[ Príspevkov: 59 ] Choď na stránku: 1, 2  ďalšia
AutorSpráva
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 17.11.05
Prihlásený: 19.04.15
Príspevky: 306
Témy: 81 | 81
Štv 28.02.13 23:44 |

Speedbit


ahoj,

potreboval by som poradit ako sa zbavit toho speedbitu,stiahol som downloadaccelerator a samozrejme s nim aj taku hlupost,a teraz mi to stale meni domovsku stranku na stranku speedbit.pc som prehnal Kaspersky TDSSKiller co sa dalo odstranil,a teraz mi uz nic nenaslo ani antivir,restart a speedbit je tu zas,.poradte prosim ako sa toho zbavit,dakujem


_________________
notebook Lenovo G580
CPU : Intel B 960 2.2G
RAM : 4096M
OS : WIN 7 Home Prem
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 10.07.12
Prihlásený: 20.05.14
Príspevky: 731
Témy: 34 | 34
Bydlisko: Bratislava
Pia 01.03.13 8:56 |

Speedbit


daj scan celého systému s MBAM http://download.cnet.com/Malwarebytes-A ... tag=button


_________________

NTB: Lenovo Y580 i7
PC: Apple Mac mini i5
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.14
Príspevky: 618
Témy: 2 | 2
Pia 01.03.13 9:02 |

Speedbit


tiahni si AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
ulož ho na plochu Spusť program stlač tlačidlo search
Po skene sa objaví log budeš ho mať na systémovom disku ako AdwCleaner[R?].txt cely obsah vlož sem


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 17.11.05
Prihlásený: 19.04.15
Príspevky: 306
Témy: 81 | 81
Pia 01.03.13 14:44 |

Speedbit


# AdwCleaner v2.113 - Logfile created 03/01/2013 at 14:43:11
# Updated 23/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Lenovo - LENOVO-PC
# Boot Mode : Normal
# Running from : C:\Users\Lenovo\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\Lenovo\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\rwudmgod.default\searchplugins\icqplugin.xml
File Found : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\rwudmgod.default\searchplugins\icqplugin-1.xml
File Found : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\rwudmgod.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\rwudmgod.default\searchplugins\icqplugin-3.xml
Folder Found : C:\ProgramData\Partner
Folder Found : C:\Users\Lenovo\AppData\LocalLow\Softonic
Folder Found : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\rwudmgod.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

***** [Registry] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\PIP
Key Found : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKLM\Software\PIP

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (sk)

File : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\rwudmgod.default\prefs.js

Found : user_pref("extensions.Softonic.admin", false);
Found : user_pref("extensions.Softonic.aflt", "SD");
Found : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
Found : user_pref("extensions.Softonic.autoRvrt", "false");
Found : user_pref("extensions.Softonic.dfltLng", "");
Found : user_pref("extensions.Softonic.dfltSrch", true);
Found : user_pref("extensions.Softonic.excTlbr", false);
Found : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=13&[...]
Found : user_pref("extensions.Softonic.hpOld0", "hxxp://www.google.com/ig?source=gama&hl=sk");
Found : user_pref("extensions.Softonic.id", "4c759ae2000000000000446d577cf080");
Found : user_pref("extensions.Softonic.instlDay", "15746");
Found : user_pref("extensions.Softonic.instlRef", "INF00176");
Found : user_pref("extensions.Softonic.kw_url", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=2&cc[...]
Found : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=1[...]
Found : user_pref("extensions.Softonic.prdct", "Softonic");
Found : user_pref("extensions.Softonic.prtnrId", "softonic");
Found : user_pref("extensions.Softonic.rvrt", "true");
Found : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Found : user_pref("extensions.Softonic.tlbrId", "BASEirobinhoodActive");
Found : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource[...]
Found : user_pref("extensions.Softonic.vrsn", "1.8.8.11");
Found : user_pref("extensions.Softonic.vrsni", "1.8.8.11");
Found : user_pref("extensions.Softonic_i.dnsErr", true);
Found : user_pref("extensions.Softonic_i.excTlbr", false);
Found : user_pref("extensions.Softonic_i.hmpg", true);
Found : user_pref("extensions.Softonic_i.newTab", true);
Found : user_pref("extensions.Softonic_i.smplGrp", "none");
Found : user_pref("extensions.Softonic_i.vrsnTs", "1.8.8.1111:52:30");
Found : user_pref("extensions.facemoods.aflt", "_#ost");
Found : user_pref("extensions.facemoods.firstRun", false);
Found : user_pref("extensions.facemoods.lastActv", "15");
Found : user_pref("icqtoolbar.allowSendURL", false);
Found : user_pref("icqtoolbar.engineVerified", false);
Found : user_pref("icqtoolbar.geolastmodified", 1322327027);
Found : user_pref("icqtoolbar.hiddenElements", "itb_options");
Found : user_pref("icqtoolbar.history", "farby%20na%20sklo%20sablony||flambovan%C3%A9%20ban%C3%A1ny||segedin[...]
Found : user_pref("icqtoolbar.hpChange", true);
Found : user_pref("icqtoolbar.icqgeo", 4201);
Found : user_pref("icqtoolbar.installTime", "1320611141");
Found : user_pref("icqtoolbar.installsource", "1");
Found : user_pref("icqtoolbar.itbsitescount", 5301);
Found : user_pref("icqtoolbar.newtab_state", "1");
Found : user_pref("icqtoolbar.numberOfSearches", 0);
Found : user_pref("icqtoolbar.previousFFVersion", "7.0.1");
Found : user_pref("icqtoolbar.removedsitescount", 9);
Found : user_pref("icqtoolbar.skip_default_search", "no");
Found : user_pref("icqtoolbar.uniqueID", "127196473712719555731272027574992");
Found : user_pref("icqtoolbar.usageStatstTimestamp", 1322341330);
Found : user_pref("icqtoolbar.userHpApproved", true);
Found : user_pref("icqtoolbar.version", "1.3.6");
Found : user_pref("icqtoolbar.voucherHideClicks", 0);
Found : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Found : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Found : user_pref("icqtoolbar.voucherWasShown", 0);
Found : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Found : user_pref("icqtoolbar.xmlLanguage", "sk");


_________________
notebook Lenovo G580
CPU : Intel B 960 2.2G
RAM : 4096M
OS : WIN 7 Home Prem
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.14
Príspevky: 618
Témy: 2 | 2
Pia 01.03.13 14:47 |

Speedbit


Spusť adwcleaner stlač tlačidlo delete pre odsúhlasenie stlač OK počítač sa reštartuje
log budeš ho mať na systémovom disku ako AdwCleaner[S?].txt cely obsah vlož sem


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 17.11.05
Prihlásený: 19.04.15
Príspevky: 306
Témy: 81 | 81
Pia 01.03.13 15:01 |

Speedbit


*** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Lenovo\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\rwudmgod.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\rwudmgod.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\rwudmgod.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\rwudmgod.default\searchplugins\icqplugin-3.xml
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\Lenovo\AppData\LocalLow\Softonic
Folder Deleted : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\rwudmgod.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\PIP
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\Software\PIP

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (sk)

File : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\rwudmgod.default\prefs.js

C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\rwudmgod.default\user.js ... Deleted !

Deleted : user_pref("extensions.Softonic.admin", false);
Deleted : user_pref("extensions.Softonic.aflt", "SD");
Deleted : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
Deleted : user_pref("extensions.Softonic.autoRvrt", "false");
Deleted : user_pref("extensions.Softonic.dfltLng", "");
Deleted : user_pref("extensions.Softonic.dfltSrch", true);
Deleted : user_pref("extensions.Softonic.excTlbr", false);
Deleted : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=13&[...]
Deleted : user_pref("extensions.Softonic.hpOld0", "hxxp://www.google.com/ig?source=gama&hl=sk");
Deleted : user_pref("extensions.Softonic.id", "4c759ae2000000000000446d577cf080");
Deleted : user_pref("extensions.Softonic.instlDay", "15746");
Deleted : user_pref("extensions.Softonic.instlRef", "INF00176");
Deleted : user_pref("extensions.Softonic.kw_url", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=2&cc[...]
Deleted : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=1[...]
Deleted : user_pref("extensions.Softonic.prdct", "Softonic");
Deleted : user_pref("extensions.Softonic.prtnrId", "softonic");
Deleted : user_pref("extensions.Softonic.rvrt", "true");
Deleted : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Deleted : user_pref("extensions.Softonic.tlbrId", "BASEirobinhoodActive");
Deleted : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource[...]
Deleted : user_pref("extensions.Softonic.vrsn", "1.8.8.11");
Deleted : user_pref("extensions.Softonic.vrsni", "1.8.8.11");
Deleted : user_pref("extensions.Softonic_i.dnsErr", true);
Deleted : user_pref("extensions.Softonic_i.excTlbr", false);
Deleted : user_pref("extensions.Softonic_i.hmpg", true);
Deleted : user_pref("extensions.Softonic_i.newTab", true);
Deleted : user_pref("extensions.Softonic_i.smplGrp", "none");
Deleted : user_pref("extensions.Softonic_i.vrsnTs", "1.8.8.1111:52:30");
Deleted : user_pref("extensions.facemoods.aflt", "_#ost");
Deleted : user_pref("extensions.facemoods.firstRun", false);
Deleted : user_pref("extensions.facemoods.lastActv", "15");
Deleted : user_pref("icqtoolbar.allowSendURL", false);
Deleted : user_pref("icqtoolbar.engineVerified", false);
Deleted : user_pref("icqtoolbar.geolastmodified", 1322327027);
Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
Deleted : user_pref("icqtoolbar.history", "farby%20na%20sklo%20sablony||flambovan%C3%A9%20ban%C3%A1ny||segedin[...]
Deleted : user_pref("icqtoolbar.hpChange", true);
Deleted : user_pref("icqtoolbar.icqgeo", 4201);
Deleted : user_pref("icqtoolbar.installTime", "1320611141");
Deleted : user_pref("icqtoolbar.installsource", "1");
Deleted : user_pref("icqtoolbar.itbsitescount", 5301);
Deleted : user_pref("icqtoolbar.newtab_state", "1");
Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Deleted : user_pref("icqtoolbar.previousFFVersion", "7.0.1");
Deleted : user_pref("icqtoolbar.removedsitescount", 9);
Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Deleted : user_pref("icqtoolbar.uniqueID", "127196473712719555731272027574992");
Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1322341330);
Deleted : user_pref("icqtoolbar.userHpApproved", true);
Deleted : user_pref("icqtoolbar.version", "1.3.6");
Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
Deleted : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Deleted : user_pref("icqtoolbar.xmlLanguage", "sk");


_________________
notebook Lenovo G580
CPU : Intel B 960 2.2G
RAM : 4096M
OS : WIN 7 Home Prem
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.14
Príspevky: 618
Témy: 2 | 2
Pia 01.03.13 15:08 |

Speedbit


Stiahni si RSIT z http://images.malwareremoval.com/random/RSIT.exe pre 64 bit verzie http://images.malwareremoval.com/random/RSITx64.exe spusť daj continue chvíľu počkaj dokým sa vygeneruje log keď ho vygeneruje nájdeš ho na C:\rsit\log.txt log vlož sem


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 17.11.05
Prihlásený: 19.04.15
Príspevky: 306
Témy: 81 | 81
Pia 01.03.13 15:20 |

Speedbit


Cele to sem nevlezie,je to strasne dlhe


_________________
notebook Lenovo G580
CPU : Intel B 960 2.2G
RAM : 4096M
OS : WIN 7 Home Prem
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.14
Príspevky: 618
Témy: 2 | 2
Pia 01.03.13 15:23 |

Speedbit


tak tu upni na uloz.to


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 17.11.05
Prihlásený: 19.04.15
Príspevky: 306
Témy: 81 | 81
Pia 01.03.13 15:28 |

Speedbit


http://www.ulozto.sk/xnq3uA8/log-txt


_________________
notebook Lenovo G580
CPU : Intel B 960 2.2G
RAM : 4096M
OS : WIN 7 Home Prem
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.14
Príspevky: 618
Témy: 2 | 2
Pia 01.03.13 15:31 |

Speedbit


a čo ten MBAM ?
Stihni si combofix z http://download.bleepingcomputer.com/sUBs/ComboFix.exe ulož ho na plochu
Vypni všetky rezidentné štíty antiviru a antyspyware
Pre WIN XP spuštaj pod administrátorom
Pre WIN Vista a WIN 7 klikny na combofix pravým tlačidlom daj spustiť ako správca
Hneď po zapnutý okno z licečnimi podmienkami stlač tlačidlo áno
Keď ty combofix ponúkne inštalovať konzolu pre zotavenie odsúhlas inštaláciu tlačidlom ANO
Behom scanu nechaj combofix pracovať nerob nič na PC
Scan môže trvať cca 10 min všetko zaleží od toho v akom stave je PC môže sa to predlžiť o dvojnásobok
Po dokončení skenovanie combofix reštartuje PC a zobrazí sa log budeš ho mať na C:\ComboFix.txt vlož ho sem
Nože sa stať že systém nenabehne v tom prípade použi poslednú známu konfiguráciu http://support.microsoft.com/kb/307852/sk


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 17.11.05
Prihlásený: 19.04.15
Príspevky: 306
Témy: 81 | 81
Pia 01.03.13 15:34 |

Speedbit


MBAM som len pred chvilkou spustil teraz skenuje,.idem na ten combofix


_________________
notebook Lenovo G580
CPU : Intel B 960 2.2G
RAM : 4096M
OS : WIN 7 Home Prem
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 17.11.05
Prihlásený: 19.04.15
Príspevky: 306
Témy: 81 | 81
Pia 01.03.13 16:32 |

Speedbit


tak som tu,vyzera to ze mam vsetko fuc z PC,este ani antivirus nemam,prazdna plocha,to mam cele vsetko zmazane??este ani firefox nemam,a nemam ani zalohu uf,.


_________________
notebook Lenovo G580
CPU : Intel B 960 2.2G
RAM : 4096M
OS : WIN 7 Home Prem
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.14
Príspevky: 618
Témy: 2 | 2
Pia 01.03.13 16:36 |

Speedbit


spravil si ten combofix ? vybehol ty poznámkový blok


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 17.11.05
Prihlásený: 19.04.15
Príspevky: 306
Témy: 81 | 81
Pia 01.03.13 16:37 |

Speedbit


no po combofixe uz mam vsetko zmenene ziadny poznamkovy blok nevybehol,.


_________________
notebook Lenovo G580
CPU : Intel B 960 2.2G
RAM : 4096M
OS : WIN 7 Home Prem
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.14
Príspevky: 618
Témy: 2 | 2
Pia 01.03.13 16:39 |

Speedbit


sprav poslednú známu konfiguráciu http://support.microsoft.com/kb/307852/sk čo MBAM


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 17.11.05
Prihlásený: 19.04.15
Príspevky: 306
Témy: 81 | 81
Pia 01.03.13 16:40 |

Speedbit


ako to ze miesto na pevnom disku mam stale tak ako predtym a pritom niec neviem najst,stale mam vsetko na pevnom disku co som mal?


_________________
notebook Lenovo G580
CPU : Intel B 960 2.2G
RAM : 4096M
OS : WIN 7 Home Prem
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 17.11.05
Prihlásený: 19.04.15
Príspevky: 306
Témy: 81 | 81
Pia 01.03.13 16:41 |

Speedbit


MBAM nenasiel nic preto som tu nedal log


_________________
notebook Lenovo G580
CPU : Intel B 960 2.2G
RAM : 4096M
OS : WIN 7 Home Prem
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.14
Príspevky: 618
Témy: 2 | 2
Pia 01.03.13 16:44 |

Speedbit


spravil si poslednú známu konfiguráciu


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 17.11.05
Prihlásený: 19.04.15
Príspevky: 306
Témy: 81 | 81
Pia 01.03.13 16:53 |

Speedbit


ano,posledny bod obnovy mam spred 15 minut,.ine tam niesu,je to v prdeli,.


_________________
notebook Lenovo G580
CPU : Intel B 960 2.2G
RAM : 4096M
OS : WIN 7 Home Prem
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 17.11.05
Prihlásený: 19.04.15
Príspevky: 306
Témy: 81 | 81
Pia 01.03.13 16:55 |

Speedbit


neviem ci nebola vypnuta obnova,.lebo tam niesu ziadne body obnovy ,.ale vyzera ze vsetko je na hardisku,


_________________
notebook Lenovo G580
CPU : Intel B 960 2.2G
RAM : 4096M
OS : WIN 7 Home Prem
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.14
Príspevky: 618
Témy: 2 | 2
Pia 01.03.13 16:56 |

Speedbit


V pc máš teraz nainštalovaný MBAM
ďalej Microsoft Security Client superantyspyware a Ad-Aware


Stiahni si OTL
http://oldtimer.geekstogo.com/OTL.exe
Pre OS XP spusť pod administratorom
Pre OS vista ,7
Zaškrtni LOP check ,Purity check, všetkých používateľov (scan all users )
Klinky na prehľadať (RUN SCAN)
Prebehne scan keď skonči vyskočia logy OTL.txt a Extras.txt tie sem vlož


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 17.11.05
Prihlásený: 19.04.15
Príspevky: 306
Témy: 81 | 81
Pia 01.03.13 17:17 |

Speedbit


teraz sa budem pytat ako blbec,mam rozdeleny hddna dve casti,jednu 25Gb a druhu620,notebook som uz kupil takto s nainstalovanym win,nemoze byt ze aj na tej druhej polke mam windows a ja som teraz v nom??ako to zistim??


_________________
notebook Lenovo G580
CPU : Intel B 960 2.2G
RAM : 4096M
OS : WIN 7 Home Prem
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 17.11.05
Prihlásený: 19.04.15
Príspevky: 306
Témy: 81 | 81
Pia 01.03.13 17:19 |

Speedbit


teraz tu mam nejakyMCAfee anie microsoft security client,preto si myslim ci nie som v druhom hdd ani Ad-Aware tu nieje


_________________
notebook Lenovo G580
CPU : Intel B 960 2.2G
RAM : 4096M
OS : WIN 7 Home Prem
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.14
Príspevky: 618
Témy: 2 | 2
Pia 01.03.13 17:21 |

Speedbit


sprav to OTL windows máš len na C:


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 17.11.05
Prihlásený: 19.04.15
Príspevky: 306
Témy: 81 | 81
Pia 01.03.13 17:25 |

Speedbit


Takze k svojim suborom a nastaveniam sa uz nedostanem??
OTL bezi


_________________
notebook Lenovo G580
CPU : Intel B 960 2.2G
RAM : 4096M
OS : WIN 7 Home Prem
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 17.11.05
Prihlásený: 19.04.15
Príspevky: 306
Témy: 81 | 81
Pia 01.03.13 17:37 |

Speedbit


OTL logfile created on: 1. 3. 2013 17:32:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lenovo\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

3,90 Gb Total Physical Memory | 2,73 Gb Available Physical Memory | 70,05% Memory free
7,80 Gb Paging File | 6,05 Gb Available in Paging File | 77,51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 653,44 Gb Total Space | 482,80 Gb Free Space | 73,89% Space Free | Partition Type: NTFS
Drive D: | 25,47 Gb Total Space | 22,38 Gb Free Space | 87,89% Space Free | Partition Type: NTFS

Computer Name: LENOVO-PC | User Name: Lenovo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/01 17:30:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lenovo\Desktop\OTL.exe
PRC - [2012/04/29 14:44:47 | 000,329,056 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
PRC - [2012/02/28 10:20:02 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/02/28 10:19:56 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/02/28 10:19:46 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/02/27 12:01:58 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/02/09 23:48:04 | 000,158,880 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011/12/09 23:45:00 | 000,548,864 | ---- | M] (Vimicro) -- C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
PRC - [2011/11/30 04:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/11/30 04:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/08/26 04:43:44 | 000,337,776 | ---- | M] ( ) -- C:\Program Files (x86)\LockKey\LockKey.exe
PRC - [2011/06/06 20:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/01/29 07:29:36 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe


========== Modules (No Company Name) ==========

MOD - [2012/12/12 06:32:26 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012/10/05 11:53:24 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012/10/05 11:53:24 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012/08/31 11:59:19 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2012/04/29 14:44:46 | 000,013,664 | ---- | M] () -- C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
MOD - [2012/02/11 00:31:42 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
MOD - [2011/12/25 21:42:15 | 005,255,168 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2010/11/21 04:24:32 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2010/11/21 04:23:48 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010/11/21 04:23:48 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2009/06/10 22:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/02/13 22:41:46 | 000,572,976 | ---- | M] (Lenovo (Beijing) Limited) [Auto | Running] -- C:\Program Files\Lenovo\Instant Reset\DamageGuardSvc.exe -- (DamageGuardSvc)
SRV:64bit: - [2012/02/03 06:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2011/03/18 00:39:40 | 000,501,768 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:64bit: - [2011/03/13 19:45:12 | 000,158,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2011/03/13 19:37:22 | 000,208,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/03/13 19:37:06 | 000,197,960 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/01/28 20:28:54 | 000,225,216 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- c:\Program Files\mcafee\msc\McAWFwk.exe -- (McAWFwk)
SRV:64bit: - [2011/01/28 02:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011/01/28 02:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2011/01/28 02:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011/01/28 02:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2011/01/28 02:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2011/01/28 02:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2011/01/28 02:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2010/12/17 09:46:34 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:64bit: - [2010/09/23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/04/29 14:47:33 | 000,332,272 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)
SRV - [2012/03/02 22:48:56 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/02/28 10:20:02 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/02/28 10:19:56 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/02/28 10:19:46 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/02/09 23:48:04 | 000,158,880 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)
SRV - [2012/02/09 23:31:46 | 000,106,144 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011/11/30 04:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/06/06 20:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/03/18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/04/29 14:49:22 | 000,057,952 | ---- | M] (Lenovo) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fbfmon.sys -- (fbfmon)
DRV:64bit: - [2012/04/29 14:49:22 | 000,013,408 | ---- | M] (Lenovo) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BPntDrv.sys -- (BPntDrv)
DRV:64bit: - [2012/04/29 14:48:21 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2012/04/29 14:48:21 | 000,030,816 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/27 12:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/02/27 12:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/02/27 12:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/02/17 18:28:56 | 014,692,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/02/11 01:36:26 | 000,217,392 | ---- | M] (Lenovo) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\DamageGuardX64.sys -- (DamageGuard)
DRV:64bit: - [2012/02/09 23:40:28 | 000,290,464 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012/02/09 23:39:40 | 000,283,296 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012/02/09 23:39:22 | 000,059,040 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012/02/09 23:39:10 | 000,166,048 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012/02/09 23:38:52 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2012/02/09 23:38:40 | 000,029,344 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012/02/09 23:38:22 | 000,109,216 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012/02/09 23:38:10 | 000,259,744 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2012/02/06 18:31:00 | 000,958,800 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm332avs.sys -- (vm332avs)
DRV:64bit: - [2012/01/31 06:17:44 | 001,601,152 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2012/01/15 23:21:04 | 000,208,168 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2011/12/13 19:04:52 | 000,023,648 | ---- | M] (Lenovo) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\dgfltrX64.sys -- (dgFltr)
DRV:64bit: - [2011/12/06 12:23:10 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/11/30 03:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/11/15 11:24:20 | 000,313,960 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2011/11/15 04:12:10 | 000,111,216 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011/11/09 18:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/10/10 08:56:15 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/10/10 08:56:15 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/08/04 19:57:04 | 002,768,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/03/13 19:20:10 | 000,639,216 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/03/13 19:20:10 | 000,481,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/03/13 19:20:10 | 000,281,928 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/03/13 19:20:10 | 000,227,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/03/13 19:20:10 | 000,156,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/03/13 19:20:10 | 000,098,728 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/03/13 19:20:10 | 000,075,672 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/03/13 19:20:10 | 000,065,128 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/01/29 07:29:58 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/21 22:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2313012456-1737052936-945135340-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=LENN
IE - HKU\S-1-5-21-2313012456-1737052936-945135340-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com [binary data]
IE - HKU\S-1-5-21-2313012456-1737052936-945135340-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=LENN
IE - HKU\S-1-5-21-2313012456-1737052936-945135340-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-2313012456-1737052936-945135340-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-2313012456-1737052936-945135340-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKU\S-1-5-21-2313012456-1737052936-945135340-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
IE - HKU\S-1-5-21-2313012456-1737052936-945135340-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013/03/01 17:08:38 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120429064600.dll (McAfee, Inc.)
O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120429064600.dll (McAfee, Inc.)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [0NcOOBERunOnce] 0NcOOBERunOnce File not found
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE (Vimicro)
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LockKey] C:\Program Files (x86)\LockKey\LockKey.exe ( )
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{60C7E767-B92E-4426-AAEB-B2EBEDA673EA}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/01 17:30:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lenovo\Desktop\OTL.exe
[2013/03/01 17:14:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/03/01 17:12:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2013/03/01 16:13:14 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\Adobe
[2013/03/01 16:12:48 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\Google
[2013/03/01 15:58:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Shared
[2013/03/01 15:58:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\360tray
[2013/02/28 16:56:23 | 000,069,376 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\LBD.sys
[2013/02/28 00:29:06 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/02/28 00:29:05 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/02/28 00:29:05 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/02/28 00:29:05 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/02/28 00:29:01 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/02/28 00:29:01 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/02/28 00:28:57 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/02/28 00:28:57 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/02/28 00:28:57 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/02/28 00:28:57 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/02/28 00:28:57 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/02/28 00:28:57 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/02/28 00:28:57 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/02/28 00:28:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/02/28 00:28:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/02/28 00:28:57 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/02/28 00:28:57 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/02/28 00:28:56 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/02/28 00:28:56 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/02/28 00:28:56 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/02/28 00:28:56 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/02/28 00:28:56 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/02/28 00:28:56 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/02/28 00:28:56 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/02/28 00:28:56 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/02/28 00:28:56 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/02/28 00:28:56 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/02/28 00:28:56 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/02/28 00:28:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/02/28 00:28:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/02/28 00:28:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/02/28 00:28:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/02/28 00:28:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/02/28 00:28:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/02/28 00:28:55 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/02/28 00:28:55 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/02/28 00:28:55 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/02/28 00:28:55 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/02/28 00:28:55 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/02/28 00:28:55 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/02/28 00:28:54 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/02/16 00:21:14 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013/02/16 00:21:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/02/16 00:21:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/02/16 00:21:10 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013/02/16 00:21:09 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/02/16 00:21:09 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2013/02/16 00:21:06 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/02/16 00:21:06 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/02/16 00:21:06 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/02/16 00:21:06 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/02/16 00:21:06 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013/02/16 00:21:06 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/02/16 00:21:06 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013/02/16 00:21:06 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/02/16 00:21:05 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/02/16 00:21:05 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013/02/16 00:21:05 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/02/16 00:21:05 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013/02/16 00:21:05 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013/02/16 00:21:05 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013/02/16 00:21:05 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013/02/16 00:21:04 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/02/16 00:21:04 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/02/16 00:21:04 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/02/16 00:21:03 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/02/16 00:19:24 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/02/13 19:53:25 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/02/13 19:53:25 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/02/13 19:53:23 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/02/13 19:53:23 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/02/13 19:53:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/02/13 19:53:23 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/02/13 19:53:23 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/02/13 19:53:23 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/02/13 19:53:22 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/02/13 19:53:22 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/02/13 19:53:21 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/02/13 19:53:21 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/02/13 19:53:20 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/02/13 19:53:19 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/02/13 19:53:19 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/02/13 14:25:33 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/02/13 14:25:32 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/02/13 14:25:32 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/02/13 14:25:29 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/02/13 14:25:28 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/02/13 14:25:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/02/13 14:25:28 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/02/13 14:25:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/02/13 14:25:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/02/13 14:25:23 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS

========== Files - Modified Within 30 Days ==========

[2013/03/01 17:30:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lenovo\Desktop\OTL.exe
[2013/03/01 17:20:21 | 000,031,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/01 17:20:21 | 000,031,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/01 17:16:02 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/01 17:16:02 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/01 17:16:02 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/01 17:14:37 | 000,001,839 | ---- | M] () -- C:\Users\Public\Desktop\McAfee AntiVirus Plus.lnk
[2013/03/01 17:12:32 | 000,359,937 | ---- | M] () -- C:\Windows\SysNative\fastboot.set
[2013/03/01 17:11:15 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/01 17:10:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/01 17:10:37 | 3142,864,896 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/01 15:34:01 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/01 15:05:27 | 000,289,192 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/03/01 14:59:35 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2013/02/28 23:26:34 | 000,040,464 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\99332932.sys
[2013/02/28 23:26:33 | 000,157,712 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\99332931.sys
[2013/02/28 23:26:31 | 000,352,784 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\9933293.sys
[2013/02/28 22:46:07 | 000,040,464 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\62351222.sys
[2013/02/28 22:46:06 | 000,157,712 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\62351221.sys
[2013/02/28 22:46:04 | 000,352,784 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\6235122.sys
[2013/02/28 16:56:23 | 000,069,376 | ---- | M] (Lavasoft AB) -- C:\Windows\SysNative\drivers\LBD.sys

========== Files Created - No Company Name ==========

[2012/08/14 09:28:54 | 000,000,000 | ---- | C] () -- C:\Windows\firstboot.dat
[2012/04/29 14:44:53 | 001,500,512 | ---- | C] () -- C:\Windows\SysWow64\Apblend.dll
[2012/04/29 14:44:53 | 001,171,456 | ---- | C] () -- C:\Windows\SysWow64\PicNotify.dll
[2012/04/29 14:44:44 | 001,044,480 | ---- | C] () -- C:\Windows\SysWow64\3DImageRenderer.dll
[2012/04/29 14:31:49 | 000,001,779 | ---- | C] () -- C:\Windows\vm332Rmv.ini
[2012/04/29 14:31:49 | 000,001,779 | ---- | C] () -- C:\Windows\SysWow64\vm332Rmv.ini
[2012/03/05 09:28:13 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/03/05 09:28:11 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/03/05 09:28:08 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012/03/05 09:28:08 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/03/05 09:28:06 | 013,209,600 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012/02/03 06:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | ---- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/08/14 09:30:10 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\LSC

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:553CA6CA

< End of report >


_________________
notebook Lenovo G580
CPU : Intel B 960 2.2G
RAM : 4096M
OS : WIN 7 Home Prem
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.14
Príspevky: 618
Témy: 2 | 2
Pia 01.03.13 17:38 |

Speedbit


Stiahni si SecurityCheck z http://www.bleepingcomputer.com/download/securitycheck/
Spusť stlač lubovoľnu klavesu . Vlož obsah sem z checkup.txt


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 17.11.05
Prihlásený: 19.04.15
Príspevky: 306
Témy: 81 | 81
Pia 01.03.13 17:44 |

Speedbit


Results of screen317's Security Check version 0.99.60
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
McAfee Anti-Virus and Anti-Spyware
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Adobe Reader 10.1.1 Adobe Reader out of Date!
Google Chrome 12.0.742.112
````````Process Check: objlist.exe by Laurent````````
Lenovo Instant Reset DamageGuardSvc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 5%
````````````````````End of Log``````````````````````


_________________
notebook Lenovo G580
CPU : Intel B 960 2.2G
RAM : 4096M
OS : WIN 7 Home Prem
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 17.11.05
Prihlásený: 19.04.15
Príspevky: 306
Témy: 81 | 81
Pia 01.03.13 17:47 |

Speedbit


teraz tam pise- Results have been copied to checkup.txt,which should open...now!


_________________
notebook Lenovo G580
CPU : Intel B 960 2.2G
RAM : 4096M
OS : WIN 7 Home Prem
 [ Príspevkov: 59 ] Choď na stránku: 1, 2  ďalšia


Speedbit




Powered by phpBB 3.x.x © 2005 - 2015 PCforum, webhosting by WebSupport, edited by JanoF