Jump to content

Началната страница Mozilla Fierfox

surogati
 Share

Препоръчан пост

surogati Новобранец

surogati

Публикувано
Публикувано

Когато сменя началната страница на Mozilla Firefox с Google.com,и затворя Mozilla ми се променя с Wabalta.ru.

Мсля че е някакъв вирс.Незнам как да го оправя.Моля помагаите

Link to comment
Сподели другаде
B-boy/StyLe/ Новобранец

B-boy/StyLe/

Публикувано
Публикувано

Направете една проверка със следните неща:

 

 

 

СТЪПКА 1

 

Изтеглете Malwarebytes' Anti-Malware от тук

 

Кликнете два пъти върху mbam-setup.exe за да инсталирате програмата.

 

  • * Уверете се, че има отметки на Update Malwarebytes' Anti-Malware и Launch Malwarebytes' Anti-Malware, след това кликнете на Finish.
    * Ако има намерени по-нови обновления, тя ще ги изтегли и инсталира.
    * Стартирайте програмата и изберете "Perform Quick Scan", след това кликнете на Scan.
    * Сканирането ще отнеме малко време, затова моля бъдете търпеливи.
    * Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата.
    * Уверете се, че на всички редове има отметки, и кликнете Remove Selected.
    * Когато всичко бъде премахнато, логът ще бъде отворен в Notepad. Копирайте лога и го публикувайте в следващия си коментар в темата.

 

Бележка: Ако MalwareBytes' Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поиска да рестартира компютъра Ви и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.

 

 

 

СТЪПКА 2

 

4. Изтеглете: ESET Online Scanner

* Стартирайте esetsmartinstaller_enu.exe

* Сложете отметка на YES, I accept the Terms of Use и изберете Start

* Скенерът ще започне да изтегля компонентите, които са му необходими.

* Уверете се, че има отметки на следните редове, включително и тези от менюто Advanced Settings:

 


  • Remove found threats
  • Scan archives
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology

 

И накрая изберете Start

 

* Скенерът ще започне да изтегля последните дефиниции.

* След, като сканирането завърши изберете Finish.

* Отидете в:

C:\Program Files\ESET\ESET Online Scanner

 

Отворете файла log.txt , копирайте съдържанието му и го поставете в следващия си пост тук.

 

Поздрави ! :)

Link to comment
Сподели другаде
surogati Новобранец

surogati

Публикувано
  • Author
Публикувано

Порбвах пради да пиша във форума,но нищо не стана.Сега ще пробвам на ново,и ще копирам резултатите.

 

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6211

# api_version=3.0.2

# EOSSerial=2edf5056e23f8a44b09018769e4186d4

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2010-07-04 03:53:58

# local_time=2010-07-04 05:53:58 )

# country="Bulgaria"

# lang=1033

# osver=6.0.6002 NT Service Pack 2

# compatibility_mode=768 16777215 100 0 5301785 5301785 0 0

# compatibility_mode=5892 16776573 100 100 193775 115738341 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=253563

# found=0

# cleaned=0

# scan_time=10024

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6211

# api_version=3.0.2

# EOSSerial=2edf5056e23f8a44b09018769e4186d4

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2010-07-04 12:58:04

# local_time=2010-07-04 02:58:04 )

# country="Bulgaria"

# lang=1033

# osver=6.0.6002 NT Service Pack 2

# compatibility_mode=768 16777215 100 0 5333069 5333069 0 0

# compatibility_mode=5892 16776573 100 100 225059 115769625 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=253593

# found=0

# cleaned=0

# scan_time=11390

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6211

# api_version=3.0.2

# EOSSerial=2edf5056e23f8a44b09018769e4186d4

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2010-07-06 01:21:11

# local_time=2010-07-06 03:21:11 )

# country="Bulgaria"

# lang=1033

# osver=6.0.6002 NT Service Pack 2

# compatibility_mode=768 16777215 100 0 5508468 5508468 0 0

# compatibility_mode=5892 16776573 100 100 52182 115945024 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=254390

# found=0

# cleaned=0

# scan_time=10175

Link to comment
Сподели другаде
B-boy/StyLe/ Новобранец

B-boy/StyLe/

Публикувано
Публикувано

Да разбирам ли, че имате проблем с изтеглянето на Malwarebytes ?

Ако е така ще се наложи по-сериозен анализ с други инструменти.

Тъй като аз временно нямам възможност да ги използвам заради един проект, ще Ви пратя някой колега да ви преслуша.

Ако можете пък да сканирате с Malwarebytes, го направете (като не забравяте да обновите дефинициите).

Според това какви ще са резултатите от лог файла на Malwarebytes и дали евентуалното почистване с MBAM ще оправи проблема ще решим как да процедираме по-нататък.

Link to comment
Сподели другаде
surogati Новобранец

surogati

Публикувано
  • Author
Публикувано

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Версия на базата от данни: 4288

 

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18928

 

7.7.2010 г. 18:10:09

mbam-log-2010-07-07 (18-10-09).txt

 

Тип сканиране: Пълно сканиране (C:\|D:\|F:\|G:\|)

Сканирани обекти: 377274

Изминало време: 1 час(а), 52 минута(и), 35 секунда(и)

 

Заразени процеси в паметта: 0

Заразени модули в паметта: 0

Заразени ключове в регистратурата: 0

Заразени стойности в регистратурата: 0

Заразени информационни обекти в регистратурата: 0

Заразени папки: 0

Заразени файлове: 0

 

Заразени процеси в паметта:

(Не бяха открити зловредни обекти)

 

Заразени модули в паметта:

(Не бяха открити зловредни обекти)

 

Заразени ключове в регистратурата:

(Не бяха открити зловредни обекти)

 

Заразени стойности в регистратурата:

(Не бяха открити зловредни обекти)

 

Заразени информационни обекти в регистратурата:

(Не бяха открити зловредни обекти)

 

Заразени папки:

(Не бяха открити зловредни обекти)

 

Заразени файлове:

(Не бяха открити зловредни обекти)

Link to comment
Сподели другаде
Night_Raven Ентусиаст

Night_Raven

Публикувано
Публикувано

Изтегли OTL и го запази на работния плот:

- стартирай инструмента;

- в поле Custom Scans/Fixes (в долната част на програмата) постави следния текст (маркирай го, натисни Ctrl+C и после в полето на OTL натисни Ctrl+V):

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.*
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
CREATERESTOREPOINT
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%PROGRAMFILES%\*.
%userprofile%\Desktop\*.*
%userprofile%\Desktop\*.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

- в поле Output избери Minimal Output;

- увери се, че е избрана опцията Use SafeList във всичките 6 полета в лявата половина на прозореца;

- увери се, че е избрана опцията File Age в двете полета в дясната половина на прозореца;

- постави отметки на всички опции, налични в прозореца на програмата;

- кликни бутон Run Scan;

Изчакай сканирането да приключи. След края на сканирането автоматично ще се отворят двата новосъздадени на работния плот файла: OTL.txt и Extras.txt.

Моля, прикачи тези два файла (поотделно или в архив) към следващия си коментар.

Link to comment
Сподели другаде
surogati Новобранец

surogati

Публикувано
  • Author
Публикувано

OTL Extras logfile created on: 7.7.2010 г. 20:43:48 - Run 1

OTL by OldTimer - Version 3.2.7.1 Folder = C:\Users\Tilyo Petrov Rusev\Searches\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18928)

Locale: 00000402 | Country: Bulgaria | Language: BGR | Date Format: d.M.yyyy 'г.'

 

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 40,00% Memory free

6,00 Gb Paging File | 4,00 Gb Available in Paging File | 64,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 116,44 Gb Total Space | 28,70 Gb Free Space | 24,64% Space Free | Partition Type: NTFS

Drive D: | 108,63 Gb Total Space | 18,97 Gb Free Space | 17,46% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

Drive F: | 35,81 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: TILYOPETROVRUS1

Current User Name: Tilyo Petrov Rusev

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 30 Days

Output = Minimal

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.hta [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

 

[HKEY_USERS\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htafile [open] -- Reg Error: Key error.

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"UacDisableNotify" = 1

"InternetSettingsDisableNotify" = 1

"AutoUpdateDisableNotify" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 

========== Authorized Applications List ==========

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{174A8E5D-9CCE-4980-9035-337FA073FEE0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{2081533B-D18D-4869-AF28-68B594E8E939}" = lport=24132 | protocol=17 | dir=in | name=bitcomet 24132 udp |

"{23F4EED1-28AD-4BEE-9FC8-2C9A2AE9A3F5}" = lport=10338 | protocol=17 | dir=in | name=bitcomet 10338 udp |

"{2F698DB6-89AF-4220-8FB1-B778CCB4F2ED}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

"{341709A3-A5EA-4FAD-92D3-403B4E78B9F6}" = lport=10243 | protocol=6 | dir=in | app=system |

"{342F5416-B09B-4FEC-8CFE-FF4043A788EB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{365CDD25-75F2-46C6-91D2-BB4B4BE62300}" = lport=24132 | protocol=6 | dir=in | name=bitcomet 24132 tcp |

"{3B0F4A7D-5CCA-4DE7-95B8-3767B9343198}" = lport=2869 | protocol=6 | dir=in | app=system |

"{3D2876E6-A02E-4DD8-A5F1-EEA9F696D37D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{3ED1488E-07A3-4FB5-ADF3-52C3D75F2FDE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{5FBE1608-6885-4C48-B553-7CA2711673AD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{64C3F9C0-0CD3-4E9E-8FC1-49B469509111}" = rport=10243 | protocol=6 | dir=out | app=system |

"{A4D2C4A3-4F2E-40B2-A6C4-22072605AFC0}" = lport=10338 | protocol=6 | dir=in | name=bitcomet 10338 tcp |

"{E005CCC9-2E80-45BC-970E-9FB27892880E}" = lport=2869 | protocol=6 | dir=in | app=system |

"{E77CA450-1407-4C31-BB60-6B076B231399}" = lport=5000 | protocol=17 | dir=in | name=passware kit enterprise demo 9.5 |

"{EB3C1DB1-454D-4219-B988-89311452129F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{EDCB8142-445A-433C-9855-8659940B5635}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0D48CA1D-8847-4EBD-B506-98EBB8743D1C}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |

"{263AEAA0-3D40-4E96-BCBB-2B73C7C58A8C}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |

"{31CEF5C0-C2DD-41BD-9EC9-F600B5BE554F}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |

"{34E730FD-AF2E-443F-B977-EFF5D7081257}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{385204B3-34C1-4E50-B627-7A1659FB33D8}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{399CFC05-4B9E-4EE1-85DE-F59F5E837878}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{3C980528-60F5-4213-9C1F-7BA31393A5D8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{3CF9F5F2-AFAD-4AAD-BFCA-728307525379}" = protocol=17 | dir=in | app=c:\program files\novalogic\delta force xtreme 2\update.exe |

"{426A84B0-DDB9-46AB-9642-5E5BBACE26E9}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |

"{48C74D72-0F81-444D-93FC-A707D5F96375}" = protocol=6 | dir=out | app=system |

"{5187CA1E-30C6-45D0-94EF-47232F451431}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |

"{57DEC3E6-E5BA-4FD1-BDE4-B5F84FB66083}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{5BE64FD3-500C-4C4F-863C-139D1A52741B}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |

"{5E15BE13-66A7-4FD9-A028-2D6585811E1F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{5F7149FF-9289-41FB-A78F-6629AC5C1C9F}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |

"{67879E39-8E57-4A96-950B-4D4C835AD351}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{7874C5E8-0E9D-49F6-82C9-8095F2CA2A6D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{78C98D6F-0E4E-408F-81CB-8B4160B4CD70}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{7CD1BA54-9604-4A4A-94BA-BB1ECDD7FA4C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{8BE3CCE4-0002-4F8B-9A06-C91AC4424479}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |

"{8F406FCA-E9F4-47A3-A28D-88AF6BE898BB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{9EBA2886-0FA2-4F3C-802D-5946714D44C0}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |

"{A11C109C-16C9-40EA-91DC-914485619A5C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{A91F005C-F807-4F90-95FA-F6DD154AD36D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{AF594BC5-5D41-4AA8-94BA-C226CCD474D7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{B6525F0F-6C23-4875-84B2-4DE90D031A51}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{BDFBE781-5E73-43B8-8601-D187BCFD6428}" = protocol=6 | dir=in | app=c:\program files\novalogic\delta force xtreme 2\dfx2.exe |

"{C16F668B-1D60-454F-9F97-F4959DE1F130}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{C6558725-ADC8-422D-BF75-E05D05BE4FB9}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{D54AE78D-D951-4AC6-A2AA-31DF3627A549}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{E174D539-4F88-4214-A8CB-15DA1081B49C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{EBF5516D-6622-41EC-BFFA-C09B1BC7889B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{F3143B03-6F0F-4455-B431-B56A3AEFEF8C}" = protocol=17 | dir=in | app=c:\program files\novalogic\delta force xtreme 2\dfx2.exe |

"{FA90F71F-B40D-465C-9529-241512F0495F}" = protocol=6 | dir=in | app=c:\program files\novalogic\delta force xtreme 2\update.exe |

"TCP Query User{11EF6151-6EBC-4EE8-865D-0E78ED3CFE88}C:\program files\readon technology\readon tv movie radio player 7.2.0.0\internettv.exe" = protocol=6 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 7.2.0.0\internettv.exe |

"TCP Query User{1E74337C-894D-4E38-9CC2-BCB63121CA49}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"TCP Query User{258583ED-424D-4929-BB9C-9B0E48943660}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |

"TCP Query User{32CD377C-6F5B-40E2-B6D2-E3D67FC49555}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |

"TCP Query User{3C1A8889-E9E2-4688-B43C-16D116FA1451}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"TCP Query User{488C3585-E817-493F-B1B3-DC118C1D0EB6}C:\users\tilyo petrov rusev\downloads\bitcomet.exe" = protocol=6 | dir=in | app=c:\users\tilyo petrov rusev\downloads\bitcomet.exe |

"TCP Query User{51A196E3-6A7F-4676-B7BC-089A687AC53F}C:\program files\ubisoft\gearbox software\brothersinarms\system\bia.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\gearbox software\brothersinarms\system\bia.exe |

"TCP Query User{58517F7C-D996-4976-8152-7787479794D0}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |

"TCP Query User{58DA3064-2D80-469F-B0F5-CE7AA92FB518}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |

"TCP Query User{5C5C2D44-4126-43F8-815B-A668F6DF9CBA}C:\users\tilyo petrov rusev\downloads\bitcomet.exe" = protocol=6 | dir=in | app=c:\users\tilyo petrov rusev\downloads\bitcomet.exe |

"TCP Query User{7161C013-7B07-4248-A23B-9A74D3B33A53}C:\windows\ehome\ehexthost.exe" = protocol=6 | dir=in | app=c:\windows\ehome\ehexthost.exe |

"TCP Query User{743CD803-A96E-4231-A57F-1786E194B7A9}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |

"TCP Query User{7AC0E75B-6616-4CCF-BBB6-AAF5DC995D0F}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"TCP Query User{7ED530E2-B27E-42BD-81C3-38ACA9E154B0}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |

"TCP Query User{959403F5-E8C4-4D7D-BEA9-CBEFE7D2B1A1}D:\програми\игри\delta.force.xtreme.2-reloaded\aos_eng.exe" = protocol=6 | dir=in | app=d:\програми\игри\delta.force.xtreme.2-reloaded\aos_eng.exe |

"TCP Query User{9D796D26-EDA4-4DAB-AC00-482F5156DF21}C:\program files\zapu\zapu accelerator\wdivi.exe" = protocol=6 | dir=in | app=c:\program files\zapu\zapu accelerator\wdivi.exe |

"TCP Query User{B741C8E8-553D-4EAB-8AC5-80A399838440}C:\program files\novalogic\delta force xtreme 2\aos_eng.exe" = protocol=6 | dir=in | app=c:\program files\novalogic\delta force xtreme 2\aos_eng.exe |

"TCP Query User{BA3F3C3F-05C2-42ED-9E85-C51EB4C25165}C:\casino\paradisecasino - bulgarian\casino.exe" = protocol=6 | dir=in | app=c:\casino\paradisecasino - bulgarian\casino.exe |

"TCP Query User{C3D356C8-CDA6-48B8-8BC4-8C85204663B1}C:\program files\novalogic\delta force xtreme 2\aos_eng.exe" = protocol=6 | dir=in | app=c:\program files\novalogic\delta force xtreme 2\aos_eng.exe |

"TCP Query User{EE92014B-FDAB-424C-AF91-3101EE598468}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |

"TCP Query User{EFB10FB5-56FE-43A1-8069-6130122B8EAC}C:\users\tilyo petrov rusev\downloads\bitcomet_win9x.exe" = protocol=6 | dir=in | app=c:\users\tilyo petrov rusev\downloads\bitcomet_win9x.exe |

"TCP Query User{F4F92DA2-3804-4FA6-B67D-612486D59CC8}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |

"UDP Query User{0F3FF822-020F-4EAF-BAF2-FC8A455536CC}D:\програми\игри\delta.force.xtreme.2-reloaded\aos_eng.exe" = protocol=17 | dir=in | app=d:\програми\игри\delta.force.xtreme.2-reloaded\aos_eng.exe |

"UDP Query User{11D612C8-C728-44B6-8FBB-1FA329C1D098}C:\program files\ubisoft\gearbox software\brothersinarms\system\bia.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\gearbox software\brothersinarms\system\bia.exe |

"UDP Query User{28310D25-8B78-42BF-BBD6-C821F9A4BF19}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"UDP Query User{2BB99E4F-5364-47C6-A7C2-CAB0FD0B512D}C:\users\tilyo petrov rusev\downloads\bitcomet_win9x.exe" = protocol=17 | dir=in | app=c:\users\tilyo petrov rusev\downloads\bitcomet_win9x.exe |

"UDP Query User{3B19D971-E21A-4988-B5C7-C78028F3AD0E}C:\program files\readon technology\readon tv movie radio player 7.2.0.0\internettv.exe" = protocol=17 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 7.2.0.0\internettv.exe |

"UDP Query User{3DCD80B7-2DBC-486D-BB3F-C568982F8129}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |

"UDP Query User{4F81AC4C-2665-4070-8E11-EBEEAC7B7138}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |

"UDP Query User{56D857B5-7BAF-4BB6-8A0F-F124C55D1350}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |

"UDP Query User{60AA4C9E-9EDC-4FD5-ABA5-E3364164E4B9}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"UDP Query User{75F1E357-259D-440B-A926-CF5853E0562C}C:\program files\novalogic\delta force xtreme 2\aos_eng.exe" = protocol=17 | dir=in | app=c:\program files\novalogic\delta force xtreme 2\aos_eng.exe |

"UDP Query User{85671E3C-2864-48AE-B8EA-5682A5EB5596}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |

"UDP Query User{8C050D3B-1C1F-470D-9308-0CFE34FD4F77}C:\casino\paradisecasino - bulgarian\casino.exe" = protocol=17 | dir=in | app=c:\casino\paradisecasino - bulgarian\casino.exe |

"UDP Query User{8CE66FEF-BAEC-4ED9-B7A1-E761988C127B}C:\users\tilyo petrov rusev\downloads\bitcomet.exe" = protocol=17 | dir=in | app=c:\users\tilyo petrov rusev\downloads\bitcomet.exe |

"UDP Query User{96F50964-A05F-45F5-A578-71695860F047}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"UDP Query User{AED5FAF9-28F7-4B18-94DD-CE766145E690}C:\windows\ehome\ehexthost.exe" = protocol=17 | dir=in | app=c:\windows\ehome\ehexthost.exe |

"UDP Query User{BEF99706-5B07-459B-BA1A-CCAE82B92AEA}C:\program files\novalogic\delta force xtreme 2\aos_eng.exe" = protocol=17 | dir=in | app=c:\program files\novalogic\delta force xtreme 2\aos_eng.exe |

"UDP Query User{C10E3A1F-E43E-48C0-8744-234C39AEAB95}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |

"UDP Query User{CF69E18E-7215-4925-BBC7-CED11FD59DF1}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |

"UDP Query User{E346ECB2-8AA2-4FB3-A53E-76924C69E722}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |

"UDP Query User{F4E67420-67BE-456B-A619-2E7917DB3D62}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |

"UDP Query User{F53DFBC2-200D-4373-8902-B30AF993313C}C:\users\tilyo petrov rusev\downloads\bitcomet.exe" = protocol=17 | dir=in | app=c:\users\tilyo petrov rusev\downloads\bitcomet.exe |

"UDP Query User{FCBC767D-4088-4BCF-A1CE-D8811B3CA988}C:\program files\zapu\zapu accelerator\wdivi.exe" = protocol=17 | dir=in | app=c:\program files\zapu\zapu accelerator\wdivi.exe |

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{06A395CE-60A6-471E-A73C-73634310EDB3}" = Windows Live Sync

"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour

"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media

"{1584854C-1513-40EA-96D4-493384D0A3C7}" = Readon TV Movie Radio Player 7.2.0.0

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{18522005-B8F6-4552-A228-823328696F48}" = Yamaha Supercross

"{193C41B9-1A0F-45E6-8546-41C91C99A5F8}" = Delta Force Xtreme 2

"{19CC7A03-BDBB-4EFB-B8C9-86FD2FB95334}" = Windows Live Messenger

"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager

"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Инструмент за качване на Windows Live

"{21550042-EA9F-4419-A8D7-DF732DCEB76E}" = Microsoft Office PowerPoint Remote

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{232AAA95-AE60-46C7-9987-4E7139EA3554}" = Асистент за влизане на Windows Live

"{2396F815-84E0-4353-83D7-8B190556DA42}" = ASUS CopyProtect

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20

"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime

"{2B818257-E6C7-4841-8C29-C5C9A982BCE5}" = RICOH Media Driver ver.2.07.01.00

"{2D7C3E18-E696-4B67-8B5D-45CD3BE6B27E}" = SweetIM for Messenger 3.0

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{31874D00-F3E1-44CE-A79A-492CFBD585E8}" = Windows Live Writer

"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook

"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{46183C3F-11E8-486E-9EAE-F8D8C8321E20}" = Boost Your Browser

"{47E582E4-482B-47D2-B578-FE7F83F6CED4}" = Windows Live Mail

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{57B15AD4-8C9D-4164-82BB-E33D8644E757}" = ASUS InstantFun

"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02

"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2

"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe

"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com

"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon

"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6AECFE2F-86D3-4EA8-B110-19CDAA343199}" = ItaEst - Taka e!

"{6CD0E03A-7E99-4FDE-9D7F-D0F457DB4192}" = Фотогалерия на Windows Live

"{6E19F210-3813-4002-B561-94D66AA182B6}" = Atheros Communications Inc.® L1 Gigabit Ethernet Driver

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}" = Vodafone Mobile Connect Lite

"{7A27764B-5434-4DAA-BD43-3ACF4FFCD7FE}" = SweetIM Toolbar for Internet Explorer 3.8

"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes

"{7F815C5F-D2A4-4173-B7C0-55A9D6F87E38}" = MobileMe Control Panel

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2

"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support

"{863BB78A-107D-475C-AE65-444F327C83E1}" = PerfectSpeed PC Optimizer

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8CFEBE9C-F29F-4C49-80E0-7106970F8734}" = Power4Gear eXtreme

"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update

"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0015-0816-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Portugal)) 2007

"{90120000-0015-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2007

"{90120000-0015-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0816-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Portugal)) 2007

"{90120000-0016-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007

"{90120000-0016-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0816-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007

"{90120000-0018-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007

"{90120000-0018-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0816-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007

"{90120000-0019-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2007

"{90120000-0019-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0816-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007

"{90120000-001A-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2007

"{90120000-001A-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0816-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Portugal)) 2007

"{90120000-001B-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007

"{90120000-001B-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007

"{90120000-001F-0403-0000-0000000FF1CE}_PROHYBRIDR_{4B47C31E-46B0-462B-BEE4-DC383B6A1F2A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007

"{90120000-001F-0416-0000-0000000FF1CE}_PROHYBRIDR_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007

"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007

"{90120000-001F-0816-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Portugal)) 2007

"{90120000-001F-0816-0000-0000000FF1CE}_PROHYBRIDR_{C312E1CD-EC19-4270-A072-F36F634DFF79}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-002C-0816-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Portugal)) 2007

"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0816-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Portugal)) 2007

"{90120000-006E-0816-0000-0000000FF1CE}_PROHYBRIDR_{A8523DA4-5563-4F0E-BD9D-4E4CC3CF7239}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007

"{90120000-006E-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{6113C11D-BACA-4D8E-8002-03C8D06FD5E6}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-008A-0409-0000-0000000FF1CE}" = Microsoft Office 2007 Recent Documents Gadget

"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007

"{90120000-00A1-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable

"{A5A63519-F5C2-4F4A-849A-F28A1AB3D522}" = Sentinel Protection Installer 7.5.0

"{A7631C52-DC0C-435C-8802-9FA032084D6B}" = Семейна безопасност на Windows Live

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2

"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari

"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support

"{BC61F51E-8AF7-46B9-AF20-B33B5EE81034}" = Nero 7 Essentials

"{BDE0CF4C-8DE2-41DB-A845-78D48874E2C6}" = SLOW-PCfighter

"{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology

"{C9B2753A-25CA-4E35-A8BA-DABAAD46112A}" = Windows Live Movie Maker

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE86A0E7-818D-43EC-A181-59BA9BD3EF2E}" = LightScribe 1.8.13.1

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2

"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities

"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service

"{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}" = VistaFeaturePack

"{DB69C93F-A2E4-43C5-838B-5B80EBDE7A21}" = Passware Kit Enterprise Demo 9.5

"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash

"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware

"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01

"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Земя

"{F8DBD826-2387-43C5-94AD-ACA7EB55F049}" = Windows Live Essentials

"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility

"{FC3D290D-79BE-44B7-ABF9-FDD110925930}" = P4P

"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)

"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites

"Ad-Aware" = Ad-Aware

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Advanced SystemCare 3_is1" = Advanced SystemCare 3

"Ares" = Ares 2.1.5

"Ashampoo ClipFinder HD_is1" = Ashampoo ClipFinder HD 2.07

"Ashampoo HDD Control_is1" = Ashampoo HDD Control 1.11

"Ashampoo Magical Defrag 2_is1" = Ashampoo Magical Defrag 2

"Ashampoo Magical Snap 2_is1" = Ashampoo Magical Snap 2.51

"Ashampoo Photo Commander 7_is1" = Ashampoo Photo Commander 7.30

"Ashampoo UnInstaller 4_is1" = Ashampoo UnInstaller 4.04

"Ashampoo WinOptimizer 6_is1" = Ashampoo WinOptimizer 6.60

"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver

"avast5" = avast! Free Antivirus

"Belarc Advisor" = Belarc Advisor 8.1

"BitComet" = BitComet 1.20

"BrothersInArms" = Brothers In Arms

"bwin Poker_is1" = bwin Poker

"CCleaner" = CCleaner

"CD Recovery Toolbox Free_is1" = CD Recovery Toolbox Free 1.1

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com

"Data Access Objects (DAO) 3.5" = Data Access Objects (DAO) 3.5

"Defense Grid - The Awakening1.0" = Defense Grid - The Awakening

"ESET Online Scanner" = ESET Online Scanner v3

"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30

"Game Booster_is1" = Game Booster

"gaslee" = Favorit

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"InstallShield_{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}" = VistaFeaturePack

"IObit Security 360_is1" = IObit Security 360

"Lotto Pro" = Lotto Pro

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"McAfee Security Scan" = McAfee Security Scan Plus

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)

"NVIDIA Drivers" = NVIDIA Drivers

"oggcodecs" = oggcodecs 0.71.0946

"OptiNet" = OptiNet (remove only)

"Picasa 3" = Picasa 3

"PokerStars" = PokerStars

"Powergramo" = PowerGramo Professional

"PROHYBRIDR" = 2007 Microsoft Office system

"RocketDock_is1" = RocketDock 1.3.5

"SLOW-PCfighter" = SLOW-PCfighter

"Smart Defrag_is1" = Smart Defrag

"SMSERIAL" = Motorola SM56 Speakerphone Modem

"SopCast" = SopCast 3.2.4

"SpeedConnect Internet Accelerator v.7.5_is1" = SpeedConnect Internet Accelerator v.7.5

"SuperMp3Download" = Super MP3 Download

"TeamViewer 5" = TeamViewer 5

"The KMPlayer" = The KMPlayer (remove only)

"TomTom HOME" = TomTom HOME 2.7.3.1894

"TuneUp Utilities" = TuneUp Utilities

"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam

"VLC media player" = VLC media player 1.0.5

"Windows Doctor_is1" = Windows Doctor 1.6

"WinGimp-2.0_is1" = GIMP 2.6.8

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = Архиватор WinRAR

"Wise Registry Cleaner_is1" = Wise Registry Cleaner Free 5.31

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"GammonEmpire" = GammonEmpire

"pchd" = pchd

 

========== Last 10 Event Log Errors ==========

 

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

 

< End of report >

 

OTL logfile created on: 7.7.2010 г. 20:43:48 - Run 1

OTL by OldTimer - Version 3.2.7.1 Folder = C:\Users\Tilyo Petrov Rusev\Searches\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18928)

Locale: 00000402 | Country: Bulgaria | Language: BGR | Date Format: d.M.yyyy 'г.'

 

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 40,00% Memory free

6,00 Gb Paging File | 4,00 Gb Available in Paging File | 64,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 116,44 Gb Total Space | 28,70 Gb Free Space | 24,64% Space Free | Partition Type: NTFS

Drive D: | 108,63 Gb Total Space | 18,97 Gb Free Space | 17,46% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

Drive F: | 35,81 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: TILYOPETROVRUS1

Current User Name: Tilyo Petrov Rusev

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 30 Days

Output = Minimal

 

========== Processes (SafeList) ==========

 

PRC - C:\Users\Tilyo Petrov Rusev\Searches\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)

PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)

PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)

PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)

PRC - C:\Program Files\IObit\IObit Security 360\is360.exe (IObit)

PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

PRC - C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe (IObit)

PRC - C:\Program Files\Ashampoo\Ashampoo HDD Control\HDDControlGuard.exe (Ashampoo Development GmbH & Co. KG)

PRC - C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)

PRC - C:\Program Files\Raxco\PerfectSpeed20\Rx2AgentS1.exe (Raxco Software, Inc.)

PRC - C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe (Raxco Software, Inc.)

PRC - C:\Program Files\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe (ashampoo GmbH & Co. KG)

PRC - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)

PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)

PRC - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe (Autodata Limited)

PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)

PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)

PRC - C:\Windows\ehome\ehexthost.exe (Microsoft Corporation)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)

PRC - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragMonitorService.exe (ashampoo Technology GmbH & Co. KG)

PRC - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe ()

PRC - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe ( )

PRC - C:\Program Files\ASUS\SmartLogon\sensorsrv.exe (ASUS)

PRC - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()

PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)

PRC - C:\Program Files\ATK Hotkey\HControl.exe (ATK0100)

PRC - C:\Program Files\ATK Hotkey\AsLdrSrv.exe ()

PRC - C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe ()

PRC - C:\Program Files\RocketDock\RocketDock.exe ()

PRC - C:\Program Files\P4G\BatteryLife.exe (ATK)

PRC - C:\Program Files\ATK Hotkey\WDC.exe ()

PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()

PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()

PRC - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()

PRC - C:\Program Files\Wireless Console 2\wcourier.exe ()

PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()

PRC - C:\Windows\ehome\ehshell.exe (Microsoft Corporation)

PRC - C:\Windows\System32\Crypserv.exe (CrypKey (Canada) Ltd.)

PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)

PRC - C:\Program Files\Clock\SpClDlx.exe (Lux Aeterna)

 

 

========== Modules (SafeList) ==========

 

MOD - C:\Users\Tilyo Petrov Rusev\Searches\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)

 

 

========== Win32 Services (SafeList) ==========

 

SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)

SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)

SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)

SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)

SRV - (TuneUp.Defrag) -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)

SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)

SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)

SRV - (IS360service) -- C:\Program Files\IObit\IObit Security 360\is360srv.exe (IObit)

SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)

SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)

SRV - (W3SVC) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)

SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (Rx2Engine) -- C:\Program Files\Raxco\PerfectSpeed20\Rx2Engine.exe (Raxco Software, Inc.)

SRV - (Rx2Agent) -- C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe (Raxco Software, Inc.)

SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)

SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)

SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)

SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)

SRV - (Autodata Limited License Service) -- C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe (Autodata Limited)

SRV - (VMCService) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)

SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation)

SRV - (AshampooDefragService) -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe ( )

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe ()

SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()

SRV - (spmgr) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()

SRV - (ADSMService) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()

SRV - (Crypkey License) -- C:\Windows\System32\Crypserv.exe (CrypKey (Canada) Ltd.)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (SQTECH905C) -- C:\Windows\System32\Drivers\Capt905c.sys File not found

DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found

DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found

DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found

DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found

DRV - (ASW3Scan) -- C:\Program Files\Ashampoo\Ashampoo Anti-Malware\AAMW_IFS32.sys File not found

DRV - (AAMWRegFilter) -- C:\Program Files\Ashampoo\Ashampoo Anti-Malware\AAMW_Regfilter32.sys File not found

DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)

DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)

DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)

DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software)

DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software)

DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB)

DRV - (PSSDKLBF) -- C:\Windows\System32\drivers\pssdklbf.sys (microOLAP Technologies LTD)

DRV - (PSSDK42) -- C:\Windows\System32\drivers\pssdk42.sys (microOLAP Technologies LTD)

DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)

DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)

DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)

DRV - (DefragFS) -- C:\Windows\System32\drivers\DefragFs.sys (Raxco Software, Inc.)

DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()

DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)

DRV - (hwusbfake) -- C:\Windows\System32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)

DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)

DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)

DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)

DRV - (RMCAST) RMCAST (Pgm) -- C:\Windows\System32\drivers\rmcast.sys (Microsoft Corporation)

DRV - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)

DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)

DRV - (AtcL001) -- C:\Windows\System32\drivers\l160x86.sys (Atheros Communications, Inc.)

DRV - (AVerAF15) -- C:\Windows\System32\drivers\AVerAF15.sys (AVerMedia TECHNOLOGIES, Inc.)

DRV - (Sentinel) -- C:\Windows\System32\Drivers\SENTINEL.SYS (SafeNet, Inc.)

DRV - (BthAvrcp) -- C:\Windows\System32\drivers\BthAvrcp.sys (CSR, plc)

DRV - (MODEMCSA) -- C:\Windows\System32\drivers\MODEMCSA.sys (Microsoft Corporation)

DRV - (eltima_usb_stub) -- C:\Windows\System32\drivers\usbstub.sys ()

DRV - (vuhub) -- C:\Windows\System32\drivers\vuhub.sys ()

DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)

DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()

DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)

DRV - (lullaby) -- C:\Windows\system32\DRIVERS\lullaby.sys (Windows ® Codename Longhorn DDK provider)

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)

DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)

DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (Windows ® Codename Longhorn DDK provider)

DRV - (ghaio) -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys ()

DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()

DRV - (NETw4v32) Intel® -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)

DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )

DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)

DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)

DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)

DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)

DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)

DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)

DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)

DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)

DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)

DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)

DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)

DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)

DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)

DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)

DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)

DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)

DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)

DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)

DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)

DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)

DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)

DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)

DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)

DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)

DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)

DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)

DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)

DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)

DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)

DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)

DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)

DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)

DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)

DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)

DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)

DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)

DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)

DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)

DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)

DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)

DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)

DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)

DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)

DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)

DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)

DRV - (NETw3v32) Intel® -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)

DRV - (E1G60) Intel® -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)

DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)

DRV - (NetworkX) -- C:\Windows\system32\ckldrv.sys ()

DRV - (Ps2) -- C:\Windows\System32\drivers\PS2.sys (Hewlett-Packard Company)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com

IE - HKLM\..\URLSearchHook: {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - Reg Error: Key error. File not found

IE - HKLM\..\URLSearchHook: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - Reg Error: Key error. File not found

 

 

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com

IE - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "http://webalta.ru"

FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2

FF - prefs.js..extensions.enabledItems: abvnotifier@netinfo.bg:0.9.8

FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3

FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:0.9.10.2

FF - prefs.js..extensions.enabledItems: {ca0849e8-2c76-42ae-9abe-34e14d337acf}:1.91

FF - prefs.js..extensions.enabledItems: nosquint@urandom.ca:2.0.3

FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.21

FF - prefs.js..extensions.enabledItems: {9d1f059c-cada-4111-9696-41a62d64e3ba}:0.5.2.1

FF - prefs.js..extensions.enabledItems: {de5809e0-2b07-11dd-bd0b-0800200c9a66}:1.2.0

 

FF - user.js..browser.startup.homepage: "http://webalta.ru"

 

FF - HKLM\software\mozilla\Firefox\Extensions\\{AA1ACB70-B5F1-4037-909E-1F725B04D2A8}: C:\Program Files\Customized Web Management\1.6.0.3840\FF

FF - HKLM\software\mozilla\Firefox\Extensions\\{5909FC3D-7F8B-415d-A5D1-7C7E941E536E}: C:\Program Files\Internet Content Assistant\1.6.0.3960\FF

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.04 02:29:50 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.04 02:29:50 | 000,000,000 | ---D | M]

 

[2010.06.29 14:14:29 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Extensions

[2010.06.29 14:14:29 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Extensions\home2@tomtom.com

[2010.07.07 20:18:50 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions

[2010.06.01 21:50:44 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}

[2010.07.06 11:51:43 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

[2010.07.05 01:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\{3ed70016-b11f-4990-b5a3-a52a92bcf0ac}

[2010.07.07 20:18:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\{9d1f059c-cada-4111-9696-41a62d64e3ba}

[2010.07.04 02:29:51 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}

[2010.05.21 10:56:15 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2010.06.21 11:38:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf}

[2010.05.24 19:30:38 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2010.05.21 13:24:27 | 000,000,000 | ---D | M] (Gradient iCool) -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}

[2010.05.24 19:44:02 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\abvnotifier@netinfo.bg

[2010.06.28 21:01:15 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\nosquint@urandom.ca

[2010.05.24 19:58:29 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\personas@christopher.beard

[2010.07.05 12:27:14 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2010.07.05 12:27:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010.07.05 12:26:39 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2010.04.01 18:50:01 | 000,001,083 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\911bg.xml

[2010.04.01 18:50:01 | 000,002,442 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\diribg.xml

[2010.04.01 18:50:01 | 000,001,515 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pe-bg.xml

[2010.04.01 18:50:01 | 000,001,857 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\portalbgdict.xml

[2010.04.01 18:50:01 | 000,001,220 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-bg.xml

 

O1 HOSTS File: ([2009.07.17 22:01:02 | 000,000,743 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.27.dll (BitComet)

O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - {42ad2408-baaa-408d-b13e-4706560e817b} - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - No CLSID value found.

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - No CLSID value found.

O3 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.

O3 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\..\Toolbar\WebBrowser: (no name) - {9384BD4C-DD14-4BE9-80F7-F6277511E4F5} - No CLSID value found.

O3 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\..\Toolbar\WebBrowser: (no name) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - No CLSID value found.

O3 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O3 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\..\Toolbar\WebBrowser: (no name) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - No CLSID value found.

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [iObit Security 360] C:\Program Files\IObit\IObit Security 360\IS360tray.exe (IObit)

O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000..\Run: [bitComet] C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)

O4 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()

O4 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000..\Run: [speaking Clock Deluxe] C:\Program Files\Clock\SpClDlx.exe (Lux Aeterna)

O4 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000..\Run: [uIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe (ashampoo GmbH & Co. KG)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyGames = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuNetworkPlaces = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSecurityTab = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAddPrinter = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeKeyboardNavigationIndicators = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeAnimation = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictWelcomeCenter = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVisualStyleChoice = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0

O8 - Extra context menu item: &С&валяне &с BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)

O8 - Extra context menu item: &С&валяне на всички видео файлове с BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)

O8 - Extra context menu item: &С&валяне на всички с BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)

O9 - Extra Button: Публикуване на това в блог - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Публикуване на това в блог в Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.27.dll (BitComet)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.73.32.67 212.73.32.3

O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Microsoft\Windows Photo Gallery\Тапет от фотогалерията на Windows.jpg

O24 - Desktop BackupWallPaper: C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Microsoft\Windows Photo Gallery\Тапет от фотогалерията на Windows.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2009.08.12 14:57:05 | 000,000,119 | R--- | M] () - F:\autorun.inf -- [ CDFS ]

O33 - MountPoints2\{3860d2da-6998-11de-812d-001f3b1a4621}\Shell - "" = AutoRun

O33 - MountPoints2\{3860d34a-6998-11de-812d-001f3b1a4621}\Shell - "" = AutoRun

O33 - MountPoints2\{3860d34a-6998-11de-812d-001f3b1a4621}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- [2009.07.23 16:55:39 | 000,266,240 | R--- | M] (Vodafone)

O33 - MountPoints2\{58771737-1481-11df-b484-ae32ba25f35b}\Shell - "" = AutoRun

O33 - MountPoints2\{58771737-1481-11df-b484-ae32ba25f35b}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- [2009.07.23 16:55:39 | 000,266,240 | R--- | M] (Vodafone)

O33 - MountPoints2\{5877173d-1481-11df-b484-88abe79c55dd}\Shell - "" = AutoRun

O33 - MountPoints2\{5877173d-1481-11df-b484-88abe79c55dd}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- [2009.07.23 16:55:39 | 000,266,240 | R--- | M] (Vodafone)

O33 - MountPoints2\{d15efb49-3780-11df-bba0-d7fa559d6de1}\Shell - "" = AutoRun

O33 - MountPoints2\{d15efb49-3780-11df-bba0-d7fa559d6de1}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- [2009.07.23 16:55:39 | 000,266,240 | R--- | M] (Vodafone)

O33 - MountPoints2\{dce9cb05-eafd-11de-bb0d-eefe2204dce1}\Shell - "" = AutoRun

O33 - MountPoints2\{dce9cb06-eafd-11de-bb0d-eefe2204dce1}\Shell - "" = AutoRun

O33 - MountPoints2\F\Shell - "" = AutoRun

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

 

MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)

MsConfig - StartUpReg: IObit Security 360 - hkey= - key= - C:\Program Files\IObit\IObit Security 360\IS360tray.exe (IObit)

 

SafeBootMin: AppMgmt - File not found

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)

SafeBootMin: NTDS - File not found

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet: AppMgmt - File not found

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: NTDS - File not found

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PFNet - Reg Error: Value error.

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootNet: WudfPf - Driver

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {82833D38-6B96-B590-AE58-61E349C30822} - LightScribe Control Panel

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {8A517FED-1DAB-4FA2-BAF3-4C66AAE996EB} - .NET Framework

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {CE4BC71D-A88B-4943-BB3D-AF9C0E7D4387} - .NET Framework

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)

Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

Drivers32: wave1 - C:\Windows\System32\serwvdrv.dll (Microsoft Corporation)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010.07.07 20:36:40 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Tilyo Petrov Rusev\Searches\Desktop\OTL.exe

[2010.07.05 21:27:16 | 000,000,000 | ---D | C] -- C:\Users\Tilyo Petrov Rusev\Documents\Моите получени файлове

[2010.07.05 10:05:27 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys

[2010.07.05 10:05:26 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys

[2010.07.05 10:05:25 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys

[2010.07.05 10:05:24 | 000,050,256 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys

[2010.07.05 10:05:24 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys

[2010.07.05 10:05:08 | 000,165,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe

[2010.07.05 10:05:08 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\avastSS.scr

[2010.07.04 03:04:26 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2010.07.04 02:29:49 | 000,000,000 | ---D | C] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\BitComet

[2010.07.02 18:19:34 | 000,000,000 | ---D | C] -- C:\ProgramData\TomTom

[2010.06.30 15:07:35 | 000,000,000 | RH-D | C] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\SecuROM

[2010.06.30 11:54:03 | 000,000,000 | ---D | C] -- C:\Program Files\City Interactive

[2010.06.29 22:32:48 | 000,000,000 | ---D | C] -- C:\Users\Tilyo Petrov Rusev\AppData\Local\PokerStars

[2010.06.29 22:32:32 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars

[2010.06.29 19:35:03 | 000,000,000 | ---D | C] -- C:\Users\Tilyo Petrov Rusev\Documents\TomTom

[2010.06.29 14:14:28 | 000,000,000 | ---D | C] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\TomTom

[2010.06.29 14:14:28 | 000,000,000 | ---D | C] -- C:\Users\Tilyo Petrov Rusev\AppData\Local\TomTom

[2010.06.29 14:14:22 | 000,000,000 | ---D | C] -- C:\Program Files\TomTom International B.V

[2010.06.29 14:14:13 | 000,000,000 | ---D | C] -- C:\Program Files\TomTom HOME 2

[2010.06.29 14:11:38 | 000,000,000 | ---D | C] -- C:\Program Files\TomTom DesktopSuite

[2010.06.28 12:03:56 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll

[2010.06.28 12:03:56 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll

[2010.06.27 18:30:57 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan

[2010.06.24 18:29:11 | 000,266,240 | ---- | C] (Vista Software) -- C:\Windows\System32\SdeNsx50.dll

[2010.06.24 18:29:11 | 000,155,648 | ---- | C] (Vista Software) -- C:\Windows\System32\Sde50.dll

[2010.06.24 18:29:01 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Lotto Pro 2000

[2010.06.24 18:29:01 | 000,000,000 | ---D | C] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Data Solutions

[2010.06.21 14:20:10 | 000,000,000 | ---D | C] -- C:\Program Files\Net Tools

[2010.06.18 17:15:11 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2010.06.18 17:14:56 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2010.06.18 17:01:27 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

[2010.06.12 19:13:01 | 000,000,000 | ---D | C] -- C:\Program Files\Eltima Software

[2007.01.24 12:08:39 | 000,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2010.07.07 20:46:29 | 000,000,488 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{36B7568B-17E5-45C7-8D84-6F20454D115F}.job

[2010.07.07 20:46:08 | 006,291,456 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\ntuser.dat

[2010.07.07 20:36:41 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Tilyo Petrov Rusev\Searches\Desktop\OTL.exe

[2010.07.07 20:12:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010.07.07 20:02:38 | 000,004,688 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2010.07.07 20:02:38 | 000,004,688 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2010.07.07 12:05:16 | 000,000,449 | ---- | M] () -- C:\Windows\win.ini

[2010.07.07 12:04:26 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job

[2010.07.07 12:03:14 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl

[2010.07.07 12:02:45 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe

[2010.07.07 12:02:42 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010.07.07 12:02:41 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\AutoSmartDefrag.job

[2010.07.07 12:02:41 | 000,000,396 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job

[2010.07.07 12:02:35 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010.07.07 12:02:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010.07.07 12:02:15 | 3220,430,848 | -HS- | M] () -- C:\hiberfil.sys

[2010.07.07 12:00:20 | 000,524,288 | -HS- | M] () -- C:\Users\Tilyo Petrov Rusev\NTUSER.DAT{b344b6b4-479a-11df-ae6c-ffb662eea495}.TMContainer00000000000000000001.regtrans-ms

[2010.07.07 12:00:20 | 000,065,536 | -HS- | M] () -- C:\Users\Tilyo Petrov Rusev\NTUSER.DAT{b344b6b4-479a-11df-ae6c-ffb662eea495}.TM.blf

[2010.07.07 12:00:20 | 000,001,874 | ---- | M] () -- C:\Windows\bthservsdp.dat

[2010.07.07 11:52:36 | 005,581,785 | -H-- | M] () -- C:\Users\Tilyo Petrov Rusev\AppData\Local\IconCache.db

[2010.07.05 10:05:24 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

[2010.07.01 15:04:53 | 000,169,472 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010.07.01 11:00:45 | 000,000,680 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\AppData\Local\d3d9caps.dat

[2010.06.29 14:14:12 | 002,781,476 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2010.06.29 14:14:12 | 000,735,810 | ---- | M] () -- C:\Windows\System32\perfh00A.dat

[2010.06.29 14:14:12 | 000,724,918 | ---- | M] () -- C:\Windows\System32\prfh0816.dat

[2010.06.29 14:14:12 | 000,657,096 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010.06.29 14:14:12 | 000,189,502 | ---- | M] () -- C:\Windows\System32\perfh002.dat

[2010.06.29 14:14:12 | 000,159,712 | ---- | M] () -- C:\Windows\System32\perfc00A.dat

[2010.06.29 14:14:12 | 000,154,726 | ---- | M] () -- C:\Windows\System32\prfc0816.dat

[2010.06.29 14:14:12 | 000,124,392 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010.06.29 14:14:12 | 000,046,188 | ---- | M] () -- C:\Windows\System32\perfc002.dat

[2010.06.28 22:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\avastSS.scr

[2010.06.28 22:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe

[2010.06.28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys

[2010.06.28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys

[2010.06.28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys

[2010.06.28 22:32:56 | 000,050,256 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys

[2010.06.28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys

[2010.06.28 12:06:52 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job

[2010.06.28 09:33:06 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job

[2010.06.26 09:14:16 | 000,015,880 | ---- | M] () -- C:\Windows\System32\lsdelete.exe

[2010.06.21 14:11:46 | 000,000,049 | ---- | M] () -- C:\Windows\NeroDigital.ini

[2010.06.14 16:04:46 | 000,030,536 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe

[2010.06.14 15:58:28 | 000,021,320 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll

[2010.06.14 15:58:14 | 000,030,024 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll

[2010.06.12 08:37:50 | 000,391,592 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2010.07.06 19:42:43 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job

[2010.06.12 19:13:42 | 000,011,392 | ---- | C] () -- C:\Windows\System32\drivers\usbstub.sys

[2010.06.12 19:13:02 | 000,066,432 | ---- | C] () -- C:\Windows\System32\drivers\vuhub.sys

[2010.05.15 16:01:23 | 000,004,494 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys

[2010.05.15 16:01:23 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\D5FE058552.sys

[2010.04.16 20:08:38 | 000,000,005 | ---- | C] () -- C:\Windows\treeskp.sys

[2010.04.12 00:02:51 | 000,000,041 | ---- | C] () -- C:\Windows\Progs_.ini

[2009.12.24 23:07:24 | 000,000,098 | ---- | C] () -- C:\Windows\Crypkey.ini

[2009.12.24 23:06:29 | 000,031,846 | ---- | C] () -- C:\Windows\System32\Ckldrv.sys

[2009.12.24 23:06:29 | 000,018,432 | ---- | C] () -- C:\Windows\Setup_ck.dll

[2009.10.09 11:58:22 | 000,000,142 | ---- | C] () -- C:\Windows\ODBC.INI

[2009.07.17 01:38:09 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini

[2009.07.10 20:11:12 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini

[2009.07.08 09:45:55 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009.07.06 18:17:00 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys

[2008.05.10 17:52:41 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll

[2008.03.05 18:38:08 | 001,457,024 | ---- | C] () -- C:\Windows\System32\SSCProt.dll

[2007.10.01 08:59:45 | 001,769,984 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys

[2007.05.09 09:16:39 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys

[2007.04.20 18:15:53 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini

[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006.11.02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll

[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2001.08.29 19:57:40 | 000,155,648 | ---- | C] () -- C:\Windows\System32\addurl41.DLL

[2001.07.10 14:43:16 | 000,018,432 | ---- | C] () -- C:\Windows\System32\winwatch.DLL

 

========== LOP Check ==========

 

[2009.07.26 21:03:20 | 000,000,000 | ---D | M] -- C:\Users\tilyo\AppData\Roaming\uniblue

[2010.05.21 22:31:09 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Ashampoo

[2010.01.05 19:57:33 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Ashampoo Photo Commander 7

[2010.07.04 02:29:49 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\BitComet

[2010.02.28 23:52:31 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Blitware

[2009.07.23 09:43:12 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Cashfiesta

[2010.02.08 00:19:49 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2010.07.05 01:45:12 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\DAEMON Tools

[2010.06.24 18:29:01 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Data Solutions

[2009.11.19 17:50:01 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Gearbox Software

[2009.10.10 15:31:20 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\GetRightToGo

[2010.05.16 19:41:36 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\gtk-2.0

[2010.05.09 02:55:10 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\IObit

[2009.12.13 20:50:11 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\OpenCandy

[2009.08.19 11:06:34 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Opera

[2009.12.12 21:17:32 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Passware

[2010.01.06 20:30:29 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\SoftMaker

[2010.05.28 11:22:56 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Software Informer

[2009.12.31 13:22:29 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\SuperMP3Download

[2010.06.09 07:40:23 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\TeamViewer

[2009.08.09 16:47:24 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Thinstall

[2010.06.29 14:14:28 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\TomTom

[2009.08.10 11:21:47 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\TuneUp Software

[2010.05.28 11:14:06 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Uniblue

[2010.04.16 18:00:50 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\vghd

[2009.07.05 21:19:40 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Vodafone

[2010.03.02 03:38:48 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\WinBatch

[2010.05.17 13:55:25 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Windows Live Writer

[2009.12.13 14:24:06 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Wireshark

[2010.07.07 12:04:26 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job

[2009.10.08 16:00:01 | 000,000,360 | ---- | M] () -- C:\Windows\Tasks\At1.job

[2010.07.07 12:02:41 | 000,000,408 | ---- | M] () -- C:\Windows\Tasks\AutoSmartDefrag.job

[2010.07.07 12:02:41 | 000,000,396 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job

[2010.06.28 12:06:52 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job

[2010.07.07 12:00:20 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2010.06.28 09:33:06 | 000,000,410 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job

[2010.07.07 20:46:29 | 000,000,488 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{36B7568B-17E5-45C7-8D84-6F20454D115F}.job

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2010.07.07 12:02:14 | 000,002,684 | ---- | M] () -- C:\aaw7boot.log

[2006.09.18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2009.04.11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr

[2007.04.20 18:26:03 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK

[2006.12.30 01:24:54 | 000,000,011 | ---- | M] () -- C:\CG13.txt

[2006.09.18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys

[2008.05.10 17:56:36 | 000,020,777 | ---- | M] () -- C:\devlist.txt

[2008.01.11 03:11:23 | 001,048,576 | RH-- | M] () -- C:\F3Sg.BIN

[2008.01.15 11:01:19 | 000,000,015 | ---- | M] () -- C:\F3Sg_Vista.10

[2010.07.07 12:02:15 | 3220,430,848 | -HS- | M] () -- C:\hiberfil.sys

[2009.09.01 17:29:37 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2010.04.30 18:21:58 | 000,000,108 | ---- | M] () -- C:\mbam-error.txt

[2009.09.01 17:29:37 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2007.05.17 05:35:24 | 000,000,015 | ---- | M] () -- C:\NIS2007_G.TXT

[2007.03.16 01:18:45 | 000,000,025 | ---- | M] () -- C:\OFFICE2007_G.TXT

[2010.07.07 12:02:14 | 3534,008,320 | -HS- | M] () -- C:\pagefile.sys

[2008.05.10 04:34:48 | 000,000,105 | ---- | M] () -- C:\Pass.txt

[2007.05.24 00:43:40 | 000,000,017 | ---- | M] () -- C:\READER_G.TXT

[2007.12.11 05:31:40 | 000,000,014 | ---- | M] () -- C:\RECOVERY.DAT

[2009.04.02 18:02:58 | 000,185,833 | ---- | M] () -- C:\shldr

[2008.05.10 15:59:33 | 000,000,166 | ---- | M] () -- C:\SumHidd.txt

[2008.05.10 15:58:50 | 000,000,098 | ---- | M] () -- C:\SumOS.txt

[2007.12.06 22:22:16 | 000,000,023 | ---- | M] () -- C:\V54.TXT

 

 

< MD5 for: AGP440.SYS >

[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys

[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys

[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys

[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys

[2008.05.10 16:34:25 | 000,056,504 | ---- | M] (Microsoft Corporation) MD5=198636E76971EBC96404547EC0FD5E75 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_cb7c81c7\AGP440.sys

[2008.05.10 16:34:25 | 000,056,504 | ---- | M] (Microsoft Corporation) MD5=198636E76971EBC96404547EC0FD5E75 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20598_none_b85cfa98dae9b436\AGP440.sys

[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys

[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

 

< MD5 for: ATAPI.SYS >

[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys

[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys

[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys

[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys

[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys

[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

[2008.01.19 07:06:48 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\SoftwareDistribution\Download\c0a17eb89d8e2d806cdee4a2d05890b4\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys

[2009.07.05 21:59:51 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys

[2009.07.05 21:59:51 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys

[2008.01.19 06:33:23 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\SoftwareDistribution\Download\c0a17eb89d8e2d806cdee4a2d05890b4\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

[2009.07.05 21:59:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

 

< MD5 for: CNGAUDIT.DLL >

[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll

[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

 

< MD5 for: IASTOR.SYS >

[2007.09.29 17:03:11 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\drivers\iaStor.sys

[2007.09.29 17:03:11 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys

[2007.09.29 17:03:11 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_41af7b1f\iaStor.sys

 

< MD5 for: IASTORV.SYS >

[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys

[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys

[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys

[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

 

< MD5 for: NETLOGON.DLL >

[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll

[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll

[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll

[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

 

< MD5 for: NVSTOR.SYS >

[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys

[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys

[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

 

< MD5 for: SCECLI.DLL >

[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll

[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll

[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll

[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll

[2010.05.04 07:56:25 | 000,599,040 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\msfeeds.dll

[2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll

[2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %PROGRAMFILES%\*. >

[2010.02.07 23:40:16 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe

[2010.07.07 11:50:55 | 000,000,000 | ---D | M] -- C:\Program Files\Advanced Access Controller

[2010.05.03 18:23:48 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software

[2010.05.28 22:51:05 | 000,000,000 | ---D | M] -- C:\Program Files\ao2000pr

[2009.07.27 13:39:23 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update

[2009.11.18 19:52:55 | 000,000,000 | ---D | M] -- C:\Program Files\Ares

[2010.06.29 12:29:47 | 000,000,000 | ---D | M] -- C:\Program Files\Ashampoo

[2008.05.10 17:41:26 | 000,000,000 | ---D | M] -- C:\Program Files\ASUS

[2008.05.10 17:19:55 | 000,000,000 | ---D | M] -- C:\Program Files\ATK Hotkey

[2008.05.10 17:20:36 | 000,000,000 | ---D | M] -- C:\Program Files\ATKGFNEX

[2008.05.10 17:21:23 | 000,000,000 | ---D | M] -- C:\Program Files\ATKOSD2

[2010.07.07 11:50:56 | 000,000,000 | ---D | M] -- C:\Program Files\Automated Result Operator

[2010.03.04 20:24:21 | 000,000,000 | ---D | M] -- C:\Program Files\AVerMedia

[2009.08.13 10:17:10 | 000,000,000 | ---D | M] -- C:\Program Files\BACL

[2010.03.18 15:44:37 | 000,000,000 | ---D | M] -- C:\Program Files\Belarc

[2010.07.05 01:45:12 | 000,000,000 | ---D | M] -- C:\Program Files\BitComet

[2010.06.18 17:01:28 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour

[2009.08.09 15:56:14 | 000,000,000 | ---D | M] -- C:\Program Files\CBS Software

[2010.06.24 15:45:28 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner

[2010.01.08 11:32:01 | 000,000,000 | ---D | M] -- C:\Program Files\CD Recovery Toolbox Free

[2009.11.11 18:17:33 | 000,000,000 | ---D | M] -- C:\Program Files\cFosSpeed

[2010.06.30 11:54:03 | 000,000,000 | ---D | M] -- C:\Program Files\City Interactive

[2010.04.20 17:29:37 | 000,000,000 | ---D | M] -- C:\Program Files\Clock

[2010.06.10 11:57:27 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files

[2010.02.15 19:53:11 | 000,000,000 | ---D | M] -- C:\Program Files\Conduit

[2010.05.16 19:48:56 | 000,000,000 | ---D | M] -- C:\Program Files\Corel

[2010.07.07 11:50:56 | 000,000,000 | ---D | M] -- C:\Program Files\Count Access Advancer

[2010.07.07 11:50:56 | 000,000,000 | ---D | M] -- C:\Program Files\Customized Web Management

[2009.07.06 18:37:29 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Lite

[2009.12.26 22:40:14 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Toolbar

[2010.02.28 23:52:28 | 000,000,000 | ---D | M] -- C:\Program Files\Driver Robot

[2010.03.09 13:57:11 | 000,000,000 | ---D | M] -- C:\Program Files\Driver Whiz

[2010.06.12 19:13:01 | 000,000,000 | ---D | M] -- C:\Program Files\Eltima Software

[2010.05.02 23:39:20 | 000,000,000 | ---D | M] -- C:\Program Files\EMPA

[2009.08.17 14:10:38 | 000,000,000 | ---D | M] -- C:\Program Files\Enigma Software Group

[2010.07.04 03:04:26 | 000,000,000 | ---D | M] -- C:\Program Files\ESET

[2010.01.02 14:34:31 | 000,000,000 | ---D | M] -- C:\Program Files\Fighters

[2010.05.01 12:59:09 | 000,000,000 | ---D | M] -- C:\Program Files\GIMP-2

[2010.05.01 13:45:20 | 000,000,000 | ---D | M] -- C:\Program Files\GIMP-2.0

[2010.05.20 00:17:34 | 000,000,000 | ---D | M] -- C:\Program Files\Google

[2009.10.09 17:15:14 | 000,000,000 | ---D | M] -- C:\Program Files\GoWin Deluxe

[2009.11.12 11:34:59 | 000,000,000 | ---D | M] -- C:\Program Files\Groove Games

[2010.05.16 20:53:32 | 000,000,000 | ---D | M] -- C:\Program Files\Hot_MP3

[2009.09.29 19:33:22 | 000,000,000 | ---D | M] -- C:\Program Files\illiminable

[2010.06.06 18:30:15 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information

[2008.05.10 17:05:30 | 000,000,000 | ---D | M] -- C:\Program Files\Intel

[2010.07.07 11:50:55 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Connection Wizard

[2010.07.07 11:50:56 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Content Assistant

[2010.06.12 08:34:45 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer

[2010.05.11 18:06:12 | 000,000,000 | ---D | M] -- C:\Program Files\IObit

[2009.09.25 14:39:41 | 000,000,000 | ---D | M] -- C:\Program Files\iPhone Configuration Utility

[2010.06.18 17:15:11 | 000,000,000 | ---D | M] -- C:\Program Files\iPod

[2010.06.18 17:15:56 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes

[2010.04.26 13:49:26 | 000,000,000 | ---D | M] -- C:\Program Files\Java

[2010.01.07 00:42:03 | 000,000,000 | ---D | M] -- C:\Program Files\Lavalys

[2010.05.12 07:39:14 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft

[2010.04.30 18:21:58 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010.06.27 19:14:52 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee Security Scan

[2010.05.17 13:19:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft

[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games

[2009.12.19 15:27:26 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office

[2010.06.05 07:11:54 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight

[2010.05.17 13:20:44 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition

[2008.05.10 15:28:19 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio

[2009.07.07 22:04:41 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works

[2010.06.23 11:25:32 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET

[2010.05.12 10:51:25 | 000,000,000 | ---D | M] -- C:\Program Files\Monsters

[2008.05.10 15:19:46 | 000,000,000 | ---D | M] -- C:\Program Files\Motorola

[2010.03.11 03:53:04 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker

[2010.07.04 02:57:15 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox

[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild

[2010.05.10 10:01:15 | 000,000,000 | ---D | M] -- C:\Program Files\myBabylon_English

[2009.07.10 23:02:21 | 000,000,000 | ---D | M] -- C:\Program Files\NASA

[2009.07.05 20:38:32 | 000,000,000 | ---D | M] -- C:\Program Files\Nero

[2010.06.21 14:20:54 | 000,000,000 | ---D | M] -- C:\Program Files\Net Tools

[2010.05.19 18:03:31 | 000,000,000 | ---D | M] -- C:\Program Files\Nikozen

[2010.04.14 20:23:15 | 000,000,000 | ---D | M] -- C:\Program Files\NovaLogic

[2010.04.18 10:14:28 | 000,000,000 | ---D | M] -- C:\Program Files\Opera 10 Beta

[2010.05.06 19:43:01 | 000,000,000 | ---D | M] -- C:\Program Files\OptiNet

[2009.07.30 09:10:56 | 000,000,000 | ---D | M] -- C:\Program Files\OverDisk

[2008.05.10 17:38:45 | 000,000,000 | ---D | M] -- C:\Program Files\P4G

[2008.05.10 17:42:04 | 000,000,000 | ---D | M] -- C:\Program Files\P4P

[2009.12.12 21:06:18 | 000,000,000 | ---D | M] -- C:\Program Files\Passware

[2010.04.15 13:53:32 | 000,000,000 | ---D | M] -- C:\Program Files\pchd

[2010.06.29 22:33:08 | 000,000,000 | ---D | M] -- C:\Program Files\PokerStars

[2010.04.01 14:26:44 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime

[2010.05.07 10:08:22 | 000,000,000 | ---D | M] -- C:\Program Files\Raxco

[2010.06.12 20:39:14 | 000,000,000 | ---D | M] -- C:\Program Files\Readon Technology

[2008.05.10 17:17:42 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek

[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies

[2009.11.05 18:07:47 | 000,000,000 | ---D | M] -- C:\Program Files\RocketDock

[2010.06.18 16:44:17 | 000,000,000 | ---D | M] -- C:\Program Files\Safari

[2009.11.05 17:11:31 | 000,000,000 | R--D | M] -- C:\Program Files\Skype

[2009.12.19 17:52:51 | 000,000,000 | ---D | M] -- C:\Program Files\SopCast

[2010.05.09 19:15:54 | 000,000,000 | ---D | M] -- C:\Program Files\SuperMp3Download

[2010.01.03 22:10:58 | 000,000,000 | ---D | M] -- C:\Program Files\TeamViewer

[2010.01.17 15:41:01 | 000,000,000 | ---D | M] -- C:\Program Files\The KMPlayer

[2010.06.29 14:11:38 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom DesktopSuite

[2010.07.05 01:45:12 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom HOME 2

[2010.06.29 14:14:22 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom International B.V

[2010.07.06 11:13:42 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro

[2010.06.28 12:03:55 | 000,000,000 | ---D | M] -- C:\Program Files\TuneUp Utilities 2010

[2009.11.19 17:36:18 | 000,000,000 | ---D | M] -- C:\Program Files\Ubisoft

[2010.05.28 11:27:17 | 000,000,000 | ---D | M] -- C:\Program Files\Uniblue

[2009.07.18 15:04:10 | 000,000,000 | ---D | M] -- C:\Program Files\Utherverse Digital Inc

[2010.04.19 07:32:29 | 000,000,000 | ---D | M] -- C:\Program Files\vghd

[2010.03.14 13:35:11 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN

[2010.03.24 22:01:16 | 000,000,000 | ---D | M] -- C:\Program Files\Vodafone

[2010.05.10 13:46:40 | 000,000,000 | ---D | M] -- C:\Program Files\Wandering IPs

[2010.05.04 12:43:25 | 000,000,000 | ---D | M] -- C:\Program Files\Winamp

[2009.09.24 12:27:51 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar

[2009.09.24 12:27:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration

[2009.09.24 12:27:38 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender

[2009.07.16 12:48:02 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Doctor

[2010.06.09 15:35:14 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal

[2010.05.17 13:21:55 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live

[2010.05.17 13:19:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive

[2010.06.24 18:29:15 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Lotto Pro 2000

[2010.06.12 08:34:45 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail

[2009.10.28 18:07:46 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player

[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT

[2009.09.24 12:27:47 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery

[2009.10.28 18:36:29 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices

[2009.09.24 12:27:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar

[2009.12.19 15:18:55 | 000,000,000 | ---D | M] -- C:\Program Files\Windows SideShow

[2010.05.04 11:18:31 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR

[2008.05.10 17:28:57 | 000,000,000 | ---D | M] -- C:\Program Files\Wireless Console 2

[2010.05.11 14:40:18 | 000,000,000 | ---D | M] -- C:\Program Files\Wise Registry Cleaner

[2010.05.11 00:07:36 | 000,000,000 | ---D | M] -- C:\Program Files\WorkStationOPtimizer

[2010.05.04 11:43:33 | 000,000,000 | ---D | M] -- C:\Program Files\Yamicsoft

[2010.02.15 19:51:51 | 000,000,000 | ---D | M] -- C:\Program Files\Zapu

[2009.08.17 15:56:12 | 000,000,000 | ---D | M] -- C:\Program Files\Zards software

[2009.09.18 01:31:15 | 000,000,000 | ---D | M] -- C:\Program Files\Zoo Digital Publishing

 

< %userprofile%\Desktop\*.* >

[2010.04.07 22:54:25 | 000,000,715 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\Ares.lnk

[2009.11.19 17:46:04 | 000,002,122 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\Brothers In Arms.lnk

[2010.02.09 16:42:31 | 000,000,282 | -HS- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\desktop.ini

[2010.01.28 21:34:14 | 000,000,901 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\GammonEmpire.lnk

[2009.10.09 18:10:51 | 000,001,881 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\HijackThis.lnk

[2010.06.24 18:29:13 | 000,000,815 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\Lotto Pro.lnk

[2009.11.14 02:16:34 | 000,002,079 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\Marine Sharpshooter II Jungle Warfare.lnk

[2010.05.06 19:43:01 | 000,000,777 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\OptiNet.lnk

[2009.11.10 20:04:15 | 000,000,781 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\ParadiseCasino - Bulgarian.lnk

[2010.05.21 18:45:54 | 000,000,926 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\PowerGramo.lnk

[2009.12.19 17:43:42 | 000,000,755 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\SopCast.lnk

[2010.06.24 18:29:13 | 000,000,796 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\Update Lotto Drawing Files.lnk

[2010.05.10 13:51:17 | 000,001,654 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\Wandering IPs.lnk

 

< %userprofile%\Desktop\*. >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-07-01 19:17:29

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:1F8C9007

@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:6A91BBD8

@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:EBACC189

@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:CF778051

< End of report >

Link to comment
Сподели другаде
Night_Raven Ентусиаст

Night_Raven

Публикувано
Публикувано
Съжалявам, но нямам намерение да помагам, след като ползваш пиратска версия на Malwarebytes' Anti-Malware, което не само доказва, че не проявяваш уважение, но и не спазваш точно инструкциите, които са ти дадени.
Link to comment
Сподели другаде
Night_Raven Ентусиаст

Night_Raven

Публикувано
Публикувано

Т.е. си инсталирал програмата преди една година, регистрирал си я (без да си осъзнал, че това е нелегално) и си я обновявал към всяка следваща версия?

Малко невероятно ми се струва.

 

Иначе деинсталацията няма да заличи нужната информация. След като деинсталираш програмата стартирай този файл, отговори с Yes и на двата въпроса и чак след рестарта инсталирай отново програмата.

 

След това отново сканирай с OTL и дай нови лог файлове.

Link to comment
Сподели другаде
surogati Новобранец

surogati

Публикувано
  • Author
Публикувано

OTL logfile created on: 8.7.2010 г. 01:15:03 - Run 2

OTL by OldTimer - Version 3.2.7.1 Folder = C:\Users\Tilyo Petrov Rusev\Searches\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18928)

Locale: 00000402 | Country: Bulgaria | Language: BGR | Date Format: d.M.yyyy 'г.'

 

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free

6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 116,44 Gb Total Space | 29,07 Gb Free Space | 24,97% Space Free | Partition Type: NTFS

Drive D: | 108,63 Gb Total Space | 18,96 Gb Free Space | 17,46% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

Drive F: | 35,81 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: TILYOPETROVRUS1

Current User Name: Tilyo Petrov Rusev

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 30 Days

Output = Minimal

 

========== Processes (SafeList) ==========

 

PRC - C:\Users\Tilyo Petrov Rusev\Searches\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)

PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)

PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)

PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)

PRC - C:\Program Files\IObit\IObit Security 360\is360srv.exe (IObit)

PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

PRC - C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe (IObit)

PRC - C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)

PRC - C:\Program Files\Raxco\PerfectSpeed20\Rx2AgentS1.exe (Raxco Software, Inc.)

PRC - C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe (Raxco Software, Inc.)

PRC - C:\Program Files\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe (ashampoo GmbH & Co. KG)

PRC - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)

PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)

PRC - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe (Autodata Limited)

PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)

PRC - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragMonitorService.exe (ashampoo Technology GmbH & Co. KG)

PRC - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe ()

PRC - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe ( )

PRC - C:\Program Files\ASUS\SmartLogon\sensorsrv.exe (ASUS)

PRC - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()

PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)

PRC - C:\Program Files\ATK Hotkey\HControl.exe (ATK0100)

PRC - C:\Program Files\ATK Hotkey\AsLdrSrv.exe ()

PRC - C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe ()

PRC - C:\Program Files\RocketDock\RocketDock.exe ()

PRC - C:\Program Files\P4G\BatteryLife.exe (ATK)

PRC - C:\Program Files\ATK Hotkey\WDC.exe ()

PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()

PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()

PRC - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()

PRC - C:\Program Files\Wireless Console 2\wcourier.exe ()

PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()

PRC - C:\Windows\System32\Crypserv.exe (CrypKey (Canada) Ltd.)

PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)

PRC - C:\Program Files\Clock\SpClDlx.exe (Lux Aeterna)

 

 

========== Modules (SafeList) ==========

 

MOD - C:\Users\Tilyo Petrov Rusev\Searches\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)

 

 

========== Win32 Services (SafeList) ==========

 

SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)

SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)

SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)

SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)

SRV - (TuneUp.Defrag) -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)

SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)

SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)

SRV - (IS360service) -- C:\Program Files\IObit\IObit Security 360\is360srv.exe (IObit)

SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)

SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)

SRV - (W3SVC) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)

SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (Rx2Engine) -- C:\Program Files\Raxco\PerfectSpeed20\Rx2Engine.exe (Raxco Software, Inc.)

SRV - (Rx2Agent) -- C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe (Raxco Software, Inc.)

SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)

SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)

SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)

SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)

SRV - (Autodata Limited License Service) -- C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe (Autodata Limited)

SRV - (VMCService) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)

SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation)

SRV - (AshampooDefragService) -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe ( )

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe ()

SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()

SRV - (spmgr) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()

SRV - (ADSMService) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()

SRV - (Crypkey License) -- C:\Windows\System32\Crypserv.exe (CrypKey (Canada) Ltd.)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (SQTECH905C) -- C:\Windows\System32\Drivers\Capt905c.sys File not found

DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found

DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found

DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found

DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found

DRV - (ASW3Scan) -- C:\Program Files\Ashampoo\Ashampoo Anti-Malware\AAMW_IFS32.sys File not found

DRV - (AAMWRegFilter) -- C:\Program Files\Ashampoo\Ashampoo Anti-Malware\AAMW_Regfilter32.sys File not found

DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)

DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)

DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)

DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software)

DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software)

DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB)

DRV - (PSSDKLBF) -- C:\Windows\System32\drivers\pssdklbf.sys (microOLAP Technologies LTD)

DRV - (PSSDK42) -- C:\Windows\System32\drivers\pssdk42.sys (microOLAP Technologies LTD)

DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)

DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)

DRV - (DefragFS) -- C:\Windows\System32\drivers\DefragFs.sys (Raxco Software, Inc.)

DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()

DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)

DRV - (hwusbfake) -- C:\Windows\System32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)

DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)

DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)

DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)

DRV - (RMCAST) RMCAST (Pgm) -- C:\Windows\System32\drivers\rmcast.sys (Microsoft Corporation)

DRV - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)

DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)

DRV - (AtcL001) -- C:\Windows\System32\drivers\l160x86.sys (Atheros Communications, Inc.)

DRV - (AVerAF15) -- C:\Windows\System32\drivers\AVerAF15.sys (AVerMedia TECHNOLOGIES, Inc.)

DRV - (Sentinel) -- C:\Windows\System32\Drivers\SENTINEL.SYS (SafeNet, Inc.)

DRV - (BthAvrcp) -- C:\Windows\System32\drivers\BthAvrcp.sys (CSR, plc)

DRV - (MODEMCSA) -- C:\Windows\System32\drivers\MODEMCSA.sys (Microsoft Corporation)

DRV - (eltima_usb_stub) -- C:\Windows\System32\drivers\usbstub.sys ()

DRV - (vuhub) -- C:\Windows\System32\drivers\vuhub.sys ()

DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)

DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()

DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)

DRV - (lullaby) -- C:\Windows\system32\DRIVERS\lullaby.sys (Windows ® Codename Longhorn DDK provider)

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)

DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)

DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (Windows ® Codename Longhorn DDK provider)

DRV - (ghaio) -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys ()

DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()

DRV - (NETw4v32) Intel® -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)

DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )

DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)

DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)

DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)

DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)

DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)

DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)

DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)

DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)

DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)

DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)

DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)

DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)

DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)

DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)

DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)

DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)

DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)

DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)

DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)

DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)

DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)

DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)

DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)

DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)

DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)

DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)

DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)

DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)

DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)

DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)

DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)

DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)

DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)

DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)

DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)

DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)

DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)

DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)

DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)

DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)

DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)

DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)

DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)

DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)

DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)

DRV - (NETw3v32) Intel® -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)

DRV - (E1G60) Intel® -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)

DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)

DRV - (NetworkX) -- C:\Windows\system32\ckldrv.sys ()

DRV - (Ps2) -- C:\Windows\System32\drivers\PS2.sys (Hewlett-Packard Company)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com

IE - HKLM\..\URLSearchHook: {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - Reg Error: Key error. File not found

IE - HKLM\..\URLSearchHook: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - Reg Error: Key error. File not found

 

 

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com

IE - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "http://webalta.ru"

FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2

FF - prefs.js..extensions.enabledItems: abvnotifier@netinfo.bg:0.9.8

FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3

FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:0.9.10.2

FF - prefs.js..extensions.enabledItems: {ca0849e8-2c76-42ae-9abe-34e14d337acf}:1.91

FF - prefs.js..extensions.enabledItems: nosquint@urandom.ca:2.0.3

FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.21

FF - prefs.js..extensions.enabledItems: {9d1f059c-cada-4111-9696-41a62d64e3ba}:0.5.2.1

FF - prefs.js..extensions.enabledItems: jyboy.yy@gmail.com:1.0.3

FF - prefs.js..extensions.enabledItems: bg-BG@dictionaries.addons.mozilla.org:4.1

FF - prefs.js..extensions.enabledItems: {de5809e0-2b07-11dd-bd0b-0800200c9a66}:1.2.0

 

FF - user.js..browser.startup.homepage: "http://webalta.ru"

 

FF - HKLM\software\mozilla\Firefox\Extensions\\{AA1ACB70-B5F1-4037-909E-1F725B04D2A8}: C:\Program Files\Customized Web Management\1.6.0.3840\FF

FF - HKLM\software\mozilla\Firefox\Extensions\\{5909FC3D-7F8B-415d-A5D1-7C7E941E536E}: C:\Program Files\Internet Content Assistant\1.6.0.3960\FF

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.04 02:29:50 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.04 02:29:50 | 000,000,000 | ---D | M]

 

[2010.06.29 14:14:29 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Extensions

[2010.06.29 14:14:29 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Extensions\home2@tomtom.com

[2010.07.07 23:11:34 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions

[2010.06.01 21:50:44 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}

[2010.07.06 11:51:43 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

[2010.07.05 01:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\{3ed70016-b11f-4990-b5a3-a52a92bcf0ac}

[2010.07.07 20:18:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\{9d1f059c-cada-4111-9696-41a62d64e3ba}

[2010.07.04 02:29:51 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}

[2010.05.21 10:56:15 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2010.06.21 11:38:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf}

[2010.05.24 19:30:38 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2010.05.21 13:24:27 | 000,000,000 | ---D | M] (Gradient iCool) -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}

[2010.05.24 19:44:02 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\abvnotifier@netinfo.bg

[2010.07.07 23:11:27 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\bg-BG@dictionaries.addons.mozilla.org

[2010.07.07 22:59:18 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\jyboy.yy@gmail.com

[2010.06.28 21:01:15 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\nosquint@urandom.ca

[2010.05.24 19:58:29 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\mozilla\Firefox\Profiles\u00xiagw.default\extensions\personas@christopher.beard

[2010.07.05 12:27:14 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2010.07.05 12:27:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010.07.05 12:26:39 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2010.04.01 18:50:01 | 000,001,083 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\911bg.xml

[2010.04.01 18:50:01 | 000,002,442 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\diribg.xml

[2010.04.01 18:50:01 | 000,001,515 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pe-bg.xml

[2010.04.01 18:50:01 | 000,001,857 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\portalbgdict.xml

[2010.04.01 18:50:01 | 000,001,220 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-bg.xml

 

O1 HOSTS File: ([2009.07.17 22:01:02 | 000,000,743 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.27.dll (BitComet)

O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - {42ad2408-baaa-408d-b13e-4706560e817b} - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - No CLSID value found.

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - No CLSID value found.

O3 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.

O3 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\..\Toolbar\WebBrowser: (no name) - {9384BD4C-DD14-4BE9-80F7-F6277511E4F5} - No CLSID value found.

O3 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\..\Toolbar\WebBrowser: (no name) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - No CLSID value found.

O3 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O3 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\..\Toolbar\WebBrowser: (no name) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - No CLSID value found.

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [iObit Security 360] C:\Program Files\IObit\IObit Security 360\IS360tray.exe (IObit)

O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000..\Run: [bitComet] C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)

O4 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()

O4 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000..\Run: [speaking Clock Deluxe] C:\Program Files\Clock\SpClDlx.exe (Lux Aeterna)

O4 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000..\Run: [uIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe (ashampoo GmbH & Co. KG)

O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyGames = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuNetworkPlaces = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSecurityTab = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAddPrinter = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeKeyboardNavigationIndicators = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeAnimation = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictWelcomeCenter = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVisualStyleChoice = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0

O7 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0

O8 - Extra context menu item: &С&валяне &с BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)

O8 - Extra context menu item: &С&валяне на всички видео файлове с BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)

O8 - Extra context menu item: &С&валяне на всички с BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)

O9 - Extra Button: Публикуване на това в блог - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Публикуване на това в блог в Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.27.dll (BitComet)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Microsoft\Windows Photo Gallery\Тапет от фотогалерията на Windows.jpg

O24 - Desktop BackupWallPaper: C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Microsoft\Windows Photo Gallery\Тапет от фотогалерията на Windows.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2009.08.12 14:57:05 | 000,000,119 | R--- | M] () - F:\autorun.inf -- [ CDFS ]

O33 - MountPoints2\{3860d2da-6998-11de-812d-001f3b1a4621}\Shell - "" = AutoRun

O33 - MountPoints2\{3860d34a-6998-11de-812d-001f3b1a4621}\Shell - "" = AutoRun

O33 - MountPoints2\{3860d34a-6998-11de-812d-001f3b1a4621}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- [2009.07.23 16:55:39 | 000,266,240 | R--- | M] (Vodafone)

O33 - MountPoints2\{58771737-1481-11df-b484-ae32ba25f35b}\Shell - "" = AutoRun

O33 - MountPoints2\{58771737-1481-11df-b484-ae32ba25f35b}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- [2009.07.23 16:55:39 | 000,266,240 | R--- | M] (Vodafone)

O33 - MountPoints2\{5877173d-1481-11df-b484-88abe79c55dd}\Shell - "" = AutoRun

O33 - MountPoints2\{5877173d-1481-11df-b484-88abe79c55dd}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- [2009.07.23 16:55:39 | 000,266,240 | R--- | M] (Vodafone)

O33 - MountPoints2\{d15efb49-3780-11df-bba0-d7fa559d6de1}\Shell - "" = AutoRun

O33 - MountPoints2\{d15efb49-3780-11df-bba0-d7fa559d6de1}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- [2009.07.23 16:55:39 | 000,266,240 | R--- | M] (Vodafone)

O33 - MountPoints2\{dce9cb05-eafd-11de-bb0d-eefe2204dce1}\Shell - "" = AutoRun

O33 - MountPoints2\{dce9cb06-eafd-11de-bb0d-eefe2204dce1}\Shell - "" = AutoRun

O33 - MountPoints2\F\Shell - "" = AutoRun

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

 

MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)

MsConfig - StartUpReg: IObit Security 360 - hkey= - key= - C:\Program Files\IObit\IObit Security 360\IS360tray.exe (IObit)

 

SafeBootMin: AppMgmt - File not found

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)

SafeBootMin: NTDS - File not found

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet: AppMgmt - File not found

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: NTDS - File not found

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PFNet - Reg Error: Value error.

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootNet: WudfPf - Driver

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {82833D38-6B96-B590-AE58-61E349C30822} - LightScribe Control Panel

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {8A517FED-1DAB-4FA2-BAF3-4C66AAE996EB} - .NET Framework

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {CE4BC71D-A88B-4943-BB3D-AF9C0E7D4387} - .NET Framework

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)

Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

Drivers32: wave1 - C:\Windows\System32\serwvdrv.dll (Microsoft Corporation)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010.07.08 01:12:11 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010.07.08 01:12:09 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010.07.08 01:12:09 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010.07.07 20:36:40 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Tilyo Petrov Rusev\Searches\Desktop\OTL.exe

[2010.07.05 21:27:16 | 000,000,000 | ---D | C] -- C:\Users\Tilyo Petrov Rusev\Documents\Моите получени файлове

[2010.07.05 10:05:27 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys

[2010.07.05 10:05:26 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys

[2010.07.05 10:05:25 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys

[2010.07.05 10:05:24 | 000,050,256 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys

[2010.07.05 10:05:24 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys

[2010.07.05 10:05:08 | 000,165,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe

[2010.07.05 10:05:08 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\avastSS.scr

[2010.07.04 03:04:26 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2010.07.04 02:29:49 | 000,000,000 | ---D | C] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\BitComet

[2010.07.02 18:19:34 | 000,000,000 | ---D | C] -- C:\ProgramData\TomTom

[2010.06.30 15:07:35 | 000,000,000 | RH-D | C] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\SecuROM

[2010.06.30 11:54:03 | 000,000,000 | ---D | C] -- C:\Program Files\City Interactive

[2010.06.29 22:32:48 | 000,000,000 | ---D | C] -- C:\Users\Tilyo Petrov Rusev\AppData\Local\PokerStars

[2010.06.29 22:32:32 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars

[2010.06.29 19:35:03 | 000,000,000 | ---D | C] -- C:\Users\Tilyo Petrov Rusev\Documents\TomTom

[2010.06.29 14:14:28 | 000,000,000 | ---D | C] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\TomTom

[2010.06.29 14:14:28 | 000,000,000 | ---D | C] -- C:\Users\Tilyo Petrov Rusev\AppData\Local\TomTom

[2010.06.29 14:14:22 | 000,000,000 | ---D | C] -- C:\Program Files\TomTom International B.V

[2010.06.29 14:14:13 | 000,000,000 | ---D | C] -- C:\Program Files\TomTom HOME 2

[2010.06.29 14:11:38 | 000,000,000 | ---D | C] -- C:\Program Files\TomTom DesktopSuite

[2010.06.28 12:03:56 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll

[2010.06.28 12:03:56 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll

[2010.06.27 18:30:57 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan

[2010.06.24 18:29:11 | 000,266,240 | ---- | C] (Vista Software) -- C:\Windows\System32\SdeNsx50.dll

[2010.06.24 18:29:11 | 000,155,648 | ---- | C] (Vista Software) -- C:\Windows\System32\Sde50.dll

[2010.06.24 18:29:01 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Lotto Pro 2000

[2010.06.24 18:29:01 | 000,000,000 | ---D | C] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Data Solutions

[2010.06.21 14:20:10 | 000,000,000 | ---D | C] -- C:\Program Files\Net Tools

[2010.06.18 17:15:11 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2010.06.18 17:14:56 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2010.06.18 17:01:27 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

[2010.06.12 19:13:01 | 000,000,000 | ---D | C] -- C:\Program Files\Eltima Software

[2007.01.24 12:08:39 | 000,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2010.07.08 01:17:04 | 006,291,456 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\ntuser.dat

[2010.07.08 01:14:28 | 000,000,488 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{36B7568B-17E5-45C7-8D84-6F20454D115F}.job

[2010.07.08 01:12:13 | 000,000,803 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010.07.08 01:12:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010.07.08 01:08:29 | 000,000,449 | ---- | M] () -- C:\Windows\win.ini

[2010.07.08 01:07:44 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job

[2010.07.08 01:06:28 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl

[2010.07.08 01:05:53 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe

[2010.07.08 01:05:53 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010.07.08 01:05:50 | 000,000,396 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job

[2010.07.08 01:05:49 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\AutoSmartDefrag.job

[2010.07.08 01:05:43 | 000,004,688 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2010.07.08 01:05:43 | 000,004,688 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2010.07.08 01:05:43 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010.07.08 01:05:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010.07.08 01:05:29 | 3220,430,848 | -HS- | M] () -- C:\hiberfil.sys

[2010.07.08 01:04:32 | 000,001,874 | ---- | M] () -- C:\Windows\bthservsdp.dat

[2010.07.08 01:04:31 | 000,524,288 | -HS- | M] () -- C:\Users\Tilyo Petrov Rusev\NTUSER.DAT{b344b6b4-479a-11df-ae6c-ffb662eea495}.TMContainer00000000000000000001.regtrans-ms

[2010.07.08 01:04:31 | 000,065,536 | -HS- | M] () -- C:\Users\Tilyo Petrov Rusev\NTUSER.DAT{b344b6b4-479a-11df-ae6c-ffb662eea495}.TM.blf

[2010.07.08 01:04:30 | 003,371,016 | -H-- | M] () -- C:\Users\Tilyo Petrov Rusev\AppData\Local\IconCache.db

[2010.07.08 01:04:01 | 000,059,664 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Searches\Desktop\mbam-clean.exe

[2010.07.07 20:36:41 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Tilyo Petrov Rusev\Searches\Desktop\OTL.exe

[2010.07.05 10:05:24 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

[2010.07.01 15:04:53 | 000,169,472 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010.07.01 11:00:45 | 000,000,680 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\AppData\Local\d3d9caps.dat

[2010.06.29 14:14:12 | 002,781,476 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2010.06.29 14:14:12 | 000,735,810 | ---- | M] () -- C:\Windows\System32\perfh00A.dat

[2010.06.29 14:14:12 | 000,724,918 | ---- | M] () -- C:\Windows\System32\prfh0816.dat

[2010.06.29 14:14:12 | 000,657,096 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010.06.29 14:14:12 | 000,189,502 | ---- | M] () -- C:\Windows\System32\perfh002.dat

[2010.06.29 14:14:12 | 000,159,712 | ---- | M] () -- C:\Windows\System32\perfc00A.dat

[2010.06.29 14:14:12 | 000,154,726 | ---- | M] () -- C:\Windows\System32\prfc0816.dat

[2010.06.29 14:14:12 | 000,124,392 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010.06.29 14:14:12 | 000,046,188 | ---- | M] () -- C:\Windows\System32\perfc002.dat

[2010.06.28 22:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\avastSS.scr

[2010.06.28 22:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe

[2010.06.28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys

[2010.06.28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys

[2010.06.28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys

[2010.06.28 22:32:56 | 000,050,256 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys

[2010.06.28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys

[2010.06.28 12:06:52 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job

[2010.06.28 09:33:06 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job

[2010.06.26 09:14:16 | 000,015,880 | ---- | M] () -- C:\Windows\System32\lsdelete.exe

[2010.06.21 14:11:46 | 000,000,049 | ---- | M] () -- C:\Windows\NeroDigital.ini

[2010.06.14 16:04:46 | 000,030,536 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe

[2010.06.14 15:58:28 | 000,021,320 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll

[2010.06.14 15:58:14 | 000,030,024 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll

[2010.06.12 08:37:50 | 000,391,592 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2010.07.08 01:12:13 | 000,000,803 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010.07.08 01:04:01 | 000,059,664 | ---- | C] () -- C:\Users\Tilyo Petrov Rusev\Searches\Desktop\mbam-clean.exe

[2010.07.06 19:42:43 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job

[2010.06.12 19:13:42 | 000,011,392 | ---- | C] () -- C:\Windows\System32\drivers\usbstub.sys

[2010.06.12 19:13:02 | 000,066,432 | ---- | C] () -- C:\Windows\System32\drivers\vuhub.sys

[2010.05.15 16:01:23 | 000,004,494 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys

[2010.05.15 16:01:23 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\D5FE058552.sys

[2010.04.16 20:08:38 | 000,000,005 | ---- | C] () -- C:\Windows\treeskp.sys

[2010.04.12 00:02:51 | 000,000,041 | ---- | C] () -- C:\Windows\Progs_.ini

[2009.12.24 23:07:24 | 000,000,098 | ---- | C] () -- C:\Windows\Crypkey.ini

[2009.12.24 23:06:29 | 000,031,846 | ---- | C] () -- C:\Windows\System32\Ckldrv.sys

[2009.12.24 23:06:29 | 000,018,432 | ---- | C] () -- C:\Windows\Setup_ck.dll

[2009.10.09 11:58:22 | 000,000,142 | ---- | C] () -- C:\Windows\ODBC.INI

[2009.07.17 01:38:09 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini

[2009.07.10 20:11:12 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini

[2009.07.08 09:45:55 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009.07.06 18:17:00 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys

[2008.05.10 17:52:41 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll

[2008.03.05 18:38:08 | 001,457,024 | ---- | C] () -- C:\Windows\System32\SSCProt.dll

[2007.10.01 08:59:45 | 001,769,984 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys

[2007.05.09 09:16:39 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys

[2007.04.20 18:15:53 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini

[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006.11.02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll

[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2001.08.29 19:57:40 | 000,155,648 | ---- | C] () -- C:\Windows\System32\addurl41.DLL

[2001.07.10 14:43:16 | 000,018,432 | ---- | C] () -- C:\Windows\System32\winwatch.DLL

 

========== LOP Check ==========

 

[2009.07.26 21:03:20 | 000,000,000 | ---D | M] -- C:\Users\tilyo\AppData\Roaming\uniblue

[2010.05.21 22:31:09 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Ashampoo

[2010.01.05 19:57:33 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Ashampoo Photo Commander 7

[2010.07.04 02:29:49 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\BitComet

[2010.02.28 23:52:31 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Blitware

[2009.07.23 09:43:12 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Cashfiesta

[2010.02.08 00:19:49 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2010.07.05 01:45:12 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\DAEMON Tools

[2010.06.24 18:29:01 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Data Solutions

[2009.11.19 17:50:01 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Gearbox Software

[2009.10.10 15:31:20 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\GetRightToGo

[2010.05.16 19:41:36 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\gtk-2.0

[2010.05.09 02:55:10 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\IObit

[2009.12.13 20:50:11 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\OpenCandy

[2009.08.19 11:06:34 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Opera

[2009.12.12 21:17:32 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Passware

[2010.01.06 20:30:29 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\SoftMaker

[2010.05.28 11:22:56 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Software Informer

[2009.12.31 13:22:29 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\SuperMP3Download

[2010.06.09 07:40:23 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\TeamViewer

[2009.08.09 16:47:24 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Thinstall

[2010.06.29 14:14:28 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\TomTom

[2009.08.10 11:21:47 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\TuneUp Software

[2010.05.28 11:14:06 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Uniblue

[2010.04.16 18:00:50 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\vghd

[2009.07.05 21:19:40 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Vodafone

[2010.03.02 03:38:48 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\WinBatch

[2010.05.17 13:55:25 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Windows Live Writer

[2009.12.13 14:24:06 | 000,000,000 | ---D | M] -- C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Wireshark

[2010.07.08 01:07:44 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job

[2009.10.08 16:00:01 | 000,000,360 | ---- | M] () -- C:\Windows\Tasks\At1.job

[2010.07.08 01:05:49 | 000,000,408 | ---- | M] () -- C:\Windows\Tasks\AutoSmartDefrag.job

[2010.07.08 01:05:50 | 000,000,396 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job

[2010.06.28 12:06:52 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job

[2010.07.08 01:04:32 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2010.06.28 09:33:06 | 000,000,410 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job

[2010.07.08 01:14:28 | 000,000,488 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{36B7568B-17E5-45C7-8D84-6F20454D115F}.job

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2010.07.08 01:05:28 | 000,003,132 | ---- | M] () -- C:\aaw7boot.log

[2006.09.18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2009.04.11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr

[2007.04.20 18:26:03 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK

[2006.12.30 01:24:54 | 000,000,011 | ---- | M] () -- C:\CG13.txt

[2006.09.18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys

[2008.05.10 17:56:36 | 000,020,777 | ---- | M] () -- C:\devlist.txt

[2008.01.11 03:11:23 | 001,048,576 | RH-- | M] () -- C:\F3Sg.BIN

[2008.01.15 11:01:19 | 000,000,015 | ---- | M] () -- C:\F3Sg_Vista.10

[2010.07.08 01:05:29 | 3220,430,848 | -HS- | M] () -- C:\hiberfil.sys

[2009.09.01 17:29:37 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2010.04.30 18:21:58 | 000,000,108 | ---- | M] () -- C:\mbam-error.txt

[2009.09.01 17:29:37 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2007.05.17 05:35:24 | 000,000,015 | ---- | M] () -- C:\NIS2007_G.TXT

[2007.03.16 01:18:45 | 000,000,025 | ---- | M] () -- C:\OFFICE2007_G.TXT

[2010.07.08 01:05:28 | 3534,008,320 | -HS- | M] () -- C:\pagefile.sys

[2008.05.10 04:34:48 | 000,000,105 | ---- | M] () -- C:\Pass.txt

[2007.05.24 00:43:40 | 000,000,017 | ---- | M] () -- C:\READER_G.TXT

[2007.12.11 05:31:40 | 000,000,014 | ---- | M] () -- C:\RECOVERY.DAT

[2009.04.02 18:02:58 | 000,185,833 | ---- | M] () -- C:\shldr

[2008.05.10 15:59:33 | 000,000,166 | ---- | M] () -- C:\SumHidd.txt

[2008.05.10 15:58:50 | 000,000,098 | ---- | M] () -- C:\SumOS.txt

[2007.12.06 22:22:16 | 000,000,023 | ---- | M] () -- C:\V54.TXT

 

 

< MD5 for: AGP440.SYS >

[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys

[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys

[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys

[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys

[2008.05.10 16:34:25 | 000,056,504 | ---- | M] (Microsoft Corporation) MD5=198636E76971EBC96404547EC0FD5E75 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_cb7c81c7\AGP440.sys

[2008.05.10 16:34:25 | 000,056,504 | ---- | M] (Microsoft Corporation) MD5=198636E76971EBC96404547EC0FD5E75 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20598_none_b85cfa98dae9b436\AGP440.sys

[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys

[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

 

< MD5 for: ATAPI.SYS >

[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys

[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys

[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys

[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys

[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys

[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

[2008.01.19 07:06:48 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\SoftwareDistribution\Download\c0a17eb89d8e2d806cdee4a2d05890b4\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys

[2009.07.05 21:59:51 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys

[2009.07.05 21:59:51 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys

[2008.01.19 06:33:23 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\SoftwareDistribution\Download\c0a17eb89d8e2d806cdee4a2d05890b4\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

[2009.07.05 21:59:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

 

< MD5 for: CNGAUDIT.DLL >

[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll

[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

 

< MD5 for: IASTOR.SYS >

[2007.09.29 17:03:11 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\drivers\iaStor.sys

[2007.09.29 17:03:11 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys

[2007.09.29 17:03:11 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_41af7b1f\iaStor.sys

 

< MD5 for: IASTORV.SYS >

[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys

[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys

[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys

[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

 

< MD5 for: NETLOGON.DLL >

[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll

[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll

[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll

[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

 

< MD5 for: NVSTOR.SYS >

[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys

[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys

[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

 

< MD5 for: SCECLI.DLL >

[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll

[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll

[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll

[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll

[2010.05.04 07:56:25 | 000,599,040 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\msfeeds.dll

[2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll

[2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %PROGRAMFILES%\*. >

[2010.02.07 23:40:16 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe

[2010.07.07 11:50:55 | 000,000,000 | ---D | M] -- C:\Program Files\Advanced Access Controller

[2010.05.03 18:23:48 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software

[2010.05.28 22:51:05 | 000,000,000 | ---D | M] -- C:\Program Files\ao2000pr

[2009.07.27 13:39:23 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update

[2009.11.18 19:52:55 | 000,000,000 | ---D | M] -- C:\Program Files\Ares

[2010.06.29 12:29:47 | 000,000,000 | ---D | M] -- C:\Program Files\Ashampoo

[2008.05.10 17:41:26 | 000,000,000 | ---D | M] -- C:\Program Files\ASUS

[2008.05.10 17:19:55 | 000,000,000 | ---D | M] -- C:\Program Files\ATK Hotkey

[2008.05.10 17:20:36 | 000,000,000 | ---D | M] -- C:\Program Files\ATKGFNEX

[2008.05.10 17:21:23 | 000,000,000 | ---D | M] -- C:\Program Files\ATKOSD2

[2010.07.07 11:50:56 | 000,000,000 | ---D | M] -- C:\Program Files\Automated Result Operator

[2010.03.04 20:24:21 | 000,000,000 | ---D | M] -- C:\Program Files\AVerMedia

[2009.08.13 10:17:10 | 000,000,000 | ---D | M] -- C:\Program Files\BACL

[2010.03.18 15:44:37 | 000,000,000 | ---D | M] -- C:\Program Files\Belarc

[2010.07.05 01:45:12 | 000,000,000 | ---D | M] -- C:\Program Files\BitComet

[2010.06.18 17:01:28 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour

[2009.08.09 15:56:14 | 000,000,000 | ---D | M] -- C:\Program Files\CBS Software

[2010.06.24 15:45:28 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner

[2010.01.08 11:32:01 | 000,000,000 | ---D | M] -- C:\Program Files\CD Recovery Toolbox Free

[2009.11.11 18:17:33 | 000,000,000 | ---D | M] -- C:\Program Files\cFosSpeed

[2010.06.30 11:54:03 | 000,000,000 | ---D | M] -- C:\Program Files\City Interactive

[2010.04.20 17:29:37 | 000,000,000 | ---D | M] -- C:\Program Files\Clock

[2010.06.10 11:57:27 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files

[2010.02.15 19:53:11 | 000,000,000 | ---D | M] -- C:\Program Files\Conduit

[2010.05.16 19:48:56 | 000,000,000 | ---D | M] -- C:\Program Files\Corel

[2010.07.07 11:50:56 | 000,000,000 | ---D | M] -- C:\Program Files\Count Access Advancer

[2010.07.07 11:50:56 | 000,000,000 | ---D | M] -- C:\Program Files\Customized Web Management

[2009.07.06 18:37:29 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Lite

[2009.12.26 22:40:14 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Toolbar

[2010.02.28 23:52:28 | 000,000,000 | ---D | M] -- C:\Program Files\Driver Robot

[2010.03.09 13:57:11 | 000,000,000 | ---D | M] -- C:\Program Files\Driver Whiz

[2010.06.12 19:13:01 | 000,000,000 | ---D | M] -- C:\Program Files\Eltima Software

[2010.05.02 23:39:20 | 000,000,000 | ---D | M] -- C:\Program Files\EMPA

[2009.08.17 14:10:38 | 000,000,000 | ---D | M] -- C:\Program Files\Enigma Software Group

[2010.07.04 03:04:26 | 000,000,000 | ---D | M] -- C:\Program Files\ESET

[2010.01.02 14:34:31 | 000,000,000 | ---D | M] -- C:\Program Files\Fighters

[2010.05.01 12:59:09 | 000,000,000 | ---D | M] -- C:\Program Files\GIMP-2

[2010.05.01 13:45:20 | 000,000,000 | ---D | M] -- C:\Program Files\GIMP-2.0

[2010.05.20 00:17:34 | 000,000,000 | ---D | M] -- C:\Program Files\Google

[2009.10.09 17:15:14 | 000,000,000 | ---D | M] -- C:\Program Files\GoWin Deluxe

[2009.11.12 11:34:59 | 000,000,000 | ---D | M] -- C:\Program Files\Groove Games

[2010.05.16 20:53:32 | 000,000,000 | ---D | M] -- C:\Program Files\Hot_MP3

[2009.09.29 19:33:22 | 000,000,000 | ---D | M] -- C:\Program Files\illiminable

[2010.06.06 18:30:15 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information

[2008.05.10 17:05:30 | 000,000,000 | ---D | M] -- C:\Program Files\Intel

[2010.07.07 11:50:55 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Connection Wizard

[2010.07.07 11:50:56 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Content Assistant

[2010.06.12 08:34:45 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer

[2010.05.11 18:06:12 | 000,000,000 | ---D | M] -- C:\Program Files\IObit

[2009.09.25 14:39:41 | 000,000,000 | ---D | M] -- C:\Program Files\iPhone Configuration Utility

[2010.06.18 17:15:11 | 000,000,000 | ---D | M] -- C:\Program Files\iPod

[2010.06.18 17:15:56 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes

[2010.04.26 13:49:26 | 000,000,000 | ---D | M] -- C:\Program Files\Java

[2010.01.07 00:42:03 | 000,000,000 | ---D | M] -- C:\Program Files\Lavalys

[2010.05.12 07:39:14 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft

[2010.07.08 01:12:13 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010.06.27 19:14:52 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee Security Scan

[2010.05.17 13:19:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft

[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games

[2009.12.19 15:27:26 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office

[2010.06.05 07:11:54 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight

[2010.05.17 13:20:44 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition

[2008.05.10 15:28:19 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio

[2009.07.07 22:04:41 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works

[2010.06.23 11:25:32 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET

[2010.05.12 10:51:25 | 000,000,000 | ---D | M] -- C:\Program Files\Monsters

[2008.05.10 15:19:46 | 000,000,000 | ---D | M] -- C:\Program Files\Motorola

[2010.03.11 03:53:04 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker

[2010.07.04 02:57:15 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox

[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild

[2010.05.10 10:01:15 | 000,000,000 | ---D | M] -- C:\Program Files\myBabylon_English

[2009.07.10 23:02:21 | 000,000,000 | ---D | M] -- C:\Program Files\NASA

[2009.07.05 20:38:32 | 000,000,000 | ---D | M] -- C:\Program Files\Nero

[2010.06.21 14:20:54 | 000,000,000 | ---D | M] -- C:\Program Files\Net Tools

[2010.05.19 18:03:31 | 000,000,000 | ---D | M] -- C:\Program Files\Nikozen

[2010.04.14 20:23:15 | 000,000,000 | ---D | M] -- C:\Program Files\NovaLogic

[2010.04.18 10:14:28 | 000,000,000 | ---D | M] -- C:\Program Files\Opera 10 Beta

[2010.05.06 19:43:01 | 000,000,000 | ---D | M] -- C:\Program Files\OptiNet

[2009.07.30 09:10:56 | 000,000,000 | ---D | M] -- C:\Program Files\OverDisk

[2008.05.10 17:38:45 | 000,000,000 | ---D | M] -- C:\Program Files\P4G

[2008.05.10 17:42:04 | 000,000,000 | ---D | M] -- C:\Program Files\P4P

[2009.12.12 21:06:18 | 000,000,000 | ---D | M] -- C:\Program Files\Passware

[2010.04.15 13:53:32 | 000,000,000 | ---D | M] -- C:\Program Files\pchd

[2010.06.29 22:33:08 | 000,000,000 | ---D | M] -- C:\Program Files\PokerStars

[2010.04.01 14:26:44 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime

[2010.05.07 10:08:22 | 000,000,000 | ---D | M] -- C:\Program Files\Raxco

[2010.06.12 20:39:14 | 000,000,000 | ---D | M] -- C:\Program Files\Readon Technology

[2008.05.10 17:17:42 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek

[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies

[2009.11.05 18:07:47 | 000,000,000 | ---D | M] -- C:\Program Files\RocketDock

[2010.06.18 16:44:17 | 000,000,000 | ---D | M] -- C:\Program Files\Safari

[2009.11.05 17:11:31 | 000,000,000 | R--D | M] -- C:\Program Files\Skype

[2009.12.19 17:52:51 | 000,000,000 | ---D | M] -- C:\Program Files\SopCast

[2010.05.09 19:15:54 | 000,000,000 | ---D | M] -- C:\Program Files\SuperMp3Download

[2010.01.03 22:10:58 | 000,000,000 | ---D | M] -- C:\Program Files\TeamViewer

[2010.01.17 15:41:01 | 000,000,000 | ---D | M] -- C:\Program Files\The KMPlayer

[2010.06.29 14:11:38 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom DesktopSuite

[2010.07.05 01:45:12 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom HOME 2

[2010.06.29 14:14:22 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom International B.V

[2010.07.06 11:13:42 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro

[2010.06.28 12:03:55 | 000,000,000 | ---D | M] -- C:\Program Files\TuneUp Utilities 2010

[2009.11.19 17:36:18 | 000,000,000 | ---D | M] -- C:\Program Files\Ubisoft

[2010.05.28 11:27:17 | 000,000,000 | ---D | M] -- C:\Program Files\Uniblue

[2009.07.18 15:04:10 | 000,000,000 | ---D | M] -- C:\Program Files\Utherverse Digital Inc

[2010.04.19 07:32:29 | 000,000,000 | ---D | M] -- C:\Program Files\vghd

[2010.03.14 13:35:11 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN

[2010.03.24 22:01:16 | 000,000,000 | ---D | M] -- C:\Program Files\Vodafone

[2010.05.10 13:46:40 | 000,000,000 | ---D | M] -- C:\Program Files\Wandering IPs

[2010.05.04 12:43:25 | 000,000,000 | ---D | M] -- C:\Program Files\Winamp

[2009.09.24 12:27:51 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar

[2009.09.24 12:27:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration

[2009.09.24 12:27:38 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender

[2009.07.16 12:48:02 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Doctor

[2010.06.09 15:35:14 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal

[2010.05.17 13:21:55 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live

[2010.05.17 13:19:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive

[2010.06.24 18:29:15 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Lotto Pro 2000

[2010.06.12 08:34:45 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail

[2009.10.28 18:07:46 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player

[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT

[2009.09.24 12:27:47 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery

[2009.10.28 18:36:29 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices

[2009.09.24 12:27:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar

[2009.12.19 15:18:55 | 000,000,000 | ---D | M] -- C:\Program Files\Windows SideShow

[2010.05.04 11:18:31 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR

[2008.05.10 17:28:57 | 000,000,000 | ---D | M] -- C:\Program Files\Wireless Console 2

[2010.05.11 14:40:18 | 000,000,000 | ---D | M] -- C:\Program Files\Wise Registry Cleaner

[2010.05.11 00:07:36 | 000,000,000 | ---D | M] -- C:\Program Files\WorkStationOPtimizer

[2010.05.04 11:43:33 | 000,000,000 | ---D | M] -- C:\Program Files\Yamicsoft

[2010.02.15 19:51:51 | 000,000,000 | ---D | M] -- C:\Program Files\Zapu

[2009.08.17 15:56:12 | 000,000,000 | ---D | M] -- C:\Program Files\Zards software

[2009.09.18 01:31:15 | 000,000,000 | ---D | M] -- C:\Program Files\Zoo Digital Publishing

 

< %userprofile%\Desktop\*.* >

[2010.04.07 22:54:25 | 000,000,715 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\Ares.lnk

[2009.11.19 17:46:04 | 000,002,122 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\Brothers In Arms.lnk

[2010.02.09 16:42:31 | 000,000,282 | -HS- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\desktop.ini

[2010.01.28 21:34:14 | 000,000,901 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\GammonEmpire.lnk

[2009.10.09 18:10:51 | 000,001,881 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\HijackThis.lnk

[2010.06.24 18:29:13 | 000,000,815 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\Lotto Pro.lnk

[2009.11.14 02:16:34 | 000,002,079 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\Marine Sharpshooter II Jungle Warfare.lnk

[2010.05.06 19:43:01 | 000,000,777 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\OptiNet.lnk

[2009.11.10 20:04:15 | 000,000,781 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\ParadiseCasino - Bulgarian.lnk

[2010.05.21 18:45:54 | 000,000,926 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\PowerGramo.lnk

[2009.12.19 17:43:42 | 000,000,755 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\SopCast.lnk

[2010.06.24 18:29:13 | 000,000,796 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\Update Lotto Drawing Files.lnk

[2010.05.10 13:51:17 | 000,001,654 | ---- | M] () -- C:\Users\Tilyo Petrov Rusev\Desktop\Wandering IPs.lnk

 

< %userprofile%\Desktop\*. >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-07-01 19:17:29

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:1F8C9007

@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:6A91BBD8

@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:EBACC189

@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:CF778051

< End of report >

 

OTL Extras logfile created on: 7.7.2010 г. 20:43:48 - Run 1

OTL by OldTimer - Version 3.2.7.1 Folder = C:\Users\Tilyo Petrov Rusev\Searches\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18928)

Locale: 00000402 | Country: Bulgaria | Language: BGR | Date Format: d.M.yyyy 'г.'

 

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 40,00% Memory free

6,00 Gb Paging File | 4,00 Gb Available in Paging File | 64,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 116,44 Gb Total Space | 28,70 Gb Free Space | 24,64% Space Free | Partition Type: NTFS

Drive D: | 108,63 Gb Total Space | 18,97 Gb Free Space | 17,46% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

Drive F: | 35,81 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: TILYOPETROVRUS1

Current User Name: Tilyo Petrov Rusev

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 30 Days

Output = Minimal

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.hta [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

 

[HKEY_USERS\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htafile [open] -- Reg Error: Key error.

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"UacDisableNotify" = 1

"InternetSettingsDisableNotify" = 1

"AutoUpdateDisableNotify" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 

========== Authorized Applications List ==========

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{174A8E5D-9CCE-4980-9035-337FA073FEE0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{2081533B-D18D-4869-AF28-68B594E8E939}" = lport=24132 | protocol=17 | dir=in | name=bitcomet 24132 udp |

"{23F4EED1-28AD-4BEE-9FC8-2C9A2AE9A3F5}" = lport=10338 | protocol=17 | dir=in | name=bitcomet 10338 udp |

"{2F698DB6-89AF-4220-8FB1-B778CCB4F2ED}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

"{341709A3-A5EA-4FAD-92D3-403B4E78B9F6}" = lport=10243 | protocol=6 | dir=in | app=system |

"{342F5416-B09B-4FEC-8CFE-FF4043A788EB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{365CDD25-75F2-46C6-91D2-BB4B4BE62300}" = lport=24132 | protocol=6 | dir=in | name=bitcomet 24132 tcp |

"{3B0F4A7D-5CCA-4DE7-95B8-3767B9343198}" = lport=2869 | protocol=6 | dir=in | app=system |

"{3D2876E6-A02E-4DD8-A5F1-EEA9F696D37D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{3ED1488E-07A3-4FB5-ADF3-52C3D75F2FDE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{5FBE1608-6885-4C48-B553-7CA2711673AD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{64C3F9C0-0CD3-4E9E-8FC1-49B469509111}" = rport=10243 | protocol=6 | dir=out | app=system |

"{A4D2C4A3-4F2E-40B2-A6C4-22072605AFC0}" = lport=10338 | protocol=6 | dir=in | name=bitcomet 10338 tcp |

"{E005CCC9-2E80-45BC-970E-9FB27892880E}" = lport=2869 | protocol=6 | dir=in | app=system |

"{E77CA450-1407-4C31-BB60-6B076B231399}" = lport=5000 | protocol=17 | dir=in | name=passware kit enterprise demo 9.5 |

"{EB3C1DB1-454D-4219-B988-89311452129F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{EDCB8142-445A-433C-9855-8659940B5635}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0D48CA1D-8847-4EBD-B506-98EBB8743D1C}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |

"{263AEAA0-3D40-4E96-BCBB-2B73C7C58A8C}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |

"{31CEF5C0-C2DD-41BD-9EC9-F600B5BE554F}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |

"{34E730FD-AF2E-443F-B977-EFF5D7081257}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{385204B3-34C1-4E50-B627-7A1659FB33D8}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{399CFC05-4B9E-4EE1-85DE-F59F5E837878}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{3C980528-60F5-4213-9C1F-7BA31393A5D8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{3CF9F5F2-AFAD-4AAD-BFCA-728307525379}" = protocol=17 | dir=in | app=c:\program files\novalogic\delta force xtreme 2\update.exe |

"{426A84B0-DDB9-46AB-9642-5E5BBACE26E9}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |

"{48C74D72-0F81-444D-93FC-A707D5F96375}" = protocol=6 | dir=out | app=system |

"{5187CA1E-30C6-45D0-94EF-47232F451431}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |

"{57DEC3E6-E5BA-4FD1-BDE4-B5F84FB66083}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{5BE64FD3-500C-4C4F-863C-139D1A52741B}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |

"{5E15BE13-66A7-4FD9-A028-2D6585811E1F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{5F7149FF-9289-41FB-A78F-6629AC5C1C9F}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |

"{67879E39-8E57-4A96-950B-4D4C835AD351}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{7874C5E8-0E9D-49F6-82C9-8095F2CA2A6D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{78C98D6F-0E4E-408F-81CB-8B4160B4CD70}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{7CD1BA54-9604-4A4A-94BA-BB1ECDD7FA4C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{8BE3CCE4-0002-4F8B-9A06-C91AC4424479}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |

"{8F406FCA-E9F4-47A3-A28D-88AF6BE898BB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{9EBA2886-0FA2-4F3C-802D-5946714D44C0}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |

"{A11C109C-16C9-40EA-91DC-914485619A5C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{A91F005C-F807-4F90-95FA-F6DD154AD36D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{AF594BC5-5D41-4AA8-94BA-C226CCD474D7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{B6525F0F-6C23-4875-84B2-4DE90D031A51}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{BDFBE781-5E73-43B8-8601-D187BCFD6428}" = protocol=6 | dir=in | app=c:\program files\novalogic\delta force xtreme 2\dfx2.exe |

"{C16F668B-1D60-454F-9F97-F4959DE1F130}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{C6558725-ADC8-422D-BF75-E05D05BE4FB9}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{D54AE78D-D951-4AC6-A2AA-31DF3627A549}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{E174D539-4F88-4214-A8CB-15DA1081B49C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{EBF5516D-6622-41EC-BFFA-C09B1BC7889B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{F3143B03-6F0F-4455-B431-B56A3AEFEF8C}" = protocol=17 | dir=in | app=c:\program files\novalogic\delta force xtreme 2\dfx2.exe |

"{FA90F71F-B40D-465C-9529-241512F0495F}" = protocol=6 | dir=in | app=c:\program files\novalogic\delta force xtreme 2\update.exe |

"TCP Query User{11EF6151-6EBC-4EE8-865D-0E78ED3CFE88}C:\program files\readon technology\readon tv movie radio player 7.2.0.0\internettv.exe" = protocol=6 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 7.2.0.0\internettv.exe |

"TCP Query User{1E74337C-894D-4E38-9CC2-BCB63121CA49}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"TCP Query User{258583ED-424D-4929-BB9C-9B0E48943660}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |

"TCP Query User{32CD377C-6F5B-40E2-B6D2-E3D67FC49555}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |

"TCP Query User{3C1A8889-E9E2-4688-B43C-16D116FA1451}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"TCP Query User{488C3585-E817-493F-B1B3-DC118C1D0EB6}C:\users\tilyo petrov rusev\downloads\bitcomet.exe" = protocol=6 | dir=in | app=c:\users\tilyo petrov rusev\downloads\bitcomet.exe |

"TCP Query User{51A196E3-6A7F-4676-B7BC-089A687AC53F}C:\program files\ubisoft\gearbox software\brothersinarms\system\bia.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\gearbox software\brothersinarms\system\bia.exe |

"TCP Query User{58517F7C-D996-4976-8152-7787479794D0}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |

"TCP Query User{58DA3064-2D80-469F-B0F5-CE7AA92FB518}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |

"TCP Query User{5C5C2D44-4126-43F8-815B-A668F6DF9CBA}C:\users\tilyo petrov rusev\downloads\bitcomet.exe" = protocol=6 | dir=in | app=c:\users\tilyo petrov rusev\downloads\bitcomet.exe |

"TCP Query User{7161C013-7B07-4248-A23B-9A74D3B33A53}C:\windows\ehome\ehexthost.exe" = protocol=6 | dir=in | app=c:\windows\ehome\ehexthost.exe |

"TCP Query User{743CD803-A96E-4231-A57F-1786E194B7A9}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |

"TCP Query User{7AC0E75B-6616-4CCF-BBB6-AAF5DC995D0F}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"TCP Query User{7ED530E2-B27E-42BD-81C3-38ACA9E154B0}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |

"TCP Query User{959403F5-E8C4-4D7D-BEA9-CBEFE7D2B1A1}D:\програми\игри\delta.force.xtreme.2-reloaded\aos_eng.exe" = protocol=6 | dir=in | app=d:\програми\игри\delta.force.xtreme.2-reloaded\aos_eng.exe |

"TCP Query User{9D796D26-EDA4-4DAB-AC00-482F5156DF21}C:\program files\zapu\zapu accelerator\wdivi.exe" = protocol=6 | dir=in | app=c:\program files\zapu\zapu accelerator\wdivi.exe |

"TCP Query User{B741C8E8-553D-4EAB-8AC5-80A399838440}C:\program files\novalogic\delta force xtreme 2\aos_eng.exe" = protocol=6 | dir=in | app=c:\program files\novalogic\delta force xtreme 2\aos_eng.exe |

"TCP Query User{BA3F3C3F-05C2-42ED-9E85-C51EB4C25165}C:\casino\paradisecasino - bulgarian\casino.exe" = protocol=6 | dir=in | app=c:\casino\paradisecasino - bulgarian\casino.exe |

"TCP Query User{C3D356C8-CDA6-48B8-8BC4-8C85204663B1}C:\program files\novalogic\delta force xtreme 2\aos_eng.exe" = protocol=6 | dir=in | app=c:\program files\novalogic\delta force xtreme 2\aos_eng.exe |

"TCP Query User{EE92014B-FDAB-424C-AF91-3101EE598468}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |

"TCP Query User{EFB10FB5-56FE-43A1-8069-6130122B8EAC}C:\users\tilyo petrov rusev\downloads\bitcomet_win9x.exe" = protocol=6 | dir=in | app=c:\users\tilyo petrov rusev\downloads\bitcomet_win9x.exe |

"TCP Query User{F4F92DA2-3804-4FA6-B67D-612486D59CC8}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |

"UDP Query User{0F3FF822-020F-4EAF-BAF2-FC8A455536CC}D:\програми\игри\delta.force.xtreme.2-reloaded\aos_eng.exe" = protocol=17 | dir=in | app=d:\програми\игри\delta.force.xtreme.2-reloaded\aos_eng.exe |

"UDP Query User{11D612C8-C728-44B6-8FBB-1FA329C1D098}C:\program files\ubisoft\gearbox software\brothersinarms\system\bia.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\gearbox software\brothersinarms\system\bia.exe |

"UDP Query User{28310D25-8B78-42BF-BBD6-C821F9A4BF19}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"UDP Query User{2BB99E4F-5364-47C6-A7C2-CAB0FD0B512D}C:\users\tilyo petrov rusev\downloads\bitcomet_win9x.exe" = protocol=17 | dir=in | app=c:\users\tilyo petrov rusev\downloads\bitcomet_win9x.exe |

"UDP Query User{3B19D971-E21A-4988-B5C7-C78028F3AD0E}C:\program files\readon technology\readon tv movie radio player 7.2.0.0\internettv.exe" = protocol=17 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 7.2.0.0\internettv.exe |

"UDP Query User{3DCD80B7-2DBC-486D-BB3F-C568982F8129}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |

"UDP Query User{4F81AC4C-2665-4070-8E11-EBEEAC7B7138}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |

"UDP Query User{56D857B5-7BAF-4BB6-8A0F-F124C55D1350}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |

"UDP Query User{60AA4C9E-9EDC-4FD5-ABA5-E3364164E4B9}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"UDP Query User{75F1E357-259D-440B-A926-CF5853E0562C}C:\program files\novalogic\delta force xtreme 2\aos_eng.exe" = protocol=17 | dir=in | app=c:\program files\novalogic\delta force xtreme 2\aos_eng.exe |

"UDP Query User{85671E3C-2864-48AE-B8EA-5682A5EB5596}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |

"UDP Query User{8C050D3B-1C1F-470D-9308-0CFE34FD4F77}C:\casino\paradisecasino - bulgarian\casino.exe" = protocol=17 | dir=in | app=c:\casino\paradisecasino - bulgarian\casino.exe |

"UDP Query User{8CE66FEF-BAEC-4ED9-B7A1-E761988C127B}C:\users\tilyo petrov rusev\downloads\bitcomet.exe" = protocol=17 | dir=in | app=c:\users\tilyo petrov rusev\downloads\bitcomet.exe |

"UDP Query User{96F50964-A05F-45F5-A578-71695860F047}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"UDP Query User{AED5FAF9-28F7-4B18-94DD-CE766145E690}C:\windows\ehome\ehexthost.exe" = protocol=17 | dir=in | app=c:\windows\ehome\ehexthost.exe |

"UDP Query User{BEF99706-5B07-459B-BA1A-CCAE82B92AEA}C:\program files\novalogic\delta force xtreme 2\aos_eng.exe" = protocol=17 | dir=in | app=c:\program files\novalogic\delta force xtreme 2\aos_eng.exe |

"UDP Query User{C10E3A1F-E43E-48C0-8744-234C39AEAB95}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |

"UDP Query User{CF69E18E-7215-4925-BBC7-CED11FD59DF1}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |

"UDP Query User{E346ECB2-8AA2-4FB3-A53E-76924C69E722}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |

"UDP Query User{F4E67420-67BE-456B-A619-2E7917DB3D62}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |

"UDP Query User{F53DFBC2-200D-4373-8902-B30AF993313C}C:\users\tilyo petrov rusev\downloads\bitcomet.exe" = protocol=17 | dir=in | app=c:\users\tilyo petrov rusev\downloads\bitcomet.exe |

"UDP Query User{FCBC767D-4088-4BCF-A1CE-D8811B3CA988}C:\program files\zapu\zapu accelerator\wdivi.exe" = protocol=17 | dir=in | app=c:\program files\zapu\zapu accelerator\wdivi.exe |

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{06A395CE-60A6-471E-A73C-73634310EDB3}" = Windows Live Sync

"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour

"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media

"{1584854C-1513-40EA-96D4-493384D0A3C7}" = Readon TV Movie Radio Player 7.2.0.0

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{18522005-B8F6-4552-A228-823328696F48}" = Yamaha Supercross

"{193C41B9-1A0F-45E6-8546-41C91C99A5F8}" = Delta Force Xtreme 2

"{19CC7A03-BDBB-4EFB-B8C9-86FD2FB95334}" = Windows Live Messenger

"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager

"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Инструмент за качване на Windows Live

"{21550042-EA9F-4419-A8D7-DF732DCEB76E}" = Microsoft Office PowerPoint Remote

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{232AAA95-AE60-46C7-9987-4E7139EA3554}" = Асистент за влизане на Windows Live

"{2396F815-84E0-4353-83D7-8B190556DA42}" = ASUS CopyProtect

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20

"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime

"{2B818257-E6C7-4841-8C29-C5C9A982BCE5}" = RICOH Media Driver ver.2.07.01.00

"{2D7C3E18-E696-4B67-8B5D-45CD3BE6B27E}" = SweetIM for Messenger 3.0

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{31874D00-F3E1-44CE-A79A-492CFBD585E8}" = Windows Live Writer

"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook

"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{46183C3F-11E8-486E-9EAE-F8D8C8321E20}" = Boost Your Browser

"{47E582E4-482B-47D2-B578-FE7F83F6CED4}" = Windows Live Mail

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{57B15AD4-8C9D-4164-82BB-E33D8644E757}" = ASUS InstantFun

"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02

"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2

"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe

"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com

"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon

"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6AECFE2F-86D3-4EA8-B110-19CDAA343199}" = ItaEst - Taka e!

"{6CD0E03A-7E99-4FDE-9D7F-D0F457DB4192}" = Фотогалерия на Windows Live

"{6E19F210-3813-4002-B561-94D66AA182B6}" = Atheros Communications Inc.® L1 Gigabit Ethernet Driver

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}" = Vodafone Mobile Connect Lite

"{7A27764B-5434-4DAA-BD43-3ACF4FFCD7FE}" = SweetIM Toolbar for Internet Explorer 3.8

"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes

"{7F815C5F-D2A4-4173-B7C0-55A9D6F87E38}" = MobileMe Control Panel

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2

"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support

"{863BB78A-107D-475C-AE65-444F327C83E1}" = PerfectSpeed PC Optimizer

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8CFEBE9C-F29F-4C49-80E0-7106970F8734}" = Power4Gear eXtreme

"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update

"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0015-0816-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Portugal)) 2007

"{90120000-0015-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2007

"{90120000-0015-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0816-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Portugal)) 2007

"{90120000-0016-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007

"{90120000-0016-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0816-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007

"{90120000-0018-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007

"{90120000-0018-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0816-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007

"{90120000-0019-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2007

"{90120000-0019-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0816-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007

"{90120000-001A-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2007

"{90120000-001A-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0816-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Portugal)) 2007

"{90120000-001B-0816-0000-0000000FF1CE}_PROHYBRIDR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007

"{90120000-001B-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007

"{90120000-001F-0403-0000-0000000FF1CE}_PROHYBRIDR_{4B47C31E-46B0-462B-BEE4-DC383B6A1F2A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007

"{90120000-001F-0416-0000-0000000FF1CE}_PROHYBRIDR_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007

"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007

"{90120000-001F-0816-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Portugal)) 2007

"{90120000-001F-0816-0000-0000000FF1CE}_PROHYBRIDR_{C312E1CD-EC19-4270-A072-F36F634DFF79}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-002C-0816-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Portugal)) 2007

"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0816-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Portugal)) 2007

"{90120000-006E-0816-0000-0000000FF1CE}_PROHYBRIDR_{A8523DA4-5563-4F0E-BD9D-4E4CC3CF7239}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007

"{90120000-006E-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{6113C11D-BACA-4D8E-8002-03C8D06FD5E6}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-008A-0409-0000-0000000FF1CE}" = Microsoft Office 2007 Recent Documents Gadget

"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007

"{90120000-00A1-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable

"{A5A63519-F5C2-4F4A-849A-F28A1AB3D522}" = Sentinel Protection Installer 7.5.0

"{A7631C52-DC0C-435C-8802-9FA032084D6B}" = Семейна безопасност на Windows Live

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2

"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari

"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support

"{BC61F51E-8AF7-46B9-AF20-B33B5EE81034}" = Nero 7 Essentials

"{BDE0CF4C-8DE2-41DB-A845-78D48874E2C6}" = SLOW-PCfighter

"{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology

"{C9B2753A-25CA-4E35-A8BA-DABAAD46112A}" = Windows Live Movie Maker

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE86A0E7-818D-43EC-A181-59BA9BD3EF2E}" = LightScribe 1.8.13.1

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2

"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities

"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service

"{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}" = VistaFeaturePack

"{DB69C93F-A2E4-43C5-838B-5B80EBDE7A21}" = Passware Kit Enterprise Demo 9.5

"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash

"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware

"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01

"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Земя

"{F8DBD826-2387-43C5-94AD-ACA7EB55F049}" = Windows Live Essentials

"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility

"{FC3D290D-79BE-44B7-ABF9-FDD110925930}" = P4P

"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)

"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites

"Ad-Aware" = Ad-Aware

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Advanced SystemCare 3_is1" = Advanced SystemCare 3

"Ares" = Ares 2.1.5

"Ashampoo ClipFinder HD_is1" = Ashampoo ClipFinder HD 2.07

"Ashampoo HDD Control_is1" = Ashampoo HDD Control 1.11

"Ashampoo Magical Defrag 2_is1" = Ashampoo Magical Defrag 2

"Ashampoo Magical Snap 2_is1" = Ashampoo Magical Snap 2.51

"Ashampoo Photo Commander 7_is1" = Ashampoo Photo Commander 7.30

"Ashampoo UnInstaller 4_is1" = Ashampoo UnInstaller 4.04

"Ashampoo WinOptimizer 6_is1" = Ashampoo WinOptimizer 6.60

"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver

"avast5" = avast! Free Antivirus

"Belarc Advisor" = Belarc Advisor 8.1

"BitComet" = BitComet 1.20

"BrothersInArms" = Brothers In Arms

"bwin Poker_is1" = bwin Poker

"CCleaner" = CCleaner

"CD Recovery Toolbox Free_is1" = CD Recovery Toolbox Free 1.1

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com

"Data Access Objects (DAO) 3.5" = Data Access Objects (DAO) 3.5

"Defense Grid - The Awakening1.0" = Defense Grid - The Awakening

"ESET Online Scanner" = ESET Online Scanner v3

"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30

"Game Booster_is1" = Game Booster

"gaslee" = Favorit

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"InstallShield_{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}" = VistaFeaturePack

"IObit Security 360_is1" = IObit Security 360

"Lotto Pro" = Lotto Pro

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"McAfee Security Scan" = McAfee Security Scan Plus

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)

"NVIDIA Drivers" = NVIDIA Drivers

"oggcodecs" = oggcodecs 0.71.0946

"OptiNet" = OptiNet (remove only)

"Picasa 3" = Picasa 3

"PokerStars" = PokerStars

"Powergramo" = PowerGramo Professional

"PROHYBRIDR" = 2007 Microsoft Office system

"RocketDock_is1" = RocketDock 1.3.5

"SLOW-PCfighter" = SLOW-PCfighter

"Smart Defrag_is1" = Smart Defrag

"SMSERIAL" = Motorola SM56 Speakerphone Modem

"SopCast" = SopCast 3.2.4

"SpeedConnect Internet Accelerator v.7.5_is1" = SpeedConnect Internet Accelerator v.7.5

"SuperMp3Download" = Super MP3 Download

"TeamViewer 5" = TeamViewer 5

"The KMPlayer" = The KMPlayer (remove only)

"TomTom HOME" = TomTom HOME 2.7.3.1894

"TuneUp Utilities" = TuneUp Utilities

"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam

"VLC media player" = VLC media player 1.0.5

"Windows Doctor_is1" = Windows Doctor 1.6

"WinGimp-2.0_is1" = GIMP 2.6.8

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = Архиватор WinRAR

"Wise Registry Cleaner_is1" = Wise Registry Cleaner Free 5.31

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-802842001-1745263943-2178312464-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"GammonEmpire" = GammonEmpire

"pchd" = pchd

 

========== Last 10 Event Log Errors ==========

 

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

 

< End of report >

Link to comment
Сподели другаде
Night_Raven Ентусиаст

Night_Raven

Публикувано
Публикувано

Изтегли FixPolicies и го запази на работния плот. Стартирай го и кликни бутон Install. Отвори новосъздадената папка на работния плот на име FixPolicies, кликни с десния бутон върху Fix_policies.cmd и избери Run as administrator.

 

---

 

Стартирай отново OTL. В празното поле "Custom Scans/Fixes" (в долната част на програмата) постави следния текст (маркирай го, натисни Ctrl+C и после в полето на OTL натисни Ctrl+V):

 

:OTL
IE - HKLM\..\URLSearchHook: {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
FF - prefs.js..browser.startup.homepage: "http://webalta.ru"
FF - user.js..browser.startup.homepage: "http://webalta.ru"
O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {42ad2408-baaa-408d-b13e-4706560e817b} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - No CLSID value found.
O3 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\..\Toolbar\WebBrowser: (no name) - {9384BD4C-DD14-4BE9-80F7-F6277511E4F5} - No CLSID value found.
O3 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\..\Toolbar\WebBrowser: (no name) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - No CLSID value found.
O3 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-802842001-1745263943-2178312464-1000\..\Toolbar\WebBrowser: (no name) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - No CLSID value found.
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:1F8C9007
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:6A91BBD8
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:EBACC189
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:CF778051
:Files
C:\WINDOWS\*.tmp
:Commands
[emptytemp]
[reboot]

Копирай текста точно както е в полето. Внимавай да не изтървеш началното двуеточие и всяка команда да е на отделен ред, както е в полето.

 

Кликни бутон Run Fix. Потвърди с OK на съобщението, че е нужен рестарт на системата.

 

След рестарта ще се появи текстов дневник/лог. Същият файл се намира в C:\_OTL\MovedFiles. Моля, прикачи го към следващия си коментар.

 

След това стартирай отново OTL, създай пресни дневници (както бях описал в първия мой коментар в темата) и ги прикачи отново. Можеш да архивираш всичките файлове в един архив, а можеш и да ги прикачиш поотделно.

 

---

 

Изтегли GooredFix и го запази на работния плот. Кликни върху него с десния бутон и избери Run as administrator. На въпроса дали да се сканира кликни Yes. В края ще се появи лог файл в Notepad. Копирай му съдържанието или прикачи файла (намира се на работния плот) към коментара си.

Link to comment
Сподели другаде
surogati Новобранец

surogati

Публикувано
  • Author
Публикувано

All processes killed

========== OTL ==========

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{9384bd4c-dd14-4be9-80f7-f6277511e4f5} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9384bd4c-dd14-4be9-80f7-f6277511e4f5}\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\ not found.

Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.

Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.

Prefs.js: "http://webalta.ru" removed from browser.startup.homepage

C:\Users\Tilyo Petrov Rusev\AppData\Roaming\Mozilla\FireFox\Profiles\u00xiagw.default\user.js moved successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{42ad2408-baaa-408d-b13e-4706560e817b} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42ad2408-baaa-408d-b13e-4706560e817b}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{9384bd4c-dd14-4be9-80f7-f6277511e4f5} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9384bd4c-dd14-4be9-80f7-f6277511e4f5}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.

Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.

Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.

Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}\ not found.

Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.

Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.

Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}\ not found.

Registry value HKEY_USERS\S-1-5-21-802842001-1745263943-2178312464-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.

Registry value HKEY_USERS\S-1-5-21-802842001-1745263943-2178312464-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.

Registry value HKEY_USERS\S-1-5-21-802842001-1745263943-2178312464-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{9384BD4C-DD14-4BE9-80F7-F6277511E4F5} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9384BD4C-DD14-4BE9-80F7-F6277511E4F5}\ not found.

Registry value HKEY_USERS\S-1-5-21-802842001-1745263943-2178312464-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}\ not found.

Registry value HKEY_USERS\S-1-5-21-802842001-1745263943-2178312464-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.

Registry value HKEY_USERS\S-1-5-21-802842001-1745263943-2178312464-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{FE063DB9-4EC0-403E-8DD8-394C54984B2C} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE063DB9-4EC0-403E-8DD8-394C54984B2C}\ deleted successfully.

ADS C:\ProgramData\TEMP:1F8C9007 deleted successfully.

ADS C:\ProgramData\TEMP:6A91BBD8 deleted successfully.

ADS C:\ProgramData\TEMP:EBACC189 deleted successfully.

ADS C:\ProgramData\TEMP:CF778051 deleted successfully.

========== FILES ==========

C:\WINDOWS\msdownld.tmp folder moved successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

-> No Temporary Internet Files cache folder defined!

 

User: Default

->Temp folder emptied: 0 bytes

-> No Temporary Internet Files cache folder defined!

->Flash cache emptied: 41620 bytes

 

User: Default User

-> No Temporary Internet Files cache folder defined!

 

User: Public

-> No Temporary Internet Files cache folder defined!

 

User: tilyo

-> No Temporary Internet Files cache folder defined!

 

User: Tilyo Petrov Rusev

->Temp folder emptied: 12368472 bytes

-> No Temporary Internet Files cache folder defined!

->Java cache emptied: 0 bytes

->FireFox cache emptied: 41977510 bytes

->Google Chrome cache emptied: 346972628 bytes

->Apple Safari cache emptied: 2207120 bytes

->Flash cache emptied: 828 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 25680866 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 409,00 mb

 

 

OTL by OldTimer - Version 3.2.7.1 log created on 07082010_072128

 

Files\Folders moved on Reboot...

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF16DF.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF17C4.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF1A31.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF1A92.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF1D5A.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF1D64.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF1DFF.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF1E07.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF1F6F.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF1F7B.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF369.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF371.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF444A.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF4456.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF4C8B.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF4C93.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF4D17.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF4D22.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF4DC0.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF4DE2.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF4FA8.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF4FB0.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF4FDA.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF4FE2.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF5009.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF5012.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF508D.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF5095.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF5100.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF5108.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF514F.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF5157.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF52EC.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF5A1.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF5FD.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF626F.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF6C11.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF6F3A.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF7E4.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF7F27.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF7F2F.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF7F5.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF865A.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DF8727.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DFB517.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DFB51F.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DFC3C1.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DFC5A9.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DFD470.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DFD47B.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DFD59C.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DFD5A8.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DFD682.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DFD698.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DFD90F.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DFD91A.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DFDF2F.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DFDF37.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DFE179.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DFE27E.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DFE2DF.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DFF23B.tmp not found!

File\Folder C:\Users\Tilyo Petrov Rusev\AppData\Local\Temp\~DFF253.tmp not found!

File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

 

Registry entries deleted on Reboot...

Link to comment
Сподели другаде

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Гост
Отговори на тази тема

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   Не можете да качите директно снимка. Качете или добавете изображението от линк (URL)

Loading...
×
 Share
Иди на предишната тема
×
×
  • Създай ново...