCache.dll2014-02-14 13:03 . 2014-02-14 13:03	3332784	----a-w-	c:windowssystem32driversappdrv01.sys2014-02-14 13:03 . 2014-02-14 13:03	316888	----a-w-	c:windowssystem32appdrvrem01.exe2014-02-13 17:01 . 2014-02-13 12:38	109888	----a-w-	c:windowssystem32IObitSmartDefragExtension.dll2014-02-08 18:03 . 2010-09-25 16:04	138904	----a-w-	c:documents and settingsjivkoApplication DataPnkBstrK.sys2014-02-08 18:03 . 2010-09-25 16:03	76888	----a-w-	c:windowssystem32PnkBstrA.exe2014-02-07 02:01 . 2004-08-03 23:17	1879040	----a-w-	c:windowssystem32win32k.sys2014-02-05 08:55 . 2004-08-04 00:56	562688	----a-w-	c:windowssystem32qedit.dll2014-01-26 10:42 . 2013-01-27 08:42	40960	----a-r-	c:documents and settingsjivkoApplication DataMicrosoftInstaller{7CD9421E-4FDF-4833-A5F0-1F0FAB476629}NewShortcut31_7CD9421E4FDF4833A5F01F0FAB476629.exe2014-01-26 10:42 . 2013-01-27 08:42	40960	----a-r-	c:documents and settingsjivkoApplication DataMicrosoftInstaller{7CD9421E-4FDF-4833-A5F0-1F0FAB476629}NewShortcut3_7CD9421E4FDF4833A5F01F0FAB476629.exe2014-01-26 10:42 . 2013-01-27 08:42	40960	----a-r-	c:documents and settingsjivkoApplication DataMicrosoftInstaller{7CD9421E-4FDF-4833-A5F0-1F0FAB476629}NewShortcut21_7CD9421E4FDF4833A5F01F0FAB476629.exe2014-01-26 10:42 . 2013-01-27 08:42	40960	----a-r-	c:documents and settingsjivkoApplication DataMicrosoftInstaller{7CD9421E-4FDF-4833-A5F0-1F0FAB476629}NewShortcut2_7CD9421E4FDF4833A5F01F0FAB476629.exe2014-01-23 16:49 . 2014-01-23 16:49	161	----a-w-	C:Delme.bat..(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_LOCAL_MACHINESOFTWARE~Browser Helper Objects{10921475-03CE-4E04-90CE-E2E7EF20C814}]2014-04-13 09:51	752448	----a-w-	c:program filesIObitIObit UninstallerUninstallExplorer32.dll.[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]"{10921475-03CE-4E04-90CE-E2E7EF20C814}"= "c:program filesIObitIObit UninstallerUninstallExplorer32.dll" [2014-04-13 752448].[HKEY_CLASSES_ROOTclsid{10921475-03ce-4e04-90ce-e2e7ef20c814}][HKEY_CLASSES_ROOTUninstallExplorer32.ExplorerBtn].[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOTCLSID{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-09-10 23:54	131248	----a-w-	c:documents and settingsjivkoApplication DataDropboxbinDropboxExt.22.dll.[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOTCLSID{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-09-10 23:54	131248	----a-w-	c:documents and settingsjivkoApplication DataDropboxbinDropboxExt.22.dll.[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOTCLSID{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-09-10 23:54	131248	----a-w-	c:documents and settingsjivkoApplication DataDropboxbinDropboxExt.22.dll.[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt4]@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOTCLSID{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]2013-09-10 23:54	131248	----a-w-	c:documents and settingsjivkoApplication DataDropboxbinDropboxExt.22.dll.[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]"GoogleChromeAutoLaunch_391185D95CC2064269C2A988A8D5B391"="c:program filesGoogleChromeApplicationchrome.exe" [2014-04-02 841032]"Style Jukebox"="d:viva jukeboxStyle Jukebox.exe" [2014-02-27 8739840].[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]"IgfxTray"="c:windowssystem32igfxtray.exe" [2009-04-29 141336]"HotKeysCmds"="c:windowssystem32hkcmd.exe" [2009-04-29 173592]"Persistence"="c:windowssystem32igfxpers.exe" [2009-04-29 142872]"HDAudDeck"="c:program filesVIAVIAudioiHDADeckHDeck.exe" [2009-04-06 33603584]"REGSHAVE"="c:program filesREGSHAVEREGSHAVE.EXE" [2002-02-04 53248]"GUCI_AVS"="c:windowsPixArtPAP7501GUCI_AVS.exe" [2007-12-10 323584]"PACTray"="c:windowsPixArtPAP7501PACTray.exe" [2008-11-14 319488]"NetWatcherPro"="c:program filesNetWatcherProNetWatcherPro.exe" [1998-04-20 524288]"NvMediaCenter"="c:windowssystem32NvMcTray.dll" [2010-10-16 110696]"NvCplDaemon"="c:windowssystem32NvCpl.dll" [2010-10-16 13851752]"nwiz"="c:program filesNVIDIA CorporationnViewnwiz.exe" [2010-08-25 1753192]"avgnt"="c:program filesAviraAntiVir Desktopavgnt.exe" [2014-03-13 689744]"Intel AppUp(R) center"="d:nestizaIntel appUpIntelAppStorebinismagent.exe" [2013-07-04 156000]"Ad-Aware Browsing Protection"="c:documents and settingsAll UsersApplication DataAd-Aware Browsing Protectionadawarebp.exe" [2013-01-31 542632]"COMODO Internet Security"="c:program filesCOMODOCOMODO Internet Securitycistray.exe" [2014-03-25 1225944]"Intel AppUp(R) center Systray"="d:nestizaIntel appUpIntelAppStorebinAppUp.exe" [2013-07-04 928992]"SunJavaUpdateSched"="c:program filesCommon FilesJavaJava Updatejusched.exe" [2013-07-02 254336]"LogMeIn Hamachi Ui"="d:hama4ihamachi-2-ui.exe" [2014-02-26 3814736]"DAEMON Tools Lite"="d:dtlDAEMON Tools LiteDTLite.exe" [2013-08-01 3673696].[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]"CTFMON.EXE"="c:windowssystem32CTFMON.EXE" [2008-04-14 15360]"GoogleChromeAutoLaunch_BB7E6CE705E9E15ABCB72D3060D30B1F"="c:program filesGoogleChromeApplicationchrome.exe" [2014-04-02 841032].c:documents and settingsjivkoStart MenuProgramsStartupDropbox.lnk - c:documents and settingsjivkoApplication DataDropboxbinDropbox.exe /systemstartup [2014-1-3 30714328].c:documents and settingsAll UsersStart MenuProgramsStartupFlexType 2K.lnk - c:windowsDatecsFlex2K.exe [2009-11-10 151552].[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]"ConsentPromptBehaviorAdmin"= 0 (0x0)"ConsentPromptBehaviorUser"= 0 (0x0)"EnableInstallerDetection"= 0 (0x0)"EnableSecureUIAPaths"= 0 (0x0)"EnableVirtualization"= 0 (0x0)"PromptOnSecureDesktop"= 0 (0x0).[hkey_local_machinesoftwaremicrosoftwindowscurrentversionexplorerShellExecuteHooks]"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:program filesSUPERAntiSpywareSASSEH.DLL" [2011-08-04 113024].[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal!SASCORE]@="".[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalAd-Aware Service]@="Ad-Aware Service".[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalhitmanpro37]@="".[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalhitmanpro37.sys]@="".[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMSIServer]@="Service".[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]@="Driver".[HKLM~startupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]path=c:documents and settingsAll UsersStart MenuProgramsStartupMicrosoft Office.lnkbackup=c:windowspssMicrosoft Office.lnkCommon StartupHKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDAEMON Tools LiteHKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupreggbrspcontrolHKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregmhtiskxjxinoyt.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAdobe Reader Speed Launcher]2008-01-11 20:16	39792	----a-w-	c:program filesAdobeReader 8.0Readerreader_sl.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAkamai NetSession Interface]2014-03-06 04:18	4672920	----a-w-	c:documents and settingsjivkoLocal SettingsApplication DataAkamainetsession_win.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregBlueStacks Agent]2013-12-20 14:45	807696	----a-w-	c:program filesBlueStacksHD-Agent.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregGB_UPDATE]2013-06-05 14:37	2051688	----a-w-	d:razer game boosterAutoUpdate.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregGrooveMonitor]2008-10-25 09:44	31072	----a-w-	d:office12GrooveMonitor.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregIntel AppUp(R) center Systray]2013-07-04 20:46	928992	----a-w-	d:nestizaIntel appUpIntelAppStorebinAppUp.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregKeePass 2 PreLoad]2013-07-20 07:26	2010624	----a-w-	d:keepass password safe 2KeePass.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]2008-04-14 03:42	1695232	------w-	c:program filesMessengermsmsgs.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]2001-07-09 09:50	155648	----a-w-	c:windowssystem32NeroCheck.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSunJavaUpdateSched]2013-07-02 07:16	254336	----a-w-	c:program filesCommon FilesJavaJava Updatejusched.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSUPERAntiSpyware]2014-02-01 07:10	5625624	----a-w-	c:program filesSUPERAntiSpywareSUPERANTISPYWARE.EXE.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupreguTorrent]2010-08-17 09:55	327472	----a-w-	c:program filesuTorrentuTorrent.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregWinampAgent]2001-03-03 02:26	7680	----a-w-	c:program filesWinampwinampa.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]"wuauserv"=2 (0x2)"wscsvc"=3 (0x3).[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]"%windir%system32sessmgr.exe"="%windir%Network Diagnosticxpnetdiag.exe"="c:Program FilesuTorrentuTorrent.exe"="c:WINDOWSsystem32PnkBstrA.exe"="c:WINDOWSsystem32PnkBstrB.exe"="c:Program FilesOperaopera.exe"="c:Program FilesGoogleGoogle Earthclientgoogleearth.exe"="c:Program FilesMozilla Firefoxplugin-container.exe"="c:Program FilesBohemia InteractiveArmA 2 Operation Arrowheadarma2OA.exe"="c:Program FilesUbisoftGearbox SoftwareBrothers in Arms - Hell's HighwayBinariesbiahh.exe"="c:Program FilesCall of DutyCoDMP.exe"="d:gamesNew Folder (2)BF2.exe"="d:gamesbfvietnam.exe"="c:Program FilesElectronic ArtsBattlefield Bad Company 2BFBC2Updater.exe"="c:Program FilesElectronic ArtsBattlefield Bad Company 2BFBC2Game.exe"="d:gamesBFP4FBFP4f.exe"="c:WINDOWSsystem32javaw.exe"="d:NestizaIntel appUpIntelAppStorebinismagent.exe"="c:Program FilesJavajre7binjavaw.exe"="d:WarframeDownloadedPublicToolsLauncher.exe"="d:WarframeDownloadedPublicWarframe.x64.exe"="c:Documents and SettingsjivkoLocal SettingsApplication DataAkamainetsession_win.exe"="d:World_of_TanksWoTLauncher.exe"="c:Documents and SettingsjivkoApplication DataDropboxbinDropbox.exe"="d:APBAPB ReloadedBinariesAPB.exe"="d:APBAPB ReloadedBinariesVivoxVoiceService.exe"="d:WarframeDownloadedPublicToolsRemoteCrashSender.exe"="d:CShl.exe"="c:Program FilesUbisoftUbisoft Game LauncherUbisoftGameLauncher.exe"="d:Assassins Creed RevelationsACRSP.exe"="d:SteamSteam.exe"="d:SteamSteamAppscommonVector Demolaunch.exe"="c:Documents and SettingsAll UsersApplication DataElectronic ArtsNeed For Speed WorldDatanfsw.exe"="d:SteamSteamAppscommon8BitMMOjrebinjavaw.exe"="d:nfSUnderGroundNeed For Speed Underground 2 Portable - [Espera]speed2.exe"="d:Office12OUTLOOK.EXE"="d:Office12GROOVE.EXE"="d:Office12ONENOTE.EXE"="c:WINDOWSsystem32dpvsetup.exe"="c:Program FilesFreeFileViewerFFVCheckForUpdates.exe"="c:Program FilesSkypePhoneSkype.exe"="d:Rockstar Games Social ClubRGSCLauncher.exe"="d:ШешяGTA4 FULL RIPNew FolderR.GGrand Theft Auto IVGTAIV.exe"="d:Program FilesGSC World PublishingС.Т.А.Л.К.Е.Р. - Чистое НебоbinxrEngine.exe"="d:Program FilesGSC World PublishingС.Т.А.Л.К.Е.Р. - Чистое НебоbindedicatedxrEngine.exe"=.[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList]"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management .R0 gfibto;gfibto;c:windowssystem32driversgfibto.sys [28.3.2013 і. 17:51 13560]R0 SmartDefragDriver;SmartDefragDriver;c:windowssystem32driversSmartDefragDriver.sys [13.2.2014 і. 15:37 15808]R0 sptd;sptd;SystemRootSystemRootSystem32Driverssptd.sys --> SystemRootSystemRootSystem32Driverssptd.sys [?]R1 appdrv01;Application Driver (01);c:windowssystem32driversappdrv01.sys [14.2.2014 і. 16:03 3332784]R1 avkmgr;avkmgr;c:windowssystem32driversavkmgr.sys [03.10.2012 і. 14:50 37352]R1 cmderd;COMODO Internet Security Eradication Driver;c:windowssystem32driverscmderd.sys [15.4.2013 і. 18:39 15704]R1 cmdGuard;COMODO Internet Security Driver;c:windowssystem32driverscmdGuard.sys [15.4.2013 і. 18:39 607448]R1 cmdHlp;COMODO Internet Security Helper Driver;c:windowssystem32driverscmdhlp.sys [15.4.2013 і. 18:39 29912]R1 SASDIFSV;SASDIFSV;c:program filesSUPERAntiSpywareSASDIFSV.SYS [17.2.2010 і. 21:25 12880]R1 SASKUTIL;SASKUTIL;c:program filesSUPERAntiSpywareSASKUTIL.SYS [10.5.2010 і. 21:41 67664]R2 !SASCORE;SAS Core Service;c:program filesSUPERAntiSpywareSASCORE.EXE [29.6.2010 і. 20:48 116608]R2 AntiVirSchedulerService;Avira Scheduler;c:program filesAviraAntiVir Desktopsched.exe [03.10.2012 і. 14:47 440400]R2 BstHdDrv;BlueStacks Hypervisor;c:program filesBlueStacksHD-Hypervisor-x86.sys [20.12.2013 і. 17:44 106256]R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:program filesBlueStacksHD-LogRotatorService.exe [20.12.2013 і. 17:44 385808]R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:hama4ihamachi-2.exe -s --> d:hama4ihamachi-2.exe -s [?]R2 LiveUpdateSvc;LiveUpdate;c:program filesIObitLiveUpdateLiveUpdate.exe [27.11.2013 і. 14:04 2151200]R2 MBAMScheduler;MBAMScheduler;d:malwarebytes anti-malwarembamscheduler.exe [15.4.2014 і. 17:52 1809720]R2 MBAMService;MBAMService;d:malwarebytes anti-malwarembamservice.exe [15.4.2014 і. 17:52 857912]R3 GUCI_AVS;Canyon USB2.0 PC Camera;c:windowssystem32driversGUCI_AVS.sys [12.9.2010 і. 14:05 580992]R3 MBAMProtector;MBAMProtector;c:windowssystem32driversmbam.sys [15.4.2014 і. 17:52 23256]R3 MBAMSwissArmy;MBAMSwissArmy;c:windowssystem32driversMBAMSwissArmy.sys [15.4.2014 і. 17:53 107736]R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:windowssystem32driversviahduaa.sys [10.11.2009 і. 16:17 1086208]S2 appdrvrem01;Application Driver Auto Removal Service (01);c:windowsSystem32appdrvrem01.exe svc --> c:windowsSystem32appdrvrem01.exe svc [?]S2 BstHdAndroidSvc;BlueStacks Android Service;c:program filesBlueStacksHD-Service.exe [20.12.2013 і. 17:43 402192]S2 SkypeUpdate;Skype Updater;c:program filesSkypeUpdaterUpdater.exe [23.10.2013 і. 09:15 172192]S3 CBPMp50;CBPMp50 NDIS Protocol Driver;c:windowssystem32DriversCBPMp50.sys --> c:windowssystem32DriversCBPMp50.sys [?]S3 CBPSp50;CBPSp50 NDIS Protocol Driver;c:windowssystem32driversCBPSp50.sys [03.10.2012 і. 01:03 27072]S3 cmdvirth;COMODO Virtual Service Manager;c:program filesComodoCOMODO Internet Securitycmdvirth.exe [15.4.2013 і. 18:38 1663192]S3 esgiguard;esgiguard; [x]S3 FairplayKD;FairplayKD;??c:documents and settingsAll UsersApplication DataMTA San Andreas AllCommontempFairplayKD.sys --> c:documents and settingsAll UsersApplication DataMTA San Andreas AllCommontempFairplayKD.sys [?]S3 gfiark;gfiark;c:windowssystem32driversgfiark.sys [28.3.2013 і. 23:01 41584]S3 Sony PC Companion;Sony PC Companion;c:program filesSonySony PC CompanionPCCService.exe [23.3.2014 і. 18:14 155824]S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:windowssystem32driversVBoxNetAdp.sys [18.12.2013 і. 18:38 114960]S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:windowssystem32DRIVERSVBoxNetFlt.sys --> c:windowssystem32DRIVERSVBoxNetFlt.sys [?].--- Other Services/Drivers In Memory ---.*NewlyCreated* - MBAMSWISSARMY*NewlyCreated* - WS2IFSL.[HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled components{8A69D345-D564-463c-AFF1-A69D9E530F96}]2014-04-10 15:13	1077576	----a-w-	c:program filesGoogleChromeApplication34.0.1847.116Installerchrmstp.exe.Contents of the 'Scheduled Tasks' folder.2014-04-21 c:windowsTasksAdobe Flash Player Updater.job- c:windowssystem32MacromedFlashFlashPlayerUpdateService.exe [2012-03-29 18:21].2014-04-21 c:windowsTasksCOMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job- c:program filesCOMODOCOMODO Internet Securitycfpconfg.exe [2013-04-15 13:19].2014-04-21 c:windowsTasksCOMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job- c:program filesCOMODOCOMODO Internet Securitycfpconfg.exe [2013-04-15 13:19].2014-04-21 c:windowsTasksFreeFileViewerUpdateChecker.job- c:program filesFreeFileViewerFFVCheckForUpdates.exe [2014-02-14 15:24].2014-04-21 c:windowsTasksGoogleUpdateTaskMachineCore.job- c:program filesGoogleUpdateGoogleUpdate.exe [2009-12-05 16:43].2014-04-21 c:windowsTasksGoogleUpdateTaskMachineUA.job- c:program filesGoogleUpdateGoogleUpdate.exe [2009-12-05 16:43].2014-04-21 c:windowsTasksMicrosoft Windows XP End of Service Notification Logon.job- c:windowssystem32xp_eos.exe [2014-04-11 01:59].2014-04-12 c:windowsTasksMicrosoft Windows XP End of Service Notification Monthly.job- c:windowssystem32xp_eos.exe [2014-04-11 01:59].2014-04-21 c:windowsTasksSmartDefrag3_Update.job- c:program filesIObitSmart Defrag 3AutoUpdate.exe [2014-02-13 17:01].2014-04-21 c:windowsTasksWGASetup.job- c:windowssystem32KB905474wgasetup.exe [2013-02-28 20:18]..------- Supplementary Scan -------.uStart Page = hxxp://www.google.bg/uInternet Connection Wizard,ShellNext = iexploreuInternet Settings,ProxyOverride = <local>uSearchAssistant = hxxp://www.google.com/ieuSearchURL,(Default) = hxxp://www.google.com/search?q=%sIE: &Експортиране към Microsoft Excel - d:office12EXCEL.EXE/3000IE: Е&кспортирай в Microsoft Excel - c:progra~1MICROS~2Office10EXCEL.EXE/3000IE: {{2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - c:program filesAdTrustMediaPrivDog2.1.0.19trustedads.dllTCP: DhcpNameServer = 192.168.1.1FF - ProfilePath - c:documents and settingsjivkoApplication DataMozillaFirefoxProfilesib2hakcz.default.- - - - ORPHANS REMOVED - - - -.SafeBoot-SBAMSvcMSConfigStartUp-kzfoselr - bzogtoetkygkxvkcp.exeMSConfigStartUp-NokiaSuite - (no file)MSConfigStartUp-phqcjyirckm - urfwicrfvipsebpg.exeMSConfigStartUp-SearchProtection - c:documents and settingsAll UsersApplication DataSearch Protection_run.batAddRemove-ESET Online Scanner - c:program filesESETESET Online ScannerOnlineScannerUninstaller.exeAddRemove-MakeTorrent 2 - c:program filesMaketorrent 2uninstall.exeAddRemove-PrivDog - c:program filesAdTrustMediaPrivDogUninstallTrustedAds.exeAddRemove-Trusted Software Assistant_is1 - c:program filesFile Type Assistantunins000.exe...**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2014-04-21 15:43Windows 5.1.2600 Service Pack 3 NTFS.detected NTDLL code modification:ZwClose.scanning hidden processes ...  .scanning hidden autostart entries ... .HKLMSoftwareMicrosoftWindowsCurrentVersionRun  HDAudDeck = c:program filesVIAVIAudioiHDADeckHDeck.exe 1???????????????????????????????????????????????? .scanning hidden files ...  .scan completed successfullyhidden files: 0.**************************************************************************.--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINEsoftwareClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:WINDOWSsystem32MacromedFlashFlashUtil32_12_0_0_77_ActiveX.exe,-101".[HKEY_LOCAL_MACHINEsoftwareClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINEsoftwareClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32]@="c:WINDOWSsystem32MacromedFlashFlashUtil32_12_0_0_77_ActiveX.exe".[HKEY_LOCAL_MACHINEsoftwareClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINEsoftwareClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINEsoftwareClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINEsoftwareClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINEsoftwareCOMODOCISInstallerSym_CamCIS]"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,.[HKEY_LOCAL_MACHINESystemControlSet005ServicescmdAgentModeConfigurations]"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,.[HKEY_LOCAL_MACHINESystemControlSet005ServicescmdAgentModeData]"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,.[HKEY_LOCAL_MACHINESystemControlSet005ServicescmdAgentModeOptions]"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,.[HKEY_LOCAL_MACHINESystemSoftwareCOMODOCam]"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,.[HKEY_LOCAL_MACHINESystemSoftwareCOMODOFirewall Pro]"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,.[HKEY_LOCAL_MACHINESystemVritualRootMACHINESoftwareCLASSESCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker".[HKEY_LOCAL_MACHINESystemVritualRootMACHINESoftwareCLASSESCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINESystemVritualRootMACHINESoftwareCLASSESCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".--------------------- DLLs Loaded Under Running Processes ---------------------.- - - - - - - > 'lsass.exe'(996)c:windowssystem32guard32.dllc:windowssystem32mswsock.dllc:windowsSystem32wshtcpip.dll.- - - - - - - > 'csrss.exe'(900)c:windowssystem32cmdcsr.dll.Completion time: 2014-04-21  15:49:01ComboFix-quarantined-files.txt  2014-04-21 12:48.Pre-Run: 10 437 275 648 bytes freePost-Run: 11 579 293 696 bytes free.WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(1)WINDOWS[operating systems]c:cmdconsBOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdconsUnsupportedDebug="do not select this" /debugmulti(0)disk(0)rdisk(0)partition(1)WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect.- - End Of File - - F582ABB5CCF6DFED8A64345FE2F56D488F558EB6672622401DA993E1E865C861

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте...!Имаме още работа..! Искате бързо да се отървете от мен.. :P
 
 
Копирайте текста в карето на notepad и го запазвате с име CFScript.txt на десктопа си:
 

KILLALL::ClearJavaCache::Registry::[-HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregmhtiskxjxinoyt]Driver::esgiguard

След съхранението преместете  CFScript.txt на иконата на ComboFix.exe

Публикувано изображение

Генерирания рапорт копирайте  и го поставете в следващия си коментар...!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте...!Имаме още работа..! Искате бързо да се отървете от мен.. :P

 

 

Копирайте текста в карето на notepad и го запазвате с име CFScript.txt на десктопа си:

 

KILLALL::ClearJavaCache::Registry::[-HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregmhtiskxjxinoyt]Driver::esgiguard

След съхранението преместете  CFScript.txt на иконата на ComboFix.exe

Публикувано изображение

Генерирания рапорт копирайте  и го поставете в следващия си коментар...!

ComboFix 14-04-20.01 - jivko 04.2014 г.  20:06:02.2.2 - x86Microsoft Windows XP Professional  5.1.2600.3.1251.359.1033.18.3327.1970 [GMT 3:00]Running from: c:documents and settingsjivkoDesktopkalDATAComboFix.exeCommand switches used :: c:documents and settingsjivkoDesktopkalDATACFScript.txt.txtAV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}FW: COMODO Firewall *Disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}..(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))...(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))..-------Legacy_ESGIGUARD-------Service_esgiguard..(((((((((((((((((((((((((   Files Created from 2014-03-21 to 2014-04-21  )))))))))))))))))))))))))))))))..2014-04-21 14:16 . 2014-04-21 14:16	--------	d-----w-	c:documents and settingsjivkoLocal SettingsApplication DataDVDVideoSoft_Ltd2014-04-21 14:00 . 2014-04-21 14:00	--------	d-----w-	c:program filesCommon FilesDVDVideoSoft2014-04-21 14:00 . 2014-04-21 14:01	--------	d-----w-	c:documents and settingsjivkoApplication DataDVDVideoSoft2014-04-16 06:12 . 2014-04-16 06:14	--------	d-----w-	c:documents and settingsjivkoLocal SettingsApplication Dataadawarebp2014-04-15 14:53 . 2014-04-21 15:22	107736	----a-w-	c:windowssystem32driversMBAMSwissArmy.sys2014-04-15 14:52 . 2014-04-15 14:52	--------	d-----w-	c:documents and settingsAll UsersApplication DataMalwarebytes2014-04-15 14:52 . 2014-04-03 06:51	50648	----a-w-	c:windowssystem32driversmbamchameleon.sys2014-04-15 14:52 . 2014-04-03 06:50	23256	----a-w-	c:windowssystem32driversmbam.sys2014-04-15 14:25 . 2014-04-15 14:25	--------	d-----w-	c:windowsERUNT2014-04-15 13:53 . 2014-04-15 13:55	--------	d-----w-	C:AdwCleaner2014-04-13 10:44 . 2014-04-13 12:45	--------	d-----w-	c:documents and settingsjivkoApplication DataQTranslate2014-04-13 10:15 . 2014-04-15 11:23	--------	d-----w-	C:FRST2014-04-13 10:05 . 2014-04-13 10:05	--------	d-----w-	c:documents and settingsAll UsersApplication DataStartup Manager2014-04-12 16:03 . 2014-04-21 14:41	--------	d---a-w-	c:documents and settingsAll UsersApplication DataMTA San Andreas All2014-04-11 19:18 . 2014-04-11 19:18	--------	d-sh--w-	c:documents and settingsLocalServiceIETldCache2014-04-11 10:33 . 2014-02-26 01:59	13312	-c----w-	c:windowssystem32dllcachexp_eos.exe2014-04-11 10:33 . 2014-02-26 01:59	13312	------w-	c:windowssystem32xp_eos.exe2014-04-06 15:04 . 2014-04-06 15:04	--------	d-----w-	c:documents and settingsjivkoApplication DataStyle Jukebox Settings2014-04-06 14:49 . 2014-04-06 14:49	--------	d-----w-	c:windowssystem32Presets2014-03-27 12:13 . 2014-03-19 13:08	24864	----a-w-	c:windowssystem32novamns7.dll2014-03-27 12:13 . 2014-03-19 13:08	21792	----a-w-	c:windowssystem32novamis7.dll2014-03-24 18:07 . 2004-10-18 12:04	161280	----a-w-	c:windowssystem32fmod.dll2014-03-24 18:07 . 2004-08-06 11:49	265785	----a-w-	c:windowssystem32pixomatic.dll2014-03-24 18:07 . 2004-01-06 08:43	188416	----a-w-	c:windowssystem32eax.dll2014-03-24 18:07 . 2003-01-30 04:04	1500160	----a-w-	c:windowssystem32cc3260mt.dll2014-03-24 18:07 . 2002-02-01 05:00	22016	----a-w-	c:windowssystem32borlndmm.dll2014-03-24 18:07 . 2002-01-05 01:38	54784	----a-w-	c:windowssystem32msvci70.dll2014-03-24 18:07 . 2002-01-05 04:37	344064	----a-w-	c:windowssystem32Msvcr70.dll2014-03-24 18:07 . 2002-01-05 01:40	487424	----a-w-	c:windowssystem32Msvcp70.dll2014-03-23 15:14 . 2014-03-23 15:14	--------	d-----w-	c:program filesSony2014-03-23 15:14 . 2014-03-23 15:14	--------	d-----w-	c:documents and settingsAll UsersApplication DataSony...((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))).2014-04-16 14:51 . 2010-09-25 16:04	139048	----a-w-	c:windowssystem32driversPnkBstrK.sys2014-04-16 14:51 . 2010-09-25 16:09	282296	----a-w-	c:windowssystem32PnkBstrB.xtr2014-04-16 14:51 . 2010-09-25 16:03	282296	----a-w-	c:windowssystem32PnkBstrB.exe2014-04-15 08:34 . 2010-09-25 16:03	282296	----a-w-	c:windowssystem32PnkBstrB.ex02014-03-25 19:22 . 2013-04-25 08:05	104792	----a-w-	c:windowssystem32driversinspect.sys2014-03-25 19:22 . 2013-04-15 15:39	607448	----a-w-	c:windowssystem32driverscmdGuard.sys2014-03-25 19:22 . 2013-04-15 15:39	29912	----a-w-	c:windowssystem32driverscmdhlp.sys2014-03-25 19:22 . 2013-04-15 15:39	15704	----a-w-	c:windowssystem32driverscmderd.sys2014-03-25 19:22 . 2013-04-15 15:38	36000	----a-w-	c:windowssystem32cmdcsr.dll2014-03-25 19:22 . 2013-04-23 12:04	363504	----a-w-	c:windowssystem32guard32.dll2014-03-25 19:22 . 2013-04-15 15:38	284888	----a-w-	c:windowssystem32cmdvrt32.dll2014-03-25 19:22 . 2013-04-15 15:38	40664	----a-w-	c:windowssystem32cmdkbd32.dll2014-03-18 18:31 . 2013-10-05 11:50	107888	----a-w-	c:windowssystem32CmdLineExt.dll2014-03-12 18:21 . 2012-03-29 17:16	692616	----a-w-	c:windowssystem32FlashPlayerApp.exe2014-03-12 18:21 . 2011-05-25 06:19	71048	----a-w-	c:windowssystem32FlashPlayerCPLApp.cpl2014-03-06 17:59 . 2004-08-04 00:56	1469440	------w-	c:windowssystem32inetcpl.cpl2014-03-06 17:59 . 2004-08-04 00:56	43520	------w-	c:windowssystem32licmgr10.dll2014-03-06 17:59 . 2004-08-04 00:56	18944	----a-w-	c:windowssystem32corpol.dll2014-03-06 00:46 . 2004-08-03 22:59	385024	------w-	c:windowssystem32html.iec2014-02-15 09:37 . 2014-02-15 09:37	112640	----a-w-	c:documents and settingsAll UsersApplication DataMicrosoftVCExpress9.01033ResourceCache.dll2014-02-15 09:37 . 2014-02-15 09:37	416	----a-w-	c:documents and settingsAll UsersApplication DataMicrosoftMSDN9.01033ResourceCache.dll2014-02-14 13:03 . 2014-02-14 13:03	3332784	----a-w-	c:windowssystem32driversappdrv01.sys2014-02-14 13:03 . 2014-02-14 13:03	316888	----a-w-	c:windowssystem32appdrvrem01.exe2014-02-13 17:01 . 2014-02-13 12:38	109888	----a-w-	c:windowssystem32IObitSmartDefragExtension.dll2014-02-08 18:03 . 2010-09-25 16:04	138904	----a-w-	c:documents and settingsjivkoApplication DataPnkBstrK.sys2014-02-08 18:03 . 2010-09-25 16:03	76888	----a-w-	c:windowssystem32PnkBstrA.exe2014-02-07 02:01 . 2004-08-03 23:17	1879040	----a-w-	c:windowssystem32win32k.sys2014-02-05 08:55 . 2004-08-04 00:56	562688	----a-w-	c:windowssystem32qedit.dll2014-01-26 10:42 . 2013-01-27 08:42	40960	----a-r-	c:documents and settingsjivkoApplication DataMicrosoftInstaller{7CD9421E-4FDF-4833-A5F0-1F0FAB476629}NewShortcut31_7CD9421E4FDF4833A5F01F0FAB476629.exe2014-01-26 10:42 . 2013-01-27 08:42	40960	----a-r-	c:documents and settingsjivkoApplication DataMicrosoftInstaller{7CD9421E-4FDF-4833-A5F0-1F0FAB476629}NewShortcut3_7CD9421E4FDF4833A5F01F0FAB476629.exe2014-01-26 10:42 . 2013-01-27 08:42	40960	----a-r-	c:documents and settingsjivkoApplication DataMicrosoftInstaller{7CD9421E-4FDF-4833-A5F0-1F0FAB476629}NewShortcut21_7CD9421E4FDF4833A5F01F0FAB476629.exe2014-01-26 10:42 . 2013-01-27 08:42	40960	----a-r-	c:documents and settingsjivkoApplication DataMicrosoftInstaller{7CD9421E-4FDF-4833-A5F0-1F0FAB476629}NewShortcut2_7CD9421E4FDF4833A5F01F0FAB476629.exe2014-01-23 16:49 . 2014-01-23 16:49	161	----a-w-	C:Delme.bat..(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_LOCAL_MACHINESOFTWARE~Browser Helper Objects{10921475-03CE-4E04-90CE-E2E7EF20C814}]2014-04-13 09:51	752448	----a-w-	c:program filesIObitIObit UninstallerUninstallExplorer32.dll.[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]"{10921475-03CE-4E04-90CE-E2E7EF20C814}"= "c:program filesIObitIObit UninstallerUninstallExplorer32.dll" [2014-04-13 752448].[HKEY_CLASSES_ROOTclsid{10921475-03ce-4e04-90ce-e2e7ef20c814}][HKEY_CLASSES_ROOTUninstallExplorer32.ExplorerBtn].[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOTCLSID{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-09-10 23:54	131248	----a-w-	c:documents and settingsjivkoApplication DataDropboxbinDropboxExt.22.dll.[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOTCLSID{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-09-10 23:54	131248	----a-w-	c:documents and settingsjivkoApplication DataDropboxbinDropboxExt.22.dll.[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOTCLSID{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-09-10 23:54	131248	----a-w-	c:documents and settingsjivkoApplication DataDropboxbinDropboxExt.22.dll.[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt4]@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOTCLSID{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]2013-09-10 23:54	131248	----a-w-	c:documents and settingsjivkoApplication DataDropboxbinDropboxExt.22.dll.[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]"GoogleChromeAutoLaunch_391185D95CC2064269C2A988A8D5B391"="c:program filesGoogleChromeApplicationchrome.exe" [2014-04-02 841032]"Style Jukebox"="d:viva jukeboxStyle Jukebox.exe" [2014-02-27 8739840]"ctfmon.exe"="c:windowssystem32ctfmon.exe" [2008-04-14 15360].[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]"IgfxTray"="c:windowssystem32igfxtray.exe" [2009-04-29 141336]"HotKeysCmds"="c:windowssystem32hkcmd.exe" [2009-04-29 173592]"Persistence"="c:windowssystem32igfxpers.exe" [2009-04-29 142872]"HDAudDeck"="c:program filesVIAVIAudioiHDADeckHDeck.exe" [2009-04-06 33603584]"REGSHAVE"="c:program filesREGSHAVEREGSHAVE.EXE" [2002-02-04 53248]"GUCI_AVS"="c:windowsPixArtPAP7501GUCI_AVS.exe" [2007-12-10 323584]"PACTray"="c:windowsPixArtPAP7501PACTray.exe" [2008-11-14 319488]"NetWatcherPro"="c:program filesNetWatcherProNetWatcherPro.exe" [1998-04-20 524288]"NvMediaCenter"="c:windowssystem32NvMcTray.dll" [2010-10-16 110696]"NvCplDaemon"="c:windowssystem32NvCpl.dll" [2010-10-16 13851752]"nwiz"="c:program filesNVIDIA CorporationnViewnwiz.exe" [2010-08-25 1753192]"avgnt"="c:program filesAviraAntiVir Desktopavgnt.exe" [2014-03-13 689744]"Intel AppUp(R) center"="d:nestizaIntel appUpIntelAppStorebinismagent.exe" [2013-07-04 156000]"Ad-Aware Browsing Protection"="c:documents and settingsAll UsersApplication DataAd-Aware Browsing Protectionadawarebp.exe" [2013-01-31 542632]"COMODO Internet Security"="c:program filesCOMODOCOMODO Internet Securitycistray.exe" [2014-03-25 1225944]"Intel AppUp(R) center Systray"="d:nestizaIntel appUpIntelAppStorebinAppUp.exe" [2013-07-04 928992]"SunJavaUpdateSched"="c:program filesCommon FilesJavaJava Updatejusched.exe" [2013-07-02 254336]"LogMeIn Hamachi Ui"="d:hama4ihamachi-2-ui.exe" [2014-02-26 3814736]"DAEMON Tools Lite"="d:dtlDAEMON Tools LiteDTLite.exe" [2013-08-01 3673696].[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]"CTFMON.EXE"="c:windowssystem32CTFMON.EXE" [2008-04-14 15360]"GoogleChromeAutoLaunch_BB7E6CE705E9E15ABCB72D3060D30B1F"="c:program filesGoogleChromeApplicationchrome.exe" [2014-04-02 841032].c:documents and settingsjivkoStart MenuProgramsStartupDropbox.lnk - c:documents and settingsjivkoApplication DataDropboxbinDropbox.exe /systemstartup [2014-1-3 30714328].c:documents and settingsAll UsersStart MenuProgramsStartupFlexType 2K.lnk - c:windowsDatecsFlex2K.exe [2009-11-10 151552].[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]"ConsentPromptBehaviorAdmin"= 0 (0x0)"ConsentPromptBehaviorUser"= 0 (0x0)"EnableInstallerDetection"= 0 (0x0)"EnableSecureUIAPaths"= 0 (0x0)"EnableVirtualization"= 0 (0x0)"PromptOnSecureDesktop"= 0 (0x0).[hkey_local_machinesoftwaremicrosoftwindowscurrentversionexplorerShellExecuteHooks]"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:program filesSUPERAntiSpywareSASSEH.DLL" [2011-08-04 113024].[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal!SASCORE]@="".[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalAd-Aware Service]@="Ad-Aware Service".[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalhitmanpro37]@="".[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalhitmanpro37.sys]@="".[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMSIServer]@="Service".[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]@="Driver".[HKLM~startupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]path=c:documents and settingsAll UsersStart MenuProgramsStartupMicrosoft Office.lnkbackup=c:windowspssMicrosoft Office.lnkCommon Startup.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAdobe Reader Speed Launcher]2008-01-11 20:16	39792	----a-w-	c:program filesAdobeReader 8.0Readerreader_sl.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAkamai NetSession Interface]2014-03-06 04:18	4672920	----a-w-	c:documents and settingsjivkoLocal SettingsApplication DataAkamainetsession_win.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregBlueStacks Agent]2013-12-20 14:45	807696	----a-w-	c:program filesBlueStacksHD-Agent.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregGB_UPDATE]2013-06-05 14:37	2051688	----a-w-	d:razer game boosterAutoUpdate.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregGrooveMonitor]2008-10-25 09:44	31072	----a-w-	d:office12GrooveMonitor.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregIntel AppUp(R) center Systray]2013-07-04 20:46	928992	----a-w-	d:nestizaIntel appUpIntelAppStorebinAppUp.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregKeePass 2 PreLoad]2013-07-20 07:26	2010624	----a-w-	d:keepass password safe 2KeePass.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]2008-04-14 03:42	1695232	------w-	c:program filesMessengermsmsgs.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]2001-07-09 09:50	155648	----a-w-	c:windowssystem32NeroCheck.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSunJavaUpdateSched]2013-07-02 07:16	254336	----a-w-	c:program filesCommon FilesJavaJava Updatejusched.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSUPERAntiSpyware]2014-02-01 07:10	5625624	----a-w-	c:program filesSUPERAntiSpywareSUPERANTISPYWARE.EXE.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupreguTorrent]2010-08-17 09:55	327472	----a-w-	c:program filesuTorrentuTorrent.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregWinampAgent]2001-03-03 02:26	7680	----a-w-	c:program filesWinampwinampa.exe.[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]"wuauserv"=2 (0x2)"wscsvc"=3 (0x3).[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]"%windir%system32sessmgr.exe"="%windir%Network Diagnosticxpnetdiag.exe"="c:Program FilesuTorrentuTorrent.exe"="c:WINDOWSsystem32PnkBstrA.exe"="c:WINDOWSsystem32PnkBstrB.exe"="c:Program FilesOperaopera.exe"="c:Program FilesGoogleGoogle Earthclientgoogleearth.exe"="c:Program FilesMozilla Firefoxplugin-container.exe"="c:Program FilesBohemia InteractiveArmA 2 Operation Arrowheadarma2OA.exe"="c:Program FilesUbisoftGearbox SoftwareBrothers in Arms - Hell's HighwayBinariesbiahh.exe"="c:Program FilesCall of DutyCoDMP.exe"="d:gamesNew Folder (2)BF2.exe"="d:gamesbfvietnam.exe"="c:Program FilesElectronic ArtsBattlefield Bad Company 2BFBC2Updater.exe"="c:Program FilesElectronic ArtsBattlefield Bad Company 2BFBC2Game.exe"="d:gamesBFP4FBFP4f.exe"="c:WINDOWSsystem32javaw.exe"="d:NestizaIntel appUpIntelAppStorebinismagent.exe"="c:Program FilesJavajre7binjavaw.exe"="d:WarframeDownloadedPublicToolsLauncher.exe"="d:WarframeDownloadedPublicWarframe.x64.exe"="c:Documents and SettingsjivkoLocal SettingsApplication DataAkamainetsession_win.exe"="d:World_of_TanksWoTLauncher.exe"="c:Documents and SettingsjivkoApplication DataDropboxbinDropbox.exe"="d:APBAPB ReloadedBinariesAPB.exe"="d:APBAPB ReloadedBinariesVivoxVoiceService.exe"="d:WarframeDownloadedPublicToolsRemoteCrashSender.exe"="d:CShl.exe"="c:Program FilesUbisoftUbisoft Game LauncherUbisoftGameLauncher.exe"="d:Assassins Creed RevelationsACRSP.exe"="d:SteamSteam.exe"="d:SteamSteamAppscommonVector Demolaunch.exe"="c:Documents and SettingsAll UsersApplication DataElectronic ArtsNeed For Speed WorldDatanfsw.exe"="d:SteamSteamAppscommon8BitMMOjrebinjavaw.exe"="d:nfSUnderGroundNeed For Speed Underground 2 Portable - [Espera]speed2.exe"="d:Office12OUTLOOK.EXE"="d:Office12GROOVE.EXE"="d:Office12ONENOTE.EXE"="c:WINDOWSsystem32dpvsetup.exe"="c:Program FilesFreeFileViewerFFVCheckForUpdates.exe"="c:Program FilesSkypePhoneSkype.exe"="d:Rockstar Games Social ClubRGSCLauncher.exe"="d:ШешяGTA4 FULL RIPNew FolderR.GGrand Theft Auto IVGTAIV.exe"="d:Program FilesGSC World PublishingС.Т.А.Л.К.Е.Р. - Чистое НебоbinxrEngine.exe"="d:Program FilesGSC World PublishingС.Т.А.Л.К.Е.Р. - Чистое НебоbindedicatedxrEngine.exe"=.[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList]"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management .R0 gfibto;gfibto;c:windowssystem32driversgfibto.sys [28.3.2013 і. 17:51 13560]R0 SmartDefragDriver;SmartDefragDriver;c:windowssystem32driversSmartDefragDriver.sys [13.2.2014 і. 15:37 15808]R0 sptd;sptd;SystemRootSystemRootSystem32Driverssptd.sys --> SystemRootSystemRootSystem32Driverssptd.sys [?]R1 appdrv01;Application Driver (01);c:windowssystem32driversappdrv01.sys [14.2.2014 і. 16:03 3332784]R1 avkmgr;avkmgr;c:windowssystem32driversavkmgr.sys [03.10.2012 і. 14:50 37352]R1 cmderd;COMODO Internet Security Eradication Driver;c:windowssystem32driverscmderd.sys [15.4.2013 і. 18:39 15704]R1 cmdGuard;COMODO Internet Security Driver;c:windowssystem32driverscmdGuard.sys [15.4.2013 і. 18:39 607448]R1 cmdHlp;COMODO Internet Security Helper Driver;c:windowssystem32driverscmdhlp.sys [15.4.2013 і. 18:39 29912]R1 SASDIFSV;SASDIFSV;c:program filesSUPERAntiSpywareSASDIFSV.SYS [17.2.2010 і. 21:25 12880]R1 SASKUTIL;SASKUTIL;c:program filesSUPERAntiSpywareSASKUTIL.SYS [10.5.2010 і. 21:41 67664]R2 !SASCORE;SAS Core Service;c:program filesSUPERAntiSpywareSASCORE.EXE [29.6.2010 і. 20:48 116608]R2 AntiVirSchedulerService;Avira Scheduler;c:program filesAviraAntiVir Desktopsched.exe [03.10.2012 і. 14:47 440400]R2 BstHdDrv;BlueStacks Hypervisor;c:program filesBlueStacksHD-Hypervisor-x86.sys [20.12.2013 і. 17:44 106256]R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:program filesBlueStacksHD-LogRotatorService.exe [20.12.2013 і. 17:44 385808]R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:hama4ihamachi-2.exe -s --> d:hama4ihamachi-2.exe -s [?]R2 LiveUpdateSvc;LiveUpdate;c:program filesIObitLiveUpdateLiveUpdate.exe [27.11.2013 і. 14:04 2151200]R2 MBAMScheduler;MBAMScheduler;d:malwarebytes anti-malwarembamscheduler.exe [15.4.2014 і. 17:52 1809720]R3 GUCI_AVS;Canyon USB2.0 PC Camera;c:windowssystem32driversGUCI_AVS.sys [12.9.2010 і. 14:05 580992]R3 MBAMProtector;MBAMProtector;c:windowssystem32driversmbam.sys [15.4.2014 і. 17:52 23256]R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:windowssystem32driversviahduaa.sys [10.11.2009 і. 16:17 1086208]S2 appdrvrem01;Application Driver Auto Removal Service (01);c:windowsSystem32appdrvrem01.exe svc --> c:windowsSystem32appdrvrem01.exe svc [?]S2 BstHdAndroidSvc;BlueStacks Android Service;c:program filesBlueStacksHD-Service.exe [20.12.2013 і. 17:43 402192]S2 MBAMService;MBAMService;d:malwarebytes anti-malwarembamservice.exe [15.4.2014 і. 17:52 857912]S2 SkypeUpdate;Skype Updater;c:program filesSkypeUpdaterUpdater.exe [23.10.2013 і. 09:15 172192]S3 CBPMp50;CBPMp50 NDIS Protocol Driver;c:windowssystem32DriversCBPMp50.sys --> c:windowssystem32DriversCBPMp50.sys [?]S3 CBPSp50;CBPSp50 NDIS Protocol Driver;c:windowssystem32driversCBPSp50.sys [03.10.2012 і. 01:03 27072]S3 cmdvirth;COMODO Virtual Service Manager;c:program filesComodoCOMODO Internet Securitycmdvirth.exe [15.4.2013 і. 18:38 1663192]S3 FairplayKD;FairplayKD;??c:documents and settingsAll UsersApplication DataMTA San Andreas AllCommontempFairplayKD.sys --> c:documents and settingsAll UsersApplication DataMTA San Andreas AllCommontempFairplayKD.sys [?]S3 gfiark;gfiark;c:windowssystem32driversgfiark.sys [28.3.2013 і. 23:01 41584]S3 MBAMSwissArmy;MBAMSwissArmy;c:windowssystem32driversMBAMSwissArmy.sys [15.4.2014 і. 17:53 107736]S3 Sony PC Companion;Sony PC Companion;c:program filesSonySony PC CompanionPCCService.exe [23.3.2014 і. 18:14 155824]S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:windowssystem32driversVBoxNetAdp.sys [18.12.2013 і. 18:38 114960]S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:windowssystem32DRIVERSVBoxNetFlt.sys --> c:windowssystem32DRIVERSVBoxNetFlt.sys [?].[HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled components{8A69D345-D564-463c-AFF1-A69D9E530F96}]2014-04-10 15:13	1077576	----a-w-	c:program filesGoogleChromeApplication34.0.1847.116Installerchrmstp.exe.Contents of the 'Scheduled Tasks' folder.2014-04-21 c:windowsTasksAdobe Flash Player Updater.job- c:windowssystem32MacromedFlashFlashPlayerUpdateService.exe [2012-03-29 18:21].2014-04-21 c:windowsTasksCOMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job- c:program filesCOMODOCOMODO Internet Securitycfpconfg.exe [2013-04-15 13:19].2014-04-21 c:windowsTasksCOMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job- c:program filesCOMODOCOMODO Internet Securitycfpconfg.exe [2013-04-15 13:19].2014-04-21 c:windowsTasksFreeFileViewerUpdateChecker.job- c:program filesFreeFileViewerFFVCheckForUpdates.exe [2014-02-14 15:24].2014-04-21 c:windowsTasksGoogleUpdateTaskMachineCore.job- c:program filesGoogleUpdateGoogleUpdate.exe [2009-12-05 16:43].2014-04-21 c:windowsTasksGoogleUpdateTaskMachineUA.job- c:program filesGoogleUpdateGoogleUpdate.exe [2009-12-05 16:43].2014-04-21 c:windowsTasksMicrosoft Windows XP End of Service Notification Logon.job- c:windowssystem32xp_eos.exe [2014-04-11 01:59].2014-04-12 c:windowsTasksMicrosoft Windows XP End of Service Notification Monthly.job- c:windowssystem32xp_eos.exe [2014-04-11 01:59].2014-04-21 c:windowsTasksSmartDefrag3_Update.job- c:program filesIObitSmart Defrag 3AutoUpdate.exe [2014-02-13 17:01].2014-04-21 c:windowsTasksWGASetup.job- c:windowssystem32KB905474wgasetup.exe [2013-02-28 20:18]..------- Supplementary Scan -------.uStart Page = hxxp://www.google.bg/uInternet Connection Wizard,ShellNext = iexploreuInternet Settings,ProxyOverride = <local>uSearchAssistant = hxxp://www.google.com/ieuSearchURL,(Default) = hxxp://www.google.com/search?q=%sIE: &Експортиране към Microsoft Excel - d:office12EXCEL.EXE/3000IE: Е&кспортирай в Microsoft Excel - c:progra~1MICROS~2Office10EXCEL.EXE/3000IE: {{2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - c:program filesAdTrustMediaPrivDog2.1.0.19trustedads.dllTCP: DhcpNameServer = 192.168.1.1FF - ProfilePath - c:documents and settingsjivkoApplication DataMozillaFirefoxProfilesib2hakcz.default..**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2014-04-21 20:20Windows 5.1.2600 Service Pack 3 NTFS.detected NTDLL code modification:ZwClose.scanning hidden processes ...  .scanning hidden autostart entries ... .HKLMSoftwareMicrosoftWindowsCurrentVersionRun  HDAudDeck = c:program filesVIAVIAudioiHDADeckHDeck.exe 1???????????????????????????????????????????????? .scanning hidden files ...  .scan completed successfullyhidden files: 0.**************************************************************************.--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINEsoftwareClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:WINDOWSsystem32MacromedFlashFlashUtil32_12_0_0_77_ActiveX.exe,-101".[HKEY_LOCAL_MACHINEsoftwareClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINEsoftwareClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32]@="c:WINDOWSsystem32MacromedFlashFlashUtil32_12_0_0_77_ActiveX.exe".[HKEY_LOCAL_MACHINEsoftwareClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINEsoftwareClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINEsoftwareClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINEsoftwareClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINEsoftwareCOMODOCISInstallerSym_CamCIS]"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,.[HKEY_LOCAL_MACHINESystemControlSet005ServicescmdAgentModeConfigurations]"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,.[HKEY_LOCAL_MACHINESystemControlSet005ServicescmdAgentModeData]"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,.[HKEY_LOCAL_MACHINESystemControlSet005ServicescmdAgentModeOptions]"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,.[HKEY_LOCAL_MACHINESystemSoftwareCOMODOCam]"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,.[HKEY_LOCAL_MACHINESystemSoftwareCOMODOFirewall Pro]"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,.[HKEY_LOCAL_MACHINESystemVritualRootMACHINESoftwareCLASSESCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker".[HKEY_LOCAL_MACHINESystemVritualRootMACHINESoftwareCLASSESCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINESystemVritualRootMACHINESoftwareCLASSESCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".--------------------- DLLs Loaded Under Running Processes ---------------------.- - - - - - - > 'lsass.exe'(992)c:windowssystem32guard32.dllc:windowssystem32mswsock.dllc:windowsSystem32wshtcpip.dll.- - - - - - - > 'explorer.exe'(4368)c:windowssystem32WININET.dllc:windowssystem32guard32.dllc:documents and settingsAll UsersApplication DataAd-Aware Browsing Protectionadawarebp.dllc:windowssystem32newdll.dllc:documents and settingsjivkoApplication DataDropboxbinDropboxExt.22.dllc:windowsWinSxSx86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989MSVCR80.dllc:windowssystem32msi.dllc:windowssystem32ieframe.dllc:windowssystem32webcheck.dllc:windowssystem32WPDShServiceObj.dllc:windowssystem32PortableDeviceTypes.dllc:windowssystem32PortableDeviceApi.dllc:windowssystem32WS2_32.dllc:windowssystem32WS2HELP.dll.- - - - - - - > 'csrss.exe'(904)c:windowssystem32cmdcsr.dll.------------------------ Other Running Processes ------------------------.c:windowssystem32nvsvc32.exec:program filesCOMODOCOMODO Internet Securitycmdagent.exec:program filesGoogleUpdate1.3.23.9GoogleCrashHandler.exec:program filesAviraAntiVir Desktopavguard.exec:windowssystem32RUNDLL32.EXEc:program filesJavajre7binjqs.exed:hama4iLMIGuardianSvc.exec:documents and settingsjivkoApplication DataDropboxbinDropbox.exec:windowssystem32PnkBstrA.exed:hama4ihamachi-2.exed:hama4iLMIGuardianSvc.exec:windowssystem32wscntfy.exec:program filesAviraAntiVir Desktopavshadow.exec:windowsMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exec:program filesCOMODOCOMODO Internet Securitycavwp.exec:program filesCOMODOCOMODO Internet Securitycis.exec:program filesCommon FilesJavaJava Updatejucheck.exe.**************************************************************************.Completion time: 2014-04-21  20:25:05 - machine was rebootedComboFix-quarantined-files.txt  2014-04-21 17:25ComboFix2.txt  2014-04-21 12:49.Pre-Run: 11 878 649 856 bytes freePost-Run: 11 699 195 904 bytes free.- - End Of File - - 9F8CC02479669762AEEC3FAD785E37E38F558EB6672622401DA993E1E865C861

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Логът изглежда добре..Да направим контролни сканирания и приключваме..:

 

 

1.Изтеглете Hitman Pro.

  • [*]За
32-битова система - Публикувано изображение. [*]За 64-битова система - Публикувано изображение

2.Стартирайте програмата.
3.След като сте стартирали програмата като кликнете върху иконата Публикувано изображение и натиснете бутона „Напред“ като се съгласите с лицензионното споразумение (EULA).
4.Сложете отметка пред "Не, искам да завърша еднократно сканиране на компютъра".
5.Натиснете бутона „Напред“.
6.Програмата ще започне да сканира. Времето за сканиране е около 2 минути.
7.След завършване на сканирането от списъка с намерените неща (ако има такива) изберете Apply to all => Ignore.
8.Натиснете "Next" и след това натиснете "Изнеси резултата в XML file" и запазете лог файла на десктопа.
9.Архивирайте файла и го прикачете в следващия си коментар или копирайте съдържанието му в следващия си коментар.
Забележка: Ако няма падащо меню, където да изберете ignore както на снимката
:
Публикувано изображение

...тогава просто затворете програмата след края на проверката (без да премахвате нищо)...след това отворете C:ProgramdataHitmanProLogs, отворете и публикувайте съдържанието на лог файла в следващия си коментар.

 

 

 

 

Публикувано изображение Изтеглете програмата: ESET Online Scanner

  • [*]Стартирайте esetsmartinstaller_enu.exe
Публикувано изображение [*]Сложете отметка на YES, I accept the Terms of Use и изберете Start:

  • [*]
Публикувано изображение

  • [*]Скенерът ще започне да изтегля компонентите, които са му необходими:

  • [*]
Публикувано изображение

Уверете се, че е премахната отметката от:

  • [*]
Remove found threats

Уверете се че са маркирани следните позиции:

  • [*]
Scan Archives

Кликнете върху Advanced Settings и маркирайте следните опции:

  • [*]
Scan for potentially unwanted applications [*]Scan for potentially unsafe applications [*]Enable Anti-Stealth Technology

Накрая изберете Start
Скенерът ще започне да изтегля последните дефиниции и ще започне сканиране на вашия компютър.
Моля, бъдете търпеливи, тъй като това може да отнеме известно време.

  • [*]След, като сканирането завърши кликнете на
List of found threats. [*]Щракнете върху Export, и запишете файла на вашия работен плот с  име  ESETScan. Копирайте съдържанието на този доклад, в следващия си отговор. [*]Изберете бутона Back. [*]Изберете бутона Finish.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Копирайте текста в карето на notepad и го запазвате с име CFScript.txt на десктопа си:
 

KILLALL::File::C:Documents and SettingsjivkoApplication DataIObitAdvanced SystemCare V7DiskCleaner~tmp.exeC:Documents and SettingsjivkoMy DocumentsDownloadsFreeFileViewerSetup [1].exeC:System Volume Information_restore{8528AD9F-4904-4E0C-9EF2-0231909D1EEF}RP1185A0232215.exe    C:System Volume Information_restore{8528AD9F-4904-4E0C-9EF2-0231909D1EEF}RP1185A0232217.exe   C:System Volume Information_restore{8528AD9F-4904-4E0C-9EF2-0231909D1EEF}RP1185A0232218.exe    C:System Volume Information_restore{8528AD9F-4904-4E0C-9EF2-0231909D1EEF}RP1185A0232224.dll   C:System Volume Information_restore{8528AD9F-4904-4E0C-9EF2-0231909D1EEF}RP1185A0232225.exe  C:System Volume Information_restore{8528AD9F-4904-4E0C-9EF2-0231909D1EEF}RP1188A0232762.exe C:WINDOWSInstalleree0f20.msi   

След съхранението преместете  CFScript.txt на иконата на ComboFix.exe

Публикувано изображение

Генерирания рапорт копирайте  и го поставете в следващия си коментар...!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

×
×
  • Добави ново...