Skocz do zawartości

  • 👋 Witaj na MPCForum!

    Przeglądasz forum jako gość, co oznacza, że wiele świetnych funkcji jest jeszcze przed Tobą! 😎

    • Pełny dostęp do działów i ukrytych treści
    • Możliwość pisania i odpowiadania w tematach
    • System prywatnych wiadomości
    • Zbieranie reputacji i rozwijanie swojego profilu
    • Członkostwo w jednej z największych społeczności graczy

    👉 Dołączenie zajmie Ci mniej niż minutę – a zyskasz znacznie więcej!

    Zarejestruj się teraz
  • 0

Adwcleaner - Wifi i dzwięk przestał działać

kulka5010

Pytanie zadane przez kulka5010 ,

Pytanie

kulka5010 Pasjonat

kulka5010

Opublikowano
Pasjonat

kulka5010

Opublikowano

Cześć, dzisiaj chciałem oczyścić sobie laptopa z różnych shitów. Kiedy nacisnąłem clean i zrestartowałem lapka przestał działać dźwięk, nie mam żadnych zainstalowanych urządzeń audio, wat? Wifi mam włączone, ale i tak nie działa. Pomocy.

Za każdą pomocną odpowiedź daje like.

16 odpowiedzi na to pytanie

Rekomendowane odpowiedzi

Janusz. Legenda

Janusz.

Opublikowano
Legenda

Janusz.

Opublikowano

Huh. Lipa trochę bo nie wiem jak Ci pomóc. Pierwszy raz spotykam się z problemem SearchProtect. W takim razie odsyłam cię do osoby bardziej doświadczonej a mianowicie Picasso z forum MPCpc.pl. Musisz przygotować zestaw logów FRST oraz OTL oraz musisz dokładnie opisać problem jaki masz (niekoniecznie od kiedy bo i tak widać to w logach)

 

http://www.MPCpc.pl/topic/61-diagnostyka-og%C3%B3lne-raporty-systemowe/

klikasz w odnośnik "OTL" i robisz nowe logi upewniając się że wszystkie opcje masz dobrze zaznaczone. Tak samo w przypadku FRST.

 

Tyle.

kulka5010 Pasjonat

kulka5010

Opublikowano
Pasjonat

kulka5010

  • Autor
Opublikowano

OTL:

 

OTL logfile created on: 2014-05-15 18:14:39 - Run 1

OTL by OldTimer - Version 3.2.70.2 Folder = C:\AdwCleaner

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16721)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

2,93 Gb Total Physical Memory | 2,07 Gb Available Physical Memory | 70,63% Memory free

5,86 Gb Paging File | 4,92 Gb Available in Paging File | 84,03% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 421,81 Gb Total Space | 175,30 Gb Free Space | 41,56% Space Free | Partition Type: NTFS

Drive D: | 29,00 Gb Total Space | 10,41 Gb Free Space | 35,89% Space Free | Partition Type: NTFS

 

Computer Name: LENOVO-KOMPUTER | User Name: Lenovo | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2014-05-15 18:13:11 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\AdwCleaner\OTL.exe

PRC - [2014-05-09 13:51:27 | 003,579,392 | ---- | M] (Mega Limited) -- C:\Users\Lenovo\AppData\Local\MEGAsync\MEGAsync.exe

PRC - [2014-03-06 19:34:12 | 000,440,096 | ---- | M] (Skillbrains) -- C:\Users\Lenovo\AppData\Local\Skillbrains\lightshot\5.1.0.15\Lightshot.exe

PRC - [2013-11-12 14:47:02 | 001,844,224 | ---- | M] (xwidget.com) -- C:\Program Files (x86)\UX Pack\XWidget\xwidget.exe

PRC - [2013-10-28 08:50:11 | 003,567,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe

PRC - [2013-10-27 20:09:40 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe

PRC - [2013-05-17 21:55:00 | 002,372,608 | ---- | M] (xwidget.com) -- C:\Program Files (x86)\UX Pack\XLaunchpad\XLaunchPad.exe

PRC - [2013-04-23 14:48:16 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

PRC - [2013-04-23 14:48:12 | 001,561,968 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe

PRC - [2013-02-16 19:24:08 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe

PRC - [2012-10-10 00:32:14 | 000,151,552 | ---- | M] (VirtuaWin) -- C:\Program Files (x86)\UX Pack\VirtuaWin\VirtuaWin.exe

PRC - [2012-10-10 00:32:14 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\UX Pack\VirtuaWin\modules\WinList.exe

PRC - [2009-03-21 19:01:04 | 000,184,320 | ---- | M] (Y'z) -- C:\Program Files (x86)\UX Pack\YzShadow\YzShadow.exe

PRC - [2007-09-02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\UX Pack\RocketDock\RocketDock.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2014-05-04 15:59:50 | 000,463,360 | ---- | M] () -- C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX32.dll

MOD - [2013-11-04 23:10:09 | 000,786,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\5b44a8db5b70143f27fb695b5f72930d\System.Runtime.Remoting.ni.dll

MOD - [2013-11-04 23:10:07 | 003,910,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\18e76c3868d682a7c065bccd142eeec1\WindowsBase.ni.dll

MOD - [2013-11-04 23:09:54 | 006,998,016 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\d913e7d0b1d32187e0c234f8a1a581fc\System.Core.ni.dll

MOD - [2013-11-04 23:09:49 | 000,964,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\edb27e2c25837f79902054965d6813cd\System.Configuration.ni.dll

MOD - [2013-11-04 23:07:21 | 000,220,160 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\9ebb29485ad98aa062204cf08fc89167\System.ServiceProcess.ni.dll

MOD - [2013-11-04 22:55:00 | 001,880,576 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\f4fff5d6e716c439b944025d3994170d\System.Xaml.ni.dll

MOD - [2013-11-04 22:54:43 | 007,566,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\82d58d49946f82eb56bae40f3b097784\System.Xml.ni.dll

MOD - [2013-11-04 22:54:42 | 018,545,152 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\775d60de39c6f0b49f1640c4e6c8de09\PresentationFramework.ni.dll

MOD - [2013-11-04 22:54:13 | 010,926,592 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8e3d6080e8eaaaf28389f3742ff9acdd\PresentationCore.ni.dll

MOD - [2013-11-04 22:53:50 | 009,937,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\ac79b74f022d9a096de2b884f4249543\System.ni.dll

MOD - [2013-11-04 22:50:50 | 016,547,328 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\bf2ecabcd96ec8238dc385b0a3ffa084\mscorlib.ni.dll

MOD - [2013-10-27 20:09:43 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll

MOD - [2013-04-04 02:09:40 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

MOD - [2012-10-10 00:32:14 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\UX Pack\VirtuaWin\modules\WinList.exe

MOD - [2010-10-20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

MOD - [2009-08-12 13:09:14 | 000,077,824 | ---- | M] () -- C:\Program Files (x86)\UX Pack\XWidget\Res\Lib\lib.dll

MOD - [2009-03-21 18:19:54 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\UX Pack\YzShadow\Languages\English.lang

MOD - [2007-09-02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\UX Pack\RocketDock\RocketDock.exe

MOD - [2007-09-02 14:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\UX Pack\RocketDock\RocketDock.dll

 

 

========== Services (SafeList) ==========

 

SRV:64bit: - [2014-01-17 21:01:08 | 000,187,592 | ---- | M] (Sandboxie Holdings, LLC) [Disabled | Stopped] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)

SRV:64bit: - [2013-11-14 13:58:38 | 015,125,280 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)

SRV:64bit: - [2013-10-27 20:09:40 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV:64bit: - [2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2009-09-22 20:16:32 | 000,579,400 | ---- | M] (Lenovo Group Limited) [Disabled | Stopped] -- C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc)

SRV:64bit: - [2009-08-14 16:22:48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [Disabled | Stopped] -- C:\Program Files\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc)

SRV:64bit: - [2009-08-11 18:59:38 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)

SRV:64bit: - [2009-07-14 03:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\windows\SysNative\rundll32.exe -- (976137e5)

SRV:64bit: - [2008-05-08 01:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) [Disabled | Stopped] -- C:\windows\SysNative\Crypserv.exe -- (Crypkey License)

SRV - [2014-04-29 17:17:09 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2014-04-14 12:29:50 | 000,025,536 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe -- (TunnelBearMaintenance)

SRV - [2014-04-11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)

SRV - [2014-04-11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)

SRV - [2014-02-25 19:38:48 | 000,105,448 | ---- | M] (Razer Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe -- (RzKLService)

SRV - [2014-01-20 20:21:12 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)

SRV - [2014-01-20 20:20:50 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)

SRV - [2013-12-21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2013-12-09 13:08:00 | 000,096,184 | ---- | M] (Overwolf) [Disabled | Stopped] -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe -- (OverwolfUpdaterService)

SRV - [2013-11-14 13:58:23 | 001,914,656 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2013-11-11 16:37:48 | 002,756,944 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - [2013-11-11 09:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2013-10-23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2013-10-11 12:51:18 | 000,377,104 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)

SRV - [2013-07-27 00:46:24 | 000,563,624 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2013-06-26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2013-06-26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2013-04-04 15:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2013-04-04 15:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

SRV - [2013-02-16 19:24:08 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)

SRV - [2012-07-09 01:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010-03-03 22:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)

SRV - [2009-12-09 10:48:26 | 002,320,920 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)

SRV - [2009-12-09 10:48:24 | 000,268,824 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)

SRV - [2009-07-16 05:12:42 | 000,276,296 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll -- (PS_MDP)

SRV - [2009-07-14 16:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [Disabled | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS)

SRV - [2009-07-14 16:27:20 | 000,103,688 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll -- (ReadyComm.DirectRouter)

SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2014-02-03 08:45:22 | 000,129,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\windows\SysNative\drivers\scdemu.sys -- (SCDEmu)

DRV:64bit: - [2014-01-23 05:21:06 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)

DRV:64bit: - [2014-01-23 05:21:06 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)

DRV:64bit: - [2014-01-23 05:20:56 | 000,188,232 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)

DRV:64bit: - [2014-01-23 05:20:56 | 000,169,288 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)

DRV:64bit: - [2014-01-23 05:20:56 | 000,158,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)

DRV:64bit: - [2014-01-23 05:20:56 | 000,038,080 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)

DRV:64bit: - [2014-01-23 05:20:56 | 000,021,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)

DRV:64bit: - [2014-01-17 21:01:06 | 000,202,600 | ---- | M] (Sandboxie Holdings, LLC) [Kernel | On_Demand | Stopped] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)

DRV:64bit: - [2013-12-20 13:25:00 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)

DRV:64bit: - [2013-11-14 13:58:46 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)

DRV:64bit: - [2013-11-14 13:58:40 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

DRV:64bit: - [2013-11-08 20:03:14 | 000,409,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)

DRV:64bit: - [2013-10-27 20:09:54 | 001,032,416 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)

DRV:64bit: - [2013-10-27 20:09:54 | 000,205,320 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)

DRV:64bit: - [2013-10-27 20:09:54 | 000,084,328 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2013-10-27 20:09:54 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)

DRV:64bit: - [2013-10-27 20:09:54 | 000,065,264 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)

DRV:64bit: - [2013-10-27 20:09:54 | 000,038,984 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV:64bit: - [2013-10-27 20:09:53 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)

DRV:64bit: - [2013-10-27 20:09:36 | 000,044,640 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswTap.sys -- (aswTap)

DRV:64bit: - [2013-08-30 09:48:09 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswKbd.sys -- (aswKbd)

DRV:64bit: - [2013-06-28 12:45:00 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem)

DRV:64bit: - [2013-06-26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

DRV:64bit: - [2013-06-26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:64bit: - [2013-06-26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

DRV:64bit: - [2013-06-26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

DRV:64bit: - [2013-04-18 17:14:12 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag)

DRV:64bit: - [2013-04-18 17:12:26 | 000,031,744 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetadb.sys -- (andnetadb)

DRV:64bit: - [2013-04-04 15:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2012-08-21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011-09-02 09:32:02 | 000,280,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\V0520Vid.sys -- (V0520Vid)

DRV:64bit: - [2011-06-10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011-01-11 22:33:14 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)

DRV:64bit: - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010-06-24 04:43:58 | 000,167,816 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)

DRV:64bit: - [2010-06-18 15:34:58 | 004,170,304 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)

DRV:64bit: - [2010-04-20 22:14:16 | 000,200,704 | ---- | M] (SMI) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SMIksdrv.sys -- (usbsmi)

DRV:64bit: - [2010-03-12 05:23:16 | 000,242,720 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV:64bit: - [2010-03-03 21:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010-01-18 11:45:50 | 000,717,368 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)

DRV:64bit: - [2009-10-19 02:40:50 | 000,028,176 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)

DRV:64bit: - [2009-09-29 09:15:02 | 000,016,384 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgbtpt64.sys -- (LgBttPort)

DRV:64bit: - [2009-09-29 09:15:00 | 000,017,408 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgvmdm64.sys -- (LGVMODEM)

DRV:64bit: - [2009-09-29 09:15:00 | 000,014,848 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgbtbs64.sys -- (lgbusenum)

DRV:64bit: - [2009-09-17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)

DRV:64bit: - [2009-07-21 16:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)

DRV:64bit: - [2009-07-16 13:55:34 | 000,011,280 | ---- | M] (Lenovo) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDMirror.sys -- (wdmirror)

DRV:64bit: - [2009-07-16 05:38:20 | 000,079,376 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WDBridge.sys -- (Bridge0)

DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009-07-01 06:46:58 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)

DRV:64bit: - [2009-07-01 06:46:52 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)

DRV:64bit: - [2009-07-01 06:46:48 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)

DRV:64bit: - [2009-07-01 06:46:40 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)

DRV:64bit: - [2009-06-10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2009-06-10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)

DRV:64bit: - [2009-06-10 22:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)

DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009-04-07 09:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)

DRV:64bit: - [2009-03-18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)

DRV:64bit: - [2008-08-06 14:32:16 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV:64bit: - [2008-03-17 19:12:26 | 000,028,664 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Ckldrv.sys -- (NetworkX)

DRV - [2014-01-20 20:21:02 | 000,115,472 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)

DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1388677655&from=wpm0102&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A907719277192

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=ds&ts=1388677655&from=wpm0102&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A907719277192&q={searchTerms}

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=ds&ts=1388677655&from=wpm0102&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A907719277192&q={searchTerms}

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1388677655&from=wpm0102&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A907719277192

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page Before = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = http://www.google.com

IE - HKCU\..\SearchScopes,DefaultScope =

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox

IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_plPL472

IE - HKCU\..\SearchScopes\{72CB84B9-2592-4ED9-BA51-DFBA0B98CDAA}: "URL" = http://www.mysearchresults.com/search?c=2402&t=15&q={searchTerms}

IE - HKCU\..\SearchScopes\{F8D1CDFB-2BBE-4A5F-9B5F-7E1ED3EF2BB6}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=CIE&o=2240&src=kw&q={searchTerms}&locale=&apn_ptnrs=^A2T&apn_dtid=^YYYYYY^YY^PL&apn_uid=48ED29AD-0359-4560-A61F-1F00B8E6E180&apn_sauid=54F67EE8-CE5C-4DCF-9FA4-49B05BF76F87

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 8.8.8.8:80

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultengine: "Google"

FF - prefs.js..browser.search.defaultthis.engineName: ""

FF - prefs.js..browser.search.update: false

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.9.1

FF - prefs.js..extensions.enabledAddons: uploader%40adblockfilters.mozdev.org:2.1

FF - prefs.js..extensions.enabledAddons: %7B3d7eb24f-2740-49df-8937-200b1cc08f8a%7D:1.5.17

FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2006.53

FF - prefs.js..extensions.enabledAddons: mozilla_cc%40internetdownloadmanager.com:7.3.61

FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:5.8.1

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0

FF - prefs.js..network.proxy.backup.ftp: ""

FF - prefs.js..network.proxy.backup.ftp_port: 0

FF - prefs.js..network.proxy.backup.socks: ""

FF - prefs.js..network.proxy.backup.socks_port: 0

FF - prefs.js..network.proxy.backup.ssl: ""

FF - prefs.js..network.proxy.backup.ssl_port: 0

FF - prefs.js..network.proxy.ftp: "10.10.10.7"

FF - prefs.js..network.proxy.http: "10.10.10.7"

FF - prefs.js..network.proxy.share_proxy_settings: true

FF - prefs.js..network.proxy.socks: "10.10.10.7"

FF - prefs.js..network.proxy.ssl: "10.10.10.7"

FF - prefs.js..network.proxy.type: 1

 

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Lenovo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Lenovo\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Lenovo\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Lenovo\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Lenovo\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Lenovo\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Lenovo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-27 20:09:57 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\DAP\daplinkchecker [2014-04-08 08:57:12 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014-01-31 17:42:04 | 000,000,000 | ---D | M]

 

[2011-06-20 20:52:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lenovo\AppData\Roaming\mozilla\Extensions

[2011-06-20 20:52:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lenovo\AppData\Roaming\mozilla\Extensions\E7707167-8D05-4137-BA00-5561DD143808

[2014-04-05 19:31:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lenovo\AppData\Roaming\mozilla\Firefox\Profiles\ff2wnzmz.default\extensions

[2014-01-10 18:36:41 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Lenovo\AppData\Roaming\mozilla\Firefox\Profiles\ff2wnzmz.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}

[2014-04-05 19:31:37 | 000,000,000 | ---D | M] ("Flash Video Downloader - Full HD Download") -- C:\Users\Lenovo\AppData\Roaming\mozilla\Firefox\Profiles\ff2wnzmz.default\extensions\[email protected]

[2014-03-23 13:31:47 | 000,000,000 | ---D | M] (seafeWeb) -- C:\Users\Lenovo\AppData\Roaming\mozilla\Firefox\Profiles\ff2wnzmz.default\extensions\[email protected]

[2014-01-10 18:36:41 | 000,128,676 | ---- | M] () (No name found) -- C:\Users\Lenovo\AppData\Roaming\mozilla\firefox\profiles\ff2wnzmz.default\extensions\[email protected]

[2014-01-10 18:36:41 | 000,075,438 | ---- | M] () (No name found) -- C:\Users\Lenovo\AppData\Roaming\mozilla\firefox\profiles\ff2wnzmz.default\extensions\[email protected]

[2014-03-23 11:34:58 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\Lenovo\AppData\Roaming\mozilla\firefox\profiles\ff2wnzmz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2012-09-22 10:44:21 | 000,002,575 | ---- | M] () -- C:\Users\Lenovo\AppData\Roaming\mozilla\firefox\profiles\ff2wnzmz.default\searchplugins\Askcom.xml

[2013-06-13 16:54:14 | 000,006,478 | ---- | M] () -- C:\Users\Lenovo\AppData\Roaming\mozilla\firefox\profiles\ff2wnzmz.default\searchplugins\Babylon.xml

[2012-09-21 14:59:41 | 000,002,223 | ---- | M] () -- C:\Users\Lenovo\AppData\Roaming\mozilla\firefox\profiles\ff2wnzmz.default\searchplugins\BabylonMngr.xml

[2013-06-13 16:54:14 | 000,006,478 | ---- | M] () -- C:\Users\Lenovo\AppData\Roaming\mozilla\firefox\profiles\ff2wnzmz.default\searchplugins\BrowserProtect.xml

[2014-04-14 13:53:19 | 000,000,916 | ---- | M] () -- C:\Users\Lenovo\AppData\Roaming\mozilla\firefox\profiles\ff2wnzmz.default\searchplugins\conduit-search.xml

[2013-05-02 18:34:34 | 000,001,294 | ---- | M] () -- C:\Users\Lenovo\AppData\Roaming\mozilla\firefox\profiles\ff2wnzmz.default\searchplugins\delta.xml

[2013-06-13 16:54:48 | 000,001,305 | ---- | M] () -- C:\Users\Lenovo\AppData\Roaming\mozilla\firefox\profiles\ff2wnzmz.default\searchplugins\mixidj.xml

[2013-11-29 18:56:28 | 000,007,854 | ---- | M] () -- C:\Users\Lenovo\AppData\Roaming\mozilla\firefox\profiles\ff2wnzmz.default\searchplugins\WebSearch.xml

[2014-01-31 17:42:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\Extensions

[2014-04-16 14:27:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions

[2014-01-31 17:42:18 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2013-10-27 20:09:57 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

File not found (No name found) -- C:\USERS\LENOVO\APPDATA\ROAMING\IDM\IDMMZCC5

[2013-05-02 18:34:24 | 000,006,503 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Babylon.xml

[2014-01-02 17:47:35 | 000,000,585 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\delta-homes.xml

[2013-05-25 21:04:33 | 000,000,803 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\portaldosites.xml

 

========== Chrome ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}

CHR - homepage: http://www.bing.com/

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll

CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Lenovo\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Lenovo\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Lenovo\AppData\Roaming\Mozilla\plugins\npo1d.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Java Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Unity Player (Enabled) = C:\Users\Lenovo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Lenovo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll

CHR - plugin: Google Update (Enabled) = C:\Users\Lenovo\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll

CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\windows\SysWOW64\npDeployJava1.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

CHR - Extension: Angry Birds = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_1\

CHR - Extension: Download Accelerator Plus (DAP) = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.1.0.1_0\

CHR - Extension: AdBlock Premium = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj\2.6.4.3_0\

CHR - Extension: AdBlock = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.25_0\

CHR - Extension: AdBlock = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.29_0\

CHR - Extension: Cut the Rope = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\16_0\

CHR - Extension: Dropbox = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl\3.0.8_0\

CHR - Extension: Adblock Super = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd\2.5.5_0\

CHR - Extension: Adblock Super = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd\2.5.6_0\

CHR - Extension: Skype Click to Call = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.2.15747.10003_0\

CHR - Extension: Quick Note = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.6.6_0\

CHR - Extension: Kapsel Tymbark = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnojlbipdcpbccmdifkheninbboihpnd\1.1.3_0\

CHR - Extension: seafeWeb = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\oamocjipejfnmggpegopejfddkmlclkj\1.1\

CHR - Extension: APK Downloader = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhlfmheblhjhkmacldlhdnbgbaiigba\2.1.2_0\

CHR - Extension: Picky Wallpapers = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\odklcfojpedohplkimfdpcamkjnhanaj\1.0.0_1\

 

O1 HOSTS File: ([2014-05-14 20:43:16 | 000,000,000 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (ssafeWeeb) - {1FBA780A-5830-77F9-BC55-90A8E6A4A7E2} - C:\Program Files (x86)\ssafeWeeb\x8a8X.x64.dll ()

O2:64bit: - BHO: (EnujoyCoUpoonu) - {4AED814F-11C3-535A-4462-B8D8D277DA6A} - C:\ProgramData\EnujoyCoUpoonu\0.x64.dll File not found

O2:64bit: - BHO: (CoupExtension) - {7C662EA3-0373-0B0D-4EF9-D0497505BA25} - C:\ProgramData\CoupExtension\swKl0X5Yd6.x64.dll File not found

O2 - BHO: (SpeedBit Link Verification Helper) - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files (x86)\DAP\LinkVerifier.dll (Speedbit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)

O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)

O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)

O4 - HKLM..\Run: [RazerGameBooster] C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe (Razer Inc.)

O4 - HKLM..\Run: [uX Launcher] C:\Program Files (x86)\UX Pack\uxlaunch.exe (Windows X)

O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup File not found

O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)

O4 - HKCU..\Run: [LG LinkAir] File not found

O4 - HKCU..\Run: [LightShot] C:\Users\Lenovo\AppData\Local\Skillbrains\lightshot\Lightshot.exe ()

O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\UX Pack\RocketDock\RocketDock.exe ()

O4 - HKCU..\Run: [sandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (Sandboxie Holdings, LLC)

O4 - Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk = C:\Users\Lenovo\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)

O4 - Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O8:64bit: - Extra context menu item: &Download All using 4shared Desktop - res://C:\Program Files (x86)\4shared Desktop\Desktop.32/D_ALL_LINK File not found

O8:64bit: - Extra context menu item: &Download using 4shared Desktop - res://C:\Program Files (x86)\4shared Desktop\Desktop.32/D_ONE_LINK File not found

O8:64bit: - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm ()

O8:64bit: - Extra context menu item: &Verify with DAP - C:\Program Files (x86)\DAP\dapverify.htm ()

O8:64bit: - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm ()

O8:64bit: - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()

O8:64bit: - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: &Download All using 4shared Desktop - res://C:\Program Files (x86)\4shared Desktop\Desktop.32/D_ALL_LINK File not found

O8 - Extra context menu item: &Download using 4shared Desktop - res://C:\Program Files (x86)\4shared Desktop\Desktop.32/D_ONE_LINK File not found

O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm ()

O8 - Extra context menu item: &Verify with DAP - C:\Program Files (x86)\DAP\dapverify.htm ()

O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm ()

O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Unable to open value key File not found

O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\WTFastDrv.dll (Initex)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\WTFastDrv.dll (Initex)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\WTFastDrv.dll (Initex)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\WTFastDrv.dll (Initex)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Windows\SysNative\WTFastDrv.dll (Initex)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\WTFastDrv.dll (Initex)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\WTFastDrv.dll (Initex)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\WTFastDrv.dll (Initex)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\WTFastDrv.dll (Initex)

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\SysWOW64\WTFastDrv.dll (Initex)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E4C0066-3B3C-4E38-AC47-879DE38C1E92}: DhcpNameServer = 192.168.0.1

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (Conduit)

O20:64bit: - AppInit_DLLs: (C:\PROGRA~3\WebPlat\WEBPLA~1.DLL) - C:\ProgramData\WebPlat\WebPlat_x64.dll ()

O20 - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (Conduit)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\MSDCSC\msdcsc.exe) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{a02e5868-416c-11e3-a257-b870f44c3059}\Shell - "" = AutoRun

O33 - MountPoints2\{a02e5868-416c-11e3-a257-b870f44c3059}\Shell\AutoRun\command - "" = G:\LGAutoRun.exe

O33 - MountPoints2\{a21a0b64-2743-11e2-92f3-001e101f3315}\Shell - "" = AutoRun

O33 - MountPoints2\{a21a0b64-2743-11e2-92f3-001e101f3315}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{ac262d17-71be-11e2-978b-b870f44c3059}\Shell - "" = AutoRun

O33 - MountPoints2\{ac262d17-71be-11e2-978b-b870f44c3059}\Shell\AutoRun\command - "" = G:\LGAutoRun.exe

O33 - MountPoints2\{d2bf434c-d599-11e1-b9d5-001e101f8ed0}\Shell - "" = AutoRun

O33 - MountPoints2\{d2bf434c-d599-11e1-b9d5-001e101f8ed0}\Shell\AutoRun\command - "" = H:\LGAutoRun.exe

O33 - MountPoints2\{f5171da7-a0e3-11e0-b71e-18f46af39ffc}\Shell - "" = AutoRun

O33 - MountPoints2\{f5171da7-a0e3-11e0-b71e-18f46af39ffc}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{f5171dd6-a0e3-11e0-b71e-18f46af39ffc}\Shell - "" = AutoRun

O33 - MountPoints2\{f5171dd6-a0e3-11e0-b71e-18f46af39ffc}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\F\Shell - "" = AutoRun

O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Install.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2014-05-15 18:12:46 | 000,601,088 | ---- | C] (OldTimer Tools) -- C:\Users\Lenovo\Desktop\OTL.exe

[2014-05-15 16:55:07 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Documents\smart pc cleaner

[2014-05-15 16:55:07 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\simplitec

[2014-05-15 16:55:07 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\ExpressFiles

[2014-05-15 16:55:07 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\eIntaller

[2014-05-15 16:55:07 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\Babylon

[2014-05-15 16:55:06 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\B1Toolbar

[2014-05-15 16:55:06 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\337

[2014-05-15 16:55:05 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\SwvUpdater

[2014-05-15 16:55:05 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\SearchProtect

[2014-05-15 16:55:05 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Qtrax

[2014-05-15 16:55:05 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\PutLockerDownloader

[2014-05-15 16:55:05 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\cre

[2014-05-15 16:55:05 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\Conduit

[2014-05-15 16:55:05 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\B1E

[2014-05-15 16:55:04 | 000,000,000 | ---D | C] -- C:\ProgramData\wxDownload

[2014-05-15 16:55:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect

[2014-05-15 16:55:04 | 000,000,000 | ---D | C] -- C:\ProgramData\EnujoyCoUpoonu

[2014-05-15 16:55:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Desk 365

[2014-05-15 16:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer

[2014-05-15 16:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\simplitec

[2014-05-15 16:55:01 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate

[2014-05-15 16:55:01 | 000,000,000 | ---D | C] -- C:\ProgramData\eSafe

[2014-05-15 16:24:06 | 000,000,000 | ---D | C] -- C:\AdwCleaner

[2014-05-12 16:21:59 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\TS3Client

[2014-05-12 16:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client

[2014-05-12 16:19:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client

[2014-05-10 20:57:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Time Reversal 2

[2014-05-10 20:57:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Video Time Reversal 2

[2014-05-10 17:31:09 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\avidemux

[2014-05-10 17:30:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux

[2014-05-10 17:30:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avidemux 2.6

[2014-05-06 21:32:30 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

[2014-05-06 21:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

[2014-05-06 21:32:20 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR

[2014-05-05 15:03:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva

[2014-05-05 15:03:01 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva

[2014-05-03 21:37:12 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\HockeyCrashes

[2014-05-03 21:36:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear

[2014-05-03 21:36:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TunnelBear

[2014-05-03 21:36:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache

[2014-04-30 19:06:14 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\.csrvlauncher

[2014-04-23 08:43:59 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\com.beatport.BeatportDownloader

[2014-04-23 08:43:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Beatport Downloader

[2014-04-19 18:34:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client

[2013-11-23 16:07:35 | 009,112,848 | ---- | C] (PC Cleaners) -- C:\ProgramData\pclunst.exe

[2013-03-09 20:19:24 | 013,501,712 | ---- | C] (Electronic Arts Inc.) -- C:\Users\Lenovo\TS3W.exe

[2013-03-09 20:19:24 | 005,010,704 | ---- | C] (Electronic Arts, Inc.) -- C:\Users\Lenovo\TSLHost.dll

[2012-03-05 20:24:20 | 002,371,152 | ---- | C] (DownVision ) -- C:\Users\Lenovo\AppData\Local\setup.exe

[6 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2014-05-15 18:12:02 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Users\Lenovo\Desktop\OTL.exe

[2014-05-15 18:07:15 | 000,013,632 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2014-05-15 18:07:15 | 000,013,632 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2014-05-15 18:00:11 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat

[2014-05-15 17:59:27 | 2358,390,784 | -HS- | M] () -- C:\hiberfil.sys

[2014-05-15 16:23:00 | 000,001,062 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3914683434-684966938-2725549555-1000UA.job

[2014-05-15 16:23:00 | 000,001,010 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3914683434-684966938-2725549555-1000Core.job

[2014-05-15 16:17:00 | 000,001,048 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

[2014-05-15 16:08:00 | 000,000,930 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job

[2014-05-15 16:04:01 | 000,000,390 | ---- | M] () -- C:\windows\tasks\update-S-1-5-21-3914683434-684966938-2725549555-1000.job

[2014-05-15 15:34:00 | 000,000,294 | ---- | M] () -- C:\windows\tasks\Dealply.job

[2014-05-15 15:22:09 | 000,000,932 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3914683434-684966938-2725549555-1000UA.job

[2014-05-15 15:07:00 | 000,000,432 | ---- | M] () -- C:\windows\tasks\pc-dis-upd.job

[2014-05-15 13:42:01 | 000,000,390 | ---- | M] () -- C:\windows\tasks\update-sys.job

[2014-05-14 18:22:01 | 000,000,910 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3914683434-684966938-2725549555-1000Core.job

[2014-05-14 18:17:00 | 000,001,044 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job

[2014-05-13 18:15:18 | 017,194,510 | ---- | M] () -- C:\Users\Lenovo\Desktop\jemseczekolade.wmv

[2014-05-13 16:52:33 | 020,019,692 | ---- | M] () -- C:\Users\Lenovo\Desktop\bitboxlucka.avi

[2014-05-13 16:28:17 | 024,110,592 | ---- | M] () -- C:\Users\Lenovo\Desktop\bandicam 2014-05-13 16-26-32-080.avi.rev.avi

[2014-05-13 16:02:02 | 000,000,318 | ---- | M] () -- C:\windows\WPE PRO - modified.INI

[2014-05-12 20:52:38 | 000,049,744 | ---- | M] () -- C:\Users\Lenovo\Desktop\tumblr_static_tumblr_static_keep-calm-and-listen-to-monstercat.png

[2014-05-12 16:19:51 | 000,001,122 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk

[2014-05-11 13:36:55 | 000,204,800 | ---- | M] () -- C:\Users\Lenovo\Desktop\comet.dff

[2014-05-11 13:36:55 | 000,010,240 | ---- | M] () -- C:\Users\Lenovo\Desktop\comet.txd

[2014-05-11 13:35:33 | 000,219,136 | ---- | M] () -- C:\Users\Lenovo\Desktop\turismo.dff

[2014-05-11 13:35:33 | 000,010,240 | ---- | M] () -- C:\Users\Lenovo\Desktop\turismo.txd

[2014-05-11 11:56:03 | 000,000,394 | -H-- | M] () -- C:\windows\tasks\{5813D8AE-E1FF-47F3-A707-765886861780}.job

[2014-05-11 11:18:57 | 157,717,504 | ---- | M] () -- C:\Users\Lenovo\Desktop\VID_20140511_105901.mp4.rev.avi

[2014-05-10 22:35:57 | 020,246,016 | ---- | M] () -- C:\Users\Lenovo\Desktop\my_edited_video-WRAe801ZOCo_fmt43.3gp.rev.avi

[2014-05-10 22:30:22 | 039,255,552 | ---- | M] () -- C:\Users\Lenovo\Desktop\dropsig-ZKhF6rmApfA_fmt22-orig.mp4.rev.avi

[2014-05-10 21:06:36 | 058,509,312 | ---- | M] () -- C:\Users\Lenovo\Desktop\zx.avi

[2014-05-10 21:03:43 | 006,701,736 | ---- | M] () -- C:\Users\Lenovo\Desktop\Capture_20140510 (2).wmv

[2014-05-10 20:59:32 | 061,827,584 | ---- | M] () -- C:\Users\Lenovo\Desktop\Capture_20140510.wmv.rev.avi

[2014-05-10 17:30:48 | 000,000,997 | ---- | M] () -- C:\Users\Public\Desktop\Avidemux 2.6 (32-bit).lnk

[2014-05-10 17:23:49 | 006,173,706 | ---- | M] () -- C:\Users\Lenovo\Desktop\Capture_20140510.wmv

[2014-04-30 19:06:05 | 002,474,118 | ---- | M] () -- C:\Users\Lenovo\Desktop\CraftserveLauncher.exe

[2014-04-29 17:17:09 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe

[2014-04-29 17:17:09 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

[2014-04-21 19:11:30 | 000,001,057 | ---- | M] () -- C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk

[2014-04-21 19:08:39 | 009,112,848 | ---- | M] (PC Cleaners) -- C:\ProgramData\pclunst.exe

[2014-04-20 09:57:48 | 001,708,830 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI

[2014-04-20 09:57:48 | 000,753,692 | ---- | M] () -- C:\windows\SysNative\perfh015.dat

[2014-04-20 09:57:48 | 000,666,642 | ---- | M] () -- C:\windows\SysNative\perfh009.dat

[2014-04-20 09:57:48 | 000,162,820 | ---- | M] () -- C:\windows\SysNative\perfc015.dat

[2014-04-20 09:57:48 | 000,127,454 | ---- | M] () -- C:\windows\SysNative\perfc009.dat

[2014-04-19 21:53:14 | 418,165,331 | ---- | M] () -- C:\windows\MEMORY.DMP

[6 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2014-05-15 16:23:53 | 000,994,642 | ---- | C] () -- C:\Users\Lenovo\Desktop\adwcleaner.exe

[2014-05-13 18:15:00 | 017,194,510 | ---- | C] () -- C:\Users\Lenovo\Desktop\jemseczekolade.wmv

[2014-05-13 16:52:26 | 020,019,692 | ---- | C] () -- C:\Users\Lenovo\Desktop\bitboxlucka.avi

[2014-05-13 16:28:08 | 024,110,592 | ---- | C] () -- C:\Users\Lenovo\Desktop\bandicam 2014-05-13 16-26-32-080.avi.rev.avi

[2014-05-12 20:52:33 | 000,049,744 | ---- | C] () -- C:\Users\Lenovo\Desktop\tumblr_static_tumblr_static_keep-calm-and-listen-to-monstercat.png

[2014-05-12 16:19:51 | 000,001,122 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk

[2014-05-11 13:36:55 | 000,204,800 | ---- | C] () -- C:\Users\Lenovo\Desktop\comet.dff

[2014-05-11 13:36:55 | 000,010,240 | ---- | C] () -- C:\Users\Lenovo\Desktop\comet.txd

[2014-05-11 13:35:05 | 000,219,136 | ---- | C] () -- C:\Users\Lenovo\Desktop\turismo.dff

[2014-05-11 13:35:05 | 000,010,240 | ---- | C] () -- C:\Users\Lenovo\Desktop\turismo.txd

[2014-05-11 11:18:26 | 157,717,504 | ---- | C] () -- C:\Users\Lenovo\Desktop\VID_20140511_105901.mp4.rev.avi

[2014-05-10 22:35:52 | 020,246,016 | ---- | C] () -- C:\Users\Lenovo\Desktop\my_edited_video-WRAe801ZOCo_fmt43.3gp.rev.avi

[2014-05-10 22:30:10 | 039,255,552 | ---- | C] () -- C:\Users\Lenovo\Desktop\dropsig-ZKhF6rmApfA_fmt22-orig.mp4.rev.avi

[2014-05-10 21:06:01 | 058,509,312 | ---- | C] () -- C:\Users\Lenovo\Desktop\zx.avi

[2014-05-10 21:02:48 | 006,701,736 | ---- | C] () -- C:\Users\Lenovo\Desktop\Capture_20140510 (2).wmv

[2014-05-10 20:59:16 | 061,827,584 | ---- | C] () -- C:\Users\Lenovo\Desktop\Capture_20140510.wmv.rev.avi

[2014-05-10 17:30:48 | 000,000,997 | ---- | C] () -- C:\Users\Public\Desktop\Avidemux 2.6 (32-bit).lnk

[2014-05-10 17:22:57 | 006,173,706 | ---- | C] () -- C:\Users\Lenovo\Desktop\Capture_20140510.wmv

[2014-04-30 19:10:20 | 002,474,118 | ---- | C] () -- C:\Users\Lenovo\Desktop\CraftserveLauncher.exe

[2014-04-27 17:39:35 | 000,963,564 | ---- | C] () -- C:\Users\Lenovo\Desktop\DarkLauncher v5.0.exe

[2014-04-23 08:43:55 | 000,000,953 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Beatport Downloader.lnk

[2014-04-21 19:11:30 | 000,001,057 | ---- | C] () -- C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk

[2014-04-19 21:53:14 | 418,165,331 | ---- | C] () -- C:\windows\MEMORY.DMP

[2014-04-12 14:45:14 | 000,001,085 | ---- | C] () -- C:\windows\AZPR3.INI

[2014-04-12 14:41:20 | 000,000,850 | ---- | C] () -- C:\windows\ARPR.INI

[2014-04-08 08:41:15 | 000,109,696 | ---- | C] () -- C:\windows\SysWow64\EasyHook64.dll

[2014-04-08 08:41:15 | 000,091,264 | ---- | C] () -- C:\windows\SysWow64\EasyHook32.dll

[2014-03-21 21:24:23 | 000,001,822 | ---- | C] () -- C:\windows\Sandboxie.ini

[2014-01-03 21:58:49 | 000,007,605 | ---- | C] () -- C:\Users\Lenovo\AppData\Local\Resmon.ResmonCfg

[2014-01-03 17:21:30 | 000,076,288 | ---- | C] () -- C:\windows\SysWow64\moveex.exe

[2013-12-30 16:07:32 | 000,315,682 | ---- | C] () -- C:\windows\SysWow64\slwc.exe

[2013-12-30 16:01:05 | 000,111,104 | ---- | C] () -- C:\windows\SysWow64\Uharc.exe

[2013-12-30 16:01:05 | 000,008,636 | ---- | C] () -- C:\windows\SysWow64\modifype.exe

[2013-12-25 11:23:00 | 000,065,536 | ---- | C] () -- C:\windows\IFinst27.exe

[2013-11-23 10:31:01 | 000,000,215 | ---- | C] () -- C:\Users\Lenovo\AppData\Roaming\uninstall.bat

[2013-08-05 08:15:08 | 000,066,104 | ---- | C] () -- C:\windows\SysWow64\bdmpegv.dll

[2013-08-05 08:15:06 | 000,023,080 | ---- | C] () -- C:\windows\SysWow64\bdmjpeg.dll

[2013-08-01 20:59:02 | 000,000,266 | RHS- | C] () -- C:\Users\Lenovo\ntuser.pol

[2013-06-13 19:30:08 | 000,001,786 | ---- | C] () -- C:\Users\Lenovo\AppData\Local\recently-used.xbel

[2013-06-02 18:52:30 | 006,307,840 | ---- | C] ( ) -- C:\windows\sspro.exe

[2013-06-02 18:52:29 | 000,024,576 | ---- | C] () -- C:\windows\svcextend32.exe

[2013-06-02 18:51:44 | 000,003,747 | ---- | C] () -- C:\windows\memgprep.dll

[2013-06-02 18:51:44 | 000,000,304 | ---- | C] () -- C:\windows\km32hlpr.dll

[2013-06-02 18:51:44 | 000,000,000 | ---- | C] () -- C:\windows\wnsperf32.dll

[2013-06-02 18:51:44 | 000,000,000 | ---- | C] () -- C:\windows\winid332.dll

[2013-06-02 18:51:44 | 000,000,000 | ---- | C] () -- C:\windows\stdensrv.dll

[2013-06-02 18:51:44 | 000,000,000 | ---- | C] () -- C:\windows\javexisb.dll

[2013-06-02 18:51:44 | 000,000,000 | ---- | C] () -- C:\windows\javexisa.dll

[2013-06-02 18:51:44 | 000,000,000 | ---- | C] () -- C:\windows\cr2gui32.dll

[2013-05-10 20:01:52 | 000,000,318 | ---- | C] () -- C:\windows\WPE PRO - modified.INI

[2013-04-30 09:16:39 | 000,186,432 | -H-- | C] () -- C:\windows\SysWow64\mlfcache.dat

[2013-04-18 20:07:00 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe

[2013-04-18 20:06:46 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll

[2013-04-18 20:06:46 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll

[2013-04-18 20:06:46 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll

[2013-04-18 20:06:46 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll

[2013-03-22 10:16:02 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat

[2013-01-22 16:24:56 | 000,000,088 | ---- | C] () -- C:\ProgramData\profile.xml

[2013-01-14 15:36:08 | 000,000,004 | ---- | C] () -- C:\windows\vx86036.dat

[2013-01-14 15:35:43 | 000,000,127 | ---- | C] () -- C:\windows\Crypkey.ini

[2013-01-14 15:35:38 | 000,011,776 | ---- | C] () -- C:\windows\Ckrfresh.exe

[2013-01-14 15:35:37 | 000,027,648 | R--- | C] () -- C:\windows\Setup_ck.exe

[2013-01-14 15:35:37 | 000,018,432 | ---- | C] () -- C:\windows\Setup_ck.dll

[2012-12-15 13:51:50 | 000,076,888 | ---- | C] () -- C:\windows\SysWow64\PnkBstrA.exe

[2012-12-15 13:51:43 | 000,111,928 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.exe

[2012-12-01 13:04:40 | 000,000,443 | ---- | C] () -- C:\Users\Lenovo\AppData\Local\UserProducts.xml

[2012-11-26 15:47:47 | 003,397,184 | ---- | C] () -- C:\Program Files (x86)\race_01.mp3

[2012-07-12 16:25:22 | 000,639,488 | ---- | C] () -- C:\windows\SysWow64\ficvdec_x86.dll

[2012-03-10 18:35:10 | 000,000,094 | ---- | C] () -- C:\Users\Lenovo\AppData\Local\fusioncache.dat

 

========== ZeroAccess Check ==========

 

[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2013-07-26 04:24:58 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

 

========== LOP Check ==========

 

[2014-05-12 16:29:10 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\.csrvlauncher

[2014-05-15 14:07:36 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\.minecraft

[2013-12-21 13:42:01 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\.minecraftzyczu

[2013-05-20 16:09:00 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\.tshock

[2014-05-15 16:55:06 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\337

[2014-01-06 18:38:50 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\4shared Desktop

[2012-12-17 10:42:52 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\ArcSyncConfig

[2014-03-23 11:26:22 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Audacity

[2013-10-28 07:06:09 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\AVAST Software

[2014-05-10 21:04:55 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\avidemux

[2014-05-15 16:55:07 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\B1Toolbar

[2014-05-15 16:55:07 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Babylon

[2013-01-09 18:38:27 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\BANDISOFT

[2014-03-11 15:28:22 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\BitTorrent

[2013-03-30 16:22:02 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

[2014-04-23 08:43:59 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\com.beatport.BeatportDownloader

[2014-04-06 12:46:09 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\DMCache

[2014-04-17 11:35:09 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Dropbox

[2014-05-15 16:55:07 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\eIntaller

[2014-05-15 16:55:07 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\ExpressFiles

[2014-05-10 19:51:45 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\FileZilla

[2013-04-20 09:12:00 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\ftblauncher

[2012-06-01 21:56:40 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Gadu-Gadu 10

[2013-11-24 10:20:37 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\GG

[2014-01-24 14:25:41 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\LG Electronics

[2013-04-26 14:54:51 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\LolClient

[2013-08-01 21:13:25 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\MAGIX

[2013-05-18 10:53:30 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\MAXON

[2013-11-25 22:37:36 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\mgyun

[2013-11-27 22:06:58 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\NapiProjekt

[2012-06-24 16:07:15 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Need for Speed World

[2013-04-23 14:56:51 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\OGG to MP3 Converter

[2012-06-01 19:27:36 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\OpenFM

[2014-03-27 16:18:12 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Opera Software

[2013-09-30 18:52:48 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Origin

[2011-06-20 20:52:24 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\PC-Doctor, Inc

[2013-11-23 16:53:04 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\PC-Gizmos

[2013-08-09 19:28:33 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\PDAppFlex

[2013-09-08 11:10:09 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\PowerISO

[2013-04-11 16:14:49 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Qarbon

[2014-05-15 16:55:07 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\simplitec

[2013-01-26 13:59:08 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\skyz

[2013-05-21 20:52:41 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\SoftGrid Client

[2014-04-08 08:41:22 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\SpeedBit

[2013-01-26 14:29:08 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\TP

[2014-05-12 16:26:43 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\TS3Client

[2012-10-05 20:25:35 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Unity

[2014-05-08 16:02:23 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\uTorrent

[2013-08-19 13:48:32 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Wargaming.net

 

========== Purity Check ==========

 

 

 

========== Files - Unicode (All) ==========

(C:\ProgramData\Microsoft\Windows\Start Menu\Programs\?rd?m?x Keylogger 4.1.2) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Аrdаmаx Keylogger 4.1.2

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 160 bytes -> C:\ProgramData\MTA San Andreas All:NT2

@Alternate Data Stream - 160 bytes -> C:\ProgramData:NT2

@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:07F6D9E4

@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:56E2E879

 

< End of report >

 

 

Janusz. Legenda

Janusz.

Opublikowano
Legenda

Janusz.

Opublikowano

Zrobimy inaczej. Uruchom przywracanie systemu i cofnij do momentu sprzed usuwania adwcleanerem. czyli cofnij system jakoś do 14 maja o ile będziesz miał taką opcje.

kulka5010 Pasjonat

kulka5010

Opublikowano
Pasjonat

kulka5010

  • Autor
Opublikowano

Zaraz dam tylko musze to nagrac i wrzucic na yt bo nawet mi tabletu nie chce wykryć.

Edit: Logów otl raczej nie dam rady załatwić.

kulka5010 Pasjonat

kulka5010

Opublikowano
Pasjonat

kulka5010

  • Autor
Opublikowano

Zrobimy inaczej. Uruchom przywracanie systemu i cofnij do momentu sprzed usuwania adwcleanerem. czyli cofnij system jakoś do 14 maja o ile będziesz miał taką opcje.

Nie da rady :s

kulka5010 Pasjonat

kulka5010

Opublikowano
Pasjonat

kulka5010

  • Autor
Opublikowano

Miałem tą funkce wyłączoną, a teraz jak chcę to włączyć wyskakuje mi błąd (0x81000202)

kulka5010 Pasjonat

kulka5010

Opublikowano
Pasjonat

kulka5010

  • Autor
Opublikowano

Adw:

 

 

 

AdwCleaner v3.001 - Report created 15/05/2014 at 16:24:09# Updated 24/08/2013 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : Lenovo - LENOVO-KOMPUTER# Running from : C:\Users\Lenovo\Desktop\adwcleaner.exe# Option : Scan***** [ Services ] *****Service Found : BackupStackService Found : CltMngSvc***** [ Files / Folders ] *****File Found : C:\ENDFile Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xmlFile Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\portaldosites.xmlFile Found : C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnkFile Found : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\ff2wnzmz.default\\invalidprefs.jsFile Found : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\ff2wnzmz.default\searchplugins\Askcom.xmlFile Found : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\ff2wnzmz.default\searchplugins\Babylon.xmlFile Found : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\ff2wnzmz.default\searchplugins\BabylonMngr.xmlFile Found : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\ff2wnzmz.default\searchplugins\BrowserProtect.xmlFile Found : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\ff2wnzmz.default\searchplugins\delta.xmlFile Found : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\ff2wnzmz.default\searchplugins\mixidj.xmlFile Found : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\ff2wnzmz.default\searchplugins\WebSearch.xmlFile Found : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\ff2wnzmz.default\user.jsFile Found : C:\windows\System32\roboot64.exeFile Found : C:\windows\System32\Tasks\DealplyFile Found : C:\windows\System32\Tasks\DealPlyUpdateFile Found : C:\windows\Tasks\Dealply.jobFolder Found C:\Program Files (x86)\BabylonFolder Found C:\Program Files (x86)\Common Files\337Folder Found C:\Program Files (x86)\DefaultTabFolder Found C:\Program Files (x86)\Desk 365Folder Found C:\Program Files (x86)\ExpressFilesFolder Found C:\Program Files (x86)\MyPC BackupFolder Found C:\Program Files (x86)\MyPC Backup Folder Found C:\Program Files (x86)\OAppsFolder Found C:\Program Files (x86)\SearchProtectFolder Found C:\Program Files (x86)\TornTV.comFolder Found C:\Program Files (x86)\WebSearchFolder Found C:\Program Files (x86)\WinZipperFolder Found C:\Program Files\BabylonFolder Found C:\ProgramData\BabylonFolder Found C:\ProgramData\BetterSoftFolder Found C:\ProgramData\EnujoyCoUpoonuFolder Found C:\ProgramData\eSafeFolder Found C:\ProgramData\InstallMateFolder Found C:\ProgramData\simplitecFolder Found C:\ProgramData\SoftSafeFolder Found C:\ProgramData\Tarma InstallerFolder Found C:\ProgramData\wxDownloadFolder Found C:\Users\Lenovo\AppData\Local\B1EFolder Found C:\Users\Lenovo\AppData\Local\ConduitFolder Found C:\Users\Lenovo\AppData\Local\creFolder Found C:\Users\Lenovo\AppData\Local\lollipopFolder Found C:\Users\Lenovo\AppData\Local\PutLockerDownloaderFolder Found C:\Users\Lenovo\AppData\Local\SearchProtectFolder Found C:\Users\Lenovo\AppData\Local\SwvUpdaterFolder Found C:\Users\Lenovo\AppData\LocalLow\BabylonToolbarFolder Found C:\Users\Lenovo\AppData\LocalLow\ConduitFolder Found C:\Users\Lenovo\AppData\Roaming\337Folder Found C:\Users\Lenovo\AppData\Roaming\B1ToolbarFolder Found C:\Users\Lenovo\AppData\Roaming\BabylonFolder Found C:\Users\Lenovo\AppData\Roaming\eIntallerFolder Found C:\Users\Lenovo\AppData\Roaming\ExpressFilesFolder Found C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC BackupFolder Found C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup Folder Found C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\ff2wnzmz.default\jetpackFolder Found C:\Users\Lenovo\AppData\Roaming\simplitecFolder Found C:\Users\Lenovo\AppData\Roaming\SystweakFolder Found C:\Users\Lenovo\Documents\smart pc cleanerFolder Found C:\Users\Lenovo\Qtrax***** [ Shortcuts ] *****Shortcut Found : C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.portaldosites.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A907719277192&ts=1369508672 )Shortcut Found : C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Program uruchamiaj¹cy aplikacje Chrome.lnk ( hxxp://www.delta-homes.com/?type=sc&ts=1388677655&from=wpm0102&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A907719277192 )Shortcut Found : C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.portaldosites.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A907719277192&ts=1369508672 )Shortcut Found : C:\Users\Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A907719277192&ts=1373111218 )Shortcut Found : C:\Users\Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.portaldosites.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A907719277192&ts=1369508672 )***** [ Registry ] *****Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A907719277192&ts=1377198148Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\SAFARI.EXE\shell\open\command [(Default)] - "C:\Program Files (x86)\Safari\Safari.exe" hxxp://www.delta-homes.com/?type=sc&ts=1388677655&from=wpm0102&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A907719277192Key Found : HKCU\Software\0cc2e62ef151ade53135716a79cd96fdKey Found : HKCU\Software\APN PIPKey Found : HKCU\Software\AppDataLow\Software\ConduitKey Found : HKCU\Software\AppDataLow\Software\SmartBarKey Found : HKCU\Software\BabSolutionKey Found : HKCU\Software\bead739c11b6815884fb1a13a48ced96Key Found : HKCU\Software\BrowserMngrKey Found : HKCU\Software\ConduitKey Found : HKCU\Software\ExpressFilesKey Found : HKCU\Software\f28bd1b03aec42Key Found : HKCU\Software\lollipopKey Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}Key Found : HKCU\Software\PIPKey Found : HKCU\Software\SoftonicKey Found : HKCU\Software\UpdateStarKey Found : [x64] HKCU\Software\APN PIPKey Found : [x64] HKCU\Software\BabSolutionKey Found : [x64] HKCU\Software\BrowserMngrKey Found : [x64] HKCU\Software\ConduitKey Found : [x64] HKCU\Software\ExpressFilesKey Found : [x64] HKCU\Software\lollipopKey Found : [x64] HKCU\Software\PIPKey Found : [x64] HKCU\Software\SoftonicKey Found : [x64] HKCU\Software\UpdateStarKey Found : HKLM\Software\BabylonKey Found : HKLM\Software\BrowserMngrKey Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}Key Found : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}Key Found : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXEKey Found : HKLM\SOFTWARE\Classes\AppID\secman.DLLKey Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}Key Found : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}Key Found : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}Key Found : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}Key Found : HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}Key Found : HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}Key Found : HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}Key Found : HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}Key Found : HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}Key Found : HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}Key Found : HKLM\SOFTWARE\Classes\Prod.capKey Found : HKLM\SOFTWARE\Classes\speedupmypcKey Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{5C9A2304-70A5-11D5-AFB0-0050DAC67890}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpdKey Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1Key Found : HKLM\Software\ConduitKey Found : HKLM\Software\DataMngrKey Found : HKLM\Software\delta-homesSoftwareKey Found : HKLM\Software\DesksvcKey Found : HKLM\Software\ExpressFilesKey Found : HKLM\Software\InstallIQKey Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_blueeyem_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_blueeyem_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_java-development-kit_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_java-development-kit_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_mini-monitoring_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_mini-monitoring_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_san-andreas-mod-installer_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_san-andreas-mod-installer_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtectKey Found : HKLM\Software\PIPKey Found : HKLM\Software\portaldositesSoftwareKey Found : HKLM\Software\SearchProtectKey Found : HKLM\Software\SP GlobalKey Found : HKLM\Software\SProtectorKey Found : HKLM\Software\systweakKey Found : HKLM\Software\Uniblue\DriverScannerKey Found : HKLM\Software\V9SoftwareKey Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvcKey Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvcKey Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerProKey Found : [x64] HKLM\SOFTWARE\Tarma InstallerValue Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [browserMngrDefaultScope]***** [ Browsers ] *****-\\ Internet Explorer v10.0.9200.16720Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [start Page] - hxxp://search.conduit.com/?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=MAFD52530-B230-4D51-AA9F-54197424EA69&SearchSource=55&CUI=&UM=5&UP=SP324FF9C0-8A5A-4104-AA64-91B354931CC0&SSPV=Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.delta-homes.com/?type=hp&ts=1388677655&from=wpm0102&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A907719277192Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [start Page Before] - hxxp://search.b1.org/?bsrc=hmior&chid=c167991Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [search Page Before] - hxxp://search.b1.org/?bsrc=hmior&chid=c167991Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.delta-homes.com/web/?type=ds&ts=1388677655&from=wpm0102&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A907719277192&q={searchTerms}Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.delta-homes.com/?type=hp&ts=1388677655&from=wpm0102&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A907719277192Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page] - hxxp://www.delta-homes.com/?type=hp&ts=1388677655&from=wpm0102&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A907719277192Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page] - hxxp://search.delta-homes.com/web/?type=ds&ts=1388677655&from=wpm0102&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A907719277192&q={searchTerms}Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://home.speedbit.com/tab/?aff=115-\\ Mozilla Firefox v26.0 (pl)[ File : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\ff2wnzmz.default\prefs.js ]Line Found : user_pref("aol_toolbar.default.homepage.check", false);Line Found : user_pref("aol_toolbar.default.search.check", false);Line Found : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=MAFD52530-B230-4D51-AA9F-54197424EA69&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SP324FF9C0-8A5[...]Line Found : user_pref("browser.search.defaultenginename", "Conduit Search");Line Found : user_pref("browser.search.defaultenginename,S", "WebSearch");Line Found : user_pref("browser.search.defaulturl", "hxxp://websearch.searchbomb.info/?pid=1890&r=2013/11/28&hid=14692819153702194221&lg=EN&cc=PL&unqvl=42&l=1&q=");Line Found : user_pref("browser.search.order.1", "WebSearch");Line Found : user_pref("browser.search.order.1,S", "WebSearch");Line Found : user_pref("browser.search.selectedEngine", "Conduit Search");Line Found : user_pref("browser.search.selectedEngine,S", "WebSearch");Line Found : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=MAFD52530-B230-4D51-AA9F-54197424EA69&SearchSource=55&CUI=&UM=5&UP=SP324FF9C0-8A5A-4104[...]Line Found : user_pref("extensions.34uHIXohL0q.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\[...]Line Found : user_pref("extensions.6um.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};var _wlst={lsKey:\"ssjsmn2ja8ddw2a\",get:function(b,a){if(3<b)return a(!1);var d=thi[...]Line Found : user_pref("extensions.BabylonToolbar.admin", false);Line Found : user_pref("extensions.BabylonToolbar.aflt", "babsst");Line Found : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");Line Found : user_pref("extensions.BabylonToolbar.autoRvrt", "false");Line Found : user_pref("extensions.BabylonToolbar.dfltLng", "en");Line Found : user_pref("extensions.BabylonToolbar.excTlbr", false);Line Found : user_pref("extensions.BabylonToolbar.id", "d4e84603000000000000ac811202e607");Line Found : user_pref("extensions.BabylonToolbar.instlDay", "15604");Line Found : user_pref("extensions.BabylonToolbar.instlRef", "sst");Line Found : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");Line Found : user_pref("extensions.BabylonToolbar.prtkDS", 0);Line Found : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);Line Found : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");Line Found : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");Line Found : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=d4e84603000000000000ac811202e607&q=");Line Found : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12");Line Found : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12");Line Found : user_pref("extensions.BabylonToolbar_i.babExt", "");Line Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110823&tt=120912_ccp_3812_4");Line Found : user_pref("extensions.BabylonToolbar_i.newTab", false);Line Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");Line Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");Line Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1214:59:12");Line Found : user_pref("extensions.delta.admin", false);Line Found : user_pref("extensions.delta.aflt", "babsst");Line Found : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");Line Found : user_pref("extensions.delta.autoRvrt", "false");Line Found : user_pref("extensions.delta.dfltLng", "en");Line Found : user_pref("extensions.delta.excTlbr", false);Line Found : user_pref("extensions.delta.ffxUnstlRst", true);Line Found : user_pref("extensions.delta.id", "d4e84603000000000000ac811202e607");Line Found : user_pref("extensions.delta.instlDay", "15827");Line Found : user_pref("extensions.delta.instlRef", "sst");Line Found : user_pref("extensions.delta.newTab", false);Line Found : user_pref("extensions.delta.prdct", "delta");Line Found : user_pref("extensions.delta.prtnrId", "delta");Line Found : user_pref("extensions.delta.rvrt", "false");Line Found : user_pref("extensions.delta.smplGrp", "none");Line Found : user_pref("extensions.delta.tlbrId", "base");Line Found : user_pref("extensions.delta.tlbrSrchUrl", "");Line Found : user_pref("extensions.delta.vrsn", "1.8.16.16");Line Found : user_pref("extensions.delta.vrsnTs", "1.8.16.1618:34:33");Line Found : user_pref("extensions.delta.vrsni", "1.8.16.16");Line Found : user_pref("extensions.fvd_single.surfcanyon.ramp.start_time", "1396719120978");Line Found : user_pref("extensions.hbwpBUntWTvH.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};var _wlst={lsKey:\"ssjsmn2ja8ddw2a\",get:function(b,a){if(3<b)return a(!1);[...]Line Found : user_pref("keyword.URL", "hxxp://websearch.searchbomb.info/?pid=1890&r=2013/11/28&hid=14692819153702194221&lg=EN&cc=PL&unqvl=42&l=1&q=");Line Found : user_pref("smartbar.machineId", "WIFUMC85YMJEFDAIXUSMSFYYMBITCFGAP6GEB/IS4EN3EYXTXSHPKOYO3IFHXMAB5CYNC+IXCLY+PF9TX4AUHW");Line Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");Line Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");Line Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");Line Found : user_pref("sweetim.toolbar.previous.keyword.URL", "");Line Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");Line Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");Line Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");Line Found : user_pref("sweetim.toolbar.searchguard.enable", "");-\\ Google Chrome v28.0.1500.95[ File : C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\preferences ]Found : urls_to_restore_on_startupFound : urls_to_restore_on_startupFound : urls_to_restore_on_startup*************************AdwCleaner[R0].txt - [21317 octets] - [15/05/2014 16:24:09]########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [21378 octets] ##########

 

AdwCleaner v3.001 - Report created 15/05/2014 at 16:25:44# Updated 24/08/2013 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : Lenovo - LENOVO-KOMPUTER# Running from : C:\Users\Lenovo\Desktop\adwcleaner.exe# Option : Clean***** [ Services ] *****Service Deleted : BackupStack[#] Service Deleted : CltMngSvc***** [ Files / Folders ] *****Folder Deleted : C:\ProgramData\BabylonFolder Deleted : C:\ProgramData\BetterSoftFolder Deleted : C:\ProgramData\eSafeFolder Deleted : C:\ProgramData\InstallMateFolder Deleted : C:\ProgramData\simplitecFolder Deleted : C:\ProgramData\SoftSafeFolder Deleted : C:\ProgramData\Tarma InstallerFolder Deleted : C:\ProgramData\EnujoyCoUpoonuFolder Deleted : C:\ProgramData\wxDownloadFolder Deleted : C:\Program Files (x86)\BabylonFolder Deleted : C:\Program Files (x86)\DefaultTabFolder Deleted : C:\Program Files (x86)\Desk 365Folder Deleted : C:\Program Files (x86)\ExpressFilesFolder Deleted : C:\Program Files (x86)\MyPC Backup Folder Deleted : C:\Program Files (x86)\OAppsFolder Deleted : C:\Program Files (x86)\SearchProtectFolder Deleted : C:\Program Files (x86)\TornTV.comFolder Deleted : C:\Program Files (x86)\WebSearchFolder Deleted : C:\Program Files (x86)\WinZipperFolder Deleted : C:\Program Files (x86)\Common Files\337Folder Deleted : C:\Program Files\BabylonFolder Deleted : C:\Users\Lenovo\QtraxFolder Deleted : C:\Users\Lenovo\AppData\Local\B1EFolder Deleted : C:\Users\Lenovo\AppData\Local\ConduitFolder Deleted : C:\Users\Lenovo\AppData\Local\creFolder Deleted : C:\Users\Lenovo\AppData\Local\lollipopFolder Deleted : C:\Users\Lenovo\AppData\Local\PutLockerDownloaderFolder Deleted : C:\Users\Lenovo\AppData\Local\SearchProtectFolder Deleted : C:\Users\Lenovo\AppData\Local\SwvUpdaterFolder Deleted : C:\Users\Lenovo\AppData\LocalLow\BabylonToolbarFolder Deleted : C:\Users\Lenovo\AppData\LocalLow\ConduitFolder Deleted : C:\Users\Lenovo\AppData\Roaming\337Folder Deleted : C:\Users\Lenovo\AppData\Roaming\B1ToolbarFolder Deleted : C:\Users\Lenovo\AppData\Roaming\BabylonFolder Deleted : C:\Users\Lenovo\AppData\Roaming\eIntallerFolder Deleted : C:\Users\Lenovo\AppData\Roaming\ExpressFilesFolder Deleted : C:\Users\Lenovo\AppData\Roaming\simplitecFolder Deleted : C:\Users\Lenovo\AppData\Roaming\SystweakFolder Deleted : C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup Folder Deleted : C:\Users\Lenovo\Documents\smart pc cleanerFolder Deleted : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\ff2wnzmz.default\jetpackFile Deleted : C:\ENDFile Deleted : C:\windows\System32\roboot64.exeFile Deleted : C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnkFile Deleted : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\ff2wnzmz.default\searchplugins\Askcom.xmlFile Deleted : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\ff2wnzmz.default\searchplugins\Babylon.xmlFile Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xmlFile Deleted : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\ff2wnzmz.default\searchplugins\BabylonMngr.xmlFile Deleted : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\ff2wnzmz.default\searchplugins\BrowserProtect.xmlFile Deleted : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\ff2wnzmz.default\searchplugins\delta.xmlFile Deleted : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\ff2wnzmz.default\searchplugins\mixidj.xmlFile Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\portaldosites.xmlFile Deleted : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\ff2wnzmz.default\searchplugins\WebSearch.xmlFile Deleted : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\ff2wnzmz.default\\invalidprefs.jsFile Deleted : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\ff2wnzmz.default\user.jsFile Deleted : C:\windows\Tasks\Dealply.jobFile Deleted : C:\windows\System32\Tasks\DealplyFile Deleted : C:\windows\System32\Tasks\DealPlyUpdate***** [ Shortcuts ] *****Shortcut Disinfected : C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnkShortcut Disinfected : C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Program uruchamiaj¹cy aplikacje Chrome.lnkShortcut Disinfected : C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnkShortcut Disinfected : C:\Users\Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnkShortcut Disinfected : C:\Users\Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk***** [ Registry ] *****Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [browserMngrDefaultScope]Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXEKey Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLLKey Deleted : HKLM\SOFTWARE\Classes\Prod.capKey Deleted : HKLM\SOFTWARE\Classes\speedupmypcKey Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpdKey Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCSKey Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvcKey Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvcKey Deleted : HKCU\Software\0cc2e62ef151ade53135716a79cd96fdKey Deleted : HKCU\Software\bead739c11b6815884fb1a13a48ced96Key Deleted : HKCU\Software\f28bd1b03aec42Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_blueeyem_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_blueeyem_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_java-development-kit_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_java-development-kit_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_mini-monitoring_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_mini-monitoring_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_san-andreas-mod-installer_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_san-andreas-mod-installer_RASMANCSKey Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5C9A2304-70A5-11D5-AFB0-0050DAC67890}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}Key Deleted : HKCU\Software\APN PIPKey Deleted : HKCU\Software\BabSolutionKey Deleted : HKCU\Software\BrowserMngrKey Deleted : HKCU\Software\ConduitKey Deleted : HKCU\Software\ExpressFilesKey Deleted : HKCU\Software\lollipopKey Deleted : HKCU\Software\PIPKey Deleted : HKCU\Software\SoftonicKey Deleted : HKCU\Software\UpdateStarKey Deleted : HKCU\Software\AppDataLow\Software\ConduitKey Deleted : HKCU\Software\AppDataLow\Software\SmartBarKey Deleted : HKLM\Software\BabylonKey Deleted : HKLM\Software\BrowserMngrKey Deleted : HKLM\Software\ConduitKey Deleted : HKLM\Software\DataMngrKey Deleted : HKLM\Software\delta-homesSoftwareKey Deleted : HKLM\Software\DesksvcKey Deleted : HKLM\Software\ExpressFilesKey Deleted : HKLM\Software\InstallIQKey Deleted : HKLM\Software\PIPKey Deleted : HKLM\Software\portaldositesSoftwareKey Deleted : HKLM\Software\SearchProtectKey Deleted : HKLM\Software\SP GlobalKey Deleted : HKLM\Software\SProtectorKey Deleted : HKLM\Software\systweakKey Deleted : HKLM\Software\Uniblue\DriverScannerKey Deleted : HKLM\Software\V9SoftwareKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtectKey Deleted : [x64] HKLM\SOFTWARE\Tarma InstallerKey Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro***** [ Browsers ] *****-\\ Internet Explorer v10.0.9200.16720Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page Before]Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [search Page Before]Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]-\\ Mozilla Firefox v26.0 (pl)[ File : C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\ff2wnzmz.default\prefs.js ]Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);Line Deleted : user_pref("aol_toolbar.default.search.check", false);Line Deleted : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=MAFD52530-B230-4D51-AA9F-54197424EA69&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SP324FF9C0-8A5[...]Line Deleted : user_pref("browser.search.defaultenginename", "Conduit Search");Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.searchbomb.info/?pid=1890&r=2013/11/28&hid=14692819153702194221&lg=EN&cc=PL&unqvl=42&l=1&q=");Line Deleted : user_pref("browser.search.order.1", "WebSearch");Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");Line Deleted : user_pref("browser.search.selectedEngine", "Conduit Search");Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=MAFD52530-B230-4D51-AA9F-54197424EA69&SearchSource=55&CUI=&UM=5&UP=SP324FF9C0-8A5A-4104[...]Line Deleted : user_pref("extensions.34uHIXohL0q.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\[...]Line Deleted : user_pref("extensions.6um.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};var _wlst={lsKey:\"ssjsmn2ja8ddw2a\",get:function(b,a){if(3<b)return a(!1);var d=thi[...]Line Deleted : user_pref("extensions.BabylonToolbar.admin", false);Line Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");Line Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");Line Deleted : user_pref("extensions.BabylonToolbar.autoRvrt", "false");Line Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");Line Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);Line Deleted : user_pref("extensions.BabylonToolbar.id", "d4e84603000000000000ac811202e607");Line Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15604");Line Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");Line Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");Line Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);Line Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);Line Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");Line Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");Line Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=d4e84603000000000000ac811202e607&q=");Line Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12");Line Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12");Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110823&tt=120912_ccp_3812_4");Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1214:59:12");Line Deleted : user_pref("extensions.delta.admin", false);Line Deleted : user_pref("extensions.delta.aflt", "babsst");Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");Line Deleted : user_pref("extensions.delta.autoRvrt", "false");Line Deleted : user_pref("extensions.delta.dfltLng", "en");Line Deleted : user_pref("extensions.delta.excTlbr", false);Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);Line Deleted : user_pref("extensions.delta.id", "d4e84603000000000000ac811202e607");Line Deleted : user_pref("extensions.delta.instlDay", "15827");Line Deleted : user_pref("extensions.delta.instlRef", "sst");Line Deleted : user_pref("extensions.delta.newTab", false);Line Deleted : user_pref("extensions.delta.prdct", "delta");Line Deleted : user_pref("extensions.delta.prtnrId", "delta");Line Deleted : user_pref("extensions.delta.rvrt", "false");Line Deleted : user_pref("extensions.delta.smplGrp", "none");Line Deleted : user_pref("extensions.delta.tlbrId", "base");Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");Line Deleted : user_pref("extensions.delta.vrsn", "1.8.16.16");Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.16.1618:34:33");Line Deleted : user_pref("extensions.delta.vrsni", "1.8.16.16");Line Deleted : user_pref("extensions.fvd_single.surfcanyon.ramp.start_time", "1396719120978");Line Deleted : user_pref("extensions.hbwpBUntWTvH.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};var _wlst={lsKey:\"ssjsmn2ja8ddw2a\",get:function(b,a){if(3<b)return a(!1);[...]Line Deleted : user_pref("keyword.URL", "hxxp://websearch.searchbomb.info/?pid=1890&r=2013/11/28&hid=14692819153702194221&lg=EN&cc=PL&unqvl=42&l=1&q=");Line Deleted : user_pref("smartbar.machineId", "WIFUMC85YMJEFDAIXUSMSFYYMBITCFGAP6GEB/IS4EN3EYXTXSHPKOYO3IFHXMAB5CYNC+IXCLY+PF9TX4AUHW");Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");-\\ Google Chrome v28.0.1500.95[ File : C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\preferences ]Deleted : urls_to_restore_on_startup*************************AdwCleaner[R0].txt - [21523 octets] - [15/05/2014 16:24:09]AdwCleaner[s0].txt - [19087 octets] - [15/05/2014 16:25:44]########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [19148 octets] ##########

 

 

Narazie tylko logi adw bo te otl jeszcze się tworzą.

Janusz. Legenda

Janusz.

Opublikowano
Legenda

Janusz.

Opublikowano

Tak jak myślałem. Wina tego że w systemie siedział Conduit SearchProtect.

Folder Found C:\Program Files (x86)\SearchProtect

po odinstalowaniu tego adware usuwane są wszystkie luźne pliki z dysku C...

Zarchiwizowany

Ten temat przebywa obecnie w archiwum. Dodawanie nowych odpowiedzi zostało zablokowane.

Pytania
×
×
  • Dodaj nową pozycję...