Не мога да отварям facebook

Night_Raven · Юни 9, 2012

Не е трябвало да бързаш да изготвяш дневници...

Изтегли OTL и го запази на работния плот:

- стартирай инструмента;

- постави отметка в горната част на Scan All Users;

- в поле Standard Registry избери All;

- от падащо меню File Age избери 90 Days;

- постави отметки още на: Skip Microsoft Files, LOP Check и Purity Check;

- в поле Custom Scans/Fixes (в долната част на програмата) постави следния текст (маркирай го, натисни Ctrl+C и после в полето на OTL натисни Ctrl+V):

netsvcs
msconfig
safebootminimal
safebootnetwork
"%WinDir%\$NtUninstallKB*$." /30
C:\Program Files\Common Files\ComObjects\*.* /s
%SYSTEMDRIVE%\*.*
%USERPROFILE%\*.*
%USERPROFILE%\AppData\Local\*.*
%USERPROFILE%\AppData\Roaming\*.*
%ProgramData%\*.*
%CommonProgramFiles%\*.*
%PROGRAMFILES%\*.*
%systemroot%\system32\config\systemprofile\AppData\Local\*.*
%windir%\SysWOW64\config\systemprofile\AppData\Local\*.*
%windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.*
%windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.*
%windir%	emp\*.*
%windir%\system32\*.
%windir%\sysnative\*.
%Temp%\smtmp\1\*.*
%Temp%\smtmp\2\*.*
%Temp%\smtmp\3\*.*
%Temp%\smtmp\4\*.*
%systemroot%\system32\DBBK\*.* /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\syswow64\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /90
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\syswow64\drivers\*.sys /90
%systemroot%\syswow64\drivers\*.sys /lockedfiles
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\*. /rp /s
%systemroot%\assembly	mp\*.* /S /MD5
%systemroot%\assembly	emp\*.* /S /MD5
%systemroot%\assembly\GAC_32\*.* /S /MD5
%systemroot%\assembly\GAC_64\*.* /S /MD5
%SystemRoot%\assembly\GAC_MSIL\*.* /S /MD5
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes /s
HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s
>C:\commands.txt echo list vol /raw /hide /c
/wait
>C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
/wait
type c:\diskreport.txt /c
/wait
erase c:\commands.txt /hide /c
/wait
erase c:\diskreport.txt /hide /c
/md5start
explorer.exe
lsass.exe
svchost.exe
wininit.exe
winlogon.exe
userinit.exe
atapi.sys
iaStor.sys
serial.sys
volsnap.sys
disk.sys
redbook.sys
i8042prt.sys
afd.sys
netbt.sys
csc.sys
tcpip.sys
dfsc.sys
hlp.dat
/md5stop

- кликни бутон Run Scan;

Изчакай сканирането да приключи. След края на сканирането автоматично ще се отворят двата новосъздадени на работния плот файла: OTL.txt и Extras.txt.

Моля, прикачи тези два файла (поотделно или в архив) към следващия си коментар.

ThE_BeAsT · Юни 10, 2012

Здравей, направи само 1 файл :( май НОД-а нещо се бъзика ... :( OTL.Txt мерси!

Night_Raven · Юни 11, 2012

Не виждам нищо съмнително.

Сканирай с Malwarebytes Anti-Malware. Ако тепърва инсталираш програмата, в края инсталацията ще има отметка за автоматична актуализация, не я премахвай. В противен случай обнови дефинициите й ръчно. Ако вече имаш програмата, провери дали имаш последната версия и ако нямаш, премахни твоята и инсталирай най-новата, като в края на инсталацията остави отметката за актуализация на дефинициите.

Инструкции за сканиране:

- стартирай програмата;

- избери Perform quick scan (Бързо сканиране) и кликни бутон Scan (Сканиране);

- след като приключи сканирането, ако не са открити заплахи, ще се отвори автоматично текстов файл (който можеш да затвориш) и програмата ще те уведоми, че не е открила нищо, след което можеш да кликнеш бутон OK и да я затвориш;

- ако са открити заплахи, кликни бутон OK и после Show Results (Покажи резултатите);

- кликни бутон Remove Selected (Премахни избраните);

Ако е нужен рестарт, се съгласи и рестартирай веднага. След рестарта стартирай отново програмата, иди на подпорозиорец Logs (Дневници), маркирай последния дневник, кликни бутон Open (Отвори) и му копирай съдържанието тук. Ако не е бил нужен рестарт, трябва да се появи текстов файл - копирай му съдържанието тук.

ThE_BeAsT · Юни 11, 2012

5мин и каза, че всичко е наред, не откри нищо.... а все още не се отваря фб с нито 1 браузър, изчистих кеш-а опитва се да зареди пише ... изчакване на www.facebook.com и до там :( няма отваряне

ThE_BeAsT · Юни 11, 2012

Прикрепям и 2 фаила ... как изглежда фб е единия

, а другия е един имейл който получих скоро

Night_Raven · Юни 13, 2012

Изтегли TDSSKiller и:

- разархивирай архива на удобно място;

- стартирай TDSSKiller.exe;

- кликни Change paramteres, в долната секция Additional options постави отметки на Verify driver digital signatures и Detect TDLFS file system и потвърди с OK;

- кликни бутон Start scan и изчакай да се извърши сканирането;

- ако не бъдат открити заплахи, просто кликни Close;

- ако бъдат открити подозрителни обекти, кликни Continue и след това Close;

- ако бъдат открити зловредни обекти, се увери, че от падащите менюта е избрана опцята Cure, кликни Continue и след това Reboot computer;

- в дял C: ще се създаде текстов файл дневник от сканирането (името му започва с TDSSKiller), копирай му съдържанието в следващия си коментар.

ThE_BeAsT · Юни 13, 2012

Абсолютно чист ... и с тази програма както каза опитах, преди това опитах с Malwarebytes Anti-Malware, Spybot - Search & Destroy, Avast, NOD32,RogueKiller, SUPERAntiSpyware Free Edition, за тези се сещам и още има ... имаше открити бисквитки и безвредни ... изчистих всичко и не и не ... ще има преинстал май ... аз друг вариант не виждам, ако се сетите нещо кажете, но явно само това е изхода :(

Night_Raven · Юни 13, 2012

Ако имаш антивирусна програма инсталирана, я спри, както и всякакви други излишни програми. Изтегли ComboFix (ако случайно вече имаш някаква версия, я замени) и го запази на работния плот.

Стартирай го, кликни I Agree, изчакай да се разархивира и сканира докрай. Не кликай по прозореца на инструмента. Ако бъдеш попитан(а) дали да бъде инсталирана Recovery Console, кликни Yes и потвърди след това с OK и отново Yes (два пъти). Сканирането ще продължи. Ако има нужда от рестарт, компютърът ще се рестартира автоматично. След рестарта трябва да продължи сканирането. Отново не закачай прозореца, докато той не се самозатвори. След това постави съдържанието на текстовия файл C:\ComboFix.txt тук или го прикачи към коментара си.

Ако не можеш да установиш връзка с интернет след използване на ComboFix, рестартирай системата.

ThE_BeAsT · Юни 13, 2012

ComboFix.txt

Night_Raven · Юни 13, 2012

Да те пита човек защо не запази файла на работния плот, както инструктирах. Поне има ли подобрение?

ThE_BeAsT · Юни 13, 2012

Защото той затваря всички прозорци и работех по памет от това което бях прочел, а не го мислех много защото знаех, че ако забравя нещо мога да си погледна инструкциите ти... ама не

Ами той компютъра си е ок, просто освен, че не мога да отворя фб друго няма ... но ми е ясно, че проблем има ... през телефона си през същото ИП си влизам ... така, че проблема е в "нашият телевизор" Промяна няма ... пак не се отваря ... мисля тази нощ да го срежа уина освен ... ?

ThE_BeAsT · Юни 14, 2012

След преинстал (придружен с формтирне на 100гб от hdd) ... всичко е както си трябва ... никакви проблеми т.е. някой ако има моят проблем и е опитал 1 седмица борба с какви ли не антивирусни и подобия, но без резултат.... решението е много лесно

Ben Benjamin · Август 2, 2012

Здравейте, аз имам същият проблем с отварянето на фейсбук, операционната система е windows 8, а самият фейсбук не се отваря с нито един браузър... следвах инструкциите Ви и ето какво се получи. Моля помогнете!

OTL logfile created on: 2.8.2012 г. 17:41:15 - Run 1

OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Ben Benjamin\Desktop

Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000402 | Country: България | Language: BGR | Date Format: d.M.yyyy 'г.'

2,67 Gb Total Physical Memory | 1,66 Gb Available Physical Memory | 62,16% Memory free

5,34 Gb Paging File | 4,19 Gb Available in Paging File | 78,57% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 49,90 Gb Total Space | 20,89 Gb Free Space | 41,86% Space Free | Partition Type: NTFS

Drive D: | 250,00 Gb Total Space | 249,14 Gb Free Space | 99,66% Space Free | Partition Type: NTFS

Drive E: | 165,76 Gb Total Space | 165,20 Gb Free Space | 99,66% Space Free | Partition Type: NTFS

Computer Name: BENBENJAMIN-PC | User Name: Ben Benjamin | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2012.08.02 17:14:20 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Ben Benjamin\Desktop\OTL.exe

PRC - [2012.08.01 13:46:16 | 000,874,384 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe

PRC - [2012.07.26 19:52:04 | 001,095,560 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe

PRC - [2012.07.26 19:40:56 | 000,794,560 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe

PRC - [2011.09.28 07:23:10 | 005,458,312 | ---- | M] (Samsung Electronics) -- C:\Program Files\Samsung\Easy Settings\EasySpeedUpManager.exe

PRC - [2011.09.15 11:33:56 | 002,784,336 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Easy Software Manager\SWMAgent.exe

PRC - [2011.09.06 16:36:42 | 002,275,408 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Settings\SmartSetting.exe

PRC - [2011.09.06 16:35:54 | 001,087,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Settings\dmhkcore.exe

PRC - [2011.08.19 12:36:46 | 000,784,976 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Settings\MovieColorEnhancer.exe

PRC - [2011.07.30 07:47:22 | 003,395,664 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Easy Support Center\SSCKbdHk.exe

PRC - [2011.06.17 22:41:44 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2011.06.16 14:41:20 | 001,602,344 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe

PRC - [2011.06.16 14:41:18 | 001,943,336 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe

PRC - [2011.06.05 06:20:20 | 000,803,944 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

PRC - [2011.06.05 02:22:00 | 001,997,416 | R--- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

PRC - [2011.04.21 09:34:12 | 000,923,136 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

PRC - [2011.04.21 08:42:50 | 000,102,672 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

PRC - [2011.03.30 14:42:26 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Bluetooth\obexsrv.exe

PRC - [2011.03.30 14:42:24 | 001,321,296 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Bluetooth\mediasrv.exe

PRC - [2011.03.30 14:42:20 | 000,985,424 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Bluetooth\btplayerctrl.exe

PRC - [2011.03.30 14:42:20 | 000,923,984 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Bluetooth\devmonsrv.exe

PRC - [2010.11.21 00:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32 askhost.exe

========== Modules (No Company Name) ==========

MOD - [2012.08.01 13:46:17 | 000,783,360 | ---- | M] () -- C:\Program Files\Opera\gstreamer\gstreamer.dll

MOD - [2012.08.01 13:46:17 | 000,316,928 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll

MOD - [2012.08.01 13:46:17 | 000,276,480 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll

MOD - [2012.08.01 13:46:17 | 000,168,448 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll

MOD - [2012.08.01 13:46:17 | 000,099,840 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll

MOD - [2012.08.01 13:46:17 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll

MOD - [2012.08.01 13:46:17 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll

MOD - [2012.08.01 13:46:17 | 000,078,336 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll

MOD - [2012.08.01 13:46:17 | 000,076,800 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll

MOD - [2012.08.01 13:46:17 | 000,068,608 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll

MOD - [2012.08.01 13:46:17 | 000,064,000 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll

MOD - [2012.08.01 13:46:17 | 000,046,592 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll

MOD - [2012.08.01 13:46:17 | 000,045,568 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gsttypefindfunctions.dll

MOD - [2011.07.29 09:53:32 | 000,746,064 | ---- | M] () -- C:\Program Files\Samsung\Easy Software Manager\SWMFuncDLL.dll

MOD - [2011.04.10 20:40:40 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll

MOD - [2011.02.17 00:03:20 | 000,203,776 | ---- | M] () -- C:\Program Files\Samsung\Easy Settings\WinCRT.dll

MOD - [2006.08.12 11:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Settings\HookDllPS2.dll

========== Win32 Services (SafeList) ==========

SRV - [2012.07.26 19:40:56 | 000,794,560 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)

SRV - [2011.06.05 02:22:00 | 001,997,416 | R--- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

SRV - [2011.04.21 09:34:12 | 000,923,136 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)

SRV - [2011.04.21 08:42:50 | 000,102,672 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)

SRV - [2011.03.30 14:42:26 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)

SRV - [2011.03.30 14:42:24 | 001,321,296 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)

SRV - [2011.03.30 14:42:20 | 000,923,984 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)

SRV - [2011.03.24 21:17:36 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2009.07.14 04:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009.07.14 04:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)

SRV - [2009.07.14 04:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)

DRV - [2011.12.09 19:45:00 | 000,047,616 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iBtFltCoex.sys -- (iBtFltCoex)

DRV - [2011.11.15 01:04:00 | 000,263,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btmhsf.sys -- (btmhsf)

DRV - [2011.06.17 22:44:40 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)

DRV - [2011.06.05 02:22:00 | 010,581,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2011.06.05 02:22:00 | 000,020,328 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvpciflt.sys -- (nvpciflt)

DRV - [2011.05.01 14:32:08 | 007,513,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETwNs32.sys -- (NETwNs32)

DRV - [2011.04.21 09:22:30 | 000,240,640 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AmpPal.sys -- (AMPPALP)

DRV - [2011.04.21 09:22:30 | 000,240,640 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmpPal.sys -- (AMPPAL)

DRV - [2011.04.12 21:29:40 | 000,006,144 | ---- | M] (Phoenix Technologies Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SGDrv.sys -- (SGDrv)

DRV - [2011.03.18 16:46:26 | 000,061,704 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)

DRV - [2011.03.18 16:46:10 | 000,073,096 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K)

DRV - [2011.03.08 14:41:50 | 000,040,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btmaux.sys -- (btmaux)

DRV - [2011.03.07 12:22:00 | 000,052,992 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EtronXHCI.sys -- (EtronXHCI)

DRV - [2011.03.07 12:22:00 | 000,033,152 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EtronHub3.sys -- (EtronHub3)

DRV - [2011.03.04 18:00:16 | 000,309,224 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\asmtxhci.sys -- (asmtxhci)

DRV - [2011.03.04 18:00:14 | 000,100,328 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\asmthub3.sys -- (asmthub3)

DRV - [2011.02.22 21:21:54 | 000,319,592 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)

DRV - [2011.02.10 16:52:10 | 000,141,952 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)

DRV - [2011.02.10 16:52:10 | 000,063,872 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)

DRV - [2011.01.14 19:39:10 | 000,129,640 | ---- | M] (Bigfoot Networks, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Xeno7x86.sys -- (BFN7x86)

DRV - [2011.01.14 19:39:08 | 000,129,640 | ---- | M] (Bigfoot Networks, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\XenoVx86.sys -- (BFNVis32)

DRV - [2011.01.13 03:47:50 | 000,061,712 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ifP60x32.sys -- (IFCoEVB)

DRV - [2011.01.13 03:47:48 | 000,269,584 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ifM60x32.sys -- (IFCoEMP)

DRV - [2010.12.16 18:16:04 | 000,076,840 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bxdiagx.sys -- (b06diag)

DRV - [2010.12.16 01:06:50 | 000,037,504 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)

DRV - [2010.12.10 20:27:48 | 000,431,144 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bxois.sys -- (BXOIS)

DRV - [2010.11.21 00:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV - [2010.11.21 00:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV - [2010.11.21 00:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)

DRV - [2010.11.21 00:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers susbhub.sys -- (tsusbhub)

DRV - [2010.11.21 00:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)

DRV - [2010.11.21 00:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)

DRV - [2010.11.21 00:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)

DRV - [2010.11.21 00:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV - [2010.11.21 00:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers erminpt.sys -- (terminpt)

DRV - [2010.11.21 00:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)

DRV - [2010.11.21 00:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)

DRV - [2010.10.15 11:27:19 | 000,269,824 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)

DRV - [2010.02.27 02:31:23 | 000,132,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)

DRV - [2009.11.16 14:28:00 | 000,037,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\qd26032.sys -- (ioatdma2)

DRV - [2009.11.16 14:27:58 | 000,036,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\qd16032.sys -- (ioatdma1)

DRV - [2009.08.01 19:10:10 | 000,058,400 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SISAGPX.SYS -- (uagp35)

DRV - [2009.08.01 19:10:10 | 000,058,400 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SISAGPX.SYS -- (sisagp)

DRV - [2009.07.17 03:51:52 | 000,024,608 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvamacpi.sys -- (nvamacpi)

DRV - [2009.07.14 02:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)

DRV - [2009.06.29 02:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)

DRV - [2009.06.23 16:49:58 | 000,040,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)

DRV - [2009.06.23 16:49:58 | 000,040,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)

DRV - [2009.02.24 21:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)

DRV - [2008.09.29 15:51:18 | 000,053,376 | ---- | M] (Intel Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HWA.sys -- (HWA)

DRV - [2008.09.15 13:50:46 | 000,009,600 | ---- | M] (Intel Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbuwbmini.sys -- (uwbusb)

DRV - [2008.09.11 19:56:06 | 000,500,736 | ---- | M] (Intel Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DfuUWB.sys -- (dfuuwb)

DRV - [2007.11.03 17:15:02 | 000,011,008 | ---- | M] (Intel Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cbaf.sys -- (cbaf)

DRV - [2005.11.09 19:29:08 | 000,012,928 | ---- | M] (TerraTec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers tp7up.sys -- (TTP7)

DRV - [2005.11.02 13:54:44 | 000,011,596 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\copperhd.sys -- (UsbFltr)

DRV - [2004.08.13 12:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-2167608072-2774453898-4039104790-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm

IE - HKU\S-1-5-21-2167608072-2774453898-4039104790-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKU\S-1-5-21-2167608072-2774453898-4039104790-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.softonic.com/MON00006/tb_v1?SearchSource=10&cc=

IE - HKU\S-1-5-21-2167608072-2774453898-4039104790-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

IE - HKU\S-1-5-21-2167608072-2774453898-4039104790-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = bg-BG

IE - HKU\S-1-5-21-2167608072-2774453898-4039104790-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D3 52 AB B9 66 6F CD 01 [binary data]

IE - HKU\S-1-5-21-2167608072-2774453898-4039104790-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-2167608072-2774453898-4039104790-1000\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll (Spigot, Inc.)

IE - HKU\S-1-5-21-2167608072-2774453898-4039104790-1000\..\SearchScopes,DefaultScope = {ABD76B09-CA68-4651-8968-130E7D163036}

IE - HKU\S-1-5-21-2167608072-2774453898-4039104790-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKU\S-1-5-21-2167608072-2774453898-4039104790-1000\..\SearchScopes\{ABD76B09-CA68-4651-8968-130E7D163036}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}

IE - HKU\S-1-5-21-2167608072-2774453898-4039104790-1000\..\SearchScopes\{D079EB86-71C6-47E7-A88D-5509AFB1DC2D}: "URL" = http://search.softonic.com/MON00006/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=617

IE - HKU\S-1-5-21-2167608072-2774453898-4039104790-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2167608072-2774453898-4039104790-1001\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

[2012.08.01 15:19:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2009.06.11 00:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll (Spigot, Inc.)

O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)

O3 - HKLM\..\Toolbar: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll (Spigot, Inc.)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [bTMTrayAgent] C:\Program Files\Intel\Bluetooth\btmshell.dll (Intel Corporation)

O4 - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)

O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [searchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)

O4 - HKLM..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2167608072-2774453898-4039104790-1001..\Run: [sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2167608072-2774453898-4039104790-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17

O7 - HKU\S-1-5-21-2167608072-2774453898-4039104790-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.87.194.4 8.8.8.8

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{97395066-9727-41BF-8642-5EE4401900DE}: DhcpNameServer = 95.87.194.4 8.8.8.8

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler v {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)

O20 - AppInit_DLLs: (C:\Windows\system32\nvinit.dll) - C:\Windows\System32\nvinit.dll (NVIDIA Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\System32\igfxdev.dll (Intel Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32 spkg.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.06.11 00:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{4bbba7f5-db7a-11e1-a8d7-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{4bbba7f5-db7a-11e1-a8d7-806e6f6e6963}\Shell\AutoRun\command - "" = F:\SecSWMgrGuide.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

MsConfig - State: "bootini" - 2

MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: NTDS - File not found

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootMin: WudfRd - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: NTDS - File not found

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootNet: WudfRd - Driver

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

========== Files/Folders - Created Within 90 Days ==========

[2012.08.02 17:14:20 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Ben Benjamin\Desktop\OTL.exe

[2012.08.01 23:55:44 | 000,000,000 | R--D | C] -- C:\Users\Ben Benjamin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[2012.08.01 23:55:44 | 000,000,000 | R--D | C] -- C:\Users\Ben Benjamin\Searches

[2012.08.01 23:55:44 | 000,000,000 | R--D | C] -- C:\Users\Ben Benjamin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2012.08.01 23:55:44 | 000,000,000 | -H-D | C] -- C:\Users\Ben Benjamin\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned

[2012.08.01 23:54:49 | 000,000,000 | ---D | C] -- C:\Users\Ben Benjamin\AppData\Roaming\Identities

[2012.08.01 23:54:47 | 000,000,000 | R--D | C] -- C:\Users\Ben Benjamin\Contacts

[2012.08.01 23:54:34 | 000,000,000 | ---D | C] -- C:\Users\Ben Benjamin\AppData\Local\VirtualStore

[2012.08.01 23:54:32 | 000,000,000 | --SD | C] -- C:\Users\Ben Benjamin\AppData\Roaming\Microsoft

[2012.08.01 23:54:32 | 000,000,000 | R--D | C] -- C:\Users\Ben Benjamin\Videos

[2012.08.01 23:54:32 | 000,000,000 | R--D | C] -- C:\Users\Ben Benjamin\Saved Games

[2012.08.01 23:54:32 | 000,000,000 | R--D | C] -- C:\Users\Ben Benjamin\Pictures

[2012.08.01 23:54:32 | 000,000,000 | R--D | C] -- C:\Users\Ben Benjamin\Music

[2012.08.01 23:54:32 | 000,000,000 | R--D | C] -- C:\Users\Ben Benjamin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2012.08.01 23:54:32 | 000,000,000 | R--D | C] -- C:\Users\Ben Benjamin\Links

[2012.08.01 23:54:32 | 000,000,000 | R--D | C] -- C:\Users\Ben Benjamin\Favorites

[2012.08.01 23:54:32 | 000,000,000 | R--D | C] -- C:\Users\Ben Benjamin\Downloads

[2012.08.01 23:54:32 | 000,000,000 | R--D | C] -- C:\Users\Ben Benjamin\Documents

[2012.08.01 23:54:32 | 000,000,000 | R--D | C] -- C:\Users\Ben Benjamin\Desktop

[2012.08.01 23:54:32 | 000,000,000 | R--D | C] -- C:\Users\Ben Benjamin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2012.08.01 23:54:32 | 000,000,000 | -HSD | C] -- C:\Users\Ben Benjamin\AppData\Local\Temporary Internet Files

[2012.08.01 23:54:32 | 000,000,000 | -HSD | C] -- C:\Users\Ben Benjamin\Templates

[2012.08.01 23:54:32 | 000,000,000 | -HSD | C] -- C:\Users\Ben Benjamin\Start Menu

[2012.08.01 23:54:32 | 000,000,000 | -HSD | C] -- C:\Users\Ben Benjamin\SendTo

[2012.08.01 23:54:32 | 000,000,000 | -HSD | C] -- C:\Users\Ben Benjamin\Recent

[2012.08.01 23:54:32 | 000,000,000 | -HSD | C] -- C:\Users\Ben Benjamin\PrintHood

[2012.08.01 23:54:32 | 000,000,000 | -HSD | C] -- C:\Users\Ben Benjamin\NetHood

[2012.08.01 23:54:32 | 000,000,000 | -HSD | C] -- C:\Users\Ben Benjamin\Documents\My Videos

[2012.08.01 23:54:32 | 000,000,000 | -HSD | C] -- C:\Users\Ben Benjamin\Documents\My Pictures

[2012.08.01 23:54:32 | 000,000,000 | -HSD | C] -- C:\Users\Ben Benjamin\Documents\My Music

[2012.08.01 23:54:32 | 000,000,000 | -HSD | C] -- C:\Users\Ben Benjamin\My Documents

[2012.08.01 23:54:32 | 000,000,000 | -HSD | C] -- C:\Users\Ben Benjamin\Local Settings

[2012.08.01 23:54:32 | 000,000,000 | -HSD | C] -- C:\Users\Ben Benjamin\AppData\Local\History

[2012.08.01 23:54:32 | 000,000,000 | -HSD | C] -- C:\Users\Ben Benjamin\Cookies

[2012.08.01 23:54:32 | 000,000,000 | -HSD | C] -- C:\Users\Ben Benjamin\Application Data

[2012.08.01 23:54:32 | 000,000,000 | -HSD | C] -- C:\Users\Ben Benjamin\AppData\Local\Application Data

[2012.08.01 23:54:32 | 000,000,000 | -H-D | C] -- C:\Users\Ben Benjamin\AppData

[2012.08.01 23:54:32 | 000,000,000 | ---D | C] -- C:\Users\Ben Benjamin\AppData\Local\Temp

[2012.08.01 23:54:32 | 000,000,000 | ---D | C] -- C:\Users\Ben Benjamin\AppData\Local\Microsoft

[2012.08.01 23:54:32 | 000,000,000 | ---D | C] -- C:\Users\Ben Benjamin\AppData\Roaming\Media Center Programs

[2012.08.01 23:53:55 | 000,000,000 | -HSD | C] -- C:\Recovery

[2012.08.01 15:55:14 | 000,000,000 | ---D | C] -- C:\Program Files\YTD Toolbar

[2012.08.01 15:55:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot

[2012.08.01 15:55:14 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater

[2012.08.01 15:54:55 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD Video Downloader

[2012.08.01 15:54:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader

[2012.08.01 15:54:52 | 000,000,000 | ---D | C] -- C:\Program Files\GreenTree Applications

[2012.08.01 15:43:12 | 000,000,000 | ---D | C] -- C:\Windows\Panther

[2012.08.01 15:19:55 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo

[2012.08.01 15:19:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer

[2012.08.01 15:19:46 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2012.08.01 15:19:42 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group

[2012.08.01 15:19:42 | 000,000,000 | ---D | C] -- C:\Users\Ben Benjamin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller

[2012.08.01 15:19:23 | 002,617,648 | ---- | C] (VS Revo Group Ltd.) -- C:\Users\Ben Benjamin\Desktop\revosetup.exe

[2012.08.01 13:46:19 | 000,000,000 | ---D | C] -- C:\Users\Ben Benjamin\AppData\Roaming\Opera

[2012.08.01 13:46:19 | 000,000,000 | ---D | C] -- C:\Users\Ben Benjamin\AppData\Local\Opera

[2012.08.01 13:46:16 | 000,000,000 | ---D | C] -- C:\Program Files\Opera

[2012.08.01 13:42:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\bg-BG

[2012.08.01 13:42:46 | 000,000,000 | ---D | C] -- C:\Windows\bg-BG

[2012.08.01 12:45:46 | 000,000,000 | ---D | C] -- C:\Users\Ben Benjamin\AppData\Roaming\Skype

[2012.08.01 04:46:57 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2012.08.01 04:46:30 | 000,088,408 | R--- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll

[2012.08.01 04:46:29 | 003,296,600 | R--- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll

[2012.08.01 04:46:29 | 000,345,944 | R--- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll

[2012.08.01 04:46:28 | 000,061,272 | R--- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll

[2012.08.01 04:46:27 | 000,102,744 | R--- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll

[2012.08.01 04:46:23 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek

[2012.08.01 04:46:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM

[2012.08.01 04:46:01 | 000,000,000 | ---D | C] -- C:\Intel

[2012.08.01 04:44:37 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch

[2012.08.01 04:43:45 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[2012.08.01 03:16:40 | 000,000,000 | ---D | C] -- C:\Users\Ben Benjamin\AppData\Local\ElevatedDiagnostics

[2012.08.01 02:07:28 | 000,000,000 | ---D | C] -- C:\Users\Ben Benjamin\AppData\Local\Microsoft Games

[2012.08.01 00:58:22 | 000,000,000 | ---D | C] -- C:\Users\Ben Benjamin\AppData\Roaming\Ahead

[2012.08.01 00:58:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7

[2012.08.01 00:58:16 | 001,568,768 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\System32\imagX7.dll

[2012.08.01 00:58:16 | 000,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\System32\imagXpr7.dll

[2012.08.01 00:58:16 | 000,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\System32\imagXRA7.dll

[2012.08.01 00:58:16 | 000,364,544 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\System32\TwnLib4.dll

[2012.08.01 00:58:16 | 000,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\System32\imagXR7.dll

[2012.08.01 00:58:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead

[2012.08.01 00:58:08 | 000,000,000 | ---D | C] -- C:\Program Files\Nero

[2012.08.01 00:45:43 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent

[2012.08.01 00:45:36 | 000,000,000 | ---D | C] -- C:\Users\Ben Benjamin\AppData\Roaming\uTorrent

[2012.08.01 00:45:20 | 000,000,000 | ---D | C] -- C:\Program Files\SA Dictionary 2005 T2

[2012.08.01 00:44:58 | 000,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\Windows\uninst.exe

[2012.08.01 00:43:49 | 000,000,000 | ---D | C] -- C:\Users\Ben Benjamin\AppData\Roaming\Macromedia

[2012.08.01 00:43:49 | 000,000,000 | ---D | C] -- C:\Users\Ben Benjamin\AppData\Roaming\Adobe

[2012.08.01 00:43:48 | 000,000,000 | ---D | C] -- C:\Users\Ben Benjamin\Documents\The KMPlayer

[2012.08.01 00:43:12 | 000,000,000 | ---D | C] -- C:\Users\Ben Benjamin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer

[2012.08.01 00:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer

[2012.08.01 00:42:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

[2012.08.01 00:42:49 | 000,000,000 | ---D | C] -- C:\Program Files\Skype

[2012.08.01 00:42:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype

[2012.08.01 00:42:18 | 000,000,000 | ---D | C] -- C:\Users\Ben Benjamin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

[2012.08.01 00:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

[2012.08.01 00:42:13 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR

[2012.08.01 00:35:34 | 000,000,000 | ---D | C] -- C:\Windows\pss

[2012.08.01 00:29:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\NV

[2012.08.01 00:24:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield

[2012.08.01 00:16:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe

[2012.08.01 00:16:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe

[2012.08.01 00:16:13 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe

[2012.08.01 00:12:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed

[2012.08.01 00:05:39 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA

[2012.08.01 00:05:14 | 000,000,000 | -HSD | C] -- C:\Windows\Installer

[2012.08.01 00:05:06 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation

[2012.08.01 00:04:55 | 000,947,304 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3220141.dll

[2012.08.01 00:04:55 | 000,851,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322061.dll

[2012.08.01 00:04:49 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

[2012.08.01 00:04:48 | 006,029,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll

[2012.08.01 00:04:48 | 000,645,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvumdshim.dll

[2012.08.01 00:04:48 | 000,380,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoptimusmft.dll

[2012.08.01 00:04:48 | 000,020,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvpciflt.sys

[2012.08.01 00:04:46 | 015,051,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll

[2012.08.01 00:04:45 | 010,581,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys

[2012.08.01 00:04:44 | 000,320,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdecodemft.dll

[2012.08.01 00:04:44 | 000,193,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvinit.dll

[2012.08.01 00:04:42 | 010,061,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll

[2012.08.01 00:04:41 | 002,954,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll

[2012.08.01 00:04:41 | 002,579,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll

[2012.08.01 00:04:40 | 004,936,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll

[2012.08.01 00:04:23 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll

[2012.08.01 00:04:23 | 001,970,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll

[2012.08.01 00:04:23 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd

[2012.08.01 00:04:09 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation

[2012.08.01 00:03:30 | 000,000,000 | ---D | C] -- C:\Users\Ben Benjamin\AppData\Roaming\InstallShield

[2012.08.01 00:01:54 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll

[2012.08.01 00:01:54 | 000,000,000 | ---D | C] -- C:\Program Files\Intel

[2012.08.01 00:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung

[2012.08.01 00:01:01 | 000,006,144 | ---- | C] (Phoenix Technologies Ltd.) -- C:\Windows\System32\drivers\SGDrv.sys

[2012.08.01 00:00:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung

[2012.08.01 00:00:58 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information

[2012.08.01 00:00:58 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung

========== Files - Modified Within 90 Days ==========

[2012.08.02 17:14:20 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Ben Benjamin\Desktop\OTL.exe

[2012.08.02 16:44:27 | 000,021,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.08.02 16:44:27 | 000,021,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.08.02 16:41:30 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2012.08.02 16:41:30 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2012.08.02 16:37:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.08.02 16:36:52 | 2864,234,496 | -HS- | M] () -- C:\hiberfil.sys

[2012.08.01 15:54:53 | 000,001,251 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk

[2012.08.01 15:19:47 | 000,000,058 | ---- | M] () -- C:\user.js

[2012.08.01 15:19:42 | 000,001,226 | ---- | M] () -- C:\Users\Ben Benjamin\Desktop\Revo Uninstaller.lnk

[2012.08.01 15:19:29 | 002,617,648 | ---- | M] (VS Revo Group Ltd.) -- C:\Users\Ben Benjamin\Desktop\revosetup.exe

[2012.08.01 13:46:17 | 000,001,779 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk

[2012.08.01 13:44:51 | 000,001,754 | ---- | M] () -- C:\Users\Public\Desktop\Browser Choice.lnk

[2012.08.01 13:44:05 | 000,268,184 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2012.08.01 04:48:16 | 000,116,385 | ---- | M] () -- C:\Windows\System32\license.rtf

[2012.08.01 04:46:20 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf

[2012.08.01 00:58:17 | 000,000,987 | ---- | M] () -- C:\Users\Ben Benjamin\Desktop\Nero Burning ROM.lnk

[2012.08.01 00:51:51 | 000,001,411 | ---- | M] () -- C:\Users\Ben Benjamin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012.08.01 00:50:36 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml

[2012.08.01 00:50:36 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml

[2012.08.01 00:45:26 | 000,000,000 | ---- | M] () -- C:\Windows\PROTOCOL.INI

[2012.08.01 00:45:22 | 000,001,017 | ---- | M] () -- C:\Users\Public\Desktop\SA Dictionary.lnk

[2012.08.01 00:44:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2012.08.01 00:44:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2012.08.01 00:43:12 | 000,000,997 | ---- | M] () -- C:\Users\Ben Benjamin\Desktop\KMPlayer.lnk

[2012.08.01 00:42:49 | 000,002,493 | ---- | M] () -- C:\Users\Ben Benjamin\Desktop\Skype.lnk

[2012.08.01 00:23:16 | 000,001,250 | ---- | M] () -- C:\Windows\HotFixList.ini

[2012.08.01 00:12:04 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SABI_01009.Wdf

[2012.08.01 00:07:51 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_AMPPAL_01009.Wdf

[2012.08.01 00:07:35 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_btmaux_01009.Wdf

[2012.08.01 00:07:26 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf

========== Files Created - No Company Name ==========

[2012.08.01 23:55:47 | 000,001,417 | ---- | C] () -- C:\Users\Ben Benjamin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2012.08.01 23:54:32 | 000,000,290 | ---- | C] () -- C:\Users\Ben Benjamin\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk

[2012.08.01 23:54:32 | 000,000,272 | ---- | C] () -- C:\Users\Ben Benjamin\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

[2012.08.01 15:54:53 | 000,001,251 | ---- | C] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk

[2012.08.01 15:19:47 | 000,000,058 | ---- | C] () -- C:\user.js

[2012.08.01 15:19:42 | 000,001,226 | ---- | C] () -- C:\Users\Ben Benjamin\Desktop\Revo Uninstaller.lnk

[2012.08.01 13:46:17 | 000,001,791 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk

[2012.08.01 13:46:17 | 000,001,779 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk

[2012.08.01 13:44:51 | 000,001,754 | ---- | C] () -- C:\Users\Public\Desktop\Browser Choice.lnk

[2012.08.01 04:47:56 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk

[2012.08.01 04:47:49 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk

[2012.08.01 04:46:20 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf

[2012.08.01 04:43:45 | 2864,234,496 | -HS- | C] () -- C:\hiberfil.sys

[2012.08.01 00:58:17 | 000,000,987 | ---- | C] () -- C:\Users\Ben Benjamin\Desktop\Nero Burning ROM.lnk

[2012.08.01 00:51:51 | 000,001,411 | ---- | C] () -- C:\Users\Ben Benjamin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012.08.01 00:50:28 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml

[2012.08.01 00:50:28 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml

[2012.08.01 00:45:26 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI

[2012.08.01 00:45:24 | 000,001,029 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SA Dictionary.lnk

[2012.08.01 00:45:22 | 000,001,017 | ---- | C] () -- C:\Users\Public\Desktop\SA Dictionary.lnk

[2012.08.01 00:44:00 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS

[2012.08.01 00:44:00 | 000,000,000 | RHS- | C] () -- C:\IO.SYS

[2012.08.01 00:43:12 | 000,000,997 | ---- | C] () -- C:\Users\Ben Benjamin\Desktop\KMPlayer.lnk

[2012.08.01 00:42:49 | 000,002,493 | ---- | C] () -- C:\Users\Ben Benjamin\Desktop\Skype.lnk

[2012.08.01 00:17:25 | 000,001,250 | ---- | C] () -- C:\Windows\HotFixList.ini

[2012.08.01 00:16:57 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk

[2012.08.01 00:12:04 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SABI_01009.Wdf

[2012.08.01 00:07:51 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_AMPPAL_01009.Wdf

[2012.08.01 00:07:35 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_btmaux_01009.Wdf

[2012.08.01 00:07:26 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf

[2012.08.01 00:04:55 | 000,004,756 | ---- | C] () -- C:\Windows\System32\nvinfo.pb

[2011.06.05 06:20:52 | 001,613,548 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin

[2011.05.18 23:56:35 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys

[2011.05.16 13:56:31 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll

[2011.05.16 13:56:30 | 013,356,032 | ---- | C] () -- C:\Windows\System32\ig4icd32.dll

[2011.05.16 13:56:30 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll

[2011.05.16 13:56:30 | 000,056,832 | ---- | C] () -- C:\Windows\System32\igdde32.dll

[2011.05.16 13:56:12 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config

[2011.05.16 13:56:11 | 000,963,116 | ---- | C] () -- C:\Windows\System32\igkrng600.bin

[2011.05.16 13:56:11 | 000,218,304 | ---- | C] () -- C:\Windows\System32\igfcg600m.bin

[2011.05.16 13:56:11 | 000,145,804 | ---- | C] () -- C:\Windows\System32\igcompkrng600.bin

[2011.05.16 13:48:26 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

[2011.05.16 13:48:02 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll

[2010.11.21 00:29:34 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe

[2010.11.21 00:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

========== LOP Check ==========

[2012.08.01 13:46:19 | 000,000,000 | ---D | M] -- C:\Users\Ben Benjamin\AppData\Roaming\Opera

[2012.08.01 18:00:34 | 000,000,000 | ---D | M] -- C:\Users\Ben Benjamin\AppData\Roaming\uTorrent

[2009.07.14 07:53:46 | 000,004,696 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >

[2009.06.11 00:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2009.06.11 00:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys

[2012.08.02 16:36:52 | 2864,234,496 | -HS- | M] () -- C:\hiberfil.sys

[2012.08.01 00:44:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2012.08.01 00:44:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2012.08.02 16:36:58 | 2864,234,496 | -HS- | M] () -- C:\pagefile.sys

[2012.08.01 00:25:38 | 000,000,163 | ---- | M] () -- C:\setup.log

[2012.08.01 15:19:47 | 000,000,058 | ---- | M] () -- C:\user.js

< %USERPROFILE%\*.* >

[2012.08.02 17:45:01 | 001,048,576 | -H-- | M] () -- C:\Users\Ben Benjamin\NTUSER.DAT

[2012.08.02 17:45:01 | 000,262,144 | -HS- | M] () -- C:\Users\Ben Benjamin\ntuser.dat.LOG1

[2012.08.01 23:54:32 | 000,000,000 | -HS- | M] () -- C:\Users\Ben Benjamin\ntuser.dat.LOG2

[2012.08.01 23:54:54 | 000,065,536 | -HS- | M] () -- C:\Users\Ben Benjamin\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf

[2012.08.01 23:54:54 | 000,524,288 | -HS- | M] () -- C:\Users\Ben Benjamin\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms

[2012.08.01 23:54:54 | 000,524,288 | -HS- | M] () -- C:\Users\Ben Benjamin\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms

[2012.08.01 23:54:32 | 000,000,020 | -HS- | M] () -- C:\Users\Ben Benjamin\ntuser.ini

< %USERPROFILE%\AppData\Local\*.* >

[2012.08.01 02:07:26 | 000,058,000 | ---- | M] () -- C:\Users\Ben Benjamin\AppData\Local\GDIPFONTCACHEV1.DAT

[2012.08.01 18:00:33 | 001,814,027 | -H-- | M] () -- C:\Users\Ben Benjamin\AppData\Local\IconCache.db

< %USERPROFILE%\AppData\Roaming\*.* >

< %ProgramData%\*.* >

< %CommonProgramFiles%\*.* >

< %PROGRAMFILES%\*.* >

[2009.07.14 07:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /90 >

[2012.06.02 07:53:58 | 000,369,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\cng.sys

[2012.06.02 07:57:51 | 000,067,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ksecdd.sys

[2012.06.02 07:57:56 | 000,134,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ksecpkg.sys

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

[2009.07.14 04:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\jnwppr.dll

[2010.11.21 00:29:21 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\winprint.dll

< MD5 for: EXPLORER.EXE >

[2011.06.17 22:41:44 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\explorer.exe

[2011.06.17 22:41:44 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe

[2010.11.21 00:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe

[2011.06.17 22:05:48 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=5BD9AAA6E29BB935BFE3B30408B86E6F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21624_none_543adddcf1244385\explorer.exe

[2011.06.17 22:32:14 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=70F14C026A2600D28A30AAAE2B58E33F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17547_none_539ea217d81427a2\explorer.exe

[2011.06.17 22:41:44 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

[2011.06.17 22:32:14 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=F299294A90A31E9A30AC1392861BCF56 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21646_none_54273e98f132ae15\explorer.exe

< MD5 for: USERINIT.EXE >

[2010.11.21 00:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe

[2010.11.21 00:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

< MD5 for: VOLSNAP.SYS >

[2011.06.17 22:06:03 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=8481AD1D474F9F48EAA9AF19F9C634A7 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_neutral_68387534bc6a940a\volsnap.sys

[2011.06.17 22:06:03 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=8481AD1D474F9F48EAA9AF19F9C634A7 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7601.21624_none_183cee4b737ccf93\volsnap.sys

[2011.06.17 22:34:57 | 000,246,144 | ---- | M] (Microsoft Corporation) MD5=9356AA63B1F89A7B283983446D58899E -- C:\Windows\System32\drivers\volsnap.sys

[2011.06.17 22:34:57 | 000,246,144 | ---- | M] (Microsoft Corporation) MD5=9356AA63B1F89A7B283983446D58899E -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_neutral_e0d81f10362768ec\volsnap.sys

[2011.06.17 22:34:57 | 000,246,144 | ---- | M] (Microsoft Corporation) MD5=9356AA63B1F89A7B283983446D58899E -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7601.21668_none_1815afc37399a4b3\volsnap.sys

[2011.06.17 22:34:57 | 000,246,144 | ---- | M] (Microsoft Corporation) MD5=C37AEE5966EB5929E2051AC7409B5730 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_neutral_75a4e841d2c973b4\volsnap.sys

[2011.06.17 22:34:57 | 000,246,144 | ---- | M] (Microsoft Corporation) MD5=C37AEE5966EB5929E2051AC7409B5730 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7601.17567_none_178b12ae5a7ceb92\volsnap.sys

[2010.11.21 00:29:03 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_neutral_6dee0205881d1a1d\volsnap.sys

[2010.11.21 00:29:03 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys

< MD5 for: WININIT.EXE >

[2009.07.14 04:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe

[2009.07.14 04:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >

[2010.11.21 00:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe

[2011.06.17 22:19:05 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=D32DC5D0A010D0C1718C40EAA8C5CDD4 -- C:\Windows\System32\winlogon.exe

[2011.06.17 22:19:05 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=D32DC5D0A010D0C1718C40EAA8C5CDD4 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.21624_none_724937e14c5950bb\winlogon.exe

< End of report >

Извинявам се за грешката, windows е 7

OTL Extras logfile created on: 2.8.2012 г. 17:41:15 - Run 1

OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Ben Benjamin\Desktop

Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000402 | Country: България | Language: BGR | Date Format: d.M.yyyy 'г.'

2,67 Gb Total Physical Memory | 1,66 Gb Available Physical Memory | 62,16% Memory free

5,34 Gb Paging File | 4,19 Gb Available in Paging File | 78,57% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 49,90 Gb Total Space | 20,89 Gb Free Space | 41,86% Space Free | Partition Type: NTFS

Drive D: | 250,00 Gb Total Space | 249,14 Gb Free Space | 99,66% Space Free | Partition Type: NTFS

Drive E: | 165,76 Gb Total Space | 165,20 Gb Free Space | 99,66% Space Free | Partition Type: NTFS

Computer Name: BENBENJAMIN-PC | User Name: Ben Benjamin | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)

https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd \"%V\" (Microsoft Corporation)

Directory [elevatecmd] -- Reg Error: Key error.

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [TakeOwn] -- cmd.exe /c takeown /f \"%1\" /r /d y && icacls \"%1\" /grant administrators:F /t (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0057866A-F829-4A72-9419-271CA5C4F041}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |

"{09D5D6D5-C19A-4E99-87BF-DA681A8FEB33}" = protocol=6 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |

"{493DA8E3-4157-47B5-A852-EBF1A151F177}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |

"{4D4BDCB3-E9EB-4A11-BA71-99F99BA1F3FE}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |

"{6919F46C-B92C-4CDE-9EB0-4D5C72B066AD}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |

"{98BD8A69-C813-4A91-ABC4-7327B69292BC}" = protocol=6 | dir=in | app=d:\install\utorrent.exe |

"{9F81559B-50BC-488E-A859-D1266727309E}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |

"{A47C943C-E8E6-470F-9C36-DFE9442253C4}" = protocol=17 | dir=in | app=d:\install\utorrent.exe |

"{C0CC5635-368F-42D3-81AE-5DB0BC28596F}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{F6E7B1D4-A870-4D18-A02A-2110BFC75498}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |

"{FA1B2901-F934-4FF7-858F-011D38D92035}" = protocol=17 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{006B5C65-3938-4246-B182-994A7E415EDE}" = Intel® PROSet/Wireless Software for Bluetooth® Technology

"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Settings

"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9

"{331ECF61-69AF-4F57-AC35-AFED610231C3}" = Multimedia POP

"{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel® PROSet/Wireless WiFi Software

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{48DB5914-8772-472D-B8DF-E2092BE598F6}" = Adobe Flash Player 10 ActiveX

"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8

"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02

"{95BB7324-77D3-4BF3-8CF6-29F0857AC175}" = Easy File Share

"{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}" = Intel® PROSet/Wireless for Bluetooth® 3.0 + High Speed

"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI

"{AD86049C-3D9C-43E1-BE73-643F57D83D50}" = Easy Migration

"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 268.83

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 268.83

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.23

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{BCC315E7-2E8F-4EFD-8A0B-F8F276FE73F2}" = YTD Toolbar v6.2

"{DE256D8B-D971-456D-BC02-CB64DA24F115}" = Easy Software Manager

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F687E657-F636-44DF-8125-9FEEA2C362F5}" = Easy Support Center 1.0

"Elantech" = ETDWare PS/2-X86 10.0.7.2_WHQL

"Nero 7 Lite_is1" = Nero 7 Lite 7.9.6.0

"Opera 12.00.1467" = Opera 12.00

"ProInst" = Intel PROSet Wireless

"Revo Uninstaller" = Revo Uninstaller 1.94

"SA Dictionary 2005 T2" = SA Dictionary 2005 T2

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"The KMPlayer" = The KMPlayer (remove only)

"WinRAR archiver" = WinRAR archiver

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2167608072-2774453898-4039104790-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 1.8.2012 г. 09:18:31 | Computer Name = BenBenjamin-PC | Source = .NET Runtime Optimization Service | ID = 1101

Description =

Error - 1.8.2012 г. 09:18:33 | Computer Name = BenBenjamin-PC | Source = .NET Runtime Optimization Service | ID = 1101

Description =

Error - 1.8.2012 г. 09:18:35 | Computer Name = BenBenjamin-PC | Source = .NET Runtime Optimization Service | ID = 1101

Description =

Error - 1.8.2012 г. 09:18:36 | Computer Name = BenBenjamin-PC | Source = .NET Runtime Optimization Service | ID = 1101

Description =

Error - 1.8.2012 г. 09:18:37 | Computer Name = BenBenjamin-PC | Source = .NET Runtime Optimization Service | ID = 1101

Description =

Error - 1.8.2012 г. 09:18:38 | Computer Name = BenBenjamin-PC | Source = .NET Runtime Optimization Service | ID = 1101

Description =

Error - 1.8.2012 г. 09:18:40 | Computer Name = BenBenjamin-PC | Source = .NET Runtime Optimization Service | ID = 1101

Description =

Error - 1.8.2012 г. 09:18:40 | Computer Name = BenBenjamin-PC | Source = .NET Runtime Optimization Service | ID = 1101

Description =

Error - 1.8.2012 г. 09:18:41 | Computer Name = BenBenjamin-PC | Source = .NET Runtime Optimization Service | ID = 1101

Description =

Error - 2.8.2012 г. 09:38:46 | Computer Name = BenBenjamin-PC | Source = WinMgmt | ID = 10

Description =

[ System Events ]

Error - 31.7.2012 г. 19:52:01 | Computer Name = BenBenjamin-PC | Source = cdrom | ID = 262151