FB vir prosim o pomoc (RSIT LOG)

Zpráva

sAshevA · #1 Příspěvek od **sAshevA** » 22 črc 2011 10:01

Dobry den , zase ten samý postup video na youtube pak stahnuti flash playeru a pak to spadlo , počitač se mi sám zapnul do nouzoveho režimu. už předtim sem tak trošku přeskočil návod a použil rovnou Combotfix nevím jestli to pomohlo tak rači posilám RKILL log a RSIT log a prosím o rady.. děkuji.

RKILL LOG

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 22.07.2011 at 10:58:42.
Operating System: Windows 7 Ultimate

Processes terminated by Rkill or while it was running:

Rkill completed on 22.07.2011 at 10:58:50.

EXEHELPERLOG

exeHelper by Raktor
Build 20100414
Run at 10:59:08 on 07/22/11
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--

ROGUEKILLER LOG

RogueKiller V5.2.7 [06/30/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows 7 (6.1.7600 ) 32 bits version
Started in : Normal mode
User: Alexandr [Admin rights]
Mode: Remove -- Date : 07/22/2011 11:00:36

Bad processes: 0

Registry Entries: 0

HOSTS File:
127.0.0.1 localhost

Finished : << RKreport[1].txt >>
RKreport[1].txt

RogueKiller V5.2.7 [06/30/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows 7 (6.1.7600 ) 32 bits version
Started in : Normal mode
User: Alexandr [Admin rights]
Mode: HOSTSFix -- Date : 07/22/2011 11:01:16

Bad processes: 0

HOSTS File:
127.0.0.1 localhost

Resetted HOSTS:
127.0.0.1 localhost

Finished : << RKreport[1].txt >>
RKreport[1].txt

RogueKiller V5.2.7 [06/30/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows 7 (6.1.7600 ) 32 bits version
Started in : Normal mode
User: Alexandr [Admin rights]
Mode: ProxyFix -- Date : 07/22/2011 11:01:28

Bad processes: 0

Registry Entries: 0

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

RSIT LOG

Logfile of random's system information tool 1.09 (written by random/random)
Run by Alexandr at 2011-07-22 11:13:21
Microsoft Windows 7 Ultimate
System drive C: has 4 GB (9%) free of 50 GB
Total RAM: 2813 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:13:30, on 22.7.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\System32\mobsync.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Alexandr\Desktop\RSIT.exe
C:\Program Files\trend micro\Alexandr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=15627
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\MediaBar\DataMngr\IEBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DataMngr] C:\PROGRA~1\IMESHA~1\MediaBar\DataMngr\DataMngrUI.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\IMESHA~1\MediaBar\DataMngr\datamngr.dll
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard - C:\Windows\system32\Hpservice.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: srviecheck - Unknown owner - C:\Windows\update.2\svchost.exe
O23 - Service: srvsysdriver32 - Unknown owner - C:\Windows\sysdriver32.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
O23 - Service: webcamXP Service (wxpSvc) - Unknown owner - C:\Program Files\wLite\wService.exe

--
End of file - 9189 bytes

======Scheduled tasks folder======

C:\Windows\tasks\HPCeeScheduleForAlexandr.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Alexandr\AppData\Roaming\Mozilla\Firefox\Profiles\dt0fyd16.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {28D35620-51D9-11DE-9D13-2DB156D89593}:3.1, radiobar@toolbar:1.0.0, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198, {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:3.6, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17, zigboom.designs@gmail.com:1.2.2"
prefs.js - "keyword.URL" - "http://search.babylon.com/?babsrc=adbartrp&AF=15627&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
AskHPRFF.js
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
iMeshWebSearch.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Alexandr\AppData\Roaming\Mozilla\Firefox\Profiles\dt0fyd16.default\extensions\
radiobar@toolbar
{28D35620-51D9-11DE-9D13-2DB156D89593}
{28D35620-51D9-11DE-9D13-2DB156D89593}chrome

C:\Users\Alexandr\AppData\Roaming\Mozilla\Firefox\Profiles\dt0fyd16.default\searchplugins\
askcom.xml
daemon-search.xml
iMeshWebSearch.xml
web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
UrlHelper Class - C:\Program Files\iMesh Applications\MediaBar\DataMngr\IEBHO.dll [2010-03-24 392624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}]
MediaBar - C:\Program Files\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll [2009-11-20 87472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - MediaBar - C:\Program Files\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll [2009-11-20 87472]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-29 1545512]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-07-27 288312]
"WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2009-10-23 563736]
"Broadcom Wireless Manager UI"=C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [2010-03-02 4367360]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-02-15 141608]
"DataMngr"=C:\PROGRA~1\IMESHA~1\MediaBar\DataMngr\DataMngrUI.exe [2010-03-24 797104]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-24 336384]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-09-27 328056]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Users\Alexandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\IMESHA~1\MediaBar\DataMngr\datamngr.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCMD"=0
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
"DisableCMD"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoFolderOptions"=0
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoFolderOptions"=0
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Windows\update.tray-7-0-lnk\svchost.exe"="C:\Windows\update.tray-7-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-7-0-lnk\svchost.exe"
"C:\Windows\update.1\svchost.exe"="C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe"
"C:\Windows\update.2\svchost.exe"="C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-07-22 11:13:21 ----D---- C:\rsit
2011-07-22 11:13:21 ----D---- C:\Program Files\trend micro
2011-07-22 10:42:00 ----HD---- C:\Windows\PIF
2011-07-22 01:30:07 ----A---- C:\Windows\l1rezerv.exe
2011-07-22 01:29:32 ----A---- C:\Windows\ddh_iplist.txt
2011-07-22 01:29:10 ----A---- C:\Windows\systemup.exe
2011-07-22 01:27:10 ----A---- C:\Windows\iecheck_iplist.txt
2011-07-22 01:26:45 ----HD---- C:\Windows\update.2
2011-07-22 01:23:49 ----HD---- C:\Windows\update.5.0
2011-07-22 01:21:29 ----A---- C:\Windows\iplist.txt
2011-07-22 01:21:23 ----A---- C:\Windows\sysdriver32_.exe
2011-07-22 01:21:09 ----A---- C:\Windows\sysdriver32.exe
2011-07-22 01:10:05 ----A---- C:\Windows\front_ip_list.txt
2011-07-22 01:09:03 ----D---- C:\Windows\temp
2011-07-22 01:09:02 ----A---- C:\ComboFix.txt
2011-07-22 01:05:33 ----D---- C:\$RECYCLE.BIN
2011-07-22 00:55:03 ----A---- C:\Windows\zip.exe
2011-07-22 00:55:03 ----A---- C:\Windows\SWSC.exe
2011-07-22 00:55:03 ----A---- C:\Windows\SWREG.exe
2011-07-22 00:55:03 ----A---- C:\Windows\sed.exe
2011-07-22 00:55:03 ----A---- C:\Windows\PEV.exe
2011-07-22 00:55:03 ----A---- C:\Windows\NIRCMD.exe
2011-07-22 00:55:03 ----A---- C:\Windows\MBR.exe
2011-07-22 00:55:03 ----A---- C:\Windows\grep.exe
2011-07-22 00:54:58 ----D---- C:\Windows\ERDNT
2011-07-22 00:54:52 ----D---- C:\Qoobox
2011-07-22 00:54:45 ----D---- C:\32788R22FWJFW
2011-07-21 23:40:31 ----D---- C:\ProgramData\ATI
2011-07-21 23:40:30 ----D---- C:\Program Files\AMD APP
2011-07-21 23:40:19 ----D---- C:\ProgramData\AMD
2011-07-21 23:40:15 ----A---- C:\Windows\system32\drivers\amdiox86.sys
2011-07-21 23:28:15 ----D---- C:\ATI
2011-07-21 23:22:27 ----D---- C:\Windows\ufa
2011-07-21 23:22:27 ----D---- C:\Windows\rpcminer
2011-07-21 23:22:27 ----D---- C:\Windows\phoenix
2011-07-21 23:22:07 ----A---- C:\Windows\unrar.exe
2011-07-21 23:21:00 ----D---- C:\Windows\av_ico
2011-07-21 23:19:50 ----HD---- C:\Windows\update.tray-9-0-lnk
2011-07-21 23:19:50 ----HD---- C:\Windows\update.tray-9-0
2011-07-21 23:19:50 ----HD---- C:\Windows\update.tray-7-0-lnk
2011-07-21 23:19:50 ----HD---- C:\Windows\update.tray-7-0

======List of files/folders modified in the last 1 month======

2011-07-22 11:13:21 ----RD---- C:\Program Files
2011-07-22 11:12:59 ----D---- C:\Users\Alexandr\AppData\Roaming\uTorrent
2011-07-22 10:42:00 ----D---- C:\Windows
2011-07-22 10:37:18 ----D---- C:\Windows\System32
2011-07-22 10:37:17 ----D---- C:\Windows\inf
2011-07-22 10:37:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-22 10:32:51 ----D---- C:\ProgramData
2011-07-22 10:32:51 ----A---- C:\ProgramData\HPWALog.txt
2011-07-22 01:27:10 ----D---- C:\Windows\system32\drivers\etc
2011-07-22 01:12:58 ----D---- C:\Windows\system32\NDF
2011-07-22 01:09:04 ----D---- C:\Windows\system32\drivers
2011-07-22 01:05:37 ----A---- C:\Windows\system.ini
2011-07-22 01:04:25 ----D---- C:\Windows\system32\config
2011-07-22 01:00:37 ----D---- C:\Windows\AppPatch
2011-07-22 01:00:34 ----D---- C:\Program Files\Common Files
2011-07-22 00:55:12 ----SHD---- C:\System Volume Information
2011-07-21 23:43:52 ----D---- C:\Windows\system32\catroot
2011-07-21 23:40:30 ----SHD---- C:\Windows\Installer
2011-07-21 23:40:22 ----D---- C:\Program Files\ATI Technologies
2011-07-21 23:40:16 ----D---- C:\Windows\system32\DriverStore
2011-07-21 23:39:32 ----RSD---- C:\Windows\assembly
2011-07-21 23:38:37 ----D---- C:\Windows\Prefetch
2011-07-21 23:18:06 ----D---- C:\ProgramData\Adobe
2011-07-21 20:05:10 ----D---- C:\Windows\system32\catroot2
2011-07-21 11:53:58 ----D---- C:\Users\Alexandr\AppData\Roaming\Skype
2011-07-21 11:52:26 ----D---- C:\Users\Alexandr\AppData\Roaming\skypePM
2011-07-21 11:50:25 ----D---- C:\ProgramData\PDFC
2011-07-13 17:58:11 ----D---- C:\Windows\Tasks
2011-07-13 17:58:11 ----D---- C:\Windows\system32\Tasks
2011-06-26 23:59:50 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 14392]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 25656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-03-08 691696]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 33848]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-04-06 1161664]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2011-03-30 100880]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-30 4994560]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2010-03-02 18424]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2010-03-02 2661368]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-07-02 1765168]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-29 213680]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 alggn661;alggn661; C:\Windows\system32\drivers\alggn661.sys []
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-08-23 103952]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-07-01 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
S3 catchme;catchme; \??\C:\Users\Alexandr\AppData\Local\Temp\catchme.sys []
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-03-27 14336]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-30 176128]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-05-24 294400]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-30 582944]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2009-07-09 124928]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2009-07-08 26168]
R2 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2009-10-23 635416]
R2 srviecheck;srviecheck; C:\Windows\update.2\svchost.exe [2011-07-22 483328]
R2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE [2010-03-02 26112]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-02-15 545576]
S2 srvsysdriver32;srvsysdriver32; C:\Windows\sysdriver32.exe [2011-07-22 249344]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 wxpSvc;webcamXP Service; C:\Program Files\wLite\wService.exe [2010-04-15 4937216]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.09 2011-07-22 11:13:32

======Uninstall list======

µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10q_Plugin.exe -maintain plugin
Advanced Encode Decode Tools-->C:\Program Files\Mediatwins software\AEDTools\uninstall.exe
AMD APP SDK Runtime-->MsiExec.exe /I{A25FF1C0-80B6-4B8B-A551-DC525697A408}
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Atheros Driver Installation Program-->C:\Program Files\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\setup.exe -runfromtemp -l0x0005
ATI Catalyst Install Manager-->msiexec /q/x{B8FA4B2B-67A0-18D0-77DD-F08405016F37} REBOOT=ReallySuppress
Audiosurf-->MsiExec.exe /I{6D316D67-DA52-4659-9C98-F479963534D6}
Big Fish Games: Game Manager-->C:\Program Files\bfgclient\Uninstall.exe
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Broadcom 802.11 Wireless LAN Adapter-->"C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver"
Broadcom Wireless Utility-->"C:\Program Files\Broadcom\Broadcom 802.11\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11_App\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11"
Catalyst Control Center - Branding-->MsiExec.exe /I{19A492A0-888F-44A0-9B21-D91700763F62}
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
Euro Truck Simulator 1.3-->C:\Program Files\Euro Truck Simulator\uninst.exe
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Full Tilt Poker-->C:\Program Files\Full Tilt Poker\uninstall.exe
Gambrinus 11° Excelent-->"C:\Windows\Gambrinus 11° Excelent Uninstaller\unins000.exe"
Gambrinus-->"C:\Windows\Gambrinus Uninstaller\unins000.exe"
Governor of Poker 2-->"C:\Program Files\Governor of Poker 2\Uninstall.exe"
Governor of Poker 2-->"C:\Program Files\Governor of Poker 2\uninstall.exe" "/U:C:\Program Files\Governor of Poker 2\Uninstall\uninstall.xml"
HP 3D DriveGuard-->MsiExec.exe /X{33DBA3CA-4E9D-4087-9911-359E45263D92}
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5B295588-59C1-4386-9F85-BB4BEDCB0D22}\setup.exe" -l0x9 -removeonly
HP Integrated Module with Bluetooth wireless technology-->MsiExec.exe /X{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
HP Quick Launch Buttons-->"C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -runfromtemp -l0x0005 -removeonly uninst
HP Support Assistant-->"C:\Program Files\InstallShield Installation Information\{4F46FDB9-B906-47BF-B3D5-C62E01B3C5EE}\setup.exe" -runfromtemp -l0x0409 -removeonly
HP Wallpaper-->MsiExec.exe /I{F7C629CD-0BD1-4A8C-A7AB-F748C396B612}
HP Web Camera-->MsiExec.exe /I{C7AE4EC3-9C13-4213-8457-74D16B353F91}
HP Webcam Driver-->C:\Program Files\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x0005 -removeonly
HP Webcam-->C:\ProgramData\Uninstall\{1D61E881-43CD-447B-9E6B-D2C6138B2862}\setup.exe /x {1D61E881-43CD-447B-9E6B-D2C6138B2862}
HP Wireless Assistant-->MsiExec.exe /X{54CC7901-804D-4155-B353-21F0CC9112AB}
HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
iMesh-->"C:\Program Files\iMesh Applications\iMesh\UninstallSurvey.exe" "C:\Program Files\iMesh Applications\iMesh\UnwiseLauncher.exe" /A "C:\Program Files\iMesh Applications\iMesh\INSTALL.LOG"
iTunes-->MsiExec.exe /I{81063354-9060-42B2-A000-1EBE96778AA9}
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016F0}
Java(TM) 6 Update 24-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
Kantaris Media Player 0.6.4-->"C:\Program Files\Kantaris\unins000.exe"
Lizard Safeguard - PDF Viewer 2.5.120-->"C:\Program Files\Lizard Safeguard PDF Viewer\unins000.exe"
MediaBar-->"C:\Program Files\iMesh Applications\MediaBar\UnwiseLauncher.exe" /A "C:\Program Files\iMesh Applications\MediaBar\\INSTALL.LOG"
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)-->MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
MOTORM4X-->"C:\Program Files\City Interactive\MOTORM4X Offroad Extreme\uninstall.exe"
Mozilla Firefox 5.0 (x86 cs)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
PC Wizard 2010.1.94-->"C:\Program Files\CPUID\PC Wizard 2010\unins000.exe"
PDF Complete Special Edition-->C:\Program Files\PDF Complete\uninstall.exe
QLBCASL-->MsiExec.exe /I{F1D7AC58-554A-4A58-B784-B61558B1449A}
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
Safari-->MsiExec.exe /I{46A5D1D1-8956-497C-92FB-59C44EFA6214}
Skype Toolbars-->MsiExec.exe /I{981029E0-7FC9-4CF3-AB39-6F133621921A}
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SoundMAX-->C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe -runfromtemp -l0x0005 -removeonly
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
WinRAR-->C:\Program Files\WinRAR\uninstall.exe

======Hosts File======

127.0.0.1 localhost

======System event log======

Computer Name: Alexandr-PC
Event Code: 7036
Message: Stav služby Služba WMI byl změněn na: Spuštěno
Record Number: 264334
Source Name: Service Control Manager
Time Written: 20110507130402.056088-000
Event Type: Informace
User:

Computer Name: Alexandr-PC
Event Code: 7036
Message: Stav služby Klient služby Sledování distribuovaných odkazů byl změněn na: Spuštěno
Record Number: 264333
Source Name: Service Control Manager
Time Written: 20110507130402.040488-000
Event Type: Informace
User:

Computer Name: Alexandr-PC
Event Code: 7036
Message: Stav služby Superfetch byl změněn na: Spuštěno
Record Number: 264332
Source Name: Service Control Manager
Time Written: 20110507130402.040488-000
Event Type: Informace
User:

Computer Name: Alexandr-PC
Event Code: 7036
Message: Stav služby Načítání obrázků (WIA) byl změněn na: Spuštěno
Record Number: 264331
Source Name: Service Control Manager
Time Written: 20110507130402.024887-000
Event Type: Informace
User:

Computer Name: Alexandr-PC
Event Code: 7036
Message: Stav služby PDF Document Manager byl změněn na: Spuštěno
Record Number: 264330
Source Name: Service Control Manager
Time Written: 20110507130401.837687-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: Alexandr-PC
Event Code: 903
Message: Služba Ochrana softwaru byla ukončena.

Record Number: 2582
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20100311143749.000000-000
Event Type: Informace
User:

Computer Name: Alexandr-PC
Event Code: 1000
Message: Čítače výkonu pro službu WmiApRpl (WmiApRpl) byly úspěšně načteny. Data záznamu v datové části obsahují nové indexové hodnoty přiřazené této službě.
Record Number: 2581
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20100311143503.236354-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Alexandr-PC
Event Code: 1001
Message: Čítače výkonu pro službu WmiApRpl (WmiApRpl) byly úspěšně odstraněny. Data záznamu obsahují nové hodnoty položek Last Counter a Last Help systémového registru.
Record Number: 2580
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20100311143502.612352-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Alexandr-PC
Event Code: 902
Message: Služba Ochrana softwaru byla spuštěna.
6.1.7600.16385
Record Number: 2579
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20100311143248.000000-000
Event Type: Informace
User:

Computer Name: Alexandr-PC
Event Code: 1003
Message: Služba Ochrana softwaru dokončila kontrolu stavu licencování.
ID aplikace=55c92734-d682-4d71-983e-d6ec3f16059f
Stav licencování=
1: 022a1afb-b893-4190-92c3-8f69a49839fb, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
2: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8, 1, 1 [(0 [0x00000000, 1, 0], [(?)(?)( 1 0x00000000 0 0 msft:rm/algorithm/bios/4.0 0x00000000 0)(?)(?)(?)])(1 )(2 )]
3: a0cde89c-3304-4157-b61c-c8ad785d1fad, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
4: ac96e1a8-6cc4-4310-a4ff-332ce77fb5b8, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
5: cfb3e52c-d707-4861-af51-11b27ee6169c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
6: 4a8149bb-7d61-49f4-8822-82c7bf88d64b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
7: afd5f68f-b70f-4000-a21d-28dbc8be8b07, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]

Record Number: 2578
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20100311143248.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: Alexandr-PC
Event Code: 5058
Message: Operace se souborem klíče.

Předmět:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5

Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: Není k dispozici.
Název klíče: 70194bf5-1319-4ad3-921a-b91693884eda
Typ klíče: Klíč počítače

Informace o operaci se souborem klíče:
Cesta k souboru: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\32e71c2ee24abf8dffbdf269e33cddc5_1f8d7d2f-0ff6-470c-bf91-6c816b157095
Operace: Čtení trvalého klíče ze souboru
Návratový kód: 0x0
Record Number: 47462
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110209151505.983924-000
Event Type: Úspěšný audit
User:

Computer Name: Alexandr-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 47461
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110209143742.933572-000
Event Type: Úspěšný audit
User:

Computer Name: Alexandr-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: ALEXANDR-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x214
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 47460
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110209143742.933572-000
Event Type: Úspěšný audit
User:

Computer Name: Alexandr-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 47459
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110209115629.916473-000
Event Type: Úspěšný audit
User:

Computer Name: Alexandr-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: ALEXANDR-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x214
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 47458
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110209115629.916473-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\AMD APP\bin\x86;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Broadcom\Broadcom 802.11\Driver;C:\Program Files\WIDCOMM\Bluetooth Software;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Microsoft SQL Server\80\Tools\Binn
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 17 Model 3 Stepping 1, AuthenticAMD
"PROCESSOR_LEVEL"=17
"PROCESSOR_REVISION"=0301
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"AMDAPPSDKROOT"=C:\Program Files\AMD APP\

-----------------EOF-----------------

#2 Příspěvek od **stell** » 22 črc 2011 10:29

ahoj
PROSIM CITAJTE POZORNE NAVOD!!!,

Použij ComboFix podle tohoto návodu: http://www.bleepingcomputer.com/combofi ... t-combofix
Log znej vloz sem.

sAshevA · #3 Příspěvek od **sAshevA** » 22 črc 2011 10:44

ComboFix 11-07-21.02 - Alexandr 22.07.2011 11:33:38.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2813.1825 [GMT 2:00]
Spuštěný z: c:\users\Alexandr\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\ddh_iplist.txt
c:\windows\front_ip_list.txt
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\l1rezerv.exe
c:\windows\loader2.exe_ok
c:\windows\proc_list1.log
c:\windows\sysdriver32.exe
c:\windows\sysdriver32_.exe
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\systemup.exe
c:\windows\update.2
c:\windows\update.2\svchost.exe
c:\windows\update.5.0
c:\windows\winsetupapi.log
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_srviecheck
-------\Service_srvsysdriver32
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-22 do 2011-07-22 )))))))))))))))))))))))))))))))
.
.
2011-07-22 09:39 . 2011-07-22 09:41 -------- d-----w- c:\users\Alexandr\AppData\Local\temp
2011-07-22 09:39 . 2011-07-22 09:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-22 09:32 . 2011-07-22 09:32 -------- d-----w- C:\32788R22FWJFW
2011-07-22 09:13 . 2011-07-22 09:13 -------- d-----w- C:\rsit
2011-07-22 09:13 . 2011-07-22 09:13 -------- d-----w- c:\program files\trend micro
2011-07-22 08:42 . 2011-07-22 08:42 -------- d--h--w- c:\windows\PIF
2011-07-21 21:45 . 2011-07-21 21:45 -------- d-----w- c:\users\Alexandr\AppData\Local\AMD
2011-07-21 21:40 . 2011-07-21 21:40 -------- d-----w- c:\programdata\ATI
2011-07-21 21:40 . 2011-07-21 21:40 -------- d-----w- c:\program files\AMD APP
2011-07-21 21:40 . 2011-07-21 21:40 -------- d-----w- c:\programdata\AMD
2011-07-21 21:40 . 2010-02-18 07:18 37944 ----a-w- c:\windows\system32\drivers\amdiox86.sys
2011-07-21 21:39 . 2011-07-21 21:39 -------- d-----w- c:\users\Default\AppData\Roaming\ATI
2011-07-21 21:39 . 2011-07-21 21:39 -------- d-----w- c:\users\Default\AppData\Local\ATI
2011-07-21 21:28 . 2011-07-21 21:28 -------- d-----w- C:\ATI
2011-07-21 21:22 . 2011-07-21 21:22 -------- d-----w- c:\windows\ufa
2011-07-21 21:22 . 2011-07-21 21:22 -------- d-----w- c:\windows\rpcminer
2011-07-21 21:22 . 2011-07-21 21:22 -------- d-----w- c:\windows\phoenix
2011-07-21 21:22 . 2011-07-21 21:22 246272 ----a-w- c:\windows\unrar.exe
2011-07-21 21:21 . 2011-07-21 21:21 -------- d-----w- c:\windows\av_ico
2011-07-21 21:19 . 2011-07-21 23:03 -------- d--h--w- c:\windows\update.tray-9-0
2011-07-21 21:19 . 2011-07-21 23:03 -------- d--h--w- c:\windows\update.tray-7-0
2011-07-21 21:19 . 2011-07-21 21:19 -------- d--h--w- c:\windows\update.tray-9-0-lnk
2011-07-21 21:19 . 2011-07-21 21:19 -------- d--h--w- c:\windows\update.tray-7-0-lnk
2011-06-26 21:59 . 2011-06-26 21:59 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-06-26 21:59 . 2011-06-26 21:59 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-26 16:56 . 2011-05-26 16:56 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-24 21:44 . 2011-05-24 21:44 59904 ----a-w- c:\windows\system32\OVDecode.dll
2011-05-24 21:44 . 2011-05-24 21:44 51712 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-24 21:43 . 2011-05-24 21:43 12798976 ----a-w- c:\windows\system32\amdocl.dll
2011-06-26 21:59 . 2011-05-01 10:25 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-21_23.05.36 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-03-01 20:53 . 2011-07-22 08:34 45280 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:55 . 2011-07-22 09:42 42192 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-03-01 19:43 . 2011-07-22 09:42 10842 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3561380983-3727810049-282351297-1000_UserData.bin
+ 2010-03-01 20:54 . 2011-07-22 09:41 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-03-01 20:54 . 2011-07-21 23:07 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-03-01 20:54 . 2011-07-21 23:07 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-03-01 20:54 . 2011-07-22 09:41 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-03-01 20:54 . 2011-07-21 23:07 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-03-01 20:54 . 2011-07-22 09:41 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-03-01 20:01 . 2011-07-21 23:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-03-01 20:01 . 2011-07-22 09:41 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-03-01 20:01 . 2011-07-22 09:41 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-03-01 20:01 . 2011-07-21 23:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-07-21 22:43 . 2011-07-21 23:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-07-22 08:32 . 2011-07-22 09:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-07-21 22:43 . 2011-07-21 23:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-07-22 08:32 . 2011-07-22 09:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 02:05 . 2011-07-22 08:37 625020 c:\windows\System32\perfh009.dat
- 2009-07-14 02:05 . 2011-07-21 22:50 625020 c:\windows\System32\perfh009.dat
+ 2009-07-14 08:44 . 2011-07-22 08:37 640490 c:\windows\System32\perfh005.dat
- 2009-07-14 08:44 . 2011-07-21 22:50 640490 c:\windows\System32\perfh005.dat
- 2009-07-14 02:05 . 2011-07-21 22:50 111252 c:\windows\System32\perfc009.dat
+ 2009-07-14 02:05 . 2011-07-22 08:37 111252 c:\windows\System32\perfc009.dat
- 2009-07-14 08:44 . 2011-07-21 22:50 126494 c:\windows\System32\perfc005.dat
+ 2009-07-14 08:44 . 2011-07-22 08:37 126494 c:\windows\System32\perfc005.dat
- 2009-07-14 04:47 . 2011-07-21 22:13 405712 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 04:47 . 2011-07-21 23:45 405712 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-07-21 21:43 . 2011-07-21 23:45 405712 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3561380983-3727810049-282351297-1000-12288.dat
- 2011-07-21 21:43 . 2011-07-21 22:13 405712 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3561380983-3727810049-282351297-1000-12288.dat
+ 2010-03-02 10:07 . 2011-07-21 23:45 1018376 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2010-03-02 10:07 . 2011-07-21 22:13 1018376 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
2010-03-24 09:36 392624 ----a-w- c:\program files\iMesh Applications\MediaBar\DataMngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}]
2009-11-20 17:34 87472 ----a-w- c:\program files\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-09-02 13:56 1175944 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-02 1175944]
"{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}"= "c:\program files\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll" [2009-11-20 87472]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{abb49b3b-ab7d-4ed0-9135-93fd5aa4f69f}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-02 1175944]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-09-27 328056]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-29 1545512]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-07-27 288312]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2009-10-23 563736]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11\WLTRAY.exe" [2010-03-02 4367360]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-02-15 141608]
"DataMngr"="c:\progra~1\IMESHA~1\MediaBar\DataMngr\DataMngrUI.exe" [2010-03-24 797104]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 336384]
.
c:\users\Alexandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-30 795936]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\IMESHA~1\MediaBar\DataMngr\datamngr.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [x]
R3 wxpSvc;webcamXP Service;c:\program files\wLite\wService.exe [2010-04-14 4937216]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-08 691696]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-29 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-05-24 294400]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2009-10-23 635416]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-03-30 100880]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
S3 yukonw7;Ovladač NDIS6.2 Miniport pro řadič Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-13 c:\windows\Tasks\HPCeeScheduleForAlexandr.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2010-03-02 13:38]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.babylon.com/home?AF=15627
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Alexandr\AppData\Roaming\Mozilla\Firefox\Profiles\dt0fyd16.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=15627
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=adbartrp&AF=15627&q=
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wxpSvc]
"ImagePath"="c:\program files\wLite\wService.exe /startedbyscm:5053B757-40E35B3B-webcamSRV"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(3384)
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Broadcom\Broadcom 802.11\bcmwltry.exe
c:\windows\system32\AEADISRV.EXE
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2011-07-22 11:43:53 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-22 09:43
ComboFix2.txt 2011-07-21 23:09
.
Před spuštěním: 4 572 540 928
Po spuštění: 4 809 846 784
.
- - End Of File - - 582E02694073F154E379B8C1E552C2E7

#4 Příspěvek od **stell** » 22 črc 2011 10:51

Toto otestuj na www.virustotal.com
c:\windows\unrar.exe
link z testu vloz sem

sAshevA · #5 Příspěvek od **sAshevA** » 22 črc 2011 10:55

je to ono ?...

MD5 : 49710e363e4c247716508672f909d5ba
SHA1 : 74538e7a6515166fd6e83b9c72ee28e529e462e8
SHA256: cffd9238edb8484c2831508505e81a733f5074ba002f98e573dbdb7118c687ad
ssdeep: 3072:Ky5KKAGwRUhNeJzDNZTWwIX1rp2k8eoiUhdlMocLTGATyGSR+mwEeJd5p1dwCh4:Rgpnq2
Jz5ZKJlQjjlMocmYCR/o1dwCh
File size : 246272 bytes
First seen: 2010-03-15 19:33:27
Last seen : 2011-07-22 09:40:19
TrID:
Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%)
sigcheck:
publisher....: Alexander Roshal
copyright....: Copyright (c) Alexander Roshal 1993-2010
product......: WinRAR
description..: Command line RAR
original name: n/a
internal name: Command line RAR
file version.: 3.93.0
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x24177
timedatestamp....: 0x4B9DD329 (Mon Mar 15 06:26:49 2010)
machinetype......: 0x14c (I386)

[[ 5 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x2C95E, 0x2CA00, 6.62, df5c4f5d69e8802087ec5c0ef35eeef1
.rdata, 0x2E000, 0x4240, 0x4400, 5.24, 3f35a25720b65c4e0883207cbd5ac755
.data, 0x33000, 0xC5A0, 0x1800, 3.06, 26c8424186cc465b952f9c6bbcb8aac4
.rsrc, 0x40000, 0x7048, 0x7200, 3.48, 77ac8803f1af82540968e833b1991b79
.reloc, 0x48000, 0x254A, 0x2600, 5.05, 5f990b91273cc233436cff15a1b0eaa0

[[ 4 import(s) ]]
KERNEL32.dll: GetCurrentDirectoryA, CloseHandle, GetCurrentProcess, SetFileTime, MoveFileA, FlushFileBuffers, SetFilePointer, SetEndOfFile, GetFileType, CreateFileA, CreateFileW, ReadFile, SetLastError, WriteFile, GetDriveTypeA, GetDiskFreeSpaceA, GetProcAddress, GetModuleHandleA, GetFileAttributesA, GetFileAttributesW, SetFileAttributesA, SetFileAttributesW, GetFullPathNameA, DeleteFileA, DeleteFileW, DeviceIoControl, CreateDirectoryA, CreateDirectoryW, ExpandEnvironmentStringsW, ExpandEnvironmentStringsA, FindClose, GetLastError, FindFirstFileA, FindNextFileW, FindFirstFileW, GetVersionExA, GetModuleFileNameA, SetErrorMode, FreeLibrary, LoadLibraryA, LoadLibraryExA, CompareStringA, SetThreadPriority, GetCurrentThread, SetPriorityClass, LocalFileTimeToFileTime, SystemTimeToFileTime, FileTimeToSystemTime, FileTimeToLocalFileTime, GetSystemTime, WideCharToMultiByte, MultiByteToWideChar, CompareStringW, IsDBCSLeadByte, GetCPInfo, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, SetStdHandle, SetEnvironmentVariableA, GetLocaleInfoA, FormatMessageA, LocalFree, SetConsoleCtrlHandler, Sleep, GetStdHandle, GetConsoleMode, SetConsoleMode, FindNextFileA, ReadConsoleA, GetStringTypeW, GetStringTypeA, RtlUnwind, HeapAlloc, HeapFree, HeapReAlloc, GetModuleHandleW, ExitProcess, GetSystemTimeAsFileTime, GetCommandLineA, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, InterlockedIncrement, GetCurrentThreadId, InterlockedDecrement, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, VirtualFree, VirtualAlloc, HeapCreate, GetACP, GetOEMCP, IsValidCodePage, RaiseException, HeapSize, GetVersion, InitializeCriticalSectionAndSpinCount, LCMapStringA, LCMapStringW, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, GetStartupInfoA, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetConsoleCP
USER32.dll: CharLowerW, ExitWindowsEx, CharLowerA, LoadStringA, CharUpperA, CharToOemBuffA, CharToOemA, OemToCharA, OemToCharBuffA, CharUpperW
ADVAPI32.dll: RegQueryValueExA, RegCloseKey, SetFileSecurityW, SetFileSecurityA, OpenProcessToken, LookupPrivilegeValueA, AdjustTokenPrivileges, RegOpenKeyExA
SHELL32.dll: SHGetMalloc, SHGetSpecialFolderLocation, SHGetPathFromIDListA
ExifTool:
file metadata
CharacterSet: Windows, Latin1
CodeSize: 182784
CompanyName: Alexander Roshal
EntryPoint: 0x24177
FileDescription: Command line RAR
FileFlagsMask: 0x0000
FileOS: Win32
FileSize: 240 kB
FileSubtype: 0
FileType: Win32 EXE
FileVersion: 3.93.0
FileVersionNumber: 3.93.0.0
ImageVersion: 0.0
InitializedDataSize: 107008
InternalName: Command line RAR
LanguageCode: English (U.S.)
LegalCopyright: Copyright Alexander Roshal 1993-2010
LinkerVersion: 9.0
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 5.0
ObjectFileType: Executable application
PEType: PE32
ProductName: WinRAR
ProductVersionNumber: 3.93.0.0
Subsystem: Windows command line
SubsystemVersion: 4.0
TimeStamp: 2010:03:15 07:26:49+01:00
UninitializedDataSize: 0

sAshevA · #6 Příspěvek od **sAshevA** » 22 črc 2011 11:02

nebo to je tohle ?

AhnLab-V3 2011.07.22.02 2011.07.22 -
AntiVir 7.11.12.55 2011.07.22 -
Antiy-AVL 2.0.3.7 2011.07.22 -
Avast 4.8.1351.0 2011.07.22 -
Avast5 5.0.677.0 2011.07.22 -
AVG 10.0.0.1190 2011.07.22 -
BitDefender 7.2 2011.07.22 -
CAT-QuickHeal 11.00 2011.07.22 -
ClamAV 0.97.0.0 2011.07.22 -
Commtouch 5.3.2.6 2011.07.22 -
Comodo 9468 2011.07.22 -
DrWeb 5.0.2.03300 2011.07.22 -
Emsisoft 5.1.0.8 2011.07.22 -
eSafe 7.0.17.0 2011.07.21 -
eTrust-Vet 36.1.8458 2011.07.22 -
F-Prot 4.6.2.117 2011.07.22 -
F-Secure 9.0.16440.0 2011.07.22 -
Fortinet 4.2.257.0 2011.07.22 -
GData 22 2011.07.22 -
Ikarus T3.1.1.104.0 2011.07.22 -
Jiangmin 13.0.900 2011.07.21 -
K7AntiVirus 9.108.4933 2011.07.21 -
Kaspersky 9.0.0.837 2011.07.22 -
McAfee 5.400.0.1158 2011.07.22 -
McAfee-GW-Edition 2010.1D 2011.07.21 -
Microsoft 1.7104 2011.07.22 -
NOD32 6315 2011.07.22 -
Norman 6.07.10 2011.07.22 -
nProtect 2011-07-22.01 2011.07.22 -
Panda 10.0.3.5 2011.07.21 -
PCTools 8.0.0.5 2011.07.22 -
Prevx 3.0 2011.07.22 -
Rising 23.67.04.03 2011.07.22 -
Sophos 4.67.0 2011.07.22 -
SUPERAntiSpyware 4.40.0.1006 2011.07.22 -
Symantec 20111.1.0.186 2011.07.22 -
TheHacker 6.7.0.1.260 2011.07.22 -
TrendMicro 9.200.0.1012 2011.07.22 -
TrendMicro-HouseCall 9.200.0.1012 2011.07.22 -
VBA32 3.12.16.4 2011.07.21 -
VIPRE 9927 2011.07.22 -
ViRobot 2011.7.22.4583 2011.07.22 -
VirusBuster 14.0.133.0 2011.07.21 -

#7 Příspěvek od **stell** » 22 črc 2011 11:03

nie , este raz a po skonceni skenu vloz sem LINK<so stranky.

sAshevA · #8 Příspěvek od **sAshevA** » 22 črc 2011 11:04

tady ...
http://www.virustotal.com/file-scan/rea ... 1311328281

#9 Příspěvek od **stell** » 22 črc 2011 11:05

ok
Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý zeleny tex:

Kód: Vybrat vše

KILLALL::
Folder::
c:\windows\update.tray-9-0
c:\windows\update.tray-7-0
c:\windows\update.tray-9-0-lnk
c:\windows\update.tray-7-0-lnk
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[-HKEY_CLASSES_ROOT\clsid\{abb49b3b-ab7d-4ed0-9135-93fd5aa4f69f}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=-
"SunJavaUpdateSched"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=""
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

Folder::
c:\program files\iMesh Applications
c:\program files\Ask.com
c:\progra~1\IMESHA~1

Potom klik na Subor -> Uložiť ako.. .. -> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *všetky súbory
A ulož ho na plochu.> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :
Obrázek

Po skonceni skenu vlož log čo ComboFix vytvorí

sAshevA · #10 Příspěvek od **sAshevA** » 22 črc 2011 11:24

ComboFix 11-07-21.02 - Alexandr 22.07.2011 12:09:18.3.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2813.1943 [GMT 2:00]
Spuštěný z: c:\users\Alexandr\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Alexandr\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\progra~1\IMESHA~1
c:\progra~1\IMESHA~1\iMesh\ammp3.dll
c:\progra~1\IMESHA~1\iMesh\avcodec-51.dll
c:\progra~1\IMESHA~1\iMesh\avformat-51.dll
c:\progra~1\IMESHA~1\iMesh\avutil-49.dll
c:\progra~1\IMESHA~1\iMesh\BerkeleyLoader.dll
c:\progra~1\IMESHA~1\iMesh\DiscoveryHelper.dll
c:\progra~1\IMESHA~1\iMesh\FFPage.exe
c:\progra~1\IMESHA~1\iMesh\FixAudioDriverSignature.reg
c:\progra~1\IMESHA~1\iMesh\GIFAnimator.dll
c:\progra~1\IMESHA~1\iMesh\HTML\error.html
c:\progra~1\IMESHA~1\iMesh\HTML\Images\bg-top.jpg
c:\progra~1\IMESHA~1\iMesh\HTML\loading.html
c:\progra~1\IMESHA~1\iMesh\HTML\noInternet.html
c:\progra~1\IMESHA~1\iMesh\HTML\offline.html
c:\progra~1\IMESHA~1\iMesh\HTML\Recommendation_Offline.html
c:\progra~1\IMESHA~1\iMesh\ImageUploader5.ocx
c:\progra~1\IMESHA~1\iMesh\iMesh.exe
c:\progra~1\IMESHA~1\iMesh\IMTrProgress.dll
c:\progra~1\IMESHA~1\iMesh\IMWebControl.dll
c:\progra~1\IMESHA~1\iMesh\INSTALL.LOG
c:\progra~1\IMESHA~1\iMesh\InstallHelper.dll
c:\progra~1\IMESHA~1\iMesh\Launcher.exe
c:\progra~1\IMESHA~1\iMesh\libungif4.dll
c:\progra~1\IMESHA~1\iMesh\lic_helper.dll
c:\progra~1\IMESHA~1\iMesh\license.txt
c:\progra~1\IMESHA~1\iMesh\NCTAudioCDGrabber2.dll
c:\progra~1\IMESHA~1\iMesh\NCTAudioCDWriter2.dll
c:\progra~1\IMESHA~1\iMesh\NCTAudioCompress3.dll
c:\progra~1\IMESHA~1\iMesh\NCTAudioFile3.dll
c:\progra~1\IMESHA~1\iMesh\NCTAudioFileWMA3.dll
c:\progra~1\IMESHA~1\iMesh\NCTAudioFormatSettings3.dll
c:\progra~1\IMESHA~1\iMesh\NCTDataCDWriter2.dll
c:\progra~1\IMESHA~1\iMesh\ResourcesLOC.dll
c:\progra~1\IMESHA~1\iMesh\Shw32.dll
c:\progra~1\IMESHA~1\iMesh\Skins\Default.skn
c:\progra~1\IMESHA~1\iMesh\Skins\Default.xml
c:\progra~1\IMESHA~1\iMesh\Skins\Images\DefArtwork.jpg
c:\progra~1\IMESHA~1\iMesh\Skins\Images\DefFemale.gif
c:\progra~1\IMESHA~1\iMesh\Skins\Images\DefMale.gif
c:\progra~1\IMESHA~1\iMesh\Skins\Images\FriendshipNotif.jpg
c:\progra~1\IMESHA~1\iMesh\Skins\Images\SendPlaylist.jpg
c:\progra~1\IMESHA~1\iMesh\Skins\Images\TAFLogo.PNG
c:\progra~1\IMESHA~1\iMesh\Skins\Images\ToGoLogo.PNG
c:\progra~1\IMESHA~1\iMesh\Skins\PS.exe
c:\progra~1\IMESHA~1\iMesh\Skins\RemoteSkin.wmz
c:\progra~1\IMESHA~1\iMesh\Skins\Settings.xml
c:\progra~1\IMESHA~1\iMesh\UninstallSurvey.exe
c:\progra~1\IMESHA~1\iMesh\UninstallUsers.exe
c:\progra~1\IMESHA~1\iMesh\UNWISE.EXE
c:\progra~1\IMESHA~1\iMesh\UnwiseLauncher.exe
c:\progra~1\IMESHA~1\iMesh\UpdateInst.exe
c:\progra~1\IMESHA~1\iMesh\WMAProfiles.prx
c:\progra~1\IMESHA~1\iMesh\WMHelper.dll
c:\progra~1\IMESHA~1\iMesh\WMHelper.log
c:\progra~1\IMESHA~1\MediaBar\DataMngr\datamngr.dll
c:\progra~1\IMESHA~1\MediaBar\DataMngr\DataMngrUI.exe
c:\progra~1\IMESHA~1\MediaBar\DataMngr\IEBHO.dll
c:\progra~1\IMESHA~1\MediaBar\INSTALL.LOG
c:\progra~1\IMESHA~1\MediaBar\main.ico
c:\progra~1\IMESHA~1\MediaBar\ToolBar\components\windowmediator.js
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\data\search\engines.xml
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\data\search\search.xsl
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\imeshmediabar.js
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\about.xml
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\dtxwin.xul
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\external.js
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\neterror.xhtml
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\wmpstreamer.html
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\modules\datastore.jsm
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\neterror.xhtml
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\preferences.xml
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\toolbar.htm
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\toolbar.xul
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\uwa.js
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-mdl.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tl.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tr.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-dragresize.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-down.PNG
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-over.PNG
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-down.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-over.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-down.PNG
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-over.PNG
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize.PNG
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next-off.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous-off.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\navico-home.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\panel.html
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\powered-mystart.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\tb_icon.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.js
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.xml
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-mdl.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tl.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tr.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-dragresize.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close-down.PNG
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close-over.PNG
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize-down.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize-over.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize-down.PNG
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize-over.PNG
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize.PNG
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-next-off.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-next.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-previous-off.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-previous.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\navico-home.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\panel.html
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\powered-mystart.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\tb_icon.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\widget.js
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\widget.xml
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\bluelite.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\bluesky.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\btn-search-over.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\btn-search.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\btn-settings-over.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\btn-settings.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\btn-widgets-over.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\btn-widgets.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\btn_settings.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\button-down-back-ff.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\button-down-back.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\button-down-left.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\button-down-right.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\button-down-splitter.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\button-drop-back.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\button-drop-left.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\button-drop-right.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\button-drop-splitter.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\button-hover-back-ff.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\button-hover-back.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\button-hover-left.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\button-hover-right.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\button-hover-splitter.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\ca.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\dictionary.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\divider.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\downloadcom.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\dtxlogo.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\ebay.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\email.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\email_on.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\games.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\graphred0.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\graphred0_5.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\grey.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\headsup.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\ico-shield.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\images.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\imeshmediabar.css
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\add.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\aol.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\arrow-right.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\arrow-up.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\blank.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\btnback-vista.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\btnright-vista.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\collapse.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\comcast.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\dtx.css
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\edit-back.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\expand.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\found.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\gmail.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\highlight.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\highlight_blue.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\highlight_lime.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\hotmail.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\checkmark.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\chevron.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\imap.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\loadingMid.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\lock.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\mailcom.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\menu_separator_white.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\menuitemright-down-vista.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\menuitemright-vista.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\modify.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\move.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\movetarget.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\css\popupAbout.css
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\css\popupGames.css
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\footer.htm
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\gamecategory.xsl
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\gameData.js
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\gameList.xsl
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\gametype.xsl
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-drag.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-next.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-previous.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-download.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-play.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-tags.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-Add.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-download.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-Info.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-play.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-shop.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollb.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollt.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\popupGames.html
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\pop.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\css\manager.css
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\css\slider.css
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\ico-radio.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\music-note.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-options.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\slider.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\slideron.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\track.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\managerpanel.html
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\volumeslider.html
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\reload.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\remove.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\rename.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\resize-box.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\rss.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\rsschannelback.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\RSSLogo.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\rsstabdivider.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\scroll-left.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\scroll-right.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\search-go.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\search.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\text-ellipsis.xml
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\toolbarsplitter.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\transparent_1px.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_02.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_03.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_04.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_06.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_07.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_08.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_09.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_10.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_11.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_12.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_13.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_15.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_16.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_18.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_19.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_20.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_21.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\close-hot.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\close-normal.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\loadingMid.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\proxy.html
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\template.html
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\template.xml
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\template_youtube.xml
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\templateFF.html
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\templateFF_save.html
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\throbber.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\yahoo.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\lichen.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\logo-about.jpg
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\logo-about.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\logo-over.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\logo.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\logo_save.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\maps.bmp
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\menuseparatorback.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\modify-save.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\modify.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\modifyhot.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\music.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\news.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\options\options-main.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\options\options-search.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\options\options-weather.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\options\options-widgets.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\orange.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\pixsy.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\relatedlinks.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\rss-collapse.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\rss-delete.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\rss-expand.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\rss-feed.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\rss-folder-remove.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\rss-folder-rename.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\rss-folder.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\rss-found.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\rss-reload.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\rss-subscribe.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\rss.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\rssback.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\rsstopback.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\search-over.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\search.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\searchbar\searchbar-background-left.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\searchbar\searchbar-background-right.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\settings.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\shopping.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\siteinfo.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\skin-bluelite.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\skin-bluesky.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\skin-grey.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\skin-lichen.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\skin-orange.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\skin-yellow.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\technorati.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\throbber.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\toolbarsplitter.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\video.bmp
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\weather.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\web.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\widget_allocine.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\widget_bliptv.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\widget_calcal.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\widget_calculator.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\widget_gservices.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\widget_sudoku.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\widget_todo.jpg
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\widget_todo.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\widget_trio.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\widget_uconverter.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\widgets-square-16px.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\widgets.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\wikipedia.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\yahoosearch.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\yellow.gif
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\youtube.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\chrome\skin\zoom.png
c:\progra~1\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarDx.dll
c:\progra~1\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarTb.dll
c:\progra~1\IMESHA~1\MediaBar\ToolBar\manifest.xml
c:\progra~1\IMESHA~1\MediaBar\ToolBar\uninstall.exe
c:\progra~1\IMESHA~1\MediaBar\UNWISE.EXE
c:\progra~1\IMESHA~1\MediaBar\UnwiseLauncher.exe
c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe
c:\program files\iMesh Applications\iMesh\ammp3.dll
c:\program files\iMesh Applications\iMesh\avcodec-51.dll
c:\program files\iMesh Applications\iMesh\avformat-51.dll
c:\program files\iMesh Applications\iMesh\avutil-49.dll
c:\program files\iMesh Applications\iMesh\BerkeleyLoader.dll
c:\program files\iMesh Applications\iMesh\DiscoveryHelper.dll
c:\program files\iMesh Applications\iMesh\FFPage.exe
c:\program files\iMesh Applications\iMesh\FixAudioDriverSignature.reg
c:\program files\iMesh Applications\iMesh\GIFAnimator.dll
c:\program files\iMesh Applications\iMesh\HTML\error.html
c:\program files\iMesh Applications\iMesh\HTML\Images\bg-top.jpg
c:\program files\iMesh Applications\iMesh\HTML\loading.html
c:\program files\iMesh Applications\iMesh\HTML\noInternet.html
c:\program files\iMesh Applications\iMesh\HTML\offline.html
c:\program files\iMesh Applications\iMesh\HTML\Recommendation_Offline.html
c:\program files\iMesh Applications\iMesh\ImageUploader5.ocx
c:\program files\iMesh Applications\iMesh\iMesh.exe
c:\program files\iMesh Applications\iMesh\IMTrProgress.dll
c:\program files\iMesh Applications\iMesh\IMWebControl.dll
c:\program files\iMesh Applications\iMesh\INSTALL.LOG
c:\program files\iMesh Applications\iMesh\InstallHelper.dll
c:\program files\iMesh Applications\iMesh\Launcher.exe
c:\program files\iMesh Applications\iMesh\libungif4.dll
c:\program files\iMesh Applications\iMesh\lic_helper.dll
c:\program files\iMesh Applications\iMesh\license.txt
c:\program files\iMesh Applications\iMesh\NCTAudioCDGrabber2.dll
c:\program files\iMesh Applications\iMesh\NCTAudioCDWriter2.dll
c:\program files\iMesh Applications\iMesh\NCTAudioCompress3.dll
c:\program files\iMesh Applications\iMesh\NCTAudioFile3.dll
c:\program files\iMesh Applications\iMesh\NCTAudioFileWMA3.dll
c:\program files\iMesh Applications\iMesh\NCTAudioFormatSettings3.dll
c:\program files\iMesh Applications\iMesh\NCTDataCDWriter2.dll
c:\program files\iMesh Applications\iMesh\ResourcesLOC.dll
c:\program files\iMesh Applications\iMesh\Shw32.dll
c:\program files\iMesh Applications\iMesh\Skins\Default.skn
c:\program files\iMesh Applications\iMesh\Skins\Default.xml
c:\program files\iMesh Applications\iMesh\Skins\Images\DefArtwork.jpg
c:\program files\iMesh Applications\iMesh\Skins\Images\DefFemale.gif
c:\program files\iMesh Applications\iMesh\Skins\Images\DefMale.gif
c:\program files\iMesh Applications\iMesh\Skins\Images\FriendshipNotif.jpg
c:\program files\iMesh Applications\iMesh\Skins\Images\SendPlaylist.jpg
c:\program files\iMesh Applications\iMesh\Skins\Images\TAFLogo.PNG
c:\program files\iMesh Applications\iMesh\Skins\Images\ToGoLogo.PNG
c:\program files\iMesh Applications\iMesh\Skins\PS.exe
c:\program files\iMesh Applications\iMesh\Skins\RemoteSkin.wmz
c:\program files\iMesh Applications\iMesh\Skins\Settings.xml
c:\program files\iMesh Applications\iMesh\UninstallSurvey.exe
c:\program files\iMesh Applications\iMesh\UninstallUsers.exe
c:\program files\iMesh Applications\iMesh\UNWISE.EXE
c:\program files\iMesh Applications\iMesh\UnwiseLauncher.exe
c:\program files\iMesh Applications\iMesh\UpdateInst.exe
c:\program files\iMesh Applications\iMesh\WMAProfiles.prx
c:\program files\iMesh Applications\iMesh\WMHelper.dll
c:\program files\iMesh Applications\iMesh\WMHelper.log
c:\program files\iMesh Applications\MediaBar\DataMngr\datamngr.dll
c:\program files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe
c:\program files\iMesh Applications\MediaBar\DataMngr\IEBHO.dll
c:\program files\iMesh Applications\MediaBar\INSTALL.LOG
c:\program files\iMesh Applications\MediaBar\main.ico
c:\program files\iMesh Applications\MediaBar\ToolBar\components\windowmediator.js
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\data\search\engines.xml
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\data\search\search.xsl
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\imeshmediabar.js
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\lib\about.xml
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\lib\dtxwin.xul
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\lib\external.js
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\lib\neterror.xhtml
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\lib\wmpstreamer.html
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\modules\datastore.jsm
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\neterror.xhtml
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\preferences.xml
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\toolbar.htm
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\toolbar.xul
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\uwa.js
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-mdl.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tl.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tr.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-dragresize.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-down.PNG
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-over.PNG
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-down.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-over.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-down.PNG
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-over.PNG
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize.PNG
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next-off.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous-off.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\navico-home.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\panel.html
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\powered-mystart.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\tb_icon.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.js
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.xml
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-mdl.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tl.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tr.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-dragresize.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close-down.PNG
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close-over.PNG
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize-down.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize-over.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize-down.PNG
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize-over.PNG
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize.PNG
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-next-off.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-next.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-previous-off.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-previous.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\navico-home.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\panel.html
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\powered-mystart.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\tb_icon.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\widget.js
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\widget.xml
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\bluelite.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\bluesky.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\btn-search-over.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\btn-search.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\btn-settings-over.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\btn-settings.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\btn-widgets-over.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\btn-widgets.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\btn_settings.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\button-down-back-ff.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\button-down-back.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\button-down-left.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\button-down-right.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\button-down-splitter.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\button-drop-back.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\button-drop-left.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\button-drop-right.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\button-drop-splitter.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\button-hover-back-ff.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\button-hover-back.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\button-hover-left.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\button-hover-right.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\button-hover-splitter.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\ca.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\dictionary.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\divider.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\downloadcom.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\dtxlogo.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\ebay.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\email.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\email_on.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\games.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\graphred0.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\graphred0_5.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\grey.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\headsup.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\ico-shield.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\images.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\imeshmediabar.css
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\add.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\aol.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\arrow-right.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\arrow-up.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\blank.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\btnback-vista.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\btnright-vista.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\collapse.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\comcast.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\dtx.css
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\edit-back.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\expand.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\found.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\gmail.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\highlight.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\highlight_blue.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\highlight_lime.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\hotmail.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\checkmark.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\chevron.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\imap.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\loadingMid.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\lock.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\mailcom.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\menu_separator_white.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\menuitemright-down-vista.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\menuitemright-vista.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\modify.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\move.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\movetarget.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\css\popupAbout.css
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\css\popupGames.css
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\footer.htm
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\gamecategory.xsl
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\gameData.js
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\gameList.xsl
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\gametype.xsl
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-drag.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-next.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-previous.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-download.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-play.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-tags.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-Add.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-download.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-Info.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-play.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-shop.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollb.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollt.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\popupGames.html
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\pop.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\css\manager.css
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\css\slider.css
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\ico-radio.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\music-note.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-options.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\slider.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\slideron.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\track.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\managerpanel.html
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\radio\volumeslider.html
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\reload.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\remove.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\rename.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\resize-box.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\rss.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\rsschannelback.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\RSSLogo.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\rsstabdivider.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\scroll-left.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\scroll-right.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\search-go.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\search.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\text-ellipsis.xml
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\toolbarsplitter.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\transparent_1px.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_02.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_03.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_04.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_06.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_07.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_08.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_09.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_10.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_11.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_12.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_13.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_15.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_16.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_18.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_19.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_20.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_21.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\close-hot.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\close-normal.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\loadingMid.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\proxy.html
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\template.html
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\template.xml
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\template_youtube.xml
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\templateFF.html
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\templateFF_save.html
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\throbber.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lib\yahoo.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\lichen.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\logo-about.jpg
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\logo-about.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\logo-over.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\logo.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\logo_save.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\maps.bmp
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\menuseparatorback.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\modify-save.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\modify.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\modifyhot.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\music.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\news.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\options\options-main.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\options\options-search.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\options\options-weather.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\options\options-widgets.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\orange.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\pixsy.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\relatedlinks.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\rss-collapse.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\rss-delete.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\rss-expand.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\rss-feed.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\rss-folder-remove.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\rss-folder-rename.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\rss-folder.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\rss-found.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\rss-reload.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\rss-subscribe.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\rss.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\rssback.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\rsstopback.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\search-over.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\search.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\searchbar\searchbar-background-left.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\searchbar\searchbar-background-right.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\settings.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\shopping.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\siteinfo.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\skin-bluelite.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\skin-bluesky.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\skin-grey.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\skin-lichen.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\skin-orange.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\skin-yellow.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\technorati.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\throbber.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\toolbarsplitter.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\video.bmp
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\weather.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\web.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\widget_allocine.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\widget_bliptv.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\widget_calcal.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\widget_calculator.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\widget_gservices.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\widget_sudoku.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\widget_todo.jpg
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\widget_todo.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\widget_trio.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\widget_uconverter.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\widgets-square-16px.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\widgets.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\wikipedia.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\yahoosearch.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\yellow.gif
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\youtube.png
c:\program files\iMesh Applications\MediaBar\ToolBar\chrome\skin\zoom.png
c:\program files\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll
c:\program files\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarTb.dll
c:\program files\iMesh Applications\MediaBar\ToolBar\manifest.xml
c:\program files\iMesh Applications\MediaBar\ToolBar\uninstall.exe
c:\program files\iMesh Applications\MediaBar\UNWISE.EXE
c:\program files\iMesh Applications\MediaBar\UnwiseLauncher.exe
c:\windows\update.tray-7-0-lnk
c:\windows\update.tray-7-0-lnk\svchost.exe
c:\windows\update.tray-7-0
c:\windows\update.tray-9-0-lnk
c:\windows\update.tray-9-0-lnk\svchost.exe
c:\windows\update.tray-9-0
.
.

sAshevA · #11 Příspěvek od **sAshevA** » 22 črc 2011 11:24

((((((((((((((((((((((((( Soubory vytvořené od 2011-06-22 do 2011-07-22 )))))))))))))))))))))))))))))))
.
.
2011-07-22 10:15 . 2011-07-22 10:17 -------- d-----w- c:\users\Alexandr\AppData\Local\temp
2011-07-22 10:15 . 2011-07-22 10:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-22 09:13 . 2011-07-22 09:13 -------- d-----w- C:\rsit
2011-07-22 09:13 . 2011-07-22 09:13 -------- d-----w- c:\program files\trend micro
2011-07-22 08:42 . 2011-07-22 08:42 -------- d--h--w- c:\windows\PIF
2011-07-21 21:45 . 2011-07-21 21:45 -------- d-----w- c:\users\Alexandr\AppData\Local\AMD
2011-07-21 21:40 . 2011-07-21 21:40 -------- d-----w- c:\programdata\ATI
2011-07-21 21:40 . 2011-07-21 21:40 -------- d-----w- c:\program files\AMD APP
2011-07-21 21:40 . 2011-07-21 21:40 -------- d-----w- c:\programdata\AMD
2011-07-21 21:40 . 2010-02-18 07:18 37944 ----a-w- c:\windows\system32\drivers\amdiox86.sys
2011-07-21 21:39 . 2011-07-21 21:39 -------- d-----w- c:\users\Default\AppData\Roaming\ATI
2011-07-21 21:39 . 2011-07-21 21:39 -------- d-----w- c:\users\Default\AppData\Local\ATI
2011-07-21 21:28 . 2011-07-21 21:28 -------- d-----w- C:\ATI
2011-07-21 21:22 . 2011-07-21 21:22 -------- d-----w- c:\windows\ufa
2011-07-21 21:22 . 2011-07-21 21:22 -------- d-----w- c:\windows\rpcminer
2011-07-21 21:22 . 2011-07-21 21:22 -------- d-----w- c:\windows\phoenix
2011-07-21 21:22 . 2011-07-21 21:22 246272 ----a-w- c:\windows\unrar.exe
2011-07-21 21:21 . 2011-07-21 21:21 -------- d-----w- c:\windows\av_ico
2011-06-26 21:59 . 2011-06-26 21:59 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-06-26 21:59 . 2011-06-26 21:59 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-26 16:56 . 2011-05-26 16:56 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-24 21:44 . 2011-05-24 21:44 59904 ----a-w- c:\windows\system32\OVDecode.dll
2011-05-24 21:44 . 2011-05-24 21:44 51712 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-24 21:43 . 2011-05-24 21:43 12798976 ----a-w- c:\windows\system32\amdocl.dll
2011-06-26 21:59 . 2011-05-01 10:25 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-21_23.05.36 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-03-01 20:53 . 2011-07-22 08:34 45280 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:55 . 2011-07-22 10:18 42192 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-03-01 19:43 . 2011-07-22 10:18 10890 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3561380983-3727810049-282351297-1000_UserData.bin
+ 2010-03-01 20:54 . 2011-07-22 10:18 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-03-01 20:54 . 2011-07-21 23:07 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-03-01 20:54 . 2011-07-21 23:07 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-03-01 20:54 . 2011-07-22 10:18 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-03-01 20:54 . 2011-07-21 23:07 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-03-01 20:54 . 2011-07-22 10:18 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-03-01 20:01 . 2011-07-21 23:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-03-01 20:01 . 2011-07-22 10:18 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-03-01 20:01 . 2011-07-22 10:18 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-03-01 20:01 . 2011-07-21 23:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-07-21 22:43 . 2011-07-21 23:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-07-22 08:32 . 2011-07-22 10:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-07-21 22:43 . 2011-07-21 23:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-07-22 08:32 . 2011-07-22 10:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 02:05 . 2011-07-22 09:44 625020 c:\windows\System32\perfh009.dat
- 2009-07-14 02:05 . 2011-07-21 22:50 625020 c:\windows\System32\perfh009.dat
+ 2009-07-14 08:44 . 2011-07-22 09:44 640490 c:\windows\System32\perfh005.dat
- 2009-07-14 08:44 . 2011-07-21 22:50 640490 c:\windows\System32\perfh005.dat
- 2009-07-14 02:05 . 2011-07-21 22:50 111252 c:\windows\System32\perfc009.dat
+ 2009-07-14 02:05 . 2011-07-22 09:44 111252 c:\windows\System32\perfc009.dat
- 2009-07-14 08:44 . 2011-07-21 22:50 126494 c:\windows\System32\perfc005.dat
+ 2009-07-14 08:44 . 2011-07-22 09:44 126494 c:\windows\System32\perfc005.dat
- 2009-07-14 04:47 . 2011-07-21 22:13 405712 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 04:47 . 2011-07-21 23:45 405712 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-07-21 21:43 . 2011-07-21 23:45 405712 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3561380983-3727810049-282351297-1000-12288.dat
- 2011-07-21 21:43 . 2011-07-21 22:13 405712 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3561380983-3727810049-282351297-1000-12288.dat
+ 2010-03-02 10:07 . 2011-07-21 23:45 1018376 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2010-03-02 10:07 . 2011-07-21 22:13 1018376 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-09-27 328056]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-29 1545512]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-07-27 288312]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2009-10-23 563736]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11\WLTRAY.exe" [2010-03-02 4367360]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-02-15 141608]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 336384]
.
c:\users\Alexandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-30 795936]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [x]
R3 wxpSvc;webcamXP Service;c:\program files\wLite\wService.exe [2010-04-14 4937216]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-08 691696]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-29 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-05-24 294400]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2009-10-23 635416]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-03-30 100880]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
S3 yukonw7;Ovladač NDIS6.2 Miniport pro řadič Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-13 c:\windows\Tasks\HPCeeScheduleForAlexandr.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2010-03-02 13:38]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.babylon.com/home?AF=15627
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Alexandr\AppData\Roaming\Mozilla\Firefox\Profiles\dt0fyd16.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=15627
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=adbartrp&AF=15627&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-DataMngr - c:\progra~1\IMESHA~1\MediaBar\DataMngr\DataMngrUI.exe
AddRemove-iMesh - c:\program files\iMesh Applications\iMesh\UninstallSurvey.exe
AddRemove-iMesh MediaBar - c:\program files\iMesh Applications\MediaBar\UnwiseLauncher.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wxpSvc]
"ImagePath"="c:\program files\wLite\wService.exe /startedbyscm:5053B757-40E35B3B-webcamSRV"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(1812)
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Broadcom\Broadcom 802.11\bcmwltry.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\AEADISRV.EXE
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2011-07-22 12:19:45 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-22 10:19
ComboFix2.txt 2011-07-22 09:43
ComboFix3.txt 2011-07-21 23:09
.
Před spuštěním: 4 527 607 808
Po spuštění: 4 462 206 976
.
- - End Of File - - A84C1D76379C7AD1BC1352F43491A57E

#12 Příspěvek od **stell** » 22 črc 2011 11:31

ok, vyzera to dobre.
Odinstaluj combofix, premenuj ikonu combofixu na uninstall
a spust
a napis ako sa chova pc.

sAshevA · #13 Příspěvek od **sAshevA** » 22 črc 2011 11:33

combofix byl odinstalován.

sAshevA · #14 Příspěvek od **sAshevA** » 22 črc 2011 11:36

nic zvláštního se nestalo, takže je to ukončené?.. a virus už neni v pc ?..

#15 Příspěvek od **stell** » 22 črc 2011 11:40

Ja a combofix nevidi nic,

mozes preskanovat este programom AVPTOOL
http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

VIRY.CZ

FB vir prosim o pomoc (RSIT LOG)

FB vir prosim o pomoc (RSIT LOG)

Re: FB vir prosim o pomoc (RSIT LOG)

Re: FB vir prosim o pomoc (RSIT LOG)

Re: FB vir prosim o pomoc (RSIT LOG)

Re: FB vir prosim o pomoc (RSIT LOG)

Re: FB vir prosim o pomoc (RSIT LOG)

Re: FB vir prosim o pomoc (RSIT LOG)

Re: FB vir prosim o pomoc (RSIT LOG)

Re: FB vir prosim o pomoc (RSIT LOG)

Re: FB vir prosim o pomoc (RSIT LOG)

Re: FB vir prosim o pomoc (RSIT LOG)

Re: FB vir prosim o pomoc (RSIT LOG)

Re: FB vir prosim o pomoc (RSIT LOG)

Re: FB vir prosim o pomoc (RSIT LOG)

Re: FB vir prosim o pomoc (RSIT LOG)