MyCity » Ambulanta -> Arhiva Ambulante » Facebook spam

Facebook spam

Napisano na dan: 26.2.2012

Facebook spam
Sledeća strana Pagination

Idi na vrh

Poslao: 26 Feb 2012 19:56
Idi na vrh
offline
  • Pridružio: 26 Feb 2012
  • Poruke: 4

molim za savet sta da uradim... stalno mi se na zidu pojavljuje da sam neke provale oznacila sa like... uporno ih prijavljujem kao spam ali i dalje se pojavljuju...





OTL logfile created on: 26.2.2012 19:40:38 - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\User\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000241A | Country: Serbia | Language: SRM | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 65,85% Memory free
4,00 Gb Paging File | 3,07 Gb Available in Paging File | 76,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 28,03 Gb Total Space | 5,06 Gb Free Space | 18,06% Space Free | Partition Type: NTFS
Drive D: | 269,96 Gb Total Space | 269,22 Gb Free Space | 99,73% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.02.26 19:40:02 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
PRC - [2012.02.21 17:36:59 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.10.25 13:44:42 | 000,793,048 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2011.10.25 13:44:42 | 000,103,896 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.03.22 10:36:19 | 000,032,849 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
PRC - [2011.03.22 10:36:19 | 000,028,762 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\2.bin\MWSSVC.EXE
PRC - [2011.02.11 11:27:50 | 004,772,720 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\BitTorrent.exe
PRC - [2011.01.13 00:58:24 | 001,960,336 | ---- | M] (Bandoo Media Inc.) -- C:\Program Files\Bandoo\Bandoo.exe
PRC - [2010.11.04 16:15:50 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010.11.04 16:15:32 | 002,219,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2010.10.19 13:59:38 | 000,984,000 | ---- | M] (Discordia, LTD) -- C:\Program Files\Shareaza Applications\MediaBar\Datamngr\datamngrUI.exe
PRC - [2010.05.21 16:52:24 | 001,271,088 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
PRC - [2010.04.06 15:12:40 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010.04.06 15:12:06 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010.01.15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 02:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe


========== Modules (No Company Name) ==========

MOD - [2012.02.21 17:36:59 | 001,911,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.01.26 19:21:22 | 000,079,872 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCoreGecko10.dll
MOD - [2010.12.23 13:27:26 | 005,971,408 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2010.12.23 13:09:59 | 001,708,032 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3748.36963__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll
MOD - [2010.12.23 13:09:59 | 000,380,928 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3748.36826__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2010.12.23 13:09:59 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3748.36850__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2010.12.23 13:09:59 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3748.36907__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2010.12.23 13:09:59 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3748.36886__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2010.12.23 13:09:59 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3748.36875__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2010.12.23 13:09:59 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3748.36843__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2010.12.23 13:09:59 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3748.36837__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2010.12.23 13:09:58 | 001,294,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3748.36959__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll
MOD - [2010.12.23 13:09:58 | 000,856,064 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3748.36878__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2010.12.23 13:09:58 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3748.36851__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2010.12.23 13:09:58 | 000,409,600 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3748.36900__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2010.12.23 13:09:58 | 000,376,832 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3748.36871__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2010.12.23 13:09:58 | 000,356,352 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3748.36892__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2010.12.23 13:09:58 | 000,323,584 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3748.36885__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2010.12.23 13:09:58 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3748.36855__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2010.12.23 13:09:58 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3748.36850__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2010.12.23 13:09:58 | 000,184,320 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Dashboard\2.0.3748.36965__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Dashboard.dll
MOD - [2010.12.23 13:09:58 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3748.36928__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2010.12.23 13:09:58 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3748.36877__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2010.12.23 13:09:58 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3748.36892__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2010.12.23 13:09:58 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3748.36883__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2010.12.23 13:09:58 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3748.36836__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2010.12.23 13:09:58 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3748.36931__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2010.12.23 13:09:58 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3748.36891__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2010.12.23 13:09:58 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3748.36928__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2010.12.23 13:09:58 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3748.36883__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2010.12.23 13:09:58 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3748.36855__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2010.12.23 13:09:58 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3748.36884__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2010.12.23 13:09:58 | 000,013,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Runtime\2.0.3748.36965__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Runtime.dll
MOD - [2010.12.23 13:09:58 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3748.36963__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll
MOD - [2010.12.23 13:09:57 | 000,741,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3748.36957__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2010.12.23 13:09:57 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3748.36876__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2010.12.23 13:09:57 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010.12.23 13:09:57 | 000,151,552 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3748.36819__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3748.36816__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2010.12.23 13:09:57 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3748.36867__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3748.36907__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3748.36876__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2010.12.23 13:09:57 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3748.36891__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3748.36847__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3748.36876__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3748.36837__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2010.12.23 13:09:57 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3748.36929__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3748.36877__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2010.12.23 13:09:57 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3748.36936__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2010.12.23 13:09:57 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3748.36886__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3748.36815__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2010.12.23 13:09:57 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3748.36837__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3748.36923__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2010.12.23 13:09:57 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3748.36901__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3748.36837__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3748.36847__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3748.36818__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3748.36882__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3748.36818__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3748.36825__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3748.36817__90ba9c70f846762e\APM.Foundation.dll
MOD - [2010.12.23 13:09:57 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2010.12.23 13:09:57 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2010.12.23 13:09:57 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3748.36843__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3748.36836__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3748.36816__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2010.12.23 13:09:57 | 000,009,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3748.36929__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3748.36820__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3748.36817__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2010.12.23 13:09:57 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3748.36817__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3748.36825__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2010.12.23 13:09:57 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3748.36928__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3748.36822__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3748.36821__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3748.36819__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2010.12.23 13:09:57 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3748.36820__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3748.36936__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3748.36826__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2010.12.23 13:09:57 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3748.36821__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2010.12.23 13:09:56 | 001,220,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3748.36832__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2010.12.23 13:09:56 | 000,577,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3748.36917__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2010.12.23 13:09:56 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3748.36843__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2010.12.23 13:09:56 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3748.36923__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2010.12.23 13:09:56 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3748.36921__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2010.12.23 13:09:56 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3748.36824__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2010.12.23 13:09:56 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3748.36823__90ba9c70f846762e\APM.Server.dll
MOD - [2010.12.23 13:09:56 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3748.36825__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2010.12.23 13:09:56 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3748.36821__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2010.12.23 13:09:56 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3748.36822__90ba9c70f846762e\AEM.Server.dll
MOD - [2010.12.23 13:09:56 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3748.36820__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2010.12.23 13:09:56 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3748.36830__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2010.12.23 13:09:56 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3748.36818__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2010.12.23 13:09:56 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2010.12.23 13:09:56 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3748.36819__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2010.12.23 13:09:56 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3748.36923__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2010.12.23 13:09:56 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3748.36842__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2010.12.23 13:09:56 | 000,010,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3748.36831__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2010.12.23 13:09:56 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3748.36849__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010.12.23 13:09:56 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3748.36824__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2010.12.23 13:09:56 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3748.36822__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009.07.14 05:43:36 | 011,804,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\3871fc2b96345aa6f3be81d9e3c97160\System.Web.ni.dll
MOD - [2009.07.14 05:43:30 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\4bdeb88758dccd625f4703ed77aaf348\System.Runtime.Remoting.ni.dll
MOD - [2009.07.14 05:43:04 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\fedf1ba58dced4f0b3f8c457648ceed9\System.Windows.Forms.ni.dll
MOD - [2009.07.14 05:42:57 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ead6be8b410d56b5576b10e56af2c180\System.Drawing.ni.dll
MOD - [2009.07.14 05:42:40 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5dd9f783008543df3e642ff1e99de4e8\System.Xml.ni.dll
MOD - [2009.07.14 05:42:37 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b1350e31ff09cc583b34854816d8036\System.Configuration.ni.dll
MOD - [2009.07.14 05:42:36 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5ba3bf5367fc012300c6566f20cb7f54\System.ni.dll
MOD - [2009.07.14 05:42:30 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8c1770d45c63cf5c462eeb945ef9aa5d\mscorlib.ni.dll


========== Win32 Services (SafeList) ==========

SRV - [2011.10.25 13:44:42 | 000,793,048 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.03.22 10:36:19 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Running] -- C:\Program Files\MyWebSearch\bar\2.bin\MWSSVC.EXE -- (MyWebSearchService)
SRV - [2011.01.13 00:58:24 | 001,960,336 | ---- | M] (Bandoo Media Inc.) [Auto | Running] -- C:\Program Files\Bandoo\Bandoo.exe -- (Bandoo Coordinator)
SRV - [2010.12.23 14:05:48 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.11.04 16:18:10 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.11.04 16:15:50 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2010.04.06 15:12:06 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011.01.10 20:56:10 | 000,271,360 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2011.01.10 20:56:05 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.09.03 06:13:46 | 000,137,144 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2010.07.29 12:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.07.29 12:31:26 | 000,096,920 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2010.04.08 09:11:56 | 000,108,048 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010.04.06 15:43:22 | 005,430,272 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010.04.06 14:23:12 | 000,157,184 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.03.02 13:57:42 | 000,105,856 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2010.03.02 13:57:42 | 000,105,856 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2010.03.02 13:57:42 | 000,105,856 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2010.03.02 09:43:20 | 001,263,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010.02.25 04:27:00 | 000,098,928 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\JME.sys -- (JME)
DRV - [2010.02.22 09:06:42 | 000,009,216 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2010.01.05 18:20:10 | 001,500,160 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2009.12.22 02:26:36 | 000,030,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2009.12.07 19:53:18 | 000,103,168 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.10.12 15:22:56 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.08.18 09:23:28 | 000,119,408 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.06.05 11:14:42 | 001,766,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009.05.05 03:00:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = dnl.crawler.com/support/sa_customize.aspx?TbId=60264
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = crawler.com/search/ie.aspx?tb_id=60264
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\InprocServer32 File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = toolbar.inbox.com/search/dispatcher.aspx?tp.....;%language
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = eu.ask.com?o=16237&l=dis
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\InprocServer32 File not found
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKCU\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Shareaza Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.shareazaweb.com/"
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:2.0
FF - prefs.js..extensions.enabledItems: {D238F46A-64EC-11DE-9C5A-D54056D89593}:3.1
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.2.5.2
FF - prefs.js..extensions.enabledItems: firefox@bandoo.com:5.0
FF - prefs.js..extensions.enabledItems: {7FF99715-3016-4381-84CE-E4E4C9673020}:1.0
FF - prefs.js..extensions.enabledItems: m3ffxtbr@mywebsearch.com:1.1
FF - prefs.js..extensions.enabledItems: siteranker@siteranker.com:1.0
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.12.2.100009
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - prefs.js..keyword.URL: "http://search.shareazaweb.com/web?src=ffb&systemid=3&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files\MyWebSearch\bar\2.bin\NPMyWebS.dll (MyWebSearch.com)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\2.bin [2011.10.18 13:47:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ [2011.02.26 13:23:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\siteranker@siteranker.com: C:\Program Files\SiteRanker\firefox\ [2011.02.28 15:12:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.21 17:36:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.29 19:56:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012.01.06 09:29:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\firefox@bandoo.com: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles/2xehbrsw.default\extensions\firefox@bandoo.com [2011.02.11 12:29:03 | 000,000,000 | ---D | M]

[2011.02.08 14:23:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2012.02.24 07:49:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions
[2011.02.11 12:29:10 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}
[2012.01.30 17:27:28 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2011.02.08 14:23:33 | 000,000,000 | ---D | M] (MediaBar) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}
[2011.02.11 11:28:38 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\engine@conduit.com
[2011.02.11 12:29:03 | 000,000,000 | ---D | M] (Bandoo for Firefox) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\firefox@bandoo.com
[2011.10.18 13:47:41 | 000,000,000 | ---D | M] (My Web Search) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\m3ffxtbr@mywebsearch.com
[2012.02.02 08:05:32 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\toolbar@ask.com
[2012.02.25 22:28:41 | 000,002,397 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2xehbrsw.default\searchplugins\askcom.xml
[2011.02.11 11:28:38 | 000,000,863 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2xehbrsw.default\searchplugins\conduit.xml
[2011.02.28 15:28:09 | 000,002,292 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2xehbrsw.default\searchplugins\inbox-search.xml
[2012.01.06 08:14:04 | 000,009,968 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2xehbrsw.default\searchplugins\mywebsearch.xml
[2010.08.12 09:21:06 | 000,002,510 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2xehbrsw.default\searchplugins\ShareazaWebSearch.xml
[2012.01.29 10:28:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.11.07 20:06:16 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
() (No name found) -- C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2XEHBRSW.DEFAULT\EXTENSIONS\YOUTUBE@2YOUTUBE.COM.XPI
[2012.02.21 17:36:59 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.20 17:38:24 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2007.07.26 13:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
[2010.08.12 09:21:06 | 000,002,510 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\ShareazaWebSearch.xml
[2012.02.20 17:38:24 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\12.0.742.100\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Users\User\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Program Files\Google\Chrome\Application\12.0.742.100\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\12.0.742.100\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files\MyWebSearch\bar\2.bin\NPMyWebS.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL (MyWebSearch.com)
O2 - BHO: (no name) - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\Program Files\SiteRanker\SiteRank.dll (Crawler, LLC)
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll ()
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (UrlHelper Class) - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\MediaBar\Datamngr\IEBHO.dll (Discordia, LTD)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll File not found
O2 - BHO: (MediaBar) - {EE9A4208-64EC-11DE-8440-204256D89593} - C:\Program Files\Shareaza Applications\MediaBar\ToolBar\ShareazaMediabarDx.dll ()
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll ()
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O3 - HKLM\..\Toolbar: (MediaBar) - {EE9A4208-64EC-11DE-8440-204256D89593} - C:\Program Files\Shareaza Applications\MediaBar\ToolBar\ShareazaMediabarDx.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\tbBitT.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" File not found
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Shareaza Applications\MediaBar\Datamngr\datamngrUI.exe (Discordia, LTD)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [SiteRanker] C:\Program Files\SiteRanker\SiteRankTray.exe (Crawler, LLC)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [BitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE (MyWebSearch.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7548574A-4C8E-46A9-96D3-0FDBF9865B8F}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O20 - AppInit_DLLs: (c:\progra~1\sharea~1\mediabar\datamngr\datamngr.dll) - c:\Program Files\Shareaza Applications\MediaBar\Datamngr\datamngr.dll (Discordia, LTD)
O20 - AppInit_DLLs: (c:\progra~1\sharea~1\mediabar\datamngr\iebho.dll) - c:\Program Files\Shareaza Applications\MediaBar\Datamngr\IEBHO.dll (Discordia, LTD)
O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: C:\Users\User\AppData\LocalLow\FUNWEB~1\SCREEN~1\Images\f3wallpp.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | -H-- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{65d6a59d-2235-11e1-bae3-4e5d6071e03e}\Shell - "" = AutoRun
O33 - MountPoints2\{65d6a59d-2235-11e1-bae3-4e5d6071e03e}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{cf91ecd4-2641-11e1-80ca-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{cf91ecd4-2641-11e1-80ca-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{db9c5eb4-15e9-11e0-9c5c-20cf307546c6}\Shell - "" = AutoRun
O33 - MountPoints2\{db9c5eb4-15e9-11e0-9c5c-20cf307546c6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{de8bd167-12cc-11e0-9e79-20cf307546c6}\Shell - "" = AutoRun
O33 - MountPoints2\{de8bd167-12cc-11e0-9e79-20cf307546c6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f115759e-0ecb-11e0-a97d-20cf307546c6}\Shell - "" = AutoRun
O33 - MountPoints2\{f115759e-0ecb-11e0-a97d-20cf307546c6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f11575af-0ecb-11e0-a97d-20cf307546c6}\Shell - "" = AutoRun
O33 - MountPoints2\{f11575af-0ecb-11e0-a97d-20cf307546c6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012.02.26 19:40:00 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2012.02.26 12:06:39 | 000,776,320 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\User\Documents\install_flashplayer11x32_mssa_aih.exe
[2012.02.14 17:21:02 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Unity

========== Files - Modified Within 30 Days ==========

[2012.02.26 19:40:02 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2012.02.26 19:35:55 | 000,615,360 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.02.26 19:35:55 | 000,103,702 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.02.26 19:31:43 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.26 19:31:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.26 19:31:17 | 1608,908,800 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.26 12:07:33 | 000,776,320 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\User\Documents\install_flashplayer11x32_mssa_aih.exe
[2012.02.26 11:15:41 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.24 21:36:13 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2012.02.20 17:38:31 | 000,001,990 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012.02.14 22:59:24 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2012.02.03 13:09:40 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for User.job

========== Files Created - No Company Name ==========

[2012.01.29 19:56:21 | 000,001,108 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.12.19 08:09:21 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe
[2011.11.14 22:24:48 | 000,159,966 | ---- | C] () -- C:\Program Files\MUP-Zahtev za izdavanje uverenja.pdf
[2011.09.05 21:20:10 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011.07.10 20:18:51 | 000,003,584 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.11 13:35:27 | 000,000,048 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011.02.11 11:35:48 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.01.17 14:47:52 | 000,000,405 | ---- | C] () -- C:\Windows\hegames.ini
[2011.01.10 20:56:10 | 000,271,360 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2011.01.10 20:56:05 | 000,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.12.23 13:33:31 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.12.23 13:33:22 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.12.23 13:33:21 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.12.23 13:33:21 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.12.23 13:33:21 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.12.23 13:17:02 | 001,766,592 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2010.12.23 13:17:02 | 000,035,264 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2010.12.23 13:15:54 | 000,000,520 | R--- | C] () -- C:\Windows\System32\drivers\SamSfPa.dat
[2010.12.23 13:10:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.12.23 13:09:03 | 000,002,023 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010.06.08 14:19:24 | 000,692,224 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2010.06.08 14:19:24 | 000,151,552 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[2010.03.17 04:06:32 | 000,202,234 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >



mycity.rs/must-login.png

Poslao: 26 Feb 2012 22:50
Idi na vrh
offline
  • Fil  Male
  • Legendarni građanin
  • Pridružio: 11 Jun 2009
  • Poruke: 16586

Pozdrav,



Exclamation Nisi pravilno otvorila temu, jer imaš 32-bitni sistem. Zamolio bih te da precizno pratiš sledeća uputstva i da kod dela kopiranja skripte naročito obratiš pažnju da kopiraš ceo skript.



Korak 1:

Arrow Deinstaliraj sve nepotrebne programe i toolbarove (na primer, ask.com , conduit, crawler, bittorrent bar i slične).



Korak 2:

Arrow Ponovo pokreni program OTL dvoklikom na ikonicu;

U beli okvir prozora gde piše Custom Scans/Fixes iskopiraj sledeći tekst:

:OTL
SRV - [2011.03.22 10:36:19 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Running] -- C:\Program Files\MyWebSearch\bar\2.bin\MWSSVC.EXE -- (MyWebSearchService)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60264
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60264
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatcher.aspx?tp.....;%language
FF - prefs.js..browser.search.selectedEngine: "Shareaza Web Search"
FF - prefs.js..browser.startup.homepage: "http://search.shareazaweb.com/"
FF - prefs.js..keyword.URL: "http://search.shareazaweb.com/web?src=ffb&systemid=3&q="
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:2.0
FF - prefs.js..extensions.enabledItems: {D238F46A-64EC-11DE-9C5A-D54056D89593}:3.1
FF - prefs.js..extensions.enabledItems: {7FF99715-3016-4381-84CE-E4E4C9673020}:1.0
FF - prefs.js..extensions.enabledItems: m3ffxtbr@mywebsearch.com:1.1
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files\MyWebSearch\bar\2.bin\NPMyWebS.dll (MyWebSearch.com)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\2.bin [2011.10.18 13:47:41 | 000,000,000 | ---D | M]
[2011.02.11 12:29:10 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}
[2011.02.08 14:23:33 | 000,000,000 | ---D | M] (MediaBar) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}
[2011.10.18 13:47:41 | 000,000,000 | ---D | M] (My Web Search) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\m3ffxtbr@mywebsearch.com
[2011.02.28 15:28:09 | 000,002,292 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2xehbrsw.default\searchplugins\inbox-search.xml
[2012.01.06 08:14:04 | 000,009,968 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2xehbrsw.default\searchplugins\mywebsearch.xml
[2010.08.12 09:21:06 | 000,002,510 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2xehbrsw.default\searchplugins\ShareazaWebSearch.xml
[2010.08.12 09:21:06 | 000,002,510 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\ShareazaWebSearch.xml
() (No name found) -- C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2XEHBRSW.DEFAULT\EXTENSIONS\YOUTUBE@2YOUTUBE.COM.XPI
[2007.07.26 13:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files\MyWebSearch\bar\2.bin\NPMyWebS.dll
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL (MyWebSearch.com)
O2 - BHO: (no name) - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\Program Files\SiteRanker\SiteRank.dll (Crawler, LLC)
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll ()
O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll File not found
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll ()
O3 - HKLM\..\Toolbar: (MediaBar) - {EE9A4208-64EC-11DE-8440-204256D89593} - C:\Program Files\Shareaza Applications\MediaBar\ToolBar\ShareazaMediabarDx.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O4 - HKLM\..\Run: [DATAMNGR] C:\Program Files\Shareaza Applications\MediaBar\Datamngr\datamngrUI.exe (Discordia, LTD)
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE (MyWebSearch.com)
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKLM\..\Run: [SiteRanker] C:\Program Files\SiteRanker\SiteRankTray.exe (Crawler, LLC)
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE (MyWebSearch.com)
O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O20 - AppInit_DLLs: (c:\progra~1\sharea~1\mediabar\datamngr\datamngr.dll) - c:\Program Files\Shareaza Applications\MediaBar\Datamngr\datamngr.dll (Discordia, LTD)
O20 - AppInit_DLLs: (c:\progra~1\sharea~1\mediabar\datamngr\iebho.dll) - c:\Program Files\Shareaza Applications\MediaBar\Datamngr\IEBHO.dll (Discordia, LTD)
O33 - MountPoints2\{65d6a59d-2235-11e1-bae3-4e5d6071e03e}\Shell - "" = AutoRun
O33 - MountPoints2\{65d6a59d-2235-11e1-bae3-4e5d6071e03e}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{cf91ecd4-2641-11e1-80ca-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{cf91ecd4-2641-11e1-80ca-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{db9c5eb4-15e9-11e0-9c5c-20cf307546c6}\Shell - "" = AutoRun
O33 - MountPoints2\{db9c5eb4-15e9-11e0-9c5c-20cf307546c6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{de8bd167-12cc-11e0-9e79-20cf307546c6}\Shell - "" = AutoRun
O33 - MountPoints2\{de8bd167-12cc-11e0-9e79-20cf307546c6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f115759e-0ecb-11e0-a97d-20cf307546c6}\Shell - "" = AutoRun
O33 - MountPoints2\{f115759e-0ecb-11e0-a97d-20cf307546c6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f11575af-0ecb-11e0-a97d-20cf307546c6}\Shell - "" = AutoRun
O33 - MountPoints2\{f11575af-0ecb-11e0-a97d-20cf307546c6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun.exe

:files
C:\Program Files\MyWebSearch\
C:\Program Files\Shareaza Applications\
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\m3ffxtbr@mywebsearch.com
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2xehbrsw.default\searchplugins\inbox-search.xml
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2xehbrsw.default\searchplugins\mywebsearch.xml     
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2xehbrsw.default\searchplugins\ShareazaWebSearch.xml
C:\Program Files\mozilla firefox\searchplugins\ShareazaWebSearch.xml
C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2XEHBRSW.DEFAULT\EXTENSIONS\YOUTUBE@2YOUTUBE.COM.XPI
C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml

:Commands
[purity]
[EmptyTemp]
[Reboot]

Klikni na dugme Run Fix;


Izveštaj (Log) koji dobiješ iskopiraj ovde u poruci.



Korak 3:

Arrow Postavi mi svež OTL log:

Dvoklikom pokreni OTL;

klikni na dugme Run Scan;

po završetku skeniranja, izveštaj će se otvoriti u programu Notepad (napomena: izveštaj će automatski biti sačuvan na Desktopu kao OTL.Txt) .

Priloži izveštaj OTL.Txt uz poruku korišćenjem opcije Prikači fajl.



Korak 4:

Arrow Preuzmi program RootRepeal sa jednog od sledećih linkova na Desktop:

RootRepeal mirror #1
RootRepeal mirror #2
RootRepeal mirror #3

Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i kliknite Save.


Raspakuj RootRepeal.zip u neki folder (uputstvo).
Dvoklikom pokreni RootRepeal.exe;

odaberi Report karticu (klikom na Report taster, dole, desno);

klikni Scan;

u prozoru koji se otvori (Select Scan), obeleži kućice ispred svih stavki i klikni OK;

u narednom prozoru (Select Drives) obeleži kućicu ispred sistemskog diska (obično C:\) i kliknite OK.

po završetku, izveštaj (koji će biti automatski sačuvan na sistemskom disku kao RootRepeal report datum (vreme).txt) će se otvoriti u Notepad-u.

Slikoviti prikaz postupka

Priloži kreirani izveštaj uz poruku korišćenjem opcije Prikači fajl.

Napomena: tipična lokacija izveštaja je C:\RootRepeal report datum (vreme).txt [datum (vreme) - datum i vreme skeniranja)].

Poslao: 27 Feb 2012 21:54
Idi na vrh
offline
  • Pridružio: 26 Feb 2012
  • Poruke: 4

Vise mi se ne pojavljuje ta poruka na zidu na Facebooku ali u svakom slucaju da zavrsimo zapoceto...

2.korak

All processes killed
========== OTL ==========
Service MyWebSearchService stopped successfully!
Service MyWebSearchService deleted successfully!
C:\Program Files\MyWebSearch\bar\2.bin\MWSSVC.EXE moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00A6FAF6-072E-44cf-8957-5838F569A31D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\ deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL moved successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
Prefs.js: "Shareaza Web Search" removed from browser.search.selectedEngine
Prefs.js: "http://search.shareazaweb.com/" removed from browser.startup.homepage
Prefs.js: "http://search.shareazaweb.com/web?src=ffb&systemid=3&q=" removed from keyword.URL
Prefs.js: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:2.0 removed from extensions.enabledItems
Prefs.js: {D238F46A-64EC-11DE-9C5A-D54056D89593}:3.1 removed from extensions.enabledItems
Prefs.js: {7FF99715-3016-4381-84CE-E4E4C9673020}:1.0 removed from extensions.enabledItems
Prefs.js: m3ffxtbr@mywebsearch.com:1.1 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@mywebsearch.com/Plugin\ deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\NPMyWebS.dll moved successfully.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\2.bin not found.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\components folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\skin\searchbar folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\skin\options folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\skin\lib\uwa folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\skin\lib\radio\images folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\skin\lib\radio\css folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\skin\lib\radio folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\skin\lib\panels\images folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\skin\lib\panels\css folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\skin\lib\panels folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\skin\lib folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\skin folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.YouTube.1217 folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257 folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255 folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227 folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\modules folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\lib folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\data\search folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\data folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020} folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\components folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\skin\searchbar folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\skin\options folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\skin\lib\uwa folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\skin\lib\radio\images folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\skin\lib\radio\css folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\skin\lib\radio folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\skin\lib\panels\images folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\skin\lib\panels\css folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\skin\lib\panels folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\skin\lib folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\skin folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\content\widgets\net.vmn.www.3.YouTube.1217 folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\content\widgets\net.vmn.www.3.Twitter.1227 folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\content\widgets folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\content\modules folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\content\lib folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\content\data\search folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\content\data folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome\content folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593}\chrome folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593} folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\m3ffxtbr@mywebsearch.com\chrome folder moved successfully.
C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\m3ffxtbr@mywebsearch.com folder moved successfully.
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2xehbrsw.default\searchplugins\inbox-search.xml moved successfully.
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2xehbrsw.default\searchplugins\mywebsearch.xml moved successfully.
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2xehbrsw.default\searchplugins\ShareazaWebSearch.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\ShareazaWebSearch.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml moved successfully.
File C:\Program Files\MyWebSearch\bar\2.bin\NPMyWebS.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}\ deleted successfully.
File C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\ deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}\ deleted successfully.
C:\Program Files\SiteRanker\SiteRank.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
File C:\Program Files\Crawler\Toolbar\ctbr.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FF99715-3016-4381-84CE-E4E4C9673020}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FF99715-3016-4381-84CE-E4E4C9673020}\ deleted successfully.
C:\Program Files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ deleted successfully.
File C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ deleted successfully.
File C:\Program Files\Crawler\Toolbar\ctbr.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FF99715-3016-4381-84CE-E4E4C9673020} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FF99715-3016-4381-84CE-E4E4C9673020}\ not found.
File C:\Program Files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EE9A4208-64EC-11DE-8440-204256D89593} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE9A4208-64EC-11DE-8440-204256D89593}\ deleted successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\ShareazaMediabarDx.dll moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
File C:\Program Files\Crawler\Toolbar\ctbr.dll not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\Program Files\Shareaza Applications\MediaBar\Datamngr\datamngrUI.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\Program Files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\Program Files\SiteRanker\SiteRankTray.exe moved successfully.
Registry key HKEY_CURRENT_USER\\Software\Microsoft\Windows\CurrentVersion\Run not found.
File C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search\ deleted successfully.
File C:\Program Files\Crawler\Toolbar\ctbr.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\tbr\ deleted successfully.
File C:\Program Files\Crawler\Toolbar\ctbr.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~1\sharea~1\mediabar\datamngr\datamngr.dll deleted successfully.
c:\Program Files\Shareaza Applications\MediaBar\Datamngr\datamngr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~1\sharea~1\mediabar\datamngr\iebho.dll deleted successfully.
c:\Program Files\Shareaza Applications\MediaBar\Datamngr\IEBHO.dll moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65d6a59d-2235-11e1-bae3-4e5d6071e03e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{65d6a59d-2235-11e1-bae3-4e5d6071e03e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65d6a59d-2235-11e1-bae3-4e5d6071e03e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{65d6a59d-2235-11e1-bae3-4e5d6071e03e}\ not found.
File F:\Autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cf91ecd4-2641-11e1-80ca-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cf91ecd4-2641-11e1-80ca-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cf91ecd4-2641-11e1-80ca-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cf91ecd4-2641-11e1-80ca-806e6f6e6963}\ not found.
File F:\Autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{db9c5eb4-15e9-11e0-9c5c-20cf307546c6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{db9c5eb4-15e9-11e0-9c5c-20cf307546c6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{db9c5eb4-15e9-11e0-9c5c-20cf307546c6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{db9c5eb4-15e9-11e0-9c5c-20cf307546c6}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{de8bd167-12cc-11e0-9e79-20cf307546c6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{de8bd167-12cc-11e0-9e79-20cf307546c6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{de8bd167-12cc-11e0-9e79-20cf307546c6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{de8bd167-12cc-11e0-9e79-20cf307546c6}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f115759e-0ecb-11e0-a97d-20cf307546c6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f115759e-0ecb-11e0-a97d-20cf307546c6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f115759e-0ecb-11e0-a97d-20cf307546c6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f115759e-0ecb-11e0-a97d-20cf307546c6}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f11575af-0ecb-11e0-a97d-20cf307546c6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f11575af-0ecb-11e0-a97d-20cf307546c6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f11575af-0ecb-11e0-a97d-20cf307546c6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f11575af-0ecb-11e0-a97d-20cf307546c6}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ not found.
File G:\Autorun.exe not found.
========== FILES ==========
C:\Program Files\MyWebSearch\bar\Settings folder moved successfully.
C:\Program Files\MyWebSearch\bar\Overlay folder moved successfully.
C:\Program Files\MyWebSearch\bar\Notifier folder moved successfully.
C:\Program Files\MyWebSearch\bar\Message folder moved successfully.
C:\Program Files\MyWebSearch\bar\icons folder moved successfully.
C:\Program Files\MyWebSearch\bar\History folder moved successfully.
C:\Program Files\MyWebSearch\bar\Game folder moved successfully.
C:\Program Files\MyWebSearch\bar\Avatar folder moved successfully.
C:\Program Files\MyWebSearch\bar\2.bin\chrome folder moved successfully.
C:\Program Files\MyWebSearch\bar\2.bin folder moved successfully.
C:\Program Files\MyWebSearch\bar\1.bin\chrome folder moved successfully.
C:\Program Files\MyWebSearch\bar\1.bin folder moved successfully.
C:\Program Files\MyWebSearch\bar folder moved successfully.
C:\Program Files\MyWebSearch folder moved successfully.
C:\Program Files\Shareaza Applications\Shareaza\Skins\Images folder moved successfully.
C:\Program Files\Shareaza Applications\Shareaza\Skins\html\videosview\images folder moved successfully.
C:\Program Files\Shareaza Applications\Shareaza\Skins\html\videosview folder moved successfully.
C:\Program Files\Shareaza Applications\Shareaza\Skins\html\images folder moved successfully.
C:\Program Files\Shareaza Applications\Shareaza\Skins\html\colorschemebubble\images folder moved successfully.
C:\Program Files\Shareaza Applications\Shareaza\Skins\html\colorschemebubble folder moved successfully.
C:\Program Files\Shareaza Applications\Shareaza\Skins\html\cdripview folder moved successfully.
C:\Program Files\Shareaza Applications\Shareaza\Skins\html\artistsview folder moved successfully.
C:\Program Files\Shareaza Applications\Shareaza\Skins\html\albumsview\images folder moved successfully.
C:\Program Files\Shareaza Applications\Shareaza\Skins\html\albumsview folder moved successfully.
C:\Program Files\Shareaza Applications\Shareaza\Skins\html folder moved successfully.
C:\Program Files\Shareaza Applications\Shareaza\Skins folder moved successfully.
C:\Program Files\Shareaza Applications\Shareaza\HTML\Images folder moved successfully.
C:\Program Files\Shareaza Applications\Shareaza\HTML folder moved successfully.
C:\Program Files\Shareaza Applications\Shareaza folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\components folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\skin\searchbar folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\skin\options folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\skin\lib\uwa folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\skin\lib\radio\css folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\skin\lib\radio folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\skin\lib\panels\css folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\skin\lib\panels folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\skin\lib folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\skin folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217 folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227 folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\content\widgets folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\content\modules folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\content\lib folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\content\data\search folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\content\data folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome\content folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar\chrome folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\ToolBar folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\Datamngr\FirefoxExtension\content folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\Datamngr\FirefoxExtension\components folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\Datamngr\FirefoxExtension folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar\Datamngr folder moved successfully.
C:\Program Files\Shareaza Applications\MediaBar folder moved successfully.
C:\Program Files\Shareaza Applications folder moved successfully.
File\Folder C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020} not found.
File\Folder C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\{D238F46A-64EC-11DE-9C5A-D54056D89593} not found.
File\Folder C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\2xehbrsw.default\extensions\m3ffxtbr@mywebsearch.com not found.
File\Folder C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2xehbrsw.default\searchplugins\inbox-search.xml not found.
File\Folder C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2xehbrsw.default\searchplugins\mywebsearch.xml not found.
File\Folder C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\2xehbrsw.default\searchplugins\ShareazaWebSearch.xml not found.
File\Folder C:\Program Files\mozilla firefox\searchplugins\ShareazaWebSearch.xml not found.
C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2XEHBRSW.DEFAULT\EXTENSIONS\youtube@2youtube.com.xpi moved successfully.
File\Folder C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: User
->Temp folder emptied: 36585542 bytes
->Temporary Internet Files folder emptied: 38008957 bytes
->Java cache emptied: 1706089 bytes
->FireFox cache emptied: 509220043 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 59272 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 592231 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 559,00 mb


OTL by OldTimer - Version 3.2.33.2 log created on 02272012_211402

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

3. korak



mycity.rs/must-login.png

4. korak

prilikom pokretanja RootRepeal.exe prijavljuje mi gresku



mycity.rs/must-login.png

a ono sto mi izbaci nakon odradjenih koraka je



mycity.rs/must-login.png

pozdrav

Poslao: 27 Feb 2012 22:16
Idi na vrh
offline
  • Fil  Male
  • Legendarni građanin
  • Pridružio: 11 Jun 2009
  • Poruke: 16586

Stanje izgleda mnogo bolje i ubijena je stavka koja ti je pravila problem. Smile

Još da proverimo sistem na prisustvo rootkita.

Arrow Preuzmi Rootkit Unhooker na Desktop.

Dvoklikom pokreni program;

odaberi Report karticu;

klikni Scan i u prozoru koji se otvori štrikliraj stavke:

SSDT
Shadow SSDT
Processes
Drivers
Stealth Code
Files
Code Hooks
klikni OK i sačekaj završetak skeniranja.

Kada skeniranje bude završeno, klikni File > Save Report i sačuvaj izveštaj.

Izveštaj programa Rootkit Unhooker priloži uz poruku korišćenjem opcije Prikači fajl

Poslao: 27 Feb 2012 22:22
Idi na vrh
offline
  • Pridružio: 26 Feb 2012
  • Poruke: 4

mycity.rs/must-login.png

Poslao: 27 Feb 2012 22:30
Idi na vrh
offline
  • Fil  Male
  • Legendarni građanin
  • Pridružio: 11 Jun 2009
  • Poruke: 16586

OK, to je to. Stanje je uredno.



Arrow Ponovo pokreni OTL i klikni na opciju CleanUp.


Arrow Neophodno je isključiti i ponovo uključiti System Restore.
To možeš uraditi po sledećem uputstvu:

http://www.mycity.rs/MyCity-Laboratorija/Kako-iskl.....sta-7.html


Idea Preporučujem ti da koristiš program MCShield za zaštitu USB memorijskih uređaja.

Program možeš preuzeti sa OVOG linka. Nakon instalacije programa, priključi USB memorijske uređaje, i oni će biti skenirani. Na kraju skeniranja ćeš dobiti izveštaj da je uređaj čist ili obaveštenje o uklonjenom malware-u.


Idea Takođe, poseti ovu temu da vidiš da li ti je pretraživač ranjiv i instaliraš ažurirane komponente
http://www.mycity.rs/Propusti-i-azuriranja/Testira.....anjiv.html

Poslao: 27 Feb 2012 23:00
Idi na vrh
offline
  • Pridružio: 26 Feb 2012
  • Poruke: 4

Hvala puno, mnogo ste mi pomogli...
Sve najbolje...

Pozdrav

MyCity » Ambulanta -> Arhiva Ambulante » Facebook spam

Ko je trenutno na forumu
 

Ukupno su 829 korisnika na forumu :: 37 registrovanih, 6 sakrivenih i 786 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., Andrija357, antonije64, Arahne, babaroga, bokisha253, BORUTUS, Dovla, Dukelander, HrcAk47, kihot, ksyyaj, ladro, laganini123, Lieutenant, Litostroton, LUDI, Luka1998, maiden6657, Marko Marković, mercedesamg, mik7, mikrimaus, Milos ZA, naki011, Ne doznajem se u oružje, nebkv, nesa1962, raptorsi, robertino, ruger357, stegonosa, Stoilkovic, vathra, YugoSlav, zlaya011, Žrnov