MyCity » Ambulanta -> Arhiva Ambulante » mi dojde virus so angelina joli i taguva moi prijateli

mi dojde virus so angelina joli i taguva moi prijateli

Napisano na dan: 11.3.2012

mi dojde virus so angelina joli i taguva moi prijateli
Sledeća strana Pagination

Idi na vrh

Poslao: 11 Mar 2012 00:09
Idi na vrh
offline
  • Pridružio: 10 Mar 2012
  • Poruke: 4

ve molam za pomos za ovaj link na FB virus e taguva prijateli :/@

Poslao: 11 Mar 2012 00:15
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Ako sam razumeo tvoj problem, otvori novu temu u Ambulanti
http://www.mycity.rs/Ambulanta/

Isprati ovo uputstvo i postavi odgovarajuce izvestaje:
http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html
( DDS & Gmer za Windows x32bit ili OTL za Windows x64bit )

Neko iz naseg AMF Tima ce pregledati logove i proslediti ti instrukcije kako da uklonis malware.
Nadam se da ces se snaci Wink

Poslao: 11 Mar 2012 00:33
Idi na vrh
offline
  • Pridružio: 10 Mar 2012
  • Poruke: 4

po završetku skeniranja, izveštaj (koji će biti automatski sačuvan na Desktop-u kao OTL.Txt) će se otvoriti u Notepad-u.


Priložite izveštaj OTL.Txt uz poruku korišćenjem opcije Prikači fajl.
Neznam jer treba link tj. virus da prikacim ili to da prikacim sta je u notepad-u Sad

Poslao: 11 Mar 2012 00:40
Idi na vrh
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

To što je u Notepadu.

Poslao: 11 Mar 2012 00:42
Idi na vrh
offline
  • Pridružio: 10 Mar 2012
  • Poruke: 4

OTL logfile created on: 11-Mar-12 00:28:14 - Run 2
OTL by OldTimer - Version 3.2.36.2 Folder = C:\Users\User\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy

3.00 Gb Total Physical Memory | 1.78 Gb Available Physical Memory | 59.33% Memory free
6.00 Gb Paging File | 4.65 Gb Available in Paging File | 77.58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 40.00 Gb Total Space | 24.87 Gb Free Space | 62.18% Space Free | Partition Type: NTFS
Drive D: | 247.21 Gb Total Space | 229.01 Gb Free Space | 92.64% Space Free | Partition Type: NTFS
Drive F: | 44.17 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-03-11 00:22:00 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\User\Downloads\OTL.exe
PRC - [2012-03-03 00:30:10 | 000,514,048 | ---- | M] () -- C:\Program Files\Telenor Internet\Telenor Internet.exe
PRC - [2012-03-03 00:30:05 | 000,239,968 | ---- | M] () -- C:\ProgramData\Telenor Internet\OnlineUpdate\ouc.exe
PRC - [2012-01-30 14:41:55 | 009,492,880 | ---- | M] (Bandoo Media Inc.) -- C:\Users\User\AppData\Local\fTalk\ftalk.exe
PRC - [2012-01-03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-10-30 17:33:50 | 001,694,128 | ---- | M] (iMesh, Inc) -- C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe
PRC - [2011-10-28 00:49:17 | 000,286,528 | ---- | M] () -- C:\Program Files\DNA\btdna.exe
PRC - [2011-10-26 15:14:27 | 000,488,960 | ---- | M] () -- C:\Program Files\USBScan\USBScan.exe
PRC - [2011-06-20 09:00:24 | 000,102,400 | ---- | M] () -- C:\Program Files\Telenor Internet\BackgroundService\ModemListener.exe
PRC - [2011-06-20 09:00:24 | 000,049,752 | ---- | M] () -- C:\Program Files\Telenor Internet\BackgroundService\ServiceManager.exe
PRC - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe
PRC - [2011-03-14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-11-20 22:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009-09-25 08:24:36 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControl.exe
PRC - [2009-08-19 19:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2009-08-18 01:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009-08-18 01:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009-07-23 09:30:06 | 000,544,768 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2009-07-01 17:03:12 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2009-07-01 17:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009-06-19 09:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009-06-19 09:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009-06-15 16:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008-12-22 16:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\WDC.exe
PRC - [2008-07-09 16:09:26 | 000,191,032 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2008-01-17 23:50:54 | 000,587,568 | ---- | M] () -- C:\Program Files\BitTorrent\bittorrent.exe
PRC - [2007-07-05 15:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2005-07-06 14:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe


========== Modules (No Company Name) ==========

MOD - [2012-03-08 15:28:52 | 000,429,040 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\17.0.963.78\ppgooglenaclpluginchrome.dll
MOD - [2012-03-08 15:28:51 | 003,772,912 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\17.0.963.78\pdf.dll
MOD - [2012-03-08 15:27:37 | 000,527,344 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\17.0.963.78\libglesv2.dll
MOD - [2012-03-08 15:27:35 | 000,114,672 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\17.0.963.78\libegl.dll
MOD - [2012-03-08 15:27:26 | 000,122,880 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\17.0.963.78\avutil-51.dll
MOD - [2012-03-08 15:27:24 | 000,220,672 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\17.0.963.78\avformat-53.dll
MOD - [2012-03-08 15:27:23 | 001,747,456 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\17.0.963.78\avcodec-53.dll
MOD - [2012-03-08 10:39:20 | 008,593,056 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\17.0.963.78\gcswf32.dll
MOD - [2012-03-03 00:30:10 | 000,514,048 | ---- | M] () -- C:\Program Files\Telenor Internet\Telenor Internet.exe
MOD - [2012-03-03 00:30:06 | 009,515,520 | ---- | M] () -- C:\Program Files\Telenor Internet\QtGui4.dll
MOD - [2012-03-03 00:30:06 | 002,415,104 | ---- | M] () -- C:\Program Files\Telenor Internet\QtCore4.dll
MOD - [2012-03-03 00:30:06 | 001,148,416 | ---- | M] () -- C:\Program Files\Telenor Internet\QtNetwork4.dll
MOD - [2012-03-03 00:30:06 | 001,101,824 | ---- | M] () -- C:\Program Files\Telenor Internet\NDISAPI.dll
MOD - [2012-03-03 00:30:06 | 000,823,808 | ---- | M] () -- C:\Program Files\Telenor Internet\SMSUIPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,771,072 | ---- | M] () -- C:\Program Files\Telenor Internet\AddrBookUIPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,670,720 | ---- | M] () -- C:\Program Files\Telenor Internet\SmsAppPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,550,400 | ---- | M] () -- C:\Program Files\Telenor Internet\CallAppPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,547,840 | ---- | M] () -- C:\Program Files\Telenor Internet\CallLogSrvPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,545,280 | ---- | M] () -- C:\Program Files\Telenor Internet\PluginContainer.dll
MOD - [2012-03-03 00:30:06 | 000,538,624 | ---- | M] () -- C:\Program Files\Telenor Internet\DeviceMgrUIPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,484,352 | ---- | M] () -- C:\Program Files\Telenor Internet\NetInfoUIExPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,441,856 | ---- | M] () -- C:\Program Files\Telenor Internet\DialupUIPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,427,008 | ---- | M] () -- C:\Program Files\Telenor Internet\core.dll
MOD - [2012-03-03 00:30:06 | 000,398,336 | ---- | M] () -- C:\Program Files\Telenor Internet\QtXml4.dll
MOD - [2012-03-03 00:30:06 | 000,382,464 | ---- | M] () -- C:\Program Files\Telenor Internet\Proxy.dll
MOD - [2012-03-03 00:30:06 | 000,370,176 | ---- | M] () -- C:\Program Files\Telenor Internet\plugins\imageformats\qtiff4.dll
MOD - [2012-03-03 00:30:06 | 000,350,720 | ---- | M] () -- C:\Program Files\Telenor Internet\plugins\imageformats\qmng4.dll
MOD - [2012-03-03 00:30:06 | 000,338,432 | ---- | M] () -- C:\Program Files\Telenor Internet\DeviceAppPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,333,824 | ---- | M] () -- C:\Program Files\Telenor Internet\NetConnectPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,307,200 | ---- | M] () -- C:\Program Files\Telenor Internet\StatusBarMgrPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,301,056 | ---- | M] () -- C:\Program Files\Telenor Internet\DeviceSrvPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,295,424 | ---- | M] () -- C:\Program Files\Telenor Internet\MenuMgrPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,278,528 | ---- | M] () -- C:\Program Files\Telenor Internet\NetInfoSrvPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,264,192 | ---- | M] () -- C:\Program Files\Telenor Internet\sdk.dll
MOD - [2012-03-03 00:30:06 | 000,263,168 | ---- | M] () -- C:\Program Files\Telenor Internet\LiveUpdateInterface.dll
MOD - [2012-03-03 00:30:06 | 000,238,080 | ---- | M] () -- C:\Program Files\Telenor Internet\AtCodec.dll
MOD - [2012-03-03 00:30:06 | 000,237,568 | ---- | M] () -- C:\Program Files\Telenor Internet\NetSrvPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,218,112 | ---- | M] () -- C:\Program Files\Telenor Internet\Common.dll
MOD - [2012-03-03 00:30:06 | 000,217,600 | ---- | M] () -- C:\Program Files\Telenor Internet\SmsSrvPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,211,968 | ---- | M] () -- C:\Program Files\Telenor Internet\DialUpPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,209,408 | ---- | M] () -- C:\Program Files\Telenor Internet\ToolBarMgrPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,192,000 | ---- | M] () -- C:\Program Files\Telenor Internet\plugins\imageformats\qjpeg4.dll
MOD - [2012-03-03 00:30:06 | 000,184,832 | ---- | M] () -- C:\Program Files\Telenor Internet\XFramePlugin.dll
MOD - [2012-03-03 00:30:06 | 000,180,224 | ---- | M] () -- C:\Program Files\Telenor Internet\NDISPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,176,128 | ---- | M] () -- C:\Program Files\Telenor Internet\CallSrvPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,159,744 | ---- | M] () -- C:\Program Files\Telenor Internet\XCodec.dll
MOD - [2012-03-03 00:30:06 | 000,158,720 | ---- | M] () -- C:\Program Files\Telenor Internet\NetConnectSrvPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,157,184 | ---- | M] () -- C:\Program Files\Telenor Internet\DataServicePlugin.dll
MOD - [2012-03-03 00:30:06 | 000,156,672 | ---- | M] () -- C:\Program Files\Telenor Internet\STKSrvPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,142,336 | ---- | M] () -- C:\Program Files\Telenor Internet\USSDSrvPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,135,168 | ---- | M] () -- C:\Program Files\Telenor Internet\Trace.dll
MOD - [2012-03-03 00:30:06 | 000,133,120 | ---- | M] () -- C:\Program Files\Telenor Internet\OSDialup.dll
MOD - [2012-03-03 00:30:06 | 000,131,072 | ---- | M] () -- C:\Program Files\Telenor Internet\OSNDIS.dll
MOD - [2012-03-03 00:30:06 | 000,123,392 | ---- | M] () -- C:\Program Files\Telenor Internet\ATR2SMgr.dll
MOD - [2012-03-03 00:30:06 | 000,117,760 | ---- | M] () -- C:\Program Files\Telenor Internet\LayoutPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,114,688 | ---- | M] () -- C:\Program Files\Telenor Internet\Win7Support.dll
MOD - [2012-03-03 00:30:06 | 000,101,376 | ---- | M] () -- C:\Program Files\Telenor Internet\OSAdapt.dll
MOD - [2012-03-03 00:30:06 | 000,093,184 | ---- | M] () -- C:\Program Files\Telenor Internet\NotifyServicePlugin.dll
MOD - [2012-03-03 00:30:06 | 000,082,944 | ---- | M] () -- C:\Program Files\Telenor Internet\plugins\imageformats\qgif4.dll
MOD - [2012-03-03 00:30:06 | 000,081,920 | ---- | M] () -- C:\Program Files\Telenor Internet\plugins\imageformats\qico4.dll
MOD - [2012-03-03 00:30:06 | 000,065,536 | ---- | M] () -- C:\Program Files\Telenor Internet\OSPowerMgr.dll
MOD - [2012-03-03 00:30:06 | 000,062,976 | ---- | M] () -- C:\Program Files\Telenor Internet\OSCall.dll
MOD - [2012-03-03 00:30:06 | 000,043,008 | ---- | M] () -- C:\Program Files\Telenor Internet\libgcc_s_dw2-1.dll
MOD - [2012-03-03 00:30:06 | 000,011,362 | ---- | M] () -- C:\Program Files\Telenor Internet\mingwm10.dll
MOD - [2012-03-03 00:30:05 | 001,078,272 | ---- | M] () -- C:\Program Files\Telenor Internet\AddrBookPlugin.dll
MOD - [2012-03-03 00:30:05 | 000,264,704 | ---- | M] () -- C:\Program Files\Telenor Internet\AddrBookSrvPlugin.dll
MOD - [2011-10-28 00:49:17 | 000,286,528 | ---- | M] () -- C:\Program Files\DNA\btdna.exe
MOD - [2011-10-26 15:34:43 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011-10-26 15:34:27 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011-10-26 15:34:10 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011-10-26 15:14:27 | 000,488,960 | ---- | M] () -- C:\Program Files\USBScan\USBScan.exe
MOD - [2011-06-20 09:00:24 | 000,102,400 | ---- | M] () -- C:\Program Files\Telenor Internet\BackgroundService\ModemListener.exe
MOD - [2011-03-02 11:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009-07-01 17:03:24 | 000,132,384 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2008-09-30 22:02:44 | 000,009,216 | ---- | M] () -- C:\Program Files\ASUS\Splendid\GLCDdll.dll
MOD - [2008-01-17 23:50:54 | 000,587,568 | ---- | M] () -- C:\Program Files\BitTorrent\bittorrent.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Running] -- -- (HWDeviceService.exe)
SRV - [2012-03-03 00:30:05 | 000,239,968 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Telenor Internet\UpdateDog\ouc.exe -- (Telenor Internet. RunOuc)
SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-01-03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-10-26 15:12:46 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011-06-20 09:00:24 | 000,049,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Telenor Internet\BackgroundService\ServiceManager.exe -- (Telenor_Montenegro Sepang Modem Device Helper)
SRV - [2009-08-18 01:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009-07-14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009-07-01 17:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009-06-15 16:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (ZTEusbser6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (ZTEusbnmea)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (ZTEusbmdm6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (massfilter)
DRV - [2012-03-03 00:30:06 | 000,353,280 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbwwan.sys -- (ewusbmbb)
DRV - [2012-03-03 00:30:06 | 000,193,792 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2012-03-03 00:30:06 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2012-03-03 00:30:06 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2011-06-20 09:00:46 | 000,106,112 | ---- | M] (TCT International Mobile Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jrdusbser.sys -- (jrdusbser)
DRV - [2010-11-20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010-11-20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010-11-20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-10-05 15:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009-08-18 02:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009-07-14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\serial.sys -- (Serial)
DRV - [2009-07-13 23:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009-07-13 23:02:53 | 000,048,128 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SiSGB6.sys -- (SiSGbeLH)
DRV - [2009-06-05 17:16:18 | 001,766,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007-07-31 01:39:00 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = dts.search-results.com/sr?src=ieb&appid.....r=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}: "URL" = dts.search-results.com/sr?src=ieb&appid.....r=0&q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = searchqu.com/431
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7C E5 1F 35 ED 93 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=10588
IE - HKCU\..\SearchScopes\{6A2AE1A7-B8C6-4F98-A581-D9191CBEFE21}: "URL" = search.softonic.com/MON00005/tb_v1?q={searchTerms}&SearchSource=4&cc=
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = dts.search-results.com/sr?src=ieb&appid.....r=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}: "URL" = dts.search-results.com/sr?src=ieb&appid.....r=0&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: " "
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/home?AF=10588"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\User\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\User\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-11-10 11:10:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-01-27 19:50:53 | 000,000,000 | ---D | M]

[2011-11-04 03:42:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Extensions
[2012-03-03 00:12:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\py1ypfdz.default\extensions
[2011-11-04 03:42:08 | 000,000,000 | ---D | M] (Wincore Mediabar) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\py1ypfdz.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
[2012-02-27 19:12:59 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\py1ypfdz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2012-01-23 01:03:31 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\py1ypfdz.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011-10-28 02:47:05 | 000,000,000 | ---D | M] (DealPly) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\py1ypfdz.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
[2011-10-28 02:49:16 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\py1ypfdz.default\extensions\ffxtlbr@babylon.com
[2012-02-29 21:55:58 | 000,000,000 | ---D | M] (Softonic Toolbar) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\py1ypfdz.default\extensions\ffxtlbra@softonic.com
[2011-10-28 00:03:01 | 000,000,863 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\py1ypfdz.default\searchplugins\conduit.xml
[2011-11-04 03:42:04 | 000,002,515 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\py1ypfdz.default\searchplugins\SearchResults.xml
[2012-02-27 19:12:53 | 000,002,515 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\py1ypfdz.default\searchplugins\Search_Results.xml
[2012-02-25 14:04:08 | 000,002,060 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\py1ypfdz.default\searchplugins\softonic.xml
[2011-11-10 11:10:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PY1YPFDZ.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
[2011-11-05 07:53:18 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007-08-29 22:47:44 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011-10-28 13:10:40 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011-11-05 04:21:03 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011-11-04 03:42:04 | 000,002,515 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2012-02-27 19:12:53 | 000,002,515 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2011-11-05 04:21:03 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = dts.search-results.com/sr?src=crb&appid.....r=0&q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\17.0.963.78\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\17.0.963.78\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\17.0.963.78\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: BitTorrent (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\User\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: DealPly = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0\
CHR - Extension: Extension Plays Faster Youtube Video = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iihglmkdfbbffbgkdhmoddfefegeefhh\1.0.0_0\
CHR - Extension: Gmail = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Wincore Mediabar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll ()
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (DataMngr) - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - C:\Program Files\iMesh Applications\MediaBar\Datamngr\BrowserConnection.dll (iMesh, Inc)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Wincore Mediabar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll ()
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (iMesh, Inc)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Telenor_Montenegro Sepang ModemListener] C:\Program Files\Telenor Internet\BackgroundService\ModemListener.exe ()
O4 - HKLM..\Run: [USBScan.exe] C:\Program Files\USBScan\USBScan.exe ()
O4 - HKCU..\Run: [BitTorrent] C:\Program Files\BitTorrent\bittorrent.exe ()
O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe ()
O4 - HKCU..\Run: [Facebook Update] C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [fTalk] C:\Users\User\AppData\Local\fTalk\ftalk.exe (Bandoo Media Inc.)
O4 - HKCU..\Run: [Mobile Partner] C:\Program Files\Telenor Internet\Telenor Internet.exe ()
O4 - HKCU..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3D4EB9F9-0D4E-4BC4-B9C1-71231ABFB528}: NameServer = 79.143.101.225 79.143.101.229
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E0D94D2-68D3-4E53-8126-897F55390419}: DhcpNameServer = 78.157.16.30 78.157.16.14 78.157.16.32
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3ECEA7E8-AE89-495D-9620-06A4BA8EB1A3}: NameServer = 79.143.101.225 79.143.101.229
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6835C5D4-617C-46F5-8B93-06F456C4F1A2}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A1DBED89-1A50-4FBB-8BEB-1063249B55EC}: NameServer = 79.143.101.225 79.143.101.229
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BACF4BB3-57F8-42DD-BF60-4641EAFD8FC0}: NameServer = 79.143.101.225 79.143.101.229
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngr.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - C:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011-10-26 15:14:33 | 000,000,000 | -H-D | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-07-22 16:50:28 | 000,000,000 | -H-D | M] - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011-03-15 00:27:21 | 000,148,320 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2011-04-03 02:01:00 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{05aae995-6152-11e1-acd7-0023547f9ca2}\Shell - "" = AutoRun
O33 - MountPoints2\{05aae995-6152-11e1-acd7-0023547f9ca2}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{0e014020-2638-11e1-9dd3-0023547f9ca2}\Shell - "" = AutoRun
O33 - MountPoints2\{0e014020-2638-11e1-9dd3-0023547f9ca2}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{1de6c491-210c-11e1-a03b-0023547f9ca2}\Shell - "" = AutoRun
O33 - MountPoints2\{1de6c491-210c-11e1-a03b-0023547f9ca2}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{1de6c49d-210c-11e1-a03b-0023547f9ca2}\Shell - "" = AutoRun
O33 - MountPoints2\{1de6c49d-210c-11e1-a03b-0023547f9ca2}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{239674fd-2377-11e1-b674-0023547f9ca2}\Shell - "" = AutoRun
O33 - MountPoints2\{239674fd-2377-11e1-b674-0023547f9ca2}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{35d08cf0-64a8-11e1-836d-001e101f1838}\Shell - "" = AutoRun
O33 - MountPoints2\{35d08cf0-64a8-11e1-836d-001e101f1838}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{35d08d01-64a8-11e1-836d-001e101f1838}\Shell - "" = AutoRun
O33 - MountPoints2\{35d08d01-64a8-11e1-836d-001e101f1838}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{404e7375-21e4-11e1-8c0b-0023547f9ca2}\Shell - "" = AutoRun
O33 - MountPoints2\{404e7375-21e4-11e1-8c0b-0023547f9ca2}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{91f3daad-64c1-11e1-83c6-0023547f9ca2}\Shell - "" = AutoRun
O33 - MountPoints2\{91f3daad-64c1-11e1-83c6-0023547f9ca2}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{91f3dac5-64c1-11e1-83c6-0023547f9ca2}\Shell - "" = AutoRun
O33 - MountPoints2\{91f3dac5-64c1-11e1-83c6-0023547f9ca2}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{a89bcafd-6096-11e1-9189-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a89bcafd-6096-11e1-9189-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{ef4805b6-3776-11e1-82c4-001e101faa49}\Shell - "" = AutoRun
O33 - MountPoints2\{ef4805b6-3776-11e1-82c4-001e101faa49}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{f8c95c37-609b-11e1-9316-0023547f9ca2}\Shell - "" = AutoRun
O33 - MountPoints2\{f8c95c37-609b-11e1-9316-0023547f9ca2}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012-03-10 14:18:26 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{D6758F9F-FC8C-40B0-8FC7-1B46E0D15577}
[2012-03-10 14:17:38 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{8A8065B9-A29D-4977-A0C2-107FF1C47895}
[2012-03-10 01:45:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{0424DEEE-85B4-4391-860C-E3741142C377}
[2012-03-09 13:44:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{43E38B69-E606-4814-90F6-F5163B1659F2}
[2012-03-09 13:43:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AFD250CE-B74E-4B12-9A78-3A35FB6C34B7}
[2012-03-08 21:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-03-08 21:02:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012-03-08 14:02:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F8D8C58B-3AB8-452D-9747-D9218D3860FA}
[2012-03-07 13:37:54 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{5D088227-AEF9-4C31-9467-C654793C8B96}
[2012-03-07 13:35:14 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{D9510DCB-77A9-479E-B2A9-97180275ADD3}
[2012-03-06 14:27:28 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A8076CCC-2379-4372-A9D6-B0C07BF88F99}
[2012-03-04 16:21:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{14AF462F-D567-4AC9-9BAC-043FD5B5113E}
[2012-03-04 16:20:26 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{8A359EE5-8692-4B32-B8A1-38C78B65AE5B}
[2012-03-04 12:43:30 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{5A7F1557-5D50-4748-A5B7-A778518D780E}
[2012-03-04 00:43:07 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{15CD10F5-9ABA-40A1-B93D-50355FF66859}
[2012-03-03 12:42:38 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AD768EA3-79A0-4F78-BBA2-3EED2D0A9C10}
[2012-03-03 12:41:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{6DFE44E8-F954-4628-8256-94E36BA1FD20}
[2012-03-03 00:30:26 | 000,861,696 | ---- | C] (DiBcom SA) -- C:\Windows\System32\drivers\mod7700.sys
[2012-03-03 00:30:26 | 000,353,280 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbwwan.sys
[2012-03-03 00:30:26 | 000,193,792 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2012-03-03 00:30:26 | 000,181,760 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys
[2012-03-03 00:30:26 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys
[2012-03-03 00:30:26 | 000,090,368 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys
[2012-03-03 00:30:26 | 000,073,216 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys
[2012-03-03 00:30:26 | 000,064,384 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys
[2012-03-03 00:30:26 | 000,026,624 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys
[2012-03-03 00:30:26 | 000,025,856 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2012-03-03 00:30:26 | 000,019,200 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys
[2012-03-03 00:30:26 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys
[2012-03-02 18:40:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AAA492A6-C4C4-4AFF-AD52-7518AF2BF4ED}
[2012-03-02 18:37:58 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B8692314-F3C3-496F-9EDB-F464EF6487AB}
[2012-03-01 22:24:26 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{7ADE3CDA-7CB5-4221-9D61-6884904A5E76}
[2012-03-01 10:23:54 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{318911DB-C2B7-4ED9-87AD-EFCCAD828199}
[2012-03-01 10:22:14 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{49C9FA05-23D0-42AE-A378-5AB131B784F1}
[2012-02-29 21:46:45 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{56BB8616-C408-46BA-8077-10955607C0FC}
[2012-02-29 21:46:07 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{328FD863-6563-49C7-B836-1668DC0E61C5}
[2012-02-29 16:00:13 | 000,000,000 | ---D | C] -- C:\OnlineUpdate
[2012-02-29 16:00:13 | 000,000,000 | ---D | C] -- C:\log
[2012-02-29 09:44:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{72AC2E5D-0581-46CD-BB72-A389AC18D1F6}
[2012-02-29 09:44:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{BD4E4AFC-D741-4FC3-9C6C-A2055A26CD39}
[2012-02-28 21:43:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{CA22FEF7-89FB-419D-BF94-D7B5BA85BE72}
[2012-02-28 21:42:46 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{81EBD45B-FB4D-4039-8E07-FC2A7D799BBE}
[2012-02-28 09:31:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{129DA844-F71B-4619-AB98-EA6190F4674D}
[2012-02-28 09:30:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{9E466403-8B31-41CF-BCD5-3D379F442557}
[2012-02-27 21:30:27 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{30E68B56-4BE5-4D95-8B9C-29EC06F6E28C}
[2012-02-27 21:30:13 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{2C2C4536-FF4A-4592-92C3-49816E6255D9}
[2012-02-27 19:12:52 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Searchqu Toolbar
[2012-02-27 19:12:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\fTalk
[2012-02-27 19:12:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\fTalk
[2012-02-27 18:32:37 | 000,994,128 | ---- | C] (Bandoo Media Inc) -- C:\Users\User\Desktop\fTalkV3.exe
[2012-02-27 09:29:58 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DFF03CF0-9C3C-4DAF-A3B3-225ED522677B}
[2012-02-27 09:29:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{6EE9C084-23A8-4E44-9DFB-BF936382AA07}
[2012-02-26 18:06:03 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{EB5737C3-EA17-4C3C-9137-3FDA5CC01BA2}
[2012-02-26 18:05:03 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012-02-26 17:27:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F38519F7-27AF-43D8-8A2F-55F45DD684E4}
[2012-02-26 00:31:03 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{8153F4F7-EA06-48E3-BA4F-D06769050AB4}
[2012-02-25 20:47:53 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012-02-25 19:28:03 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Canneverbe Limited
[2012-02-25 19:28:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2012-02-25 19:27:57 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\OpenCandy
[2012-02-25 19:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\cd dvd burner11
[2012-02-25 14:31:26 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\WMTools Downloaded Files
[2012-02-25 14:30:29 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker 2.6
[2012-02-25 12:37:07 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\pero
[2012-02-25 12:31:55 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{D39CD829-8440-4B82-AA08-BBB32507E57C}
[2012-02-24 17:41:43 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{790D3A61-760B-4E0C-BC7C-8692273F3C11}
[2012-02-11 12:02:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B7B29E6A-9EA9-4638-BAA0-A79F4D131816}
[2011-10-28 02:47:03 | 000,885,360 | ---- | C] (Babylon Ltd.) -- C:\Program Files\babylon_toolbar.exe

========== Files - Modified Within 30 Days ==========

[2012-03-11 00:29:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-679662542-505496964-2418107798-1000UA.job
[2012-03-10 23:29:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-679662542-505496964-2418107798-1000Core.job
[2012-03-10 22:53:20 | 000,023,936 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-03-10 22:53:20 | 000,023,936 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-03-10 22:52:40 | 000,618,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-03-10 22:52:40 | 000,104,546 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-03-10 22:46:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-03-10 22:45:59 | 2415,345,664 | -HS- | M] () -- C:\hiberfil.sys
[2012-03-10 16:20:05 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-679662542-505496964-2418107798-1000UA.job
[2012-03-08 21:02:14 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012-03-08 20:40:30 | 000,002,354 | ---- | M] () -- C:\Users\User\Desktop\Google Chrome.lnk
[2012-03-04 10:20:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-679662542-505496964-2418107798-1000Core.job
[2012-03-04 02:01:23 | 000,113,327 | ---- | M] () -- C:\Users\User\Desktop\my-life-my-rules-2-fb-Facebook-Profile-Timeline-Cover.jpg
[2012-03-03 00:30:46 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\Telenor Internet.lnk
[2012-03-03 00:30:06 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2012-03-03 00:30:06 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfCoInstaller01007.dll
[2012-03-03 00:30:06 | 000,861,696 | ---- | M] (DiBcom SA) -- C:\Windows\System32\drivers\mod7700.sys
[2012-03-03 00:30:06 | 000,353,280 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbwwan.sys
[2012-03-03 00:30:06 | 000,193,792 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2012-03-03 00:30:06 | 000,181,760 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys
[2012-03-03 00:30:06 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys
[2012-03-03 00:30:06 | 000,090,368 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys
[2012-03-03 00:30:06 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys
[2012-03-03 00:30:06 | 000,064,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys
[2012-03-03 00:30:06 | 000,026,624 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys
[2012-03-03 00:30:06 | 000,025,856 | ---- | M] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2012-03-03 00:30:06 | 000,019,200 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys
[2012-03-03 00:30:06 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys
[2012-03-02 22:07:45 | 000,017,920 | ---- | M] () -- C:\Users\User\Desktop\Untitled.MSWMM
[2012-03-01 13:57:12 | 000,011,264 | ---- | M] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-02-27 19:14:17 | 000,000,969 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\fTalk.lnk
[2012-02-27 19:14:17 | 000,000,967 | ---- | M] () -- C:\Users\User\Desktop\fTalk.lnk
[2012-02-27 18:36:06 | 000,994,128 | ---- | M] (Bandoo Media Inc) -- C:\Users\User\Desktop\fTalkV3.exe
[2012-02-25 17:15:20 | 016,006,877 | ---- | M] () -- C:\Users\User\Desktop\koze.wmv
[2012-02-25 16:47:33 | 000,000,155 | ---- | M] () -- C:\Windows\winamp.ini
[2012-02-25 14:06:11 | 000,000,232 | ---- | M] () -- C:\user.js
[2012-02-25 12:03:26 | 082,574,789 | ---- | M] () -- C:\Users\User\Desktop\MOV00760.3gp

========== Files Created - No Company Name ==========

[2012-03-04 02:01:31 | 000,113,327 | ---- | C] () -- C:\Users\User\Desktop\my-life-my-rules-2-fb-Facebook-Profile-Timeline-Cover.jpg
[2012-03-03 00:30:46 | 000,001,021 | ---- | C] () -- C:\Users\Public\Desktop\Telenor Internet.lnk
[2012-02-27 19:14:17 | 000,000,969 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\fTalk.lnk
[2012-02-27 19:14:17 | 000,000,967 | ---- | C] () -- C:\Users\User\Desktop\fTalk.lnk
[2012-02-27 19:12:51 | 000,000,975 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\fTalk.lnk
[2012-02-25 18:23:00 | 016,006,877 | ---- | C] () -- C:\Users\User\Desktop\koze.wmv
[2012-02-25 18:22:38 | 082,574,789 | ---- | C] () -- C:\Users\User\Desktop\MOV00760.3gp
[2012-02-25 17:11:24 | 000,017,920 | ---- | C] () -- C:\Users\User\Desktop\Untitled.MSWMM
[2012-02-25 14:30:29 | 000,002,495 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk
[2012-02-25 14:04:10 | 000,000,232 | ---- | C] () -- C:\user.js
[2011-10-26 23:49:28 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011-10-26 16:40:54 | 000,011,264 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-10-26 15:46:32 | 001,766,592 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2011-10-26 15:46:32 | 000,035,264 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2011-10-26 15:19:53 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011-10-26 15:14:09 | 000,000,046 | ---- | C] () -- C:\Users\User\AppData\Roaming\svighost.dll
[2011-10-26 15:13:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\pxhpinst.exe
[2011-10-26 15:13:01 | 000,000,155 | ---- | C] () -- C:\Windows\winamp.ini
[2010-11-20 22:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

Poslao: 11 Mar 2012 11:48
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

@Riki Scorpionn
Odradi sledece:

Iz Control Panela / Programs and Features deinstaliraj sledece:

Wincore Mediabar
Searchqu Toolbar
DealPly
Bandoo Media Inc.

Potom ponovo poseti ovu temu:
http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Isprati uputstvo za Gmer i postavi mi Gmer1/2/3 logove.
Takodje ponovo pokreni OTL i postavi mi svez OTL.txt log i Extras.txt po gore datom uputstvu.

Poslao: 11 Mar 2012 15:38
Idi na vrh
offline
  • Pridružio: 10 Mar 2012
  • Poruke: 4

hvala puno vec sam nasla da se skida ovaj virus na laksi nacin preko chrome u tools i remowe na youtube bilo brzo i jednostavno Wink pozz

Poslao: 11 Mar 2012 16:20
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Kako ti zelis. Wink
Ja bih ti i dalje preporucio da ispratis dato uputstvo da bismo mogli ukloniti neke ostatke i detaljno ispitati sistem.

MyCity » Ambulanta -> Arhiva Ambulante » mi dojde virus so angelina joli i taguva moi prijateli

Ko je trenutno na forumu
 

Ukupno su 1200 korisnika na forumu :: 53 registrovanih, 8 sakrivenih i 1139 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: AC-DC, Aleksa 3215, Alibaba1981, Andrija357, Apok, babaroga, bladesu, cemix, cikadeda, darkangel, Denaya, Dorcolac, DPera, dragoljub11987, Georgius, ILGromovnik, Insan, Joja, kokodakalo, Kriglord, Krusarac, Kubovac, kunktator, Leonov, Lieutenant, ljuba, lord sir giga, M1los, mercedesamg, mikrimaus, milenko crazy north, Milos ZA, nazgul75, nebojsag, nemkea71, nenooo, pein, predragc, radionica1, Raso75, RED4G-304, Rogan33, shlauf, Singidunumac, Suva planina, Tragač, virked, vladas87, voja64, wolverined4, Wrangler, YugoSlav, šumar bk2