bojko452
-
Брой теми
28 -
Регистрация
-
Последно посещение
bojko452's Achievements
Новобранец (1/14)
0
Репутация в общността
-
Здравейте, приятели.! Значи имам много странен вирус. Почвам да тегля торент от маймунката почвам да го тегля с 4-5 МБ/сек. след 20-30 секунди от 4-5 МБ пада на 10 КБ? Моля помогнете
-
Съмнения за вирус
bojko452 replied to bojko452's тема in Компютърна сигурност и защита от зловреден код
Е ако нямам вирус на какво се дължи проблема? -
Съмнения за вирус
bojko452 replied to bojko452's тема in Компютърна сигурност и защита от зловреден код
Как се стартира това нещо? : Safe Mode with Networking -
Здравейте, отново. Значи когато пусна някой хак в играта просто не работи ... във сервер с anti cheat система... някой били ми казал хак който би работил?
-
Съмнения за вирус
bojko452 replied to bojko452's тема in Компютърна сигурност и защита от зловреден код
OTL: OTL logfile created on: 3.1.2012 г. 21:57:44 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\B-boy\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000402 | Country: България | Language: BGR | Date Format: d.M.yyyy 'г.' 2,00 Gb Total Physical Memory | 1,26 Gb Available Physical Memory | 63,26% Memory free 4,00 Gb Paging File | 2,90 Gb Available in Paging File | 72,57% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 16,70 Gb Free Space | 34,20% Space Free | Partition Type: NTFS Drive D: | 416,92 Gb Total Space | 278,68 Gb Free Space | 66,84% Space Free | Partition Type: NTFS Drive F: | 6,32 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: B-BOY-PC | User Name: B-boy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days ========== Processes (SafeList) ========== PRC - C:\Users\B-boy\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files\Opera\opera.exe (Opera Software) PRC - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com) PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll () MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll () MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL () MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll () MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll () MOD - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf () ========== Win32 Services (SafeList) ========== SRV - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software) SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com) SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation) SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (aswFW) -- C:\Windows\System32\drivers\aswFW.sys (AVAST Software) DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software) DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswNdis2) -- C:\Windows\System32\drivers\aswNdis2.sys (AVAST Software) DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software) DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software) DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software) DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (aswNdis) -- C:\Windows\system32\DRIVERS\aswNdis.sys (ALWIL Software) DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (speedfan) -- C:\Windows\system32\speedfan.sys (Almico Software) DRV - (vmbus) -- C:\Windows\system32\drivers\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\system32\drivers\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\system32\drivers\storvsc.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\system32\drivers\VMBusHID.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\system32\drivers\vms3cap.sys (Microsoft Corporation) DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation) DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation) DRV - (giveio) -- C:\Windows\system32\giveio.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-932158286-1761716740-2224712450-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-21-932158286-1761716740-2224712450-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = bg IE - HKU\S-1-5-21-932158286-1761716740-2224712450-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 38 04 31 B5 A4 7F CC 01 [binary data] IE - HKU\S-1-5-21-932158286-1761716740-2224712450-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-932158286-1761716740-2224712450-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-21-932158286-1761716740-2224712450-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp IE - HKU\S-1-5-21-932158286-1761716740-2224712450-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = bg IE - HKU\S-1-5-21-932158286-1761716740-2224712450-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 38 04 31 B5 A4 7F CC 01 [binary data] IE - HKU\S-1-5-21-932158286-1761716740-2224712450-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.01.01 18:16:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.12.25 15:39:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.25 15:39:49 | 000,000,000 | ---D | M] [2011.09.30 21:20:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\B-boy\AppData\Roaming\mozilla\Extensions [2011.12.30 22:17:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\B-boy\AppData\Roaming\mozilla\Firefox\Profiles\bijwnhum.default\extensions [2011.12.28 15:46:46 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\B-boy\AppData\Roaming\mozilla\Firefox\Profiles\bijwnhum.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011.09.30 21:20:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2012.01.01 18:16:57 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2011.03.18 19:55:01 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.11.03 08:59:20 | 000,917,816 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll [2010.01.01 10:00:00 | 000,001,083 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\911bg.xml [2010.01.01 10:00:00 | 000,002,442 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\diribg.xml [2010.01.01 10:00:00 | 000,001,515 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pe-bg.xml [2010.01.01 10:00:00 | 000,001,857 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\portalbgdict.xml [2010.01.01 10:00:00 | 000,001,220 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-bg.xml O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [bCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [TaskTray] File not found O4 - HKU\S-1-5-21-932158286-1761716740-2224712450-1000..\Run: [bitComet] "C:\Program Files\BitComet\BitComet.exe" /tray File not found O4 - HKU\S-1-5-21-932158286-1761716740-2224712450-1000..\Run: [bitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent, Inc.) O4 - HKU\S-1-5-21-932158286-1761716740-2224712450-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-932158286-1761716740-2224712450-1000..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - HKU\S-1-5-21-932158286-1761716740-2224712450-1003..\Run: [bitComet] "C:\Program Files\BitComet\BitComet.exe" /tray File not found O4 - HKU\S-1-5-21-932158286-1761716740-2224712450-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-932158286-1761716740-2224712450-1003..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - HKU\S-1-5-21-932158286-1761716740-2224712450-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-932158286-1761716740-2224712450-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-932158286-1761716740-2224712450-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-932158286-1761716740-2224712450-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-932158286-1761716740-2224712450-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: &Експортиране към Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: &Изпрати към OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found O9 - Extra Button: Изпрати към OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Изпрати към OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: &Свързани бележки на OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Свързани бележки на OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E4C8561-28ED-4651-90A5-806F110D2E85}: NameServer = 192.168.111.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010.09.10 23:33:59 | 000,000,000 | R--D | M] - F:\AutoRun -- [ UDF ] O32 - AutoRun File - [2010.09.10 23:34:03 | 000,439,056 | R--- | M] (Electronic Arts) - F:\AutoRun.exe -- [ UDF ] O32 - AutoRun File - [2010.09.10 23:34:02 | 007,864,832 | R--- | M] () - F:\autorun.dat -- [ UDF ] O32 - AutoRun File - [2010.09.10 23:33:38 | 000,000,141 | R--- | M] () - F:\autorun.inf -- [ UDF ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpReg: Malwarebytes' Anti-Malware (reboot) - hkey= - key= - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) MsConfig - State: "startup" - 2 SafeBootMin: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com) SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com) SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ========== Files/Folders - Created Within 90 Days ========== [2012.01.03 21:56:13 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\B-boy\Desktop\OTL.exe [2012.01.02 00:56:51 | 000,000,000 | ---D | C] -- C:\Users\B-boy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live for Speed (5) [2012.01.02 00:55:44 | 000,000,000 | ---D | C] -- C:\LFS [2012.01.01 18:17:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security [2012.01.01 18:17:29 | 000,314,456 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2012.01.01 18:17:29 | 000,020,568 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2012.01.01 18:17:26 | 000,111,320 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys [2012.01.01 18:17:12 | 000,195,416 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys [2012.01.01 18:17:12 | 000,052,952 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2012.01.01 18:17:12 | 000,034,392 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys [2012.01.01 18:17:11 | 000,435,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys [2012.01.01 18:17:11 | 000,055,128 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2012.01.01 18:16:56 | 000,199,816 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2012.01.01 18:16:56 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2012.01.01 18:16:56 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys [2012.01.01 18:16:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012.01.01 16:14:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\QuickTime [2011.12.30 20:34:51 | 000,000,000 | ---D | C] -- C:\Users\B-boy\AppData\Roaming\Leadertech [2011.12.30 01:15:22 | 000,000,000 | ---D | C] -- C:\Program Files\BitTorrent [2011.12.30 01:15:02 | 000,000,000 | ---D | C] -- C:\Users\B-boy\AppData\Roaming\BitTorrent [2011.12.30 01:14:56 | 006,053,744 | ---- | C] (BitTorrent, Inc.) -- C:\Users\B-boy\Documents\BitTorrent-7.6.exe [2011.12.29 09:55:21 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2011.12.29 09:55:05 | 003,319,400 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2011.12.29 09:55:05 | 002,359,400 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2011.12.29 09:55:05 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll [2011.12.29 09:55:05 | 001,497,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2011.12.29 09:55:05 | 001,378,920 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2011.12.29 09:55:05 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll [2011.12.29 09:55:05 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2011.12.29 09:55:05 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll [2011.12.29 09:55:05 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll [2011.12.29 09:55:05 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll [2011.12.29 09:55:05 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll [2011.12.29 09:55:05 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll [2011.12.29 09:55:05 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2011.12.29 09:55:05 | 000,083,560 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInstII.dll [2011.12.29 09:55:05 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll [2011.12.29 09:55:05 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll [2011.12.29 09:55:05 | 000,013,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoLDR.dll [2011.12.29 09:55:04 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll [2011.12.29 09:55:04 | 000,749,144 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBAPO32.dll [2011.12.29 09:55:04 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll [2011.12.29 09:55:04 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll [2011.12.29 09:55:04 | 000,053,848 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBppld32.dll [2011.12.29 09:55:04 | 000,050,776 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBPPCn32.dll [2011.12.29 09:55:03 | 001,740,352 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2011.12.29 09:55:03 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll [2011.12.29 09:55:03 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll [2011.12.29 00:43:52 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2011.12.29 00:41:48 | 000,070,232 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBWrp32.dll [2011.12.29 00:34:57 | 000,000,000 | ---D | C] -- C:\Users\B-boy\AppData\Local\ElevatedDiagnostics [2011.12.29 00:34:33 | 000,000,000 | ---D | C] -- C:\Users\B-boy\AppData\Local\ApplicationHistory [2011.12.29 00:30:41 | 000,000,000 | ---D | C] -- C:\Users\B-boy\Documents\DriverGenius [2011.12.29 00:29:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius Professional Edition [2011.12.29 00:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft [2011.12.29 00:16:36 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverGenius [2011.12.29 00:09:33 | 000,427,864 | ---- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) -- C:\Windows\System32\XceedZip.dll [2011.12.29 00:09:32 | 001,686,016 | ---- | C] (Clever Components) -- C:\Windows\System32\clinetsuitex6.ocx [2011.12.27 12:04:46 | 000,000,000 | ---D | C] -- C:\Users\B-boy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex [2011.12.26 22:36:04 | 000,000,000 | ---D | C] -- C:\Program Files\Valve [2011.12.26 19:46:53 | 000,000,000 | ---D | C] -- C:\Program Files\Мастер Визиток [2011.12.26 17:36:33 | 000,000,000 | ---D | C] -- C:\Users\B-boy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BusinessCards MX [2011.12.26 17:36:08 | 000,000,000 | ---D | C] -- C:\Users\B-boy\AppData\Roaming\mojosoft [2011.12.26 17:36:08 | 000,000,000 | ---D | C] -- C:\Program Files\mojosoft [2011.12.26 17:36:08 | 000,000,000 | ---D | C] -- C:\Users\B-boy\Documents\BusinessCardsMX templates [2011.12.26 17:33:48 | 092,000,504 | ---- | C] (mojosoft ) -- C:\Users\B-boy\Documents\BusinessCardsMX-setup.exe [2011.12.25 21:22:11 | 000,000,000 | ---D | C] -- C:\Downloads [2011.12.24 13:05:05 | 000,000,000 | ---D | C] -- C:\Users\B-boy\AppData\Local\BitTorrent [2011.12.24 12:37:03 | 000,000,000 | ---D | C] -- C:\Users\B-boy\AppData\Roaming\BitComet [2011.12.19 16:15:36 | 014,935,896 | ---- | C] (Foxit Corporation ) -- C:\Users\B-boy\Documents\FoxitReader513.1201_enu_Setup.exe [2011.12.03 22:38:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aerosoft [2011.12.03 22:38:42 | 000,000,000 | ---D | C] -- C:\Program Files\Aerosoft [2011.12.01 14:20:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XviD [2011.12.01 14:01:20 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2011.11.28 15:06:56 | 000,000,000 | ---D | C] -- C:\Users\B-boy\AppData\Local\RadonLabs [2011.11.25 19:25:07 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield [2011.11.15 16:04:02 | 000,000,000 | ---D | C] -- C:\Users\B-boy\Documents\Any Video Converter [2011.11.15 16:03:56 | 000,000,000 | ---D | C] -- C:\Users\B-boy\AppData\Roaming\AnvSoft [2011.11.15 16:03:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft [2011.11.15 16:03:39 | 000,000,000 | ---D | C] -- C:\Program Files\AnvSoft [2011.11.10 17:16:58 | 000,000,000 | ---D | C] -- C:\Program Files\Total Video Converter [2011.11.10 17:07:43 | 000,045,056 | ---- | C] (DGPDev) -- C:\Windows\System32\CxxProgressBar.ocx [2011.11.10 16:49:53 | 000,000,000 | ---D | C] -- C:\Users\B-boy\AppData\Roaming\TeamViewer [2011.11.08 19:08:05 | 000,000,000 | ---D | C] -- C:\Users\B-boy\dwhelper [2011.11.08 13:01:51 | 000,000,000 | ---D | C] -- C:\Users\B-boy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2011.11.02 21:56:13 | 000,000,000 | ---D | C] -- C:\Windows\AutoKMS [2011.10.22 13:21:38 | 000,065,536 | ---- | C] (Beepa P/L) -- C:\Windows\System32\frapsvid.dll [2011.10.19 18:27:43 | 000,000,000 | ---D | C] -- C:\Users\B-boy\AppData\Local\Diagnostics [2011.10.19 18:26:24 | 000,000,000 | ---D | C] -- C:\Users\B-boy\AppData\Roaming\Thinstall [2011.10.18 13:52:55 | 000,000,000 | ---D | C] -- C:\Users\B-boy\Documents\Презентации [2011.10.16 17:54:31 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011.10.16 17:44:07 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011.10.16 14:38:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.10.16 14:38:07 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.10.16 14:38:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011.10.16 14:35:07 | 000,000,000 | ---D | C] -- C:\Users\B-boy\AppData\Roaming\SUPERAntiSpyware.com [2011.10.16 14:34:39 | 000,000,000 | ---D | C] -- C:\Users\B-boy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2011.10.16 14:34:36 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2011.10.16 14:34:36 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2011.10.16 12:58:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx [2011.10.16 09:16:40 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2011.10.15 21:57:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS [2011.10.15 21:57:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters [2011.10.15 21:54:05 | 019,087,360 | ---- | C] (Intel Corporation / Blue Ripple Sound Limited) -- C:\Windows\System32\mkl_blueripple.dll [2011.10.15 21:54:04 | 001,417,216 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\System32\rapture3d_oal.dll [2011.10.15 20:28:25 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL [2011.10.15 18:38:30 | 000,218,688 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2011.10.15 18:37:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2011.10.15 18:37:45 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite [2011.10.11 14:40:25 | 000,000,000 | ---D | C] -- C:\Users\B-boy\AppData\Roaming\HD Tune Pro [2011.10.11 14:40:20 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune Pro [2011.10.10 20:14:00 | 000,000,000 | ---D | C] -- C:\Fraps [2011.10.10 20:13:41 | 002,309,616 | ---- | C] (Beepa Pty Ltd) -- C:\Users\B-boy\Documents\setup.exe [2011.10.09 16:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2011.10.09 16:26:30 | 003,730,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll [2011.10.09 16:26:30 | 002,558,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll [2011.10.09 16:26:30 | 000,111,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll [2011.10.09 16:26:30 | 000,066,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll [2011.10.09 16:26:08 | 017,193,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2011.10.09 16:26:08 | 016,595,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2011.10.09 16:26:08 | 012,636,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll [2011.10.09 16:26:08 | 010,304,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2011.10.09 16:26:08 | 006,613,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll [2011.10.09 16:26:08 | 005,404,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2011.10.09 16:26:08 | 002,412,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll [2011.10.09 16:26:08 | 002,391,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2011.10.09 16:26:08 | 002,090,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2011.10.09 16:26:08 | 000,914,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll [2011.10.09 16:26:08 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2011.10.09 16:25:28 | 000,000,000 | ---D | C] -- C:\NVIDIA [2011.10.09 16:03:32 | 000,865,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322090.dll [2011.10.09 16:03:31 | 000,012,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd [2011.10.07 13:33:24 | 000,000,000 | ---D | C] -- C:\Users\B-boy\Documents\hack [2011.10.06 19:34:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt [2011.10.06 18:47:28 | 000,000,000 | ---D | C] -- C:\Users\B-boy\AppData\Local\Google [2011.10.06 18:47:21 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2011.10.06 18:45:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2011.10.06 18:45:49 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2011.10.06 18:45:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2011.10.06 18:45:38 | 000,000,000 | ---D | C] -- C:\Users\B-boy\AppData\Local\Adobe [2011.10.06 14:11:00 | 000,000,000 | ---D | C] -- C:\Users\B-boy\AppData\Roaming\EiM2CD2 [3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 90 Days ========== [2012.01.03 21:56:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\B-boy\Desktop\OTL.exe [2012.01.03 21:43:32 | 000,020,704 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.01.03 21:43:32 | 000,020,704 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.01.03 21:38:32 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job [2012.01.03 21:37:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.01.03 21:37:26 | 1610,063,872 | -HS- | M] () -- C:\hiberfil.sys [2012.01.03 10:36:52 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012.01.02 23:47:56 | 000,660,706 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.01.02 23:47:56 | 000,124,896 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.01.02 21:28:12 | 000,001,572 | ---- | M] () -- C:\Users\B-boy\Desktop\cstrike - Пряк път.lnk [2012.01.02 00:56:51 | 000,000,534 | ---- | M] () -- C:\Users\B-boy\Desktop\LFS.lnk [2012.01.01 18:17:30 | 000,001,994 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk [2012.01.01 18:17:11 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2012.01.01 16:22:16 | 000,004,608 | ---- | M] () -- C:\Users\B-boy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.01.01 16:11:54 | 039,138,304 | ---- | M] () -- C:\Users\B-boy\Documents\camtasia.msi [2011.12.30 01:15:23 | 000,000,933 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk [2011.12.30 01:14:56 | 006,053,744 | ---- | M] (BitTorrent, Inc.) -- C:\Users\B-boy\Documents\BitTorrent-7.6.exe [2011.12.29 00:34:33 | 000,000,093 | ---- | M] () -- C:\Users\B-boy\AppData\Local\fusioncache.dat [2011.12.29 00:29:39 | 000,001,165 | ---- | M] () -- C:\Users\B-boy\Desktop\Driver Genius Professional Edition.lnk [2011.12.26 17:36:33 | 000,001,180 | ---- | M] () -- C:\Users\B-boy\Desktop\BusinessCardsMX.lnk [2011.12.26 17:35:15 | 092,000,504 | ---- | M] (mojosoft ) -- C:\Users\B-boy\Documents\BusinessCardsMX-setup.exe [2011.12.19 16:15:41 | 014,935,896 | ---- | M] (Foxit Corporation ) -- C:\Users\B-boy\Documents\FoxitReader513.1201_enu_Setup.exe [2011.12.14 13:33:35 | 000,408,408 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.12.13 16:58:18 | 001,497,704 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2011.12.13 16:25:38 | 000,200,468 | ---- | M] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2011.12.13 11:01:00 | 001,698,408 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2011.12.12 17:20:18 | 000,083,560 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInstII.dll [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.12.09 20:17:55 | 004,102,653 | ---- | M] () -- C:\Users\B-boy\Desktop\100 Kila - Super Fresh.mp3 [2011.12.08 17:28:12 | 001,378,920 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2011.12.08 16:27:38 | 003,319,400 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2011.11.28 20:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011.11.28 20:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2011.11.28 19:54:38 | 000,111,320 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys [2011.11.28 19:53:53 | 000,435,032 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys [2011.11.28 19:53:35 | 000,314,456 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2011.11.28 19:53:22 | 000,195,416 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys [2011.11.28 19:52:19 | 000,034,392 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys [2011.11.28 19:52:16 | 000,052,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2011.11.28 19:52:07 | 000,055,128 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2011.11.28 19:51:50 | 000,020,568 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2011.11.28 19:26:19 | 000,012,112 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys [2011.11.22 22:08:28 | 004,386,540 | ---- | M] () -- C:\Users\B-boy\Desktop\Poli Genova - Na Inat [bulgaria] - Eurovision 2011.mp3 [2011.11.22 16:28:58 | 000,013,416 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoLDR.dll [2011.11.22 11:36:06 | 002,359,400 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2011.11.15 16:03:52 | 000,001,194 | ---- | M] () -- C:\Users\B-boy\Desktop\Any Video Converter.lnk [2011.11.10 17:06:27 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011.11.10 16:14:24 | 000,749,144 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\System32\MBAPO32.dll [2011.10.22 13:21:38 | 000,065,536 | ---- | M] (Beepa P/L) -- C:\Windows\System32\frapsvid.dll [2011.10.16 14:34:39 | 000,001,961 | ---- | M] () -- C:\Users\B-boy\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.10.15 18:38:30 | 000,218,688 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2011.10.10 20:13:50 | 002,309,616 | ---- | M] (Beepa Pty Ltd) -- C:\Users\B-boy\Documents\setup.exe [2011.10.08 10:38:46 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2011.10.06 18:43:54 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.01.03 10:36:52 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012.01.02 21:28:12 | 000,001,572 | ---- | C] () -- C:\Users\B-boy\Desktop\cstrike - Пряк път.lnk [2012.01.02 00:56:51 | 000,000,534 | ---- | C] () -- C:\Users\B-boy\Desktop\LFS.lnk [2012.01.01 18:17:30 | 000,001,994 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk [2012.01.01 16:21:26 | 000,004,608 | ---- | C] () -- C:\Users\B-boy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.01.01 16:11:18 | 039,138,304 | ---- | C] () -- C:\Users\B-boy\Documents\camtasia.msi [2011.12.30 01:15:23 | 000,000,933 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk [2011.12.29 09:55:05 | 000,200,468 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2011.12.29 00:34:33 | 000,000,093 | ---- | C] () -- C:\Users\B-boy\AppData\Local\fusioncache.dat [2011.12.29 00:29:39 | 000,001,165 | ---- | C] () -- C:\Users\B-boy\Desktop\Driver Genius Professional Edition.lnk [2011.12.26 17:36:33 | 000,001,180 | ---- | C] () -- C:\Users\B-boy\Desktop\BusinessCardsMX.lnk [2011.12.09 20:17:51 | 004,102,653 | ---- | C] () -- C:\Users\B-boy\Desktop\100 Kila - Super Fresh.mp3 [2011.11.22 22:08:25 | 004,386,540 | ---- | C] () -- C:\Users\B-boy\Desktop\Poli Genova - Na Inat [bulgaria] - Eurovision 2011.mp3 [2011.11.15 16:03:52 | 000,001,194 | ---- | C] () -- C:\Users\B-boy\Desktop\Any Video Converter.lnk [2011.11.02 21:56:13 | 000,000,266 | ---- | C] () -- C:\Windows\tasks\AutoKMS.job [2011.10.16 14:34:39 | 000,001,961 | ---- | C] () -- C:\Users\B-boy\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.10.08 10:38:46 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2011.10.01 19:26:52 | 000,003,636 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin [2011.10.01 08:35:34 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011.10.01 08:34:09 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011.09.30 20:56:08 | 000,921,665 | ---- | C] () -- C:\Windows\System32\msvcrt-ruby18.dll [2011.09.30 20:56:08 | 000,271,264 | ---- | C] () -- C:\Windows\System32\vbrun100.dll [2011.09.30 20:56:08 | 000,210,944 | ---- | C] () -- C:\Windows\System32\msvcrt10.dll [2011.09.30 20:56:08 | 000,027,136 | ---- | C] () -- C:\Windows\System32\pythonw.exe [2011.09.30 20:56:08 | 000,026,624 | ---- | C] () -- C:\Windows\System32\python.exe [2011.09.30 20:56:08 | 000,020,537 | ---- | C] () -- C:\Windows\System32\rubyw.exe [2011.09.30 20:56:08 | 000,020,536 | ---- | C] () -- C:\Windows\System32\ruby.exe [2011.08.03 02:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 06:33:53 | 000,408,408 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009.07.14 04:05:48 | 000,660,706 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009.07.14 04:05:48 | 000,124,896 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys ========== LOP Check ========== [2011.11.15 16:03:56 | 000,000,000 | ---D | M] -- C:\Users\B-boy\AppData\Roaming\AnvSoft [2011.12.30 01:08:15 | 000,000,000 | ---D | M] -- C:\Users\B-boy\AppData\Roaming\BitComet [2012.01.03 21:38:27 | 000,000,000 | ---D | M] -- C:\Users\B-boy\AppData\Roaming\BitTorrent [2011.12.30 20:27:48 | 000,000,000 | ---D | M] -- C:\Users\B-boy\AppData\Roaming\DAEMON Tools Lite [2011.10.06 14:12:01 | 000,000,000 | ---D | M] -- C:\Users\B-boy\AppData\Roaming\EiM2CD2 [2011.10.11 14:40:25 | 000,000,000 | ---D | M] -- C:\Users\B-boy\AppData\Roaming\HD Tune Pro [2011.12.30 20:34:51 | 000,000,000 | ---D | M] -- C:\Users\B-boy\AppData\Roaming\Leadertech [2011.12.26 17:36:08 | 000,000,000 | ---D | M] -- C:\Users\B-boy\AppData\Roaming\mojosoft [2011.10.04 06:58:48 | 000,000,000 | ---D | M] -- C:\Users\B-boy\AppData\Roaming\Opera [2011.11.30 15:02:36 | 000,000,000 | ---D | M] -- C:\Users\B-boy\AppData\Roaming\TeamViewer [2011.10.19 18:26:24 | 000,000,000 | ---D | M] -- C:\Users\B-boy\AppData\Roaming\Thinstall [2012.01.03 21:38:32 | 000,000,266 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job [2011.12.13 10:17:50 | 000,032,588 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%*.* > [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2010.11.20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2011.10.01 07:45:12 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2009.06.10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2012.01.03 21:37:26 | 1610,063,872 | -HS- | M] () -- C:\hiberfil.sys [2011.10.01 12:11:24 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2011.10.01 12:11:24 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2012.01.03 21:37:26 | 2146,754,560 | -HS- | M] () -- C:\pagefile.sys [2011.09.30 21:26:10 | 000,000,000 | RHS- | M] () -- C:\pclv.ld [2011.09.30 21:26:10 | 000,288,001 | RHS- | M] () -- C:\SDYBO < %USERPROFILE%*.* > [2012.01.03 22:00:29 | 001,835,008 | -HS- | M] () -- C:\Users\B-boy\ntuser.dat [2012.01.03 22:00:28 | 000,262,144 | -HS- | M] () -- C:\Users\B-boy\ntuser.dat.LOG1 [2011.09.30 20:58:19 | 000,000,000 | -HS- | M] () -- C:\Users\B-boy\ntuser.dat.LOG2 [2011.11.09 14:51:59 | 000,065,536 | -HS- | M] () -- C:\Users\B-boy\ntuser.dat{6d419d3a-0abd-11e1-9d72-0019663e49cd}.TM.blf [2011.11.09 14:51:59 | 000,524,288 | -HS- | M] () -- C:\Users\B-boy\ntuser.dat{6d419d3a-0abd-11e1-9d72-0019663e49cd}.TMContainer00000000000000000001.regtrans-ms [2011.11.09 14:51:59 | 000,524,288 | -HS- | M] () -- C:\Users\B-boy\ntuser.dat{6d419d3a-0abd-11e1-9d72-0019663e49cd}.TMContainer00000000000000000002.regtrans-ms [2012.01.01 13:53:47 | 000,000,020 | -HS- | M] () -- C:\Users\B-boy\ntuser.ini < %USERPROFILE%AppDataLocal*.* > < %USERPROFILE%AppDataRoaming*.* > < %ProgramData%*.* > < %CommonProgramFiles%*.* > < %PROGRAMFILES%*.* > [2009.07.14 06:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini < %systemroot%system32*.dll /lockedfiles > < %systemroot%Tasks*.job /lockedfiles > < %systemroot%system32drivers*.sys /90 > < %systemroot%system32drivers*.sys /lockedfiles > < %systemroot%system32Spoolprtprocsw32x86*.dll > < %systemroot%\*. /mp /s > < MD5 for: EXPLORER.EXE > [2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe [2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe [2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe [2010.07.14 03:22:50 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe [2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\ERDNT\cache\explorer.exe [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe [2010.07.14 03:21:06 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe [2010.07.14 03:21:06 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe [2010.07.14 03:22:50 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe < MD5 for: USERINIT.EXE > [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache\userinit.exe [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe < MD5 for: VOLSNAP.SYS > [2009.07.14 03:19:10 | 000,245,328 | ---- | M] (Microsoft Corporation) MD5=58DF9D2481A56EDDE167E51B334D44FD -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_158d0da45d68903e\volsnap.sys [2010.11.20 14:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\drivers\volsnap.sys [2010.11.20 14:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_neutral_6dee0205881d1a1d\volsnap.sys [2010.11.20 14:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys < MD5 for: WININIT.EXE > [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\ERDNT\cache\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010.07.14 03:22:50 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2010.07.14 03:22:50 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\ERDNT\cache\winlogon.exe [2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe [2011.12.24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe < End of report > Extras: OTL Extras logfile created on: 3.1.2012 г. 21:57:44 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\B-boy\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000402 | Country: България | Language: BGR | Date Format: d.M.yyyy 'г.' 2,00 Gb Total Physical Memory | 1,26 Gb Available Physical Memory | 63,26% Memory free 4,00 Gb Paging File | 2,90 Gb Available in Paging File | 72,57% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 16,70 Gb Free Space | 34,20% Space Free | Partition Type: NTFS Drive D: | 416,92 Gb Total Space | 278,68 Gb Free Space | 66,84% Space Free | Partition Type: NTFS Drive F: | 6,32 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: B-BOY-PC | User Name: B-boy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1" = BusinessCards MX "{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}" = Rosetta Stone Version 3 "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{5C9DA6A8-6479-47FE-B67E-F3953E2FCD7A}_is1" = Мастер Визиток 4.61 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0015-0402-0000-0000000FF1CE}" = Microsoft Office Access MUI (Bulgarian) 2010 "{90140000-0015-0402-0000-0000000FF1CE}_Office14.PROPLUS_{59A0F32E-76D1-4BD1-BE32-554DD2F05DB4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0402-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Bulgarian) 2010 "{90140000-0016-0402-0000-0000000FF1CE}_Office14.PROPLUS_{59A0F32E-76D1-4BD1-BE32-554DD2F05DB4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0402-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Bulgarian) 2010 "{90140000-0018-0402-0000-0000000FF1CE}_Office14.PROPLUS_{59A0F32E-76D1-4BD1-BE32-554DD2F05DB4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0402-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Bulgarian) 2010 "{90140000-0019-0402-0000-0000000FF1CE}_Office14.PROPLUS_{59A0F32E-76D1-4BD1-BE32-554DD2F05DB4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0402-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Bulgarian) 2010 "{90140000-001A-0402-0000-0000000FF1CE}_Office14.PROPLUS_{59A0F32E-76D1-4BD1-BE32-554DD2F05DB4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0402-0000-0000000FF1CE}" = Microsoft Office Word MUI (Bulgarian) 2010 "{90140000-001B-0402-0000-0000000FF1CE}_Office14.PROPLUS_{59A0F32E-76D1-4BD1-BE32-554DD2F05DB4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0402-0000-0000000FF1CE}" = Microsoft Office Proof (Bulgarian) 2010 "{90140000-001F-0402-0000-0000000FF1CE}_Office14.PROPLUS_{0709C35F-CF3B-4B05-8A2D-6FFD8F9A5F67}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0419-0000-0000000FF1CE}" = Microsoft Office Proof (Russian) 2010 "{90140000-001F-0419-0000-0000000FF1CE}_Office14.PROPLUS_{DD6E7CDF-BDFF-43CF-8CCE-84FBEC5ABB77}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0402-0000-0000000FF1CE}" = Microsoft Office Proofing (Bulgarian) 2010 "{90140000-002C-0402-0000-0000000FF1CE}_Office14.PROPLUS_{C8054E0D-931E-4977-873A-017236B74357}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0402-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Bulgarian) 2010 "{90140000-0044-0402-0000-0000000FF1CE}_Office14.PROPLUS_{59A0F32E-76D1-4BD1-BE32-554DD2F05DB4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0402-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Bulgarian) 2010 "{90140000-006E-0402-0000-0000000FF1CE}_Office14.PROPLUS_{2800BF0D-D21D-49F8-988D-6F521900953C}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0402-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Bulgarian) 2010 "{90140000-00A1-0402-0000-0000000FF1CE}_Office14.PROPLUS_{59A0F32E-76D1-4BD1-BE32-554DD2F05DB4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0402-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Bulgarian) 2010 "{90140000-00BA-0402-0000-0000000FF1CE}_Office14.PROPLUS_{59A0F32E-76D1-4BD1-BE32-554DD2F05DB4}" = Microsoft Office 2010 Service Pack 1 (SP1) "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 280.26 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 280.26 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 280.26 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 280.19 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.4.28 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AIDA64 Business Edition_is1" = AIDA64 Business Edition v1.85 "Any Video Converter_is1" = Any Video Converter 3.3.0 "avast" = avast! Internet Security "BitTorrent" = BitTorrent "CCleaner" = CCleaner "DAEMON Tools Lite" = DAEMON Tools Lite "Driver Genius Professional Edition_is1" = Driver Genius Professional Edition "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware, версия 1.60.0.1800 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Mozilla Firefox 4.0 (x86 bg)" = Mozilla Firefox 4.0 (x86 bg) "NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "Opera 11.01.1190" = Opera 11.01 "SpeedFan" = SpeedFan (remove only) "The KMPlayer" = The KMPlayer (remove only) "WinRAR archiver" = WinRAR 4.01 (32-битова версия) ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-932158286-1761716740-2224712450-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Counter-Strike 1.6: New Era" = Counter-Strike 1.6: New Era ========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > -
Съмнения за вирус
bojko452 replied to bojko452's тема in Компютърна сигурност и защита от зловреден код
Проблема е и когато отваря браъзера си (Opera) много бавно ми влиза в сайтовете,много бавно се пълни лентата за гледане на клипове във ютуб,вбох (бавно зареждат). Пробвах с много различни версии на Counter Strike, пак е така другите играчи нямат лаг! пробвах със 7-9 сервера пак е така.!? -
Съмнения за вирус
bojko452 replied to bojko452's тема in Компютърна сигурност и защита от зловреден код
Malwarebytes' Anti-Malware Нищо не откри -
Съмнения за вирус
bojko452 replied to bojko452's тема in Компютърна сигурност и защита от зловреден код
Може ли някой да ми обърне внимание да проверим системата ми за вируси? -
Съмнения за вирус
bojko452 replied to bojko452's тема in Компютърна сигурност и защита от зловреден код
Аре бе някой няма ли да помогне и тук вече не се търпи... -
Съмнения за вирус
bojko452 replied to bojko452's тема in Компютърна сигурност и защита от зловреден код
Е аз за това пуснах тема да ми помогнете. да си реша проблема -
Съмнения за вирус
bojko452 replied to bojko452's тема in Компютърна сигурност и защита от зловреден код
Ем със тази съм! даже я и регистрирах!!! със активационен файл C:\Program Files\AVAST Software\Avast\AvastUI.exe Си работи сканира сичко -
Съмнения за вирус
bojko452 replied to bojko452's тема in Компютърна сигурност и защита от зловреден код
Със Windows 7 Ultimate съм да във калдата също бях пуснал тема но .... да още съм със Аваст, но бях я премахнал да видя дали не е от нея но не е и когато я премахнах пак беше така. със avast! Internet Security 6.0 най-новата версия съм. П.с. Отново се обадих на интернет доставчика си и той каза че връзката ми е доста доста бърза за да се обедя влезнах в сайта speedtest и резултата наистина беше доста добър (със една дума нет-а ми е бърз) , интернет доставчика ми каза че е от компютъра ми. -
Здравейте. Значи имам много гаден проблем с интернета, интернета ми е много бавен ама тотално бавен викнах интернет доставчика ми той провери сичко имаше проблем с буксата на таблото смениха я. Сичко си дойде на мястото но сега пак проблема се появи когато играя CS имам много лаг нито скайп работи нито нищо само играя CS и ми лаги със 100 фпс съм интернета е 100 Мбит/с тегля с 4 МБ в сек. но в цс-а имам много лаг и ме съмнява да не е от уиндоус-а? защото последно къто го преинсталирах беше преди 4-5-6 месеца. от тогава не съм го преинсталирвал. Проверих за вируси нямам пц-то е чисто! Почистих пц-то с програмата CCleaner. но пак е така? Моля ви дайте съвет някакъв.
-
Аз приятелка си имам но ... искам се позабавлявам малко с други момичета
-
Здравейте, бихте ли ми предложили еротични сайтове за чат? подобни на гепиме ? Благодаря предварително!