USB

USB

offline
  • Pridružio: 21 Maj 2009
  • Poruke: 1

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.21.2
Run by User at 12:02:22 on 2013-06-15
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.307 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
C:\Program Files\YourFileDownloader\YourFileUpdater.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\srvany.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\KMService.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
C:\WINDOWS\system32\NLSSRV32.EXE
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\TP-LINK\COMMON\RaRegistry.exe
C:\Program Files\Yontoo\Y2Desktop.Updater.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\User\Application Data\Yontoo\YontooDesktop.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe
C:\WINDOWS\FOUNDER\PanelMgr\SSMMgr.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\System32\WScript.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
C:\Documents and Settings\User\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Documents and Settings\User\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\TP-LINK\COMMON\TWCU.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
C:\PROGRA~1\Nitro\PRO8~1\NitroPDF.exe
C:\PROGRA~1\Nitro\PRO8~1\Nitro_PIPAssistant.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?affID=121631&tt=gc_&babsrc=HP_ss_gin2g&mntrId=24AAB0487A87E2B8
uSearch Bar = hxxp://www.bing.com
mStart Page = hxxp://websearch.lookforithere.info/?pid=946&r=2013/05/14&hid=2541876651&lg=EN&cc=BA&unqvl=14
uProxyOverride = <local>;127.0.0.1:9421;
uSearchAssistant = hxxp://dts.search-results.com/sr?src=ieb&appid=394&systemid=406&sr=0&q={searchTerms}
mSearchAssistant = hxxp://dts.search-results.com/sr?src=ieb&appid=394&systemid=406&sr=0&q={searchTerms}
BHO: {2EECD738-5844-4a99-B4B6-146BF802613B} - <orphaned>
BHO: SearchNewTab: {6F80FC12-5F3D-E795-6D38-06E90FD5FC1A} - c:\documents and settings\all users\application data\searchnewtab\518e2a5f6ccf4.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: {9D717F81-9148-4f12-8568-69135F087DB0} - <orphaned>
BHO: ccoNtiinuetosavey: {A1B096E9-0679-9AAE-93FC-7D965EB4AD28} - c:\documents and settings\all users\application data\ccontiinuetosavey\518e29fa99565.dll
BHO: SearchNewTab: {A8C17818-BA0F-4FDA-C855-02EC4C5DCEE0} - c:\documents and settings\all users\application data\searchnewtab\5190a99a50918.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - c:\program files\delta\delta\1.8.21.5\bh\delta.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - c:\program files\yontoo\YontooIEClient.dll
TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - c:\program files\delta\delta\1.8.21.5\deltaTlbr.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [Akamai NetSession Interface] "c:\documents and settings\user\local settings\application data\akamai\netsession_win.exe"
uRun: [OfficeSyncProcess] "c:\program files\microsoft office\office14\MSOSYNC.EXE"
uRun: [Media Finder] c:\program files\media finder\Media Finder.exe /opentotray
uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload
uRun: [KiesAirMessage] c:\program files\samsung\kies\KiesAirMessage.exe -startup
uRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
uRun: [UpdateMyDrivers] c:\program files\smarttweak software\updatemydrivers\UpdateMyDrivers.exe /ot /as /ss
uRun: [Yontoo Desktop] "c:\documents and settings\user\application data\yontoo\YontooDesktop.exe"
uRun: [help.vbe] "c:\docume~1\user\locals~1\temp\help.vbe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SkyTel] SkyTel.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [StatusClient] c:\program files\hewlett-packard\toolbox2.0\apache tomcat 4.0\webapps\toolbox\statusclient\StatusClient.exe /auto
mRun: [TomcatStartup] c:\program files\hewlett-packard\toolbox2.0\hpbpsttp.exe
mRun: [HPLJ Config] c:\program files\hewlett-packard\hp laserjet 1010 series\SetConfig.exe -c Direct -p DOT4_001 -pn "hp LaserJet 1010 Series Driver" -n 0 -l 1033 -sl 120000
mRun: [Bonus.SSR.FR10] "c:\program files\abbyy finereader 10\Bonus.ScreenshotReader.exe" /autorun
mRun: [FOUNDER PanelMgr] c:\windows\founder\panelmgr\SSMMgr.exe /autorun
mRun: [(Default)] c:\windows\svchost.exe
mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [help.vbe] "c:\docume~1\user\locals~1\temp\help.vbe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\user\startm~1\programs\startup\flipto~1.lnk - c:\program files\fliptoast\fliptoast.exe
StartupFolder: c:\documents and settings\user\start menu\programs\startup\help.vbe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\tp-lin~1.lnk - c:\program files\tp-link\common\TWCU.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: &Search - tbedits.mywebsearch.com/one-toolbaredits/me.....2011112510
IE: Download with &Media Finder - c:\program files\media finder\hook.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{12E7D594-5F24-428F-9248-5B32CF9C5524} : DHCPNameServer = 192.168.1.1
Handler: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - c:\windows\wc98pp.dll
Notify: AtiExtEvent - Ati2evxx.dll
AppInit_DLLs= c:\progra~1\simple~1\sprote~1.dll c:\progra~1\contin~1\sprote~1.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.110\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\zoawmfx4.default\
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.lookforithere.info/?pid=946&r=2013/05/14&hid=2541876651&lg=EN&cc=BA&unqvl=14&l=1&q=
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=121631&tt=gc_&babsrc=HP_ss_gin2g&mntrId=24AAB0487A87E2B8
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox
FF - prefs.js: browser.search.selectedEngine - Delta Search
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=362&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=6049561345294242&o=APN10645&q=
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2013-04-25 18:40; torntv2@torntv.com; c:\documents and settings\user\application data\mozilla\firefox\profiles\zoawmfx4.default\extensions\torntv2@torntv.com.xpi
FF - ExtSQL: !HIDDEN! 2012-03-05 11:43; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2012-06-13 20:17; 4fd8d909cc863@4fd8d909cc89d.info; c:\documents and settings\user\application data\mozilla\firefox\profiles\zoawmfx4.default\extensions\4fd8d909cc863@4fd8d909cc89d.info
FF - ExtSQL: !HIDDEN! 2013-04-25 18:40; gh8yueu@jt-gsviu.org; c:\documents and settings\user\application data\mozilla\firefox\profiles\zoawmfx4.default\extensions\gh8yueu@jt-gsviu.org
FF - ExtSQL: !HIDDEN! 2013-04-25 18:40; tcdrtd3s5@cgedaa-.com; c:\documents and settings\user\application data\mozilla\firefox\profiles\zoawmfx4.default\extensions\tcdrtd3s5@cgedaa-.com
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=112555&tt=2912_1
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 24aaf01e000000000000b0487a87e2b8
FF - user.js: extensions.BabylonToolbar_i.hardId - 24aaf01e000000000000b0487a87e2b8
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15541
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1715:01:43
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
.
.
FF - user.js: extentions.y2layers.installId - 17eab908-91f7-4fea-a7c8-0941bfd4cb6f
FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,buzzdock,YontooNewOffers
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 24aaf01e000000000000b0487a87e2b8
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15863
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.521:03:12
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=120007
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-4-23 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-4-23 174664]
R0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\drivers\NBVol.sys [2011-12-30 56496]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\drivers\NBVolUp.sys [2011-12-30 12464]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-3-6 24408]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-3-15 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-3-15 368944]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-10-20 232512]
R2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service;c:\program files\common files\abbyy\finereader\10.00\licensing\pe\NetworkLicenseServer.exe [2009-9-29 809736]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-4-14 14336]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-3-15 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-4-23 66336]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-3-15 46808]
R2 KMService;KMService;c:\windows\system32\srvany.exe [2011-9-29 8192]
R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;c:\program files\nitro\pro 8\NitroPDFDriverService8.exe [2012-12-13 196616]
R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\NLSSRV32.EXE [2013-3-25 70152]
R2 RalinkRegistryWriter;Ralink Registry Writer;c:\program files\tp-link\common\RaRegistry.exe [2012-5-29 185632]
R2 Scutum50;Scutum50 NDIS Protocol Driver;c:\windows\system32\drivers\Scutum50.sys [2012-5-29 19072]
R2 Yontoo Desktop Updater;Yontoo Desktop Updater;c:\program files\yontoo\Y2Desktop.Updater.exe [2013-5-24 23552]
R3 rt2870;TP-LINK Wireless USB Adapter;c:\windows\system32\drivers\rt2870.sys [2012-5-29 827488]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\nitro\reader 3\NitroPDFReaderDriverService3.exe [2013-3-26 196624]
S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?]
S3 becldr3Service;BCL EasyConverter SDK 3 Loader;c:\program files\bcl technologies\easyconverter sdk 3\common\becldr.exe [2013-3-18 225280]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2012-7-23 80824]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2012-3-8 23456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2012-7-23 181432]
.
=============== Created Last 30 ================
.
2013-06-07 19:02:34 -------- d-----w- c:\program files\YourFileDownloader
2013-05-24 14:37:40 -------- d-----w- c:\program files\Delta
2013-05-24 14:37:17 -------- d-----w- c:\documents and settings\user\application data\Delta
2013-05-24 14:36:15 -------- d-----w- c:\documents and settings\user\application data\Yontoo
2013-05-24 14:36:14 -------- d-----w- c:\program files\Yontoo
2013-05-22 19:00:44 -------- d-----w- c:\documents and settings\user\application data\Thinstall
2013-05-21 16:36:33 -------- d-----w- c:\program files\common files\FontLab
2013-05-21 16:36:30 -------- d-----w- c:\program files\FontLab
2013-05-21 16:29:52 -------- d-----w- c:\program files\FontTwister
2013-05-21 15:34:55 -------- d-----w- c:\program files\Open Clip Art Library
.
==================== Find3M ====================
.
2013-06-14 11:34:06 620932 ----a-w- c:\windows\system32\FontInfo.bin
2013-06-14 11:34:06 196208 ----a-w- c:\windows\system32\GlyphInfo.bin
2013-06-12 09:51:30 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-12 09:51:30 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-09 08:59:10 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59:10 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59:10 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59:09 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58:37 41664 ----a-w- c:\windows\avastSS.scr
2013-04-23 15:52:51 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-23 15:52:49 866720 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-04-23 15:52:49 788896 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-23 15:52:49 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-03-25 17:08:38 70152 ----a-w- c:\windows\system32\NLSSRV32.EXE
.
============= FINISH: 12:03:05,31 ===============

mycity.rs/must-login.png

mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Start > Control Panel > Add or Remove

Deinstaliraj Yontoo 2.053




Arrow Korak 1


Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Delete] i pricekaj da program zavrsi.
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok


Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt


*************




Arrow Korak 2



Preuzmi program OTM na Desktop.

Dvoklikom pokreni OTM.exe

U (levi) prozor programa (ispod Paste Instructions for Items to be Moved) iskopiraj sve što se nalazi unutar Kod polja:

:reg
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"help.vbe"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"(Default)"=-
"help.vbe"=-

:files
c:\docume~1\user\locals~1\temp\help.vbe
c:\windows\svchost.exe
c:\documents and settings\user\start menu\programs\startup\help.vbe

:commands
[CREATERESTOREPOINT]
[emptytemp]

Klikni MoveIt!

Po završetku procesa, u desnom prozoru programa (ispod Results), će se nalaziti tekst koji je potrebno iskopirati u poruku na forumu.


Ukoliko se pojavi upit:

Confirm ::The system requires a reboot to finish removing files.
Do you want to reboot now?


kliknuti Yes kako bi se kompjuter restartovao i proces bio dovršen.

Nakon ponovnog pokretanja sistema, logfile će se automatski otvoriti u Notepadu.
Potrebno je iskopirati sadržaj tog loga u poruku na forumu.



**********************



Arrow Korak 3



Preuzmi MCShield sa sljedeće adrese:

http://www.mcshield.net/download/MCShield-Setup.exe

Instaliraj MCShield i sačekaj da se završi uvodno skeniranje.

Kad se završi uvodno skeniranje, ubacuj sve USB memorijske uređaje redom u USB port i svaki zadrži u portu dok MCShield ne izbaci poruku da je skeniranje završeno. Ukoliko imaš više USB uređaja, zabilježi negdje kojim su redom ubacivani.

Objašnjenje: U USB memorijske uređaje spadaju svi oni uređaji koji po priključivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uređaji itd.

Idi na Start -> All Programs -> MCShield -> Logs -> AllScans

Otvoriće ti se izvještaj u Notepad-u čiji sadržaj treba da postaviš u poruku

Ko je trenutno na forumu
 

Ukupno su 865 korisnika na forumu :: 39 registrovanih, 7 sakrivenih i 819 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: aleksmajstor, Apok, bladesu, bokisha253, Cassius Clay, cenejac111, DPera, dragoljub11987, Duh sa sekirom, ekser222, FileFinder, FOX, ivan1973, ivica976, JOntra, laurusri, Leonov, lord sir giga, mercedesamg, Mi lao shu, milanovic, milenko crazy north, moldway, radoznao, raptorsi, ruger357, sasa87, ser.hill, slonic_tonic, Steeeefan, Toper, Trpe Grozni, vaso1, VJ, VP6919, YU-UKI, zbazin, zillbg, 125