MyCity » Ambulanta -> Arhiva Ambulante » Virus

Virus

Napisano na dan: 30.4.2013

Strana:
1
2

Virus

Sledeća strana

Pagination

Odgovori

Strana:
1
2

boki199777 Poslao: 30 Apr 2013 18:23 Idi na vrh
offline boki199777 Elitni građanin Pridružio: 26 Sep 2012 Poruke: 1869 Gde živiš: Ček' da vidim...	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Nakon skeniranja avastom,pronasao je virus : ss: dds: DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 10.4.1 Run by PC at 18:15:28 on 2013-04-30 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1071 [GMT 2:00] . AV: avast! Antivirus Enabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} . ============== Running Processes ================ . C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\PANDORA.TV\PanService\PandoraService.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\PANDORA.TV\PanService\PanProcess.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\System32\svchost.exe -k HTTPFilter . ============== Pseudo HJT Report =============== . uStart Page = [Link mogu videti samo ulogovani korisnici] uSearch Bar = [Link mogu videti samo ulogovani korisnici] mStart Page = [Link mogu videti samo ulogovani korisnici]{FB3572DC-FCCC-11E1-83F8-0025228B2B88} uInternet Connection Wizard,ShellNext = iexplore uSearchAssistant = [Link mogu videti samo ulogovani korisnici] mSearchAssistant = [Link mogu videti samo ulogovani korisnici] uURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {EEE6C35D-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgHelper.dll BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.0.318\McAfeeMSS_IE.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: MediaBar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - c:\program files\delta\delta\1.8.10.0\bh\delta.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll TB: MediaBar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - c:\program files\delta\delta\1.8.10.0\deltaTlbr.dll uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun uRun: [Google Update] "c:\documents and settings\pc\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent uRun: [EADM] "c:\program files\origin\Origin.exe" -AutoStart mRun: [HDAudDeck] c:\program files\via\viaudioi\hdadeck\HDeck.exe 1 mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [IgfxTray] c:\windows\system32\igfxtray.exe mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t StartupFolder: c:\docume~1\pc\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.318\SSScheduler.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [Link mogu videti samo ulogovani korisnici] TCP: NameServer = 192.168.1.254 TCP: Interfaces\{473C8E96-8510-474D-A48C-C6B7274C4778} : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{70A43B74-DAA5-4318-9EAC-1A4345FD4D29} : DHCPNameServer = 192.168.1.254 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Notify: igfxcui - igfxdev.dll AppInit_DLLs= c:\docume~1\alluse~1\applic~1\browse~1\261125~1.80\{c16c1~1\browse~1.dll SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll Hosts: 127.0.0.1 mpa.one.microsoft.com . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\pc\application data\mozilla\firefox\profiles\s71zogm4.default\ FF - prefs.js: browser.search.defaulturl - [Link mogu videti samo ulogovani korisnici]{searchTerms} FF - prefs.js: browser.search.selectedEngine - Delta Search FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici] FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici] FF - component: c:\documents and settings\all users\application data\browserprotect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\firefoxextension\components\BrowserProtect-3.6.dll FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll FF - plugin: c:\documents and settings\pc\application data\mozilla\firefox\profiles\s71zogm4.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\plugins\np-mswmp.dll FF - plugin: c:\documents and settings\pc\local settings\application data\google\update\1.3.21.135\npGoogleUpdate3.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre7\bin\npjpi170_04.dll FF - plugin: c:\program files\mcafee security scan\3.0.318\npMcAfeeMSS.dll FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_168.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Delta Toolbar: [Link mogu videti samo ulogovani korisnici] - %profile%\extensions\ffxtlbr@delta.com FF - Ext: XfireXO Community Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - %profile%\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} FF - Ext: SweetPacks Toolbar for Firefox: {EEE6C361-6118-11DC-9C72-001320C79847} - %profile%\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} FF - Ext: avast! WebRep: [Link mogu videti samo ulogovani korisnici] - c:\program files\avast software\avast\webrep\FF FF - Ext: BrowserProtect: {0F827075-B026-42F3-885D-98981EE7B1AE} - c:\documents and settings\all users\application data\browserprotect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension . ---- FIREFOX POLICIES ---- FF - user.js: extensions.delta.tlbrSrchUrl - FF - user.js: extensions.delta.id - d86227e80000000000000025228b2b88 FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} FF - user.js: extensions.delta.instlDay - 15771 FF - user.js: extensions.delta.vrsn - 1.8.10.0 FF - user.js: extensions.delta.vrsni - 1.8.10.0 FF - user.js: extensions.delta.vrsnTs - 1.8.10.022:19:38 FF - user.js: extensions.delta.prtnrId - delta FF - user.js: extensions.delta.prdct - delta FF - user.js: extensions.delta.aflt - babsst FF - user.js: extensions.delta.smplGrp - none FF - user.js: extensions.delta.tlbrId - base FF - user.js: extensions.delta.instlRef - sst FF - user.js: extensions.delta.dfltLng - en FF - user.js: extensions.delta.excTlbr - false FF - user.js: extensions.delta.admin - false FF - user.js: extensions.delta.autoRvrt - false FF - user.js: extensions.delta.rvrt - false FF - user.js: extensions.delta.newTab - false . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-4-29 49248] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-1-22 765736] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-1-22 368176] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-7-9 242240] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-1-22 29816] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-4-29 66336] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-1-22 45248] R2 BrowserProtect;BrowserProtect;c:\documents and settings\all users\application data\browserprotect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-4-25 2569168] R2 PanService;PandoraService;c:\program files\pandora.tv\panservice\PandoraService.exe [2013-2-8 625304] R3 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-4-29 164736] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-28 161384] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2002-1-1 1684736] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.318\McCHSvc.exe [2013-2-5 235216] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2002-1-1 1390976] S3 XDva389;XDva389;\??\c:\windows\system32\xdva389.sys --> c:\windows\system32\XDva389.sys [?] . =============== Created Last 30 ================ . 2013-04-29 16:20:01 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-04-29 16:20:01 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-04-29 16:20:01 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-04-29 16:06:20 -------- d-----w- c:\program files\Origin Games 2013-04-29 16:06:18 -------- d-----w- c:\documents and settings\pc\local settings\application data\Origin 2013-04-29 16:06:16 -------- d-----w- c:\documents and settings\pc\application data\Origin 2013-04-29 16:06:08 -------- d-----w- c:\documents and settings\all users\application data\Origin 2013-04-29 16:05:38 -------- d-----w- c:\program files\Origin 2013-04-29 16:02:54 -------- d-----w- C:\ProgramData 2013-04-29 15:46:10 -------- d-----w- c:\windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP 2013-04-29 10:55:14 114176 ----a-w- c:\documents and settings\pc\application data\BabMaint.exe . ==================== Find3M ==================== . 2013-03-12 22:17:35 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-03-12 22:17:35 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-03-06 22:33:24 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-03-06 22:32:51 41664 ----a-w- c:\windows\avastSS.scr . ============= FINISH: 18:21:42.76 =============== [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici]

Profil

magna86 Poslao: 30 Apr 2013 18:41 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop. zatvori browser i ostale pokrenute programe; deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ; dvoklikom pokreni zoek.exe; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sledeći tekst: iedefaults; resetIEproxy; {EEE6C35D-6118-11DC-9C72-001320C79847};c c:\program files\sweetim;fs {28387537-e3f9-4ed7-860c-11e69af4a8a0};c {C1AF5FA5-852C-4C90-812E-A7F75E011D87};c c:\program files\delta;fs {EEE6C35C-6118-11DC-9C72-001320C79847};c {EEE6C35B-6118-11DC-9C72-001320C79847};c {28387537-e3f9-4ed7-860c-11e69af4a8a0};c Delta Search;ff BrowserProtect;ff Delta Toolbar;ff SweetPacks;ff BrowserProtect;s c:\documents and settings\all users\application data\browserprotect;fs FFdefaults; chrdefaults; emptyalltemp; autoclean; Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku.

Profil

boki199777 Poslao: 02 Maj 2013 20:01 Idi na vrh
offline boki199777 Elitni građanin Pridružio: 26 Sep 2012 Poruke: 1869 Gde živiš: Ček' da vidim...	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo rezultata,samo da napomenem jos da mi je kom puzasno spor -.- Zoek.exe Version 4.0.0.2 Updated 23-04-2013 Tool run by PC on Thu 05/02/2013 at 19:45:52.60. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected ==== Creating Sample_20130502_0749.zip ====================== Process rundll32.exe killed Copied file C:\Documents and Settings\PC\Application Data\BabMaint.exe to sample sample\BabMaint.exe renamed to CC1A55091FD96BCB624AD791CD15D179 C:\Documents and Settings\All Users\Desktop\sample_20130502_0749.zip created successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1454471165-1592454029-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-e3f9-4ed7-860c-11e69af4a8a0} deleted successfully HKEY_USERS\S-1-5-21-1454471165-1592454029-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-1454471165-1592454029-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-1454471165-1592454029-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-1454471165-1592454029-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-1454471165-1592454029-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} deleted successfully HKEY_USERS\S-1-5-21-1454471165-1592454029-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} deleted successfully HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} deleted successfully HKEY_CLASSES_ROOT\CLSID\{28387537-e3f9-4ed7-860c-11e69af4a8a0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0} deleted successfully HKEY_CLASSES_ROOT\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1454471165-1592454029-1801674531-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\{EEE6C35D-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-1454471165-1592454029-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{28387537-e3f9-4ed7-860c-11e69af4a8a0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BrowserProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BrowserProtect deleted successfully ==== FireFox Fix ====================== Deleted from C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\prefs.js: user_pref("browser.startup.homepage", "http://isearch.babylon.com/?affID=119816&babsrc=HP_ss_bayi&mntrId=d86227e80000000000000025228b2b88"); user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}"); user_pref("browser.newtab.url", "http://www.delta-search.com/?affID=119816&babsrc=NT_ss&mntrId=d86227e80000000000000025228b2b88"); user_pref("browser.search.defaultenginename", "SweetIM Search"); user_pref("browser.search.selectedEngine", "Delta Search"); user_pref("browser.search.order.1", "Delta Search"); Added to C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ProfilePath: C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default ---- Lines Delta Search removed from prefs.js ---- user_pref("avg.install.userSPSettings", "Delta Search"); ---- Lines Delta Search modified from prefs.js ---- ---- Lines Delta Search removed from user.js ---- ---- Lines BrowserProtect removed from prefs.js ---- ---- Lines BrowserProtect modified from prefs.js ---- ---- Lines BrowserProtect removed from user.js ---- ---- Lines Delta Toolbar removed from prefs.js ---- ---- Lines Delta Toolbar modified from prefs.js ---- ---- Lines Delta Toolbar removed from user.js ---- ---- Lines SweetPacks removed from prefs.js ---- ---- Lines SweetPacks modified from prefs.js ---- ---- Lines SweetPacks removed from user.js ---- ---- Lines CT2304157 removed from prefs.js ---- user_pref("CommunityToolbar.ConduitHomepagesList", "http://search.conduit.com/?ctid=CT2304157&SearchSource=13,http://search.conduit.com/?ctid=CT2304157&SearchSource=13"); ---- Lines CT2304157 modified from prefs.js ---- ---- Lines CT2304157 removed from user.js ---- ---- Lines conduit removed from prefs.js ---- user_pref("CommunityToolbar.ConduitSearchList", "XfireXO Customized Web Search,XfireXO Customized Web Search"); ---- Lines conduit modified from prefs.js ---- ---- Lines conduit removed from user.js ---- ---- Lines babylon removed from prefs.js ---- user_pref("avg.install.userHPSettings", "http://isearch.babylon.com/?affID=119816&babsrc=HP_ss_bayi&mntrId=d86227e80000000000000025228b2b88"); ---- Lines babylon modified from prefs.js ---- ---- Lines babylon removed from user.js ---- ---- Lines search.com removed from prefs.js ---- ---- Lines search.com modified from prefs.js ---- ---- Lines search.com removed from user.js ---- ---- Lines Web Search removed from prefs.js ---- user_pref("browser.search.defaultthis.engineName", "XfireXO Customized Web Search"); ---- Lines Web Search modified from prefs.js ---- ---- Lines Web Search removed from user.js ---- ---- Lines Customized removed from prefs.js ---- ---- Lines Customized modified from prefs.js ---- ---- Lines Customized removed from user.js ---- ---- Lines CommunityToolbar removed from prefs.js ---- ---- Lines CommunityToolbar modified from prefs.js ---- ---- Lines CommunityToolbar removed from user.js ---- ---- Lines EEE6C361-6118-11DC-9C72-001320C79847 removed from prefs.js ---- ---- Lines EEE6C361-6118-11DC-9C72-001320C79847 modified from prefs.js ---- user_pref("extensions.enabledItems", "{1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0,{5e5ab302-7f65-44cd-8211-c1d4caaccea3}:3.14.1.0,{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.6.0.11664,fdm_ffext@freedownloadmanager.org:1.3.4,{6C8B07BF-0F6D-4EA4-B96F-FF1CCBAAE553}:2.0.1,{EEE6C361-6118-11DC-9C72-001320C79847}:1.6.0.3,ffxtlbr@delta.com:1.5.0,wrc@avast.com:8.0.1483,{0F827075-B026-42F3-885D-98981EE7B1AE}:2.6.1125.80,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.26"); ---- Lines EEE6C361-6118-11DC-9C72-001320C79847 removed from user.js ---- ---- Lines SweetIM removed from prefs.js ---- ser_pref("sweetim.toolbar.dnscatch.domain-blacklist", "..sweetim.com/.\|..facebook.com/.\|..google.com/.\|..google.co.in/.\|..google.com.br/.\|..google.es/.\|..youtube.com/.\|..yahoo.com/.\|..orkut.com.br/.\|.login.live.com/.\|.youtubedownloader.mybrowserbar.com/.");user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1347806423); ---- Lines SweetIM modified from prefs.js ---- ---- Lines SweetIM removed from user.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 modified from prefs.js ---- user_pref("extensions.enabledItems", "{1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0,{5e5ab302-7f65-44cd-8211-c1d4caaccea3}:3.14.1.0,{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.6.0.11664,fdm_ffext@freedownloadmanager.org:1.3.4,{6C8B07BF-0F6D-4EA4-B96F-FF1CCBAAE553}:2.0.1,{disabled}:1.6.0.3,ffxtlbr@delta.com:1.5.0,wrc@avast.com:8.0.1483,{0F827075-B026-42F3-885D-98981EE7B1AE}:2.6.1125.80,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.26"); ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from user.js ---- ---- Lines mybrowserbar removed from prefs.js ---- ---- Lines mybrowserbar modified from prefs.js ---- ---- Lines mybrowserbar removed from user.js ---- ---- FireFox user.js and prefs.js backups ---- user_20130502_0752_.backup prefs_20130502_0752_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "bProtector Start Page"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "bProtectorDefaultScope"=- ==== Deleting Files \ Folders ====================== "C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\searchplugins\BrowserProtect.xml" deleted "C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\searchplugins\conduit.xml" deleted "C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\searchplugins\babylon.xml" not deleted "C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\searchplugins\sweetim.xml" deleted "C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml" not deleted "C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml" not deleted "C:\Program Files\Mozilla Firefox\searchplugins\iMeshWebSearch.xml" deleted "C:\WINDOWS\tasks\EPUpdater.job" deleted "C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\bProtectorPreferences" deleted "C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\searchplugins\BrowserProtect.xml" deleted "C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\searchplugins\babylon.xml" not deleted "C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\searchplugins\iMeshWebSearch.xml" deleted "C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\bprotector_extensions.rdf" deleted "C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\bprotector_prefs.js" deleted "C:\Documents and Settings\PC\Application Data\BabMaint.exe" deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.settings" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\chrome.manifest" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\install.rdf" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-10.0.2.dll" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-11.0.dll" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-12.0.dll" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-13.0.dll" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-14.0.1.dll" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-15.0.dll" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-16.0.dll" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-17.0.dll" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-3.6.dll" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-3.6.xpt" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-5.0.dll" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-6.0.2.dll" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-7.0.1.dll" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-8.0.1.dll" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-9.0.1.dll" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\overlay.xul" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.settings" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\chrome.manifest" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\install.rdf" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-10.0.2.dll" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-11.0.dll" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-12.0.dll" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-13.0.dll" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-14.0.1.dll" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-15.0.dll" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-16.0.dll" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-17.0.dll" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-3.6.dll" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-3.6.xpt" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-5.0.dll" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-6.0.2.dll" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-7.0.1.dll" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-8.0.1.dll" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-9.0.1.dll" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\overlay.xul" not deleted "c:\program files\SweetIM" deleted "c:\program files\Delta" deleted "c:\documents and settings\all users\application data\BrowserProtect" not deleted "C:\Program Files\Delta" deleted "C:\Program Files\SweetIM" deleted "C:\Documents and Settings\PC\Application Data\BabSolution" deleted "C:\Documents and Settings\PC\Application Data\Babylon" deleted "C:\Documents and Settings\PC\Application Data\Delta" deleted "C:\Documents and Settings\PC\Application Data\eType" deleted "C:\Documents and Settings\All Users\Application Data\SweetIM" deleted "C:\Documents and Settings\All Users\Application Data\Babylon" deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect" not deleted "C:\Documents and Settings\PC\Local Settings\Application Data\PackageAware" deleted "C:\Documents and Settings\PC\Local Settings\Application Data\Conduit" deleted "C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}" deleted "C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\extensions\ffxtlbr@babylon.com" deleted "C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\CT2304157" deleted "C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\SweetPacksToolbarData" deleted "C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\CT2304157" deleted "C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\conduitCommon" deleted "C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\extensions\ffxtlbr@babylon.com" deleted "C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}" deleted "C:\Program Files\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components" not deleted "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components" not deleted "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content" not deleted ==== Firefox Extensions ====================== ProfilePath: C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default - Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - avast WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF - Undetermined - %ProfilePath%\extensions\fdm_ffext@freedownloadmanager.org - Delta Toolbar - %ProfilePath%\extensions\ffxtlbr@delta.com - Undetermined - %ProfilePath%\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0} - XfireXO Community Toolbar - %ProfilePath%\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} - Undetermined - %ProfilePath%\extensions\{6C8B07BF-0F6D-4EA4-B96F-FF1CCBAAE553} AppDir: C:\Program Files\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default 28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM 5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 5B048C618D064031FEC6D2C573321801 - C:\Program Files\Java\jre7\bin\npjpi170_04.dll - Java(TM) Platform SE 7 U4 75300E5ED4CD5B4363C3DBBB2D03269C - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll - McAfee Security Scanner + 136485E00BA2917F0FEA68D2EE78D733 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U4 AB45A736C78A166B89C0A578AD5E4392 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.40.255 9E8656A72541775394ADC0B680320BD0 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa B6A800D881A0176C544988870861E798 - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director F7414304D2D88213E935B048E04FE1AA - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll - Shockwave Flash E0FF893763BA82BAABB869A351F0C455 - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll - Google Update F647D0BEA553C1D0C251CE07DA6A5511 - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat 8988788C0E72997BAE454DE220F958F4 - C:\Program Files\Mozilla Firefox\plugins\npnul32.dll - Mozilla Default Plug-in F647D0BEA553C1D0C251CE07DA6A5511 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat DB988B4550DB9BCE86F9199D961057FC - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions eooncjejnppfjjklapaamhcdmjbilmde - C:\Documents and Settings\PC\Application Data\BabSolution\CR\Delta.crx[] icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[03/07/2013 12:29 AM] jcdgjdiieiljkfkdcloehkohchhpekkn - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[01/31/2013 10:40 AM] ogccgbmabaphcakpiclgcnmcnimhokcj - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx[] Delta Toolbar - PC - Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde avast WebRep - PC - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda Forecastfox - PC - Default\Extensions\ihffmkcfkejomlfnilnmkokcpgclhfeg SweetIM for Facebook - PC - Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn Skype for Chromium - PC - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl SweetPacks Chrome Extension - PC - Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj ==== Chrome Fix ====================== C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn deleted successfully C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://isearch.babylon.com/?affID=119816&babsrc=HP_ss_bayi&mntrId=d86227e80000000000000025228b2b88" "Start Page Restore"="http://search.conduit.com?SearchSource=10&ctid=CT2304157" "Search Bar"="http://search.imesh.com/sidebar.html?src=ssb&sysid=1" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://home.sweetim.com/?crg=3.1010000.10002&barid={FB3572DC-FCCC-11E1-83F8-0025228B2B88}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://search.imesh.com/sidebar.html?src=ssb&sysid=1" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://search.imesh.com/sidebar.html?src=ssb&sysid=1" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{EEE6C360-6118-11DC-9C72-001320C79847}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.google.com" "Start Page Restore"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Delta Search Url="http://www.delta-search.com/?q={searchTerms}&affID=119816&babsrc=SP_ss&mntrId=d86227e80000000000000025228b2b88" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1454471165-1592454029-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully HKEY_CLASSES_ROOT\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully HKEY_CLASSES_ROOT\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} deleted successfully HKEY_CLASSES_ROOT\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj deleted successfully ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\PC\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\PC\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Documents and Settings\PC\Local Settings\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\PC\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\searchplugins\babylon.xml" not found "C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml" deleted "C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml" not found "C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\searchplugins\babylon.xml" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.settings" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\chrome.manifest" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\install.rdf" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-10.0.2.dll" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-11.0.dll" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-12.0.dll" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-13.0.dll" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-14.0.1.dll" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-15.0.dll" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-16.0.dll" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-17.0.dll" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-3.6.dll" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-3.6.xpt" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-5.0.dll" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-6.0.2.dll" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-7.0.1.dll" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-8.0.1.dll" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-9.0.1.dll" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js" not found "c:\documents and settings\all users\application data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\overlay.xul" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.settings" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\chrome.manifest" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\install.rdf" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-10.0.2.dll" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-11.0.dll" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-12.0.dll" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-13.0.dll" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-14.0.1.dll" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-15.0.dll" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-16.0.dll" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-17.0.dll" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-3.6.dll" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-3.6.xpt" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-5.0.dll" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-6.0.2.dll" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-7.0.1.dll" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-8.0.1.dll" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-9.0.1.dll" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\overlay.xul" not found "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" deleted "C:\Documents and Settings\PC\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found "c:\documents and settings\all users\application data\BrowserProtect" not found "C:\Documents and Settings\All Users\Application Data\BrowserProtect" not found

Profil

magna86 Poslao: 02 Maj 2013 21:00 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Idemo na dodatne provere: Preuzmi aswMBR i sacuvaj ga na Desktop. Dvoklikom pokreni aswMBR. Ukoliko dobijes sledecu poruku: Would you like to download latest Avast! virus definitions? Klikni na dugme Yes i pricekaj da se proces preuzimanja definicija zavrsi. Proveri da je pod AV Scan: izabrana opcija QuickScan Klikni na Scan. Kada zavrsi skeniranje ( Scan finished successfully ) klikni Save log. Sacuvaj aswMBR log na Desktop. Sadrzaj tog loga iskopiraj u temi. --- --- --- --- --- --- --- --- --- --- --- --- Ponovo pokreni zoek.exe kao malopre sto si ali kopiraj ovaj script: `filesrcm; startupall; firefoxlook; chromelook;` Klikni na dugme RunScript i okaci mi svez zoekov log.

Profil

boki199777 Poslao: 02 Maj 2013 21:23 Idi na vrh
offline boki199777 Elitni građanin Pridružio: 26 Sep 2012 Poruke: 1869 Gde živiš: Ček' da vidim...	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 02 Maj 2013 21:14 bice za nekoliko minuta sve Dopuna: 02 Maj 2013 21:23 Evo aswMBR [Link mogu videti samo ulogovani korisnici] a evo i zoek.exe Zoek.exe Version 4.0.0.2 Updated 23-04-2013 Tool run by PC on Thu 05/02/2013 at 21:19:39.51. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\DOCUME~1\PC\LOCALS~1\Temp ==== ====== C:\WINDOWS\system32 ===== ====== C:\WINDOWS\system32\drivers ===== 2013-04-29 16:20:01 EDB0C9BA44B748E420CCA989FD8B826E 164736 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys 2013-04-29 16:20:01 A6E20E62871A28A0F1C05B1681848FA7 66336 ----a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys 2013-04-29 16:20:01 657A61979F40D67CA29716149766FFA7 49248 ----a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys ====== C:\WINDOWS\Tasks ====== 2013-05-01 16:26:47 F67A6969495943C95AAFEDDB707E92B8 292 ----a-w- C:\WINDOWS\Tasks\BrowserProtect.job 2013-04-28 09:27:18 5994775B24B8E2B05D7ACA84BA14C993 966 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-1592454029-1801674531-1003UA.job 2013-04-28 09:27:17 05C9608645BFC7B8D385021187A928EF 914 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-1592454029-1801674531-1003Core.job 2013-04-28 09:23:57 F80BBCD935A0692CB6CF9D3B44891C53 878 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-04-28 09:23:57 BD2EF473E8F1D5493E36130FE6B92AEE 874 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2013-04-29 16:06:20 -------- d-----w- C:\Program Files\Origin Games 2013-04-29 16:05:38 -------- d-----w- C:\Program Files\Origin 2013-04-29 16:02:44 -------- d-----w- C:\Program Files\Electronic Arts ======= C: ===== ====== C:\Documents and Settings\PC\Application Data ====== 2013-04-29 16:06:18 -------- d-----w- C:\Documents and Settings\PC\Local Settings\Application Data\Origin 2013-04-29 16:06:16 -------- d-----w- C:\Documents and Settings\PC\Application Data\Origin 2013-04-29 16:06:13 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\Origin 2013-04-29 16:06:08 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Origin ====== C:\Documents and Settings\PC ====== 2013-04-29 16:02:54 -------- d-----w- C:\ProgramData\Electronic Arts ====== C: exe-files == 2013-05-02 19:14:10 AEDB6AA9598337DA300942DEF6B5EFC5 4745728 ----a-w- C:\Documents and Settings\PC\My Documents\Downloads\aswMBR.exe 2013-05-02 18:00:24 8D52BB9305B4F67C42457B30CE83C4B1 106104 ----a-w- C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0\MSIExecWatcher.exe 2013-05-02 14:28:25 C26BB2535C1B20DEAFAEB12634BF4DC9 781592 ----a-w- C:\Program Files\Google\Update\1.3.21.145\GoogleUpdateSetup.exe 2013-05-02 14:28:25 8F11F0321ED84B1533FC1384AC71AC8D 59784 ----atw- C:\Program Files\Google\Update\1.3.21.145\GoogleUpdateBroker.exe 2013-05-02 14:28:25 00F714CA28A01FACB709486D6DA306A8 59784 ----atw- C:\Program Files\Google\Update\1.3.21.145\GoogleUpdateOnDemand.exe 2013-05-02 14:28:24 76B35CB0F3A4E69D6DFF27F542B9F856 216968 ----atw- C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe 2013-05-02 14:28:24 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.21.145\GoogleUpdate.exe 2013-05-02 14:28:24 4E252E85E5DC31BD645E809222AFAF27 287624 ----atw- C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler64.exe 2013-05-02 14:28:21 C26BB2535C1B20DEAFAEB12634BF4DC9 781592 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.145\GoogleUpdateSetup.exe 2013-05-01 05:50:10 835F89BA2AF2012370EB9015DFACB1BD 1040720 ----a-w- C:\WINDOWS\Temp\avast_ash\uTorrent\uTorrent.exe 2013-04-29 16:08:53 DD5929790DADF08539945440FC7B2BC1 1331904 ----a-w- C:\Program Files\Origin\LegacyPM\OriginUninstall.exe 2013-04-29 16:06:38 5B37D12195597DC67BBF0E9A46226782 11821312 ----a-w- C:\Documents and Settings\All Users\Application Data\Origin\DownloadCache\{ CP_Guest_2652(1)_ver3 }\OriginThinSetup.exe 2013-04-28 09:30:45 88363B688206D0C89FB1DD926F074C42 33302880 ----a-w- C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\26.0.1410.64\26.0.1410.64_chrome_installer.exe 2013-04-28 09:27:17 DCCE450DF30437E4A98FFAEAF9FEF949 774640 ----a-w- C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\1.3.21.135\GoogleUpdateSetup.exe 2013-04-28 09:27:17 BECDDA0990DEBD72A30096533521AD73 213384 ----atw- C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\1.3.21.135\GoogleCrashHandler.exe 2013-04-28 09:27:17 B676429E44F2F8ACC3BAE7C89F46B212 281480 ----atw- C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\1.3.21.135\GoogleCrashHandler64.exe 2013-04-28 09:27:17 74E337FFEB2B34043F8499D2F3DE03A8 59784 ----atw- C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe 2013-04-28 09:27:17 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe 2013-04-28 09:27:17 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\1.3.21.135\GoogleUpdate.exe 2013-04-28 09:27:17 376ECCCE33C2C232112DE830E3C81763 59784 ----atw- C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\1.3.21.135\GoogleUpdateBroker.exe 2013-04-28 09:23:55 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\GoogleUpdate.exe === C: other files == 2013-05-02 17:59:55 D2F6A1B11344D9AC7BCFB75900D4ADE1 23668 ----a-w- C:\Documents and Settings\PC\Local Settings\Temp\scoped_dir_2140_15740\youtube.crx 2013-05-02 17:59:55 8AD223868AB9974F7746D0227730A0CC 26392 ----a-w- C:\Documents and Settings\PC\Local Settings\Temp\scoped_dir_2140_22586\search.crx 2013-05-02 17:59:55 71E1283B8440F6264CEC99DF9AD81F5B 25561 ----a-w- C:\Documents and Settings\PC\Local Settings\Temp\scoped_dir_2140_11838\drive.crx 2013-05-02 17:59:55 2E2E328E5BF6BE61203164B3E9EA8094 24040 ----a-w- C:\Documents and Settings\PC\Local Settings\Temp\scoped_dir_2140_30573\gmail.crx 2013-05-02 17:59:54 DAEF5D9BA909DDE76195F96100B40445 2031824 ----a-w- C:\Documents and Settings\PC\Local Settings\Temp\scoped_dir_2140_23109\skype_chrome_extension.crx 2013-05-02 17:59:54 2C71C49F991095A1848624907BACBB08 4578 ----a-w- C:\Documents and Settings\PC\Local Settings\Temp\scoped_dir_2140_15737\docs.crx 2013-05-02 17:59:52 D203F19F77E672CBF7F22DD674F56803 638478 ----a-w- C:\Documents and Settings\PC\Local Settings\Temp\scoped_dir_2140_15731\aswWebRepChrome.crx 2013-05-02 17:49:40 518D85BD63C2FCED31ABEE6FEB4F705D 57608 ----a-w- C:\Documents and Settings\All Users\Desktop\sample_20130502_0749.zip 2013-04-29 16:20:01 EDB0C9BA44B748E420CCA989FD8B826E 164736 ----a-w- C:\WINDOWS\system32\drivers\aswVmm.sys 2013-04-29 16:20:01 A6E20E62871A28A0F1C05B1681848FA7 66336 ----a-w- C:\WINDOWS\system32\drivers\aswMonFlt.sys 2013-04-29 16:20:01 657A61979F40D67CA29716149766FFA7 49248 ----a-w- C:\WINDOWS\system32\drivers\aswRvrt.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"="c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t" [HKEY_USERS\S-1-5-21-1454471165-1592454029-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background" "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "Google Update"="C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c" "EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe -silent" "EADM"="C:\Program Files\Origin\Origin.exe -AutoStart" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"="c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1" "NvCplDaemon"="RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" "NvMediaCenter"="RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit" "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background" "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "Google Update"="C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c" "EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe -silent" "EADM"="C:\Program Files\Origin\Origin.exe -AutoStart" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Reader_sl" "hkey"="HKLM" "command"="\"C:\\Program Files\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Alcmtr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ALCMTR" "hkey"="HKLM" "command"="ALCMTR.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ctfmon.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ctfmon" "hkey"="HKCU" "command"="C:\\WINDOWS\\system32\\ctfmon.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DATAMN~1" "hkey"="HKLM" "command"="C:\\PROGRA~1\\IMESHA~1\\MediaBar\\Datamngr\\DATAMN~1.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Free Download Manager] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="fdm" "hkey"="HKCU" "command"="\"C:\\Program Files\\Free Download Manager\\fdm.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GrooveMonitor" "hkey"="HKLM" "command"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="hkcmd" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\hkcmd.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Logitech Vid] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Vid" "hkey"="HKCU" "command"="\"C:\\Program Files\\Logitech\\Vid\\Vid.exe\" -bootmode" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Logitech Vid HD] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="vid" "hkey"="HKCU" "command"="\"C:\\Program Files\\Logitech\\Vid\\vid.exe\" -bootmode" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LWS] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LWS" "hkey"="HKLM" "command"="C:\\Program Files\\Logitech\\LWS\\Webcam Software\\LWS.exe -hide" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBKeyScan] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NBKeyScan" "hkey"="HKLM" "command"="\"C:\\Program Files\\Nero\\Nero8\\Nero BackItUp\\NBKeyScan.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroCheck" "hkey"="HKLM" "command"="C:\\Program Files\\Common Files\\Nero\\Lib\\NeroCheck.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\nwiz] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="nwiz" "hkey"="HKLM" "command"="C:\\Program Files\\NVIDIA Corporation\\nView\\nwiz.exe /install" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="igfxpers" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\igfxpers.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDCPL] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RTHDCPL" "hkey"="HKLM" "command"="RTHDCPL.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\run32] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="lsass" "hkey"="HKLM" "command"="C:\\Win\\lsass.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VirtualCloneDrive] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="VCDDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files\\Elaborate Bytes\\VirtualCloneDrive\\VCDDaemon.exe\" /s" ==== Startup Folders ====================== 2013-02-02 12:23:16 1761 ----a-w- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk 2013-01-31 17:33:13 947 ----a-w- C:\Documents and Settings\PC\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [03/13/2013 12:17 AM] C:\WINDOWS\tasks\avast\Undertermined Task.exe [] C:\WINDOWS\tasks\BrowserProtect.job --a------ C:\WINDOWS\system32\sc.exe [08/23/2001 01:00 PM] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:0C:\ProgramC:Files\Google\Update\GoogleUpdate.exe [] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [04/28/2013 11:23 AM] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-1592454029-1801674531-1003Core.job --a------ C:\C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-1592454029-1801674531-1003UA.job --a------ C:\C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [] C:\WINDOWS\tasks\Norton Security Scan for PC.job --ah----- C:\PROGRA1\NORTON2\Engine\3521.10\Nss.exe [] C:\WINDOWS\tasks\Updater.job --a------ C:\Documents and Settings\All Users\Application Data\WombatUpdater\WombatUpdater.exe [] ==== Firefox Extensions ====================== ProfilePath: C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default - Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - avast WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF - Undetermined - %ProfilePath%\extensions\fdm_ffext@freedownloadmanager.org - Delta Toolbar - %ProfilePath%\extensions\ffxtlbr@delta.com - Undetermined - %ProfilePath%\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0} - XfireXO Community Toolbar - %ProfilePath%\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} - Undetermined - %ProfilePath%\extensions\{6C8B07BF-0F6D-4EA4-B96F-FF1CCBAAE553} AppDir: C:\Program Files\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default 28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM 5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 5B048C618D064031FEC6D2C573321801 - C:\Program Files\Java\jre7\bin\npjpi170_04.dll - Java(TM) Platform SE 7 U4 75300E5ED4CD5B4363C3DBBB2D03269C - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll - McAfee Security Scanner + 136485E00BA2917F0FEA68D2EE78D733 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U4 AB45A736C78A166B89C0A578AD5E4392 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.40.255 9E8656A72541775394ADC0B680320BD0 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa B6A800D881A0176C544988870861E798 - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director F7414304D2D88213E935B048E04FE1AA - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll - Shockwave Flash E0FF893763BA82BAABB869A351F0C455 - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll - Google Update F647D0BEA553C1D0C251CE07DA6A5511 - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat 8988788C0E72997BAE454DE220F958F4 - C:\Program Files\Mozilla Firefox\plugins\npnul32.dll - Mozilla Default Plug-in F647D0BEA553C1D0C251CE07DA6A5511 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat DB988B4550DB9BCE86F9199D961057FC - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[03/07/2013 12:29 AM] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[01/31/2013 10:40 AM] Google Docs - PC - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - PC - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - PC - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - PC - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf avast WebRep - PC - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda Skype for Chromium - PC - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Gmail - PC - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Profil

magna86 Poslao: 02 Maj 2013 21:51 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ponovo pokreni zoek.exe kao malopre ali kopiraj ovaj script: [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\run32];r C:\Win;f Delta Toolbar;ff C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\extensions\ffxtlbr@delta.com;f C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0};f XfireXO Community Toolbar;ff C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3};f autoclean; Klikni na dugme RunScript i okaci svez zoek.log ---------------------- Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop Dvoklikom pokreni program. Klikni na dugme [Delete] i pricekaj da program zavrsi. Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu. Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem. Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl" Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt ----------------------- Ovo sto ti je detektovao avast nije malware. AV nije uspeo da pristupi ili da pravilno procita file pa ti je izbacio upozorenje kao moguc sumnjiv file. Ali si zato bio pun crapware softvera. > Kako ti sad radi racunar?

Profil

boki199777 Poslao: 03 Maj 2013 11:10 Idi na vrh
offline boki199777 Elitni građanin Pridružio: 26 Sep 2012 Poruke: 1869 Gde živiš: Ček' da vidim...	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 03 Maj 2013 10:55 Izvini sto malo kasne podaci jer nije moj komp,nego od mog komsije,pa dok ja dodjem do njega Dopuna: 03 Maj 2013 11:02 Zoek.exe Version 4.0.0.2 Updated 30-04-2013 Tool run by PC on Fri 05/03/2013 at 10:55:26.92. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1454471165-1592454029-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== FireFox Fix ====================== ProfilePath: C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default ---- Lines Delta Toolbar removed from prefs.js ---- ---- Lines Delta Toolbar modified from prefs.js ---- ---- Lines Delta Toolbar removed from user.js ---- ---- Lines XfireXO Community Toolbar removed from prefs.js ---- ---- Lines XfireXO Community Toolbar modified from prefs.js ---- ---- Lines XfireXO Community Toolbar removed from user.js ---- ---- FireFox user.js and prefs.js backups ---- user_20130502_0752_.backup user_20130503_1057_.backup prefs_20130502_0752_.backup prefs_20130503_1057_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\run32] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "bProtectorDefaultScope"=- ==== Deleting Files \ Folders ====================== "C:\Win\names.txt" deleted "C:\Win" deleted ==== Firefox Extensions ====================== ProfilePath: C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default - Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - avast WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF - Undetermined - %ProfilePath%\extensions\fdm_ffext@freedownloadmanager.org - Delta Toolbar - %ProfilePath%\extensions\ffxtlbr@delta.com - Undetermined - %ProfilePath%\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0} - XfireXO Community Toolbar - %ProfilePath%\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} - Undetermined - %ProfilePath%\extensions\{6C8B07BF-0F6D-4EA4-B96F-FF1CCBAAE553} AppDir: C:\Program Files\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default 28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM 5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 5B048C618D064031FEC6D2C573321801 - C:\Program Files\Java\jre7\bin\npjpi170_04.dll - Java(TM) Platform SE 7 U4 75300E5ED4CD5B4363C3DBBB2D03269C - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll - McAfee Security Scanner + 136485E00BA2917F0FEA68D2EE78D733 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U4 AB45A736C78A166B89C0A578AD5E4392 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.40.255 9E8656A72541775394ADC0B680320BD0 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa B6A800D881A0176C544988870861E798 - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director F7414304D2D88213E935B048E04FE1AA - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll - Shockwave Flash E0FF893763BA82BAABB869A351F0C455 - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll - Google Update F647D0BEA553C1D0C251CE07DA6A5511 - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat 8988788C0E72997BAE454DE220F958F4 - C:\Program Files\Mozilla Firefox\plugins\npnul32.dll - Mozilla Default Plug-in F647D0BEA553C1D0C251CE07DA6A5511 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat DB988B4550DB9BCE86F9199D961057FC - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[03/07/2013 12:29 AM] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[01/31/2013 10:40 AM] avast WebRep - PC - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda Skype for Chromium - PC - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Start Page Restore"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Start Page Restore"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\PC\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Documents and Settings\PC\Local Settings\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\PC\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Documents and Settings\PC\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found Dopuna: 03 Maj 2013 11:05 # AdwCleaner v2.300 - Logfile created 05/03/2013 at 11:02:28 # Updated 28/04/2013 by Xplode # Operating system : Microsoft Windows XP Service Pack 3 (32 bits) # User : PC - COMPUTER_1 # Boot Mode : Normal # Running from : C:\Documents and Settings\PC\My Documents\Downloads\adwcleaner.exe # Option [Delete] *** [Services] * * [Files / Folders] * File Deleted : C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\searchplugins\delta.xml File Deleted : C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\searchplugins\yahoo-zugo.xml File Deleted : C:\Program Files\Mozilla Firefox\.autoreg File Deleted : C:\WINDOWS\Tasks\BrowserProtect.job Folder Deleted : C:\Documents and Settings\PC\Application Data\imeshbandmltbpi Folder Deleted : C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0} Folder Deleted : C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} Folder Deleted : C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\extensions\ffxtlbr@delta.com Folder Deleted : C:\WINDOWS\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} * [Registry] * Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\docume~1\alluse~1\applic~1\browse~1\261125~1.80\{c16c1~1\browse~1.dll Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKCU\Software\BabylonToolbar Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\DataMngr Key Deleted : HKCU\Software\DataMngr_Toolbar Key Deleted : HKCU\Software\Delta Key Deleted : HKCU\Software\delta LTD Key Deleted : HKCU\Software\DSNR Labs Key Deleted : HKCU\Software\fed8dbb63bb949 Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDE58274-7A2A-4682-8C47-A379DD9E36CB} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49D6-A4D5-2E8D7341384E} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7D9463CD-BBD8-42F4-AB72-D7B1191D9F3D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDE58274-7A2A-4682-8C47-A379DD9E36CB} Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\Zugo Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\Software\BabylonToolbar Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4AFB-BEBF-F5FD231ECD39} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48C9-91B4-7809E6945287} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4D7E-AF25-EFCC303D20A1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46B8-A83C-F3A45BDA23EE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49E5-A6C0-33FC86D80205} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4A9A-B4EF-72A91E3CCF4D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4E93-966C-65615720AEFB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4C0D-BA6D-BFEA16E773A6} Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1 Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1 Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1 Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1 Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1 Key Deleted : HKLM\SOFTWARE\Classes\imweb.imwebcontrol Key Deleted : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3 Key Deleted : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3 Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1 Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2304157 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\Delta Key Deleted : HKLM\SOFTWARE\fed8dbb63bb949 Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD} Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar Key Deleted : HKLM\Software\PIP Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{0F827075-B026-42F3-885D-98981EE7B1AE}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll] * [Internet Browsers] * -\\ Internet Explorer v6.0.2900.5512 [OK] Registry is clean. -\\ Mozilla Firefox v3.6.26 (en-US) File : C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\prefs.js C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\s71zogm4.default\user.js ... Deleted ! Deleted : user_pref("extensions.delta.admin", false); Deleted : user_pref("extensions.delta.aflt", "babsst"); Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); Deleted : user_pref("extensions.delta.autoRvrt", "false"); Deleted : user_pref("extensions.delta.dfltLng", "en"); Deleted : user_pref("extensions.delta.excTlbr", false); Deleted : user_pref("extensions.delta.id", "d86227e80000000000000025228b2b88"); Deleted : user_pref("extensions.delta.instlDay", "15771"); Deleted : user_pref("extensions.delta.instlRef", "sst"); Deleted : user_pref("extensions.delta.newTab", false); Deleted : user_pref("extensions.delta.prdct", "delta"); Deleted : user_pref("extensions.delta.prtnrId", "delta"); Deleted : user_pref("extensions.delta.rvrt", "false"); Deleted : user_pref("extensions.delta.smplGrp", "none"); Deleted : user_pref("extensions.delta.tlbrId", "base"); Deleted : user_pref("extensions.delta.tlbrSrchUrl", ""); Deleted : user_pref("extensions.delta.vrsn", "1.8.10.0"); Deleted : user_pref("extensions.delta.vrsni", "1.8.10.0"); Deleted : user_pref("extensions.delta.vrsnTs", "1.8.10.022:19:38"); -\\ Google Chrome v26.0.1410.64 File : C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [OK] File is clean. *********************** AdwCleaner[S1].txt - [16091 octets] - [03/05/2013 11:02:28] ########## EOF - C:\AdwCleaner[S1].txt - [16152 octets] ########## Dopuna: 03 Maj 2013 11:09 Ne bi bilo lose ako bih mogo ja da ti posaljem neki test da vidis sta sve ima u kompjuteru i ako je nepotrebno da mi kazes da maknem,jer ima nekih stvari ovde za koje nikad nisam cuo......a sto se tice kompa malo brze al nije neka veca osetna razlika Dopuna: 03 Maj 2013 11:10 Znaci da ostavimo samo osnovne stvari i ovih par igrica sto ima i to je to.

Profil

magna86 Poslao: 03 Maj 2013 18:01 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Citat:Ne bi bilo lose ako bih mogo ja da ti posaljem neki test da vidis sta sve ima u kompjuteru i ako je nepotrebno da mi kazes da maknem,jer ima nekih stvari ovde za koje nikad nisam cuo......a sto se tice kompa malo brze al nije neka veca osetna razlika U redu, hajde ponovo pokreni DDS i postavi mi svez DDS.txt i Attach.txt logove na uvid.

Profil

boki199777 Poslao: 03 Maj 2013 18:13 Idi na vrh
offline boki199777 Elitni građanin Pridružio: 26 Sep 2012 Poruke: 1869 Gde živiš: Ček' da vidim...	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: evo [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 10.4.1 Run by PC at 18:10:36 on 2013-05-03 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1274 [GMT 2:00] . AV: avast! Antivirus Enabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} . ============== Running Processes ================ . C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\PANDORA.TV\PanService\PandoraService.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\PANDORA.TV\PanService\PanProcess.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uStart Page = [Link mogu videti samo ulogovani korisnici] uInternet Connection Wizard,ShellNext = iexplore BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun uRun: [Google Update] "c:\documents and settings\pc\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent mRun: [HDAudDeck] c:\program files\via\viaudioi\hdadeck\HDeck.exe 1 mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [IgfxTray] c:\windows\system32\igfxtray.exe mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t StartupFolder: c:\docume~1\pc\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [Link mogu videti samo ulogovani korisnici] TCP: NameServer = 192.168.1.254 TCP: Interfaces\{473C8E96-8510-474D-A48C-C6B7274C4778} : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{70A43B74-DAA5-4318-9EAC-1A4345FD4D29} : DHCPNameServer = 192.168.1.254 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Notify: igfxcui - igfxdev.dll AppInit_DLLs= Hosts: 127.0.0.1 mpa.one.microsoft.com . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\pc\application data\mozilla\firefox\profiles\s71zogm4.default\ FF - prefs.js: browser.search.defaulturl - [Link mogu videti samo ulogovani korisnici] FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici] FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici] FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll FF - plugin: c:\documents and settings\pc\local settings\application data\google\update\1.3.21.135\npGoogleUpdate3.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre7\bin\npjpi170_04.dll FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_168.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-4-29 49248] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-1-22 765736] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-1-22 368176] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-1-22 29816] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-4-29 66336] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-1-22 45248] R2 PanService;PandoraService;c:\program files\pandora.tv\panservice\PandoraService.exe [2013-2-8 625304] R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-7-9 242240] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-28 161384] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2002-1-1 1684736] S3 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-4-29 164736] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2002-1-1 1390976] S3 XDva389;XDva389;\??\c:\windows\system32\xdva389.sys --> c:\windows\system32\XDva389.sys [?] . =============== Created Last 30 ================ . 2013-05-03 08:58:35 24064 ----a-w- c:\windows\zoek-delete.exe 2013-04-29 16:20:01 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-04-29 16:20:01 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-04-29 16:20:01 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-04-29 16:06:16 -------- d-----w- c:\documents and settings\pc\application data\Origin 2013-04-29 16:06:08 -------- d-----w- c:\documents and settings\all users\application data\Origin 2013-04-29 16:02:54 -------- d-----w- C:\ProgramData 2013-04-29 15:46:10 -------- d-----w- c:\windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP . ==================== Find3M ==================== . 2013-03-12 22:17:35 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-03-12 22:17:35 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-03-06 22:33:24 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-03-06 22:32:51 41664 ----a-w- c:\windows\avastSS.scr . ============= FINISH: 18:10:56.06 ===============

Profil

magna86 Poslao: 03 Maj 2013 22:28 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pokreni CCleaner ( imas ga instaliranog ); Tools > Sturtup Sa desne strane pod Windows tabom bice izlistani svi programi koji ti se automacki startuju sa sistemom; Dvoklikom mozes slobodno iskljuciti sve izlistane programe osim ovih: Skype <--- proizvoljno avast <-- obavezan EA Core <--- proizvoljno Ovi su neophodni. Tvoj avast AntiVirus od verzije 8 poseduje "Software Updater" alat koji ce proveravati da li su programi azurirani. Ukoliko postoji zastarela verzija neke aplikacije, dobices upozorenje + bice prikazano dugme Fix now koji ce ili automacki preuzeti i pokrenuti azuriran instaler ili ce te odvesti do download linka. Isto tako mozes proveriti i ostale tabove ( Internet Explorer; Firefox; Chrome; Sheduled; Context Menu ) gde ce takodje biti izlistane extenzije i taskovi koji ti se startuju sa sistemom. Nepotrebno mozes slobodno iskljuciti. Takodje iskoristi "Cleaner" i "Registry" mogucnosti. ------------------------------- Dao sam ti par kratkih saveta kako ubrzati Windows. Ja sam takodje sa zoek alatom obrisao temp fajlove i ostali junk. Za sva dodatna pitanja kako ubrzati Windows otvori novu temu u Windows forumu. Ovde iskljucivo radimo na detektovanju i uklanjanju malware-a. Potrebno je deinstalirati koriscene alate: Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop Dvoklikom pokreni program. Štikliraj sledeće opcije: Remove disinfection tools Purge System Restore Reset system settings Klikni na dugme "Run" i pričekaj da program završi rad. Kada alat završi, otvoriće izvestaj u notepadu. Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt Nije potrebno da mi prilazes DelFix izvestaj!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Virus

Ko je trenutno na forumu

Ukupno su 965 korisnika na forumu :: 63 registrovanih, 8 sakrivenih i 894 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 100ka, _stipa_, acov34, ALBION101, Areal84, Ba4e, Banovo Brdo, bbrasnjo3, Bivan, brufen, BUDDAR70, Cicumile, cojapop, cole77, colji, Crazzer, dacanaldo, dane007, Denaya, eagle.rs, FileFinder, Gogi_avio, goranjovic, ikan, indja, Jerry Drake, Jose, klepesina, kolle.the.kid, Koča, ladro, Lazarus, Mackomen, maCvele, Marko1238, Metanoja, Mi lao shu, milbos, MILJEVINAC, novator, Orijen, Oscar2, Parker, pceklic, PrincipL, RAKITNICA, rebcooil, redstar72, samo opusteno, shaja1, Sir Budimir, tenkiasta71, tihi-posmatrac, Tribal, troki1971, tvlada, voja64, volimpivuvolimrakiju, vukajlo71, vuksa72, XBMC, yrraf, zeka013

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by