Вероятна зараза от Фейсбук

dimd · Юли 30, 2011

Malwarebytes' Anti-Malware при обновяване изписва :

PROGRAM_ERROR_LOAD_DATABASE/0,13,Create SDK/

Деинсталирам с mbam-clean.exe ,но ефект няма-отново се явява този надпис.

Явно проблема е сериозен

Ето другият лог OTL.txt

OTL logfile created on: 30.7.2011 г. 09:44:56 - Run 1

OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\MITKO\Desktop

Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000402 | Country: България | Language: BGR | Date Format: d.M.yyyy 'г.'

3,50 Gb Total Physical Memory | 2,33 Gb Available Physical Memory | 66,51% Memory free

7,29 Gb Paging File | 6,06 Gb Available in Paging File | 83,09% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 186,29 Gb Total Space | 144,69 Gb Free Space | 77,67% Space Free | Partition Type: NTFS

Drive D: | 279,45 Gb Total Space | 136,09 Gb Free Space | 48,70% Space Free | Partition Type: NTFS

Computer Name: MITKO-PC | User Name: MITKO | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2011.07.30 09:41:26 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\MITKO\Desktop\OTL.exe

PRC - [2011.06.22 08:41:55 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2011.05.28 14:46:56 | 000,803,728 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe

PRC - [2011.05.28 14:46:56 | 000,353,168 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe

PRC - [2011.05.21 09:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

PRC - [2011.05.21 09:01:00 | 000,839,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

PRC - [2011.05.21 09:01:00 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

PRC - [2011.05.20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2011.03.18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\System32\ZoneLabs\vsmon.exe

PRC - [2011.03.18 01:24:50 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

PRC - [2011.02.25 08:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2011.01.12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

PRC - [2011.01.12 16:41:24 | 002,219,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

PRC - [2010.11.20 15:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2009.11.24 14:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files\ASUS\ControlDeck\ControlDeckStartUp.exe

PRC - [2009.11.12 11:10:06 | 001,597,440 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe

PRC - [2009.11.09 20:20:36 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

PRC - [2009.10.26 11:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe

PRC - [2009.09.17 12:33:20 | 000,283,264 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\System32\FBAgent.exe

PRC - [2009.07.23 11:30:06 | 000,544,768 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe

PRC - [2009.07.01 19:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

PRC - [2009.06.19 11:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

PRC - [2009.06.15 18:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

PRC - [2009.05.18 16:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe

PRC - [2008.12.22 18:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe

PRC - [2008.08.13 22:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

PRC - [2008.03.31 03:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe

PRC - [2007.08.03 13:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

PRC - [2005.07.06 16:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe

========== Modules (SafeList) ==========

MOD - [2011.07.30 09:41:26 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\MITKO\Desktop\OTL.exe

MOD - [2010.11.20 14:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2011.05.28 14:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)

SRV - [2011.05.21 09:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

SRV - [2011.05.20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2011.03.18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\System32\ZoneLabs\vsmon.exe -- (vsmon)

SRV - [2011.01.12 16:44:02 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)

SRV - [2011.01.12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)

SRV - [2010.12.27 23:50:30 | 031,124,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)

SRV - [2010.12.06 22:26:42 | 001,343,400 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2009.11.09 20:20:36 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)

SRV - [2009.09.17 12:33:20 | 000,283,264 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\System32\FBAgent.exe -- (AFBAgent)

SRV - [2009.07.21 03:56:20 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP4a\RpcAgentSrv.exe -- (SandraAgentSrv)

SRV - [2009.07.14 04:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009.07.14 04:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)

SRV - [2009.07.14 04:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2009.07.01 19:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)

SRV - [2009.06.15 18:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)

SRV - [2008.03.31 03:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)

SRV - [2007.08.03 13:24:54 | 000,125,496 | ---- | M] () [On_Demand | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)

========== Driver Services (SafeList) ==========

DRV - [2011.07.04 20:45:35 | 000,091,264 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\archlp.sys -- (archlp)

DRV - [2011.05.21 09:01:00 | 010,589,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2011.05.10 12:41:28 | 000,139,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)

DRV - [2011.03.18 19:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)

DRV - [2010.12.21 15:04:06 | 000,137,144 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)

DRV - [2010.12.21 15:04:06 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)

DRV - [2010.12.21 13:47:38 | 000,095,384 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)

DRV - [2010.12.06 23:40:43 | 000,014,416 | ---- | M] (OpenLibSys.org) [Kernel | Auto | Running] -- C:\Users\MITKO\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries23.gadget\WinRing0.sys -- (WinRing0_1_2_0)

DRV - [2010.12.06 23:22:04 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)

DRV - [2010.12.06 21:25:46 | 000,030,264 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)

DRV - [2010.11.20 15:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)

DRV - [2010.11.20 15:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)

DRV - [2010.11.20 15:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)

DRV - [2010.11.20 13:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV - [2010.11.20 13:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV - [2010.11.20 13:06:36 | 000,117,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST)

DRV - [2010.11.20 12:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

DRV - [2010.11.20 12:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)

DRV - [2010.11.20 12:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)

DRV - [2010.05.15 16:30:50 | 000,461,400 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)

DRV - [2010.05.10 21:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2010.04.14 02:01:48 | 000,045,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)

DRV - [2010.02.17 21:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)

DRV - [2010.01.31 18:56:58 | 002,351,944 | ---- | M] (Digital Camera) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SPUVCBv.sys -- (SPUVCbv)

DRV - [2009.11.17 10:44:54 | 000,105,344 | ---- | M] (TCT International Mobile Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jrdusbser.sys -- (jrdusbser)

DRV - [2009.10.05 17:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)

DRV - [2009.08.07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP4a\WNt500x86\Sandra.sys -- (SANDRA)

DRV - [2009.07.20 20:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)

DRV - [2009.07.14 02:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)

DRV - [2009.07.14 02:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\serial.sys -- (Serial)

DRV - [2009.07.02 18:36:10 | 000,013,880 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys -- (ASMMAP)

DRV - [2009.06.29 16:48:06 | 000,212,000 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)

DRV - [2009.05.13 10:06:48 | 000,014,392 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)

DRV - [2009.04.06 10:13:52 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)

DRV - [2009.04.06 10:13:52 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)

DRV - [2009.03.27 02:16:28 | 000,012,672 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz132_x32.sys -- (cpuz132)

DRV - [2007.08.03 07:26:22 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)

DRV - [1996.04.03 22:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-4007395889-1011170634-872512969-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\MITKO\Downloads

IE - HKU\S-1-5-21-4007395889-1011170634-872512969-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKU\S-1-5-21-4007395889-1011170634-872512969-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/

IE - HKU\S-1-5-21-4007395889-1011170634-872512969-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/

IE - HKU\S-1-5-21-4007395889-1011170634-872512969-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = bg

IE - HKU\S-1-5-21-4007395889-1011170634-872512969-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 98 5B 6D 68 D8 95 CB 01 [binary data]

IE - HKU\S-1-5-21-4007395889-1011170634-872512969-1000\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - Reg Error: Key error. File not found

IE - HKU\S-1-5-21-4007395889-1011170634-872512969-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-4007395889-1011170634-872512969-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4007395889-1011170634-872512969-1006\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "ZoneAlarm Security Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2645238&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.selectedEngine: "Vbox7.com"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "about:home"

FF - prefs.js..extensions.enabledItems: bg-BG@dictionaries.addons.mozilla.org:4.3

FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.12

FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1

FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.5

FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2

FF - prefs.js..extensions.enabledItems: {463F6CA5-EE3C-4be1-B7E6-7FEE11953374}:4.3.0

FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.9

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3

FF - prefs.js..extensions.enabledItems: {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.3

FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906

FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2

FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.2.44026

FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2

FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16

FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20101009

FF - prefs.js..extensions.enabledItems: redshift_V2@shift-themes.com:3.6

FF - prefs.js..extensions.enabledItems: {66871bd1-5ba2-4739-b485-2a15f5969bd8}:2.20100123

FF - prefs.js..extensions.enabledItems: {c1dffba0-628e-11d9-9669-0800200c9a66}:3.6.3

FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2645238&SearchSource=2&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: File not found

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@inhatch.com,version=0.7.5: C:\Program Files\InhatchTeam\Inhatch\npinhatch.dll (Inhatch)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\MITKO\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\MITKO\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.22 08:41:56 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.24 20:18:32 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011.06.26 11:16:11 | 000,000,000 | ---D | M]

[2010.12.06 23:00:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MITKO\AppData\Roaming\mozilla\Extensions

[2010.12.06 23:00:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MITKO\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2011.07.29 20:53:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MITKO\AppData\Roaming\mozilla\Firefox\Profiles\odn736wr.default\extensions

[2011.07.16 16:57:51 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\MITKO\AppData\Roaming\mozilla\Firefox\Profiles\odn736wr.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}

[2011.07.16 16:57:52 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\MITKO\AppData\Roaming\mozilla\Firefox\Profiles\odn736wr.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}

[2011.03.15 11:27:20 | 000,000,000 | ---D | M] (Metal Lion - Brushed iCe) -- C:\Users\MITKO\AppData\Roaming\mozilla\Firefox\Profiles\odn736wr.default\extensions\{1BF7AC8B-3EE4-46be-AD8B-7F1FA1F3E15D}

[2011.03.15 11:27:20 | 000,000,000 | ---D | M] (PDF Download) -- C:\Users\MITKO\AppData\Roaming\mozilla\Firefox\Profiles\odn736wr.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}

[2011.07.28 12:12:15 | 000,000,000 | ---D | M] (FoxyTunes) -- C:\Users\MITKO\AppData\Roaming\mozilla\Firefox\Profiles\odn736wr.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}

[2011.03.15 11:27:28 | 000,000,000 | ---D | M] (MidnightFox) -- C:\Users\MITKO\AppData\Roaming\mozilla\Firefox\Profiles\odn736wr.default\extensions\{66871bd1-5ba2-4739-b485-2a15f5969bd8}

[2011.03.15 11:27:28 | 000,000,000 | ---D | M] (iFox Graphite) -- C:\Users\MITKO\AppData\Roaming\mozilla\Firefox\Profiles\odn736wr.default\extensions\{74b288e6-77b6-41c7-8138-bb81f4539689}

[2011.03.15 11:27:28 | 000,000,000 | ---D | M] (Blue Ice 2) -- C:\Users\MITKO\AppData\Roaming\mozilla\Firefox\Profiles\odn736wr.default\extensions\{a8dd47cf-239f-48c4-8379-e6b4cbafdcfa}

[2011.07.02 07:18:23 | 000,000,000 | ---D | M] (PitchDark) -- C:\Users\MITKO\AppData\Roaming\mozilla\Firefox\Profiles\odn736wr.default\extensions\{c1dffba0-628e-11d9-9669-0800200c9a66}

[2011.03.15 11:27:29 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\MITKO\AppData\Roaming\mozilla\Firefox\Profiles\odn736wr.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}

[2011.03.15 11:27:12 | 000,000,000 | ---D | M] (Bulgarian Dictionary) -- C:\Users\MITKO\AppData\Roaming\mozilla\Firefox\Profiles\odn736wr.default\extensions\bg-BG@dictionaries.addons.mozilla.org

[2011.03.15 11:27:18 | 000,000,000 | ---D | M] ("Bulgarian (BG) Language Pack") -- C:\Users\MITKO\AppData\Roaming\mozilla\Firefox\Profiles\odn736wr.default\extensions\langpack-bg-BG@firefox.mozilla.org

[2011.06.22 08:42:02 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\MITKO\AppData\Roaming\mozilla\Firefox\Profiles\odn736wr.default\extensions\piclens@cooliris.com

[2011.03.15 11:27:19 | 000,000,000 | ---D | M] (RedShift V3.6) -- C:\Users\MITKO\AppData\Roaming\mozilla\Firefox\Profiles\odn736wr.default\extensions\redshift_V2@shift-themes.com

[2011.03.15 11:27:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MITKO\AppData\Roaming\mozilla\Firefox\Profiles\odn736wr.default\extensions\{66871bd1-5ba2-4739-b485-2a15f5969bd8}\chrome\mozapps\extensions

[2011.03.15 11:27:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MITKO\AppData\Roaming\mozilla\Firefox\Profiles\odn736wr.default\extensions\{66871bd1-5ba2-4739-b485-2a15f5969bd8}\chrome\mozapps\extensions\CVS

[2010.09.23 17:20:46 | 000,001,819 | ---- | M] () -- C:\Users\MITKO\AppData\Roaming\Mozilla\Firefox\Profiles\odn736wr.default\searchplugins\bing.xml

[2011.06.30 21:25:46 | 000,000,939 | ---- | M] () -- C:\Users\MITKO\AppData\Roaming\Mozilla\Firefox\Profiles\odn736wr.default\searchplugins\conduit.xml

[2009.11.24 11:03:30 | 000,000,523 | ---- | M] () -- C:\Users\MITKO\AppData\Roaming\Mozilla\Firefox\Profiles\odn736wr.default\searchplugins\daemon-search.xml

[2009.08.05 17:38:28 | 000,000,938 | ---- | M] () -- C:\Users\MITKO\AppData\Roaming\Mozilla\Firefox\Profiles\odn736wr.default\searchplugins\facebook.xml

[2007.11.27 13:46:32 | 000,005,310 | ---- | M] () -- C:\Users\MITKO\AppData\Roaming\Mozilla\Firefox\Profiles\odn736wr.default\searchplugins\footiefox.xml

[2010.02.09 20:38:28 | 000,002,194 | ---- | M] () -- C:\Users\MITKO\AppData\Roaming\Mozilla\Firefox\Profiles\odn736wr.default\searchplugins\vbox7com.xml

[2010.03.03 14:20:22 | 000,001,196 | ---- | M] () -- C:\Users\MITKO\AppData\Roaming\Mozilla\Firefox\Profiles\odn736wr.default\searchplugins\winamp-search.xml

[2011.06.24 20:18:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[2011.06.22 08:41:56 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2011.06.24 20:18:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

File not found (No name found) --

() (No name found) -- C:\USERS\MITKO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODN736WR.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI

() (No name found) -- C:\USERS\MITKO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODN736WR.DEFAULT\EXTENSIONS\{3D7EB24F-2740-49DF-8937-200B1CC08F8A}.XPI

() (No name found) -- C:\USERS\MITKO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODN736WR.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI

() (No name found) -- C:\USERS\MITKO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODN736WR.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

() (No name found) -- C:\USERS\MITKO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODN736WR.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI

() (No name found) -- C:\USERS\MITKO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODN736WR.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI

[2011.06.22 08:41:55 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2007.04.10 18:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll

[2011.06.24 20:18:21 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2011.06.07 12:35:34 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll

[2011.06.30 21:30:14 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll

[2011.03.24 12:04:11 | 000,001,083 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\911bg.xml

[2011.03.24 12:04:11 | 000,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml

[2011.03.24 12:04:11 | 000,002,442 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\diribg.xml

[2011.03.24 12:04:11 | 000,002,364 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml

[2011.03.24 12:04:11 | 000,001,515 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pe-bg.xml

[2011.03.24 12:04:11 | 000,001,857 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\portalbgdict.xml

[2011.03.24 12:04:11 | 000,001,220 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-bg.xml

[2011.06.23 00:41:02 | 000,000,924 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2009.06.11 00:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)

O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-4007395889-1011170634-872512969-1000..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-4007395889-1011170634-872512969-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)

O4 - HKU\S-1-5-21-4007395889-1011170634-872512969-1006..\Run: [sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-4007395889-1011170634-872512969-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17

O7 - HKU\S-1-5-21-4007395889-1011170634-872512969-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O13 - gopher Prefix: missing

O15 - HKU\S-1-5-21-4007395889-1011170634-872512969-1000\..Trusted Domains: corpbank.bg ([rbweb] https in Надеждни сайтове)

O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)

O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab (BitDefender QuickScan Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)

O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.06.11 00:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: NTDS - File not found

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: NTDS - File not found

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: vsmon - C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)

SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

========== Files/Folders - Created Within 90 Days ==========

[2011.07.30 09:41:23 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\MITKO\Desktop\OTL.exe

[2011.07.24 17:04:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony Ericsson

[2011.07.24 17:04:35 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson

[2011.07.24 01:05:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 4

[2011.07.24 01:04:29 | 000,000,000 | ---D | C] -- C:\Users\MITKO\AppData\Roaming\IObit

[2011.07.24 01:04:24 | 000,000,000 | ---D | C] -- C:\Program Files\IObit

[2011.07.23 12:16:00 | 000,000,000 | ---D | C] -- C:\Users\MITKO\AppData\Roaming\NVIDIA

[2011.07.23 09:06:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft

[2011.07.23 09:00:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx

[2011.07.23 09:00:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware

[2011.07.23 09:00:05 | 000,000,000 | ---D | C] -- C:\Program Files\SiSoftware

[2011.07.23 08:58:15 | 057,276,224 | ---- | C] (SiSoftware ) -- C:\Users\MITKO\Desktop\san1772-[Guru3D.com].exe

[2011.07.20 12:32:47 | 000,000,000 | ---D | C] -- C:\Users\MITKO\Desktop\KTB

[2011.07.20 08:29:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack

[2011.07.20 08:29:51 | 000,232,448 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\mp3fhg.acm

[2011.07.20 08:29:51 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm

[2011.07.20 08:29:50 | 000,237,568 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll

[2011.07.20 08:29:46 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack

[2011.07.20 08:28:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

[2011.07.20 08:23:59 | 003,693,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll

[2011.07.20 08:23:59 | 002,560,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll

[2011.07.20 08:23:59 | 002,557,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll

[2011.07.20 08:23:59 | 000,543,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\easyupdatusapiu.dll

[2011.07.20 08:23:59 | 000,301,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhotkey.dll

[2011.07.20 08:23:59 | 000,111,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll

[2011.07.20 08:23:59 | 000,066,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll

[2011.07.20 08:23:41 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation

[2011.07.20 08:23:12 | 000,865,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdagenco322040.dll

[2011.07.20 08:23:12 | 000,139,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys

[2011.07.20 08:23:12 | 000,026,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdap32.dll

[2011.07.20 08:23:10 | 016,456,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll

[2011.07.20 08:23:10 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll

[2011.07.20 08:23:10 | 011,992,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll

[2011.07.20 08:23:10 | 010,589,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys

[2011.07.20 08:23:10 | 006,555,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll

[2011.07.20 08:23:10 | 005,301,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll

[2011.07.20 08:23:10 | 002,804,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll

[2011.07.20 08:23:10 | 002,335,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll

[2011.07.20 08:23:10 | 002,082,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll

[2011.07.20 08:23:10 | 000,899,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3220150.dll

[2011.07.20 08:23:10 | 000,865,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322090.dll

[2011.07.20 08:23:10 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

[2011.07.20 08:23:10 | 000,012,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd

[2011.07.20 08:22:47 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation

[2011.07.20 08:22:17 | 000,000,000 | ---D | C] -- C:\NVIDIA

[2011.07.18 22:24:16 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab

[2011.07.18 22:24:13 | 000,000,000 | ---D | C] -- C:\Users\MITKO\AppData\Roaming\SystemRequirementsLab

[2011.07.17 21:36:40 | 000,000,000 | ---D | C] -- C:\Users\MITKO\AppData\Local\Adobe

[2011.07.14 21:52:19 | 000,000,000 | ---D | C] -- C:\Users\MITKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan

[2011.07.14 21:52:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan

[2011.07.11 18:44:18 | 000,000,000 | ---D | C] -- C:\Users\MITKO\Desktop\dVision HD Wallpapers V.13

[2011.07.09 16:20:13 | 000,000,000 | ---D | C] -- C:\Users\MITKO\Documents\ForceField Shared Files

[2011.07.09 16:20:13 | 000,000,000 | ---D | C] -- C:\Users\MITKO\AppData\Roaming\CheckPoint

[2011.07.09 16:19:50 | 000,000,000 | ---D | C] -- C:\Users\MITKO\AppData\Local\Conduit

[2011.07.09 16:19:37 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint

[2011.07.09 16:19:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZoneAlarm

[2011.07.09 16:19:33 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsregexp.dll

[2011.07.09 16:19:24 | 000,104,448 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\zlcommdb.dll

[2011.07.09 16:19:24 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\zlcomm.dll

[2011.07.09 16:19:21 | 000,043,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vswmi.dll

[2011.07.09 16:19:18 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\zpeng25.dll

[2011.07.09 16:19:18 | 000,302,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vspubapi.dll

[2011.07.09 16:19:18 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsxml.dll

[2011.07.09 16:19:17 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsdata.dll

[2011.07.09 16:19:17 | 000,108,032 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsmonapi.dll

[2011.07.09 16:19:12 | 000,461,400 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\drivers\vsdatant.sys

[2011.07.09 16:19:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\ZoneLabs

[2011.07.09 16:19:11 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs

[2011.07.09 16:18:29 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint

[2011.07.09 16:18:28 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs

[2011.07.09 16:18:27 | 000,715,264 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsutil.dll

[2011.07.09 16:18:27 | 000,228,864 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsinit.dll

[2011.07.02 13:43:45 | 000,000,000 | ---D | C] -- C:\Users\MITKO\Desktop\dVision HD Wallpapers V.12

[2011.07.02 07:13:29 | 000,000,000 | ---D | C] -- C:\Users\MITKO\AppData\Local\uTorrent

[2011.07.01 07:15:15 | 000,000,000 | ---D | C] -- C:\Users\MITKO\Desktop\Inna-Club_Rocker-WEB-720p-x264-2011-FRAY_INT

[2011.06.27 08:28:23 | 000,000,000 | ---D | C] -- C:\Windows\Minidump

[2011.06.26 09:07:48 | 000,000,000 | ---D | C] -- C:\Users\MITKO\Desktop\wallpapers

[2011.06.25 09:22:44 | 000,000,000 | ---D | C] -- C:\Users\MITKO\AppData\Roaming\f-secure

[2011.06.25 09:22:35 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure

[2011.06.24 20:18:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2011.06.24 20:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2011.06.24 20:18:32 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll

[2011.06.24 20:18:32 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2011.06.24 20:18:32 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2011.06.24 20:18:32 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2011.06.24 20:18:19 | 000,000,000 | ---D | C] -- C:\Program Files\Java

[2011.06.23 13:27:42 | 000,000,000 | ---D | C] -- C:\Users\MITKO\Desktop\КолаЗаМЕРИ

[2011.06.23 12:17:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared

[2011.06.23 12:13:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec

[2011.06.23 12:13:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton

[2011.06.23 12:13:38 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller

[2011.06.23 08:38:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab

[2011.06.19 15:36:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIVACOM 3G USB MODEM

[2011.06.19 15:36:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DeviceHelper

[2011.06.19 15:36:16 | 000,000,000 | ---D | C] -- C:\Program Files\VIVACOM 3G USB MODEM

[2011.06.19 09:35:02 | 000,000,000 | ---D | C] -- C:\Users\MITKO\AppData\Roaming\Earth Alerts

[2011.06.18 13:20:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

[2011.06.17 20:59:59 | 000,105,344 | ---- | C] (TCT International Mobile Ltd) -- C:\Windows\System32\drivers\jrdusbser.sys

[2011.06.17 20:59:58 | 000,103,424 | ---- | C] (Thesycon GmbH) -- C:\Windows\System32\MyDIT_GenClassCoInst.dll

[2011.06.17 14:56:39 | 000,000,000 | ---D | C] -- C:\Users\MITKO\Desktop\dVision HD Wallpapers V.5

[2011.06.13 17:10:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

[2011.06.10 21:23:11 | 000,000,000 | ---D | C] -- C:\Users\MITKO\Desktop\ploutarxos-den einai o erwtas paidi ths ligikhs

[2011.06.07 18:32:47 | 000,000,000 | ---D | C] -- C:\Users\MITKO\Documents\The KMPlayer

[2011.06.04 10:36:37 | 000,000,000 | ---D | C] -- C:\dsp_sps

[2011.06.01 17:19:09 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan

[2011.05.31 20:14:29 | 000,000,000 | ---D | C] -- C:\Users\MITKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

[2011.05.31 20:14:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

[2011.05.24 15:50:08 | 000,000,000 | ---D | C] -- C:\Users\MITKO\Desktop\hd_other_toshiba_greece

[2011.05.24 10:52:02 | 000,000,000 | ---D | C] -- C:\Users\MITKO\AppData\Roaming\SUPERAntiSpyware.com

[2011.05.24 10:52:02 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com

[2011.05.24 10:51:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

[2011.05.24 10:51:55 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware

[2011.05.19 19:56:00 | 000,000,000 | R--D | C] -- C:\Users\MITKO\Dropbox

[2011.05.19 19:54:01 | 000,000,000 | ---D | C] -- C:\Users\MITKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

[2011.05.19 19:53:38 | 000,000,000 | ---D | C] -- C:\Users\MITKO\AppData\Roaming\Dropbox

[2011.05.16 07:23:25 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2011.05.14 10:12:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\save2pc

[2011.05.14 10:12:44 | 000,000,000 | ---D | C] -- C:\Program Files\FDRLab

[2011.05.12 21:49:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET

[2011.05.12 21:49:33 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET

[2011.05.12 21:49:33 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2011.05.12 14:24:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3 Knife

[2011.05.12 14:24:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mp3 Knife

[2011.05.12 14:22:19 | 000,000,000 | ---D | C] -- C:\Users\MITKO\AppData\Local\ESET

[2011.05.06 17:16:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3

[2011.05.02 19:47:12 | 000,000,000 | ---D | C] -- C:\Users\MITKO\AppData\Local\Nero_AG

[2011.05.02 19:47:01 | 000,000,000 | ---D | C] -- C:\Users\MITKO\AppData\Roaming\Nero

[2011.05.02 19:46:53 | 000,000,000 | ---D | C] -- C:\Users\MITKO\AppData\Local\Nero

[2011.05.02 19:45:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero

[2010.12.07 21:17:23 | 000,013,880 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys

========== Files - Modified Within 90 Days ==========

[2011.07.30 09:43:00 | 000,001,008 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4007395889-1011170634-872512969-1000UA.job

[2011.07.30 09:41:26 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\MITKO\Desktop\OTL.exe

[2011.07.30 09:30:23 | 000,013,632 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011.07.30 09:30:23 | 000,013,632 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011.07.30 09:25:20 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011.07.30 09:25:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011.07.30 09:25:01 | 2817,994,752 | -HS- | M] () -- C:\hiberfil.sys

[2011.07.30 09:08:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011.07.30 08:40:19 | 000,049,097 | ---- | M] () -- C:\Users\MITKO\Documents\Efbet30073.pdf

[2011.07.30 08:34:08 | 000,049,204 | ---- | M] () -- C:\Users\MITKO\Documents\Efbet30072.pdf

[2011.07.30 08:28:48 | 000,048,355 | ---- | M] () -- C:\Users\MITKO\Documents\Efbet30071.pdf

[2011.07.29 23:12:11 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4007395889-1011170634-872512969-1000Core.job

[2011.07.28 15:37:04 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011.07.28 15:37:04 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011.07.26 17:31:15 | 000,047,634 | ---- | M] () -- C:\Users\MITKO\Desktop\scan0002.jpg

[2011.07.24 19:13:32 | 000,007,666 | ---- | M] () -- C:\Users\MITKO\AppData\Local\Resmon.ResmonCfg

[2011.07.24 17:04:39 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ggsemc_01007.Wdf

[2011.07.24 09:59:37 | 000,001,443 | ---- | M] () -- C:\Windows\System32\ServiceFilter.ini

[2011.07.24 09:59:36 | 000,002,078 | ---- | M] () -- C:\Windows\System32\AutoRunFilter.ini

[2011.07.23 21:33:25 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2011.07.23 12:25:44 | 011,194,368 | ---- | M] () -- C:\Users\MITKO\AppData\Roaming\Sandra.mdb

[2011.07.23 09:00:13 | 000,001,336 | ---- | M] () -- C:\Users\Public\Desktop\SiSoftware Sandra Lite 2011.SP4a.lnk

[2011.07.23 08:59:12 | 057,276,224 | ---- | M] (SiSoftware ) -- C:\Users\MITKO\Desktop\san1772-[Guru3D.com].exe

[2011.07.20 17:33:35 | 000,878,885 | ---- | M] () -- C:\Users\MITKO\Desktop\Playwin-Yabb.mp3

[2011.07.20 17:29:04 | 000,716,317 | ---- | M] () -- C:\Users\MITKO\Desktop\Yabb.mp3

[2011.07.20 17:22:28 | 010,796,929 | ---- | M] () -- C:\Users\MITKO\Desktop\Play_&_Win_-_Yabb.mp3

[2011.07.20 08:19:34 | 000,000,000 | ---- | M] () -- C:\Users\MITKO\AppData\Local\{DD9DBE12-43B7-4004-8951-7353B8F9DAE2}

[2011.07.14 21:52:19 | 000,000,965 | ---- | M] () -- C:\Users\MITKO\Desktop\SpeedFan.lnk

[2011.07.14 21:52:18 | 000,000,045 | ---- | M] () -- C:\Windows\System32\initdebug.nfo

[2011.07.14 10:45:35 | 000,257,930 | ---- | M] () -- C:\Users\MITKO\Documents\Mobile.bg – Българският автомобилен пазар_ нови и втора употреба автомобили, джипове, камиони, мотоциклети...pdf

[2011.07.13 17:51:40 | 000,002,397 | ---- | M] () -- C:\Users\MITKO\Desktop\Google Chrome.lnk

[2011.07.12 20:21:00 | 000,406,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011.07.09 16:20:27 | 000,421,442 | -H-- | M] () -- C:\Windows\System32\drivers\vsconfig.xml

[2011.07.09 11:10:48 | 000,188,901 | ---- | M] () -- C:\Users\MITKO\Desktop\CSKA_11-12_kits.png

[2011.07.09 11:00:25 | 000,485,397 | ---- | M] () -- C:\Users\MITKO\Desktop\CSKA2011.png

[2011.07.07 09:21:42 | 002,669,572 | ---- | M] () -- C:\Users\MITKO\Desktop\SPRAVOCHNIK_2011_sait.pdf

[2011.07.04 20:45:35 | 000,091,264 | ---- | M] () -- C:\Windows\System32\drivers\archlp.sys

[2011.07.02 07:14:24 | 000,000,937 | ---- | M] () -- C:\Users\MITKO\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk

[2011.07.02 07:14:24 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk

[2011.07.01 07:18:18 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk

[2011.06.24 20:18:20 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll

[2011.06.24 20:18:20 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2011.06.24 20:18:20 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2011.06.24 20:18:20 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2011.06.23 18:07:44 | 000,000,024 | ---- | M] () -- C:\Windows\ATKPF.ini

[2011.06.23 11:56:35 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe

[2011.06.22 08:42:48 | 000,001,994 | ---- | M] () -- C:\Users\MITKO\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2011.06.19 15:36:18 | 000,001,079 | ---- | M] () -- C:\Users\MITKO\Desktop\VIVACOM 3G USB MODEM.lnk

[2011.06.18 13:20:38 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

[2011.06.16 11:00:00 | 000,073,216 | ---- | M] () -- C:\Windows\System32\ff_vfw.dll

[2011.06.16 11:00:00 | 000,000,038 | ---- | M] () -- C:\Windows\avisplitter.ini

[2011.06.13 17:10:34 | 000,002,170 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk

[2011.06.02 03:15:52 | 000,243,200 | ---- | M] () -- C:\Windows\System32\xvidvfw.dll

[2011.06.02 03:10:30 | 000,644,608 | ---- | M] () -- C:\Windows\System32\xvidcore.dll

[2011.05.31 21:34:51 | 001,583,327 | ---- | M] () -- C:\Users\MITKO\Documents\Безжичен рутер вкъщи - избор, инсталация, настройка - Spectrum Net форуми.pdf

[2011.05.30 21:46:31 | 000,001,017 | ---- | M] () -- C:\Users\MITKO\Desktop\Dropbox.lnk

[2011.05.21 09:01:00 | 016,456,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll

[2011.05.21 09:01:00 | 013,011,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll

[2011.05.21 09:01:00 | 011,992,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll

[2011.05.21 09:01:00 | 010,589,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys

[2011.05.21 09:01:00 | 006,555,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll

[2011.05.21 09:01:00 | 005,301,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll

[2011.05.21 09:01:00 | 003,693,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll

[2011.05.21 09:01:00 | 002,804,328 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll

[2011.05.21 09:01:00 | 002,560,616 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll

[2011.05.21 09:01:00 | 002,557,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll

[2011.05.21 09:01:00 | 002,335,848 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll

[2011.05.21 09:01:00 | 002,082,408 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll

[2011.05.21 09:01:00 | 000,899,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3220150.dll

[2011.05.21 09:01:00 | 000,865,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322090.dll

[2011.05.21 09:01:00 | 000,543,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\easyupdatusapiu.dll

[2011.05.21 09:01:00 | 000,301,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvhotkey.dll

[2011.05.21 09:01:00 | 000,111,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll

[2011.05.21 09:01:00 | 000,066,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll

[2011.05.21 09:01:00 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

[2011.05.21 09:01:00 | 000,012,392 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd

[2011.05.21 09:01:00 | 000,004,364 | ---- | M] () -- C:\Windows\System32\nvinfo.pb

[2011.05.20 22:35:28 | 000,304,744 | ---- | M] () -- C:\Windows\System32\nvStreaming.exe

[2011.05.19 14:39:53 | 000,000,020 | RHS- | M] () -- C:\win7.ld

[2011.05.19 14:39:52 | 000,324,408 | RHS- | M] () -- C:\ACDRK

[2011.05.14 12:31:59 | 1070,311,118 | ---- | M] () -- C:\Users\MITKO\Documents\LIVE 2011 ALPHA VAGGELIS.avi

[2011.05.14 10:12:45 | 000,001,096 | ---- | M] () -- C:\Users\MITKO\Desktop\save2pc Light.lnk

[2011.05.12 14:24:02 | 000,000,923 | ---- | M] () -- C:\Users\MITKO\Desktop\Mp3 Knife.lnk

[2011.05.10 12:41:32 | 000,026,216 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvhdap32.dll

[2011.05.10 12:41:28 | 000,139,368 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys

[2011.05.10 12:41:26 | 000,865,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvhdagenco322040.dll

[2011.05.06 17:16:51 | 000,001,088 | ---- | M] () -- C:\Users\MITKO\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk

[2011.05.06 17:16:51 | 000,001,064 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk

========== Files Created - No Company Name ==========

[2011.07.30 08:40:18 | 000,049,097 | ---- | C] () -- C:\Users\MITKO\Documents\Efbet30073.pdf

[2011.07.30 08:34:06 | 000,049,204 | ---- | C] () -- C:\Users\MITKO\Documents\Efbet30072.pdf

[2011.07.30 08:28:46 | 000,048,355 | ---- | C] () -- C:\Users\MITKO\Documents\Efbet30071.pdf

[2011.07.26 17:00:18 | 000,047,634 | ---- | C] () -- C:\Users\MITKO\Desktop\scan0002.jpg

[2011.07.24 17:04:39 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ggsemc_01007.Wdf

[2011.07.23 09:07:58 | 011,194,368 | ---- | C] () -- C:\Users\MITKO\AppData\Roaming\Sandra.mdb

[2011.07.23 09:00:13 | 000,001,336 | ---- | C] () -- C:\Users\Public\Desktop\SiSoftware Sandra Lite 2011.SP4a.lnk

[2011.07.20 17:33:10 | 000,878,885 | ---- | C] () -- C:\Users\MITKO\Desktop\Playwin-Yabb.mp3

[2011.07.20 17:28:45 | 000,716,317 | ---- | C] () -- C:\Users\MITKO\Desktop\Yabb.mp3

[2011.07.20 17:26:02 | 010,796,929 | ---- | C] () -- C:\Users\MITKO\Desktop\Play_&_Win_-_Yabb.mp3

[2011.07.20 08:29:54 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini

[2011.07.20 08:29:50 | 000,644,608 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2011.07.20 08:29:50 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2011.07.20 08:29:50 | 000,073,216 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2011.07.20 08:23:10 | 000,004,364 | ---- | C] () -- C:\Windows\System32\nvinfo.pb

[2011.07.20 08:19:34 | 000,000,000 | ---- | C] () -- C:\Users\MITKO\AppData\Local\{DD9DBE12-43B7-4004-8951-7353B8F9DAE2}

[2011.07.14 21:52:19 | 000,000,965 | ---- | C] () -- C:\Users\MITKO\Desktop\SpeedFan.lnk

[2011.07.14 10:45:34 | 000,257,930 | ---- | C] () -- C:\Users\MITKO\Documents\Mobile.bg – Българският автомобилен пазар_ нови и втора употреба автомобили, джипове, камиони, мотоциклети...pdf

[2011.07.09 16:19:11 | 000,421,442 | -H-- | C] () -- C:\Windows\System32\drivers\vsconfig.xml

[2011.07.09 11:10:48 | 000,188,901 | ---- | C] () -- C:\Users\MITKO\Desktop\CSKA_11-12_kits.png

[2011.07.09 11:00:39 | 000,485,397 | ---- | C] () -- C:\Users\MITKO\Desktop\CSKA2011.png

[2011.07.07 09:21:42 | 002,669,572 | ---- | C] () -- C:\Users\MITKO\Desktop\SPRAVOCHNIK_2011_sait.pdf

[2011.07.04 20:45:35 | 000,091,264 | ---- | C] () -- C:\Windows\System32\drivers\archlp.sys

[2011.06.19 15:36:18 | 000,001,079 | ---- | C] () -- C:\Users\MITKO\Desktop\VIVACOM 3G USB MODEM.lnk

[2011.06.18 13:20:38 | 000,002,503 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk

[2011.06.13 17:10:34 | 000,002,170 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk

[2011.06.08 19:59:01 | 148,943,438 | ---- | C] () -- C:\Users\MITKO\Desktop\Inna-Love-720p-x264-2009-Lame.mkv

[2011.06.01 17:19:08 | 000,000,045 | ---- | C] () -- C:\Windows\System32\initdebug.nfo

[2011.05.31 21:34:45 | 001,583,327 | ---- | C] () -- C:\Users\MITKO\Documents\Безжичен рутер вкъщи - избор, инсталация, настройка - Spectrum Net форуми.pdf

[2011.05.20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe

[2011.05.19 19:56:00 | 000,001,017 | ---- | C] () -- C:\Users\MITKO\Desktop\Dropbox.lnk

[2011.05.19 14:39:53 | 000,000,020 | RHS- | C] () -- C:\win7.ld

[2011.05.19 14:39:52 | 000,324,408 | RHS- | C] () -- C:\ACDRK

[2011.05.14 11:14:06 | 1070,311,118 | ---- | C] () -- C:\Users\MITKO\Documents\LIVE 2011 ALPHA VAGGELIS.avi

[2011.05.14 10:12:45 | 000,001,096 | ---- | C] () -- C:\Users\MITKO\Desktop\save2pc Light.lnk

[2011.05.12 14:24:02 | 000,000,923 | ---- | C] () -- C:\Users\MITKO\Desktop\Mp3 Knife.lnk

[2011.05.06 17:16:51 | 000,001,088 | ---- | C] () -- C:\Users\MITKO\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk

[2011.05.06 17:16:51 | 000,001,064 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk

[2011.03.28 18:49:13 | 000,001,498 | ---- | C] () -- C:\Windows\hpomdl14.dat.temp

[2011.03.21 13:22:06 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll

[2011.02.23 10:30:29 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe

[2011.02.23 10:27:57 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

[2011.01.29 23:20:32 | 000,007,666 | ---- | C] () -- C:\Users\MITKO\AppData\Local\Resmon.ResmonCfg

[2010.12.09 15:42:55 | 000,080,584 | ---- | C] () -- C:\Windows\SPRemove_x64.exe

[2010.12.09 15:42:55 | 000,072,904 | ---- | C] () -- C:\Windows\SPRemove.exe

[2010.12.09 15:42:55 | 000,001,580 | ---- | C] () -- C:\Windows\Remove.ini

[2010.12.07 21:18:12 | 000,000,520 | R--- | C] () -- C:\Windows\System32\drivers\SAMSFPA.DAT

[2010.12.07 15:09:07 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe

[2010.12.07 09:54:03 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010.12.06 23:00:27 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2010.12.06 22:14:25 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2010.12.06 21:36:54 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini

[2010.12.06 21:29:35 | 000,002,078 | ---- | C] () -- C:\Windows\System32\AutoRunFilter.ini

[2010.12.06 21:29:35 | 000,001,443 | ---- | C] () -- C:\Windows\System32\ServiceFilter.ini

[2010.12.06 21:29:35 | 000,000,105 | ---- | C] () -- C:\Windows\System32\FastBoot.ini

[2010.12.06 21:29:35 | 000,000,080 | ---- | C] () -- C:\Windows\System32\Defrag.ini

[2010.12.06 21:29:35 | 000,000,052 | ---- | C] () -- C:\Windows\System32\RemoveFont.ini

[2010.12.06 21:29:35 | 000,000,015 | ---- | C] () -- C:\Windows\System32\BootTime.ini

[2009.07.14 07:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009.07.14 07:33:53 | 000,406,272 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2009.07.14 05:05:48 | 000,616,008 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2009.07.14 05:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2009.07.14 05:05:48 | 000,106,388 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2009.07.14 05:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2009.07.14 05:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2009.07.14 05:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2009.07.14 02:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009.07.14 02:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009.07.14 02:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2009.06.11 00:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[1996.04.03 22:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2010.12.09 15:09:51 | 000,000,000 | ---D | M] -- C:\Users\MITKO\AppData\Roaming\ASUS Drivers Update Utility

[2011.07.09 16:20:13 | 000,000,000 | ---D | M] -- C:\Users\MITKO\AppData\Roaming\CheckPoint

[2011.06.28 06:34:15 | 000,000,000 | ---D | M] -- C:\Users\MITKO\AppData\Roaming\DAEMON Tools Lite

[2011.06.17 16:27:52 | 000,000,000 | ---D | M] -- C:\Users\MITKO\AppData\Roaming\Dropbox

[2011.06.22 23:10:32 | 000,000,000 | ---D | M] -- C:\Users\MITKO\AppData\Roaming\Earth Alerts

[2011.04.01 08:39:04 | 000,000,000 | ---D | M] -- C:\Users\MITKO\AppData\Roaming\eTeks

[2011.06.25 09:22:44 | 000,000,000 | ---D | M] -- C:\Users\MITKO\AppData\Roaming\f-secure

[2011.07.16 22:23:20 | 000,000,000 | ---D | M] -- C:\Users\MITKO\AppData\Roaming\goalbit

[2011.07.24 11:18:46 | 000,000,000 | ---D | M] -- C:\Users\MITKO\AppData\Roaming\IObit

[2011.02.06 13:33:06 | 000,000,000 | ---D | M] -- C:\Users\MITKO\AppData\Roaming\Opera

[2011.04.13 00:50:50 | 000,000,000 | ---D | M] -- C:\Users\MITKO\AppData\Roaming\Panda Security

[2011.07.09 12:50:01 | 000,000,000 | ---D | M] -- C:\Users\MITKO\AppData\Roaming\PCToolsFirewallPlus

[2011.03.27 14:03:14 | 000,000,000 | ---D | M] -- C:\Users\MITKO\AppData\Roaming\Process Hacker 2

[2010.12.07 11:15:14 | 000,000,000 | ---D | M] -- C:\Users\MITKO\AppData\Roaming\Softland

[2011.07.18 22:24:17 | 000,000,000 | ---D | M] -- C:\Users\MITKO\AppData\Roaming\SystemRequirementsLab

[2011.07.21 20:59:07 | 000,000,000 | ---D | M] -- C:\Users\MITKO\AppData\Roaming\TuneUp Software

[2011.07.30 09:40:35 | 000,000,000 | ---D | M] -- C:\Users\MITKO\AppData\Roaming\uTorrent

[2010.12.11 22:22:29 | 000,000,000 | ---D | M] -- C:\Users\MITKO\AppData\Roaming\WinAVI

[2011.03.31 12:22:54 | 000,000,000 | ---D | M] -- C:\Users\MITKO\AppData\Roaming\Zbshareware Lab

[2011.07.20 16:40:02 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%*.* >

[2011.05.19 14:39:52 | 000,324,408 | RHS- | M] () -- C:\ACDRK

[2009.06.11 00:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2010.11.20 15:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr

[2010.12.07 12:56:47 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK

[2010.12.09 22:01:39 | 000,438,840 | RHS- | M] () -- C:\bootxe1

[2009.06.11 00:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys

[2011.07.30 09:25:01 | 2817,994,752 | -HS- | M] () -- C:\hiberfil.sys

[2011.07.30 09:25:01 | 4071,903,232 | -HS- | M] () -- C:\pagefile.sys

[2007.11.14 10:18:40 | 000,000,553 | ---- | M] () -- C:\USETUP.ISS

[2011.05.19 14:39:53 | 000,000,020 | RHS- | M] () -- C:\win7.ld

[2010.12.09 22:01:39 | 000,204,528 | RHS- | M] () -- C:\XELD1

[2010.12.09 22:01:39 | 000,009,216 | RHS- | M] () -- C:\XELD1.1st

< %USERPROFILE%*.* >

[2011.07.30 09:45:46 | 002,883,584 | -HS- | M] () -- C:\Users\MITKO\ntuser.dat

[2011.07.30 09:45:46 | 000,262,144 | -HS- | M] () -- C:\Users\MITKO\ntuser.dat.LOG1

[2010.12.07 21:05:15 | 000,000,000 | -HS- | M] () -- C:\Users\MITKO\ntuser.dat.LOG2

[2011.04.09 18:59:27 | 000,000,000 | -HS- | M] () -- C:\Users\MITKO\NTUSER.DAT_tureg_new.LOG1

[2011.04.09 18:59:27 | 000,000,000 | -HS- | M] () -- C:\Users\MITKO\NTUSER.DAT_tureg_new.LOG2

[2011.07.15 17:17:33 | 002,359,296 | -HS- | M] () -- C:\Users\MITKO\NTUSER.DAT_tureg_old

[2011.07.16 00:33:39 | 000,065,536 | -HS- | M] () -- C:\Users\MITKO\ntuser.dat{0ba2e225-af0b-11e0-ac3e-806e6f6e6963}.TM.blf

[2011.07.16 00:33:39 | 000,524,288 | -HS- | M] () -- C:\Users\MITKO\ntuser.dat{0ba2e225-af0b-11e0-ac3e-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms

[2011.07.16 00:33:39 | 000,524,288 | -HS- | M] () -- C:\Users\MITKO\ntuser.dat{0ba2e225-af0b-11e0-ac3e-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms

[2011.04.09 19:05:31 | 000,065,536 | -HS- | M] () -- C:\Users\MITKO\ntuser.dat{24aaf543-62c2-11e0-b34b-806e6f6e6963}.TM.blf

[2011.04.09 19:05:31 | 000,524,288 | -HS- | M] () -- C:\Users\MITKO\ntuser.dat{24aaf543-62c2-11e0-b34b-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms

[2011.04.09 19:05:31 | 000,524,288 | -HS- | M] () -- C:\Users\MITKO\ntuser.dat{24aaf543-62c2-11e0-b34b-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms

[2011.04.13 01:46:26 | 000,065,536 | -HS- | M] () -- C:\Users\MITKO\ntuser.dat{28140d56-654e-11e0-bcd5-485b39293396}.TM.blf

[2011.04.13 01:46:26 | 000,524,288 | -HS- | M] () -- C:\Users\MITKO\ntuser.dat{28140d56-654e-11e0-bcd5-485b39293396}.TMContainer00000000000000000001.regtrans-ms

[2011.04.13 01:46:26 | 000,524,288 | -HS- | M] () -- C:\Users\MITKO\ntuser.dat{28140d56-654e-11e0-bcd5-485b39293396}.TMContainer00000000000000000002.regtrans-ms

[2011.04.13 00:49:17 | 000,065,536 | -HS- | M] () -- C:\Users\MITKO\ntuser.dat{3550be45-6528-11e0-84c0-485b39293396}.TM.blf

[2011.04.13 00:49:17 | 000,524,288 | -HS- | M] () -- C:\Users\MITKO\ntuser.dat{3550be45-6528-11e0-84c0-485b39293396}.TMContainer00000000000000000001.regtrans-ms

[2011.04.13 00:49:17 | 000,524,288 | -HS- | M] () -- C:\Users\MITKO\ntuser.dat{3550be45-6528-11e0-84c0-485b39293396}.TMContainer00000000000000000002.regtrans-ms

[2010.12.07 21:15:48 | 000,065,536 | -HS- | M] () -- C:\Users\MITKO\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf

[2010.12.07 21:15:48 | 000,524,288 | -HS- | M] () -- C:\Users\MITKO\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms

[2010.12.07 21:15:48 | 000,524,288 | -HS- | M] () -- C:\Users\MITKO\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms

[2011.06.12 18:01:11 | 000,065,536 | -HS- | M] () -- C:\Users\MITKO\ntuser.dat{a528e4c5-9503-11e0-affe-806e6f6e6963}.TM.blf

[2011.06.12 18:01:11 | 000,524,288 | -HS- | M] () -- C:\Users\MITKO\ntuser.dat{a528e4c5-9503-11e0-affe-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms

[2011.06.12 18:01:11 | 000,524,288 | -HS- | M] () -- C:\Users\MITKO\ntuser.dat{a528e4c5-9503-11e0-affe-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms

[2011.01.08 16:12:07 | 000,065,536 | -HS- | M] () -- C:\Users\MITKO\ntuser.dat{f7e2b6b6-1af3-11e0-b65a-485b39293396}.TM.blf

[2011.01.08 16:12:07 | 000,524,288 | -HS- | M] () -- C:\Users\MITKO\ntuser.dat{f7e2b6b6-1af3-11e0-b65a-485b39293396}.TMContainer00000000000000000001.regtrans-ms

[2011.01.08 16:12:07 | 000,524,288 | -HS- | M] () -- C:\Users\MITKO\ntuser.dat{f7e2b6b6-1af3-11e0-b65a-485b39293396}.TMContainer00000000000000000002.regtrans-ms

[2010.12.07 21:05:16 | 000,000,020 | -HS- | M] () -- C:\Users\MITKO\ntuser.ini

< %USERPROFILE%Application Data*.* >

< %USERPROFILE%Local SettingsApplication Data*.* >

< %AllUsersProfile%*.* >

[2010.12.07 09:54:03 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat

< %AllUsersProfile%Application Data*.* >

< %USERPROFILE%My Documents*.* >

< %CommonProgramFiles%*.* >

< %PROGRAMFILES%*.* >

[2009.07.14 07:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %systemroot%system32*.dll /lockedfiles >

< %systemroot%Tasks*.job /lockedfiles >

< %systemroot%system32drivers*.sys /90 >

< %systemroot%system32drivers*.sys /lockedfiles >

< %systemroot%system32Spoolprtprocsw32x86*.dll >

< MD5 for: EXPLORER.EXE >

[2011.02.26 08:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe

[2009.07.14 04:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe

[2011.02.26 08:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe

[2009.10.31 08:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe

[2011.02.26 08:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe

[2010.11.20 15:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe

[2011.02.25 08:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe

[2011.02.25 08:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

[2009.08.03 08:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe

[2009.08.03 08:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe

[2009.10.31 09:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: USERINIT.EXE >

[2010.11.20 15:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe

[2010.11.20 15:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

[2009.07.14 04:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: VOLSNAP.SYS >

[2009.07.14 04:19:10 | 000,245,328 | ---- | M] (Microsoft Corporation) MD5=58DF9D2481A56EDDE167E51B334D44FD -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_158d0da45d68903e\volsnap.sys

[2010.11.20 15:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\drivers\volsnap.sys

[2010.11.20 15:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_neutral_6dee0205881d1a1d\volsnap.sys

[2010.11.20 15:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys

< MD5 for: WININIT.EXE >

[2009.07.14 04:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe

[2009.07.14 04:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >

[2009.10.28 09:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe

[2009.10.28 08:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe

[2010.11.20 15:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe

[2010.11.20 15:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe

[2009.07.14 04:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

========== Files - Unicode (All) ==========

[2011.04.09 17:52:09 | 000,000,000 | ---D | M](C:\Users\MITKO\Desktop\?????? ???????? - ??? ?????? ???? (04-2011)) -- C:\Users\MITKO\Desktop\ΤΕΡΖΗΣ ΠΑΣΧΑΛΗΣ - ΔΥΟ ΝΥΧΤΕΣ ΜΟΝΟ (04-2011)

[2011.04.08 08:19:38 | 000,000,000 | ---D | C](C:\Users\MITKO\Desktop\?????? ???????? - ??? ?????? ???? (04-2011)) -- C:\Users\MITKO\Desktop\ΤΕΡΖΗΣ ΠΑΣΧΑΛΗΣ - ΔΥΟ ΝΥΧΤΕΣ ΜΟΝΟ (04-2011)

========== Alternate Data Streams ==========

@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:C31F31E6

< End of report >

Extras.Txt

Night_Raven · Юли 30, 2011

Стартирай отново OTL. В празното поле "Custom Scans/Fixes" (в долната част на програмата) постави следния текст (маркирай го, натисни Ctrl+C и после в полето на OTL натисни Ctrl+V):

:OTL
IE - HKU\S-1-5-21-4007395889-1011170634-872512969-1000\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - Reg Error: Key error. File not found
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:C31F31E6
:Commands
[emptytemp]

Копирай текстаточно както е в полето. Внимавай да не изтървеш началното двуеточие и всяка команда да е на отделен ред, както е в полето.

Кликни бутон Run Fix.

След рестарта ще се появи текстов дневник/лог. Същият файл се намира в C:\_OTL\MovedFiles. Моля, прикачи го към следващия си коментар.

---

Дребни поправки, но не виждам нищо друго нередно. Бих препоръчал да премахнеш Advanced SystemCare и да активираш обратно UAC, но надали ще го направиш.

Под Safe Mode има ли проблем?

Влез

Вероятна зараза от Фейсбук

Препоръчан пост

dimd

Link to comment

Сподели другаде

Night_Raven

Link to comment

Сподели другаде

Join the conversation

Разгледай

Какво ново?