USB

USB

offline
  • Pridružio: 21 Maj 2009
  • Poruke: 1

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.21.2
Run by User at 12:02:22 on 2013-06-15
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.307 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
C:\Program Files\YourFileDownloader\YourFileUpdater.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\srvany.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\KMService.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
C:\WINDOWS\system32\NLSSRV32.EXE
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\TP-LINK\COMMON\RaRegistry.exe
C:\Program Files\Yontoo\Y2Desktop.Updater.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\User\Application Data\Yontoo\YontooDesktop.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe
C:\WINDOWS\FOUNDER\PanelMgr\SSMMgr.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\System32\WScript.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
C:\Documents and Settings\User\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Documents and Settings\User\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\TP-LINK\COMMON\TWCU.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
C:\PROGRA~1\Nitro\PRO8~1\NitroPDF.exe
C:\PROGRA~1\Nitro\PRO8~1\Nitro_PIPAssistant.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?affID=121631&tt=gc_&babsrc=HP_ss_gin2g&mntrId=24AAB0487A87E2B8
uSearch Bar = hxxp://www.bing.com
mStart Page = hxxp://websearch.lookforithere.info/?pid=946&r=2013/05/14&hid=2541876651&lg=EN&cc=BA&unqvl=14
uProxyOverride = <local>;127.0.0.1:9421;
uSearchAssistant = hxxp://dts.search-results.com/sr?src=ieb&appid=394&systemid=406&sr=0&q={searchTerms}
mSearchAssistant = hxxp://dts.search-results.com/sr?src=ieb&appid=394&systemid=406&sr=0&q={searchTerms}
BHO: {2EECD738-5844-4a99-B4B6-146BF802613B} - <orphaned>
BHO: SearchNewTab: {6F80FC12-5F3D-E795-6D38-06E90FD5FC1A} - c:\documents and settings\all users\application data\searchnewtab\518e2a5f6ccf4.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: {9D717F81-9148-4f12-8568-69135F087DB0} - <orphaned>
BHO: ccoNtiinuetosavey: {A1B096E9-0679-9AAE-93FC-7D965EB4AD28} - c:\documents and settings\all users\application data\ccontiinuetosavey\518e29fa99565.dll
BHO: SearchNewTab: {A8C17818-BA0F-4FDA-C855-02EC4C5DCEE0} - c:\documents and settings\all users\application data\searchnewtab\5190a99a50918.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - c:\program files\delta\delta\1.8.21.5\bh\delta.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - c:\program files\yontoo\YontooIEClient.dll
TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - c:\program files\delta\delta\1.8.21.5\deltaTlbr.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [Akamai NetSession Interface] "c:\documents and settings\user\local settings\application data\akamai\netsession_win.exe"
uRun: [OfficeSyncProcess] "c:\program files\microsoft office\office14\MSOSYNC.EXE"
uRun: [Media Finder] c:\program files\media finder\Media Finder.exe /opentotray
uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload
uRun: [KiesAirMessage] c:\program files\samsung\kies\KiesAirMessage.exe -startup
uRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
uRun: [UpdateMyDrivers] c:\program files\smarttweak software\updatemydrivers\UpdateMyDrivers.exe /ot /as /ss
uRun: [Yontoo Desktop] "c:\documents and settings\user\application data\yontoo\YontooDesktop.exe"
uRun: [help.vbe] "c:\docume~1\user\locals~1\temp\help.vbe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SkyTel] SkyTel.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [StatusClient] c:\program files\hewlett-packard\toolbox2.0\apache tomcat 4.0\webapps\toolbox\statusclient\StatusClient.exe /auto
mRun: [TomcatStartup] c:\program files\hewlett-packard\toolbox2.0\hpbpsttp.exe
mRun: [HPLJ Config] c:\program files\hewlett-packard\hp laserjet 1010 series\SetConfig.exe -c Direct -p DOT4_001 -pn "hp LaserJet 1010 Series Driver" -n 0 -l 1033 -sl 120000
mRun: [Bonus.SSR.FR10] "c:\program files\abbyy finereader 10\Bonus.ScreenshotReader.exe" /autorun
mRun: [FOUNDER PanelMgr] c:\windows\founder\panelmgr\SSMMgr.exe /autorun
mRun: [(Default)] c:\windows\svchost.exe
mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [help.vbe] "c:\docume~1\user\locals~1\temp\help.vbe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\user\startm~1\programs\startup\flipto~1.lnk - c:\program files\fliptoast\fliptoast.exe
StartupFolder: c:\documents and settings\user\start menu\programs\startup\help.vbe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\tp-lin~1.lnk - c:\program files\tp-link\common\TWCU.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: &Search - tbedits.mywebsearch.com/one-toolbaredits/me.....2011112510
IE: Download with &Media Finder - c:\program files\media finder\hook.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{12E7D594-5F24-428F-9248-5B32CF9C5524} : DHCPNameServer = 192.168.1.1
Handler: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - c:\windows\wc98pp.dll
Notify: AtiExtEvent - Ati2evxx.dll
AppInit_DLLs= c:\progra~1\simple~1\sprote~1.dll c:\progra~1\contin~1\sprote~1.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.110\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\zoawmfx4.default\
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.lookforithere.info/?pid=946&r=2013/05/14&hid=2541876651&lg=EN&cc=BA&unqvl=14&l=1&q=
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=121631&tt=gc_&babsrc=HP_ss_gin2g&mntrId=24AAB0487A87E2B8
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox
FF - prefs.js: browser.search.selectedEngine - Delta Search
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=362&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=6049561345294242&o=APN10645&q=
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2013-04-25 18:40; torntv2@torntv.com; c:\documents and settings\user\application data\mozilla\firefox\profiles\zoawmfx4.default\extensions\torntv2@torntv.com.xpi
FF - ExtSQL: !HIDDEN! 2012-03-05 11:43; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2012-06-13 20:17; 4fd8d909cc863@4fd8d909cc89d.info; c:\documents and settings\user\application data\mozilla\firefox\profiles\zoawmfx4.default\extensions\4fd8d909cc863@4fd8d909cc89d.info
FF - ExtSQL: !HIDDEN! 2013-04-25 18:40; gh8yueu@jt-gsviu.org; c:\documents and settings\user\application data\mozilla\firefox\profiles\zoawmfx4.default\extensions\gh8yueu@jt-gsviu.org
FF - ExtSQL: !HIDDEN! 2013-04-25 18:40; tcdrtd3s5@cgedaa-.com; c:\documents and settings\user\application data\mozilla\firefox\profiles\zoawmfx4.default\extensions\tcdrtd3s5@cgedaa-.com
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=112555&tt=2912_1
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 24aaf01e000000000000b0487a87e2b8
FF - user.js: extensions.BabylonToolbar_i.hardId - 24aaf01e000000000000b0487a87e2b8
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15541
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1715:01:43
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
.
.
FF - user.js: extentions.y2layers.installId - 17eab908-91f7-4fea-a7c8-0941bfd4cb6f
FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,buzzdock,YontooNewOffers
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 24aaf01e000000000000b0487a87e2b8
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15863
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.521:03:12
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=120007
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-4-23 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-4-23 174664]
R0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\drivers\NBVol.sys [2011-12-30 56496]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\drivers\NBVolUp.sys [2011-12-30 12464]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-3-6 24408]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-3-15 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-3-15 368944]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-10-20 232512]
R2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service;c:\program files\common files\abbyy\finereader\10.00\licensing\pe\NetworkLicenseServer.exe [2009-9-29 809736]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-4-14 14336]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-3-15 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-4-23 66336]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-3-15 46808]
R2 KMService;KMService;c:\windows\system32\srvany.exe [2011-9-29 8192]
R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;c:\program files\nitro\pro 8\NitroPDFDriverService8.exe [2012-12-13 196616]
R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\NLSSRV32.EXE [2013-3-25 70152]
R2 RalinkRegistryWriter;Ralink Registry Writer;c:\program files\tp-link\common\RaRegistry.exe [2012-5-29 185632]
R2 Scutum50;Scutum50 NDIS Protocol Driver;c:\windows\system32\drivers\Scutum50.sys [2012-5-29 19072]
R2 Yontoo Desktop Updater;Yontoo Desktop Updater;c:\program files\yontoo\Y2Desktop.Updater.exe [2013-5-24 23552]
R3 rt2870;TP-LINK Wireless USB Adapter;c:\windows\system32\drivers\rt2870.sys [2012-5-29 827488]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\nitro\reader 3\NitroPDFReaderDriverService3.exe [2013-3-26 196624]
S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?]
S3 becldr3Service;BCL EasyConverter SDK 3 Loader;c:\program files\bcl technologies\easyconverter sdk 3\common\becldr.exe [2013-3-18 225280]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2012-7-23 80824]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2012-3-8 23456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2012-7-23 181432]
.
=============== Created Last 30 ================
.
2013-06-07 19:02:34 -------- d-----w- c:\program files\YourFileDownloader
2013-05-24 14:37:40 -------- d-----w- c:\program files\Delta
2013-05-24 14:37:17 -------- d-----w- c:\documents and settings\user\application data\Delta
2013-05-24 14:36:15 -------- d-----w- c:\documents and settings\user\application data\Yontoo
2013-05-24 14:36:14 -------- d-----w- c:\program files\Yontoo
2013-05-22 19:00:44 -------- d-----w- c:\documents and settings\user\application data\Thinstall
2013-05-21 16:36:33 -------- d-----w- c:\program files\common files\FontLab
2013-05-21 16:36:30 -------- d-----w- c:\program files\FontLab
2013-05-21 16:29:52 -------- d-----w- c:\program files\FontTwister
2013-05-21 15:34:55 -------- d-----w- c:\program files\Open Clip Art Library
.
==================== Find3M ====================
.
2013-06-14 11:34:06 620932 ----a-w- c:\windows\system32\FontInfo.bin
2013-06-14 11:34:06 196208 ----a-w- c:\windows\system32\GlyphInfo.bin
2013-06-12 09:51:30 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-12 09:51:30 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-09 08:59:10 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59:10 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59:10 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59:09 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58:37 41664 ----a-w- c:\windows\avastSS.scr
2013-04-23 15:52:51 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-23 15:52:49 866720 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-04-23 15:52:49 788896 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-23 15:52:49 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-03-25 17:08:38 70152 ----a-w- c:\windows\system32\NLSSRV32.EXE
.
============= FINISH: 12:03:05,31 ===============

mycity.rs/must-login.png

mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Start > Control Panel > Add or Remove

Deinstaliraj Yontoo 2.053




Arrow Korak 1


Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Delete] i pricekaj da program zavrsi.
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok


Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt


*************




Arrow Korak 2



Preuzmi program OTM na Desktop.

Dvoklikom pokreni OTM.exe

U (levi) prozor programa (ispod Paste Instructions for Items to be Moved) iskopiraj sve što se nalazi unutar Kod polja:

:reg
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"help.vbe"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"(Default)"=-
"help.vbe"=-

:files
c:\docume~1\user\locals~1\temp\help.vbe
c:\windows\svchost.exe
c:\documents and settings\user\start menu\programs\startup\help.vbe

:commands
[CREATERESTOREPOINT]
[emptytemp]

Klikni MoveIt!

Po završetku procesa, u desnom prozoru programa (ispod Results), će se nalaziti tekst koji je potrebno iskopirati u poruku na forumu.


Ukoliko se pojavi upit:

Confirm ::The system requires a reboot to finish removing files.
Do you want to reboot now?


kliknuti Yes kako bi se kompjuter restartovao i proces bio dovršen.

Nakon ponovnog pokretanja sistema, logfile će se automatski otvoriti u Notepadu.
Potrebno je iskopirati sadržaj tog loga u poruku na forumu.



**********************



Arrow Korak 3



Preuzmi MCShield sa sljedeće adrese:

http://www.mcshield.net/download/MCShield-Setup.exe

Instaliraj MCShield i sačekaj da se završi uvodno skeniranje.

Kad se završi uvodno skeniranje, ubacuj sve USB memorijske uređaje redom u USB port i svaki zadrži u portu dok MCShield ne izbaci poruku da je skeniranje završeno. Ukoliko imaš više USB uređaja, zabilježi negdje kojim su redom ubacivani.

Objašnjenje: U USB memorijske uređaje spadaju svi oni uređaji koji po priključivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uređaji itd.

Idi na Start -> All Programs -> MCShield -> Logs -> AllScans

Otvoriće ti se izvještaj u Notepad-u čiji sadržaj treba da postaviš u poruku

Ko je trenutno na forumu
 

Ukupno su 708 korisnika na forumu :: 29 registrovanih, 8 sakrivenih i 671 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Sale, A.R.Chafee.Jr., Andrija357, Chainsaw, dragon986, HDMI, krlebgd77, kuntalo, kvcali, Libertas, Lieutenant, MB120mm, menges, mercedesamg, mikrimaus, Misirac, Mixelotti, mushroom, Najax, neutralal.com, nuke92, pein, Recce, rodoljub, SD, Sirius, Smiljke, ss10, vlahale