mi dojde virus so angelina joli i taguva moi prijateli

mi dojde virus so angelina joli i taguva moi prijateli

offline
  • Pridružio: 10 Mar 2012
  • Poruke: 4

ve molam za pomos za ovaj link na FB virus e taguva prijateli :/@

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Ako sam razumeo tvoj problem, otvori novu temu u Ambulanti
http://www.mycity.rs/Ambulanta/

Isprati ovo uputstvo i postavi odgovarajuce izvestaje:
http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html
( DDS & Gmer za Windows x32bit ili OTL za Windows x64bit )

Neko iz naseg AMF Tima ce pregledati logove i proslediti ti instrukcije kako da uklonis malware.
Nadam se da ces se snaci Wink

offline
  • Pridružio: 10 Mar 2012
  • Poruke: 4

po završetku skeniranja, izveštaj (koji će biti automatski sačuvan na Desktop-u kao OTL.Txt) će se otvoriti u Notepad-u.


Priložite izveštaj OTL.Txt uz poruku korišćenjem opcije Prikači fajl.
Neznam jer treba link tj. virus da prikacim ili to da prikacim sta je u notepad-u Sad

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

To što je u Notepadu.

offline
  • Pridružio: 10 Mar 2012
  • Poruke: 4

OTL logfile created on: 11-Mar-12 00:28:14 - Run 2
OTL by OldTimer - Version 3.2.36.2 Folder = C:\Users\User\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy

3.00 Gb Total Physical Memory | 1.78 Gb Available Physical Memory | 59.33% Memory free
6.00 Gb Paging File | 4.65 Gb Available in Paging File | 77.58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 40.00 Gb Total Space | 24.87 Gb Free Space | 62.18% Space Free | Partition Type: NTFS
Drive D: | 247.21 Gb Total Space | 229.01 Gb Free Space | 92.64% Space Free | Partition Type: NTFS
Drive F: | 44.17 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-03-11 00:22:00 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\User\Downloads\OTL.exe
PRC - [2012-03-03 00:30:10 | 000,514,048 | ---- | M] () -- C:\Program Files\Telenor Internet\Telenor Internet.exe
PRC - [2012-03-03 00:30:05 | 000,239,968 | ---- | M] () -- C:\ProgramData\Telenor Internet\OnlineUpdate\ouc.exe
PRC - [2012-01-30 14:41:55 | 009,492,880 | ---- | M] (Bandoo Media Inc.) -- C:\Users\User\AppData\Local\fTalk\ftalk.exe
PRC - [2012-01-03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-10-30 17:33:50 | 001,694,128 | ---- | M] (iMesh, Inc) -- C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe
PRC - [2011-10-28 00:49:17 | 000,286,528 | ---- | M] () -- C:\Program Files\DNA\btdna.exe
PRC - [2011-10-26 15:14:27 | 000,488,960 | ---- | M] () -- C:\Program Files\USBScan\USBScan.exe
PRC - [2011-06-20 09:00:24 | 000,102,400 | ---- | M] () -- C:\Program Files\Telenor Internet\BackgroundService\ModemListener.exe
PRC - [2011-06-20 09:00:24 | 000,049,752 | ---- | M] () -- C:\Program Files\Telenor Internet\BackgroundService\ServiceManager.exe
PRC - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe
PRC - [2011-03-14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-11-20 22:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009-09-25 08:24:36 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControl.exe
PRC - [2009-08-19 19:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2009-08-18 01:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009-08-18 01:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009-07-23 09:30:06 | 000,544,768 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2009-07-01 17:03:12 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2009-07-01 17:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009-06-19 09:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009-06-19 09:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009-06-15 16:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008-12-22 16:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\WDC.exe
PRC - [2008-07-09 16:09:26 | 000,191,032 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2008-01-17 23:50:54 | 000,587,568 | ---- | M] () -- C:\Program Files\BitTorrent\bittorrent.exe
PRC - [2007-07-05 15:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2005-07-06 14:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe


========== Modules (No Company Name) ==========

MOD - [2012-03-08 15:28:52 | 000,429,040 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\17.0.963.78\ppgooglenaclpluginchrome.dll
MOD - [2012-03-08 15:28:51 | 003,772,912 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\17.0.963.78\pdf.dll
MOD - [2012-03-08 15:27:37 | 000,527,344 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\17.0.963.78\libglesv2.dll
MOD - [2012-03-08 15:27:35 | 000,114,672 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\17.0.963.78\libegl.dll
MOD - [2012-03-08 15:27:26 | 000,122,880 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\17.0.963.78\avutil-51.dll
MOD - [2012-03-08 15:27:24 | 000,220,672 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\17.0.963.78\avformat-53.dll
MOD - [2012-03-08 15:27:23 | 001,747,456 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\17.0.963.78\avcodec-53.dll
MOD - [2012-03-08 10:39:20 | 008,593,056 | ---- | M] () -- C:\Users\User\AppData\Local\Google\Chrome\Application\17.0.963.78\gcswf32.dll
MOD - [2012-03-03 00:30:10 | 000,514,048 | ---- | M] () -- C:\Program Files\Telenor Internet\Telenor Internet.exe
MOD - [2012-03-03 00:30:06 | 009,515,520 | ---- | M] () -- C:\Program Files\Telenor Internet\QtGui4.dll
MOD - [2012-03-03 00:30:06 | 002,415,104 | ---- | M] () -- C:\Program Files\Telenor Internet\QtCore4.dll
MOD - [2012-03-03 00:30:06 | 001,148,416 | ---- | M] () -- C:\Program Files\Telenor Internet\QtNetwork4.dll
MOD - [2012-03-03 00:30:06 | 001,101,824 | ---- | M] () -- C:\Program Files\Telenor Internet\NDISAPI.dll
MOD - [2012-03-03 00:30:06 | 000,823,808 | ---- | M] () -- C:\Program Files\Telenor Internet\SMSUIPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,771,072 | ---- | M] () -- C:\Program Files\Telenor Internet\AddrBookUIPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,670,720 | ---- | M] () -- C:\Program Files\Telenor Internet\SmsAppPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,550,400 | ---- | M] () -- C:\Program Files\Telenor Internet\CallAppPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,547,840 | ---- | M] () -- C:\Program Files\Telenor Internet\CallLogSrvPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,545,280 | ---- | M] () -- C:\Program Files\Telenor Internet\PluginContainer.dll
MOD - [2012-03-03 00:30:06 | 000,538,624 | ---- | M] () -- C:\Program Files\Telenor Internet\DeviceMgrUIPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,484,352 | ---- | M] () -- C:\Program Files\Telenor Internet\NetInfoUIExPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,441,856 | ---- | M] () -- C:\Program Files\Telenor Internet\DialupUIPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,427,008 | ---- | M] () -- C:\Program Files\Telenor Internet\core.dll
MOD - [2012-03-03 00:30:06 | 000,398,336 | ---- | M] () -- C:\Program Files\Telenor Internet\QtXml4.dll
MOD - [2012-03-03 00:30:06 | 000,382,464 | ---- | M] () -- C:\Program Files\Telenor Internet\Proxy.dll
MOD - [2012-03-03 00:30:06 | 000,370,176 | ---- | M] () -- C:\Program Files\Telenor Internet\plugins\imageformats\qtiff4.dll
MOD - [2012-03-03 00:30:06 | 000,350,720 | ---- | M] () -- C:\Program Files\Telenor Internet\plugins\imageformats\qmng4.dll
MOD - [2012-03-03 00:30:06 | 000,338,432 | ---- | M] () -- C:\Program Files\Telenor Internet\DeviceAppPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,333,824 | ---- | M] () -- C:\Program Files\Telenor Internet\NetConnectPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,307,200 | ---- | M] () -- C:\Program Files\Telenor Internet\StatusBarMgrPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,301,056 | ---- | M] () -- C:\Program Files\Telenor Internet\DeviceSrvPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,295,424 | ---- | M] () -- C:\Program Files\Telenor Internet\MenuMgrPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,278,528 | ---- | M] () -- C:\Program Files\Telenor Internet\NetInfoSrvPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,264,192 | ---- | M] () -- C:\Program Files\Telenor Internet\sdk.dll
MOD - [2012-03-03 00:30:06 | 000,263,168 | ---- | M] () -- C:\Program Files\Telenor Internet\LiveUpdateInterface.dll
MOD - [2012-03-03 00:30:06 | 000,238,080 | ---- | M] () -- C:\Program Files\Telenor Internet\AtCodec.dll
MOD - [2012-03-03 00:30:06 | 000,237,568 | ---- | M] () -- C:\Program Files\Telenor Internet\NetSrvPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,218,112 | ---- | M] () -- C:\Program Files\Telenor Internet\Common.dll
MOD - [2012-03-03 00:30:06 | 000,217,600 | ---- | M] () -- C:\Program Files\Telenor Internet\SmsSrvPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,211,968 | ---- | M] () -- C:\Program Files\Telenor Internet\DialUpPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,209,408 | ---- | M] () -- C:\Program Files\Telenor Internet\ToolBarMgrPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,192,000 | ---- | M] () -- C:\Program Files\Telenor Internet\plugins\imageformats\qjpeg4.dll
MOD - [2012-03-03 00:30:06 | 000,184,832 | ---- | M] () -- C:\Program Files\Telenor Internet\XFramePlugin.dll
MOD - [2012-03-03 00:30:06 | 000,180,224 | ---- | M] () -- C:\Program Files\Telenor Internet\NDISPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,176,128 | ---- | M] () -- C:\Program Files\Telenor Internet\CallSrvPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,159,744 | ---- | M] () -- C:\Program Files\Telenor Internet\XCodec.dll
MOD - [2012-03-03 00:30:06 | 000,158,720 | ---- | M] () -- C:\Program Files\Telenor Internet\NetConnectSrvPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,157,184 | ---- | M] () -- C:\Program Files\Telenor Internet\DataServicePlugin.dll
MOD - [2012-03-03 00:30:06 | 000,156,672 | ---- | M] () -- C:\Program Files\Telenor Internet\STKSrvPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,142,336 | ---- | M] () -- C:\Program Files\Telenor Internet\USSDSrvPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,135,168 | ---- | M] () -- C:\Program Files\Telenor Internet\Trace.dll
MOD - [2012-03-03 00:30:06 | 000,133,120 | ---- | M] () -- C:\Program Files\Telenor Internet\OSDialup.dll
MOD - [2012-03-03 00:30:06 | 000,131,072 | ---- | M] () -- C:\Program Files\Telenor Internet\OSNDIS.dll
MOD - [2012-03-03 00:30:06 | 000,123,392 | ---- | M] () -- C:\Program Files\Telenor Internet\ATR2SMgr.dll
MOD - [2012-03-03 00:30:06 | 000,117,760 | ---- | M] () -- C:\Program Files\Telenor Internet\LayoutPlugin.dll
MOD - [2012-03-03 00:30:06 | 000,114,688 | ---- | M] () -- C:\Program Files\Telenor Internet\Win7Support.dll
MOD - [2012-03-03 00:30:06 | 000,101,376 | ---- | M] () -- C:\Program Files\Telenor Internet\OSAdapt.dll
MOD - [2012-03-03 00:30:06 | 000,093,184 | ---- | M] () -- C:\Program Files\Telenor Internet\NotifyServicePlugin.dll
MOD - [2012-03-03 00:30:06 | 000,082,944 | ---- | M] () -- C:\Program Files\Telenor Internet\plugins\imageformats\qgif4.dll
MOD - [2012-03-03 00:30:06 | 000,081,920 | ---- | M] () -- C:\Program Files\Telenor Internet\plugins\imageformats\qico4.dll
MOD - [2012-03-03 00:30:06 | 000,065,536 | ---- | M] () -- C:\Program Files\Telenor Internet\OSPowerMgr.dll
MOD - [2012-03-03 00:30:06 | 000,062,976 | ---- | M] () -- C:\Program Files\Telenor Internet\OSCall.dll
MOD - [2012-03-03 00:30:06 | 000,043,008 | ---- | M] () -- C:\Program Files\Telenor Internet\libgcc_s_dw2-1.dll
MOD - [2012-03-03 00:30:06 | 000,011,362 | ---- | M] () -- C:\Program Files\Telenor Internet\mingwm10.dll
MOD - [2012-03-03 00:30:05 | 001,078,272 | ---- | M] () -- C:\Program Files\Telenor Internet\AddrBookPlugin.dll
MOD - [2012-03-03 00:30:05 | 000,264,704 | ---- | M] () -- C:\Program Files\Telenor Internet\AddrBookSrvPlugin.dll
MOD - [2011-10-28 00:49:17 | 000,286,528 | ---- | M] () -- C:\Program Files\DNA\btdna.exe
MOD - [2011-10-26 15:34:43 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011-10-26 15:34:27 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011-10-26 15:34:10 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011-10-26 15:14:27 | 000,488,960 | ---- | M] () -- C:\Program Files\USBScan\USBScan.exe
MOD - [2011-06-20 09:00:24 | 000,102,400 | ---- | M] () -- C:\Program Files\Telenor Internet\BackgroundService\ModemListener.exe
MOD - [2011-03-02 11:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009-07-01 17:03:24 | 000,132,384 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2008-09-30 22:02:44 | 000,009,216 | ---- | M] () -- C:\Program Files\ASUS\Splendid\GLCDdll.dll
MOD - [2008-01-17 23:50:54 | 000,587,568 | ---- | M] () -- C:\Program Files\BitTorrent\bittorrent.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Running] -- -- (HWDeviceService.exe)
SRV - [2012-03-03 00:30:05 | 000,239,968 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Telenor Internet\UpdateDog\ouc.exe -- (Telenor Internet. RunOuc)
SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-01-03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-10-26 15:12:46 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011-06-20 09:00:24 | 000,049,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Telenor Internet\BackgroundService\ServiceManager.exe -- (Telenor_Montenegro Sepang Modem Device Helper)
SRV - [2009-08-18 01:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009-07-14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009-07-01 17:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009-06-15 16:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (ZTEusbser6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (ZTEusbnmea)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (ZTEusbmdm6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (massfilter)
DRV - [2012-03-03 00:30:06 | 000,353,280 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbwwan.sys -- (ewusbmbb)
DRV - [2012-03-03 00:30:06 | 000,193,792 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2012-03-03 00:30:06 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2012-03-03 00:30:06 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2011-06-20 09:00:46 | 000,106,112 | ---- | M] (TCT International Mobile Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jrdusbser.sys -- (jrdusbser)
DRV - [2010-11-20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010-11-20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010-11-20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-10-05 15:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009-08-18 02:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009-07-14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\serial.sys -- (Serial)
DRV - [2009-07-13 23:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009-07-13 23:02:53 | 000,048,128 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SiSGB6.sys -- (SiSGbeLH)
DRV - [2009-06-05 17:16:18 | 001,766,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007-07-31 01:39:00 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = dts.search-results.com/sr?src=ieb&appid.....r=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}: "URL" = dts.search-results.com/sr?src=ieb&appid.....r=0&q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = searchqu.com/431
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7C E5 1F 35 ED 93 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=10588
IE - HKCU\..\SearchScopes\{6A2AE1A7-B8C6-4F98-A581-D9191CBEFE21}: "URL" = search.softonic.com/MON00005/tb_v1?q={searchTerms}&SearchSource=4&cc=
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = dts.search-results.com/sr?src=ieb&appid.....r=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}: "URL" = dts.search-results.com/sr?src=ieb&appid.....r=0&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: " "
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/home?AF=10588"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\User\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\User\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-11-10 11:10:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-01-27 19:50:53 | 000,000,000 | ---D | M]

[2011-11-04 03:42:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Extensions
[2012-03-03 00:12:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\py1ypfdz.default\extensions
[2011-11-04 03:42:08 | 000,000,000 | ---D | M] (Wincore Mediabar) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\py1ypfdz.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
[2012-02-27 19:12:59 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\py1ypfdz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2012-01-23 01:03:31 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\py1ypfdz.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011-10-28 02:47:05 | 000,000,000 | ---D | M] (DealPly) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\py1ypfdz.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
[2011-10-28 02:49:16 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\py1ypfdz.default\extensions\ffxtlbr@babylon.com
[2012-02-29 21:55:58 | 000,000,000 | ---D | M] (Softonic Toolbar) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\py1ypfdz.default\extensions\ffxtlbra@softonic.com
[2011-10-28 00:03:01 | 000,000,863 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\py1ypfdz.default\searchplugins\conduit.xml
[2011-11-04 03:42:04 | 000,002,515 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\py1ypfdz.default\searchplugins\SearchResults.xml
[2012-02-27 19:12:53 | 000,002,515 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\py1ypfdz.default\searchplugins\Search_Results.xml
[2012-02-25 14:04:08 | 000,002,060 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\py1ypfdz.default\searchplugins\softonic.xml
[2011-11-10 11:10:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PY1YPFDZ.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
[2011-11-05 07:53:18 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007-08-29 22:47:44 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011-10-28 13:10:40 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011-11-05 04:21:03 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011-11-04 03:42:04 | 000,002,515 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2012-02-27 19:12:53 | 000,002,515 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2011-11-05 04:21:03 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = dts.search-results.com/sr?src=crb&appid.....r=0&q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\17.0.963.78\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\17.0.963.78\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\17.0.963.78\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: BitTorrent (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\User\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: DealPly = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0\
CHR - Extension: Extension Plays Faster Youtube Video = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iihglmkdfbbffbgkdhmoddfefegeefhh\1.0.0_0\
CHR - Extension: Gmail = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Wincore Mediabar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll ()
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (DataMngr) - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - C:\Program Files\iMesh Applications\MediaBar\Datamngr\BrowserConnection.dll (iMesh, Inc)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Wincore Mediabar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll ()
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (iMesh, Inc)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Telenor_Montenegro Sepang ModemListener] C:\Program Files\Telenor Internet\BackgroundService\ModemListener.exe ()
O4 - HKLM..\Run: [USBScan.exe] C:\Program Files\USBScan\USBScan.exe ()
O4 - HKCU..\Run: [BitTorrent] C:\Program Files\BitTorrent\bittorrent.exe ()
O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe ()
O4 - HKCU..\Run: [Facebook Update] C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [fTalk] C:\Users\User\AppData\Local\fTalk\ftalk.exe (Bandoo Media Inc.)
O4 - HKCU..\Run: [Mobile Partner] C:\Program Files\Telenor Internet\Telenor Internet.exe ()
O4 - HKCU..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3D4EB9F9-0D4E-4BC4-B9C1-71231ABFB528}: NameServer = 79.143.101.225 79.143.101.229
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E0D94D2-68D3-4E53-8126-897F55390419}: DhcpNameServer = 78.157.16.30 78.157.16.14 78.157.16.32
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3ECEA7E8-AE89-495D-9620-06A4BA8EB1A3}: NameServer = 79.143.101.225 79.143.101.229
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6835C5D4-617C-46F5-8B93-06F456C4F1A2}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A1DBED89-1A50-4FBB-8BEB-1063249B55EC}: NameServer = 79.143.101.225 79.143.101.229
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BACF4BB3-57F8-42DD-BF60-4641EAFD8FC0}: NameServer = 79.143.101.225 79.143.101.229
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngr.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - C:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011-10-26 15:14:33 | 000,000,000 | -H-D | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-07-22 16:50:28 | 000,000,000 | -H-D | M] - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011-03-15 00:27:21 | 000,148,320 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2011-04-03 02:01:00 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{05aae995-6152-11e1-acd7-0023547f9ca2}\Shell - "" = AutoRun
O33 - MountPoints2\{05aae995-6152-11e1-acd7-0023547f9ca2}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{0e014020-2638-11e1-9dd3-0023547f9ca2}\Shell - "" = AutoRun
O33 - MountPoints2\{0e014020-2638-11e1-9dd3-0023547f9ca2}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{1de6c491-210c-11e1-a03b-0023547f9ca2}\Shell - "" = AutoRun
O33 - MountPoints2\{1de6c491-210c-11e1-a03b-0023547f9ca2}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{1de6c49d-210c-11e1-a03b-0023547f9ca2}\Shell - "" = AutoRun
O33 - MountPoints2\{1de6c49d-210c-11e1-a03b-0023547f9ca2}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{239674fd-2377-11e1-b674-0023547f9ca2}\Shell - "" = AutoRun
O33 - MountPoints2\{239674fd-2377-11e1-b674-0023547f9ca2}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{35d08cf0-64a8-11e1-836d-001e101f1838}\Shell - "" = AutoRun
O33 - MountPoints2\{35d08cf0-64a8-11e1-836d-001e101f1838}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{35d08d01-64a8-11e1-836d-001e101f1838}\Shell - "" = AutoRun
O33 - MountPoints2\{35d08d01-64a8-11e1-836d-001e101f1838}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{404e7375-21e4-11e1-8c0b-0023547f9ca2}\Shell - "" = AutoRun
O33 - MountPoints2\{404e7375-21e4-11e1-8c0b-0023547f9ca2}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{91f3daad-64c1-11e1-83c6-0023547f9ca2}\Shell - "" = AutoRun
O33 - MountPoints2\{91f3daad-64c1-11e1-83c6-0023547f9ca2}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{91f3dac5-64c1-11e1-83c6-0023547f9ca2}\Shell - "" = AutoRun
O33 - MountPoints2\{91f3dac5-64c1-11e1-83c6-0023547f9ca2}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{a89bcafd-6096-11e1-9189-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a89bcafd-6096-11e1-9189-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{ef4805b6-3776-11e1-82c4-001e101faa49}\Shell - "" = AutoRun
O33 - MountPoints2\{ef4805b6-3776-11e1-82c4-001e101faa49}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{f8c95c37-609b-11e1-9316-0023547f9ca2}\Shell - "" = AutoRun
O33 - MountPoints2\{f8c95c37-609b-11e1-9316-0023547f9ca2}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012-03-10 14:18:26 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{D6758F9F-FC8C-40B0-8FC7-1B46E0D15577}
[2012-03-10 14:17:38 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{8A8065B9-A29D-4977-A0C2-107FF1C47895}
[2012-03-10 01:45:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{0424DEEE-85B4-4391-860C-E3741142C377}
[2012-03-09 13:44:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{43E38B69-E606-4814-90F6-F5163B1659F2}
[2012-03-09 13:43:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AFD250CE-B74E-4B12-9A78-3A35FB6C34B7}
[2012-03-08 21:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-03-08 21:02:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012-03-08 14:02:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F8D8C58B-3AB8-452D-9747-D9218D3860FA}
[2012-03-07 13:37:54 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{5D088227-AEF9-4C31-9467-C654793C8B96}
[2012-03-07 13:35:14 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{D9510DCB-77A9-479E-B2A9-97180275ADD3}
[2012-03-06 14:27:28 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A8076CCC-2379-4372-A9D6-B0C07BF88F99}
[2012-03-04 16:21:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{14AF462F-D567-4AC9-9BAC-043FD5B5113E}
[2012-03-04 16:20:26 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{8A359EE5-8692-4B32-B8A1-38C78B65AE5B}
[2012-03-04 12:43:30 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{5A7F1557-5D50-4748-A5B7-A778518D780E}
[2012-03-04 00:43:07 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{15CD10F5-9ABA-40A1-B93D-50355FF66859}
[2012-03-03 12:42:38 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AD768EA3-79A0-4F78-BBA2-3EED2D0A9C10}
[2012-03-03 12:41:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{6DFE44E8-F954-4628-8256-94E36BA1FD20}
[2012-03-03 00:30:26 | 000,861,696 | ---- | C] (DiBcom SA) -- C:\Windows\System32\drivers\mod7700.sys
[2012-03-03 00:30:26 | 000,353,280 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbwwan.sys
[2012-03-03 00:30:26 | 000,193,792 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2012-03-03 00:30:26 | 000,181,760 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys
[2012-03-03 00:30:26 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys
[2012-03-03 00:30:26 | 000,090,368 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys
[2012-03-03 00:30:26 | 000,073,216 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys
[2012-03-03 00:30:26 | 000,064,384 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys
[2012-03-03 00:30:26 | 000,026,624 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys
[2012-03-03 00:30:26 | 000,025,856 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2012-03-03 00:30:26 | 000,019,200 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys
[2012-03-03 00:30:26 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys
[2012-03-02 18:40:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AAA492A6-C4C4-4AFF-AD52-7518AF2BF4ED}
[2012-03-02 18:37:58 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B8692314-F3C3-496F-9EDB-F464EF6487AB}
[2012-03-01 22:24:26 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{7ADE3CDA-7CB5-4221-9D61-6884904A5E76}
[2012-03-01 10:23:54 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{318911DB-C2B7-4ED9-87AD-EFCCAD828199}
[2012-03-01 10:22:14 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{49C9FA05-23D0-42AE-A378-5AB131B784F1}
[2012-02-29 21:46:45 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{56BB8616-C408-46BA-8077-10955607C0FC}
[2012-02-29 21:46:07 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{328FD863-6563-49C7-B836-1668DC0E61C5}
[2012-02-29 16:00:13 | 000,000,000 | ---D | C] -- C:\OnlineUpdate
[2012-02-29 16:00:13 | 000,000,000 | ---D | C] -- C:\log
[2012-02-29 09:44:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{72AC2E5D-0581-46CD-BB72-A389AC18D1F6}
[2012-02-29 09:44:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{BD4E4AFC-D741-4FC3-9C6C-A2055A26CD39}
[2012-02-28 21:43:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{CA22FEF7-89FB-419D-BF94-D7B5BA85BE72}
[2012-02-28 21:42:46 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{81EBD45B-FB4D-4039-8E07-FC2A7D799BBE}
[2012-02-28 09:31:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{129DA844-F71B-4619-AB98-EA6190F4674D}
[2012-02-28 09:30:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{9E466403-8B31-41CF-BCD5-3D379F442557}
[2012-02-27 21:30:27 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{30E68B56-4BE5-4D95-8B9C-29EC06F6E28C}
[2012-02-27 21:30:13 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{2C2C4536-FF4A-4592-92C3-49816E6255D9}
[2012-02-27 19:12:52 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Searchqu Toolbar
[2012-02-27 19:12:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\fTalk
[2012-02-27 19:12:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\fTalk
[2012-02-27 18:32:37 | 000,994,128 | ---- | C] (Bandoo Media Inc) -- C:\Users\User\Desktop\fTalkV3.exe
[2012-02-27 09:29:58 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DFF03CF0-9C3C-4DAF-A3B3-225ED522677B}
[2012-02-27 09:29:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{6EE9C084-23A8-4E44-9DFB-BF936382AA07}
[2012-02-26 18:06:03 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{EB5737C3-EA17-4C3C-9137-3FDA5CC01BA2}
[2012-02-26 18:05:03 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012-02-26 17:27:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F38519F7-27AF-43D8-8A2F-55F45DD684E4}
[2012-02-26 00:31:03 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{8153F4F7-EA06-48E3-BA4F-D06769050AB4}
[2012-02-25 20:47:53 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012-02-25 19:28:03 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Canneverbe Limited
[2012-02-25 19:28:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2012-02-25 19:27:57 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\OpenCandy
[2012-02-25 19:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\cd dvd burner11
[2012-02-25 14:31:26 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\WMTools Downloaded Files
[2012-02-25 14:30:29 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker 2.6
[2012-02-25 12:37:07 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\pero
[2012-02-25 12:31:55 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{D39CD829-8440-4B82-AA08-BBB32507E57C}
[2012-02-24 17:41:43 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{790D3A61-760B-4E0C-BC7C-8692273F3C11}
[2012-02-11 12:02:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B7B29E6A-9EA9-4638-BAA0-A79F4D131816}
[2011-10-28 02:47:03 | 000,885,360 | ---- | C] (Babylon Ltd.) -- C:\Program Files\babylon_toolbar.exe

========== Files - Modified Within 30 Days ==========

[2012-03-11 00:29:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-679662542-505496964-2418107798-1000UA.job
[2012-03-10 23:29:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-679662542-505496964-2418107798-1000Core.job
[2012-03-10 22:53:20 | 000,023,936 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-03-10 22:53:20 | 000,023,936 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-03-10 22:52:40 | 000,618,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-03-10 22:52:40 | 000,104,546 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-03-10 22:46:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-03-10 22:45:59 | 2415,345,664 | -HS- | M] () -- C:\hiberfil.sys
[2012-03-10 16:20:05 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-679662542-505496964-2418107798-1000UA.job
[2012-03-08 21:02:14 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012-03-08 20:40:30 | 000,002,354 | ---- | M] () -- C:\Users\User\Desktop\Google Chrome.lnk
[2012-03-04 10:20:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-679662542-505496964-2418107798-1000Core.job
[2012-03-04 02:01:23 | 000,113,327 | ---- | M] () -- C:\Users\User\Desktop\my-life-my-rules-2-fb-Facebook-Profile-Timeline-Cover.jpg
[2012-03-03 00:30:46 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\Telenor Internet.lnk
[2012-03-03 00:30:06 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2012-03-03 00:30:06 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfCoInstaller01007.dll
[2012-03-03 00:30:06 | 000,861,696 | ---- | M] (DiBcom SA) -- C:\Windows\System32\drivers\mod7700.sys
[2012-03-03 00:30:06 | 000,353,280 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbwwan.sys
[2012-03-03 00:30:06 | 000,193,792 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2012-03-03 00:30:06 | 000,181,760 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys
[2012-03-03 00:30:06 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys
[2012-03-03 00:30:06 | 000,090,368 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys
[2012-03-03 00:30:06 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys
[2012-03-03 00:30:06 | 000,064,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys
[2012-03-03 00:30:06 | 000,026,624 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys
[2012-03-03 00:30:06 | 000,025,856 | ---- | M] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2012-03-03 00:30:06 | 000,019,200 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys
[2012-03-03 00:30:06 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys
[2012-03-02 22:07:45 | 000,017,920 | ---- | M] () -- C:\Users\User\Desktop\Untitled.MSWMM
[2012-03-01 13:57:12 | 000,011,264 | ---- | M] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-02-27 19:14:17 | 000,000,969 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\fTalk.lnk
[2012-02-27 19:14:17 | 000,000,967 | ---- | M] () -- C:\Users\User\Desktop\fTalk.lnk
[2012-02-27 18:36:06 | 000,994,128 | ---- | M] (Bandoo Media Inc) -- C:\Users\User\Desktop\fTalkV3.exe
[2012-02-25 17:15:20 | 016,006,877 | ---- | M] () -- C:\Users\User\Desktop\koze.wmv
[2012-02-25 16:47:33 | 000,000,155 | ---- | M] () -- C:\Windows\winamp.ini
[2012-02-25 14:06:11 | 000,000,232 | ---- | M] () -- C:\user.js
[2012-02-25 12:03:26 | 082,574,789 | ---- | M] () -- C:\Users\User\Desktop\MOV00760.3gp

========== Files Created - No Company Name ==========

[2012-03-04 02:01:31 | 000,113,327 | ---- | C] () -- C:\Users\User\Desktop\my-life-my-rules-2-fb-Facebook-Profile-Timeline-Cover.jpg
[2012-03-03 00:30:46 | 000,001,021 | ---- | C] () -- C:\Users\Public\Desktop\Telenor Internet.lnk
[2012-02-27 19:14:17 | 000,000,969 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\fTalk.lnk
[2012-02-27 19:14:17 | 000,000,967 | ---- | C] () -- C:\Users\User\Desktop\fTalk.lnk
[2012-02-27 19:12:51 | 000,000,975 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\fTalk.lnk
[2012-02-25 18:23:00 | 016,006,877 | ---- | C] () -- C:\Users\User\Desktop\koze.wmv
[2012-02-25 18:22:38 | 082,574,789 | ---- | C] () -- C:\Users\User\Desktop\MOV00760.3gp
[2012-02-25 17:11:24 | 000,017,920 | ---- | C] () -- C:\Users\User\Desktop\Untitled.MSWMM
[2012-02-25 14:30:29 | 000,002,495 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk
[2012-02-25 14:04:10 | 000,000,232 | ---- | C] () -- C:\user.js
[2011-10-26 23:49:28 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011-10-26 16:40:54 | 000,011,264 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-10-26 15:46:32 | 001,766,592 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2011-10-26 15:46:32 | 000,035,264 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2011-10-26 15:19:53 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011-10-26 15:14:09 | 000,000,046 | ---- | C] () -- C:\Users\User\AppData\Roaming\svighost.dll
[2011-10-26 15:13:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\pxhpinst.exe
[2011-10-26 15:13:01 | 000,000,155 | ---- | C] () -- C:\Windows\winamp.ini
[2010-11-20 22:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

@Riki Scorpionn
Odradi sledece:

Iz Control Panela / Programs and Features deinstaliraj sledece:

Wincore Mediabar
Searchqu Toolbar
DealPly
Bandoo Media Inc.


Potom ponovo poseti ovu temu:
http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Isprati uputstvo za Gmer i postavi mi Gmer1/2/3 logove.
Takodje ponovo pokreni OTL i postavi mi svez OTL.txt log i Extras.txt po gore datom uputstvu.

offline
  • Pridružio: 10 Mar 2012
  • Poruke: 4

hvala puno vec sam nasla da se skida ovaj virus na laksi nacin preko chrome u tools i remowe na youtube bilo brzo i jednostavno Wink pozz

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Kako ti zelis. Wink
Ja bih ti i dalje preporucio da ispratis dato uputstvo da bismo mogli ukloniti neke ostatke i detaljno ispitati sistem.

Ko je trenutno na forumu
 

Ukupno su 1095 korisnika na forumu :: 32 registrovanih, 7 sakrivenih i 1056 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., avijacija, babaroga, bojcistv, coaaco, comi_pfc, djboj, dragoljub11987, gomago, ILGromovnik, Insan, kalens021, Kubovac, Litostroton, mercedesamg, Mercury, Metanoja, mile23, nebkv, nenad81, oldtimer, procesor, raketaš, shone34, t84dar, User98, USSVoyager, vathra, VJ, VP6919, wizzardone, yuklll