Virus Win32/Spy.KeyLogger.NHI trojan

1

Virus Win32/Spy.KeyLogger.NHI trojan

offline
  • Pridružio: 19 Apr 2012
  • Poruke: 33

Napisano: 19 Apr 2012 19:30

Dobar dan.Trebam pomoc oko ovoga virusa.Zamrznu mi se svi internet pretrazivaci koje koristim-narocito mozilla.Virus je vec odavno u laptopu i ne znam odakle sam ga skupio.Problem nisam pokusao rijesiti,brzina interneta je :Dawnload speed-90.68 Mbps,Upload speed-83.69 Mbps,

Ovo su scan rezultati antivirusnog programa

mycity.rs/must-login.png

Ovo su rezultati s vaseg programa.

mycity.rs/must-login.png


OTL logfile created on: 19.4.2012. 19:07:38 - Run 1
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Omrcen\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041a | Country: Hrvatska | Language: HRV | Date Format: d.M.yyyy.

3,99 Gb Total Physical Memory | 2,83 Gb Available Physical Memory | 70,82% Memory free
7,99 Gb Paging File | 6,81 Gb Available in Paging File | 85,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 308,58 Gb Free Space | 66,27% Space Free | Partition Type: NTFS

Computer Name: OMRCEN-PC | User Name: Omrcen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.04.19 19:07:20 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Omrcen\Downloads\OTL.exe
PRC - [2012.03.22 19:55:03 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.05.12 16:05:26 | 000,420,723 | ---- | M] () -- C:\OptionalComponents\lsass.exe
PRC - [2009.03.19 12:44:50 | 000,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe


========== Modules (No Company Name) ==========

MOD - [2012.04.18 17:45:10 | 000,085,288 | ---- | M] () -- C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCoreGecko11.dll
MOD - [2012.03.22 19:55:03 | 001,969,080 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.12.11 22:11:25 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2010.05.12 16:05:26 | 000,420,723 | ---- | M] () -- C:\OptionalComponents\lsass.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012.04.05 13:08:24 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.08.18 02:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.04.12 03:26:35 | 000,578,878 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ESET\ESET Smart Security\Shahed.exe -- (.EsetTrialReset)
SRV:64bit: - [2009.03.19 12:48:10 | 000,023,296 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2009.03.19 12:44:50 | 000,731,840 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV - [2012.04.05 13:08:34 | 002,143,552 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.04.05 13:08:24 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.06.29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2010.05.08 12:18:43 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.04.16 09:05:53 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.11.25 08:17:50 | 000,359,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2009.11.25 08:17:50 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2009.11.25 08:17:50 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2009.11.25 08:17:50 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2009.10.21 22:50:24 | 000,013,872 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmmouse.sys -- (vmmouse)
DRV:64bit: - [2009.10.21 22:47:08 | 000,086,576 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vm3dmp.sys -- (vm3dmp)
DRV:64bit: - [2009.10.07 20:26:24 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009.09.30 16:34:30 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.09.24 08:47:06 | 000,175,328 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iSSetup.sys -- (iSSetup)
DRV:64bit: - [2009.09.22 17:39:56 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009.09.15 00:00:00 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:64bit: - [2009.08.21 14:48:18 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.08.18 03:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.27 00:00:00 | 000,056,664 | ---- | M] (O2Micro ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\o2mdx64.sys -- (O2MDRDR)
DRV:64bit: - [2009.07.27 00:00:00 | 000,056,096 | ---- | M] (O2Micro) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\o2sdx64.sys -- (O2SDRDR)
DRV:64bit: - [2009.07.17 01:51:54 | 000,028,192 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvamacpi.sys -- (nvamacpi)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.04 19:27:02 | 000,055,808 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rixdpe64.sys -- (rixdpcie)
DRV:64bit: - [2009.07.02 08:54:52 | 000,060,416 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimspe64.sys -- (rimspci)
DRV:64bit: - [2009.07.01 18:31:58 | 000,080,896 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\risdpe64.sys -- (risdpcie)
DRV:64bit: - [2009.06.25 17:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009.06.25 16:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009.06.25 16:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009.06.13 02:19:36 | 000,041,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qd262x64.sys -- (ioatdma2) Intel(R)
DRV:64bit: - [2009.06.13 02:19:32 | 000,040,144 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qd162x64.sys -- (ioatdma1)
DRV:64bit: - [2009.06.10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 22:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.12 14:40:42 | 000,072,192 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTSTOR64.sys -- (RTSTOR)
DRV:64bit: - [2009.05.05 06:31:00 | 000,025,752 | ---- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\xfiltx64.sys -- (xfiltx64)
DRV:64bit: - [2009.05.05 06:29:34 | 000,015,000 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\videX64.sys -- (videX64)
DRV:64bit: - [2009.04.16 12:45:46 | 000,461,320 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MegaSR1.sys -- (MegaSR1)
DRV:64bit: - [2009.03.19 12:46:04 | 000,044,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2009.03.19 12:45:56 | 000,164,936 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2009.03.19 12:45:56 | 000,033,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:64bit: - [2009.03.19 12:44:36 | 000,134,024 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2009.03.19 12:41:42 | 000,142,776 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamon.sys -- (eamon)
DRV:64bit: - [2009.02.11 17:26:18 | 000,407,576 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.01.19 20:32:22 | 000,334,344 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2008.10.09 15:45:26 | 000,018,784 | ---- | M] (JMicron ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\johci.sys -- (johci)
DRV:64bit: - [2008.07.09 16:51:54 | 000,136,192 | ---- | M] (VIA Technologies inc,.ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viamrx64.sys -- (viamrx64)
DRV:64bit: - [2008.05.15 23:23:21 | 000,028,208 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2008.04.15 16:09:20 | 000,067,224 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ViPrtX64.sys -- (ViPrtX64)
DRV:64bit: - [2008.04.15 16:05:48 | 000,025,240 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ViBusX64.sys -- (ViBusX64)
DRV:64bit: - [2008.01.18 06:14:06 | 000,041,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qd260x64.sys -- (ioatdma) Intel(R)
DRV:64bit: - [2007.11.13 16:47:18 | 000,080,424 | ---- | M] (Silicon Image, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PnP680.sys -- (Pnp680)
DRV:64bit: - [2007.10.03 16:51:00 | 000,022,056 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiWinAcc.sys -- (SiFilter)
DRV:64bit: - [2007.10.03 16:50:52 | 000,017,448 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiRemFil.sys -- (SiRemFil)
DRV:64bit: - [2007.10.03 16:50:26 | 000,090,664 | ---- | M] (Silicon Image, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SI3132.sys -- (SI3132)
DRV:64bit: - [2007.06.01 11:29:06 | 000,330,544 | ---- | M] (Silicon Image, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Si3531.sys -- (Si3531)
DRV:64bit: - [2007.05.11 19:01:10 | 000,070,424 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2007.04.11 23:30:04 | 000,043,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IAMTVE.sys -- (IAMTVE) Driver for Intel(R)
DRV:64bit: - [2007.04.11 23:29:58 | 000,051,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IAMTXPE.sys -- (IAMTXPE) Driver for Intel(R)
DRV:64bit: - [2007.04.11 16:02:42 | 000,163,632 | ---- | M] (Silicon Image, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SI3114r.sys -- (SI3114r)
DRV:64bit: - [2007.02.01 17:53:08 | 000,164,656 | ---- | M] (Silicon Image, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SI3112r.sys -- (SI3112r)
DRV:64bit: - [2007.01.24 18:07:08 | 000,064,888 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SISAGPX.SYS -- (SISAGP)
DRV:64bit: - [2006.11.10 12:48:48 | 000,099,120 | ---- | M] (Silicon Image, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SI3114.sys -- (SI3114)
DRV:64bit: - [2006.11.02 17:25:04 | 000,113,456 | ---- | M] (Silicon Image, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SI3124.sys -- (SI3124)
DRV:64bit: - [2006.11.01 08:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2006.09.20 12:38:28 | 000,334,640 | ---- | M] (Silicon Image, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Si3124r5.sys -- (Si3124r5)
DRV:64bit: - [2006.09.18 15:26:04 | 000,093,472 | ---- | M] (HighPoint Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hptmv.sys -- (hptmv)
DRV:64bit: - [2005.09.23 01:20:00 | 000,059,392 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VIAAGP1.SYS -- (viaagp1)
DRV - [2012.02.09 13:16:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [1999.07.20 06:38:00 | 000,073,216 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\SENTINEL.SYS -- (Sentinel)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = search.babylon.com/home?AF=100581
IE - HKCU\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=100581
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = websearch.ask.com/redirect?client=ie&tb.....crm&q={searchTerms}&locale=en_EU&apn_ptnrs=QO&apn_dtid=YYYYYYYYHR&apn_uid=F4200884-3655-4024-9080-B169CC41C9AF&apn_sauid=07C7EF3F-37DF-49AF-B027-9ABA81F2C6F7
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559
IE - HKCU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKCU\..\SearchScopes\{FC9B49AC-5339-41D7-9F1E-70D4CDB8D37D}: "URL" = search.yahoo.com/search?fr=chr-greentree_ie.....811&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.hr"
FF - prefs.js..extensions.enabledItems: youtubedownloader@mybrowserbar.com:1.0
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}:2.5.6.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.19 15:09:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.19 15:09:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.19 15:09:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.19 15:09:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010.04.16 09:07:17 | 000,000,000 | ---D | M]

[2010.04.16 11:38:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Omrcen\AppData\Roaming\Mozilla\Extensions
[2012.04.19 17:07:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions
[2010.11.14 14:48:58 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2012.04.19 17:07:08 | 000,000,000 | ---D | M] (BS Player Community Toolbar) -- C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2011.05.12 17:48:04 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\engine@conduit.com
[2012.02.01 10:03:17 | 000,000,000 | ---D | M] ("GOM Player + Ask Toolbar") -- C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com
[2012.04.19 17:07:11 | 000,002,396 | ---- | M] () -- C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\searchplugins\askcom.xml
[2010.01.20 13:13:52 | 000,000,921 | ---- | M] () -- C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\searchplugins\conduit.xml
[2010.11.14 14:49:37 | 000,001,196 | ---- | M] () -- C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\searchplugins\winamp-search.xml
[2011.11.13 17:38:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.03.22 19:55:03 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.04.28 10:12:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.07.12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011.11.17 18:40:14 | 000,002,311 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.02.16 09:19:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.02.16 09:19:08 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.250.6 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U25 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files (x86)\Sony\Media Go\npmediago.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Omrcen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Omrcen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Omrcen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [configuration] C:\Windows\configuration\configuration.exe ()
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_Plugin.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Omrcen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\configuration.lnk = C:\configuration\configuration.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.5.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D9E331C3-A884-4B6D-969B-9DC6B547568C}: DhcpNameServer = 10.5.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - No CLSID value found.
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O27:64bit: - HKLM IFEO\excel.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\infopath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\mspub.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\onenote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\outlook.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\winword.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\excel.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\infopath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\mspub.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\onenote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\outlook.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\winword.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{d26c4fba-d4a8-11df-b73d-001f16c19dbb}\Shell - "" = AutoRun
O33 - MountPoints2\{d26c4fba-d4a8-11df-b73d-001f16c19dbb}\Shell\AutoRun\command - "" = F:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012.04.19 18:32:59 | 000,000,000 | ---D | C] -- C:\Users\Omrcen\AppData\Local\Apple Computer
[2012.04.19 17:26:44 | 000,000,000 | ---D | C] -- C:\Users\Omrcen\AppData\Local\VirtualStore
[2012.04.19 17:15:57 | 000,000,000 | RHSD | C] -- C:\configuration
[2012.04.19 17:15:42 | 000,000,000 | RHSD | C] -- C:\OptionalComponents
[2012.04.19 16:58:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.04.19 16:55:53 | 000,035,648 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2012.04.19 16:55:53 | 000,028,992 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2012.04.19 16:54:36 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2012.04.19 16:54:36 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2012.04.19 16:54:33 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2012.04.19 16:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2012.04.19 16:53:55 | 000,000,000 | ---D | C] -- C:\Users\Omrcen\AppData\Roaming\TuneUp Software
[2012.04.19 16:53:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2012
[2012.04.19 16:53:02 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012.04.19 16:52:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.04.12 09:04:49 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.04.12 09:04:48 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.04.12 09:04:47 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.04.12 09:04:47 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.04.12 09:04:47 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.04.12 09:04:47 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.04.12 09:04:47 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.04.12 09:04:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.04.12 09:04:46 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.04.12 09:04:46 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.04.12 09:04:46 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.04.12 09:04:16 | 005,473,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.04.12 09:04:14 | 003,971,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.04.12 09:04:12 | 003,915,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.04.12 09:01:27 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012.04.12 09:01:27 | 000,022,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012.04.12 09:01:26 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll

========== Files - Modified Within 30 Days ==========

[2012.04.19 18:57:27 | 000,017,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.19 18:57:27 | 000,017,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.19 18:54:04 | 000,740,046 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.04.19 18:54:04 | 000,625,568 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.04.19 18:54:04 | 000,111,206 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.04.19 18:49:52 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.04.19 18:49:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.19 18:48:44 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2012.04.19 17:46:01 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.04.19 17:15:57 | 000,000,583 | ---- | M] () -- C:\Users\Omrcen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\configuration.lnk
[2012.04.19 16:54:18 | 000,002,179 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2012.04.19 16:54:18 | 000,002,153 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012.04.19 15:16:07 | 020,847,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imageres.dll
[2012.04.13 13:00:22 | 000,002,350 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.04.05 13:08:36 | 000,034,624 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2012.04.05 13:08:24 | 000,035,648 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2012.04.05 13:08:24 | 000,028,992 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2012.04.05 13:08:24 | 000,025,920 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2012.04.05 13:08:24 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll

========== Files Created - No Company Name ==========

[2012.04.19 18:48:44 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2012.04.19 17:15:57 | 000,000,583 | ---- | C] () -- C:\Users\Omrcen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\configuration.lnk
[2012.04.19 16:54:18 | 000,002,179 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2012.04.19 16:54:18 | 000,002,165 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2012.04.19 16:54:18 | 000,002,153 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2011.08.10 14:22:32 | 000,000,752 | ---- | C] () -- C:\Windows\SysWow64\jahdgsd.dll
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.12.16 11:49:47 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2010.10.22 14:13:47 | 000,009,993 | ---- | C] () -- C:\Windows\SysWow64\Derive6.INI
[2010.10.15 22:07:48 | 000,073,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\SENTINEL.SYS
[2010.10.15 22:07:48 | 000,047,616 | ---- | C] () -- C:\Windows\SysWow64\SNTI386.DLL
[2010.10.15 22:07:48 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\RNBOVDD.DLL
[2010.10.15 22:07:13 | 000,093,456 | ---- | C] () -- C:\Windows\SysWow64\GAPI32.DLL
[2010.08.12 15:34:55 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.06.26 14:41:27 | 000,007,680 | ---- | C] () -- C:\Users\Omrcen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

< End of report >




Dopuna: 19 Apr 2012 19:31

Windows je sedmica, 64-bitni

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6098

@Phil Ivey
Pozdrav i dobrodosao na forum. Wink

Arrow Ne prikljucuj USB uredjaje ( fleske ) u racunar dok radimo ciscenje sistema.

Arrow Isprati sledece uputstvo:

Ponovo pokreni program OTL dvoklikom na ikonicu;

U beli okvir prozora gde piše Custom Scans/Fixes iskopirati sledeći tekst:

:files
C:\OptionalComponents
C:\configuration

:OTL
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=100581
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=100581
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb.....crm&q={searchTerms}&locale=en_EU&apn_ptnrs=QO&apn_dtid=YYYYYYYYHR&apn_uid=F4200884-3655-4024-9080-B169CC41C9AF&apn_sauid=07C7EF3F-37DF-49AF-B027-9ABA81F2C6F7
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&q="
[2011.05.12 17:48:04 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\engine@conduit.com
[2012.04.19 17:07:11 | 000,002,396 | ---- | M] () -- C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\searchplugins\askcom.xml
[2010.01.20 13:13:52 | 000,000,921 | ---- | M] () -- C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\searchplugins\conduit.xml
[2011.11.17 18:40:14 | 000,002,311 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
O3 - HKLM\..\Toolbar: (no name) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [configuration] C:\Windows\configuration\configuration.exe ()
O4 - Startup: C:\Users\Omrcen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\configuration.lnk = C:\configuration\configuration.exe ()
O33 - MountPoints2\{d26c4fba-d4a8-11df-b73d-001f16c19dbb}\Shell - "" = AutoRun
O33 - MountPoints2\{d26c4fba-d4a8-11df-b73d-001f16c19dbb}\Shell\AutoRun\command - "" = F:\Startme.exe

:Commands
[emptytemp]
[emptyjava]
[Reboot]



Klikni taster Run Fix;


Log koji dobiješ iskopiraj ovde u poruci.

offline
  • Pridružio: 19 Apr 2012
  • Poruke: 33

Evo ga Very Happy


All processes killed
========== FILES ==========
C:\OptionalComponents\4F6D7263656E folder moved successfully.
C:\OptionalComponents folder moved successfully.
C:\configuration folder moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "Ask.com" removed from browser.search.selectedEngine
Prefs.js: toolbar@ask.com:3.9.1.14019 removed from extensions.enabledItems
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&q=" removed from keyword.URL
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\engine@conduit.com folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\searchplugins\askcom.xml moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\searchplugins\conduit.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\configuration deleted successfully.
C:\Windows\configuration\configuration.exe moved successfully.
C:\Users\Omrcen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\configuration.lnk moved successfully.
File C:\configuration\configuration.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d26c4fba-d4a8-11df-b73d-001f16c19dbb}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d26c4fba-d4a8-11df-b73d-001f16c19dbb}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d26c4fba-d4a8-11df-b73d-001f16c19dbb}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d26c4fba-d4a8-11df-b73d-001f16c19dbb}\ not found.
File F:\Startme.exe not found.
File ptytemp] not found.
File ptyjava] not found.
File boot] not found.

OTL by OldTimer - Version 3.2.40.0 log created on 04192012_210201

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...



mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6098

U redu, idemo dalje.

Arrow Ponovo pokreni OTL i psotavi mi svez log.


Arrow Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa.
- Sacekaj koji sekund dok program izvrsi inicijalno skeniranje.
- Ubacuj sve USB memorijske uredjaje redom u USB slot i svaki zadrzi u slotu po 10 sekundi.
- Ukoliko imas vise uredjaja za proveru, onda na parcetu papira zapisi kojim redom su ubacivani jer ce nam kasnije trebati taj podatak
- Kada zavrsis sa svim uredjajima, klikni desno dugme misa na sred prozora programa i odaberi opciju Save scrambled log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum.

Objasnjenje: U USB memorijske uredjaje spadaju svi oni uredjaji koji po prikljucivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uredjaji itd.

offline
  • Pridružio: 19 Apr 2012
  • Poruke: 33

Napisano: 19 Apr 2012 21:28

Run scan OTL


OTL logfile created on: 19.4.2012. 21:21:32 - Run 2
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Omrcen\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041a | Country: Hrvatska | Language: HRV | Date Format: d.M.yyyy.

3,99 Gb Total Physical Memory | 2,72 Gb Available Physical Memory | 68,16% Memory free
7,99 Gb Paging File | 6,68 Gb Available in Paging File | 83,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 308,57 Gb Free Space | 66,27% Space Free | Partition Type: NTFS

Computer Name: OMRCEN-PC | User Name: Omrcen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.04.19 21:18:01 | 000,446,976 | ---- | M] (MyCity) -- C:\Users\Omrcen\Downloads\usbnorisk.exe
PRC - [2012.04.19 19:07:20 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Omrcen\Downloads\OTL.exe
PRC - [2012.03.22 19:55:03 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009.03.19 12:44:50 | 000,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe


========== Modules (No Company Name) ==========

MOD - [2012.04.19 21:05:50 | 008,797,344 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2012.04.18 17:45:10 | 000,085,288 | ---- | M] () -- C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCoreGecko11.dll
MOD - [2012.03.22 19:55:03 | 001,969,080 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012.04.05 13:08:24 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.08.18 02:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.04.12 03:26:35 | 000,578,878 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ESET\ESET Smart Security\Shahed.exe -- (.EsetTrialReset)
SRV:64bit: - [2009.03.19 12:48:10 | 000,023,296 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2009.03.19 12:44:50 | 000,731,840 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV - [2012.04.19 21:05:50 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.04.05 13:08:34 | 002,143,552 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.04.05 13:08:24 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.06.29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2010.05.08 12:18:43 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.04.16 09:05:53 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.11.25 08:17:50 | 000,359,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2009.11.25 08:17:50 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2009.11.25 08:17:50 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2009.11.25 08:17:50 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2009.10.21 22:50:24 | 000,013,872 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmmouse.sys -- (vmmouse)
DRV:64bit: - [2009.10.21 22:47:08 | 000,086,576 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vm3dmp.sys -- (vm3dmp)
DRV:64bit: - [2009.10.07 20:26:24 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009.09.30 16:34:30 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.09.24 08:47:06 | 000,175,328 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iSSetup.sys -- (iSSetup)
DRV:64bit: - [2009.09.22 17:39:56 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009.09.15 00:00:00 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:64bit: - [2009.08.21 14:48:18 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.08.18 03:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.27 00:00:00 | 000,056,664 | ---- | M] (O2Micro ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\o2mdx64.sys -- (O2MDRDR)
DRV:64bit: - [2009.07.27 00:00:00 | 000,056,096 | ---- | M] (O2Micro) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\o2sdx64.sys -- (O2SDRDR)
DRV:64bit: - [2009.07.17 01:51:54 | 000,028,192 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvamacpi.sys -- (nvamacpi)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.04 19:27:02 | 000,055,808 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rixdpe64.sys -- (rixdpcie)
DRV:64bit: - [2009.07.02 08:54:52 | 000,060,416 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimspe64.sys -- (rimspci)
DRV:64bit: - [2009.07.01 18:31:58 | 000,080,896 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\risdpe64.sys -- (risdpcie)
DRV:64bit: - [2009.06.25 17:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009.06.25 16:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009.06.25 16:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009.06.13 02:19:36 | 000,041,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qd262x64.sys -- (ioatdma2) Intel(R)
DRV:64bit: - [2009.06.13 02:19:32 | 000,040,144 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qd162x64.sys -- (ioatdma1)
DRV:64bit: - [2009.06.10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 22:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.12 14:40:42 | 000,072,192 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTSTOR64.sys -- (RTSTOR)
DRV:64bit: - [2009.05.05 06:31:00 | 000,025,752 | ---- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\xfiltx64.sys -- (xfiltx64)
DRV:64bit: - [2009.05.05 06:29:34 | 000,015,000 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\videX64.sys -- (videX64)
DRV:64bit: - [2009.04.16 12:45:46 | 000,461,320 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MegaSR1.sys -- (MegaSR1)
DRV:64bit: - [2009.03.19 12:46:04 | 000,044,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2009.03.19 12:45:56 | 000,164,936 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2009.03.19 12:45:56 | 000,033,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:64bit: - [2009.03.19 12:44:36 | 000,134,024 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2009.03.19 12:41:42 | 000,142,776 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamon.sys -- (eamon)
DRV:64bit: - [2009.02.11 17:26:18 | 000,407,576 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.01.19 20:32:22 | 000,334,344 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2008.10.09 15:45:26 | 000,018,784 | ---- | M] (JMicron ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\johci.sys -- (johci)
DRV:64bit: - [2008.07.09 16:51:54 | 000,136,192 | ---- | M] (VIA Technologies inc,.ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viamrx64.sys -- (viamrx64)
DRV:64bit: - [2008.05.15 23:23:21 | 000,028,208 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2008.04.15 16:09:20 | 000,067,224 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ViPrtX64.sys -- (ViPrtX64)
DRV:64bit: - [2008.04.15 16:05:48 | 000,025,240 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ViBusX64.sys -- (ViBusX64)
DRV:64bit: - [2008.01.18 06:14:06 | 000,041,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qd260x64.sys -- (ioatdma) Intel(R)
DRV:64bit: - [2007.11.13 16:47:18 | 000,080,424 | ---- | M] (Silicon Image, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PnP680.sys -- (Pnp680)
DRV:64bit: - [2007.10.03 16:51:00 | 000,022,056 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiWinAcc.sys -- (SiFilter)
DRV:64bit: - [2007.10.03 16:50:52 | 000,017,448 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiRemFil.sys -- (SiRemFil)
DRV:64bit: - [2007.10.03 16:50:26 | 000,090,664 | ---- | M] (Silicon Image, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SI3132.sys -- (SI3132)
DRV:64bit: - [2007.06.01 11:29:06 | 000,330,544 | ---- | M] (Silicon Image, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Si3531.sys -- (Si3531)
DRV:64bit: - [2007.05.11 19:01:10 | 000,070,424 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2007.04.11 23:30:04 | 000,043,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IAMTVE.sys -- (IAMTVE) Driver for Intel(R)
DRV:64bit: - [2007.04.11 23:29:58 | 000,051,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IAMTXPE.sys -- (IAMTXPE) Driver for Intel(R)
DRV:64bit: - [2007.04.11 16:02:42 | 000,163,632 | ---- | M] (Silicon Image, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SI3114r.sys -- (SI3114r)
DRV:64bit: - [2007.02.01 17:53:08 | 000,164,656 | ---- | M] (Silicon Image, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SI3112r.sys -- (SI3112r)
DRV:64bit: - [2007.01.24 18:07:08 | 000,064,888 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SISAGPX.SYS -- (SISAGP)
DRV:64bit: - [2006.11.10 12:48:48 | 000,099,120 | ---- | M] (Silicon Image, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SI3114.sys -- (SI3114)
DRV:64bit: - [2006.11.02 17:25:04 | 000,113,456 | ---- | M] (Silicon Image, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SI3124.sys -- (SI3124)
DRV:64bit: - [2006.11.01 08:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2006.09.20 12:38:28 | 000,334,640 | ---- | M] (Silicon Image, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Si3124r5.sys -- (Si3124r5)
DRV:64bit: - [2006.09.18 15:26:04 | 000,093,472 | ---- | M] (HighPoint Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hptmv.sys -- (hptmv)
DRV:64bit: - [2005.09.23 01:20:00 | 000,059,392 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VIAAGP1.SYS -- (viaagp1)
DRV - [2012.02.09 13:16:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [1999.07.20 06:38:00 | 000,073,216 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\SENTINEL.SYS -- (Sentinel)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKCU\..\SearchScopes\{FC9B49AC-5339-41D7-9F1E-70D4CDB8D37D}: "URL" = search.yahoo.com/search?fr=chr-greentree_ie.....811&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.hr"


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.19 15:09:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.19 15:09:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.19 15:09:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.19 15:09:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010.04.16 09:07:17 | 000,000,000 | ---D | M]

[2010.04.16 11:38:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Omrcen\AppData\Roaming\Mozilla\Extensions
[2012.04.19 17:07:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions
[2010.11.14 14:48:58 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2012.04.19 17:07:08 | 000,000,000 | ---D | M] (BS Player Community Toolbar) -- C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2012.02.01 10:03:17 | 000,000,000 | ---D | M] ("GOM Player + Ask Toolbar") -- C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com
[2010.11.14 14:49:37 | 000,001,196 | ---- | M] () -- C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\searchplugins\winamp-search.xml
[2011.11.13 17:38:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.03.22 19:55:03 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.04.28 10:12:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.07.12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.02.16 09:19:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.02.16 09:19:08 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.250.6 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U25 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files (x86)\Sony\Media Go\npmediago.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Omrcen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Omrcen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Omrcen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.5.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D9E331C3-A884-4B6D-969B-9DC6B547568C}: DhcpNameServer = 10.5.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - No CLSID value found.
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O27:64bit: - HKLM IFEO\excel.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\infopath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\mspub.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\onenote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\outlook.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\winword.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\excel.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\infopath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\mspub.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\onenote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\outlook.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\winword.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012.04.19 21:19:56 | 000,000,000 | ---D | C] -- C:\USBNoRisk
[2012.04.19 21:05:50 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.04.19 21:02:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.04.19 18:32:59 | 000,000,000 | ---D | C] -- C:\Users\Omrcen\AppData\Local\Apple Computer
[2012.04.19 17:26:44 | 000,000,000 | ---D | C] -- C:\Users\Omrcen\AppData\Local\VirtualStore
[2012.04.19 16:58:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.04.19 16:55:53 | 000,035,648 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2012.04.19 16:55:53 | 000,028,992 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2012.04.19 16:54:36 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2012.04.19 16:54:36 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2012.04.19 16:54:33 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2012.04.19 16:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2012.04.19 16:53:55 | 000,000,000 | ---D | C] -- C:\Users\Omrcen\AppData\Roaming\TuneUp Software
[2012.04.19 16:53:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2012
[2012.04.19 16:53:02 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012.04.19 16:52:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.04.12 09:04:49 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.04.12 09:04:48 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.04.12 09:04:47 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.04.12 09:04:47 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.04.12 09:04:47 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.04.12 09:04:47 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.04.12 09:04:47 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.04.12 09:04:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.04.12 09:04:46 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.04.12 09:04:46 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.04.12 09:04:46 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.04.12 09:04:16 | 005,473,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.04.12 09:04:14 | 003,971,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.04.12 09:04:12 | 003,915,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.04.12 09:01:27 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012.04.12 09:01:27 | 000,022,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012.04.12 09:01:26 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll

========== Files - Modified Within 30 Days ==========

[2012.04.19 21:20:53 | 000,740,046 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.04.19 21:20:53 | 000,625,568 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.04.19 21:20:53 | 000,111,206 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.04.19 21:10:36 | 000,017,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.19 21:10:36 | 000,017,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.19 21:05:51 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.19 21:05:50 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.04.19 21:05:50 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.04.19 21:03:23 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.04.19 21:03:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.19 20:46:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.04.19 18:48:44 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2012.04.19 16:54:18 | 000,002,179 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2012.04.19 16:54:18 | 000,002,153 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012.04.19 15:16:07 | 020,847,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imageres.dll
[2012.04.13 13:00:22 | 000,002,350 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.04.05 13:08:36 | 000,034,624 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2012.04.05 13:08:24 | 000,035,648 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2012.04.05 13:08:24 | 000,028,992 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2012.04.05 13:08:24 | 000,025,920 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2012.04.05 13:08:24 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll

========== Files Created - No Company Name ==========

[2012.04.19 21:05:51 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.19 18:48:44 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2012.04.19 16:54:18 | 000,002,179 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2012.04.19 16:54:18 | 000,002,165 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2012.04.19 16:54:18 | 000,002,153 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2011.08.10 14:22:32 | 000,000,752 | ---- | C] () -- C:\Windows\SysWow64\jahdgsd.dll
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.12.16 11:49:47 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2010.10.22 14:13:47 | 000,009,993 | ---- | C] () -- C:\Windows\SysWow64\Derive6.INI
[2010.10.15 22:07:48 | 000,073,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\SENTINEL.SYS
[2010.10.15 22:07:48 | 000,047,616 | ---- | C] () -- C:\Windows\SysWow64\SNTI386.DLL
[2010.10.15 22:07:48 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\RNBOVDD.DLL
[2010.10.15 22:07:13 | 000,093,456 | ---- | C] () -- C:\Windows\SysWow64\GAPI32.DLL
[2010.08.12 15:34:55 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.06.26 14:41:27 | 000,007,680 | ---- | C] () -- C:\Users\Omrcen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

< End of report >



mycity.rs/must-login.png


UsbNoRisk

USBNoRisk 2.7 (28 December 2010) by bobby

Started at 19.4.2012. 21:18:06

Searching for connected USB Mass storage...
----------------------------------------
========================================

Searching for other storage...
----------------------------------------
C: {7287faed-4925-11df-9518-806e6f6e6963}
========================================


Scanning fixed storage...
----------------------------------------

No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 7287faed-4925-11df-9518-806e6f6e6963
No Desktop.ini files found on C:
----------------------------------------

========================================
Initial scan finished!
========================================


New device connected at 19.4.2012. 21:19:45

Scanning for connected USB mass storage...
----------------------------------------
E: {09f27a51-42ce-11e1-aeed-001f16c19dbb}
Added E:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on E:
----------------------------------------
No Autorun.inf files found on E:
Sanitized mountpoint for 09f27a51-42ce-11e1-aeed-001f16c19dbb
----------------------------------------

No Desktop.ini files found on E:
----------------------------------------

No mimics found on drive E:
----------------------------------------

No .lnk/.pif/.com/.scr files found on drive E:
========================================



mycity.rs/must-login.png

Dopuna: 19 Apr 2012 21:29

Samo jedan Usb uređaj

ADATA C906/8GB

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6098

Arrow Korak #1

Ponovo pokreni program OTL dvoklikom na ikonicu;

U beli okvir prozora gde piše Custom Scans/Fixes iskopirati sledeći tekst:

:OTL
[2012.02.01 10:03:17 | 000,000,000 | ---D | M] ("GOM Player + Ask Toolbar") -- C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - Reg Error: Value error. File not found

:Commands
[emptytemp]
[emptyjava]
[Reboot]



Klikni taster Run Fix;


Log koji dobiješ iskopiraj ovde u poruci.


Arrow Korak#2

- Pokrenuti USBNoRisk i sačekati da izvrši inicijalno skeniranje.

- Po završetku inicijalnog skeniranja priključiti USB memorijski uređaj.

- Kliknuti na karticu Script;

U beli okvir prozora iskopirati sledeći tekst:

{09f27a51-42ce-11e1-aeed-001f16c19dbb}
no_sh:
folder_list:%DRIVE%


- Izvršiti komandu klikom na taster Run Script;



Po izvršenju komande USBNoRisk će se automatski vratiti na karticu Monitor;

- Uraditi desni klik unutar belog okvira prozora i odabrati opciju Save Scrambled Log;

Otvoriće se prozor Notepad_a sa tekstom koji je potrebno iskopirati ovde u poruci.

offline
  • Pridružio: 19 Apr 2012
  • Poruke: 33

OTL


All processes killed
========== OTL ==========
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\logs folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\datastore folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-28-Mar-2012-07-06-04-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-27-Oct-2010-08-05-32-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-27-Apr-2011-21-07-43-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-23-Jun-2010-14-00-56-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-22-Feb-2012-17-42-40-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-22-Feb-2012-15-14-00-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-21-Jul-2010-07-31-10-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-21-Jul-2010-07-31-09-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-20-Oct-2010-19-27-59-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-18-Jan-2012-17-37-19-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-18-Jan-2012-15-50-33-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-18-Apr-2012-17-59-29-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-16-Nov-2011-16-15-31-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-15-Jun-2011-07-29-26-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-15-Feb-2012-09-01-11-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-14-Dec-2011-19-49-02-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-14-Dec-2011-11-47-43-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-14-Dec-2011-07-38-06-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-12-Oct-2011-18-43-44-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-11-Jan-2012-20-56-55-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-09-Feb-2011-12-03-18-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-08-Feb-2012-17-25-31-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-07-Dec-2011-11-12-59-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-04-Jan-2012-17-25-04-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-04-Apr-2012-16-32-23-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-03-Aug-2011-18-50-16-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-01-Jun-2011-11-10-06-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-30-Aug-2011-10-01-41-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-29-Nov-2011-08-45-35-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-27-Mar-2012-19-14-31-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-27-Mar-2012-07-11-39-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-26-Oct-2010-18-14-21-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-24-May-2011-11-41-08-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-22-Nov-2011-15-59-40-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-21-Feb-2012-21-53-45-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-20-Sep-2011-15-36-34-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-20-Mar-2012-15-49-43-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-20-Dec-2011-13-17-01-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-20-Dec-2011-08-11-21-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-19-Jul-2011-22-51-43-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-19-Apr-2011-20-29-15-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-17-Jan-2012-08-08-37-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-15-Nov-2011-21-48-43-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-15-Nov-2011-19-02-56-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-15-Nov-2011-16-29-54-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-14-Jun-2011-21-14-32-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-14-Jun-2011-07-26-22-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-14-Feb-2012-19-52-38-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-14-Feb-2012-08-06-06-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-13-Sep-2011-19-16-27-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-13-Dec-2011-17-08-06-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-13-Dec-2011-08-47-12-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-10-Jan-2012-08-25-40-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-10-Apr-2012-08-45-09-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-09-Aug-2011-16-29-40-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-07-Feb-2012-08-19-27-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-06-Sep-2011-21-31-06-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-06-Dec-2011-21-40-02-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-06-Dec-2011-14-15-19-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-05-Jul-2011-18-25-17-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-05-Apr-2011-14-29-28-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-03-Jan-2012-12-58-51-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-03-Apr-2012-07-49-28-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-02-Aug-2011-10-37-30-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-29-Jul-2010-11-22-45-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-29-Jul-2010-11-22-38-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-29-Dec-2011-01-45-30-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-28-Oct-2010-22-15-52-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-28-Jul-2011-22-23-34-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-27-Jan-2011-17-34-50-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-26-Jan-2012-14-26-43-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-24-Nov-2011-20-23-21-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-24-Nov-2011-17-24-47-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-23-Feb-2012-17-09-42-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-23-Feb-2012-13-17-11-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-22-Dec-2011-19-24-58-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-21-Oct-2010-17-00-47-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-21-Oct-2010-13-15-20-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-20-Jan-2011-15-50-32-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-19-Jan-2012-10-27-09-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-19-Apr-2012-15-07-10-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-18-Nov-2010-13-01-39-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-17-Nov-2011-08-28-47-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-16-Jun-2011-07-07-29-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-15-Sep-2011-19-27-00-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-15-Sep-2011-13-28-09-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-14-Jul-2011-11-06-21-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-13-Oct-2011-19-37-38-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-13-Oct-2011-13-07-19-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-13-Jan-2011-15-21-54-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-12-Jan-2012-20-02-13-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-12-Apr-2012-07-32-16-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-09-Feb-2012-13-41-40-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-08-Sep-2011-16-22-50-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-08-Sep-2011-10-52-50-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-05-May-2011-15-19-17-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-05-Jan-2012-21-29-59-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-05-Jan-2012-14-53-18-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-03-Feb-2011-20-06-40-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-02-Feb-2012-13-22-49-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-01-Dec-2011-10-58-20-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-30-Jan-2011-10-22-10-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-29-Jan-2012-16-38-52-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-29-Jan-2012-09-58-42-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-27-Nov-2011-22-43-46-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-27-Nov-2011-20-18-09-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-27-Nov-2011-16-35-55-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-27-Nov-2011-09-08-48-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-25-Mar-2012-17-17-23-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-25-Mar-2012-14-08-45-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-25-Mar-2012-13-15-20-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-25-Dec-2011-23-06-04-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-25-Dec-2011-16-46-16-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-25-Dec-2011-12-46-06-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-24-Oct-2010-10-14-35-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-24-Oct-2010-08-24-42-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-18-Sep-2011-18-10-38-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-17-Oct-2010-17-57-29-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-17-Oct-2010-10-01-58-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-15-May-2011-17-06-43-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-15-Jan-2012-11-20-53-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-14-Nov-2010-19-57-46-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-14-Nov-2010-12-16-17-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-13-Nov-2011-08-56-55-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-12-Jun-2011-21-06-41-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-11-Sep-2011-14-01-44-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-09-Oct-2011-13-05-29-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-09-Oct-2011-11-02-42-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-08-May-2011-18-53-12-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-08-Jan-2012-20-15-33-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-06-Feb-2011-08-45-00-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-04-Dec-2011-20-18-10-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-04-Dec-2011-09-58-50-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-01-Apr-2012-19-40-28-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-01-Apr-2012-14-35-01-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-01-Apr-2012-07-44-59-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-28-May-2011-14-40-16-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-28-Jan-2012-06-42-45-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-27-Aug-2011-12-54-13-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-26-Nov-2011-10-12-58-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-26-Feb-2011-15-17-56-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-25-Jun-2011-07-39-41-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-25-Feb-2012-10-21-45-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-24-Dec-2011-19-07-22-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-24-Dec-2011-12-31-32-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-23-Oct-2010-14-18-32-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-23-Oct-2010-12-46-39-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-23-Oct-2010-11-37-15-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-21-Jan-2012-21-33-17-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-20-Aug-2011-17-35-31-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-19-Nov-2011-16-11-41-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-17-Sep-2011-06-31-54-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-17-Dec-2011-14-52-07-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-17-Dec-2011-11-05-37-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-14-Jan-2012-14-40-05-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-13-Nov-2010-21-15-29-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-12-Feb-2011-17-15-20-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-11-Jun-2011-08-27-36-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-10-Sep-2011-19-10-14-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-10-Sep-2011-07-18-37-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-10-Mar-2012-20-03-00-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-10-Mar-2012-18-31-59-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-07-May-2011-11-26-18-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-05-Mar-2011-19-53-31-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Sep-2010-18-57-51-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Sep-2010-12-06-55-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Sep-2010-12-06-54-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Sep-2010-12-06-52-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Sep-2010-12-06-50-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Sep-2010-11-49-53-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Sep-2010-11-49-52-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Sep-2010-11-49-42-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Sep-2010-09-21-51-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Sep-2010-09-21-43-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Sep-2010-09-20-27-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Sep-2010-09-20-20-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Sep-2010-09-20-13-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Sep-2010-09-16-28-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Sep-2010-09-10-17-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Sep-2010-08-59-48-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Sep-2010-08-57-58-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Sep-2010-08-57-56-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Sep-2010-08-57-55-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Sep-2010-08-57-50-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Feb-2012-15-55-05-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Feb-2012-07-29-56-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-03-Dec-2011-12-54-05-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-02-Jul-2011-08-56-00-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-30-Jan-2012-07-24-09-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-29-Nov-2010-20-14-05-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-29-Nov-2010-17-50-54-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-28-Nov-2011-18-56-33-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-28-Nov-2011-14-05-25-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-27-Dec-2010-15-14-01-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-27-Dec-2010-12-12-32-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-26-Mar-2012-20-25-44-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-26-Dec-2011-23-20-39-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-26-Dec-2011-19-22-09-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-26-Dec-2011-10-09-40-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-25-Oct-2010-20-33-36-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-25-Oct-2010-17-30-36-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-25-Apr-2011-16-13-44-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-24-Jan-2011-19-36-01-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-23-May-2011-13-27-18-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-22-Aug-2011-17-21-54-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-22-Aug-2011-10-05-39-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-21-Nov-2011-22-25-39-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-20-Feb-2012-19-59-19-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-19-Sep-2011-19-39-59-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-19-Sep-2011-14-27-41-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-19-Dec-2011-21-05-17-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-19-Dec-2011-17-35-53-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-19-Dec-2011-15-05-10-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-19-Dec-2011-12-18-22-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-16-Jan-2012-19-10-32-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-16-Jan-2012-15-05-42-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-15-Nov-2010-15-52-23-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-14-Nov-2011-17-14-53-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-14-Mar-2011-18-19-01-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-13-Dec-2010-22-04-41-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-10-Oct-2011-19-04-47-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-10-Jan-2011-09-48-51-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-09-May-2011-18-08-24-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-09-Jan-2012-20-06-43-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-08-Nov-2010-20-01-33-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-06-Jun-2011-07-05-28-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-06-Feb-2012-11-24-00-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-06-Dec-2010-19-12-51-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-04-Jul-2011-11-47-54-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-30-Mar-2012-18-24-27-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-29-Jul-2011-15-52-14-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-27-Jan-2012-14-22-31-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-27-Jan-2012-13-29-55-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-25-Nov-2011-15-53-20-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-24-Feb-2012-17-15-40-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-24-Feb-2012-16-43-27-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-24-Feb-2012-12-14-17-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-22-Oct-2010-19-01-07-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-22-Oct-2010-15-26-16-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-22-Oct-2010-11-28-36-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-20-Jan-2012-12-34-57-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-19-Nov-2010-10-47-10-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-19-Aug-2011-22-10-22-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-19-Aug-2011-09-53-18-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-18-Nov-2011-11-25-09-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-18-Nov-2011-10-55-31-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-18-Nov-2011-09-05-46-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-17-Jun-2011-16-35-43-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-17-Dec-2010-09-08-59-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-16-Dec-2011-10-42-23-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-13-Jan-2012-19-47-38-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-11-Nov-2011-18-55-04-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-11-Feb-2011-16-48-47-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-10-Jun-2011-07-45-33-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-09-Sep-2011-07-11-15-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-09-Mar-2012-19-44-30-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-09-Mar-2012-13-30-40-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-06-Jan-2012-09-18-42-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-05-Nov-2010-15-46-50-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-04-Feb-2011-11-23-04-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-03-Feb-2012-17-34-08-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-01-Jul-2011-12-45-42-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-01-Apr-2011-07-08-02-GMT folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\temp folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com\chrome folder moved successfully.
Folder move failed. C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com scheduled to be moved on reboot.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Omrcen
->Temp folder emptied: 134072 bytes
->Temporary Internet Files folder emptied: 1523735 bytes
->Java cache emptied: 4997667 bytes
->FireFox cache emptied: 60932698 bytes
->Google Chrome cache emptied: 54462825 bytes
->Flash cache emptied: 18951 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 844 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36050762 bytes
RecycleBin emptied: 81385063 bytes

Total Files Cleaned = 228,00 mb


[EMPTYJAVA]

User: All Users

User: AppData

User: Default

User: Default User

User: Omrcen
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.40.0 log created on 04192012_214538

Files\Folders moved on Reboot...
C:\Users\Omrcen\AppData\Roaming\Mozilla\Firefox\Profiles\ayhzj4bb.default\extensions\toolbar@ask.com folder moved successfully.
C:\Users\Omrcen\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...





mycity.rs/must-login.png




UsbNoRisk


USBNoRisk 2.7 (28 December 2010) by bobby

Started at 19.4.2012. 21:50:29

Searching for connected USB Mass storage...
----------------------------------------
========================================

Searching for other storage...
----------------------------------------
C: {7287faed-4925-11df-9518-806e6f6e6963}
========================================


Scanning fixed storage...
----------------------------------------

No blocked files found on C:
No autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 7287faed-4925-11df-9518-806e6f6e6963
No Desktop.ini files found on C:
----------------------------------------

========================================
Initial scan finished!
========================================

Processing script
----------------------------------------


New device connected at 19.4.2012. 21:51:58

Scanning for connected USB mass storage...
----------------------------------------
E: {09f27a51-42ce-11e1-aeed-001f16c19dbb}
Added E:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on E:
----------------------------------------
No autorun.inf files found on E:
Sanitized mountpoint for 09f27a51-42ce-11e1-aeed-001f16c19dbb
----------------------------------------

No Desktop.ini files found on E:
----------------------------------------

No mimics found on drive E:
----------------------------------------

No .lnk/.pif/.com/.scr files found on drive E:
========================================

Processing script
----------------------------------------
09f27a51-42ce-11e1-aeed-001f16c19dbb
Drive letter for GUID: E:
SectionStart = 0
SectionEnd = 2
----------------------------------------
Unhide superhidden for E:\
----------------------------------------
-ra-- E:\_111_.txt > unhidden
----------------------------------------
Folder list for E:\:
----------------------------------------

d----   0   E:\THEWAR~1   E:\The Warriors (Directors Cut) (1979) DVDRip (SiRiUs sHaRe)
d----   0   E:\THEBIG~1.1   E:\The.Big.Bang.Theory.Season.1
d----   0   E:\IMAGE-~1.0@V   E:\Image-Line.FL.Studio.Edition.v10.0.0 @vAin4us
--a--   15901   E:\71405E~1.ZIP   E:\71405e028e1b7e31aec362564d671c85.zip
--a--   15894   E:\5A4ADD~1.ZIP   E:\5a4add5a889528ac30d6731d71e4d358c9306550.zip
--a--   12710   E:\18C1C8~1.ZIP   E:\18c1c8f2458f274a922be912f0005383.zip
-ra--   3   E:\_111_.txt   E:\_111_.txt
d----   0   E:\labosi   E:\labosi
d----   0   E:\PREDAV~1   E:\Predavanja
d----   0   E:\VJEŽBE   E:\VJEŽBE

----------------------------------------

========================================
Scan finished!
========================================



mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6098

U redu to je to. Logovi su sada cisti i nema tragova aktivnog malware-a.
Preporucujem ti da sada promenis sve svoje sifre na kompu.


Arrow Ponovo pokreni OTL i klikni na dugme Clean Up!



Idea Preporučujem ti da koristiš program MCShield za zaštitu USB memorijskih uređaja.

Program možeš preuzeti sa OVOG linka. Nakon instalacije programa, priključi USB memorijske uređaje, i oni će biti skenirani. Na kraju skeniranja ćeš dobiti izveštaj da je uređaj čist ili obaveštenje o uklonjenom malware-u.


Idea Takođe, mozeš posetiti ovu temu i proveriš da li ti je pretraživač ranjiv i instaliraš ažurirane komponente.
http://www.mycity.rs/Propusti-i-azuriranja/Testira.....anjiv.html

offline
  • Pridružio: 19 Apr 2012
  • Poruke: 33

Hvala ti.Evo sad sam skenirao i sve je u redu.Nema nikakvih virusa. Smile
E posto sam ja totalni neznalica sta se tice kompjutera,ne znam da li je moj windows original ili je krekirana verzija.Ukljuceni su mi updateovi pa ako je krekirana rado bi to iskljucio. Smile

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6098

Phil Ivey ::Hvala ti.Evo sad sam skenirao i sve je u redu.Nema nikakvih virusa. Smile

Nema na cemu. Wink


Citat:E posto sam ja totalni neznalica sta se tice kompjutera,ne znam da li je moj windows original ili je krekirana verzija.Ukljuceni su mi updateovi pa ako je krekirana rado bi to iskljucio. Smile

U Ambulanti radimo samo da detektovanju i uklanjanju malware-a.
Za sva dodatna pitanja, slobodno otvori novu temu u odgovarajucem forumu.

Jos nesto moras da znas.
Na mycity forumu je zabranjena piraterija. Preporucujem ti da procitas pravilnik.

Ko je trenutno na forumu
 

Ukupno su 360 korisnika na forumu :: 4 registrovanih, 0 sakrivenih i 356 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3028 - dana 22 Nov 2019 07:47

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Bane san, caesar, Mercury, nemkea71