1. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-01-2013 02
(ATTENTION: FRST version is 7 days old)
Ran by SYSTEM at 28-01-2013 00:38:59
Running from G:
Windows 7 Ultimate (X86) OS Language: English(US)
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM...Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARtHDVCpl.exe -s
[10029672 2011-03-28] (Realtek Semiconductor)
HKLM...Run: [RtHDVBg] C:Program FilesRealtekAudioHDARtHDVBg.exe /FORPCEE4
[1534568 2011-03-20] (Realtek Semiconductor)
HKLM...Run: [Dolby Advanced Audio v2] "C:Dolby PCEE4pcee4.exe" -autostart
[506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM...Run: [IntelPAN] "C:Program FilesCommon
FilesIntelWirelessCommoniFrmewrk.exe" /tf Intel PAN Tray [1210640 2011-05-02]
(Intel(R) Corporation)
HKLM...Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobeReader
10.0ReaderReader_sl.exe" [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM...Run: [Adobe ARM] "C:Program FilesCommon
FilesAdobeARM1.0AdobeARM.exe" [932288 2010-11-15] (Adobe Systems
Incorporated)
HKLM...Run: [IntelWirelessWiMAX] "C:Program
FilesIntelWiMAXBinWiMAXCU.exe" /tasktray /nosplash [1617920 2011-02-27]
(Intel® Corporation)
HKLM...Run: [LogMeIn Hamachi Ui] "C:Program FilesLogMeIn Hamachihamachi-2-
ui.exe" --auto-start [2254768 2012-12-10] (LogMeIn Inc.)
HKLM...Run: [PrivitizeVPN] C:Program FilesPrivitizeVPNPrivitizeVPN.exe
/autorun [196784 2012-09-10] (OOO Industry)
HKLM...Run: [APSDaemon] "C:Program FilesCommon FilesAppleApple Application
SupportAPSDaemon.exe" [59280 2012-11-28] (Apple Inc.)
HKLM...Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe" [152544
2012-12-12] (Apple Inc.)
HKU5454...Run: [DAEMON Tools Lite] "C:Program FilesDAEMON Tools
LiteDTLite.exe" -autorun [3671904 2012-08-28] (DT Soft Ltd)
HKU5454...Run: [1] C:Users5454AppDataLocalTempUltimate Password
Hacker2012 (1).exe [257536 2012-12-12] (NPwTuu)
HKU5454...Run: [SUS Start] C:ProgramDataSUSSUS.exe [2189824 2013-01-03] ()
HKLM...RunOnce: [*Restore] C:Windowssystem32rstrui.exe /RUNONCE [262656
2010-11-20] (Microsoft Corporation)
TcpipParameters: [DhcpNameServer] 192.168.1.1
AppInit_DLLs: c:progra~1zoomexsprote~1.dll
==================== Services (Whitelisted) ===================
3 BITCOMET_HELPER_SERVICE; C:Program FilesBitComettoolsBitCometService.exe
-service [1296728 2010-12-28] (www.BitComet.com)
4 Browser Manager; C:ProgramDataBrowser Manager2.5.911.18{c16c1ccb-7046-
4e5c-a2f3-533ad2fec8e8}mngr.exe [2402840 2012-11-12] ()
3 c2wts; C:Program FilesWindows Identity Foundationv3.5c2wtshost.exe [13080
2009-12-26] (Microsoft Corporation)
2 DMAgent; "C:Program FilesIntelWiMAXBinDMAgent.exe" [450560 2011-02-27]
(Red Bend Ltd.)
2 Hamachi2Svc; "C:Program FilesLogMeIn Hamachihamachi-2.exe" -s [1435568
2012-12-10] (LogMeIn Inc.)
2 HssSrv; C:Program FilesHotspot ShieldHssWPRhsssrv.exe [443760 2012-11-16]
(AnchorFree Inc.)
3 HssTrayService; C:Program FilesHotspot ShieldbinHssTrayService.EXE [78072
2012-11-14] ()
3 MyWiFiDHCPDNS; C:Program FilesIntelWiFibinPanDhcpDns.exe [227600 2011-05-
02] ()
2 Skype C2C Service; "C:ProgramDataSkypeToolbarsSkype C2C
Servicec2c_service.exe" [3290896 2012-12-13] (Skype Technologies S.A.)
2. 4 vToolbarUpdater13.2.0; C:Program FilesCommon FilesAVG Secure
SearchvToolbarUpdater13.2.0ToolbarUpdater.exe [711112 2012-11-08] ()
2 WiMAXAppSrv; "C:Program FilesIntelWiMAXBinAppSrv.exe" [1462272 2011-02-
27] (Intel(R) Corporation)
==================== Drivers (Whitelisted) ====================
1 avgtp; ??C:Windowssystem32driversavgtpx86.sys [26984 2012-11-08] (AVG
Technologies)
3 bpenum; C:WindowsSystem32DRIVERSbpenum.sys [60416 2011-02-17] (Intel
Corporation)
1 dtsoftbus01; C:WindowsSystem32DRIVERSdtsoftbus01.sys [242240 2012-10-06]
(DT Soft Ltd)
3 hamachi; C:WindowsSystem32DRIVERShamachi.sys [26176 2009-03-18] (LogMeIn,
Inc.)
1 HssDRV6; C:WindowsSystem32DRIVERShssdrv6.sys [35592 2012-11-14]
(AnchorFree Inc.)
3 taphss; C:WindowsSystem32DRIVERStaphss.sys [33512 2012-08-01] (AnchorFree
Inc)
3 taphss6; C:WindowsSystem32DRIVERStaphss6.sys [35592 2012-11-14]
(Anchorfree Inc.)
3 vpcbus; C:WindowsSystem32DRIVERSvpchbus.sys [165376 2009-11-22] (Microsoft
Corporation)
1 vpcnfltr; C:WindowsSystem32DRIVERSvpcnfltr.sys [55040 2009-11-22]
(Microsoft Corporation)
3 vpcusb; C:WindowsSystem32DRIVERSvpcusb.sys [78336 2009-11-22] (Microsoft
Corporation)
1 vpcvmm; C:WindowsSystem32driversvpcvmm.sys [293904 2009-11-22] (Microsoft
Corporation)
3 Synth3dVsc; C:WindowsSystem32driverssynth3dvsc.sys [x]
3 tsusbhub; C:WindowsSystem32driverstsusbhub.sys [x]
3 VGPU; C:WindowsSystem32driversrdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-01-26 17:58 - 2013-01-27 17:32 - 00000000 ___RD C:Users5454Podcasts
2013-01-26 17:55 - 2013-01-27 17:32 - 00000000 ____D C:Program FilesZune
2013-01-25 21:34 - 2013-01-25 21:34 - 00000000 ____D
C:Users5454AppDataLocalChromium
2013-01-25 07:28 - 2013-01-25 07:28 - 00000000 ____D
C:UsersPublicDocumentsSports Interactive
2013-01-25 07:28 - 2013-01-25 07:28 - 00000000 ____D
C:Users5454DocumentsSports Interactive
2013-01-25 07:28 - 2013-01-25 07:28 - 00000000 ____D
C:Users5454AppDataRoamingSports Interactive
2013-01-25 07:28 - 2013-01-25 07:28 - 00000000 ____D
C:Users5454AppDataLocalSports Interactive
2013-01-25 07:28 - 2013-01-25 07:28 - 00000000 ____D
C:Users5454AppDataLocalSKIDROW
2013-01-25 07:24 - 2013-01-25 07:26 - 00000000 ____D C:WindowsSystem32directx
2013-01-25 07:08 - 2013-01-25 07:08 - 00000000 ____D C:Program FilesAGB-GT
2013-01-23 09:47 - 2013-01-23 09:47 - 00937182 ____A
C:Users5454Downloads???????????? 80107.crdownload
2013-01-23 09:47 - 2013-01-23 09:47 - 00937182 ____A
C:Users5454Downloads???????????? 753439.crdownload
2013-01-23 09:47 - 2013-01-23 09:47 - 00937182 ____A
C:Users5454Downloads???????????? 567821.crdownload
2013-01-23 09:47 - 2013-01-23 09:47 - 00937182 ____A
C:Users5454Downloads???????????? 532495.crdownload
2013-01-18 09:18 - 2012-10-16 13:43 - 00000137 ____A
C:Users5454DesktopProcheti!!.txt
3. 2013-01-16 06:53 - 2013-01-16 06:53 - 01702774 ____A
C:Users5454DownloadsCira_-_Fenomenalno_Clip2Mp3.org (1).mp3.crdownload
2013-01-13 10:29 - 2013-01-13 11:10 - 00700416 ____A
C:Users5454Documentsmitko_3.mdb
2013-01-13 04:15 - 2013-01-13 04:15 - 00000000 ____D C:users?
2013-01-13 03:59 - 2013-01-27 21:33 - 00000000 ____D
C:Users5454DocumentsFIFA 11
2013-01-10 01:11 - 2013-01-10 01:38 - 00131072 ____A
C:Users5454Documentsdb1.mdb
2013-01-09 14:36 - 2013-01-09 14:37 - 01156435 ____A (Conduit)
C:Users5454Downloadsbs_Microsoft_office_2003.exe
2013-01-07 08:35 - 2013-01-07 08:37 - 00000000 ____D
C:Users5454AppDataRoamingApple Computer
2013-01-07 08:35 - 2013-01-07 08:35 - 00001753 ____A
C:UsersPublicDesktopiTunes.lnk
2013-01-07 08:35 - 2013-01-07 08:35 - 00000000 ____D
C:Users5454AppDataLocalApple Computer
2013-01-07 08:35 - 2012-08-21 03:01 - 00026840 ____A (GEAR Software Inc.)
C:WindowsSystem32DriversGEARAspiWDM.sys
2013-01-07 08:34 - 2013-01-07 08:35 - 00000000 ____D C:UsersAll
Users188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-01-07 08:34 - 2013-01-07 08:35 - 00000000 ____D C:Program FilesiTunes
2013-01-07 08:34 - 2013-01-07 08:34 - 00000000 ____D C:UsersAll UsersApple
Computer
2013-01-07 08:34 - 2013-01-07 08:34 - 00000000 ____D C:Program FilesiPod
2013-01-07 08:33 - 2013-01-07 08:33 - 00000000 ____D C:Program FilesApple
Software Update
2013-01-07 08:32 - 2013-01-07 08:34 - 00000000 ____D C:Program FilesCommon
FilesApple
2013-01-07 08:32 - 2013-01-07 08:33 - 00000000 ____D C:UsersAll UsersApple
2013-01-07 08:32 - 2013-01-07 08:32 - 00000000 ____D C:Program FilesBonjour
2013-01-07 08:28 - 2013-01-07 08:30 - 87143400 ____A (Apple Inc.)
C:Users5454DownloadsiTunesSetup.exe
2013-01-05 18:14 - 2010-08-17 22:50 - 00002366 ____A
C:Users5454Desktopsubsunacs.net_56509.txt
2013-01-05 18:14 - 2010-01-22 10:11 - 00067616 ____A
C:Users5454DesktopYoung.People.Fucking.2007.BRRip.XviD.AC3-CRiMES.srt
2013-01-03 19:29 - 2013-01-04 18:33 - 00000000 ____D C:UsersAll UsersSUS
2013-01-03 19:28 - 2013-01-03 19:28 - 00003726 ____A
C:Users5454DownloadsArdamax Keylogger 4.0.torrent
2013-01-03 19:25 - 2013-01-03 19:26 - 04572248 ____A (Support.com
) C:Users5454DownloadsARO2012_bt.exe
2013-01-03 19:25 - 2013-01-03 19:25 - 00632952 ____A
C:Users5454Downloadscbsidlm-tr1_9-Spyrix_Free_Keylogger-ORG-75708733.exe
2013-01-03 19:21 - 2013-01-03 19:21 - 00243273 ____A
C:Users5454Downloadsi_bpk2003.exe
2013-01-03 19:19 - 2013-01-03 19:19 - 00243273 ____A
C:Users5454Downloadsi_bpk2007.exe
2013-01-02 17:15 - 2013-01-02 17:15 - 00122976 ____A
C:Users5454Downloadscheat_engine(3).exe
2013-01-02 17:15 - 2013-01-02 17:15 - 00122976 ____A
C:Users5454Downloadscheat_engine(2).exe
2013-01-02 17:00 - 2013-01-02 17:21 - 00000000 ____D C:Program FilesProtected
Search
2013-01-02 17:00 - 2013-01-02 17:21 - 00000000 ____D C:Program FilesPC Speed
Maximizer
2013-01-02 17:00 - 2013-01-02 17:00 - 00000000 ____D C:Program
FilesProtectedToolbar
2013-01-02 17:00 - 2012-12-02 16:54 - 00011264 ____A C:WindowsLauncher.exe
2013-01-02 16:57 - 2013-01-09 17:20 - 00000000 ____D C:Program FilesDealPly
2013-01-02 16:57 - 2013-01-02 16:57 - 00000000 ____D C:Program FilesCheat
Engine 6.1
2013-01-02 16:55 - 2013-01-02 16:55 - 00122976 ____A
C:Users5454Downloadscheat_engine.exe
4. 2013-01-01 16:31 - 2012-12-12 08:50 - 00056296 ____A
C:Users5454Desktoplooper.2012.720p.bluray.x264-sparks.srt
2013-01-01 16:31 - 2012-09-29 07:15 - 00001031 ____A C:Users5454Desktop-
README - subs.sab.bz - Brought to you by xen.headoff.com -.txt
2013-01-01 16:24 - 2012-12-30 08:44 - 00099302 ____N
C:Users5454DesktopKilling Them Softly 2012 R3 XviD AC3 - RESiSTANCE.srt
2012-12-31 15:49 - 2012-08-30 23:10 - 00001808 ____A
C:Users5454Desktopsubsunacs.net_85405.txt
2012-12-31 15:49 - 2012-08-30 16:06 - 00029514 ____A
C:Users5454DesktopSnow.White.and.the.Huntsman.2012.EXTENDED.BDRip.XviD-
AMIABLE.CD1.srt
2012-12-31 15:49 - 2012-08-30 15:41 - 00015401 ____A
C:Users5454DesktopSnow.White.and.the.Huntsman.2012.EXTENDED.BDRip.XviD-
AMIABLE.CD2.srt
2012-12-31 15:49 - 2012-01-12 15:37 - 00001356 ____A C:Users5454DesktopREAD
ME 2012.txt
2012-12-31 08:17 - 2012-12-31 08:17 - 00022183 ____A
C:Users5454Downloadsswath_2012(subsunacs.net).rar
2012-12-31 08:16 - 2012-12-31 08:16 - 00057807 ____A
C:Users5454DownloadsSnow.White.and.the.Huntsman.2012.EXTENDED.BDRip.XviD-
AMIABLE.torrent
2012-12-30 03:15 - 2012-12-30 03:15 - 00056409 ____A
C:Users5454DownloadsDespicable.Me.DVDRip.BG.Audio.XviD-iMBT.torrent
2012-12-29 03:46 - 2012-12-29 03:46 - 00140968 ____A ()
C:Users5454Downloadsetypesetup.exe
2012-12-29 00:41 - 2012-12-29 00:41 - 00001951 ____A
C:Users5454DesktopCounter-Strike.lnk
==================== One Month Modified Files and Folders ========
2013-01-27 23:59 - 2013-01-27 23:59 - 00000000 ____D C:FRST
2013-01-27 21:33 - 2013-01-13 03:59 - 00000000 ____D
C:Users5454DocumentsFIFA 11
2013-01-27 21:33 - 2012-12-07 08:21 - 00000000 ____D
C:Users5454DocumentsEuro Truck Simulator
2013-01-27 21:33 - 2012-11-28 14:01 - 00000000 ____D
C:Users5454AppDataRoamingSkype
2013-01-27 21:33 - 2012-10-28 00:26 - 00000000 ____D
C:Users5454AppDataRoamingPhotoScape
2013-01-27 21:33 - 2012-10-18 12:19 - 00000000 ____D
C:Users5454AppDataRoamingBitTorrent
2013-01-27 21:33 - 2012-10-14 13:45 - 00000000 ____D
C:Users5454AppDataRoamingGRETECH
2013-01-27 21:33 - 2012-10-14 09:56 - 00000000 ____D
C:Users5454DocumentsFIFA 13
2013-01-27 21:33 - 2012-10-14 09:55 - 00000000 ____D
C:Users5454AppDataLocalVirtualStore
2013-01-27 21:33 - 2012-10-14 09:55 - 00000000 ____D
C:Users5454AppDataLocalLogMeIn Hamachi
2013-01-27 21:33 - 2012-10-14 09:55 - 00000000 ____D C:users5454
2013-01-27 21:33 - 2012-10-07 12:14 - 00000000 ____D C:Program FilesHotspot
Shield
2013-01-27 21:33 - 2012-10-06 13:33 - 00000000 ____D C:UsersAll UsersDAEMON
Tools Lite
2013-01-27 21:33 - 2012-10-06 10:29 - 00000000 ____D C:Dolby PCEE4
2013-01-27 21:33 - 2012-10-06 09:50 - 00000000 ____D C:users?
2013-01-27 21:33 - 2009-07-13 18:37 - 00000000 ___RD C:usersPublic
2013-01-27 21:33 - 2009-07-13 18:37 - 00000000 ____D C:WindowsSystem32wfp
2013-01-27 21:33 - 2009-07-13 18:37 - 00000000 ____D C:WindowsSystem32pt-PT
2013-01-27 21:33 - 2009-07-13 18:37 - 00000000 ____D C:WindowsSystem32pt-BR
2013-01-27 21:33 - 2009-07-13 18:37 - 00000000 ____D C:WindowsSystem32nl-NL
2013-01-27 21:33 - 2009-07-13 18:37 - 00000000 ____D C:WindowsSystem32it-IT
2013-01-27 21:33 - 2009-07-13 18:37 - 00000000 ____D C:WindowsSystem32fr-FR
5. 2013-01-27 21:33 - 2009-07-13 18:37 - 00000000 ____D
C:WindowsSystem32DriverStore
2013-01-27 21:33 - 2009-07-13 18:37 - 00000000 ____D C:WindowsSystem32de-DE
2013-01-27 21:33 - 2009-07-13 18:37 - 00000000 ____D C:Windowsregistration
2013-01-27 21:33 - 2009-07-13 18:37 - 00000000 ____D C:WindowsMicrosoft.NET
2013-01-27 21:33 - 2009-07-13 18:37 - 00000000 ____D C:WindowsAppCompat
2013-01-27 21:32 - 2012-10-22 11:58 - 00000000 ____D
C:Users5454AppDataLocalGoogle
2013-01-27 21:32 - 2012-10-07 12:14 - 00000000 ____D C:UsersAll UsersHotspot
Shield
2013-01-27 17:32 - 2013-01-26 17:58 - 00000000 ___RD C:Users5454Podcasts
2013-01-27 17:32 - 2013-01-26 17:55 - 00000000 ____D C:Program FilesZune
2013-01-27 17:30 - 2009-07-13 18:37 - 00000000 ____D
C:WindowsSystem32LogFiles
2013-01-25 21:34 - 2013-01-25 21:34 - 00000000 ____D
C:Users5454AppDataLocalChromium
2013-01-25 07:28 - 2013-01-25 07:28 - 00000000 ____D
C:UsersPublicDocumentsSports Interactive
2013-01-25 07:28 - 2013-01-25 07:28 - 00000000 ____D
C:Users5454DocumentsSports Interactive
2013-01-25 07:28 - 2013-01-25 07:28 - 00000000 ____D
C:Users5454AppDataRoamingSports Interactive
2013-01-25 07:28 - 2013-01-25 07:28 - 00000000 ____D
C:Users5454AppDataLocalSports Interactive
2013-01-25 07:28 - 2013-01-25 07:28 - 00000000 ____D
C:Users5454AppDataLocalSKIDROW
2013-01-25 07:26 - 2013-01-25 07:24 - 00000000 ____D C:WindowsSystem32directx
2013-01-25 07:08 - 2013-01-25 07:08 - 00000000 ____D C:Program FilesAGB-GT
2013-01-23 09:47 - 2013-01-23 09:47 - 00937182 ____A
C:Users5454Downloads???????????? 80107.crdownload
2013-01-23 09:47 - 2013-01-23 09:47 - 00937182 ____A
C:Users5454Downloads???????????? 753439.crdownload
2013-01-23 09:47 - 2013-01-23 09:47 - 00937182 ____A
C:Users5454Downloads???????????? 567821.crdownload
2013-01-23 09:47 - 2013-01-23 09:47 - 00937182 ____A
C:Users5454Downloads???????????? 532495.crdownload
2013-01-17 11:09 - 2012-12-18 02:33 - 00166912 ___AH
C:Users5454Desktopphotothumb.db
2013-01-16 06:53 - 2013-01-16 06:53 - 01702774 ____A
C:Users5454DownloadsCira_-_Fenomenalno_Clip2Mp3.org (1).mp3.crdownload
2013-01-13 11:10 - 2013-01-13 10:29 - 00700416 ____A
C:Users5454Documentsmitko_3.mdb
2013-01-13 04:15 - 2013-01-13 04:15 - 00000000 ____D C:users?
2013-01-10 08:30 - 2012-10-07 03:54 - 00000830 ____A C:WindowsTasksAdobe
Flash Player Updater.job
2013-01-10 07:41 - 2012-10-06 09:42 - 01249839 ____A
C:WindowsWindowsUpdate.log
2013-01-10 07:41 - 2009-07-13 20:34 - 00010128 ___AH
C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-
439d-8115-601632D005A0
2013-01-10 07:41 - 2009-07-13 20:34 - 00010128 ___AH
C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-
439d-8115-601632D005A0
2013-01-10 05:51 - 2012-10-06 09:54 - 00726316 ____A
C:WindowsSystem32PerfStringBackup.INI
2013-01-10 05:44 - 2012-12-23 03:36 - 00000354 ___AH
C:WindowsTasksZoomExUpdaterTask{6E627095-C8CB-47AA-A35B-C0B5C675CB0A}.job
2013-01-10 05:44 - 2009-07-13 20:53 - 00000006 ___AH C:WindowsTasksSA.DAT
2013-01-10 05:44 - 2009-07-13 20:39 - 00034349 ____A C:Windowssetupact.log
2013-01-10 01:38 - 2013-01-10 01:11 - 00131072 ____A
C:Users5454Documentsdb1.mdb
2013-01-09 17:20 - 2013-01-02 16:57 - 00000000 ____D C:Program FilesDealPly
2013-01-09 17:00 - 2012-10-25 10:22 - 65273848 ____A (Microsoft Corporation)
C:WindowsSystem32MRT.exe
6. 2013-01-09 14:37 - 2013-01-09 14:36 - 01156435 ____A (Conduit)
C:Users5454Downloadsbs_Microsoft_office_2003.exe
2013-01-09 10:31 - 2012-10-07 03:54 - 00697864 ____A (Adobe Systems
Incorporated) C:WindowsSystem32FlashPlayerApp.exe
2013-01-09 10:31 - 2012-10-06 11:12 - 00074248 ____A (Adobe Systems
Incorporated) C:WindowsSystem32FlashPlayerCPLApp.cpl
2013-01-07 11:38 - 2012-10-07 00:02 - 00006310 ____A C:WindowsPFRO.log
2013-01-07 08:37 - 2013-01-07 08:35 - 00000000 ____D
C:Users5454AppDataRoamingApple Computer
2013-01-07 08:35 - 2013-01-07 08:35 - 00001753 ____A
C:UsersPublicDesktopiTunes.lnk
2013-01-07 08:35 - 2013-01-07 08:35 - 00000000 ____D
C:Users5454AppDataLocalApple Computer
2013-01-07 08:35 - 2013-01-07 08:34 - 00000000 ____D C:UsersAll
Users188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-01-07 08:35 - 2013-01-07 08:34 - 00000000 ____D C:Program FilesiTunes
2013-01-07 08:34 - 2013-01-07 08:34 - 00000000 ____D C:UsersAll UsersApple
Computer
2013-01-07 08:34 - 2013-01-07 08:34 - 00000000 ____D C:Program FilesiPod
2013-01-07 08:34 - 2013-01-07 08:32 - 00000000 ____D C:Program FilesCommon
FilesApple
2013-01-07 08:33 - 2013-01-07 08:33 - 00000000 ____D C:Program FilesApple
Software Update
2013-01-07 08:33 - 2013-01-07 08:32 - 00000000 ____D C:UsersAll UsersApple
2013-01-07 08:32 - 2013-01-07 08:32 - 00000000 ____D C:Program FilesBonjour
2013-01-07 08:30 - 2013-01-07 08:28 - 87143400 ____A (Apple Inc.)
C:Users5454DownloadsiTunesSetup.exe
2013-01-04 18:33 - 2013-01-03 19:29 - 00000000 ____D C:UsersAll UsersSUS
2013-01-03 19:28 - 2013-01-03 19:28 - 00003726 ____A
C:Users5454DownloadsArdamax Keylogger 4.0.torrent
2013-01-03 19:26 - 2013-01-03 19:25 - 04572248 ____A (Support.com
) C:Users5454DownloadsARO2012_bt.exe
2013-01-03 19:25 - 2013-01-03 19:25 - 00632952 ____A
C:Users5454Downloadscbsidlm-tr1_9-Spyrix_Free_Keylogger-ORG-75708733.exe
2013-01-03 19:21 - 2013-01-03 19:21 - 00243273 ____A
C:Users5454Downloadsi_bpk2003.exe
2013-01-03 19:19 - 2013-01-03 19:19 - 00243273 ____A
C:Users5454Downloadsi_bpk2007.exe
2013-01-02 17:21 - 2013-01-02 17:00 - 00000000 ____D C:Program FilesProtected
Search
2013-01-02 17:21 - 2013-01-02 17:00 - 00000000 ____D C:Program FilesPC Speed
Maximizer
2013-01-02 17:15 - 2013-01-02 17:15 - 00122976 ____A
C:Users5454Downloadscheat_engine(3).exe
2013-01-02 17:15 - 2013-01-02 17:15 - 00122976 ____A
C:Users5454Downloadscheat_engine(2).exe
2013-01-02 17:00 - 2013-01-02 17:00 - 00000000 ____D C:Program
FilesProtectedToolbar
2013-01-02 16:57 - 2013-01-02 16:57 - 00000000 ____D C:Program FilesCheat
Engine 6.1
2013-01-02 16:55 - 2013-01-02 16:55 - 00122976 ____A
C:Users5454Downloadscheat_engine.exe
2012-12-31 08:17 - 2012-12-31 08:17 - 00022183 ____A
C:Users5454Downloadsswath_2012(subsunacs.net).rar
2012-12-31 08:16 - 2012-12-31 08:16 - 00057807 ____A
C:Users5454DownloadsSnow.White.and.the.Huntsman.2012.EXTENDED.BDRip.XviD-
AMIABLE.torrent
2012-12-30 08:44 - 2013-01-01 16:24 - 00099302 ____N
C:Users5454DesktopKilling Them Softly 2012 R3 XviD AC3 - RESiSTANCE.srt
2012-12-30 03:15 - 2012-12-30 03:15 - 00056409 ____A
C:Users5454DownloadsDespicable.Me.DVDRip.BG.Audio.XviD-iMBT.torrent
2012-12-29 03:46 - 2012-12-29 03:46 - 00140968 ____A ()
C:Users5454Downloadsetypesetup.exe
2012-12-29 00:42 - 2012-12-24 00:04 - 00000000 ____D C:Users5454Desktopmoqta
7. hubava papka
2012-12-29 00:41 - 2012-12-29 00:41 - 00001951 ____A
C:Users5454DesktopCounter-Strike.lnk
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:Windowsexplorer.exe => MD5 is legit
C:WindowsSystem32winlogon.exe => MD5 is legit
C:WindowsSystem32wininit.exe => MD5 is legit
C:WindowsSystem32svchost.exe => MD5 is legit
C:WindowsSystem32services.exe => MD5 is legit
C:WindowsSystem32User32.dll => MD5 is legit
C:WindowsSystem32userinit.exe => MD5 is legit
C:WindowsSystem32Driversvolsnap.sys
[2009-11-22 12:02] - [2009-11-22 12:02] - 0245336 ____A (Microsoft Corporation)
70F41D1EBDD9EE6ED2FD0FC05AA1FC13
==================== EXE ASSOCIATION =====================
HKLM....exe: exefile => OK
HKLM...exefileDefaultIcon: %1 => OK
HKLM...exefileopencommand: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2013-01-21 17:01:20
Restore point made on: 2013-01-26 17:53:38
==================== Memory info ===========================
Percentage of memory in use: 11%
Total physical RAM: 3947.86 MB
Available physical RAM: 3490.94 MB
Total Pagefile: 3946.14 MB
Available Pagefile: 3493.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1954.3 MB
==================== Partitions =============================
1 Drive c: () (Fixed) (Total:117.24 GB) (Free:43.21 GB) NTFS ==>[Drive with boot
components (obtained from BCD)]
2 Drive d: () (Fixed) (Total:581.2 GB) (Free:331.27 GB) NTFS
4 Drive f: (PUBLIC) (Removable) (Total:3.82 GB) (Free:3.82 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 698 GB 200 MB
Disk 1 Online 3920 MB 0 B
Disk 2 Online 2048 KB 0 B
Partitions of Disk 0:
===============
Disk ID: 6AF04688
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 117 GB 101 MB
8. Partition 2 Primary 581 GB 117 GB
=========================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C NTFS Partition 117 GB Healthy
=========================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D NTFS Partition 581 GB Healthy
=========================================================
Partitions of Disk 1:
===============
Disk ID: 74DECBDE
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3916 MB 4032 KB
=========================================================
Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F PUBLIC FAT32 Removable 3916 MB Healthy
=========================================================
Partitions of Disk 2:
===============
Disk ID: 1C6DA899
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 2032 KB 16 KB
=========================================================
Disk: 2
Partition 1
9. Type : 0E
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G FAT Removable 2032 KB Healthy
=========================================================
Last Boot: 2013-01-26 21:54
==================== End Of Log ============================
![Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-01-2013 02
(ATTENTION: FRST version is 7 days old)
Ran by SYSTEM at 28-01-2013 00:38:59
Running from G:
Windows 7 Ultimate (X86) OS Language: English(US)
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM...Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARtHDVCpl.exe -s
[10029672 2011-03-28] (Realtek Semiconductor)
HKLM...Run: [RtHDVBg] C:Program FilesRealtekAudioHDARtHDVBg.exe /FORPCEE4
[1534568 2011-03-20] (Realtek Semiconductor)
HKLM...Run: [Dolby Advanced Audio v2] "C:Dolby PCEE4pcee4.exe" -autostart
[506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM...Run: [IntelPAN] "C:Program FilesCommon
FilesIntelWirelessCommoniFrmewrk.exe" /tf Intel PAN Tray [1210640 2011-05-02]
(Intel(R) Corporation)
HKLM...Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobeReader
10.0ReaderReader_sl.exe" [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM...Run: [Adobe ARM] "C:Program FilesCommon
FilesAdobeARM1.0AdobeARM.exe" [932288 2010-11-15] (Adobe Systems
Incorporated)
HKLM...Run: [IntelWirelessWiMAX] "C:Program
FilesIntelWiMAXBinWiMAXCU.exe" /tasktray /nosplash [1617920 2011-02-27]
(Intel® Corporation)
HKLM...Run: [LogMeIn Hamachi Ui] "C:Program FilesLogMeIn Hamachihamachi-2-
ui.exe" --auto-start [2254768 2012-12-10] (LogMeIn Inc.)
HKLM...Run: [PrivitizeVPN] C:Program FilesPrivitizeVPNPrivitizeVPN.exe
/autorun [196784 2012-09-10] (OOO Industry)
HKLM...Run: [APSDaemon] "C:Program FilesCommon FilesAppleApple Application
SupportAPSDaemon.exe" [59280 2012-11-28] (Apple Inc.)
HKLM...Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe" [152544
2012-12-12] (Apple Inc.)
HKU5454...Run: [DAEMON Tools Lite] "C:Program FilesDAEMON Tools
LiteDTLite.exe" -autorun [3671904 2012-08-28] (DT Soft Ltd)
HKU5454...Run: [1] C:Users5454AppDataLocalTempUltimate Password
Hacker2012 (1).exe [257536 2012-12-12] (NPwTuu)
HKU5454...Run: [SUS Start] C:ProgramDataSUSSUS.exe [2189824 2013-01-03] ()
HKLM...RunOnce: [*Restore] C:Windowssystem32rstrui.exe /RUNONCE [262656
2010-11-20] (Microsoft Corporation)
TcpipParameters: [DhcpNameServer] 192.168.1.1
AppInit_DLLs: c:progra~1zoomexsprote~1.dll
==================== Services (Whitelisted) ===================
3 BITCOMET_HELPER_SERVICE; C:Program FilesBitComettoolsBitCometService.exe
-service [1296728 2010-12-28] (www.BitComet.com)
4 Browser Manager; C:ProgramDataBrowser Manager2.5.911.18{c16c1ccb-7046-
4e5c-a2f3-533ad2fec8e8}mngr.exe [2402840 2012-11-12] ()
3 c2wts; C:Program FilesWindows Identity Foundationv3.5c2wtshost.exe [13080
2009-12-26] (Microsoft Corporation)
2 DMAgent; "C:Program FilesIntelWiMAXBinDMAgent.exe" [450560 2011-02-27]
(Red Bend Ltd.)
2 Hamachi2Svc; "C:Program FilesLogMeIn Hamachihamachi-2.exe" -s [1435568
2012-12-10] (LogMeIn Inc.)
2 HssSrv; C:Program FilesHotspot ShieldHssWPRhsssrv.exe [443760 2012-11-16]
(AnchorFree Inc.)
3 HssTrayService; C:Program FilesHotspot ShieldbinHssTrayService.EXE [78072
2012-11-14] ()
3 MyWiFiDHCPDNS; C:Program FilesIntelWiFibinPanDhcpDns.exe [227600 2011-05-
02] ()
2 Skype C2C Service; "C:ProgramDataSkypeToolbarsSkype C2C
Servicec2c_service.exe" [3290896 2012-12-13] (Skype Technologies S.A.)](https://image.slidesharecdn.com/frst-130127164921-phpapp02/85/Frst-1-320.jpg)
![4 vToolbarUpdater13.2.0; C:Program FilesCommon FilesAVG Secure
SearchvToolbarUpdater13.2.0ToolbarUpdater.exe [711112 2012-11-08] ()
2 WiMAXAppSrv; "C:Program FilesIntelWiMAXBinAppSrv.exe" [1462272 2011-02-
27] (Intel(R) Corporation)
==================== Drivers (Whitelisted) ====================
1 avgtp; ??C:Windowssystem32driversavgtpx86.sys [26984 2012-11-08] (AVG
Technologies)
3 bpenum; C:WindowsSystem32DRIVERSbpenum.sys [60416 2011-02-17] (Intel
Corporation)
1 dtsoftbus01; C:WindowsSystem32DRIVERSdtsoftbus01.sys [242240 2012-10-06]
(DT Soft Ltd)
3 hamachi; C:WindowsSystem32DRIVERShamachi.sys [26176 2009-03-18] (LogMeIn,
Inc.)
1 HssDRV6; C:WindowsSystem32DRIVERShssdrv6.sys [35592 2012-11-14]
(AnchorFree Inc.)
3 taphss; C:WindowsSystem32DRIVERStaphss.sys [33512 2012-08-01] (AnchorFree
Inc)
3 taphss6; C:WindowsSystem32DRIVERStaphss6.sys [35592 2012-11-14]
(Anchorfree Inc.)
3 vpcbus; C:WindowsSystem32DRIVERSvpchbus.sys [165376 2009-11-22] (Microsoft
Corporation)
1 vpcnfltr; C:WindowsSystem32DRIVERSvpcnfltr.sys [55040 2009-11-22]
(Microsoft Corporation)
3 vpcusb; C:WindowsSystem32DRIVERSvpcusb.sys [78336 2009-11-22] (Microsoft
Corporation)
1 vpcvmm; C:WindowsSystem32driversvpcvmm.sys [293904 2009-11-22] (Microsoft
Corporation)
3 Synth3dVsc; C:WindowsSystem32driverssynth3dvsc.sys [x]
3 tsusbhub; C:WindowsSystem32driverstsusbhub.sys [x]
3 VGPU; C:WindowsSystem32driversrdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-01-26 17:58 - 2013-01-27 17:32 - 00000000 ___RD C:Users5454Podcasts
2013-01-26 17:55 - 2013-01-27 17:32 - 00000000 ____D C:Program FilesZune
2013-01-25 21:34 - 2013-01-25 21:34 - 00000000 ____D
C:Users5454AppDataLocalChromium
2013-01-25 07:28 - 2013-01-25 07:28 - 00000000 ____D
C:UsersPublicDocumentsSports Interactive
2013-01-25 07:28 - 2013-01-25 07:28 - 00000000 ____D
C:Users5454DocumentsSports Interactive
2013-01-25 07:28 - 2013-01-25 07:28 - 00000000 ____D
C:Users5454AppDataRoamingSports Interactive
2013-01-25 07:28 - 2013-01-25 07:28 - 00000000 ____D
C:Users5454AppDataLocalSports Interactive
2013-01-25 07:28 - 2013-01-25 07:28 - 00000000 ____D
C:Users5454AppDataLocalSKIDROW
2013-01-25 07:24 - 2013-01-25 07:26 - 00000000 ____D C:WindowsSystem32directx
2013-01-25 07:08 - 2013-01-25 07:08 - 00000000 ____D C:Program FilesAGB-GT
2013-01-23 09:47 - 2013-01-23 09:47 - 00937182 ____A
C:Users5454Downloads???????????? 80107.crdownload
2013-01-23 09:47 - 2013-01-23 09:47 - 00937182 ____A
C:Users5454Downloads???????????? 753439.crdownload
2013-01-23 09:47 - 2013-01-23 09:47 - 00937182 ____A
C:Users5454Downloads???????????? 567821.crdownload
2013-01-23 09:47 - 2013-01-23 09:47 - 00937182 ____A
C:Users5454Downloads???????????? 532495.crdownload
2013-01-18 09:18 - 2012-10-16 13:43 - 00000137 ____A
C:Users5454DesktopProcheti!!.txt](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)