log z NT
Logfile of random's system information tool 1.09 (written by random/random)
Run by J3ck3sss at 2011-10-28 22:09:06
Microsoft Windows 7 Ultimate
System drive C: has 155 GB (26%) free of 598 GB
Total RAM: 3959 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:09:13, on 28. 10. 2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16869)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
C:\Windows\update.tray-8-0\svchost.exe
C:\Windows\sysdriver32_.exe
C:\Windows\update.tray-12-0\svchost.exe
C:\Windows\update.tray-15-0\svchost.exe
C:\Users\J3ck3sss\Desktop\Programs\Skype.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 5\Asc.exe
C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J3ck3sss\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\J3ck3sss\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\trend micro\J3ck3sss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss ... ffID=17981
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss ... ffID=17981
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll
R3 - URLSearchHook: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.7\iobitToolbarIE.dll
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.7\iobitToolbarIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\ToolBar\searchqudtx.dll
O2 - BHO: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O2 - BHO: UrlHelper Class - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\ToolBar\searchqudtx.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.7\iobitToolbarIE.dll
O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [tray_ico2] C:\Windows\update.tray-8-0\svchost.exe
O4 - HKLM\..\Run: [2334188.exe] "C:\Windows\Temp\2334188.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\Windows\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\Windows\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [2129169.exe] "C:\Users\J3ck3sss\AppData\Local\Temp\2129169.exe"
O4 - HKLM\..\Run: [4837713.exe] "C:\Windows\Temp\4837713.exe"
O4 - HKLM\..\Run: [wxpdrv] C:\Windows\services32.exe
O4 - HKLM\..\Run: [tray_ico0] C:\Windows\update.tray-12-0\svchost.exe
O4 - HKLM\..\Run: [tray_ico1] C:\Windows\update.tray-15-0\svchost.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files (x86)\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - (no file)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O20 - AppInit_DLLs: C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Unknown owner - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (file missing)
O23 - Service: Avira Realtime Protection (AntiVirService) - Unknown owner - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (file missing)
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: AtherosSvc - Unknown owner - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: AVG WatchDog (avgwd) - Unknown owner - (no file)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: srviecheck - Unknown owner - C:\Windows\update.2\svchost.exe
O23 - Service: srvsysdriver32 - Unknown owner - C:\Windows\sysdriver32.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Mobile Broadband Core Service (WMCoreService) - Unknown owner - C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: wxpdrivers - Cronosoft - C:\Windows\update.1\svchost.exe
--
End of file - 14254 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\system32\WLANExt.exe 23649264
\??\C:\Windows\system32\conhost.exe "-6823247671495141026-1905454088859916913-2090741586-749239321-326716806-1792071226
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\update.2\svchost.exe srv
"taskhost.exe"
taskeng.exe {5573B37E-A545-4331-A905-9E155DEB7230}
"C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe" /STARTUP
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe" servicemode
C:\Windows\update.1\svchost.exe srv
"C:\Windows\update.2\svchost.exe" stand
WLIDSvcM.exe 1076
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files\Zune\ZuneLauncher.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
"C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe"
"C:\Windows\update.tray-8-0\svchost.exe"
"C:\Windows\sysdriver32_.exe" rezerv
"C:\Windows\update.tray-12-0\svchost.exe"
"C:\Windows\update.tray-15-0\svchost.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\update.2\svchost.exe" spamer
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\update.2\svchost.exe" spamer
"C:\Users\J3ck3sss\Desktop\Programs\Skype.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Windows\update.2\svchost.exe" spamer
"C:\Program Files (x86)\IObit\Advanced SystemCare 5\Asc.exe"
"C:\Windows\update.2\svchost.exe" spamer
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe" -- "http://www.viry.cz/forum/viewtopic.php?f=13&t=105895"
"C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=sk --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/warmest_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=4416.010E3160.2081152182 --ignored=" --type=renderer " /prefetch:3
"C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=sk --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/warmest_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=4416.010E3840.1401099343 --ignored=" --type=renderer " /prefetch:3
"C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/warmest_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=4416.06EE4B00.1023988725 /prefetch:3
"C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/warmest_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=4416.06F472C0.1781190156 /prefetch:3
"C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\J3ck3sss\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll" --lang=sk --channel=4416.0952AE00.50105264 /prefetch:4
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
wmiadap.exe /F /T /R
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/warmest_socket/ --disable-client-side-phishing-detection --enable-print-preview --channel=4416.094D42C0.247986777 /prefetch:3
C:\Users\J3ck3sss\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
"C:\Users\J3ck3sss\AppData\Local\Google\Update\GoogleUpdate.exe" -Embedding
"C:\Users\J3ck3sss\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\FirewallControlPanel.dll,ShowNotificationDialog /configure /ETOnly 0 /OnProfiles 6 /OtherAllowed 0 /OtherBlocked 0 /OtherEdgeAllowed 0 /NewBlocked 2 "C:\windows\sysdriver32_.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3427954366-3406222959-2106377572-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3427954366-3406222959-2106377572-1000UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}]
UrlHelper Class - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll [2011-03-24 1058712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
IObit Toolbar - C:\Program Files (x86)\IObit Toolbar\IE\4.7\iobitToolbarIE.dll [2011-09-27 1050464]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
CescrtHlpr Object - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll [2010-11-07 225720]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
BitTorrentBar Toolbar - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]
Searchqu Toolbar - C:\PROGRA~2\WI3C8A~1\ToolBar\searchqudtx.dll [2011-03-02 88976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}]
UrlHelper Class - C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll [2011-03-24 722840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-02-01 1487240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]
YouTube Downloader Toolbar - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll [2011-09-27 1050464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2011-01-20 1581376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-02-01 1487240]
{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - BitTorrentBar Toolbar - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll [2010-12-09 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480]
{99079a25-328f-4bd4-be04-00955acaa0a7} - Searchqu Toolbar - C:\PROGRA~2\WI3C8A~1\ToolBar\searchqudtx.dll [2011-03-02 88976]
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll [2010-11-07 184760]
{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - IObit Toolbar - C:\Program Files (x86)\IObit Toolbar\IE\4.7\iobitToolbarIE.dll [2011-09-27 1050464]
{F3FEE66E-E034-436a-86E4-9690573BEE8A} - YouTube Downloader Toolbar - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll [2011-09-27 1050464]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-01-13 635784]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-10-19 2185032]
"Zune Launcher"=c:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 5"=C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe [2011-09-09 607576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\9178288.exe]
c:\windows\temp\9178288.exe [2011-10-28 1944576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePower Management]
c:\program files\acer\acer epower management\epowertray.exe [2010-01-18 832544]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe [2011-06-06 937920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
c:\program files (x86)\bluetooth suite\btvstack.exe [2009-12-30 393256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BabylonToolbar]
c:\program files (x86)\babylontoolbar\babylontoolbar\1.4.19.19\babylontoolbarsrv.exe [2010-11-07 286720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
c:\program files (x86)\bittorrent\bittorrent.exe [2011-01-28 4771184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cacaoweb]
c:\users\j3ck3sss\appdata\roaming\cacaoweb\cacaoweb.exe [2011-10-09 398576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
c:\program files (x86)\canon\solutionmenu\cnslmain.exe [2009-09-04 767312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
c:\program files (x86)\daemon tools lite\dtlite.exe [2011-01-20 1305408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivX Download Manager]
c:\program files (x86)\divx\divx plus web player\ddmservice.exe [2011-02-08 63360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
c:\program files (x86)\divx\divx update\divxupdate.exe [2011-07-29 1259376]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Driver Updater]
c:\program files (x86)\carambis\driver updater\dupdater.exe [2010-11-25 4793856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
c:\users\j3ck3sss\appdata\local\google\update\googleupdate.exe [2010-12-14 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
c:\program files (x86)\intel\intel(r) rapid storage technology\iastoricon.exe [2009-12-23 284696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
c:\program files (x86)\samsung\kies\kieshelper.exe [2011-03-17 896912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
c:\program files (x86)\samsung\kies\external\firmwareupdate\kiespdlr.exe [2011-03-17 19872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
c:\program files (x86)\samsung\kies\kiestrayagent.exe [2011-03-17 3373456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
c:\program files (x86)\launch manager\lmanager.exe [2010-01-22 1287760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
c:\program files (x86)\common files\spigot\search settings\searchsettings.exe [2011-09-27 894304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
c:\program files\windows sidebar\sidebar.exe [2009-07-14 1475072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\synaptics\syntp\syntpenh.exe [2009-12-10 1890088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wxpdrv]
c:\windows\services32.exe [2011-10-28 1201152]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG10\avgtray.exe []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-10 98304]
"IJNetworkScanUtility"=C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2009-05-19 136544]
"DATAMNGR"=C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE [2011-03-24 1115536]
""= []
"tray_ico"= []
"tray_ico2"=C:\Windows\update.tray-8-0\svchost.exe [2011-10-28 1201152]
"tray_ico3"= []
"tray_ico4"= []
"2334188.exe"=C:\Windows\Temp\2334188.exe [2011-10-28 258048]
"sysdriver32.exe"=C:\Windows\sysdriver32.exe rezerv []
"sysdriver32_.exe"=C:\Windows\sysdriver32_.exe [2011-10-28 258048]
"2129169.exe"=C:\Users\J3ck3sss\AppData\Local\Temp\2129169.exe [2011-10-28 258048]
"4837713.exe"=C:\Windows\Temp\4837713.exe [2011-10-28 258048]
"wxpdrv"=C:\Windows\services32.exe [2011-10-28 1201152]
"tray_ico0"=C:\Windows\update.tray-12-0\svchost.exe [2011-10-28 1201152]
"tray_ico1"=C:\Windows\update.tray-15-0\svchost.exe [2011-10-28 1201152]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2011-10-28 22:09:06 ----D---- C:\rsit
2011-10-28 22:09:06 ----D---- C:\Program Files\trend micro
2011-10-28 22:01:37 ----HD---- C:\Windows\update.tray-8-0-lnk
2011-10-28 22:01:37 ----HD---- C:\Windows\update.tray-8-0
2011-10-28 21:59:24 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2011-10-28 21:59:24 ----A---- C:\Windows\system32\drivers\avipbb.sys
2011-10-28 21:59:24 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2011-10-28 21:52:36 ----N---- C:\bootsqm.dat
2011-10-28 20:30:45 ----HD---- C:\Windows\update.tray-15-0-lnk
2011-10-28 20:30:45 ----HD---- C:\Windows\update.tray-15-0
2011-10-28 20:19:46 ----A---- C:\Windows\unrar.exe
2011-10-28 20:17:50 ----A---- C:\Windows\iecheck_iplist.txt
2011-10-28 20:17:24 ----HD---- C:\Windows\update.2
2011-10-28 20:16:50 ----A---- C:\Windows\iplist.txt
2011-10-28 20:16:14 ----A---- C:\Windows\sysdriver32_.exe
2011-10-28 20:16:12 ----D---- C:\Windows\av_ico
2011-10-28 20:15:43 ----A---- C:\Windows\front_ip_list.txt
2011-10-28 20:14:07 ----HD---- C:\Windows\update.1
2011-10-28 20:13:58 ----HD---- C:\Windows\update.tray-12-0-lnk
2011-10-28 20:13:58 ----HD---- C:\Windows\update.tray-12-0
2011-10-28 20:02:19 ----A---- C:\Windows\winlog-ids.txt
2011-10-28 20:02:19 ----A---- C:\Windows\winlog-dirs.txt
2011-10-28 20:02:13 ----A---- C:\Windows\services32.exe
2011-10-23 20:26:58 ----D---- C:\Program Files (x86)\EAGLE-5.4.0
2011-10-23 20:26:41 ----D---- C:\Users\J3ck3sss\AppData\Roaming\CadSoft
2011-10-21 21:56:21 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2011-10-21 21:55:42 ----D---- C:\Program Files (x86)\Microsoft Expression
2011-10-21 21:55:38 ----D---- C:\Program Files (x86)\WPF Toolkit
2011-10-21 21:51:04 ----D---- C:\Program Files (x86)\Microsoft XNA
2011-10-21 21:40:38 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2011-10-21 21:39:55 ----D---- C:\Program Files (x86)\Microsoft XDE
2011-10-21 21:38:35 ----D---- C:\Windows\symbols
2011-10-21 21:38:34 ----D---- C:\Program Files\Microsoft Visual Studio 10.0
2011-10-21 21:38:33 ----D---- C:\Program Files\Microsoft Help Viewer
2011-10-21 21:38:33 ----D---- C:\Program Files (x86)\Microsoft SDKs
2011-10-16 15:23:06 ----D---- C:\Program Files (x86)\Phone7Market
2011-10-16 11:49:59 ----D---- C:\Windows\system32\ms-MY
2011-10-14 23:27:00 ----D---- C:\Program Files (x86)\YouTube Downloader Toolbar
2011-10-14 22:55:51 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2011-10-14 22:54:44 ----A---- C:\Windows\system32\RegistryDefragBootTime.exe
2011-10-12 21:03:03 ----A---- C:\Windows\system32\win32k.sys
2011-10-12 21:02:49 ----A---- C:\Windows\system32\ieframe.dll
2011-10-12 21:02:45 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-10-12 21:02:43 ----A---- C:\Windows\system32\mshtml.dll
2011-10-12 21:02:42 ----A---- C:\Windows\system32\urlmon.dll
2011-10-12 21:02:39 ----A---- C:\Windows\system32\wininet.dll
2011-10-12 21:02:38 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-10-12 21:02:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-10-12 21:02:36 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-10-12 21:02:32 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-10-12 21:02:32 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-10-12 21:02:32 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-10-12 21:02:32 ----A---- C:\Windows\system32\mstime.dll
2011-10-12 21:02:32 ----A---- C:\Windows\system32\msfeeds.dll
2011-10-12 21:02:32 ----A---- C:\Windows\system32\ieui.dll
2011-10-12 21:02:32 ----A---- C:\Windows\system32\iedkcs32.dll
2011-10-12 21:02:31 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-10-12 21:02:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-10-12 21:02:31 ----A---- C:\Windows\system32\iertutil.dll
2011-10-12 21:02:31 ----A---- C:\Windows\system32\iepeers.dll
2011-10-12 21:02:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-10-12 21:02:30 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-10-12 21:02:30 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-10-12 21:02:30 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-12 21:02:30 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-10-12 21:02:23 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-10-12 21:02:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-10-12 21:02:23 ----A---- C:\Windows\system32\url.dll
2011-10-12 21:02:23 ----A---- C:\Windows\system32\licmgr10.dll
2011-10-12 21:02:23 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-12 21:02:22 ----A---- C:\Windows\SYSWOW64\url.dll
2011-10-12 21:02:22 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-10-12 21:02:22 ----A---- C:\Windows\system32\msfeedssync.exe
2011-10-12 20:54:22 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-12 20:54:21 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-10-12 20:54:12 ----A---- C:\Windows\system32\oleacc.dll
2011-10-12 20:54:11 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-10-12 20:54:11 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-12 20:54:10 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2011-10-11 17:44:11 ----D---- C:\Program Files (x86)\Counter-Strike Source
2011-10-09 19:27:35 ----D---- C:\Program Files (x86)\IObit Toolbar
======List of files/folders modified in the last 1 month======
2011-10-28 22:09:12 ----D---- C:\Windows\Temp
2011-10-28 22:09:06 ----RD---- C:\Program Files
2011-10-28 22:08:33 ----D---- C:\Users\J3ck3sss\AppData\Roaming\Skype
2011-10-28 22:03:02 ----A---- C:\Windows\SYSWOW64\log.txt
2011-10-28 22:01:43 ----HD---- C:\ProgramData
2011-10-28 22:01:42 ----RD---- C:\Program Files (x86)
2011-10-28 22:01:37 ----D---- C:\Windows
2011-10-28 21:59:41 ----D---- C:\Windows\system32\catroot
2011-10-28 21:59:38 ----D---- C:\Windows\system32\DriverStore
2011-10-28 21:59:38 ----D---- C:\Windows\inf
2011-10-28 21:59:24 ----D---- C:\Windows\system32\drivers
2011-10-28 21:36:32 ----D---- C:\Users\J3ck3sss\AppData\Roaming\BitTorrent
2011-10-28 21:15:05 ----D---- C:\Windows\system32\config
2011-10-28 20:49:24 ----D---- C:\ProgramData\boost_interprocess
2011-10-28 20:17:51 ----D---- C:\Windows\system32\drivers\etc
2011-10-28 20:02:18 ----D---- C:\Windows\Prefetch
2011-10-28 19:20:30 ----D---- C:\Windows\SysWOW64
2011-10-28 16:58:23 ----D---- C:\Users\J3ck3sss\AppData\Roaming\vlc
2011-10-28 12:38:51 ----D---- C:\Users\J3ck3sss\AppData\Roaming\cacaoweb
2011-10-28 11:32:49 ----D---- C:\Windows\system32\drivers\AVG
2011-10-27 19:47:56 ----SHD---- C:\Windows\Installer
2011-10-27 19:47:52 ----SHD---- C:\Config.Msi
2011-10-27 19:43:07 ----D---- C:\Windows\winsxs
2011-10-27 19:42:57 ----D---- C:\Program Files (x86)\Internet Explorer
2011-10-27 19:42:56 ----D---- C:\Program Files\Internet Explorer
2011-10-27 19:42:45 ----SHD---- C:\System Volume Information
2011-10-26 18:49:39 ----D---- C:\Windows\system32\catroot2
2011-10-24 20:54:03 ----D---- C:\Windows\System32
2011-10-24 20:54:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-10-23 14:53:22 ----D---- C:\Windows\Tasks
2011-10-23 14:53:22 ----D---- C:\Windows\system32\Tasks
2011-10-23 14:52:51 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-10-21 22:06:09 ----D---- C:\Windows\Microsoft.NET
2011-10-21 22:06:08 ----RSD---- C:\Windows\assembly
2011-10-21 21:55:46 ----RSD---- C:\Windows\Fonts
2011-10-21 21:55:42 ----SD---- C:\ProgramData\Microsoft
2011-10-21 21:51:09 ----D---- C:\Windows\Logs
2011-10-21 21:49:51 ----SD---- C:\Users\J3ck3sss\AppData\Roaming\Microsoft
2011-10-21 21:49:09 ----D---- C:\Program Files (x86)\MSBuild
2011-10-21 21:38:35 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-10-21 20:26:17 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-10-21 20:22:40 ----D---- C:\Windows\SYSWOW64\en-US
2011-10-21 20:22:40 ----D---- C:\Windows\system32\en-US
2011-10-16 11:50:15 ----D---- C:\Windows\system32\pt-PT
2011-10-16 11:50:15 ----D---- C:\Windows\system32\nl-NL
2011-10-16 11:50:15 ----D---- C:\Windows\system32\drivers\UMDF
2011-10-16 11:50:15 ----D---- C:\Windows\system32\da-DK
2011-10-16 11:50:14 ----D---- C:\Windows\system32\ru-RU
2011-10-16 11:50:14 ----D---- C:\Windows\system32\pl-PL
2011-10-16 11:50:14 ----D---- C:\Windows\system32\ko-KR
2011-10-16 11:50:13 ----D---- C:\Windows\system32\zh-TW
2011-10-16 11:50:13 ----D---- C:\Windows\system32\sv-SE
2011-10-16 11:50:13 ----D---- C:\Windows\system32\nb-NO
2011-10-16 11:50:13 ----D---- C:\Windows\system32\ja-JP
2011-10-16 11:50:13 ----D---- C:\Windows\system32\it-IT
2011-10-16 11:50:13 ----D---- C:\Windows\system32\hu-HU
2011-10-16 11:50:13 ----D---- C:\Windows\system32\fr-FR
2011-10-16 11:50:13 ----D---- C:\Windows\system32\fi-FI
2011-10-16 11:50:13 ----D---- C:\Windows\system32\el-GR
2011-10-16 11:50:12 ----D---- C:\Windows\system32\zh-CN
2011-10-16 11:50:12 ----D---- C:\Windows\system32\pt-BR
2011-10-16 11:50:12 ----D---- C:\Windows\system32\es-ES
2011-10-16 11:50:12 ----D---- C:\Windows\system32\de-DE
2011-10-16 11:50:12 ----D---- C:\Windows\system32\cs-CZ
2011-10-16 11:46:47 ----D---- C:\Program Files\Zune
2011-10-16 11:42:07 ----D---- C:\ProgramData\YouTube Downloader
2011-10-16 11:42:04 ----D---- C:\Program Files (x86)\YouTube Downloader
2011-10-15 18:48:11 ----D---- C:\Users\J3ck3sss\AppData\Roaming\DivX
2011-10-15 12:54:53 ----D---- C:\ProgramData\CanonIJPLM
2011-10-15 12:54:53 ----D---- C:\ProgramData\CanonIJ
2011-10-15 12:05:25 ----D---- C:\ProgramData\Skype
2011-10-15 12:05:23 ----D---- C:\Program Files (x86)\Common Files
2011-10-14 22:57:29 ----D---- C:\Windows\SYSWOW64\drivers
2011-10-14 22:54:48 ----D---- C:\Windows\debug
2011-10-14 22:14:53 ----D---- C:\ProgramData\IObit
2011-10-14 22:14:38 ----D---- C:\Users\J3ck3sss\AppData\Roaming\IObit
2011-10-14 22:14:34 ----D---- C:\Program Files (x86)\IObit
2011-10-14 22:13:11 ----D---- C:\ProgramData\DivX
2011-10-14 22:13:11 ----D---- C:\Program Files (x86)\DivX
2011-10-14 22:12:39 ----D---- C:\Program Files\DivX
2011-10-13 07:51:19 ----D---- C:\Windows\SYSWOW64\migration
2011-10-13 07:51:18 ----D---- C:\Windows\system32\migration
2011-10-13 07:44:28 ----A---- C:\Windows\system32\MRT.exe
2011-10-13 07:41:01 ----D---- C:\ProgramData\Microsoft Help
2011-10-13 07:32:49 ----D---- C:\Windows\ehome
2011-10-11 14:41:31 ----D---- C:\Program Files (x86)\Valve
2011-10-10 17:34:21 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-10-09 19:27:35 ----D---- C:\Program Files (x86)\Application Updater
2011-10-05 17:47:17 ----D---- C:\Program Files (x86)\Warcraft III
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 26704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2011-03-16 37456]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 538136]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-21 834544]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2011-01-07 304720]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-03-01 41552]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2011-04-05 377936]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-09-18 130760]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-09-15 27760]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-13 254528]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2011-07-19 295272]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-09-15 97312]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-10 6179328]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-05-27 118864]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 29264]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-12-14 2978296]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2009-12-30 31784]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 k57nd;Broadcom NetLink Gigabit Ethernet; C:\Windows\system32\DRIVERS\k57amd64.sys [2010-03-21 334376]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2010-12-21 36328]
S3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys []
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2009-12-30 38440]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2009-12-30 336424]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2009-12-30 246824]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2009-12-30 133672]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552448]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-02-03 135560]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2011-01-29 11776]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 255552]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-12-11 232992]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-01-03 157160]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-01-03 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-01-03 177128]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-01-03 145384]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2011-09-09 478040]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-10 202752]
R2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2011-09-27 745880]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2009-12-30 23592]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-01-22 310352]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-01-18 842784]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-23 13336]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-20 820568]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-12-09 268824]
R2 srviecheck;srviecheck; C:\Windows\update.2\svchost.exe [2011-10-28 1944576]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-09 2320920]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R2 WMCoreService;Mobile Broadband Core Service; C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe [2009-12-01 448512]
S2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe []
S2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 srvsysdriver32;srvsysdriver32; C:\Windows\sysdriver32.exe srv []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-14 1255736]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Facebook virus pls help - ntb
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Facebook virus pls help - ntb
Naposledy upravil(a) vyosek dne 29 říj 2011 06:53, celkem upraveno 1 x.
Důvod: pridana poznamka "ntb" do predmetu
Důvod: pridana poznamka "ntb" do predmetu
Re: Facebook virus pls help - ntb
Zdravim a pekny den preji 
log z ntb jsem vam dal do noveho tematu at se nam to neplete
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
log z ntb jsem vam dal do noveho tematu at se nam to neplete Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
- Ukoncete vsechny programy
- Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
- Zvolte moznost 2 a potvrte enterem
- Utilita provede svou cinnost a da log - ten sem vlozte
- Nyni znovu, ale zvolte moznost 3 a pote jeste 4 - logy opet vlozte
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Facebook virus pls help - ntb
Roguekiller moznost 2
RogueKiller V6.1.4 [10/22/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: J3ck3sss [Admin rights]
Mode: Remove -- Date : 10/29/2011 10:38:35
Bad processes: 15
[HJ NAME] svchost.exe -- c:\windows\update.2\svchost.exe -> KILLED [TermProc]
[HJ NAME] svchost.exe -- c:\windows\update.1\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- c:\windows\update.2\svchost.exe -> KILLED [TermProc]
[SUSP PATH] cacaoweb.exe -- c:\users\j3ck3sss\appdata\roaming\cacaoweb\cacaoweb.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- c:\windows\update.tray-8-0\svchost.exe -> KILLED [TermProc]
[SUSP PATH] sysdriver32_.exe -- c:\windows\sysdriver32_.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- c:\windows\update.tray-12-0\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- c:\windows\update.tray-15-0\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- c:\windows\update.2\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- c:\windows\update.2\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- c:\windows\update.2\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- c:\windows\update.2\svchost.exe -> KILLED [TermProc]
[SERVICE] srviecheck -- C:\Windows\update.2\svchost.exe srv -> STOPPED
[SERVICE] srvsysdriver32 -- C:\Windows\sysdriver32.exe srv -> STOPPED
[SERVICE] wxpdrivers -- C:\Windows\update.1\svchost.exe srv -> STOPPED
Registry Entries: 10
[SUSP PATH] HKCU\[...]\Run : cacaoweb ("C:\Users\J3ck3sss\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer) -> DELETED
[BLACKLIST] HKLM\[...]\services : srviecheck (C:\Windows\update.2\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srvsysdriver32 (C:\Windows\sysdriver32.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : wxpdrivers (C:\Windows\update.1\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srviecheck (C:\Windows\update.2\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srvsysdriver32 (C:\Windows\sysdriver32.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : wxpdrivers (C:\Windows\update.1\svchost.exe srv) -> DELETED
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED ()
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED ()
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED ()
Particular Files / Folders:
Driver: [NOT LOADED]
HOSTS File:
127.0.0.1 localhost
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 af-za.facebook.com
127.0.0.1 az-az.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 bs-ba.facebook.com
127.0.0.1 ca-es.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 cy-gb.facebook.com
127.0.0.1 da-dk.facebook.com
127.0.0.1 de-de.facebook.com
127.0.0.1 et-ee.facebook.com
127.0.0.1 en-gb.facebook.com
127.0.0.1 es-la.facebook.com
127.0.0.1 eo-eo.facebook.com
127.0.0.1 eu-es.facebook.com
127.0.0.1 tl-ph.facebook.com
127.0.0.1 fo-fo.facebook.com
[...]
Finished : << RKreport[1].txt >>
RKreport[1].txt
RogueKiller V6.1.4 [10/22/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: J3ck3sss [Admin rights]
Mode: Remove -- Date : 10/29/2011 10:38:35
Bad processes: 15
[HJ NAME] svchost.exe -- c:\windows\update.2\svchost.exe -> KILLED [TermProc]
[HJ NAME] svchost.exe -- c:\windows\update.1\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- c:\windows\update.2\svchost.exe -> KILLED [TermProc]
[SUSP PATH] cacaoweb.exe -- c:\users\j3ck3sss\appdata\roaming\cacaoweb\cacaoweb.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- c:\windows\update.tray-8-0\svchost.exe -> KILLED [TermProc]
[SUSP PATH] sysdriver32_.exe -- c:\windows\sysdriver32_.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- c:\windows\update.tray-12-0\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- c:\windows\update.tray-15-0\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- c:\windows\update.2\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- c:\windows\update.2\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- c:\windows\update.2\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- c:\windows\update.2\svchost.exe -> KILLED [TermProc]
[SERVICE] srviecheck -- C:\Windows\update.2\svchost.exe srv -> STOPPED
[SERVICE] srvsysdriver32 -- C:\Windows\sysdriver32.exe srv -> STOPPED
[SERVICE] wxpdrivers -- C:\Windows\update.1\svchost.exe srv -> STOPPED
Registry Entries: 10
[SUSP PATH] HKCU\[...]\Run : cacaoweb ("C:\Users\J3ck3sss\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer) -> DELETED
[BLACKLIST] HKLM\[...]\services : srviecheck (C:\Windows\update.2\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srvsysdriver32 (C:\Windows\sysdriver32.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : wxpdrivers (C:\Windows\update.1\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srviecheck (C:\Windows\update.2\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srvsysdriver32 (C:\Windows\sysdriver32.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : wxpdrivers (C:\Windows\update.1\svchost.exe srv) -> DELETED
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED ()
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED ()
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED ()
Particular Files / Folders:
Driver: [NOT LOADED]
HOSTS File:
127.0.0.1 localhost
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 af-za.facebook.com
127.0.0.1 az-az.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 bs-ba.facebook.com
127.0.0.1 ca-es.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 cy-gb.facebook.com
127.0.0.1 da-dk.facebook.com
127.0.0.1 de-de.facebook.com
127.0.0.1 et-ee.facebook.com
127.0.0.1 en-gb.facebook.com
127.0.0.1 es-la.facebook.com
127.0.0.1 eo-eo.facebook.com
127.0.0.1 eu-es.facebook.com
127.0.0.1 tl-ph.facebook.com
127.0.0.1 fo-fo.facebook.com
[...]
Finished : << RKreport[1].txt >>
RKreport[1].txt
Re: Facebook virus pls help - ntb
roguekiller mosznost 3
RogueKiller V6.1.4 [10/22/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: J3ck3sss [Admin rights]
Mode: HOSTSFix -- Date : 10/29/2011 10:43:01
Bad processes: 0
Driver: [NOT LOADED]
HOSTS File:
127.0.0.1 localhost
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 af-za.facebook.com
127.0.0.1 az-az.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 bs-ba.facebook.com
127.0.0.1 ca-es.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 cy-gb.facebook.com
127.0.0.1 da-dk.facebook.com
127.0.0.1 de-de.facebook.com
127.0.0.1 et-ee.facebook.com
127.0.0.1 en-gb.facebook.com
127.0.0.1 es-la.facebook.com
127.0.0.1 eo-eo.facebook.com
127.0.0.1 eu-es.facebook.com
127.0.0.1 tl-ph.facebook.com
127.0.0.1 fo-fo.facebook.com
[...]
Resetted HOSTS:
127.0.0.1 localhost
Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
RogueKiller V6.1.4 [10/22/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: J3ck3sss [Admin rights]
Mode: HOSTSFix -- Date : 10/29/2011 10:43:01
Bad processes: 0
Driver: [NOT LOADED]
HOSTS File:
127.0.0.1 localhost
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 af-za.facebook.com
127.0.0.1 az-az.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 bs-ba.facebook.com
127.0.0.1 ca-es.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 cy-gb.facebook.com
127.0.0.1 da-dk.facebook.com
127.0.0.1 de-de.facebook.com
127.0.0.1 et-ee.facebook.com
127.0.0.1 en-gb.facebook.com
127.0.0.1 es-la.facebook.com
127.0.0.1 eo-eo.facebook.com
127.0.0.1 eu-es.facebook.com
127.0.0.1 tl-ph.facebook.com
127.0.0.1 fo-fo.facebook.com
[...]
Resetted HOSTS:
127.0.0.1 localhost
Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
Re: Facebook virus pls help - ntb
roguekiller moznost 4
RogueKiller V6.1.4 [10/22/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: J3ck3sss [Admin rights]
Mode: ProxyFix -- Date : 10/29/2011 10:44:09
Bad processes: 0
Driver: [NOT LOADED]
Registry Entries: 0
Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
RogueKiller V6.1.4 [10/22/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: J3ck3sss [Admin rights]
Mode: ProxyFix -- Date : 10/29/2011 10:44:09
Bad processes: 0
Driver: [NOT LOADED]
Registry Entries: 0
Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
Re: Facebook virus pls help - ntb
Super, vzhuru do ComboFixu
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Facebook virus pls help - ntb
Combo
ComboFix 11-10-29.03 - J3ck3sss . 10. 2011 10:51:41.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1051.18.3959.2730 [GMT 2:00]
Running from: c:\users\J3ck3sss\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\CleanupFiles.exe
c:\users\J3ck3sss\AppData\Local\Temp\e3c74ee6-7482-4280-b9c3-f233b390296e\CliSecureRT.dll
c:\users\J3ck3sss\AppData\Roaming\cacaoweb
c:\users\J3ck3sss\AppData\Roaming\cacaoweb\cacaoweb.exe
c:\users\J3ck3sss\AppData\Roaming\cacaoweb\npdfile.dat
c:\users\J3ck3sss\AppData\Roaming\cacaoweb\storage.db
c:\windows\front_ip_list.txt
c:\windows\geoiplist
c:\windows\geoiplist.rar
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\loader2.exe_ok
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\proc_list1.log
c:\windows\services32.exe
c:\windows\sysdriver32_.exe
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\SysWow64\muzapp.exe
c:\windows\Temp\2334188.exe
c:\windows\Temp\4837713.exe
c:\windows\update.1
c:\windows\update.1\svchost.exe
c:\windows\update.2
c:\windows\update.2\svchost.exe
c:\windows\update.5.0
c:\windows\winlog-dirs.txt
c:\windows\winlog-ids.txt
c:\windows\winsetupapi.log
.
.
((((((((((((((((((((((((( Files Created from 2011-09-28 to 2011-10-29 )))))))))))))))))))))))))))))))
.
.
2011-10-29 09:01 . 2011-10-29 09:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-28 20:09 . 2011-10-28 20:09 -------- d-----w- C:\rsit
2011-10-28 20:09 . 2011-10-28 20:09 -------- d-----w- c:\program files\trend micro
2011-10-28 20:01 . 2011-10-28 20:01 -------- d--h--w- c:\windows\update.tray-8-0
2011-10-28 20:01 . 2011-10-28 20:01 -------- d--h--w- c:\windows\update.tray-8-0-lnk
2011-10-28 19:59 . 2011-09-18 06:39 130760 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-10-28 19:59 . 2011-09-15 21:55 97312 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-28 19:59 . 2011-09-15 21:55 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2011-10-28 18:30 . 2011-10-28 18:30 -------- d--h--w- c:\windows\update.tray-15-0
2011-10-28 18:30 . 2011-10-28 18:30 -------- d--h--w- c:\windows\update.tray-15-0-lnk
2011-10-28 18:19 . 2011-10-28 18:27 246272 ----a-w- c:\windows\unrar.exe
2011-10-28 18:16 . 2011-10-28 20:03 -------- d-----w- c:\windows\av_ico
2011-10-28 18:13 . 2011-10-28 18:13 -------- d--h--w- c:\windows\update.tray-12-0
2011-10-28 18:13 . 2011-10-28 18:13 -------- d--h--w- c:\windows\update.tray-12-0-lnk
2011-10-26 16:51 . 2011-08-15 05:08 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-26 16:51 . 2011-08-15 04:25 6144 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2011-10-23 18:26 . 2011-10-23 18:27 -------- d-----w- c:\program files (x86)\EAGLE-5.4.0
2011-10-23 18:26 . 2011-10-23 18:26 -------- d-----w- c:\users\J3ck3sss\AppData\Roaming\CadSoft
2011-10-21 19:56 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2011-10-21 19:55 . 2011-10-21 19:55 -------- d-----w- c:\program files (x86)\Microsoft Expression
2011-10-21 19:55 . 2011-10-21 19:55 -------- d-----w- c:\program files (x86)\WPF Toolkit
2011-10-21 19:51 . 2011-10-21 19:51 -------- d-----w- c:\program files (x86)\Microsoft XNA
2011-10-21 19:50 . 2011-10-21 19:50 192768 ----a-w- c:\programdata\Microsoft\VPDExpress\10.0\1033\ResourceCache.dll
2011-10-21 19:40 . 2011-10-21 19:49 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 10.0
2011-10-21 19:39 . 2011-10-21 19:39 -------- d-----w- c:\program files (x86)\Microsoft XDE
2011-10-21 19:38 . 2011-10-21 19:38 -------- d-----w- c:\windows\symbols
2011-10-21 19:38 . 2011-10-21 19:38 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2011-10-21 19:38 . 2011-10-21 19:55 -------- d-----w- c:\program files (x86)\Microsoft SDKs
2011-10-21 19:38 . 2011-10-21 19:38 -------- d-----w- c:\program files\Microsoft Help Viewer
2011-10-16 13:29 . 2011-10-16 13:39 -------- d-----w- c:\users\J3ck3sss\AppData\Local\Ried.cl
2011-10-16 13:23 . 2011-10-16 13:23 -------- d-----w- c:\program files (x86)\Phone7Market
2011-10-16 09:49 . 2011-10-16 09:50 -------- d-----w- c:\windows\system32\ms-MY
2011-10-14 21:27 . 2011-10-14 21:27 -------- d-----w- c:\program files (x86)\YouTube Downloader Toolbar
2011-10-14 20:55 . 2011-10-14 20:55 14336 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2011-10-14 20:54 . 2011-09-09 15:35 22872 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2011-10-12 19:03 . 2011-09-06 03:07 3134976 ----a-w- c:\windows\system32\win32k.sys
2011-10-12 18:54 . 2011-08-17 05:32 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-11 15:44 . 2011-10-11 16:02 -------- d-----w- c:\program files (x86)\Counter-Strike Source
2011-10-11 12:38 . 2003-09-03 00:28 724992 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2011-10-11 12:38 . 2003-09-03 00:27 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2011-10-11 12:38 . 2003-09-03 00:26 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2011-10-11 12:38 . 2003-09-03 00:26 192512 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2011-10-11 12:38 . 2003-09-03 00:25 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2011-10-11 12:38 . 2003-09-03 00:23 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2011-10-11 12:38 . 2011-10-11 12:38 311428 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2011-10-11 12:38 . 2011-10-11 12:38 184452 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2011-10-09 17:27 . 2011-10-09 17:27 -------- d-----w- c:\program files (x86)\IObit Toolbar
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-15 15:04 . 2011-09-15 15:04 8024 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\10.0\SDKFilesVer.dll
2011-09-15 15:04 . 2011-09-15 15:04 8024 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\10.0\addons\NonSDKAddonVer.dll
2011-09-15 15:04 . 2011-09-15 15:04 8024 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\10.0\1033\NonSDKAddonLangVer.dll
2011-09-15 15:04 . 2011-09-15 15:04 8016 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\10.0\addons\WPSDKVer.dll
2011-09-15 13:38 . 2011-09-15 13:38 81744 ----a-w- c:\windows\SysWow64\mfcm100u.dll
2011-09-15 13:38 . 2011-09-15 13:38 81744 ----a-w- c:\windows\SysWow64\mfcm100.dll
2011-09-15 13:38 . 2011-09-15 13:38 773968 ----a-w- c:\windows\SysWow64\msvcr100.dll
2011-09-15 13:38 . 2011-09-15 13:38 4422992 ----a-w- c:\windows\SysWow64\mfc100u.dll
2011-09-15 13:38 . 2011-09-15 13:38 4397384 ----a-w- c:\windows\SysWow64\mfc100.dll
2011-09-15 13:38 . 2011-09-15 13:38 421200 ----a-w- c:\windows\SysWow64\msvcp100.dll
2011-09-15 13:38 . 2011-09-15 13:38 138056 ----a-w- c:\windows\SysWow64\atl100.dll
2011-08-19 14:33 . 2011-09-25 17:21 27992 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\tbBitT.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2010-12-09 11:51 3911776 ----a-w- c:\program files (x86)\BitTorrentBar\tbBitT.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-02-01 17:17 1487240 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\tbBitT.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 5"="c:\program files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" [2011-09-09 607576]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"BitTorrent"="c:\program files (x86)\BITTORRENT\BITTORRENT.EXE" [2011-01-28 4771184]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-03-17 19872]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-10 98304]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2009-05-19 136544]
"tray_ico2"="c:\windows\update.tray-8-0\svchost.exe" [2011-10-28 1201152]
"tray_ico0"="c:\windows\update.tray-12-0\svchost.exe" [2011-10-28 1201152]
"tray_ico1"="c:\windows\update.tray-15-0\svchost.exe" [2011-10-28 1201152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\WI3C8A~1\Datamngr\datamngr.dll c:\progra~2\WI3C8A~1\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
R2 AVGIDSAgent;AVGIDSAgent; [x]
R2 avgwd;AVG WatchDog; [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service; [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2011-09-09 478040]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2011-09-27 745880]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2009-12-30 23592]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-01-22 310352]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-01-18 842784]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-23 13336]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-20 820568]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-09 2320920]
S2 WMCoreService;Mobile Broadband Core Service;c:\program files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe servicemode [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 k57nd;Broadcom NetLink Gigabit Ethernet;c:\windows\system32\DRIVERS\k57amd64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3427954366-3406222959-2106377572-1000Core.job
- c:\users\J3ck3sss\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-14 18:59]
.
2011-10-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3427954366-3406222959-2106377572-1000UA.job
- c:\users\J3ck3sss\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-14 18:59]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}]
2011-03-24 12:30 1058712 ----a-w- c:\progra~2\WI3C8A~1\Datamngr\x64\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-10-19 2185032]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\progra~2\WI3C8A~1\Datamngr\x64\datamngr.dll c:\progra~2\WI3C8A~1\Datamngr\x64\IEBHO.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=80e51b32000000000000f07bcb1ff042&tlver=1.4.19.19&ss=1&affID=17981
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Download Using &BitSpirit - c:\program files (x86)\BitSpirit\bsurl.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.254 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-AVG_TRAY - c:\program files (x86)\AVG\AVG10\avgtray.exe
Wow6432Node-HKLM-Run-tray_ico - (no file)
Wow6432Node-HKLM-Run-tray_ico3 - (no file)
Wow6432Node-HKLM-Run-tray_ico4 - (no file)
Wow6432Node-HKLM-Run-wxpdrv - c:\windows\services32.exe
Wow6432Node-HKLM-Run-avgnt - c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe
Toolbar-10 - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Avira AntiVir Desktop - c:\program files (x86)\Avira\AntiVir Desktop\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
c:\program files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
c:\program files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
.
**************************************************************************
.
Completion time: 2011-10-29 11:11:53 - machine was rebooted
ComboFix-quarantined-files.txt 2011-10-29 09:11
.
Pre-Run: 162 523 004 928 bytes free
Post-Run: 162 001 350 656 bytes free
.
- - End Of File - - A3D01BC870A6310DAB2770CD3AC6F919
ComboFix 11-10-29.03 - J3ck3sss . 10. 2011 10:51:41.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1051.18.3959.2730 [GMT 2:00]
Running from: c:\users\J3ck3sss\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\CleanupFiles.exe
c:\users\J3ck3sss\AppData\Local\Temp\e3c74ee6-7482-4280-b9c3-f233b390296e\CliSecureRT.dll
c:\users\J3ck3sss\AppData\Roaming\cacaoweb
c:\users\J3ck3sss\AppData\Roaming\cacaoweb\cacaoweb.exe
c:\users\J3ck3sss\AppData\Roaming\cacaoweb\npdfile.dat
c:\users\J3ck3sss\AppData\Roaming\cacaoweb\storage.db
c:\windows\front_ip_list.txt
c:\windows\geoiplist
c:\windows\geoiplist.rar
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\loader2.exe_ok
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\proc_list1.log
c:\windows\services32.exe
c:\windows\sysdriver32_.exe
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\SysWow64\muzapp.exe
c:\windows\Temp\2334188.exe
c:\windows\Temp\4837713.exe
c:\windows\update.1
c:\windows\update.1\svchost.exe
c:\windows\update.2
c:\windows\update.2\svchost.exe
c:\windows\update.5.0
c:\windows\winlog-dirs.txt
c:\windows\winlog-ids.txt
c:\windows\winsetupapi.log
.
.
((((((((((((((((((((((((( Files Created from 2011-09-28 to 2011-10-29 )))))))))))))))))))))))))))))))
.
.
2011-10-29 09:01 . 2011-10-29 09:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-28 20:09 . 2011-10-28 20:09 -------- d-----w- C:\rsit
2011-10-28 20:09 . 2011-10-28 20:09 -------- d-----w- c:\program files\trend micro
2011-10-28 20:01 . 2011-10-28 20:01 -------- d--h--w- c:\windows\update.tray-8-0
2011-10-28 20:01 . 2011-10-28 20:01 -------- d--h--w- c:\windows\update.tray-8-0-lnk
2011-10-28 19:59 . 2011-09-18 06:39 130760 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-10-28 19:59 . 2011-09-15 21:55 97312 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-28 19:59 . 2011-09-15 21:55 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2011-10-28 18:30 . 2011-10-28 18:30 -------- d--h--w- c:\windows\update.tray-15-0
2011-10-28 18:30 . 2011-10-28 18:30 -------- d--h--w- c:\windows\update.tray-15-0-lnk
2011-10-28 18:19 . 2011-10-28 18:27 246272 ----a-w- c:\windows\unrar.exe
2011-10-28 18:16 . 2011-10-28 20:03 -------- d-----w- c:\windows\av_ico
2011-10-28 18:13 . 2011-10-28 18:13 -------- d--h--w- c:\windows\update.tray-12-0
2011-10-28 18:13 . 2011-10-28 18:13 -------- d--h--w- c:\windows\update.tray-12-0-lnk
2011-10-26 16:51 . 2011-08-15 05:08 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-26 16:51 . 2011-08-15 04:25 6144 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2011-10-23 18:26 . 2011-10-23 18:27 -------- d-----w- c:\program files (x86)\EAGLE-5.4.0
2011-10-23 18:26 . 2011-10-23 18:26 -------- d-----w- c:\users\J3ck3sss\AppData\Roaming\CadSoft
2011-10-21 19:56 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2011-10-21 19:55 . 2011-10-21 19:55 -------- d-----w- c:\program files (x86)\Microsoft Expression
2011-10-21 19:55 . 2011-10-21 19:55 -------- d-----w- c:\program files (x86)\WPF Toolkit
2011-10-21 19:51 . 2011-10-21 19:51 -------- d-----w- c:\program files (x86)\Microsoft XNA
2011-10-21 19:50 . 2011-10-21 19:50 192768 ----a-w- c:\programdata\Microsoft\VPDExpress\10.0\1033\ResourceCache.dll
2011-10-21 19:40 . 2011-10-21 19:49 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 10.0
2011-10-21 19:39 . 2011-10-21 19:39 -------- d-----w- c:\program files (x86)\Microsoft XDE
2011-10-21 19:38 . 2011-10-21 19:38 -------- d-----w- c:\windows\symbols
2011-10-21 19:38 . 2011-10-21 19:38 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2011-10-21 19:38 . 2011-10-21 19:55 -------- d-----w- c:\program files (x86)\Microsoft SDKs
2011-10-21 19:38 . 2011-10-21 19:38 -------- d-----w- c:\program files\Microsoft Help Viewer
2011-10-16 13:29 . 2011-10-16 13:39 -------- d-----w- c:\users\J3ck3sss\AppData\Local\Ried.cl
2011-10-16 13:23 . 2011-10-16 13:23 -------- d-----w- c:\program files (x86)\Phone7Market
2011-10-16 09:49 . 2011-10-16 09:50 -------- d-----w- c:\windows\system32\ms-MY
2011-10-14 21:27 . 2011-10-14 21:27 -------- d-----w- c:\program files (x86)\YouTube Downloader Toolbar
2011-10-14 20:55 . 2011-10-14 20:55 14336 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2011-10-14 20:54 . 2011-09-09 15:35 22872 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2011-10-12 19:03 . 2011-09-06 03:07 3134976 ----a-w- c:\windows\system32\win32k.sys
2011-10-12 18:54 . 2011-08-17 05:32 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-11 15:44 . 2011-10-11 16:02 -------- d-----w- c:\program files (x86)\Counter-Strike Source
2011-10-11 12:38 . 2003-09-03 00:28 724992 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2011-10-11 12:38 . 2003-09-03 00:27 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2011-10-11 12:38 . 2003-09-03 00:26 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2011-10-11 12:38 . 2003-09-03 00:26 192512 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2011-10-11 12:38 . 2003-09-03 00:25 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2011-10-11 12:38 . 2003-09-03 00:23 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2011-10-11 12:38 . 2011-10-11 12:38 311428 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2011-10-11 12:38 . 2011-10-11 12:38 184452 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2011-10-09 17:27 . 2011-10-09 17:27 -------- d-----w- c:\program files (x86)\IObit Toolbar
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-15 15:04 . 2011-09-15 15:04 8024 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\10.0\SDKFilesVer.dll
2011-09-15 15:04 . 2011-09-15 15:04 8024 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\10.0\addons\NonSDKAddonVer.dll
2011-09-15 15:04 . 2011-09-15 15:04 8024 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\10.0\1033\NonSDKAddonLangVer.dll
2011-09-15 15:04 . 2011-09-15 15:04 8016 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\10.0\addons\WPSDKVer.dll
2011-09-15 13:38 . 2011-09-15 13:38 81744 ----a-w- c:\windows\SysWow64\mfcm100u.dll
2011-09-15 13:38 . 2011-09-15 13:38 81744 ----a-w- c:\windows\SysWow64\mfcm100.dll
2011-09-15 13:38 . 2011-09-15 13:38 773968 ----a-w- c:\windows\SysWow64\msvcr100.dll
2011-09-15 13:38 . 2011-09-15 13:38 4422992 ----a-w- c:\windows\SysWow64\mfc100u.dll
2011-09-15 13:38 . 2011-09-15 13:38 4397384 ----a-w- c:\windows\SysWow64\mfc100.dll
2011-09-15 13:38 . 2011-09-15 13:38 421200 ----a-w- c:\windows\SysWow64\msvcp100.dll
2011-09-15 13:38 . 2011-09-15 13:38 138056 ----a-w- c:\windows\SysWow64\atl100.dll
2011-08-19 14:33 . 2011-09-25 17:21 27992 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\tbBitT.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2010-12-09 11:51 3911776 ----a-w- c:\program files (x86)\BitTorrentBar\tbBitT.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-02-01 17:17 1487240 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\tbBitT.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 5"="c:\program files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" [2011-09-09 607576]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"BitTorrent"="c:\program files (x86)\BITTORRENT\BITTORRENT.EXE" [2011-01-28 4771184]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-03-17 19872]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-10 98304]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2009-05-19 136544]
"tray_ico2"="c:\windows\update.tray-8-0\svchost.exe" [2011-10-28 1201152]
"tray_ico0"="c:\windows\update.tray-12-0\svchost.exe" [2011-10-28 1201152]
"tray_ico1"="c:\windows\update.tray-15-0\svchost.exe" [2011-10-28 1201152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\WI3C8A~1\Datamngr\datamngr.dll c:\progra~2\WI3C8A~1\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
R2 AVGIDSAgent;AVGIDSAgent; [x]
R2 avgwd;AVG WatchDog; [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service; [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2011-09-09 478040]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2011-09-27 745880]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2009-12-30 23592]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-01-22 310352]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-01-18 842784]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-23 13336]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-20 820568]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-09 2320920]
S2 WMCoreService;Mobile Broadband Core Service;c:\program files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe servicemode [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 k57nd;Broadcom NetLink Gigabit Ethernet;c:\windows\system32\DRIVERS\k57amd64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3427954366-3406222959-2106377572-1000Core.job
- c:\users\J3ck3sss\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-14 18:59]
.
2011-10-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3427954366-3406222959-2106377572-1000UA.job
- c:\users\J3ck3sss\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-14 18:59]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}]
2011-03-24 12:30 1058712 ----a-w- c:\progra~2\WI3C8A~1\Datamngr\x64\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-10-19 2185032]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\progra~2\WI3C8A~1\Datamngr\x64\datamngr.dll c:\progra~2\WI3C8A~1\Datamngr\x64\IEBHO.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=80e51b32000000000000f07bcb1ff042&tlver=1.4.19.19&ss=1&affID=17981
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Download Using &BitSpirit - c:\program files (x86)\BitSpirit\bsurl.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.254 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-AVG_TRAY - c:\program files (x86)\AVG\AVG10\avgtray.exe
Wow6432Node-HKLM-Run-tray_ico - (no file)
Wow6432Node-HKLM-Run-tray_ico3 - (no file)
Wow6432Node-HKLM-Run-tray_ico4 - (no file)
Wow6432Node-HKLM-Run-wxpdrv - c:\windows\services32.exe
Wow6432Node-HKLM-Run-avgnt - c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe
Toolbar-10 - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Avira AntiVir Desktop - c:\program files (x86)\Avira\AntiVir Desktop\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
c:\program files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
c:\program files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
.
**************************************************************************
.
Completion time: 2011-10-29 11:11:53 - machine was rebooted
ComboFix-quarantined-files.txt 2011-10-29 09:11
.
Pre-Run: 162 523 004 928 bytes free
Post-Run: 162 001 350 656 bytes free
.
- - End Of File - - A3D01BC870A6310DAB2770CD3AC6F919
Re: Facebook virus pls help - ntb
Odinstalujte Smart Defrag 2, Advanced SystemCare 5 a nasledne i vse od IOBit - jsou to cinske smejdy s nulovym ucinkem na PC - po ukonceni leceni tam dame neco lepsiho Pokud nemate, tak presunte Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
KillAll:: File:: c:\windows\unrar.exe C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3427954366-3406222959-2106377572-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3427954366-3406222959-2106377572-1000UA.job c:\windows\temp\9178288.exe Folder:: c:\program files (x86)\common files\spigot C:\Program Files (x86)\BabylonToolbar\BabylonToolbar C:\PROGRA~2\WI3C8A~1\ToolBar C:\Program Files (x86)\DAEMON Tools Toolbar c:\program files (x86)\Application Updater c:\program files (x86)\IObit c:\windows\update.tray-8-0 c:\windows\update.tray-8-0-lnk c:\windows\update.tray-15-0 c:\windows\update.tray-15-0-lnk c:\windows\av_ico c:\windows\update.tray-12-0 c:\windows\update.tray-12-0-lnk c:\program files (x86)\YouTube Downloader Toolbar c:\program files (x86)\IObit Toolbar c:\program files (x86)\BitTorrentBar c:\program files (x86)\Ask.com DDS:: uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss ... ffID=17981 Registry:: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"=- [-HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}] [-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] [-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}] [-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"=- "{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"=- "{30F9B915-B755-4826-820B-08FBA6BD249D}"=- [-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [-HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}] [-HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}] [-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 5"=- "BitTorrent"=- "DAEMON Tools Lite"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"=- "tray_ico2"=- "tray_ico0"=- "tray_ico1"=- [HKEY_LOCAL_MACHINE\software\microsoft\security center] "FirewallOverride"=dword:00000000 "DisableThumbnailCache"=dword:00000000 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BabylonToolbar] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BabylonToolbar] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cacaoweb] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivX Download Manager] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Driver Updater] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wxpdrv] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\9178288.exe] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 5"=- Driver:: AdvancedSystemCareService5 Application Updater RegLock:: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Facebook virus pls help - ntb
ok udelal sem to stejne a posielam log na 2x lebo sa to nemesti.
ComboFix 11-10-29.03 - J3ck3sss . 10. 2011 11:47:16.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1051.18.3959.2712 [GMT 2:00]
Running from: c:\users\J3ck3sss\Desktop\ComboFix.exe
Command switches used :: c:\users\J3ck3sss\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3427954366-3406222959-2106377572-1000Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3427954366-3406222959-2106377572-1000UA.job"
"c:\windows\temp\9178288.exe"
"c:\windows\unrar.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\progra~2\WI3C8A~1\ToolBar
c:\progra~2\WI3C8A~1\ToolBar\as_guid.dat
c:\progra~2\WI3C8A~1\ToolBar\components\windowmediator.js
c:\progra~2\WI3C8A~1\ToolBar\dtUser.exe
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\bandoocode.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\data\search\engines.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\data\search\search.xsl
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\imeshcode.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\about.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\bandoocode.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\dtxpanel.xul
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\dtxtransparentwin.xul
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\dtxwin.xul
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\external.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\imeshcode.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\neterror.xhtml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\nsDragAndDrop.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\vmncode.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\wmpstreamer.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\modules\datastore.jsm
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\neterror.xhtml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\partner.coupons.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\preferences.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\radiobeta.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\template.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\toolbar.htm
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\toolbar.xul
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\vmncode.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\vmnrsswin.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\alert_coupon.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\arrow-next-off.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\arrow-next.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\arrow-previous-off.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\arrow-previous.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\bg-coupon-blue.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\bg-save.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\btn-getcoupon.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\btn-next-blue.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\btn-previous-blue.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\btn-wide-close-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\btn-wide-close.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\coupon-activated.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\couponTooltip.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\css\dialog.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\css\ie7style.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\ico-coupon.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\ico-dollar.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\arrow-grey.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\arrows_grey-left.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\arrows_grey-right.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\bg_top.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\btn-back.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\btn-getcoupon.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\btn-search.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\coupon-activated.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\delete.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\loader.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollb-disable.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollb-down.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollb.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollt-disable.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollt-down.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollt.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\sprite.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-arrow-hover.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-arrow.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-off-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-off-l_BAK.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-off-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-off-r_BAK.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-on-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-on-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-over-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-over-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-white-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-white-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-white-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\vid-bg.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\index.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\jquery.contextMenu.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\jquery.contextMenu.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\js\jquery-1.4.2.min.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\js\jquery.event.wheel.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\js\jquery.scrollTo-min.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\js\JSON.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\js\listnav.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\js\main.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\page_white_copy.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\panel.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\partner.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\placeholder-logo.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\css\dialog.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\bg.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-wide-close-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-wide-close.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\default.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\transparent.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\win-btm-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\win-btm-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\win-btm-right-resize.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\win-btm-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\main.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\scripts\defscript.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\tb_icon.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\widget.jsw
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\widget.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\widget_version.txt
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\css\dialog.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\arrow-grey.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\arrows_grey-left.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\arrows_grey-right.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\back.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\btn-search-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\btn-search.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\delete.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollb-disable.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollb-down.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollb.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollt-disable.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollt-down.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollt.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-arrow-hover.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-arrow.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-off-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-off-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-on-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-on-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-over-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-over-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-red-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-red-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-red-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-white-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-white-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-white-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\throbber.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\vid-bg.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\youtube.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\index.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\js\function.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\js\jquery-1.4.2.min.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\js\JSON.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\css\dialog.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\bg-facebook.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\blank.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\btn-wide-close-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\btn-wide-close.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\default.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\transparent.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\win-btm-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\win-btm-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\win-btm-right-resize.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\win-btm-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\main.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\scripts\defscript.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\scripts\jquery-1.4.2.min.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\tb_icon.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\widget.jsw
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\widget.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\widget_version.txt
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\tb_icon.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget_version
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\css\twitter.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\btn-login-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\btn-login.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\btn-submit.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\loginbg.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\refresh-over.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\refresh.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrollbottom-disable.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrollbottom-down.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrollbottom-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrollbottom.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrolltop-disable.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrolltop-down.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrolltop-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrolltop.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\tab-off-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\tab-off-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\tab-on-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\tab-on-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\throbber.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\twitter-logo48.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\twitter_top.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\js\jquery.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\js\scripts.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\css\dialog.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\bg.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\btn-wide-close-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\btn-wide-close.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\default.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\transparent.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\win-btm-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\win-btm-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\win-btm-right-resize.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\win-btm-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\main.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\scripts\defscript.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\tb_icon.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\widget.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\widget.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\widget_version.txt
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\css\autocomplete.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\css\dialog.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\arrow-grey.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\arrows_grey-left.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\arrows_grey-right.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\bg.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\btn-search-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\btn-search.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\powered-by-youtube.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-off-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-off-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-on-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-on-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-red-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-red-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-red-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-white-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-white-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-white-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\throbber.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\vid-bg.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\youtube.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\index.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\js\autocomplete.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\js\jquery-1.4.3.min.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\js\paginator.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\js\youtube.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\css\dialog.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\bg.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\btn-search.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\btn-wide-close-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\btn-wide-close.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\default.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\tab-off-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\tab-off-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\tab-on-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\tab-on-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\transparent.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\win-btm-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\win-btm-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\win-btm-right-resize.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\win-btm-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\main.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\scripts\defscript.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\tb_icon.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\widget.jsw
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\widget.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\widget_version.txt
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\babylon_logo.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\bandoo.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\bluelite.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\bluesky.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\btn-search-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\btn-search.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\btn-settings-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\btn-settings.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\btn-widgets-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\btn-widgets.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\btn_settings.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\ca.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\dictionary.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\divider.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\downloadcom.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\dtxlogo.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\ebay.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\email.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\email_on.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\facebook.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\games.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphred0.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphred0_5.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphred1.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphred1_5.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphred2.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphred2_5.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphred3.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphred3_5.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphred4.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphred4_5.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphred5.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphredna.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\grey.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\ico-shield.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\icon_radio_png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\icon_seperator_png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\images.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\imesh.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\add.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\aol.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\arrow-right-disabled.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\arrow-right.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\arrow-up.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\bg-btn-divider.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\bg-btnover-divider.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\blank.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\btn-widgets-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\btn-widgets.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\btn_slider.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\btnback-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\btnright-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\collapse.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\comcast.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\dtx.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\edit-back.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\expand.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\found.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\gmail.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\highlight.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\highlight_blue.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\highlight_lime.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\hotmail.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\checkmark.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\chevron.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\ico-check.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\imap.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\loadingMid.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\lock.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\logo-separator.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\mailcom.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\menu_separator_white.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\menuitemright-down-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\menuitemright-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\modify.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\move.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\movetarget.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\css\panels.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\css\popupAbout.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\css\popupGames.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\css\popupRSS.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\css\dialog.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\bg.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\btn-search.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\default.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\tab-off-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\tab-off-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\tab-on-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\tab-on-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\transparent.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\win-btm-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\win-btm-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right-resize.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\win-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\win-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\main.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\scripts\defscript.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\footer.htm
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\gamecategory.xsl
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\gameData.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\gameList.xsl
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\games.xsl
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\gametype.xsl
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\arrow-dn.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\arrow-up.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-back.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-drag.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-mdl-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-moredetails.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-next.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-play-left-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-play-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-previous.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-right-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-try-left-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-try-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\bullet-orange.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\ico-dollar.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\ico-download.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\ico-news24.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\ico-play.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\ico-tags.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\icon-Add.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\icon-download.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\icon-Info.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\icon-play.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\icon-shop.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\scrollb.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\scrollt.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\widgets.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\initHTML.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\popupGames.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\popupHTML.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\popupRSS.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\scroll.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\pop.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\css\manager.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\css\slider.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\ico-radio.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\music-note.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-eq-buffer.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-options.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\slider.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\slideron.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\track.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\managerpanel.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\volumeslider.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radiobeta-buffering.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radiobeta-connecting.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radiobeta-playing.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radiobeta-stopped.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radiobeta.ico
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\reload.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\remove.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\rename.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\resize-box.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\rss.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\rsschannelback.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\RSSLogo.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\rsstabdivider.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\scroll-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\scroll-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\search-go.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\search.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\text-ellipsis.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\throbber.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\toolbarsplitter.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\transparent_1px.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_02.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_03.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_04.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_06.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_07.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_08.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_09.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_10.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_11.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_12.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_13.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_15.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_16.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_18.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_19.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_20.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_21.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\close-hot.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\close-normal.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\loadingMid.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\proxy.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\template.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\template.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\templateFF.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\throbber.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\icons\na-t.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\yahoo.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lichen.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\logo-about.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\logo-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\logo-separator.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\logo.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\mail.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\maps.bmp
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\menuseparatorback.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\modify-save.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\modify.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\modifyhot.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\music.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\news.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\options\options-main.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\options\options-search.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\options\options-weather.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\options\options-weather.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\options\options-widgets.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\orange.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\pixsy.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\protect-id.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\radiobeta-buffering.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\radiobeta-connecting.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\radiobeta-playing.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\radiobeta-stopped.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\radiobeta.ico
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\relatedlinks.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rss-collapse.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rss-delete.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rss-expand.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rss-feed.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rss-folder-remove.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rss-folder-rename.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rss-folder.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rss-found.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rss-reload.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rss-subscribe.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rss.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rssback.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rsstopback.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\search-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\search.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\search_button_over_png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\search_button_png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\searchbar\searchbar-background-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\searchbar\searchbar-background-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\settings.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\shopping.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\siteinfo.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\skin-bluelite.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\skin-bluesky.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\skin-grey.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\skin-lichen.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\skin-orange.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\skin-yellow.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\skin.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\technorati.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\throbber.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\toolbarsplitter.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\translate.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\video.bmp
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\vmn.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\vmn.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\weather.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\web.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\widgets-square-16px.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\wikipedia.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\yahoosearch.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\yellow.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\youtube.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\zoom.png
c:\progra~2\WI3C8A~1\ToolBar\manifest.xml
c:\progra~2\WI3C8A~1\ToolBar\searchquband.dll
c:\progra~2\WI3C8A~1\ToolBar\searchqudtx.dll
c:\progra~2\WI3C8A~1\ToolBar\uninstall.exe
c:\program files (x86)\Application Updater
c:\program files (x86)\Application Updater\ApplicationUpdater.exe
c:\program files (x86)\Application Updater\config.ini
c:\program files (x86)\Ask.com
c:\program files (x86)\Ask.com\assets\oobe\b.png
c:\program files (x86)\Ask.com\assets\oobe\bl.png
c:\program files (x86)\Ask.com\assets\oobe\br.png
c:\program files (x86)\Ask.com\assets\oobe\l.png
c:\program files (x86)\Ask.com\assets\oobe\pointer.png
c:\program files (x86)\Ask.com\assets\oobe\r.png
c:\program files (x86)\Ask.com\assets\oobe\t.png
c:\program files (x86)\Ask.com\assets\oobe\tl.png
c:\program files (x86)\Ask.com\assets\oobe\tr.png
c:\program files (x86)\Ask.com\cobrand.ico
c:\program files (x86)\Ask.com\config.xml
c:\program files (x86)\Ask.com\favicon.ico
c:\program files (x86)\Ask.com\fv_70f3.ico
c:\program files (x86)\Ask.com\GenericAskToolbar.dll
c:\program files (x86)\Ask.com\mupcfg.xml
c:\program files (x86)\Ask.com\SaUpdate.exe
c:\program files (x86)\Ask.com\UpdateTask.exe
c:\program files (x86)\BabylonToolbar\BabylonToolbar
c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx
c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarApp.dll
c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarEng.dll
c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\uninstall.exe
c:\program files (x86)\BitTorrentBar
c:\program files (x86)\BitTorrentBar\BitTorrentBarToolbarHelper.exe
c:\program files (x86)\BitTorrentBar\GottenAppsContextMenu.xml
c:\program files (x86)\BitTorrentBar\INSTALL.LOG
c:\program files (x86)\BitTorrentBar\OtherAppsContextMenu.xml
c:\program files (x86)\BitTorrentBar\SharedAppsContextMenu.xml
c:\program files (x86)\BitTorrentBar\tbBitT.dll
c:\program files (x86)\BitTorrentBar\toolbar.cfg
c:\program files (x86)\BitTorrentBar\ToolbarContextMenu.xml
c:\program files (x86)\BitTorrentBar\UNWISE.EXE
c:\program files (x86)\common files\spigot
c:\program files (x86)\common files\spigot\Search Settings\baidu_ff.xml
c:\program files (x86)\common files\spigot\Search Settings\baidu_ie.xml
c:\program files (x86)\common files\spigot\Search Settings\config.ini
c:\program files (x86)\common files\spigot\Search Settings\Lang\res1031.ini
c:\program files (x86)\common files\spigot\Search Settings\Lang\res1033.ini
c:\program files (x86)\common files\spigot\Search Settings\Lang\res1034.ini
c:\program files (x86)\common files\spigot\Search Settings\Lang\res1036.ini
c:\program files (x86)\common files\spigot\Search Settings\Lang\res1040.ini
c:\program files (x86)\common files\spigot\Search Settings\SearchSettings.exe
c:\program files (x86)\common files\spigot\Search Settings\yahoo_ff.xml
c:\program files (x86)\common files\spigot\Search Settings\yahoo_ie.xml
c:\program files (x86)\common files\spigot\Search Settings\yandex_ff.xml
c:\program files (x86)\common files\spigot\Search Settings\yandex_ie.xml
c:\program files (x86)\DAEMON Tools Toolbar
c:\program files (x86)\DAEMON Tools Toolbar\_DTLite.xml
c:\program files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
c:\program files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll
c:\program files (x86)\DAEMON Tools Toolbar\Resources\about.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\AboutWindow.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\accept.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\AddRadioStation.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ARA.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\as.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\as.png
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_audio.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_buy.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_download.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_feedback.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_forum.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_home.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_lite.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astroburn_site.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astroLite_16.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\az.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\AZE.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\b1.png
c:\program files (x86)\DAEMON Tools Toolbar\Resources\burn_files.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\burn_image.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\burn_imgs.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\BurnImage.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\buy.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\cal.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Config.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\d.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\d2.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\daemon_search.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\daemon_search_site.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\DEU.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dot_disabled.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dot_enabled.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dot_on_over.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\download.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ds.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dsearch.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt-home.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_about.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_buy.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_download.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_faq.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_feedback.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_forum.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_line.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_lite.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_manual.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_pro.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\DTPro.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dtt16.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dtt32.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Dwnl.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\emulation.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ENG.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\faq.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\favicon.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\fb.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\features.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\feedback.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\forum.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\FRA.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrix.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrixCristals.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrixDownload.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrixPlayOnline.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrixTop.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameS.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\games_search.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\games_search_SA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameSA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\gct16.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\gd.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\genre.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\globe.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GrabImage.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\hb.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\hb.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\help.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\hide.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\home.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\CHS.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\CHT.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\image_search.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\image_search_SA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ImageS.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ImageSA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ip.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ITA.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\JPN.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\KOR.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\lang.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\lingvo.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\m.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail_disable.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\manual.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\map.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\MenuRSCur.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\MenuTr.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mount.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mount_n_drive.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\next.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\next_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\next_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\next_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\none.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\none_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\op.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\pragma.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prev.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prev_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prev_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prev_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prod.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Radio.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioBg.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioBg.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDisp.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioE.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioG.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioL.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioLeft.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioLM.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioM.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioN.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioR.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioR.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioRM.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioRU.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioVolume.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioW.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rbcheck.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rbtxt.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\refresh.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\refresh_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\refresh_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\refresh_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Rss.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Rss1.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RssA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RssA1.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rssClose.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rssL.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rssOpen.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RssRefresh.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RUS.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\s2.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\show.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\size.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\size_lr.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\size_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\size_rl.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\skins.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\soft24.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\soft24_SA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\spt.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\style.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\SupportRequest.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\timer.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\TitleIcon.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\toolbar.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\trans.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\u.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\UKR.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\unmount-all.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_back.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_dott.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_mute.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_mute_check.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_under.bmp
ComboFix 11-10-29.03 - J3ck3sss . 10. 2011 11:47:16.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1051.18.3959.2712 [GMT 2:00]
Running from: c:\users\J3ck3sss\Desktop\ComboFix.exe
Command switches used :: c:\users\J3ck3sss\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3427954366-3406222959-2106377572-1000Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3427954366-3406222959-2106377572-1000UA.job"
"c:\windows\temp\9178288.exe"
"c:\windows\unrar.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\progra~2\WI3C8A~1\ToolBar
c:\progra~2\WI3C8A~1\ToolBar\as_guid.dat
c:\progra~2\WI3C8A~1\ToolBar\components\windowmediator.js
c:\progra~2\WI3C8A~1\ToolBar\dtUser.exe
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\bandoocode.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\data\search\engines.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\data\search\search.xsl
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\imeshcode.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\about.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\bandoocode.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\dtxpanel.xul
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\dtxtransparentwin.xul
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\dtxwin.xul
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\external.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\imeshcode.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\neterror.xhtml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\nsDragAndDrop.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\vmncode.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\lib\wmpstreamer.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\modules\datastore.jsm
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\neterror.xhtml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\partner.coupons.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\preferences.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\radiobeta.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\template.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\toolbar.htm
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\toolbar.xul
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\vmncode.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\vmnrsswin.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\alert_coupon.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\arrow-next-off.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\arrow-next.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\arrow-previous-off.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\arrow-previous.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\bg-coupon-blue.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\bg-save.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\btn-getcoupon.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\btn-next-blue.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\btn-previous-blue.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\btn-wide-close-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\btn-wide-close.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\coupon-activated.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\couponTooltip.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\css\dialog.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\css\ie7style.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\ico-coupon.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\ico-dollar.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\arrow-grey.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\arrows_grey-left.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\arrows_grey-right.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\bg_top.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\btn-back.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\btn-getcoupon.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\btn-search.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\coupon-activated.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\delete.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\loader.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollb-disable.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollb-down.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollb.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollt-disable.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollt-down.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollt.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\sprite.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-arrow-hover.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-arrow.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-off-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-off-l_BAK.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-off-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-off-r_BAK.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-on-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-on-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-over-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-over-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-white-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-white-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-white-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\vid-bg.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\index.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\jquery.contextMenu.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\jquery.contextMenu.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\js\jquery-1.4.2.min.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\js\jquery.event.wheel.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\js\jquery.scrollTo-min.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\js\JSON.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\js\listnav.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\js\main.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\page_white_copy.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\panel.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\partner.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\placeholder-logo.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\css\dialog.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\bg.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-wide-close-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-wide-close.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\default.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\transparent.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\win-btm-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\win-btm-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\win-btm-right-resize.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\win-btm-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\main.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\scripts\defscript.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\tb_icon.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\widget.jsw
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\widget.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\widget_version.txt
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\css\dialog.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\arrow-grey.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\arrows_grey-left.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\arrows_grey-right.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\back.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\btn-search-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\btn-search.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\delete.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollb-disable.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollb-down.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollb.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollt-disable.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollt-down.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollt.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-arrow-hover.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-arrow.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-off-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-off-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-on-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-on-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-over-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-over-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-red-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-red-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-red-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-white-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-white-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-white-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\throbber.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\vid-bg.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\youtube.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\index.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\js\function.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\js\jquery-1.4.2.min.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\js\JSON.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\css\dialog.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\bg-facebook.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\blank.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\btn-wide-close-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\btn-wide-close.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\default.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\transparent.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\win-btm-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\win-btm-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\win-btm-right-resize.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\win-btm-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\main.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\scripts\defscript.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\scripts\jquery-1.4.2.min.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\tb_icon.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\widget.jsw
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\widget.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\widget_version.txt
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\tb_icon.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget_version
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\css\twitter.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\btn-login-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\btn-login.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\btn-submit.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\loginbg.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\refresh-over.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\refresh.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrollbottom-disable.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrollbottom-down.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrollbottom-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrollbottom.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrolltop-disable.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrolltop-down.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrolltop-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrolltop.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\tab-off-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\tab-off-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\tab-on-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\tab-on-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\throbber.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\twitter-logo48.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\twitter_top.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\js\jquery.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\js\scripts.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\css\dialog.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\bg.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\btn-wide-close-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\btn-wide-close.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\default.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\transparent.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\win-btm-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\win-btm-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\win-btm-right-resize.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\win-btm-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\main.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\scripts\defscript.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\tb_icon.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\widget.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\widget.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\widget_version.txt
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\css\autocomplete.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\css\dialog.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\arrow-grey.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\arrows_grey-left.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\arrows_grey-right.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\bg.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\btn-search-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\btn-search.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\powered-by-youtube.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-off-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-off-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-on-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-on-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-red-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-red-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-red-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-white-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-white-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-white-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\throbber.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\vid-bg.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\images\youtube.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\index.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\js\autocomplete.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\js\jquery-1.4.3.min.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\js\paginator.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\js\youtube.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\css\dialog.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\bg.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\btn-search.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\btn-wide-close-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\btn-wide-close.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\default.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\tab-off-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\tab-off-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\tab-on-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\tab-on-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\transparent.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\win-btm-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\win-btm-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\win-btm-right-resize.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\win-btm-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\main.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\scripts\defscript.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\tb_icon.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\widget.jsw
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\widget.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\content\widgets\net.vmn.www.YouTube_v2\widget_version.txt
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\babylon_logo.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\bandoo.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\bluelite.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\bluesky.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\btn-search-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\btn-search.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\btn-settings-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\btn-settings.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\btn-widgets-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\btn-widgets.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\btn_settings.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\ca.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\dictionary.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\divider.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\downloadcom.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\dtxlogo.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\ebay.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\email.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\email_on.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\facebook.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\games.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphred0.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphred0_5.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphred1.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphred1_5.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphred2.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphred2_5.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphred3.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphred3_5.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphred4.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphred4_5.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphred5.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\graphredna.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\grey.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\ico-shield.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\icon_radio_png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\icon_seperator_png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\images.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\imesh.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\add.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\aol.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\arrow-right-disabled.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\arrow-right.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\arrow-up.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\bg-btn-divider.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\bg-btnover-divider.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\blank.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\btn-widgets-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\btn-widgets.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\btn_slider.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\btnback-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\btnright-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\collapse.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\comcast.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\dtx.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\edit-back.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\expand.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\found.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\gmail.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\highlight.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\highlight_blue.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\highlight_lime.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\hotmail.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\checkmark.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\chevron.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\ico-check.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\imap.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\loadingMid.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\lock.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\logo-separator.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\mailcom.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\menu_separator_white.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\menuitemright-down-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\menuitemright-vista.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\modify.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\move.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\movetarget.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\css\panels.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\css\popupAbout.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\css\popupGames.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\css\popupRSS.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\css\dialog.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\bg.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\btn-search.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\default.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\tab-off-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\tab-off-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\tab-on-l.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\tab-on-r.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\transparent.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\win-btm-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\win-btm-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right-resize.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\win-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\images\win-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\main.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\default\scripts\defscript.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\footer.htm
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\gamecategory.xsl
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\gameData.js
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\gameList.xsl
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\games.xsl
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\gametype.xsl
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\arrow-dn.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\arrow-up.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-back.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-drag.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-mdl-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-mdl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-moredetails.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-next.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-play-left-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-play-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-previous.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-right-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-try-left-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\btn-try-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\bullet-orange.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\ico-dollar.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\ico-download.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\ico-news24.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\ico-play.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\ico-tags.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\icon-Add.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\icon-download.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\icon-Info.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\icon-play.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\icon-shop.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\scrollb.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\scrollt.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\images\widgets.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\initHTML.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\popupGames.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\popupHTML.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\popupRSS.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\panels\scroll.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\pop.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\css\manager.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\css\slider.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\ico-radio.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\music-note.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-eq-buffer.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-options.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\slider.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\slideron.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\images\track.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\managerpanel.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radio\volumeslider.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radiobeta-buffering.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radiobeta-connecting.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radiobeta-playing.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radiobeta-stopped.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\radiobeta.ico
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\reload.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\remove.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\rename.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\resize-box.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\rss.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\rsschannelback.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\RSSLogo.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\rsstabdivider.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\scroll-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\scroll-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\search-go.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\search.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\text-ellipsis.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\throbber.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\toolbarsplitter.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\transparent_1px.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_02.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_03.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_04.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_06.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_07.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_08.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_09.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_10.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_11.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_12.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_13.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_15.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_16.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_18.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_19.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_20.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\border_21.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\close-hot.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\close-normal.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\loadingMid.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\proxy.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\template.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\template.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\templateFF.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\uwa\throbber.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\icons\na-t.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lib\yahoo.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\lichen.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\logo-about.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\logo-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\logo-separator.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\logo.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\mail.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\maps.bmp
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\menuseparatorback.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\modify-save.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\modify.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\modifyhot.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\music.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\news.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\options\options-main.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\options\options-search.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\options\options-weather.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\options\options-weather.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\options\options-widgets.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\orange.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\pixsy.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\protect-id.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\radiobeta-buffering.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\radiobeta-connecting.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\radiobeta-playing.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\radiobeta-stopped.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\radiobeta.ico
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\relatedlinks.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rss-collapse.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rss-delete.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rss-expand.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rss-feed.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rss-folder-remove.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rss-folder-rename.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rss-folder.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rss-found.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rss-reload.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rss-subscribe.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rss.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rssback.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\rsstopback.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\search-over.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\search.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\search_button_over_png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\search_button_png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\searchbar\searchbar-background-left.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\searchbar\searchbar-background-right.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\settings.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\shopping.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\siteinfo.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\skin-bluelite.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\skin-bluesky.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\skin-grey.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\skin-lichen.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\skin-orange.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\skin-yellow.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\skin.xml
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\technorati.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\throbber.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\toolbarsplitter.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\translate.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\video.bmp
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\vmn.css
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\vmn.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\weather.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\web.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\widgets-square-16px.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\wikipedia.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\yahoosearch.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\yellow.gif
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\youtube.png
c:\progra~2\WI3C8A~1\ToolBar\chrome\skin\zoom.png
c:\progra~2\WI3C8A~1\ToolBar\manifest.xml
c:\progra~2\WI3C8A~1\ToolBar\searchquband.dll
c:\progra~2\WI3C8A~1\ToolBar\searchqudtx.dll
c:\progra~2\WI3C8A~1\ToolBar\uninstall.exe
c:\program files (x86)\Application Updater
c:\program files (x86)\Application Updater\ApplicationUpdater.exe
c:\program files (x86)\Application Updater\config.ini
c:\program files (x86)\Ask.com
c:\program files (x86)\Ask.com\assets\oobe\b.png
c:\program files (x86)\Ask.com\assets\oobe\bl.png
c:\program files (x86)\Ask.com\assets\oobe\br.png
c:\program files (x86)\Ask.com\assets\oobe\l.png
c:\program files (x86)\Ask.com\assets\oobe\pointer.png
c:\program files (x86)\Ask.com\assets\oobe\r.png
c:\program files (x86)\Ask.com\assets\oobe\t.png
c:\program files (x86)\Ask.com\assets\oobe\tl.png
c:\program files (x86)\Ask.com\assets\oobe\tr.png
c:\program files (x86)\Ask.com\cobrand.ico
c:\program files (x86)\Ask.com\config.xml
c:\program files (x86)\Ask.com\favicon.ico
c:\program files (x86)\Ask.com\fv_70f3.ico
c:\program files (x86)\Ask.com\GenericAskToolbar.dll
c:\program files (x86)\Ask.com\mupcfg.xml
c:\program files (x86)\Ask.com\SaUpdate.exe
c:\program files (x86)\Ask.com\UpdateTask.exe
c:\program files (x86)\BabylonToolbar\BabylonToolbar
c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx
c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarApp.dll
c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarEng.dll
c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\uninstall.exe
c:\program files (x86)\BitTorrentBar
c:\program files (x86)\BitTorrentBar\BitTorrentBarToolbarHelper.exe
c:\program files (x86)\BitTorrentBar\GottenAppsContextMenu.xml
c:\program files (x86)\BitTorrentBar\INSTALL.LOG
c:\program files (x86)\BitTorrentBar\OtherAppsContextMenu.xml
c:\program files (x86)\BitTorrentBar\SharedAppsContextMenu.xml
c:\program files (x86)\BitTorrentBar\tbBitT.dll
c:\program files (x86)\BitTorrentBar\toolbar.cfg
c:\program files (x86)\BitTorrentBar\ToolbarContextMenu.xml
c:\program files (x86)\BitTorrentBar\UNWISE.EXE
c:\program files (x86)\common files\spigot
c:\program files (x86)\common files\spigot\Search Settings\baidu_ff.xml
c:\program files (x86)\common files\spigot\Search Settings\baidu_ie.xml
c:\program files (x86)\common files\spigot\Search Settings\config.ini
c:\program files (x86)\common files\spigot\Search Settings\Lang\res1031.ini
c:\program files (x86)\common files\spigot\Search Settings\Lang\res1033.ini
c:\program files (x86)\common files\spigot\Search Settings\Lang\res1034.ini
c:\program files (x86)\common files\spigot\Search Settings\Lang\res1036.ini
c:\program files (x86)\common files\spigot\Search Settings\Lang\res1040.ini
c:\program files (x86)\common files\spigot\Search Settings\SearchSettings.exe
c:\program files (x86)\common files\spigot\Search Settings\yahoo_ff.xml
c:\program files (x86)\common files\spigot\Search Settings\yahoo_ie.xml
c:\program files (x86)\common files\spigot\Search Settings\yandex_ff.xml
c:\program files (x86)\common files\spigot\Search Settings\yandex_ie.xml
c:\program files (x86)\DAEMON Tools Toolbar
c:\program files (x86)\DAEMON Tools Toolbar\_DTLite.xml
c:\program files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
c:\program files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll
c:\program files (x86)\DAEMON Tools Toolbar\Resources\about.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\AboutWindow.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\accept.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\AddRadioStation.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ARA.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\as.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\as.png
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_audio.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_buy.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_download.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_feedback.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_forum.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_home.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_lite.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astroburn_site.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astroLite_16.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\az.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\AZE.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\b1.png
c:\program files (x86)\DAEMON Tools Toolbar\Resources\burn_files.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\burn_image.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\burn_imgs.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\BurnImage.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\buy.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\cal.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Config.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\d.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\d2.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\daemon_search.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\daemon_search_site.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\DEU.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dot_disabled.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dot_enabled.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dot_on_over.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\download.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ds.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dsearch.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt-home.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_about.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_buy.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_download.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_faq.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_feedback.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_forum.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_line.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_lite.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_manual.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_pro.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\DTPro.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dtt16.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dtt32.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Dwnl.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\emulation.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ENG.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\faq.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\favicon.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\fb.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\features.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\feedback.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\forum.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\FRA.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrix.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrixCristals.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrixDownload.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrixPlayOnline.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrixTop.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameS.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\games_search.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\games_search_SA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameSA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\gct16.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\gd.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\genre.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\globe.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GrabImage.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\hb.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\hb.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\help.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\hide.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\home.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\CHS.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\CHT.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\image_search.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\image_search_SA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ImageS.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ImageSA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ip.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ITA.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\JPN.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\KOR.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\lang.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\lingvo.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\m.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail_disable.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\manual.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\map.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\MenuRSCur.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\MenuTr.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mount.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mount_n_drive.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\next.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\next_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\next_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\next_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\none.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\none_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\op.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\pragma.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prev.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prev_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prev_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prev_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prod.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Radio.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioBg.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioBg.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDisp.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioE.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioG.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioL.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioLeft.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioLM.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioM.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioN.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioR.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioR.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioRM.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioRU.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioVolume.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioW.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rbcheck.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rbtxt.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\refresh.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\refresh_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\refresh_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\refresh_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Rss.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Rss1.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RssA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RssA1.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rssClose.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rssL.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rssOpen.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RssRefresh.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RUS.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\s2.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\show.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\size.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\size_lr.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\size_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\size_rl.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\skins.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\soft24.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\soft24_SA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\spt.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\style.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\SupportRequest.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\timer.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\TitleIcon.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\toolbar.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\trans.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\u.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\UKR.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\unmount-all.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_back.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_dott.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_mute.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_mute_check.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_under.bmp
Re: Facebook virus pls help - ntb
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtClose.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtText.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\web_resources.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\web_search.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\web_search_SA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\WebS.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\WebSa.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi0.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi1.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi10.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi11.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi12.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi13.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi14.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi2.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi3.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi4.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi5.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi6.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi7.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi8.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi9.ico
c:\program files (x86)\DAEMON Tools Toolbar\uninst.exe
c:\program files (x86)\IObit Toolbar
c:\program files (x86)\IObit Toolbar\IE\4.7\config.ini
c:\program files (x86)\IObit Toolbar\IE\4.7\iobitToolbarIE.dll
c:\program files (x86)\IObit Toolbar\Res\amazon.gif
c:\program files (x86)\IObit Toolbar\Res\btnClose.gif
c:\program files (x86)\IObit Toolbar\Res\btnMinimize.gif
c:\program files (x86)\IObit Toolbar\Res\ebay.gif
c:\program files (x86)\IObit Toolbar\Res\facebook.gif
c:\program files (x86)\IObit Toolbar\Res\googleplus.gif
c:\program files (x86)\IObit Toolbar\Res\icon_settings.gif
c:\program files (x86)\IObit Toolbar\Res\iobit_logo.gif
c:\program files (x86)\IObit Toolbar\Res\iobit_logo_hover.gif
c:\program files (x86)\IObit Toolbar\Res\Lang\res1031.ini
c:\program files (x86)\IObit Toolbar\Res\Lang\res1033.ini
c:\program files (x86)\IObit Toolbar\Res\Lang\res1034.ini
c:\program files (x86)\IObit Toolbar\Res\Lang\res1036.ini
c:\program files (x86)\IObit Toolbar\Res\Lang\res1040.ini
c:\program files (x86)\IObit Toolbar\Res\radiobeta.gif
c:\program files (x86)\IObit Toolbar\Res\search-button-hover.gif
c:\program files (x86)\IObit Toolbar\Res\search-button.gif
c:\program files (x86)\IObit Toolbar\Res\search-chevron-hover.gif
c:\program files (x86)\IObit Toolbar\Res\search-chevron.gif
c:\program files (x86)\IObit Toolbar\Res\search_amazon.gif
c:\program files (x86)\IObit Toolbar\Res\search_baidu.gif
c:\program files (x86)\IObit Toolbar\Res\search_ebay.gif
c:\program files (x86)\IObit Toolbar\Res\search_yahoo.gif
c:\program files (x86)\IObit Toolbar\Res\search_yandex.gif
c:\program files (x86)\IObit Toolbar\Res\security.gif
c:\program files (x86)\IObit Toolbar\Res\system.gif
c:\program files (x86)\IObit Toolbar\Res\twitter.gif
c:\program files (x86)\IObit Toolbar\Res\widgets.xml
c:\program files (x86)\IObit Toolbar\WidgiHelper.exe
c:\program files (x86)\IObit
c:\program files (x86)\IObit\Advanced SystemCare 4\DiskScan.log
c:\program files (x86)\IObit\Advanced SystemCare 4\checkinfo.txt
c:\program files (x86)\IObit\Advanced SystemCare 4\LatestNews\imagenews.png
c:\program files (x86)\IObit\Advanced SystemCare 4\LatestNews\LatestNews.ini
c:\program files (x86)\IObit\Advanced SystemCare 4\License.dat
c:\program files (x86)\IObit\Advanced SystemCare 4\services.ini
c:\program files (x86)\IObit\Advanced SystemCare 4\TBconfig.ini
c:\program files (x86)\IObit\Advanced SystemCare 4\Update\Update.Ini
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-14.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-15.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-16.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-17.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-18.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-19.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-20.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-21.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-22.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-23.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-24.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-26.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-27.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-28.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-29.log
c:\program files (x86)\IObit\Advanced SystemCare 5\BootTimeLog\Defrag2011-10-14(22-58-42).log
c:\program files (x86)\IObit\Advanced SystemCare 5\checkinfo.txt
c:\program files (x86)\IObit\Advanced SystemCare 5\LatestNews\imagenews.png
c:\program files (x86)\IObit\Advanced SystemCare 5\LatestNews\LatestNews.ini
c:\program files (x86)\IObit\Advanced SystemCare 5\NewAutoUpdate.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Scan.dll.temp
c:\program files (x86)\IObit\Advanced SystemCare 5\SecurityHole_Backup\KB976422.cab
c:\program files (x86)\IObit\Advanced SystemCare 5\SecurityHoleScan.log
c:\program files (x86)\IObit\Advanced SystemCare 5\sh.dat
c:\program files (x86)\IObit\Advanced SystemCare 5\Update\asc5-update.zlb
c:\program files (x86)\IObit\Advanced SystemCare 5\Update\Update.Ini
c:\program files (x86)\IObit\Advanced SystemCare 5\UpdateHelp.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\UpdateHistory.txt
c:\program files (x86)\IObit\Advanced SystemCare 5\WizardLog.log
c:\program files (x86)\IObit\Game Booster\AutoUpdate.exe
c:\program files (x86)\IObit\Game Booster\Boost.exe
c:\program files (x86)\IObit\Game Booster\GameBooster.exe
c:\program files (x86)\IObit\Game Booster\gbinit.exe
c:\program files (x86)\IObit\Game Booster\gbtray.exe
c:\program files (x86)\IObit\Game Booster\Language\Arabic.lng
c:\program files (x86)\IObit\Game Booster\Language\Catalan.lng
c:\program files (x86)\IObit\Game Booster\Language\Croatian.lng
c:\program files (x86)\IObit\Game Booster\Language\Czech.lng
c:\program files (x86)\IObit\Game Booster\Language\Dansk.lng
c:\program files (x86)\IObit\Game Booster\Language\Dutch.lng
c:\program files (x86)\IObit\Game Booster\Language\English.lng
c:\program files (x86)\IObit\Game Booster\Language\Finnish.lng
c:\program files (x86)\IObit\Game Booster\Language\French.lng
c:\program files (x86)\IObit\Game Booster\Language\German.lng
c:\program files (x86)\IObit\Game Booster\Language\Hungarian.lng
c:\program files (x86)\IObit\Game Booster\Language\ChineseSimp.lng
c:\program files (x86)\IObit\Game Booster\Language\ChineseTrad.lng
c:\program files (x86)\IObit\Game Booster\Language\Indonesian.lng
c:\program files (x86)\IObit\Game Booster\Language\Italian.lng
c:\program files (x86)\IObit\Game Booster\Language\Japanese.lng
c:\program files (x86)\IObit\Game Booster\Language\Korean.lng
c:\program files (x86)\IObit\Game Booster\Language\Polish.lng
c:\program files (x86)\IObit\Game Booster\Language\Portuguese(BRAZIL).lng
c:\program files (x86)\IObit\Game Booster\Language\Romanian.lng
c:\program files (x86)\IObit\Game Booster\Language\Russian.lng
c:\program files (x86)\IObit\Game Booster\Language\Slovenian.lng
c:\program files (x86)\IObit\Game Booster\Language\Spanish.lng
c:\program files (x86)\IObit\Game Booster\Language\Swedish.lng
c:\program files (x86)\IObit\Game Booster\Language\Turkish.lng
c:\program files (x86)\IObit\Game Booster\LatestNews\LatestNews.ini
c:\program files (x86)\IObit\Game Booster\license.dat
c:\program files (x86)\IObit\Game Booster\PowerConfig.dll
c:\program files (x86)\IObit\Game Booster\rtl120.bpl
c:\program files (x86)\IObit\Game Booster\sqlite3.dll
c:\program files (x86)\IObit\Game Booster\taskMgr.dll
c:\program files (x86)\IObit\Game Booster\TaskSchedule.exe
c:\program files (x86)\IObit\Game Booster\unins000.dat
c:\program files (x86)\IObit\Game Booster\unins000.exe
c:\program files (x86)\IObit\Game Booster\unins000.msg
c:\program files (x86)\IObit\Game Booster\Update\Update.Ini
c:\program files (x86)\IObit\Game Booster\vcl120.bpl
c:\program files (x86)\IObit\Game Booster\vclx120.bpl
c:\program files (x86)\IObit\IObit Malware Fighter\BlueBirdInit.exe
c:\program files (x86)\IObit\IObit Malware Fighter\datastate.dll
c:\program files (x86)\IObit\IObit Malware Fighter\db\core000.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core001.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core002.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core003.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core004.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core005.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core006.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core007.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core008.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core009.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core010.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core011.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core012.def
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_ia64\FileMonitor.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_ia64\RegFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_ia64\UrlFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_amd64\FileMonitor.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_amd64\RegFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_amd64\UrlFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_ia64\FileMonitor.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_ia64\RegFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_ia64\UrlFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_x86\RegFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_x86\UrlFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wnet_amd64\FileMonitor.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wnet_amd64\RegFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wnet_amd64\UrlFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wnet_ia64\FileMonitor.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wnet_ia64\RegFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wnet_ia64\UrlFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wnet_x86\FileMonitor.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wnet_x86\RegFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wnet_x86\UrlFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wxp_ia64\UrlFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\EULA.rtf
c:\program files (x86)\IObit\IObit Malware Fighter\FileMonitor.dll
c:\program files (x86)\IObit\IObit Malware Fighter\help\help.html
c:\program files (x86)\IObit\IObit Malware Fighter\help\img\cloud.png
c:\program files (x86)\IObit\IObit Malware Fighter\help\img\main-cloud.png
c:\program files (x86)\IObit\IObit Malware Fighter\help\img\main-free.png
c:\program files (x86)\IObit\IObit Malware Fighter\help\img\main-pro.png
c:\program files (x86)\IObit\IObit Malware Fighter\help\img\main-protect.png
c:\program files (x86)\IObit\IObit Malware Fighter\help\img\main-scan.png
c:\program files (x86)\IObit\IObit Malware Fighter\help\img\overview.png
c:\program files (x86)\IObit\IObit Malware Fighter\help\img\protect.png
c:\program files (x86)\IObit\IObit Malware Fighter\help\img\scan.png
c:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe
c:\program files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll
c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
c:\program files (x86)\IObit\IObit Malware Fighter\IMFUpdater.exe
c:\program files (x86)\IObit\IObit Malware Fighter\IntegrateFilter.dll
c:\program files (x86)\IObit\IObit Malware Fighter\IObitUninstal.exe
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Arabic.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Czech.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\English.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\French.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\German.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Hungarian.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\ChineseSimp.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\ChineseTrad.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Italian.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Japanese.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Korean.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Latvian.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Polish.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Portuguese(PT-BR).lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Russian.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Serbian.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Spanish.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Swedish.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Turkish.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Vietnamese.lng
c:\program files (x86)\IObit\IObit Malware Fighter\license.dat
c:\program files (x86)\IObit\IObit Malware Fighter\Quarantine Zone\info.db
c:\program files (x86)\IObit\IObit Malware Fighter\RegFilter.dll
c:\program files (x86)\IObit\IObit Malware Fighter\rtl120.bpl
c:\program files (x86)\IObit\IObit Malware Fighter\Scan.dll
c:\program files (x86)\IObit\IObit Malware Fighter\StartMenu.exe
c:\program files (x86)\IObit\IObit Malware Fighter\taskmgr.dll
c:\program files (x86)\IObit\IObit Malware Fighter\TaskSchedule.exe
c:\program files (x86)\IObit\IObit Malware Fighter\unins000.dat
c:\program files (x86)\IObit\IObit Malware Fighter\unins000.exe
c:\program files (x86)\IObit\IObit Malware Fighter\unins000.msg
c:\program files (x86)\IObit\IObit Malware Fighter\unrar.dll
c:\program files (x86)\IObit\IObit Malware Fighter\URLFilter.dll
c:\program files (x86)\IObit\IObit Malware Fighter\vcl120.bpl
c:\program files (x86)\IObit\IObit Malware Fighter\vclx120.bpl
c:\program files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
c:\program files (x86)\IObit\Smart Defrag 2\LatestNews\LatestNews.ini
c:\program files (x86)\YouTube Downloader Toolbar
c:\program files (x86)\YouTube Downloader Toolbar\IE\4.7\config.ini
c:\program files (x86)\YouTube Downloader Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll
c:\program files (x86)\YouTube Downloader Toolbar\Res\amazon.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\btnClose.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\btnMinimize.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\dailymotion.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\ebay.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\facebook.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\googleplus.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\hulu.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\icon_settings.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\Lang\res1031.ini
c:\program files (x86)\YouTube Downloader Toolbar\Res\Lang\res1033.ini
c:\program files (x86)\YouTube Downloader Toolbar\Res\Lang\res1034.ini
c:\program files (x86)\YouTube Downloader Toolbar\Res\Lang\res1036.ini
c:\program files (x86)\YouTube Downloader Toolbar\Res\Lang\res1040.ini
c:\program files (x86)\YouTube Downloader Toolbar\Res\metacafe.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\radiobeta.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\search-button-hover.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\search-button.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\search-chevron-hover.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\search-chevron.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\search_amazon.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\search_baidu.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\search_ebay.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\search_yahoo.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\search_yandex.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\search_youtube.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\twitter.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\veoh.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\widgets.xml
c:\program files (x86)\YouTube Downloader Toolbar\Res\youtube.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\ytd.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\ytd_logo.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\ytd_logo_hover.gif
c:\program files (x86)\YouTube Downloader Toolbar\WidgiHelper.exe
c:\users\J3ck3sss\AppData\Local\Temp\e3c74ee6-7482-4280-b9c3-f233b390296e\CliSecureRT.dll
c:\windows\av_ico
c:\windows\av_ico\ico_avira_start.ico
c:\windows\av_ico\ico_defender_start.ico
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3427954366-3406222959-2106377572-1000Core.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3427954366-3406222959-2106377572-1000UA.job
c:\windows\unrar.exe
c:\windows\update.tray-12-0-lnk
c:\windows\update.tray-12-0-lnk\svchost.exe
c:\windows\update.tray-12-0
c:\windows\update.tray-12-0\svchost.exe
c:\windows\update.tray-15-0-lnk
c:\windows\update.tray-15-0-lnk\svchost.exe
c:\windows\update.tray-15-0
c:\windows\update.tray-15-0\svchost.exe
c:\windows\update.tray-8-0-lnk
c:\windows\update.tray-8-0-lnk\svchost.exe
c:\windows\update.tray-8-0
c:\windows\update.tray-8-0\svchost.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Application Updater
-------\Service_IMFservice
-------\Service_IMFservice
.
.
((((((((((((((((((((((((( Files Created from 2011-09-28 to 2011-10-29 )))))))))))))))))))))))))))))))
.
.
2011-10-29 09:56 . 2011-10-29 09:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-28 20:09 . 2011-10-28 20:09 -------- d-----w- C:\rsit
2011-10-28 20:09 . 2011-10-28 20:09 -------- d-----w- c:\program files\trend micro
2011-10-28 19:59 . 2011-09-18 06:39 130760 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-10-28 19:59 . 2011-09-15 21:55 97312 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-28 19:59 . 2011-09-15 21:55 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2011-10-26 16:51 . 2011-08-15 05:08 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-26 16:51 . 2011-08-15 04:25 6144 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2011-10-23 18:26 . 2011-10-23 18:27 -------- d-----w- c:\program files (x86)\EAGLE-5.4.0
2011-10-23 18:26 . 2011-10-23 18:26 -------- d-----w- c:\users\J3ck3sss\AppData\Roaming\CadSoft
2011-10-21 19:56 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2011-10-21 19:55 . 2011-10-21 19:55 -------- d-----w- c:\program files (x86)\Microsoft Expression
2011-10-21 19:55 . 2011-10-21 19:55 -------- d-----w- c:\program files (x86)\WPF Toolkit
2011-10-21 19:51 . 2011-10-21 19:51 -------- d-----w- c:\program files (x86)\Microsoft XNA
2011-10-21 19:50 . 2011-10-21 19:50 192768 ----a-w- c:\programdata\Microsoft\VPDExpress\10.0\1033\ResourceCache.dll
2011-10-21 19:40 . 2011-10-21 19:49 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 10.0
2011-10-21 19:39 . 2011-10-21 19:39 -------- d-----w- c:\program files (x86)\Microsoft XDE
2011-10-21 19:38 . 2011-10-21 19:38 -------- d-----w- c:\windows\symbols
2011-10-21 19:38 . 2011-10-21 19:38 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2011-10-21 19:38 . 2011-10-21 19:55 -------- d-----w- c:\program files (x86)\Microsoft SDKs
2011-10-21 19:38 . 2011-10-21 19:38 -------- d-----w- c:\program files\Microsoft Help Viewer
2011-10-16 13:29 . 2011-10-16 13:39 -------- d-----w- c:\users\J3ck3sss\AppData\Local\Ried.cl
2011-10-16 13:23 . 2011-10-16 13:23 -------- d-----w- c:\program files (x86)\Phone7Market
2011-10-16 09:49 . 2011-10-16 09:50 -------- d-----w- c:\windows\system32\ms-MY
2011-10-14 20:55 . 2011-10-14 20:55 14336 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2011-10-14 20:54 . 2011-09-09 15:35 22872 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2011-10-12 19:03 . 2011-09-06 03:07 3134976 ----a-w- c:\windows\system32\win32k.sys
2011-10-12 18:54 . 2011-08-17 05:32 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-11 15:44 . 2011-10-11 16:02 -------- d-----w- c:\program files (x86)\Counter-Strike Source
2011-10-11 12:38 . 2003-09-03 00:28 724992 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2011-10-11 12:38 . 2003-09-03 00:27 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2011-10-11 12:38 . 2003-09-03 00:26 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2011-10-11 12:38 . 2003-09-03 00:26 192512 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2011-10-11 12:38 . 2003-09-03 00:25 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2011-10-11 12:38 . 2003-09-03 00:23 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2011-10-11 12:38 . 2011-10-11 12:38 311428 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2011-10-11 12:38 . 2011-10-11 12:38 184452 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-15 15:04 . 2011-09-15 15:04 8024 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\10.0\SDKFilesVer.dll
2011-09-15 15:04 . 2011-09-15 15:04 8024 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\10.0\addons\NonSDKAddonVer.dll
2011-09-15 15:04 . 2011-09-15 15:04 8024 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\10.0\1033\NonSDKAddonLangVer.dll
2011-09-15 15:04 . 2011-09-15 15:04 8016 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\10.0\addons\WPSDKVer.dll
2011-09-15 13:38 . 2011-09-15 13:38 81744 ----a-w- c:\windows\SysWow64\mfcm100u.dll
2011-09-15 13:38 . 2011-09-15 13:38 81744 ----a-w- c:\windows\SysWow64\mfcm100.dll
2011-09-15 13:38 . 2011-09-15 13:38 773968 ----a-w- c:\windows\SysWow64\msvcr100.dll
2011-09-15 13:38 . 2011-09-15 13:38 4422992 ----a-w- c:\windows\SysWow64\mfc100u.dll
2011-09-15 13:38 . 2011-09-15 13:38 4397384 ----a-w- c:\windows\SysWow64\mfc100.dll
2011-09-15 13:38 . 2011-09-15 13:38 421200 ----a-w- c:\windows\SysWow64\msvcp100.dll
2011-09-15 13:38 . 2011-09-15 13:38 138056 ----a-w- c:\windows\SysWow64\atl100.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-29_09.03.47 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-10-29 09:58 . 2011-10-29 09:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-10-29 09:02 . 2011-10-29 09:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-10-29 09:02 . 2011-10-29 09:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-10-29 09:58 . 2011-10-29 09:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 05:01 . 2011-10-29 09:57 482128 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-10-29 09:01 482128 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-01-31 13:18 . 2011-10-29 09:57 6941552 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3427954366-3406222959-2106377572-1000-8192.dat
- 2011-01-31 13:18 . 2011-10-28 18:12 6941552 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3427954366-3406222959-2106377572-1000-8192.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-10 98304]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2009-05-19 136544]
"DivXUpdate"="c:\program files (x86)\divx\divx update\divxupdate.exe" [2011-07-28 1259376]
"Adobe ARM"="c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe" [2011-06-06 937920]
"DivX Download Manager"="c:\program files (x86)\divx\divx plus web player\ddmservice.exe" [2011-02-08 63360]
"LManager"="c:\program files (x86)\launch manager\lmanager.exe" [2010-01-22 1287760]
"IAStorIcon"="c:\program files (x86)\intel\intel(r) rapid storage technology\iastoricon.exe" [2009-12-23 284696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
T-Mobile Communication Center.lnk - c:\program files (x86)\T-Mobile Communication Center\TMCC.exe [2010-9-24 761856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\WI3C8A~1\Datamngr\datamngr.dll c:\progra~2\WI3C8A~1\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
R2 AVGIDSAgent;AVGIDSAgent; [x]
R2 avgwd;AVG WatchDog; [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service; [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2009-12-30 23592]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-01-22 310352]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-01-18 842784]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-23 13336]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-09 2320920]
S2 WMCoreService;Mobile Broadband Core Service;c:\program files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe servicemode [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 k57nd;Broadcom NetLink Gigabit Ethernet;c:\windows\system32\DRIVERS\k57amd64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-10-19 2185032]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
"CanonSolutionMenu"="c:\program files (x86)\canon\solutionmenu\cnslmain.exe" [2009-09-04 767312]
"AtherosBtStack"="c:\program files (x86)\bluetooth suite\btvstack.exe" [2009-12-30 393256]
"Acer ePower Management"="c:\program files\acer\acer epower management\epowertray.exe" [2010-01-18 832544]
"combofix"="c:\combofix\CF5883.3XE" [2009-07-14 344576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\WI3C8A~1\Datamngr\x64\datamngr.dll c:\progra~2\WI3C8A~1\Datamngr\x64\IEBHO.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Download Using &BitSpirit - c:\program files (x86)\BitSpirit\bsurl.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.254 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-SearchSettings - c:\program files (x86)\common files\spigot\search settings\searchsettings.exe
Wow6432Node-HKLM-Run-BabylonToolbar - c:\program files (x86)\babylontoolbar\babylontoolbar\1.4.19.19\babylontoolbarsrv.exe
SafeBoot-IMFservice
HKLM-Run-SynTPEnh - c:\program files (x86)\synaptics\syntp\syntpenh.exe
AddRemove-BabylonToolbar - c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\uninstall.exe
AddRemove-BitTorrentBar Toolbar - c:\progra~2\BITTOR~2\UNWISE.EXE
AddRemove-DAEMON Tools Toolbar - c:\program files (x86)\DAEMON Tools Toolbar\uninst.exe
AddRemove-Game Booster_is1 - c:\program files (x86)\IObit\Game Booster\unins000.exe
AddRemove-IObit Malware Fighter_is1 - c:\program files (x86)\IObit\IObit Malware Fighter\unins000.exe
.
.
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
c:\program files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
c:\program files (x86)\Launch Manager\LMworker.exe
.
**************************************************************************
.
Completion time: 2011-10-29 12:07:11 - machine was rebooted
ComboFix-quarantined-files.txt 2011-10-29 10:07
ComboFix2.txt 2011-10-29 09:11
.
Pre-Run: 161 905 926 144 bytes free
Post-Run: 161 631 318 016 bytes free
.
- - End Of File - - 37EF84D8FE1054417B0C93154A585E4C
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtText.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\web_resources.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\web_search.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\web_search_SA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\WebS.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\WebSa.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi0.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi1.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi10.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi11.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi12.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi13.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi14.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi2.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi3.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi4.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi5.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi6.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi7.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi8.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi9.ico
c:\program files (x86)\DAEMON Tools Toolbar\uninst.exe
c:\program files (x86)\IObit Toolbar
c:\program files (x86)\IObit Toolbar\IE\4.7\config.ini
c:\program files (x86)\IObit Toolbar\IE\4.7\iobitToolbarIE.dll
c:\program files (x86)\IObit Toolbar\Res\amazon.gif
c:\program files (x86)\IObit Toolbar\Res\btnClose.gif
c:\program files (x86)\IObit Toolbar\Res\btnMinimize.gif
c:\program files (x86)\IObit Toolbar\Res\ebay.gif
c:\program files (x86)\IObit Toolbar\Res\facebook.gif
c:\program files (x86)\IObit Toolbar\Res\googleplus.gif
c:\program files (x86)\IObit Toolbar\Res\icon_settings.gif
c:\program files (x86)\IObit Toolbar\Res\iobit_logo.gif
c:\program files (x86)\IObit Toolbar\Res\iobit_logo_hover.gif
c:\program files (x86)\IObit Toolbar\Res\Lang\res1031.ini
c:\program files (x86)\IObit Toolbar\Res\Lang\res1033.ini
c:\program files (x86)\IObit Toolbar\Res\Lang\res1034.ini
c:\program files (x86)\IObit Toolbar\Res\Lang\res1036.ini
c:\program files (x86)\IObit Toolbar\Res\Lang\res1040.ini
c:\program files (x86)\IObit Toolbar\Res\radiobeta.gif
c:\program files (x86)\IObit Toolbar\Res\search-button-hover.gif
c:\program files (x86)\IObit Toolbar\Res\search-button.gif
c:\program files (x86)\IObit Toolbar\Res\search-chevron-hover.gif
c:\program files (x86)\IObit Toolbar\Res\search-chevron.gif
c:\program files (x86)\IObit Toolbar\Res\search_amazon.gif
c:\program files (x86)\IObit Toolbar\Res\search_baidu.gif
c:\program files (x86)\IObit Toolbar\Res\search_ebay.gif
c:\program files (x86)\IObit Toolbar\Res\search_yahoo.gif
c:\program files (x86)\IObit Toolbar\Res\search_yandex.gif
c:\program files (x86)\IObit Toolbar\Res\security.gif
c:\program files (x86)\IObit Toolbar\Res\system.gif
c:\program files (x86)\IObit Toolbar\Res\twitter.gif
c:\program files (x86)\IObit Toolbar\Res\widgets.xml
c:\program files (x86)\IObit Toolbar\WidgiHelper.exe
c:\program files (x86)\IObit
c:\program files (x86)\IObit\Advanced SystemCare 4\DiskScan.log
c:\program files (x86)\IObit\Advanced SystemCare 4\checkinfo.txt
c:\program files (x86)\IObit\Advanced SystemCare 4\LatestNews\imagenews.png
c:\program files (x86)\IObit\Advanced SystemCare 4\LatestNews\LatestNews.ini
c:\program files (x86)\IObit\Advanced SystemCare 4\License.dat
c:\program files (x86)\IObit\Advanced SystemCare 4\services.ini
c:\program files (x86)\IObit\Advanced SystemCare 4\TBconfig.ini
c:\program files (x86)\IObit\Advanced SystemCare 4\Update\Update.Ini
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-14.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-15.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-16.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-17.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-18.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-19.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-20.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-21.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-22.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-23.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-24.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-26.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-27.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-28.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2011-10-29.log
c:\program files (x86)\IObit\Advanced SystemCare 5\BootTimeLog\Defrag2011-10-14(22-58-42).log
c:\program files (x86)\IObit\Advanced SystemCare 5\checkinfo.txt
c:\program files (x86)\IObit\Advanced SystemCare 5\LatestNews\imagenews.png
c:\program files (x86)\IObit\Advanced SystemCare 5\LatestNews\LatestNews.ini
c:\program files (x86)\IObit\Advanced SystemCare 5\NewAutoUpdate.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Scan.dll.temp
c:\program files (x86)\IObit\Advanced SystemCare 5\SecurityHole_Backup\KB976422.cab
c:\program files (x86)\IObit\Advanced SystemCare 5\SecurityHoleScan.log
c:\program files (x86)\IObit\Advanced SystemCare 5\sh.dat
c:\program files (x86)\IObit\Advanced SystemCare 5\Update\asc5-update.zlb
c:\program files (x86)\IObit\Advanced SystemCare 5\Update\Update.Ini
c:\program files (x86)\IObit\Advanced SystemCare 5\UpdateHelp.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\UpdateHistory.txt
c:\program files (x86)\IObit\Advanced SystemCare 5\WizardLog.log
c:\program files (x86)\IObit\Game Booster\AutoUpdate.exe
c:\program files (x86)\IObit\Game Booster\Boost.exe
c:\program files (x86)\IObit\Game Booster\GameBooster.exe
c:\program files (x86)\IObit\Game Booster\gbinit.exe
c:\program files (x86)\IObit\Game Booster\gbtray.exe
c:\program files (x86)\IObit\Game Booster\Language\Arabic.lng
c:\program files (x86)\IObit\Game Booster\Language\Catalan.lng
c:\program files (x86)\IObit\Game Booster\Language\Croatian.lng
c:\program files (x86)\IObit\Game Booster\Language\Czech.lng
c:\program files (x86)\IObit\Game Booster\Language\Dansk.lng
c:\program files (x86)\IObit\Game Booster\Language\Dutch.lng
c:\program files (x86)\IObit\Game Booster\Language\English.lng
c:\program files (x86)\IObit\Game Booster\Language\Finnish.lng
c:\program files (x86)\IObit\Game Booster\Language\French.lng
c:\program files (x86)\IObit\Game Booster\Language\German.lng
c:\program files (x86)\IObit\Game Booster\Language\Hungarian.lng
c:\program files (x86)\IObit\Game Booster\Language\ChineseSimp.lng
c:\program files (x86)\IObit\Game Booster\Language\ChineseTrad.lng
c:\program files (x86)\IObit\Game Booster\Language\Indonesian.lng
c:\program files (x86)\IObit\Game Booster\Language\Italian.lng
c:\program files (x86)\IObit\Game Booster\Language\Japanese.lng
c:\program files (x86)\IObit\Game Booster\Language\Korean.lng
c:\program files (x86)\IObit\Game Booster\Language\Polish.lng
c:\program files (x86)\IObit\Game Booster\Language\Portuguese(BRAZIL).lng
c:\program files (x86)\IObit\Game Booster\Language\Romanian.lng
c:\program files (x86)\IObit\Game Booster\Language\Russian.lng
c:\program files (x86)\IObit\Game Booster\Language\Slovenian.lng
c:\program files (x86)\IObit\Game Booster\Language\Spanish.lng
c:\program files (x86)\IObit\Game Booster\Language\Swedish.lng
c:\program files (x86)\IObit\Game Booster\Language\Turkish.lng
c:\program files (x86)\IObit\Game Booster\LatestNews\LatestNews.ini
c:\program files (x86)\IObit\Game Booster\license.dat
c:\program files (x86)\IObit\Game Booster\PowerConfig.dll
c:\program files (x86)\IObit\Game Booster\rtl120.bpl
c:\program files (x86)\IObit\Game Booster\sqlite3.dll
c:\program files (x86)\IObit\Game Booster\taskMgr.dll
c:\program files (x86)\IObit\Game Booster\TaskSchedule.exe
c:\program files (x86)\IObit\Game Booster\unins000.dat
c:\program files (x86)\IObit\Game Booster\unins000.exe
c:\program files (x86)\IObit\Game Booster\unins000.msg
c:\program files (x86)\IObit\Game Booster\Update\Update.Ini
c:\program files (x86)\IObit\Game Booster\vcl120.bpl
c:\program files (x86)\IObit\Game Booster\vclx120.bpl
c:\program files (x86)\IObit\IObit Malware Fighter\BlueBirdInit.exe
c:\program files (x86)\IObit\IObit Malware Fighter\datastate.dll
c:\program files (x86)\IObit\IObit Malware Fighter\db\core000.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core001.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core002.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core003.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core004.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core005.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core006.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core007.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core008.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core009.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core010.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core011.def
c:\program files (x86)\IObit\IObit Malware Fighter\db\core012.def
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_ia64\FileMonitor.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_ia64\RegFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_ia64\UrlFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_amd64\FileMonitor.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_amd64\RegFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_amd64\UrlFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_ia64\FileMonitor.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_ia64\RegFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_ia64\UrlFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_x86\RegFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_x86\UrlFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wnet_amd64\FileMonitor.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wnet_amd64\RegFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wnet_amd64\UrlFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wnet_ia64\FileMonitor.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wnet_ia64\RegFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wnet_ia64\UrlFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wnet_x86\FileMonitor.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wnet_x86\RegFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wnet_x86\UrlFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wxp_ia64\UrlFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys
c:\program files (x86)\IObit\IObit Malware Fighter\EULA.rtf
c:\program files (x86)\IObit\IObit Malware Fighter\FileMonitor.dll
c:\program files (x86)\IObit\IObit Malware Fighter\help\help.html
c:\program files (x86)\IObit\IObit Malware Fighter\help\img\cloud.png
c:\program files (x86)\IObit\IObit Malware Fighter\help\img\main-cloud.png
c:\program files (x86)\IObit\IObit Malware Fighter\help\img\main-free.png
c:\program files (x86)\IObit\IObit Malware Fighter\help\img\main-pro.png
c:\program files (x86)\IObit\IObit Malware Fighter\help\img\main-protect.png
c:\program files (x86)\IObit\IObit Malware Fighter\help\img\main-scan.png
c:\program files (x86)\IObit\IObit Malware Fighter\help\img\overview.png
c:\program files (x86)\IObit\IObit Malware Fighter\help\img\protect.png
c:\program files (x86)\IObit\IObit Malware Fighter\help\img\scan.png
c:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe
c:\program files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll
c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
c:\program files (x86)\IObit\IObit Malware Fighter\IMFUpdater.exe
c:\program files (x86)\IObit\IObit Malware Fighter\IntegrateFilter.dll
c:\program files (x86)\IObit\IObit Malware Fighter\IObitUninstal.exe
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Arabic.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Czech.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\English.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\French.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\German.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Hungarian.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\ChineseSimp.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\ChineseTrad.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Italian.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Japanese.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Korean.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Latvian.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Polish.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Portuguese(PT-BR).lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Russian.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Serbian.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Spanish.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Swedish.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Turkish.lng
c:\program files (x86)\IObit\IObit Malware Fighter\Language\Vietnamese.lng
c:\program files (x86)\IObit\IObit Malware Fighter\license.dat
c:\program files (x86)\IObit\IObit Malware Fighter\Quarantine Zone\info.db
c:\program files (x86)\IObit\IObit Malware Fighter\RegFilter.dll
c:\program files (x86)\IObit\IObit Malware Fighter\rtl120.bpl
c:\program files (x86)\IObit\IObit Malware Fighter\Scan.dll
c:\program files (x86)\IObit\IObit Malware Fighter\StartMenu.exe
c:\program files (x86)\IObit\IObit Malware Fighter\taskmgr.dll
c:\program files (x86)\IObit\IObit Malware Fighter\TaskSchedule.exe
c:\program files (x86)\IObit\IObit Malware Fighter\unins000.dat
c:\program files (x86)\IObit\IObit Malware Fighter\unins000.exe
c:\program files (x86)\IObit\IObit Malware Fighter\unins000.msg
c:\program files (x86)\IObit\IObit Malware Fighter\unrar.dll
c:\program files (x86)\IObit\IObit Malware Fighter\URLFilter.dll
c:\program files (x86)\IObit\IObit Malware Fighter\vcl120.bpl
c:\program files (x86)\IObit\IObit Malware Fighter\vclx120.bpl
c:\program files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
c:\program files (x86)\IObit\Smart Defrag 2\LatestNews\LatestNews.ini
c:\program files (x86)\YouTube Downloader Toolbar
c:\program files (x86)\YouTube Downloader Toolbar\IE\4.7\config.ini
c:\program files (x86)\YouTube Downloader Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll
c:\program files (x86)\YouTube Downloader Toolbar\Res\amazon.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\btnClose.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\btnMinimize.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\dailymotion.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\ebay.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\facebook.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\googleplus.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\hulu.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\icon_settings.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\Lang\res1031.ini
c:\program files (x86)\YouTube Downloader Toolbar\Res\Lang\res1033.ini
c:\program files (x86)\YouTube Downloader Toolbar\Res\Lang\res1034.ini
c:\program files (x86)\YouTube Downloader Toolbar\Res\Lang\res1036.ini
c:\program files (x86)\YouTube Downloader Toolbar\Res\Lang\res1040.ini
c:\program files (x86)\YouTube Downloader Toolbar\Res\metacafe.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\radiobeta.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\search-button-hover.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\search-button.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\search-chevron-hover.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\search-chevron.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\search_amazon.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\search_baidu.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\search_ebay.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\search_yahoo.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\search_yandex.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\search_youtube.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\twitter.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\veoh.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\widgets.xml
c:\program files (x86)\YouTube Downloader Toolbar\Res\youtube.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\ytd.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\ytd_logo.gif
c:\program files (x86)\YouTube Downloader Toolbar\Res\ytd_logo_hover.gif
c:\program files (x86)\YouTube Downloader Toolbar\WidgiHelper.exe
c:\users\J3ck3sss\AppData\Local\Temp\e3c74ee6-7482-4280-b9c3-f233b390296e\CliSecureRT.dll
c:\windows\av_ico
c:\windows\av_ico\ico_avira_start.ico
c:\windows\av_ico\ico_defender_start.ico
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3427954366-3406222959-2106377572-1000Core.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3427954366-3406222959-2106377572-1000UA.job
c:\windows\unrar.exe
c:\windows\update.tray-12-0-lnk
c:\windows\update.tray-12-0-lnk\svchost.exe
c:\windows\update.tray-12-0
c:\windows\update.tray-12-0\svchost.exe
c:\windows\update.tray-15-0-lnk
c:\windows\update.tray-15-0-lnk\svchost.exe
c:\windows\update.tray-15-0
c:\windows\update.tray-15-0\svchost.exe
c:\windows\update.tray-8-0-lnk
c:\windows\update.tray-8-0-lnk\svchost.exe
c:\windows\update.tray-8-0
c:\windows\update.tray-8-0\svchost.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Application Updater
-------\Service_IMFservice
-------\Service_IMFservice
.
.
((((((((((((((((((((((((( Files Created from 2011-09-28 to 2011-10-29 )))))))))))))))))))))))))))))))
.
.
2011-10-29 09:56 . 2011-10-29 09:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-28 20:09 . 2011-10-28 20:09 -------- d-----w- C:\rsit
2011-10-28 20:09 . 2011-10-28 20:09 -------- d-----w- c:\program files\trend micro
2011-10-28 19:59 . 2011-09-18 06:39 130760 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-10-28 19:59 . 2011-09-15 21:55 97312 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-28 19:59 . 2011-09-15 21:55 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2011-10-26 16:51 . 2011-08-15 05:08 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-26 16:51 . 2011-08-15 04:25 6144 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2011-10-23 18:26 . 2011-10-23 18:27 -------- d-----w- c:\program files (x86)\EAGLE-5.4.0
2011-10-23 18:26 . 2011-10-23 18:26 -------- d-----w- c:\users\J3ck3sss\AppData\Roaming\CadSoft
2011-10-21 19:56 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2011-10-21 19:55 . 2011-10-21 19:55 -------- d-----w- c:\program files (x86)\Microsoft Expression
2011-10-21 19:55 . 2011-10-21 19:55 -------- d-----w- c:\program files (x86)\WPF Toolkit
2011-10-21 19:51 . 2011-10-21 19:51 -------- d-----w- c:\program files (x86)\Microsoft XNA
2011-10-21 19:50 . 2011-10-21 19:50 192768 ----a-w- c:\programdata\Microsoft\VPDExpress\10.0\1033\ResourceCache.dll
2011-10-21 19:40 . 2011-10-21 19:49 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 10.0
2011-10-21 19:39 . 2011-10-21 19:39 -------- d-----w- c:\program files (x86)\Microsoft XDE
2011-10-21 19:38 . 2011-10-21 19:38 -------- d-----w- c:\windows\symbols
2011-10-21 19:38 . 2011-10-21 19:38 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2011-10-21 19:38 . 2011-10-21 19:55 -------- d-----w- c:\program files (x86)\Microsoft SDKs
2011-10-21 19:38 . 2011-10-21 19:38 -------- d-----w- c:\program files\Microsoft Help Viewer
2011-10-16 13:29 . 2011-10-16 13:39 -------- d-----w- c:\users\J3ck3sss\AppData\Local\Ried.cl
2011-10-16 13:23 . 2011-10-16 13:23 -------- d-----w- c:\program files (x86)\Phone7Market
2011-10-16 09:49 . 2011-10-16 09:50 -------- d-----w- c:\windows\system32\ms-MY
2011-10-14 20:55 . 2011-10-14 20:55 14336 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2011-10-14 20:54 . 2011-09-09 15:35 22872 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2011-10-12 19:03 . 2011-09-06 03:07 3134976 ----a-w- c:\windows\system32\win32k.sys
2011-10-12 18:54 . 2011-08-17 05:32 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-11 15:44 . 2011-10-11 16:02 -------- d-----w- c:\program files (x86)\Counter-Strike Source
2011-10-11 12:38 . 2003-09-03 00:28 724992 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2011-10-11 12:38 . 2003-09-03 00:27 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2011-10-11 12:38 . 2003-09-03 00:26 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2011-10-11 12:38 . 2003-09-03 00:26 192512 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2011-10-11 12:38 . 2003-09-03 00:25 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2011-10-11 12:38 . 2003-09-03 00:23 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2011-10-11 12:38 . 2011-10-11 12:38 311428 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2011-10-11 12:38 . 2011-10-11 12:38 184452 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-15 15:04 . 2011-09-15 15:04 8024 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\10.0\SDKFilesVer.dll
2011-09-15 15:04 . 2011-09-15 15:04 8024 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\10.0\addons\NonSDKAddonVer.dll
2011-09-15 15:04 . 2011-09-15 15:04 8024 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\10.0\1033\NonSDKAddonLangVer.dll
2011-09-15 15:04 . 2011-09-15 15:04 8016 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\10.0\addons\WPSDKVer.dll
2011-09-15 13:38 . 2011-09-15 13:38 81744 ----a-w- c:\windows\SysWow64\mfcm100u.dll
2011-09-15 13:38 . 2011-09-15 13:38 81744 ----a-w- c:\windows\SysWow64\mfcm100.dll
2011-09-15 13:38 . 2011-09-15 13:38 773968 ----a-w- c:\windows\SysWow64\msvcr100.dll
2011-09-15 13:38 . 2011-09-15 13:38 4422992 ----a-w- c:\windows\SysWow64\mfc100u.dll
2011-09-15 13:38 . 2011-09-15 13:38 4397384 ----a-w- c:\windows\SysWow64\mfc100.dll
2011-09-15 13:38 . 2011-09-15 13:38 421200 ----a-w- c:\windows\SysWow64\msvcp100.dll
2011-09-15 13:38 . 2011-09-15 13:38 138056 ----a-w- c:\windows\SysWow64\atl100.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-29_09.03.47 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-10-29 09:58 . 2011-10-29 09:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-10-29 09:02 . 2011-10-29 09:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-10-29 09:02 . 2011-10-29 09:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-10-29 09:58 . 2011-10-29 09:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 05:01 . 2011-10-29 09:57 482128 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-10-29 09:01 482128 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-01-31 13:18 . 2011-10-29 09:57 6941552 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3427954366-3406222959-2106377572-1000-8192.dat
- 2011-01-31 13:18 . 2011-10-28 18:12 6941552 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3427954366-3406222959-2106377572-1000-8192.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-10 98304]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2009-05-19 136544]
"DivXUpdate"="c:\program files (x86)\divx\divx update\divxupdate.exe" [2011-07-28 1259376]
"Adobe ARM"="c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe" [2011-06-06 937920]
"DivX Download Manager"="c:\program files (x86)\divx\divx plus web player\ddmservice.exe" [2011-02-08 63360]
"LManager"="c:\program files (x86)\launch manager\lmanager.exe" [2010-01-22 1287760]
"IAStorIcon"="c:\program files (x86)\intel\intel(r) rapid storage technology\iastoricon.exe" [2009-12-23 284696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
T-Mobile Communication Center.lnk - c:\program files (x86)\T-Mobile Communication Center\TMCC.exe [2010-9-24 761856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\WI3C8A~1\Datamngr\datamngr.dll c:\progra~2\WI3C8A~1\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
R2 AVGIDSAgent;AVGIDSAgent; [x]
R2 avgwd;AVG WatchDog; [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service; [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2009-12-30 23592]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-01-22 310352]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-01-18 842784]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-23 13336]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-09 2320920]
S2 WMCoreService;Mobile Broadband Core Service;c:\program files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe servicemode [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 k57nd;Broadcom NetLink Gigabit Ethernet;c:\windows\system32\DRIVERS\k57amd64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-10-19 2185032]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
"CanonSolutionMenu"="c:\program files (x86)\canon\solutionmenu\cnslmain.exe" [2009-09-04 767312]
"AtherosBtStack"="c:\program files (x86)\bluetooth suite\btvstack.exe" [2009-12-30 393256]
"Acer ePower Management"="c:\program files\acer\acer epower management\epowertray.exe" [2010-01-18 832544]
"combofix"="c:\combofix\CF5883.3XE" [2009-07-14 344576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\WI3C8A~1\Datamngr\x64\datamngr.dll c:\progra~2\WI3C8A~1\Datamngr\x64\IEBHO.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Download Using &BitSpirit - c:\program files (x86)\BitSpirit\bsurl.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.254 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-SearchSettings - c:\program files (x86)\common files\spigot\search settings\searchsettings.exe
Wow6432Node-HKLM-Run-BabylonToolbar - c:\program files (x86)\babylontoolbar\babylontoolbar\1.4.19.19\babylontoolbarsrv.exe
SafeBoot-IMFservice
HKLM-Run-SynTPEnh - c:\program files (x86)\synaptics\syntp\syntpenh.exe
AddRemove-BabylonToolbar - c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\uninstall.exe
AddRemove-BitTorrentBar Toolbar - c:\progra~2\BITTOR~2\UNWISE.EXE
AddRemove-DAEMON Tools Toolbar - c:\program files (x86)\DAEMON Tools Toolbar\uninst.exe
AddRemove-Game Booster_is1 - c:\program files (x86)\IObit\Game Booster\unins000.exe
AddRemove-IObit Malware Fighter_is1 - c:\program files (x86)\IObit\IObit Malware Fighter\unins000.exe
.
.
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
c:\program files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
c:\program files (x86)\Launch Manager\LMworker.exe
.
**************************************************************************
.
Completion time: 2011-10-29 12:07:11 - machine was rebooted
ComboFix-quarantined-files.txt 2011-10-29 10:07
ComboFix2.txt 2011-10-29 09:11
.
Pre-Run: 161 905 926 144 bytes free
Post-Run: 161 631 318 016 bytes free
.
- - End Of File - - 37EF84D8FE1054417B0C93154A585E4C
Re: Facebook virus pls help - ntb
Vyborne, jeste jeden skript - postup stejny (CF i skript primo na C:\)
Kód: Vybrat vše
KillAll::
Folder::
c:\users\J3ck3sss\AppData\Local\Temp\
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DivXUpdate"=-
"Adobe ARM"=-
"DivX Download Manager"=-
Reboot::"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Facebook virus pls help - ntb
ComboFix 11-10-29.03 - J3ck3sss . 10. 2011 12:43:41.3.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1051.18.3959.2487 [GMT 2:00]
Running from: C:\Users\J3ck3sss\Desktop\ComboFix.exe
Command switches used :: C:\Users\J3ck3sss\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
c:\users\J3ck3sss\AppData\Local\Temp
c:\users\J3ck3sss\AppData\Local\Temp\aipflib.log
c:\users\J3ck3sss\AppData\Local\Temp\FXSAPIDebugLogFile.txt
c:\users\J3ck3sss\AppData\Local\Temp\LManager.log
c:\users\J3ck3sss\AppData\Local\Temp\LMworker.log
((((((((((((((((((((((((( Files Created from 2011-09-28 to 2011-10-29 )))))))))))))))))))))))))))))))
2011-10-29 10:51:42 . 2011-10-29 10:51:42 -------- d-----w- C:\Users\Default\AppData\Local\temp
2011-10-28 20:09:06 . 2011-10-28 20:09:16 -------- d-----w- C:\rsit
2011-10-28 20:09:06 . 2011-10-28 20:09:13 -------- d-----w- C:\Program Files\trend micro
2011-10-28 19:59:24 . 2011-09-18 06:39:27 130760 ----a-w- C:\Windows\system32\drivers\avipbb.sys
2011-10-28 19:59:24 . 2011-09-15 21:55:03 97312 ----a-w- C:\Windows\system32\drivers\avgntflt.sys
2011-10-28 19:59:24 . 2011-09-15 21:55:03 27760 ----a-w- C:\Windows\system32\drivers\avkmgr.sys
2011-10-26 16:51:45 . 2011-08-15 05:08:35 6144 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll
2011-10-26 16:51:45 . 2011-08-15 04:25:59 6144 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll
2011-10-23 18:26:58 . 2011-10-23 18:27:04 -------- d-----w- C:\Program Files (x86)\EAGLE-5.4.0
2011-10-23 18:26:41 . 2011-10-23 18:26:41 -------- d-----w- C:\Users\J3ck3sss\AppData\Roaming\CadSoft
2011-10-21 19:56:21 . 2008-07-12 06:18:52 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2011-10-21 19:55:42 . 2011-10-21 19:55:45 -------- d-----w- C:\Program Files (x86)\Microsoft Expression
2011-10-21 19:55:38 . 2011-10-21 19:55:38 -------- d-----w- C:\Program Files (x86)\WPF Toolkit
2011-10-21 19:51:04 . 2011-10-21 19:51:04 -------- d-----w- C:\Program Files (x86)\Microsoft XNA
2011-10-21 19:50:12 . 2011-10-21 19:50:12 192768 ----a-w- C:\ProgramData\Microsoft\VPDExpress\10.0\1033\ResourceCache.dll
2011-10-21 19:40:38 . 2011-10-21 19:49:11 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2011-10-21 19:39:55 . 2011-10-21 19:39:55 -------- d-----w- C:\Program Files (x86)\Microsoft XDE
2011-10-21 19:38:35 . 2011-10-21 19:38:35 -------- d-----w- C:\Windows\symbols
2011-10-21 19:38:34 . 2011-10-21 19:38:34 -------- d-----w- C:\Program Files\Microsoft Visual Studio 10.0
2011-10-21 19:38:33 . 2011-10-21 19:55:03 -------- d-----w- C:\Program Files (x86)\Microsoft SDKs
2011-10-21 19:38:33 . 2011-10-21 19:38:33 -------- d-----w- C:\Program Files\Microsoft Help Viewer
2011-10-16 13:29:52 . 2011-10-16 13:39:56 -------- d-----w- C:\Users\J3ck3sss\AppData\Local\Ried.cl
2011-10-16 13:23:06 . 2011-10-16 13:23:06 -------- d-----w- C:\Program Files (x86)\Phone7Market
2011-10-16 09:49:59 . 2011-10-16 09:50:13 -------- d-----w- C:\Windows\system32\ms-MY
2011-10-14 20:55:51 . 2011-10-14 20:55:51 14336 ----a-w- C:\Windows\system32\drivers\sffp_sd.sys
2011-10-14 20:54:44 . 2011-09-09 15:35:40 22872 ----a-w- C:\Windows\system32\RegistryDefragBootTime.exe
2011-10-12 19:03:03 . 2011-09-06 03:07:02 3134976 ----a-w- C:\Windows\system32\win32k.sys
2011-10-12 18:54:22 . 2011-08-17 05:32:24 613888 ----a-w- C:\Windows\system32\psisdecd.dll
2011-10-11 15:44:11 . 2011-10-11 16:02:48 -------- d-----w- C:\Program Files (x86)\Counter-Strike Source
2011-10-11 12:38:20 . 2003-09-03 00:28:38 724992 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2011-10-11 12:38:20 . 2003-09-03 00:27:22 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2011-10-11 12:38:20 . 2003-09-03 00:26:36 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2011-10-11 12:38:20 . 2003-09-03 00:26:06 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2011-10-11 12:38:20 . 2003-09-03 00:25:54 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2011-10-11 12:38:20 . 2003-09-03 00:23:16 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2011-10-11 12:38:19 . 2011-10-11 12:38:19 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2011-10-11 12:38:19 . 2011-10-11 12:38:19 184452 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2011-09-15 15:04:24 . 2011-09-15 15:04:24 8024 ----a-w- C:\ProgramData\Microsoft\Phone Tools\CoreCon\10.0\SDKFilesVer.dll
2011-09-15 15:04:24 . 2011-09-15 15:04:24 8024 ----a-w- C:\ProgramData\Microsoft\Phone Tools\CoreCon\10.0\addons\NonSDKAddonVer.dll
2011-09-15 15:04:24 . 2011-09-15 15:04:24 8024 ----a-w- C:\ProgramData\Microsoft\Phone Tools\CoreCon\10.0\1033\NonSDKAddonLangVer.dll
2011-09-15 15:04:24 . 2011-09-15 15:04:24 8016 ----a-w- C:\ProgramData\Microsoft\Phone Tools\CoreCon\10.0\addons\WPSDKVer.dll
2011-09-15 13:38:28 . 2011-09-15 13:38:28 81744 ----a-w- C:\Windows\SysWow64\mfcm100u.dll
2011-09-15 13:38:28 . 2011-09-15 13:38:28 81744 ----a-w- C:\Windows\SysWow64\mfcm100.dll
2011-09-15 13:38:10 . 2011-09-15 13:38:10 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2011-09-15 13:38:10 . 2011-09-15 13:38:10 4422992 ----a-w- C:\Windows\SysWow64\mfc100u.dll
2011-09-15 13:38:08 . 2011-09-15 13:38:08 4397384 ----a-w- C:\Windows\SysWow64\mfc100.dll
2011-09-15 13:38:08 . 2011-09-15 13:38:08 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
2011-09-15 13:38:06 . 2011-09-15 13:38:06 138056 ----a-w- C:\Windows\SysWow64\atl100.dll
((((((((((((((((((((((((((((( SnapShot@2011-10-29_09.03.47 )))))))))))))))))))))))))))))))))))))))))
+ 2010-12-14 22:00:58 . 2011-10-29 10:05:32 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-14 22:00:58 . 2011-10-29 09:01:40 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-14 22:00:58 . 2011-10-29 10:05:32 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-14 22:00:58 . 2011-10-29 09:01:40 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-10-29 10:52:41 . 2011-10-29 10:52:41 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-10-29 09:02:47 . 2011-10-29 09:02:47 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-10-29 10:52:41 . 2011-10-29 10:52:41 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-10-29 09:02:47 . 2011-10-29 09:02:47 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36:59 . 2011-10-28 20:10:37 653060 C:\Windows\system32\perfh009.dat
+ 2009-07-14 02:36:59 . 2011-10-29 10:21:04 653060 C:\Windows\system32\perfh009.dat
+ 2009-07-26 18:41:44 . 2011-10-29 10:21:04 659208 C:\Windows\system32\perfh005.dat
- 2009-07-26 18:41:44 . 2011-10-28 20:10:37 659208 C:\Windows\system32\perfh005.dat
+ 2009-07-14 02:36:59 . 2011-10-29 10:21:04 121992 C:\Windows\system32\perfc009.dat
- 2009-07-14 02:36:59 . 2011-10-28 20:10:37 121992 C:\Windows\system32\perfc009.dat
- 2009-07-26 18:41:44 . 2011-10-28 20:10:37 140894 C:\Windows\system32\perfc005.dat
+ 2009-07-26 18:41:44 . 2011-10-29 10:21:04 140894 C:\Windows\system32\perfc005.dat
- 2009-07-14 05:01:48 . 2011-10-29 09:01:44 482128 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01:48 . 2011-10-29 09:57:26 482128 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-01-31 13:18:07 . 2011-10-29 09:57:26 6941552 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3427954366-3406222959-2106377572-1000-8192.dat
- 2011-01-31 13:18:07 . 2011-10-28 18:12:28 6941552 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3427954366-3406222959-2106377572-1000-8192.dat
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-10 06:28:38 98304]
"IJNetworkScanUtility"="C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2009-05-19 16:11:52 136544]
"LManager"="c:\program files (x86)\launch manager\lmanager.exe" [2010-01-22 15:10:50 1287760]
"IAStorIcon"="c:\program files (x86)\intel\intel(r) rapid storage technology\iastoricon.exe" [2009-12-23 16:39:02 284696]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
T-Mobile Communication Center.lnk - C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe [2010-9-24 761856]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [x]
R2 AVGIDSAgent;AVGIDSAgent; [x]
R2 avgwd;AVG WatchDog; [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 11:16:28 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 12:27:14 138576]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys [x]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service; [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys [x]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys [x]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;C:\Windows\system32\drivers\massfilter.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\system32\DRIVERS\ssadserd.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe [x]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\Program Files\Zune\WMZuneComm.exe [2011-08-05 10:53:12 306400]
S0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys [x]
S0 sptd;sptd;C:\Windows\System32\Drivers\sptd.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys [x]
S1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 10:55:28 64952]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe [x]
S2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2009-12-30 21:03:50 23592]
S2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-01-22 15:10:50 310352]
S2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-01-18 18:55:46 842784]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-23 16:39:04 13336]
S2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-09 15:48:26 2320920]
S2 WMCoreService;Mobile Broadband Core Service;C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe servicemode [x]
S3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys [x]
S3 k57nd;Broadcom NetLink Gigabit Ethernet;C:\Windows\system32\DRIVERS\k57amd64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys [x]
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="C:\Program Files (x86)\Elantech\ETDCtrl.exe" [BU]
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe" [2009-10-19 02:12:00 2185032]
"Zune Launcher"="c:\Program Files\Zune\ZuneLauncher.exe" [2011-08-05 10:53:06 163552]
"CanonSolutionMenu"="c:\program files (x86)\canon\solutionmenu\cnslmain.exe" [2009-09-04 01:43:00 767312]
"AtherosBtStack"="c:\program files (x86)\bluetooth suite\btvstack.exe" [2009-12-30 21:03:54 393256]
"Acer ePower Management"="c:\program files\acer\acer epower management\epowertray.exe" [2010-01-18 18:55:48 832544]
"SynTPEnh"="C:\Program Files (x86)\synaptics\syntp\syntpenh.exe" [BU]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll
------- Supplementary Scan -------
uLocal Page = C:\Windows\system32\blank.htm
mLocal Page = C:\Windows\SysWOW64\blank.htm
IE: Download Using &BitSpirit - C:\Program Files (x86)\BitSpirit\bsurl.htm
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.254 192.168.1.1
- - - - ORPHANS REMOVED - - - -
BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-10 - (no file)
------------------------ Other Running Processes ------------------------
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
**************************************************************************
Completion time: 2011-10-29 13:01:26 - machine was rebooted
ComboFix-quarantined-files.txt 2011-10-29 11:01:26
ComboFix2.txt 2011-10-29 10:07:11
ComboFix3.txt 2011-10-29 09:11:53
Pre-Run: 161 695 821 824 bytes free
Post-Run: 161 393 463 296 bytes free
- - End Of File - - 9B1D10D2E20CB1C557C6E9927339AD6E
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1051.18.3959.2487 [GMT 2:00]
Running from: C:\Users\J3ck3sss\Desktop\ComboFix.exe
Command switches used :: C:\Users\J3ck3sss\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
c:\users\J3ck3sss\AppData\Local\Temp
c:\users\J3ck3sss\AppData\Local\Temp\aipflib.log
c:\users\J3ck3sss\AppData\Local\Temp\FXSAPIDebugLogFile.txt
c:\users\J3ck3sss\AppData\Local\Temp\LManager.log
c:\users\J3ck3sss\AppData\Local\Temp\LMworker.log
((((((((((((((((((((((((( Files Created from 2011-09-28 to 2011-10-29 )))))))))))))))))))))))))))))))
2011-10-29 10:51:42 . 2011-10-29 10:51:42 -------- d-----w- C:\Users\Default\AppData\Local\temp
2011-10-28 20:09:06 . 2011-10-28 20:09:16 -------- d-----w- C:\rsit
2011-10-28 20:09:06 . 2011-10-28 20:09:13 -------- d-----w- C:\Program Files\trend micro
2011-10-28 19:59:24 . 2011-09-18 06:39:27 130760 ----a-w- C:\Windows\system32\drivers\avipbb.sys
2011-10-28 19:59:24 . 2011-09-15 21:55:03 97312 ----a-w- C:\Windows\system32\drivers\avgntflt.sys
2011-10-28 19:59:24 . 2011-09-15 21:55:03 27760 ----a-w- C:\Windows\system32\drivers\avkmgr.sys
2011-10-26 16:51:45 . 2011-08-15 05:08:35 6144 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll
2011-10-26 16:51:45 . 2011-08-15 04:25:59 6144 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll
2011-10-23 18:26:58 . 2011-10-23 18:27:04 -------- d-----w- C:\Program Files (x86)\EAGLE-5.4.0
2011-10-23 18:26:41 . 2011-10-23 18:26:41 -------- d-----w- C:\Users\J3ck3sss\AppData\Roaming\CadSoft
2011-10-21 19:56:21 . 2008-07-12 06:18:52 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2011-10-21 19:55:42 . 2011-10-21 19:55:45 -------- d-----w- C:\Program Files (x86)\Microsoft Expression
2011-10-21 19:55:38 . 2011-10-21 19:55:38 -------- d-----w- C:\Program Files (x86)\WPF Toolkit
2011-10-21 19:51:04 . 2011-10-21 19:51:04 -------- d-----w- C:\Program Files (x86)\Microsoft XNA
2011-10-21 19:50:12 . 2011-10-21 19:50:12 192768 ----a-w- C:\ProgramData\Microsoft\VPDExpress\10.0\1033\ResourceCache.dll
2011-10-21 19:40:38 . 2011-10-21 19:49:11 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2011-10-21 19:39:55 . 2011-10-21 19:39:55 -------- d-----w- C:\Program Files (x86)\Microsoft XDE
2011-10-21 19:38:35 . 2011-10-21 19:38:35 -------- d-----w- C:\Windows\symbols
2011-10-21 19:38:34 . 2011-10-21 19:38:34 -------- d-----w- C:\Program Files\Microsoft Visual Studio 10.0
2011-10-21 19:38:33 . 2011-10-21 19:55:03 -------- d-----w- C:\Program Files (x86)\Microsoft SDKs
2011-10-21 19:38:33 . 2011-10-21 19:38:33 -------- d-----w- C:\Program Files\Microsoft Help Viewer
2011-10-16 13:29:52 . 2011-10-16 13:39:56 -------- d-----w- C:\Users\J3ck3sss\AppData\Local\Ried.cl
2011-10-16 13:23:06 . 2011-10-16 13:23:06 -------- d-----w- C:\Program Files (x86)\Phone7Market
2011-10-16 09:49:59 . 2011-10-16 09:50:13 -------- d-----w- C:\Windows\system32\ms-MY
2011-10-14 20:55:51 . 2011-10-14 20:55:51 14336 ----a-w- C:\Windows\system32\drivers\sffp_sd.sys
2011-10-14 20:54:44 . 2011-09-09 15:35:40 22872 ----a-w- C:\Windows\system32\RegistryDefragBootTime.exe
2011-10-12 19:03:03 . 2011-09-06 03:07:02 3134976 ----a-w- C:\Windows\system32\win32k.sys
2011-10-12 18:54:22 . 2011-08-17 05:32:24 613888 ----a-w- C:\Windows\system32\psisdecd.dll
2011-10-11 15:44:11 . 2011-10-11 16:02:48 -------- d-----w- C:\Program Files (x86)\Counter-Strike Source
2011-10-11 12:38:20 . 2003-09-03 00:28:38 724992 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2011-10-11 12:38:20 . 2003-09-03 00:27:22 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2011-10-11 12:38:20 . 2003-09-03 00:26:36 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2011-10-11 12:38:20 . 2003-09-03 00:26:06 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2011-10-11 12:38:20 . 2003-09-03 00:25:54 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2011-10-11 12:38:20 . 2003-09-03 00:23:16 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2011-10-11 12:38:19 . 2011-10-11 12:38:19 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2011-10-11 12:38:19 . 2011-10-11 12:38:19 184452 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2011-09-15 15:04:24 . 2011-09-15 15:04:24 8024 ----a-w- C:\ProgramData\Microsoft\Phone Tools\CoreCon\10.0\SDKFilesVer.dll
2011-09-15 15:04:24 . 2011-09-15 15:04:24 8024 ----a-w- C:\ProgramData\Microsoft\Phone Tools\CoreCon\10.0\addons\NonSDKAddonVer.dll
2011-09-15 15:04:24 . 2011-09-15 15:04:24 8024 ----a-w- C:\ProgramData\Microsoft\Phone Tools\CoreCon\10.0\1033\NonSDKAddonLangVer.dll
2011-09-15 15:04:24 . 2011-09-15 15:04:24 8016 ----a-w- C:\ProgramData\Microsoft\Phone Tools\CoreCon\10.0\addons\WPSDKVer.dll
2011-09-15 13:38:28 . 2011-09-15 13:38:28 81744 ----a-w- C:\Windows\SysWow64\mfcm100u.dll
2011-09-15 13:38:28 . 2011-09-15 13:38:28 81744 ----a-w- C:\Windows\SysWow64\mfcm100.dll
2011-09-15 13:38:10 . 2011-09-15 13:38:10 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2011-09-15 13:38:10 . 2011-09-15 13:38:10 4422992 ----a-w- C:\Windows\SysWow64\mfc100u.dll
2011-09-15 13:38:08 . 2011-09-15 13:38:08 4397384 ----a-w- C:\Windows\SysWow64\mfc100.dll
2011-09-15 13:38:08 . 2011-09-15 13:38:08 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
2011-09-15 13:38:06 . 2011-09-15 13:38:06 138056 ----a-w- C:\Windows\SysWow64\atl100.dll
((((((((((((((((((((((((((((( SnapShot@2011-10-29_09.03.47 )))))))))))))))))))))))))))))))))))))))))
+ 2010-12-14 22:00:58 . 2011-10-29 10:05:32 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-14 22:00:58 . 2011-10-29 09:01:40 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-14 22:00:58 . 2011-10-29 10:05:32 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-14 22:00:58 . 2011-10-29 09:01:40 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-10-29 10:52:41 . 2011-10-29 10:52:41 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-10-29 09:02:47 . 2011-10-29 09:02:47 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-10-29 10:52:41 . 2011-10-29 10:52:41 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-10-29 09:02:47 . 2011-10-29 09:02:47 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36:59 . 2011-10-28 20:10:37 653060 C:\Windows\system32\perfh009.dat
+ 2009-07-14 02:36:59 . 2011-10-29 10:21:04 653060 C:\Windows\system32\perfh009.dat
+ 2009-07-26 18:41:44 . 2011-10-29 10:21:04 659208 C:\Windows\system32\perfh005.dat
- 2009-07-26 18:41:44 . 2011-10-28 20:10:37 659208 C:\Windows\system32\perfh005.dat
+ 2009-07-14 02:36:59 . 2011-10-29 10:21:04 121992 C:\Windows\system32\perfc009.dat
- 2009-07-14 02:36:59 . 2011-10-28 20:10:37 121992 C:\Windows\system32\perfc009.dat
- 2009-07-26 18:41:44 . 2011-10-28 20:10:37 140894 C:\Windows\system32\perfc005.dat
+ 2009-07-26 18:41:44 . 2011-10-29 10:21:04 140894 C:\Windows\system32\perfc005.dat
- 2009-07-14 05:01:48 . 2011-10-29 09:01:44 482128 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01:48 . 2011-10-29 09:57:26 482128 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-01-31 13:18:07 . 2011-10-29 09:57:26 6941552 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3427954366-3406222959-2106377572-1000-8192.dat
- 2011-01-31 13:18:07 . 2011-10-28 18:12:28 6941552 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3427954366-3406222959-2106377572-1000-8192.dat
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-10 06:28:38 98304]
"IJNetworkScanUtility"="C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2009-05-19 16:11:52 136544]
"LManager"="c:\program files (x86)\launch manager\lmanager.exe" [2010-01-22 15:10:50 1287760]
"IAStorIcon"="c:\program files (x86)\intel\intel(r) rapid storage technology\iastoricon.exe" [2009-12-23 16:39:02 284696]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
T-Mobile Communication Center.lnk - C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe [2010-9-24 761856]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [x]
R2 AVGIDSAgent;AVGIDSAgent; [x]
R2 avgwd;AVG WatchDog; [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 11:16:28 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 12:27:14 138576]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys [x]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service; [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys [x]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys [x]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;C:\Windows\system32\drivers\massfilter.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\system32\DRIVERS\ssadserd.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe [x]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\Program Files\Zune\WMZuneComm.exe [2011-08-05 10:53:12 306400]
S0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys [x]
S0 sptd;sptd;C:\Windows\System32\Drivers\sptd.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys [x]
S1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 10:55:28 64952]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe [x]
S2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2009-12-30 21:03:50 23592]
S2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-01-22 15:10:50 310352]
S2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-01-18 18:55:46 842784]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-23 16:39:04 13336]
S2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-09 15:48:26 2320920]
S2 WMCoreService;Mobile Broadband Core Service;C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe servicemode [x]
S3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys [x]
S3 k57nd;Broadcom NetLink Gigabit Ethernet;C:\Windows\system32\DRIVERS\k57amd64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys [x]
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="C:\Program Files (x86)\Elantech\ETDCtrl.exe" [BU]
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe" [2009-10-19 02:12:00 2185032]
"Zune Launcher"="c:\Program Files\Zune\ZuneLauncher.exe" [2011-08-05 10:53:06 163552]
"CanonSolutionMenu"="c:\program files (x86)\canon\solutionmenu\cnslmain.exe" [2009-09-04 01:43:00 767312]
"AtherosBtStack"="c:\program files (x86)\bluetooth suite\btvstack.exe" [2009-12-30 21:03:54 393256]
"Acer ePower Management"="c:\program files\acer\acer epower management\epowertray.exe" [2010-01-18 18:55:48 832544]
"SynTPEnh"="C:\Program Files (x86)\synaptics\syntp\syntpenh.exe" [BU]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll
------- Supplementary Scan -------
uLocal Page = C:\Windows\system32\blank.htm
mLocal Page = C:\Windows\SysWOW64\blank.htm
IE: Download Using &BitSpirit - C:\Program Files (x86)\BitSpirit\bsurl.htm
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.254 192.168.1.1
- - - - ORPHANS REMOVED - - - -
BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-10 - (no file)
------------------------ Other Running Processes ------------------------
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
**************************************************************************
Completion time: 2011-10-29 13:01:26 - machine was rebooted
ComboFix-quarantined-files.txt 2011-10-29 11:01:26
ComboFix2.txt 2011-10-29 10:07:11
ComboFix3.txt 2011-10-29 09:11:53
Pre-Run: 161 695 821 824 bytes free
Post-Run: 161 393 463 296 bytes free
- - End Of File - - 9B1D10D2E20CB1C557C6E9927339AD6E
Re: Facebook virus pls help - ntb
takze uz mam na ntb vsetko v poriadku?
Re: Facebook virus pls help - ntb
Odinstalujte Combofix
- Prejmenujte ComboFix na Uninstall
- Spustte jej
- Tohle smaze Combofix a jeho slozky
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) projedte PC temito utilitami, at se zbavime zbytku antiviru co tam mate
Stahnete Ccleaner (viz muj podpis)Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Nainstalujte zabezpeceni PC - doporucuji Avast free http://www.avast.com/cs-cz/free-antivirus-download Dejte novy log z RSIT a napiste co PC"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Facebook virus pls help - ntb
Logfile of random's system information tool 1.09 (written by random/random)
Run by J3ck3sss at 2011-10-29 18:10:28
Microsoft Windows 7 Ultimate
System drive C: has 162 GB (27%) free of 598 GB
Total RAM: 3959 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:10:34, on 29. 10. 2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16869)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\J3ck3sss.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [LManager] c:\program files (x86)\launch manager\lmanager.exe
O4 - HKLM\..\Run: [IAStorIcon] c:\program files (x86)\intel\intel(r) rapid storage technology\iastoricon.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - Global Startup: T-Mobile Communication Center.lnk = C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files (x86)\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - (no file)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Unknown owner - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Mobile Broadband Core Service (WMCoreService) - Unknown owner - C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9229 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 3282672
\??\C:\Windows\system32\conhost.exe "1121129210-6851568141633613502-205568899378991666331358649-1195704572-587984205
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe" servicemode
WLIDSvcM.exe 1724
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
atieclxx
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files\Zune\ZuneLauncher.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe" -m
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe"
"C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=sk --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --enable-print-preview --channel=1940.022266E0.767029893 --ignored=" --type=renderer " /prefetch:3
"C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --enable-print-preview --channel=1940.08F5B840.1492805415 /prefetch:3
C:\Windows\system32\rundll32.exe "C:\Users\J3ck3sss\AppData\Local\Google\Chrome\APPLIC~1\150874~1.106\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll" --lang=sk --channel=1940.0926BA80.1688787514 --flash-broker=3180 /prefetch:4
"C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --enable-print-preview --channel=1940.06FE1420.1514558147 /prefetch:3
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /welcome
taskeng.exe {68412B59-6BD4-4187-8D8D-3B55A9326D85}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 3286C814-A0F4-2438-0D1D-09E7A8B069BB -Reinvoke
"C:\Users\J3ck3sss\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Avira SearchFree Toolbar plus Web Protection - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-07-27 1493160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
{98889811-442D-49dd-99D7-DC866BE87DBC}
{D4027C7F-154A-4066-A1AD-4243D8127440} - Avira SearchFree Toolbar plus Web Protection - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-07-27 1493160]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-01-13 635784]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-10-19 2185032]
"Zune Launcher"=c:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]
"CanonSolutionMenu"=c:\program files (x86)\canon\solutionmenu\cnslmain.exe [2009-09-04 767312]
"AtherosBtStack"=c:\program files (x86)\bluetooth suite\btvstack.exe [2009-12-30 393256]
"Acer ePower Management"=c:\program files\acer\acer epower management\epowertray.exe [2010-01-18 832544]
"SynTPEnh"=C:\Program Files\synaptics\syntp\syntpenh.exe [2009-12-10 1890088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePower Management]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
c:\program files (x86)\bittorrent\bittorrent.exe [2011-01-28 4771184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
c:\program files (x86)\samsung\kies\external\firmwareupdate\kiespdlr.exe [2011-03-17 19872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
c:\program files\windows sidebar\sidebar.exe [2009-07-14 1475072]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-10 98304]
"IJNetworkScanUtility"=C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2009-05-19 136544]
"DATAMNGR"=C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE [2011-03-24 1115536]
"LManager"=c:\program files (x86)\launch manager\lmanager.exe [2010-01-22 1287760]
"IAStorIcon"=c:\program files (x86)\intel\intel(r) rapid storage technology\iastoricon.exe [2009-12-23 284696]
""= []
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
T-Mobile Communication Center.lnk - C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 290304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2011-10-29 18:10:28 ----D---- C:\rsit
2011-10-29 17:53:20 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-10-29 17:53:20 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-10-29 17:53:19 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-10-29 17:53:18 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-10-29 17:53:18 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-10-29 17:53:16 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-10-29 17:53:16 ----A---- C:\Windows\system32\aswBoot.exe
2011-10-29 17:53:01 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2011-10-29 17:53:01 ----A---- C:\Windows\avastSS.scr
2011-10-29 17:52:53 ----D---- C:\ProgramData\AVAST Software
2011-10-29 17:52:53 ----D---- C:\Program Files\AVAST Software
2011-10-29 17:38:20 ----D---- C:\Program Files\CCleaner
2011-10-29 14:19:34 ----D---- C:\Program Files (x86)\Ask.com
2011-10-29 12:53:54 ----SHD---- C:\$RECYCLE.BIN
2011-10-29 10:49:29 ----D---- C:\Windows\ERDNT
2011-10-28 22:09:06 ----D---- C:\Program Files\trend micro
2011-10-23 20:26:41 ----D---- C:\Users\J3ck3sss\AppData\Roaming\CadSoft
2011-10-21 21:56:21 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2011-10-21 21:55:42 ----D---- C:\Program Files (x86)\Microsoft Expression
2011-10-21 21:55:38 ----D---- C:\Program Files (x86)\WPF Toolkit
2011-10-21 21:51:04 ----D---- C:\Program Files (x86)\Microsoft XNA
2011-10-21 21:40:38 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2011-10-21 21:39:55 ----D---- C:\Program Files (x86)\Microsoft XDE
2011-10-21 21:38:35 ----D---- C:\Windows\symbols
2011-10-21 21:38:34 ----D---- C:\Program Files\Microsoft Visual Studio 10.0
2011-10-21 21:38:33 ----D---- C:\Program Files\Microsoft Help Viewer
2011-10-21 21:38:33 ----D---- C:\Program Files (x86)\Microsoft SDKs
2011-10-16 15:23:06 ----D---- C:\Program Files (x86)\Phone7Market
2011-10-16 11:49:59 ----D---- C:\Windows\system32\ms-MY
2011-10-14 22:55:51 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2011-10-14 22:54:44 ----A---- C:\Windows\system32\RegistryDefragBootTime.exe
2011-10-12 21:03:03 ----A---- C:\Windows\system32\win32k.sys
2011-10-12 21:02:49 ----A---- C:\Windows\system32\ieframe.dll
2011-10-12 21:02:45 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-10-12 21:02:43 ----A---- C:\Windows\system32\mshtml.dll
2011-10-12 21:02:42 ----A---- C:\Windows\system32\urlmon.dll
2011-10-12 21:02:39 ----A---- C:\Windows\system32\wininet.dll
2011-10-12 21:02:38 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-10-12 21:02:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-10-12 21:02:36 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-10-12 21:02:32 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-10-12 21:02:32 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-10-12 21:02:32 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-10-12 21:02:32 ----A---- C:\Windows\system32\mstime.dll
2011-10-12 21:02:32 ----A---- C:\Windows\system32\msfeeds.dll
2011-10-12 21:02:32 ----A---- C:\Windows\system32\ieui.dll
2011-10-12 21:02:32 ----A---- C:\Windows\system32\iedkcs32.dll
2011-10-12 21:02:31 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-10-12 21:02:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-10-12 21:02:31 ----A---- C:\Windows\system32\iertutil.dll
2011-10-12 21:02:31 ----A---- C:\Windows\system32\iepeers.dll
2011-10-12 21:02:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-10-12 21:02:30 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-10-12 21:02:30 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-10-12 21:02:30 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-12 21:02:30 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-10-12 21:02:23 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-10-12 21:02:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-10-12 21:02:23 ----A---- C:\Windows\system32\url.dll
2011-10-12 21:02:23 ----A---- C:\Windows\system32\licmgr10.dll
2011-10-12 21:02:23 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-12 21:02:22 ----A---- C:\Windows\SYSWOW64\url.dll
2011-10-12 21:02:22 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-10-12 21:02:22 ----A---- C:\Windows\system32\msfeedssync.exe
2011-10-12 20:54:22 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-12 20:54:21 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-10-12 20:54:12 ----A---- C:\Windows\system32\oleacc.dll
2011-10-12 20:54:11 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-10-12 20:54:11 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-12 20:54:10 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2011-10-11 17:44:11 ----D---- C:\Program Files (x86)\Counter-Strike Source
======List of files/folders modified in the last 1 month======
2011-10-29 18:10:32 ----D---- C:\Windows\Temp
2011-10-29 17:53:20 ----D---- C:\Windows\system32\drivers
2011-10-29 17:53:16 ----D---- C:\Windows\SysWOW64
2011-10-29 17:53:16 ----D---- C:\Windows\System32
2011-10-29 17:53:14 ----SHD---- C:\Windows\Installer
2011-10-29 17:53:14 ----D---- C:\Config.Msi
2011-10-29 17:53:01 ----D---- C:\Windows
2011-10-29 17:52:53 ----RD---- C:\Program Files
2011-10-29 17:52:53 ----D---- C:\ProgramData
2011-10-29 17:52:51 ----SHD---- C:\System Volume Information
2011-10-29 17:47:20 ----D---- C:\ProgramData\Samsung
2011-10-29 17:47:06 ----D---- C:\Users\J3ck3sss\AppData\Roaming\Samsung
2011-10-29 17:42:27 ----RD---- C:\Program Files (x86)
2011-10-29 17:39:34 ----D---- C:\Users\J3ck3sss\AppData\Roaming\DAEMON Tools Pro
2011-10-29 17:39:34 ----D---- C:\Users\J3ck3sss\AppData\Roaming\DAEMON Tools Lite
2011-10-29 17:39:34 ----D---- C:\Users\J3ck3sss\AppData\Roaming\BitTorrent
2011-10-29 17:39:33 ----D---- C:\Windows\Panther
2011-10-29 17:39:33 ----D---- C:\Windows\Logs
2011-10-29 17:39:33 ----D---- C:\Windows\inf
2011-10-29 17:31:59 ----A---- C:\Windows\SYSWOW64\log.txt
2011-10-29 17:17:28 ----D---- C:\Windows\system32\config
2011-10-29 17:07:55 ----D---- C:\Windows\Prefetch
2011-10-29 17:02:42 ----D---- C:\Windows\system32\catroot
2011-10-29 16:59:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-10-29 12:53:48 ----A---- C:\Windows\system.ini
2011-10-29 12:53:40 ----D---- C:\Windows\system32\drivers\etc
2011-10-29 12:51:48 ----D---- C:\Windows\system32\catroot2
2011-10-29 12:48:37 ----D---- C:\Windows\SYSWOW64\drivers
2011-10-29 12:48:37 ----D---- C:\Windows\AppPatch
2011-10-29 12:48:35 ----D---- C:\Program Files\Common Files
2011-10-29 12:48:35 ----D---- C:\Program Files (x86)\Common Files
2011-10-29 11:56:23 ----D---- C:\Program Files (x86)\BabylonToolbar
2011-10-29 11:56:22 ----D---- C:\Program Files (x86)\Windows iLivid Toolbar
2011-10-29 11:56:21 ----D---- C:\Windows\Tasks
2011-10-29 11:41:02 ----D---- C:\Windows\system32\Tasks
2011-10-28 22:10:59 ----D---- C:\Users\J3ck3sss\AppData\Roaming\Skype
2011-10-28 21:59:38 ----D---- C:\Windows\system32\DriverStore
2011-10-28 20:49:24 ----D---- C:\ProgramData\boost_interprocess
2011-10-28 16:58:23 ----D---- C:\Users\J3ck3sss\AppData\Roaming\vlc
2011-10-27 19:43:07 ----D---- C:\Windows\winsxs
2011-10-27 19:42:57 ----D---- C:\Program Files (x86)\Internet Explorer
2011-10-27 19:42:56 ----D---- C:\Program Files\Internet Explorer
2011-10-23 14:52:51 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-10-21 22:06:09 ----D---- C:\Windows\Microsoft.NET
2011-10-21 22:06:08 ----RSD---- C:\Windows\assembly
2011-10-21 21:55:46 ----RSD---- C:\Windows\Fonts
2011-10-21 21:55:42 ----SD---- C:\ProgramData\Microsoft
2011-10-21 21:49:51 ----SD---- C:\Users\J3ck3sss\AppData\Roaming\Microsoft
2011-10-21 21:49:09 ----D---- C:\Program Files (x86)\MSBuild
2011-10-21 21:38:35 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-10-21 20:26:17 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-10-21 20:22:40 ----D---- C:\Windows\SYSWOW64\en-US
2011-10-21 20:22:40 ----D---- C:\Windows\system32\en-US
2011-10-16 11:50:15 ----D---- C:\Windows\system32\pt-PT
2011-10-16 11:50:15 ----D---- C:\Windows\system32\nl-NL
2011-10-16 11:50:15 ----D---- C:\Windows\system32\drivers\UMDF
2011-10-16 11:50:15 ----D---- C:\Windows\system32\da-DK
2011-10-16 11:50:14 ----D---- C:\Windows\system32\ru-RU
2011-10-16 11:50:14 ----D---- C:\Windows\system32\pl-PL
2011-10-16 11:50:14 ----D---- C:\Windows\system32\ko-KR
2011-10-16 11:50:13 ----D---- C:\Windows\system32\zh-TW
2011-10-16 11:50:13 ----D---- C:\Windows\system32\sv-SE
2011-10-16 11:50:13 ----D---- C:\Windows\system32\nb-NO
2011-10-16 11:50:13 ----D---- C:\Windows\system32\ja-JP
2011-10-16 11:50:13 ----D---- C:\Windows\system32\it-IT
2011-10-16 11:50:13 ----D---- C:\Windows\system32\hu-HU
2011-10-16 11:50:13 ----D---- C:\Windows\system32\fr-FR
2011-10-16 11:50:13 ----D---- C:\Windows\system32\fi-FI
2011-10-16 11:50:13 ----D---- C:\Windows\system32\el-GR
2011-10-16 11:50:12 ----D---- C:\Windows\system32\zh-CN
2011-10-16 11:50:12 ----D---- C:\Windows\system32\pt-BR
2011-10-16 11:50:12 ----D---- C:\Windows\system32\es-ES
2011-10-16 11:50:12 ----D---- C:\Windows\system32\de-DE
2011-10-16 11:50:12 ----D---- C:\Windows\system32\cs-CZ
2011-10-16 11:46:47 ----D---- C:\Program Files\Zune
2011-10-16 11:42:07 ----D---- C:\ProgramData\YouTube Downloader
2011-10-16 11:42:04 ----D---- C:\Program Files (x86)\YouTube Downloader
2011-10-15 18:48:11 ----D---- C:\Users\J3ck3sss\AppData\Roaming\DivX
2011-10-15 12:54:53 ----D---- C:\ProgramData\CanonIJPLM
2011-10-15 12:54:53 ----D---- C:\ProgramData\CanonIJ
2011-10-15 12:05:25 ----D---- C:\ProgramData\Skype
2011-10-14 22:54:48 ----D---- C:\Windows\debug
2011-10-14 22:14:53 ----D---- C:\ProgramData\IObit
2011-10-14 22:14:38 ----D---- C:\Users\J3ck3sss\AppData\Roaming\IObit
2011-10-14 22:13:11 ----D---- C:\ProgramData\DivX
2011-10-14 22:13:11 ----D---- C:\Program Files (x86)\DivX
2011-10-14 22:12:39 ----D---- C:\Program Files\DivX
2011-10-13 07:51:19 ----D---- C:\Windows\SYSWOW64\migration
2011-10-13 07:51:18 ----D---- C:\Windows\system32\migration
2011-10-13 07:44:28 ----A---- C:\Windows\system32\MRT.exe
2011-10-13 07:41:01 ----D---- C:\ProgramData\Microsoft Help
2011-10-13 07:32:49 ----D---- C:\Windows\ehome
2011-10-11 14:41:31 ----D---- C:\Program Files (x86)\Valve
2011-10-10 17:34:21 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-10-05 17:47:17 ----D---- C:\Program Files (x86)\Warcraft III
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 538136]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-21 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-09-06 42328]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-09-06 301912]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-09-06 58200]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-13 254528]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2011-07-19 295272]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-09-06 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-09-06 65368]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-10 6179328]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-12-14 2978296]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2009-12-30 31784]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 k57nd;Broadcom NetLink Gigabit Ethernet; C:\Windows\system32\DRIVERS\k57amd64.sys [2010-03-21 334376]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-09-06 601944]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2010-12-21 36328]
S3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys []
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2009-12-30 38440]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2009-12-30 336424]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2009-12-30 246824]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2009-12-30 133672]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552448]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-02-03 135560]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2011-01-29 11776]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 255552]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-12-11 232992]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-01-03 157160]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-01-03 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-01-03 177128]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-01-03 145384]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-10 202752]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2009-12-30 23592]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-01-22 310352]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-01-18 842784]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-23 13336]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-12-09 268824]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-09 2320920]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R2 WMCoreService;Mobile Broadband Core Service; C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe [2009-12-01 448512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-14 1255736]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service; c:\Program Files\Zune\WMZuneComm.exe [2011-08-05 306400]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
-----------------EOF-----------------
Run by J3ck3sss at 2011-10-29 18:10:28
Microsoft Windows 7 Ultimate
System drive C: has 162 GB (27%) free of 598 GB
Total RAM: 3959 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:10:34, on 29. 10. 2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16869)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\J3ck3sss.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [LManager] c:\program files (x86)\launch manager\lmanager.exe
O4 - HKLM\..\Run: [IAStorIcon] c:\program files (x86)\intel\intel(r) rapid storage technology\iastoricon.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - Global Startup: T-Mobile Communication Center.lnk = C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files (x86)\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - (no file)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Unknown owner - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Mobile Broadband Core Service (WMCoreService) - Unknown owner - C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9229 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 3282672
\??\C:\Windows\system32\conhost.exe "1121129210-6851568141633613502-205568899378991666331358649-1195704572-587984205
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe" servicemode
WLIDSvcM.exe 1724
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
atieclxx
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files\Zune\ZuneLauncher.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe" -m
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe"
"C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=sk --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --enable-print-preview --channel=1940.022266E0.767029893 --ignored=" --type=renderer " /prefetch:3
"C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --enable-print-preview --channel=1940.08F5B840.1492805415 /prefetch:3
C:\Windows\system32\rundll32.exe "C:\Users\J3ck3sss\AppData\Local\Google\Chrome\APPLIC~1\150874~1.106\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll" --lang=sk --channel=1940.0926BA80.1688787514 --flash-broker=3180 /prefetch:4
"C:\Users\J3ck3sss\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/last_accessed_socket/ --enable-print-preview --channel=1940.06FE1420.1514558147 /prefetch:3
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /welcome
taskeng.exe {68412B59-6BD4-4187-8D8D-3B55A9326D85}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 3286C814-A0F4-2438-0D1D-09E7A8B069BB -Reinvoke
"C:\Users\J3ck3sss\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Avira SearchFree Toolbar plus Web Protection - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-07-27 1493160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
{98889811-442D-49dd-99D7-DC866BE87DBC}
{D4027C7F-154A-4066-A1AD-4243D8127440} - Avira SearchFree Toolbar plus Web Protection - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-07-27 1493160]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-01-13 635784]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-10-19 2185032]
"Zune Launcher"=c:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]
"CanonSolutionMenu"=c:\program files (x86)\canon\solutionmenu\cnslmain.exe [2009-09-04 767312]
"AtherosBtStack"=c:\program files (x86)\bluetooth suite\btvstack.exe [2009-12-30 393256]
"Acer ePower Management"=c:\program files\acer\acer epower management\epowertray.exe [2010-01-18 832544]
"SynTPEnh"=C:\Program Files\synaptics\syntp\syntpenh.exe [2009-12-10 1890088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePower Management]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
c:\program files (x86)\bittorrent\bittorrent.exe [2011-01-28 4771184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
c:\program files (x86)\samsung\kies\external\firmwareupdate\kiespdlr.exe [2011-03-17 19872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
c:\program files\windows sidebar\sidebar.exe [2009-07-14 1475072]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-10 98304]
"IJNetworkScanUtility"=C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2009-05-19 136544]
"DATAMNGR"=C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE [2011-03-24 1115536]
"LManager"=c:\program files (x86)\launch manager\lmanager.exe [2010-01-22 1287760]
"IAStorIcon"=c:\program files (x86)\intel\intel(r) rapid storage technology\iastoricon.exe [2009-12-23 284696]
""= []
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
T-Mobile Communication Center.lnk - C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 290304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2011-10-29 18:10:28 ----D---- C:\rsit
2011-10-29 17:53:20 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-10-29 17:53:20 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-10-29 17:53:19 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-10-29 17:53:18 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-10-29 17:53:18 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-10-29 17:53:16 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-10-29 17:53:16 ----A---- C:\Windows\system32\aswBoot.exe
2011-10-29 17:53:01 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2011-10-29 17:53:01 ----A---- C:\Windows\avastSS.scr
2011-10-29 17:52:53 ----D---- C:\ProgramData\AVAST Software
2011-10-29 17:52:53 ----D---- C:\Program Files\AVAST Software
2011-10-29 17:38:20 ----D---- C:\Program Files\CCleaner
2011-10-29 14:19:34 ----D---- C:\Program Files (x86)\Ask.com
2011-10-29 12:53:54 ----SHD---- C:\$RECYCLE.BIN
2011-10-29 10:49:29 ----D---- C:\Windows\ERDNT
2011-10-28 22:09:06 ----D---- C:\Program Files\trend micro
2011-10-23 20:26:41 ----D---- C:\Users\J3ck3sss\AppData\Roaming\CadSoft
2011-10-21 21:56:21 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2011-10-21 21:55:42 ----D---- C:\Program Files (x86)\Microsoft Expression
2011-10-21 21:55:38 ----D---- C:\Program Files (x86)\WPF Toolkit
2011-10-21 21:51:04 ----D---- C:\Program Files (x86)\Microsoft XNA
2011-10-21 21:40:38 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2011-10-21 21:39:55 ----D---- C:\Program Files (x86)\Microsoft XDE
2011-10-21 21:38:35 ----D---- C:\Windows\symbols
2011-10-21 21:38:34 ----D---- C:\Program Files\Microsoft Visual Studio 10.0
2011-10-21 21:38:33 ----D---- C:\Program Files\Microsoft Help Viewer
2011-10-21 21:38:33 ----D---- C:\Program Files (x86)\Microsoft SDKs
2011-10-16 15:23:06 ----D---- C:\Program Files (x86)\Phone7Market
2011-10-16 11:49:59 ----D---- C:\Windows\system32\ms-MY
2011-10-14 22:55:51 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2011-10-14 22:54:44 ----A---- C:\Windows\system32\RegistryDefragBootTime.exe
2011-10-12 21:03:03 ----A---- C:\Windows\system32\win32k.sys
2011-10-12 21:02:49 ----A---- C:\Windows\system32\ieframe.dll
2011-10-12 21:02:45 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-10-12 21:02:43 ----A---- C:\Windows\system32\mshtml.dll
2011-10-12 21:02:42 ----A---- C:\Windows\system32\urlmon.dll
2011-10-12 21:02:39 ----A---- C:\Windows\system32\wininet.dll
2011-10-12 21:02:38 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-10-12 21:02:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-10-12 21:02:36 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-10-12 21:02:32 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-10-12 21:02:32 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-10-12 21:02:32 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-10-12 21:02:32 ----A---- C:\Windows\system32\mstime.dll
2011-10-12 21:02:32 ----A---- C:\Windows\system32\msfeeds.dll
2011-10-12 21:02:32 ----A---- C:\Windows\system32\ieui.dll
2011-10-12 21:02:32 ----A---- C:\Windows\system32\iedkcs32.dll
2011-10-12 21:02:31 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-10-12 21:02:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-10-12 21:02:31 ----A---- C:\Windows\system32\iertutil.dll
2011-10-12 21:02:31 ----A---- C:\Windows\system32\iepeers.dll
2011-10-12 21:02:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-10-12 21:02:30 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-10-12 21:02:30 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-10-12 21:02:30 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-12 21:02:30 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-10-12 21:02:23 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-10-12 21:02:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-10-12 21:02:23 ----A---- C:\Windows\system32\url.dll
2011-10-12 21:02:23 ----A---- C:\Windows\system32\licmgr10.dll
2011-10-12 21:02:23 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-12 21:02:22 ----A---- C:\Windows\SYSWOW64\url.dll
2011-10-12 21:02:22 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-10-12 21:02:22 ----A---- C:\Windows\system32\msfeedssync.exe
2011-10-12 20:54:22 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-12 20:54:21 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-10-12 20:54:12 ----A---- C:\Windows\system32\oleacc.dll
2011-10-12 20:54:11 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-10-12 20:54:11 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-12 20:54:10 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2011-10-11 17:44:11 ----D---- C:\Program Files (x86)\Counter-Strike Source
======List of files/folders modified in the last 1 month======
2011-10-29 18:10:32 ----D---- C:\Windows\Temp
2011-10-29 17:53:20 ----D---- C:\Windows\system32\drivers
2011-10-29 17:53:16 ----D---- C:\Windows\SysWOW64
2011-10-29 17:53:16 ----D---- C:\Windows\System32
2011-10-29 17:53:14 ----SHD---- C:\Windows\Installer
2011-10-29 17:53:14 ----D---- C:\Config.Msi
2011-10-29 17:53:01 ----D---- C:\Windows
2011-10-29 17:52:53 ----RD---- C:\Program Files
2011-10-29 17:52:53 ----D---- C:\ProgramData
2011-10-29 17:52:51 ----SHD---- C:\System Volume Information
2011-10-29 17:47:20 ----D---- C:\ProgramData\Samsung
2011-10-29 17:47:06 ----D---- C:\Users\J3ck3sss\AppData\Roaming\Samsung
2011-10-29 17:42:27 ----RD---- C:\Program Files (x86)
2011-10-29 17:39:34 ----D---- C:\Users\J3ck3sss\AppData\Roaming\DAEMON Tools Pro
2011-10-29 17:39:34 ----D---- C:\Users\J3ck3sss\AppData\Roaming\DAEMON Tools Lite
2011-10-29 17:39:34 ----D---- C:\Users\J3ck3sss\AppData\Roaming\BitTorrent
2011-10-29 17:39:33 ----D---- C:\Windows\Panther
2011-10-29 17:39:33 ----D---- C:\Windows\Logs
2011-10-29 17:39:33 ----D---- C:\Windows\inf
2011-10-29 17:31:59 ----A---- C:\Windows\SYSWOW64\log.txt
2011-10-29 17:17:28 ----D---- C:\Windows\system32\config
2011-10-29 17:07:55 ----D---- C:\Windows\Prefetch
2011-10-29 17:02:42 ----D---- C:\Windows\system32\catroot
2011-10-29 16:59:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-10-29 12:53:48 ----A---- C:\Windows\system.ini
2011-10-29 12:53:40 ----D---- C:\Windows\system32\drivers\etc
2011-10-29 12:51:48 ----D---- C:\Windows\system32\catroot2
2011-10-29 12:48:37 ----D---- C:\Windows\SYSWOW64\drivers
2011-10-29 12:48:37 ----D---- C:\Windows\AppPatch
2011-10-29 12:48:35 ----D---- C:\Program Files\Common Files
2011-10-29 12:48:35 ----D---- C:\Program Files (x86)\Common Files
2011-10-29 11:56:23 ----D---- C:\Program Files (x86)\BabylonToolbar
2011-10-29 11:56:22 ----D---- C:\Program Files (x86)\Windows iLivid Toolbar
2011-10-29 11:56:21 ----D---- C:\Windows\Tasks
2011-10-29 11:41:02 ----D---- C:\Windows\system32\Tasks
2011-10-28 22:10:59 ----D---- C:\Users\J3ck3sss\AppData\Roaming\Skype
2011-10-28 21:59:38 ----D---- C:\Windows\system32\DriverStore
2011-10-28 20:49:24 ----D---- C:\ProgramData\boost_interprocess
2011-10-28 16:58:23 ----D---- C:\Users\J3ck3sss\AppData\Roaming\vlc
2011-10-27 19:43:07 ----D---- C:\Windows\winsxs
2011-10-27 19:42:57 ----D---- C:\Program Files (x86)\Internet Explorer
2011-10-27 19:42:56 ----D---- C:\Program Files\Internet Explorer
2011-10-23 14:52:51 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-10-21 22:06:09 ----D---- C:\Windows\Microsoft.NET
2011-10-21 22:06:08 ----RSD---- C:\Windows\assembly
2011-10-21 21:55:46 ----RSD---- C:\Windows\Fonts
2011-10-21 21:55:42 ----SD---- C:\ProgramData\Microsoft
2011-10-21 21:49:51 ----SD---- C:\Users\J3ck3sss\AppData\Roaming\Microsoft
2011-10-21 21:49:09 ----D---- C:\Program Files (x86)\MSBuild
2011-10-21 21:38:35 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-10-21 20:26:17 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-10-21 20:22:40 ----D---- C:\Windows\SYSWOW64\en-US
2011-10-21 20:22:40 ----D---- C:\Windows\system32\en-US
2011-10-16 11:50:15 ----D---- C:\Windows\system32\pt-PT
2011-10-16 11:50:15 ----D---- C:\Windows\system32\nl-NL
2011-10-16 11:50:15 ----D---- C:\Windows\system32\drivers\UMDF
2011-10-16 11:50:15 ----D---- C:\Windows\system32\da-DK
2011-10-16 11:50:14 ----D---- C:\Windows\system32\ru-RU
2011-10-16 11:50:14 ----D---- C:\Windows\system32\pl-PL
2011-10-16 11:50:14 ----D---- C:\Windows\system32\ko-KR
2011-10-16 11:50:13 ----D---- C:\Windows\system32\zh-TW
2011-10-16 11:50:13 ----D---- C:\Windows\system32\sv-SE
2011-10-16 11:50:13 ----D---- C:\Windows\system32\nb-NO
2011-10-16 11:50:13 ----D---- C:\Windows\system32\ja-JP
2011-10-16 11:50:13 ----D---- C:\Windows\system32\it-IT
2011-10-16 11:50:13 ----D---- C:\Windows\system32\hu-HU
2011-10-16 11:50:13 ----D---- C:\Windows\system32\fr-FR
2011-10-16 11:50:13 ----D---- C:\Windows\system32\fi-FI
2011-10-16 11:50:13 ----D---- C:\Windows\system32\el-GR
2011-10-16 11:50:12 ----D---- C:\Windows\system32\zh-CN
2011-10-16 11:50:12 ----D---- C:\Windows\system32\pt-BR
2011-10-16 11:50:12 ----D---- C:\Windows\system32\es-ES
2011-10-16 11:50:12 ----D---- C:\Windows\system32\de-DE
2011-10-16 11:50:12 ----D---- C:\Windows\system32\cs-CZ
2011-10-16 11:46:47 ----D---- C:\Program Files\Zune
2011-10-16 11:42:07 ----D---- C:\ProgramData\YouTube Downloader
2011-10-16 11:42:04 ----D---- C:\Program Files (x86)\YouTube Downloader
2011-10-15 18:48:11 ----D---- C:\Users\J3ck3sss\AppData\Roaming\DivX
2011-10-15 12:54:53 ----D---- C:\ProgramData\CanonIJPLM
2011-10-15 12:54:53 ----D---- C:\ProgramData\CanonIJ
2011-10-15 12:05:25 ----D---- C:\ProgramData\Skype
2011-10-14 22:54:48 ----D---- C:\Windows\debug
2011-10-14 22:14:53 ----D---- C:\ProgramData\IObit
2011-10-14 22:14:38 ----D---- C:\Users\J3ck3sss\AppData\Roaming\IObit
2011-10-14 22:13:11 ----D---- C:\ProgramData\DivX
2011-10-14 22:13:11 ----D---- C:\Program Files (x86)\DivX
2011-10-14 22:12:39 ----D---- C:\Program Files\DivX
2011-10-13 07:51:19 ----D---- C:\Windows\SYSWOW64\migration
2011-10-13 07:51:18 ----D---- C:\Windows\system32\migration
2011-10-13 07:44:28 ----A---- C:\Windows\system32\MRT.exe
2011-10-13 07:41:01 ----D---- C:\ProgramData\Microsoft Help
2011-10-13 07:32:49 ----D---- C:\Windows\ehome
2011-10-11 14:41:31 ----D---- C:\Program Files (x86)\Valve
2011-10-10 17:34:21 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-10-05 17:47:17 ----D---- C:\Program Files (x86)\Warcraft III
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 538136]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-21 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-09-06 42328]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-09-06 301912]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-09-06 58200]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-13 254528]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2011-07-19 295272]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-09-06 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-09-06 65368]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-10 6179328]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-12-14 2978296]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2009-12-30 31784]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 k57nd;Broadcom NetLink Gigabit Ethernet; C:\Windows\system32\DRIVERS\k57amd64.sys [2010-03-21 334376]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-09-06 601944]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2010-12-21 36328]
S3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys []
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2009-12-30 38440]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2009-12-30 336424]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2009-12-30 246824]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2009-12-30 133672]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552448]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-02-03 135560]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2011-01-29 11776]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 255552]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-12-11 232992]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-01-03 157160]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-01-03 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-01-03 177128]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-01-03 145384]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-10 202752]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2009-12-30 23592]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-01-22 310352]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-01-18 842784]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-23 13336]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-12-09 268824]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-09 2320920]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R2 WMCoreService;Mobile Broadband Core Service; C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe [2009-12-01 448512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-14 1255736]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service; c:\Program Files\Zune\WMZuneComm.exe [2011-08-05 306400]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
-----------------EOF-----------------
Přispějete na provoz fóra?