Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
pomoc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: pomoc
Zdravim, pekny vecer preji a vitam vas u nas na foru 
Prectete si pravidla fora http://forum.viry.cz/viewforum.php?f=12 a predevsim toto http://forum.viry.cz/viewtopic.php?f=12&t=5601
Jelikoz nevime o Vasem PC nic a z kristalove koule se spatne vesti, navic pri zatazenem pocasi jake ted v okrese Brno panuje, neni nic videt 
Ale dosti legracek, kouknem na to 
Dejte log z RSIT dle navodu http://forum.viry.cz/viewtopic.php?f=13&t=105895
Prectete si pravidla fora http://forum.viry.cz/viewforum.php?f=12 a predevsim toto http://forum.viry.cz/viewtopic.php?f=12&t=5601 Jelikoz nevime o Vasem PC nic a z kristalove koule se spatne vesti, navic pri zatazenem pocasi jake ted v okrese Brno panuje, neni nic videt Ale dosti legracek, kouknem na to Dejte log z RSIT dle navodu http://forum.viry.cz/viewtopic.php?f=13&t=105895"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: pomoc
Zdravim, omlouvám se, ale hodně mě to vystrašilo, no pc je to starý LYNX, Intel(R) Pentium(R) Dual CPU, E 2140 @ 1.60GHz, 0,99 GB RAM, nevim zda tohle pomůže...prostě to neni žádná nadupaná mašinka 
... jinak o log se snažím, ale ani to mi nejde spustit ( neodpovídá) .....pc je asi na odpis ne? 
... jinak o log se snažím, ale ani to mi nejde spustit ( neodpovídá) .....pc je asi na odpis ne? Re: pomoc
Popis PC je uprimne takhle na prd, my se potrebujem mrknout co je tam kde zakopany z oblasti haveti a na to nam prave poslouzi prvotne RSIT
Prihlaste se do nouzoveho rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) a zkuste udelat RSIT tam
Prihlaste se do nouzoveho rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) a zkuste udelat RSIT tam
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: pomoc
Logfile of random's system information tool 1.09 (written by random/random)
Run by Uživatel at 2012-05-24 21:58:26
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 49 GB (43%) free of 114 GB
Total RAM: 1015 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:58:39, on 24.5.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Uživatel.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.thebflix.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.thebflix.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files\BrowserCompanion\jsloader.dll
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Documents and Settings\Uživatel\Data aplikací\Complitly\Complitly.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Fairy - {27CF82B1-E1D2-4f9b-976E-62095A52BA4A} - C:\Program Files\Search Fairy\SearchFairy.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files\BrowserCompanion\updatebhoWin32.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll
O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\WI371A~1\Datamngr\BROWSE~1.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FB Layouts & Extras - {FF4E1D1D-705B-4379-AB33-22D98C1ABF55} - C:\Program Files\FBLayouts\fblayouts.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Search Fairy - {81727BE7-50E7-48ed-A547-F0274756E2DD} - C:\Program Files\Search Fairy\SearchFairy.dll
O9 - Extra 'Tools' menuitem: Search Fairy options - {81727BE7-50E7-48ed-A547-F0274756E2DD} - C:\Program Files\Search Fairy\SearchFairy.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1D5F9AC3-4742-44F7-BAEC-3CBEF54937A9}: NameServer = 77.87.238.65,77.87.232.17
O17 - HKLM\System\CS1\Services\Tcpip\..\{1D5F9AC3-4742-44F7-BAEC-3CBEF54937A9}: NameServer = 77.87.238.65,77.87.232.17
O17 - HKLM\System\CS2\Services\Tcpip\..\{1D5F9AC3-4742-44F7-BAEC-3CBEF54937A9}: NameServer = 77.87.238.65,77.87.232.17
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O24 - Desktop Component 0: (no name) - http://www.hbo.cz/hbo/tudors/images/1_henry.gif
--
End of file - 10930 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3427850019-3997369180-2527231859-1006Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3427850019-3997369180-2527231859-1006UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3427850019-3997369180-2527231859-1006Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3427850019-3997369180-2527231859-1006UA.job
C:\WINDOWS\tasks\RMSchedule.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{A1A97911-778F-443D-8245-2B21FAB18BE9}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00cbb66b-1d3b-46d3-9577-323a336acb50}]
Browser Companion Helper - C:\Program Files\BrowserCompanion\jsloader.dll [2012-03-27 225584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Documents and Settings\Uživatel\Data aplikací\Complitly\Complitly.dll [2012-04-08 141528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27CF82B1-E1D2-4f9b-976E-62095A52BA4A}]
Search Fairy - C:\Program Files\Search Fairy\SearchFairy.dll [2012-03-01 175408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-29 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}]
Browser Companion Helper Verifier - C:\Program Files\BrowserCompanion\updatebhoWin32.dll [2012-03-27 141104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]
Searchqu Toolbar - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll [2011-10-31 88976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
DataMngr - C:\PROGRA~1\WI371A~1\Datamngr\BROWSE~1.DLL [2011-11-09 101272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTo0.dll [2011-05-09 176936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-29 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-03-29 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF4E1D1D-705B-4379-AB33-22D98C1ABF55}]
FB Layouts & Extras - C:\Program Files\FBLayouts\fblayouts.dll [2011-01-18 98816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTo0.dll [2011-05-09 176936]
{99079a25-328f-4bd4-be04-00955acaa0a7} - Searchqu Toolbar - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll [2011-10-31 88976]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-05-04 46080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\BitTorrent\BitTorrent.exe"="C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe"="C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker"
"C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"wave1"=serwvdrv.dll
"wave2"=serwvdrv.dll
"wave3"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.I420"=msh263.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"VIDC.FMVC"=fmcodec.dll
======List of files/folders created in the last 1 month======
2012-05-24 21:56:47 ----A---- C:\WINDOWS\ntbtlog.txt
2012-05-24 21:26:10 ----DC---- C:\rsit
2012-05-22 17:51:40 ----DC---- C:\4430242dfb4f04ec3ad615d7f0
2012-05-12 13:47:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2012-05-12 04:20:16 ----DC---- C:\333e72749b298076fe5fb20a
2012-05-12 04:20:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2012-05-12 04:18:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2695962$
2012-05-12 04:13:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$
2012-05-10 02:32:08 ----D---- C:\Program Files\Common Files\Skype
2012-05-10 02:32:06 ----RD---- C:\Program Files\Skype
2012-05-08 18:48:51 ----D---- C:\Program Files\Complitly
2012-05-08 18:48:51 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Complitly
2012-05-08 18:48:38 ----D---- C:\Program Files\Search Fairy
2012-05-08 18:48:33 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\BrowserCompanion
2012-05-08 18:48:30 ----D---- C:\Program Files\BrowserCompanion
2012-05-08 18:48:26 ----D---- C:\Program Files\GotClip
======List of files/folders modified in the last 1 month======
2012-05-24 21:58:39 ----D---- C:\Program Files\Trend Micro
2012-05-24 21:58:05 ----D---- C:\WINDOWS\system32
2012-05-24 21:56:47 ----AD---- C:\WINDOWS
2012-05-24 21:40:52 ----D---- C:\WINDOWS\Prefetch
2012-05-24 21:35:35 ----A---- C:\WINDOWS\system32\PerfStringBackup.TMP
2012-05-24 21:31:48 ----D---- C:\WINDOWS\Microsoft.NET
2012-05-24 21:31:42 ----D---- C:\WINDOWS\temp
2012-05-24 21:31:41 ----D---- C:\WINDOWS\system32\CatRoot2
2012-05-22 20:06:30 ----SHD---- C:\System Volume Information
2012-05-22 20:04:02 ----D---- C:\WINDOWS\system32\NtmsData
2012-05-22 18:15:59 ----D---- C:\WINDOWS\Registration
2012-05-20 23:47:51 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\vlc
2012-05-20 23:16:37 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\dvdcss
2012-05-13 21:31:06 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Skype
2012-05-13 18:21:29 ----RSD---- C:\WINDOWS\assembly
2012-05-13 18:08:18 ----D---- C:\WINDOWS\WinSxS
2012-05-12 13:50:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-05-12 13:47:23 ----HD---- C:\WINDOWS\inf
2012-05-12 13:43:29 ----D---- C:\WINDOWS\system32\XPSViewer
2012-05-12 13:27:46 ----AC---- C:\WINDOWS\system32\MRT.exe
2012-05-12 04:20:05 ----A---- C:\WINDOWS\imsins.BAK
2012-05-12 04:20:02 ----HD---- C:\WINDOWS\$hf_mig$
2012-05-12 04:13:49 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-05-10 02:32:08 ----D---- C:\Program Files\Common Files
2012-05-10 02:32:06 ----RD---- C:\Program Files
2012-05-10 02:32:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2012-05-02 22:12:40 ----RD---- C:\WINDOWS\Web
2012-05-02 22:12:36 ----D---- C:\WINDOWS\SHELLNEW
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2005-02-11 89856]
R0 nvcchflt;NVIDIA Disk Cache Filter Driver; C:\WINDOWS\system32\DRIVERS\nvcchflt.sys [2005-02-11 16640]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-02-03 218688]
R1 pctgntdi;pctgntdi; \??\C:\WINDOWS\system32\drivers\pctgntdi.sys []
R3 AtcL002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l251x86.sys [2007-10-17 30720]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 pctNdisMP;PC Tools Driver; C:\WINDOWS\system32\DRIVERS\pctNdis.sys [2010-07-08 57536]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-02-03 717296]
S1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
S1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2011-07-06 138192]
S1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
S1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
S2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2011-07-06 66616]
S2 BT848;WinFast TV2000 XP WDM Video Capture; C:\WINDOWS\system32\drivers\wf2kvcap.sys [2004-02-06 75829]
S2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
S2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
S2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
S2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
S2 PCTAppEvent;PCTAppEvent Driver; \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys []
S2 tv2ktunr;WinFast TV2000 XP WDM TVTuner; C:\WINDOWS\system32\drivers\wf2ktunr.sys [2004-02-06 33959]
S2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar; C:\WINDOWS\system32\drivers\wf2kxbar.sys [2004-02-06 10005]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-05-04 1133056]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 GVTDrv;GVTDrv; C:\WINDOWS\system32\drivers\GVTDrv.sys [2009-06-15 23524]
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys []
S3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-08-22 1035008]
S3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2005-08-22 244480]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-10-31 4942336]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-08-02 3198560]
S3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2005-04-13 53376]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-06 33536]
S3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-06 12928]
S3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2005-04-13 414464]
S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver; \??\C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys []
S3 pctNdis;PC Tools Firewall Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\pctNdis.sys [2010-07-08 57536]
S3 pctplfw;pctplfw; \??\C:\WINDOWS\system32\drivers\pctplfw.sys []
S3 PID_0928;Labtec WebCam(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS []
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-08-22 718464]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-07-06 269480]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-07-06 136360]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-05-04 364544]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-05-03 516096]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
S2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-03-29 153376]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-08-02 127043]
S2 PCToolsFirewallPlus;PC Tools Firewall Plus; C:\Program Files\PC Tools Firewall Plus\FWService.exe [2011-01-24 286000]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-05-03 158856]
S2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-12-09 570880]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Run by Uživatel at 2012-05-24 21:58:26
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 49 GB (43%) free of 114 GB
Total RAM: 1015 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:58:39, on 24.5.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Uživatel.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.thebflix.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.thebflix.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files\BrowserCompanion\jsloader.dll
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Documents and Settings\Uživatel\Data aplikací\Complitly\Complitly.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Fairy - {27CF82B1-E1D2-4f9b-976E-62095A52BA4A} - C:\Program Files\Search Fairy\SearchFairy.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files\BrowserCompanion\updatebhoWin32.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll
O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\WI371A~1\Datamngr\BROWSE~1.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FB Layouts & Extras - {FF4E1D1D-705B-4379-AB33-22D98C1ABF55} - C:\Program Files\FBLayouts\fblayouts.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Search Fairy - {81727BE7-50E7-48ed-A547-F0274756E2DD} - C:\Program Files\Search Fairy\SearchFairy.dll
O9 - Extra 'Tools' menuitem: Search Fairy options - {81727BE7-50E7-48ed-A547-F0274756E2DD} - C:\Program Files\Search Fairy\SearchFairy.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1D5F9AC3-4742-44F7-BAEC-3CBEF54937A9}: NameServer = 77.87.238.65,77.87.232.17
O17 - HKLM\System\CS1\Services\Tcpip\..\{1D5F9AC3-4742-44F7-BAEC-3CBEF54937A9}: NameServer = 77.87.238.65,77.87.232.17
O17 - HKLM\System\CS2\Services\Tcpip\..\{1D5F9AC3-4742-44F7-BAEC-3CBEF54937A9}: NameServer = 77.87.238.65,77.87.232.17
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O24 - Desktop Component 0: (no name) - http://www.hbo.cz/hbo/tudors/images/1_henry.gif
--
End of file - 10930 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3427850019-3997369180-2527231859-1006Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3427850019-3997369180-2527231859-1006UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3427850019-3997369180-2527231859-1006Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3427850019-3997369180-2527231859-1006UA.job
C:\WINDOWS\tasks\RMSchedule.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{A1A97911-778F-443D-8245-2B21FAB18BE9}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00cbb66b-1d3b-46d3-9577-323a336acb50}]
Browser Companion Helper - C:\Program Files\BrowserCompanion\jsloader.dll [2012-03-27 225584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Documents and Settings\Uživatel\Data aplikací\Complitly\Complitly.dll [2012-04-08 141528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27CF82B1-E1D2-4f9b-976E-62095A52BA4A}]
Search Fairy - C:\Program Files\Search Fairy\SearchFairy.dll [2012-03-01 175408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-29 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}]
Browser Companion Helper Verifier - C:\Program Files\BrowserCompanion\updatebhoWin32.dll [2012-03-27 141104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]
Searchqu Toolbar - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll [2011-10-31 88976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
DataMngr - C:\PROGRA~1\WI371A~1\Datamngr\BROWSE~1.DLL [2011-11-09 101272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTo0.dll [2011-05-09 176936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-29 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-03-29 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF4E1D1D-705B-4379-AB33-22D98C1ABF55}]
FB Layouts & Extras - C:\Program Files\FBLayouts\fblayouts.dll [2011-01-18 98816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTo0.dll [2011-05-09 176936]
{99079a25-328f-4bd4-be04-00955acaa0a7} - Searchqu Toolbar - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll [2011-10-31 88976]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-05-04 46080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\BitTorrent\BitTorrent.exe"="C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe"="C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker"
"C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"wave1"=serwvdrv.dll
"wave2"=serwvdrv.dll
"wave3"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.I420"=msh263.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"VIDC.FMVC"=fmcodec.dll
======List of files/folders created in the last 1 month======
2012-05-24 21:56:47 ----A---- C:\WINDOWS\ntbtlog.txt
2012-05-24 21:26:10 ----DC---- C:\rsit
2012-05-22 17:51:40 ----DC---- C:\4430242dfb4f04ec3ad615d7f0
2012-05-12 13:47:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2012-05-12 04:20:16 ----DC---- C:\333e72749b298076fe5fb20a
2012-05-12 04:20:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2012-05-12 04:18:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2695962$
2012-05-12 04:13:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$
2012-05-10 02:32:08 ----D---- C:\Program Files\Common Files\Skype
2012-05-10 02:32:06 ----RD---- C:\Program Files\Skype
2012-05-08 18:48:51 ----D---- C:\Program Files\Complitly
2012-05-08 18:48:51 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Complitly
2012-05-08 18:48:38 ----D---- C:\Program Files\Search Fairy
2012-05-08 18:48:33 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\BrowserCompanion
2012-05-08 18:48:30 ----D---- C:\Program Files\BrowserCompanion
2012-05-08 18:48:26 ----D---- C:\Program Files\GotClip
======List of files/folders modified in the last 1 month======
2012-05-24 21:58:39 ----D---- C:\Program Files\Trend Micro
2012-05-24 21:58:05 ----D---- C:\WINDOWS\system32
2012-05-24 21:56:47 ----AD---- C:\WINDOWS
2012-05-24 21:40:52 ----D---- C:\WINDOWS\Prefetch
2012-05-24 21:35:35 ----A---- C:\WINDOWS\system32\PerfStringBackup.TMP
2012-05-24 21:31:48 ----D---- C:\WINDOWS\Microsoft.NET
2012-05-24 21:31:42 ----D---- C:\WINDOWS\temp
2012-05-24 21:31:41 ----D---- C:\WINDOWS\system32\CatRoot2
2012-05-22 20:06:30 ----SHD---- C:\System Volume Information
2012-05-22 20:04:02 ----D---- C:\WINDOWS\system32\NtmsData
2012-05-22 18:15:59 ----D---- C:\WINDOWS\Registration
2012-05-20 23:47:51 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\vlc
2012-05-20 23:16:37 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\dvdcss
2012-05-13 21:31:06 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Skype
2012-05-13 18:21:29 ----RSD---- C:\WINDOWS\assembly
2012-05-13 18:08:18 ----D---- C:\WINDOWS\WinSxS
2012-05-12 13:50:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-05-12 13:47:23 ----HD---- C:\WINDOWS\inf
2012-05-12 13:43:29 ----D---- C:\WINDOWS\system32\XPSViewer
2012-05-12 13:27:46 ----AC---- C:\WINDOWS\system32\MRT.exe
2012-05-12 04:20:05 ----A---- C:\WINDOWS\imsins.BAK
2012-05-12 04:20:02 ----HD---- C:\WINDOWS\$hf_mig$
2012-05-12 04:13:49 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-05-10 02:32:08 ----D---- C:\Program Files\Common Files
2012-05-10 02:32:06 ----RD---- C:\Program Files
2012-05-10 02:32:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2012-05-02 22:12:40 ----RD---- C:\WINDOWS\Web
2012-05-02 22:12:36 ----D---- C:\WINDOWS\SHELLNEW
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2005-02-11 89856]
R0 nvcchflt;NVIDIA Disk Cache Filter Driver; C:\WINDOWS\system32\DRIVERS\nvcchflt.sys [2005-02-11 16640]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-02-03 218688]
R1 pctgntdi;pctgntdi; \??\C:\WINDOWS\system32\drivers\pctgntdi.sys []
R3 AtcL002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l251x86.sys [2007-10-17 30720]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 pctNdisMP;PC Tools Driver; C:\WINDOWS\system32\DRIVERS\pctNdis.sys [2010-07-08 57536]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-02-03 717296]
S1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
S1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2011-07-06 138192]
S1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
S1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
S2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2011-07-06 66616]
S2 BT848;WinFast TV2000 XP WDM Video Capture; C:\WINDOWS\system32\drivers\wf2kvcap.sys [2004-02-06 75829]
S2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
S2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
S2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
S2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
S2 PCTAppEvent;PCTAppEvent Driver; \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys []
S2 tv2ktunr;WinFast TV2000 XP WDM TVTuner; C:\WINDOWS\system32\drivers\wf2ktunr.sys [2004-02-06 33959]
S2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar; C:\WINDOWS\system32\drivers\wf2kxbar.sys [2004-02-06 10005]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-05-04 1133056]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 GVTDrv;GVTDrv; C:\WINDOWS\system32\drivers\GVTDrv.sys [2009-06-15 23524]
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys []
S3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-08-22 1035008]
S3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2005-08-22 244480]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-10-31 4942336]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-08-02 3198560]
S3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2005-04-13 53376]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-06 33536]
S3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-06 12928]
S3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2005-04-13 414464]
S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver; \??\C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys []
S3 pctNdis;PC Tools Firewall Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\pctNdis.sys [2010-07-08 57536]
S3 pctplfw;pctplfw; \??\C:\WINDOWS\system32\drivers\pctplfw.sys []
S3 PID_0928;Labtec WebCam(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS []
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-08-22 718464]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-07-06 269480]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-07-06 136360]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-05-04 364544]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-05-03 516096]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
S2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-03-29 153376]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-08-02 127043]
S2 PCToolsFirewallPlus;PC Tools Firewall Plus; C:\Program Files\PC Tools Firewall Plus\FWService.exe [2011-01-24 286000]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-05-03 158856]
S2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-12-09 570880]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Re: pomoc
Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com
- Pokud ho havet blokuje, pouzijte jeden z nasledujicich
motji píše: Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe
Rkill SCR:
http://download.bleepingcomputer.com/grinler/rkill.scr
Rkill PIF:
http://download.bleepingcomputer.com/grinler/rkill.pif - Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
- Spustte tradicne dvojklikem - program probehne temer okamzite a ukonci i svou cinnost
- RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
- Ted nerestartujte PC - prisli byste o ucinek RKillu
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Re: pomoc
Ja si sem log dam (lepe se lusti) a vy je prosim taky vkladejte
ComboFix 12-05-24.03 - Uživatel 24.05.2012 22:30:59.5.2 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1015.748 [GMT 2:00]
Spuštěný z: c:\documents and settings\Uživatel\Dokumenty\Downloads\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: PC Tools Firewall Plus *Enabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Complitly
c:\program files\Complitly\FireFoxExtensionWithFF8Fix.exe
c:\program files\Complitly\FireFoxUninstaller.exe
c:\program files\Complitly\chrome\ComplitlyChrome.crx
c:\program files\Complitly\InstTracker.exe
c:\program files\Complitly\support@Complitly.com\defaults\preferences\predictad.js
c:\program files\Complitly\support@Complitly.com\chrome.manifest
c:\program files\Complitly\support@Complitly.com\chrome\content\appIcon.png
c:\program files\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul
c:\program files\Complitly\support@Complitly.com\chrome\content\options.js
c:\program files\Complitly\support@Complitly.com\chrome\content\options.xul
c:\program files\Complitly\support@Complitly.com\chrome\content\utils.js
c:\program files\Complitly\support@Complitly.com\install.rdf
c:\program files\Complitly\System.Data.SQLite.dll
c:\program files\Complitly\unins000.dat
c:\program files\Complitly\unins000.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-24 do 2012-05-24 )))))))))))))))))))))))))))))))
.
.
2012-05-24 19:26 . 2012-05-24 20:19 -------- dc----w- C:\rsit
2012-05-22 15:51 . 2012-05-24 20:25 -------- dc----w- C:\4430242dfb4f04ec3ad615d7f0
2012-05-13 08:33 . 2012-05-13 08:33 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\PCHealth
2012-05-12 02:20 . 2012-05-24 20:25 -------- dc----w- C:\333e72749b298076fe5fb20a
2012-05-10 00:32 . 2012-05-10 00:32 -------- d-----w- c:\program files\Common Files\Skype
2012-05-10 00:32 . 2012-05-10 00:32 -------- d-----r- c:\program files\Skype
2012-05-08 16:48 . 2012-05-08 16:48 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Complitly
2012-05-08 16:48 . 2012-05-08 16:48 -------- d-----w- c:\program files\Search Fairy
2012-05-08 16:48 . 2012-05-08 16:48 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\BrowserCompanion
2012-05-08 16:48 . 2012-05-08 16:48 -------- d-----w- c:\program files\BrowserCompanion
2012-05-08 16:48 . 2012-05-08 16:48 -------- d-----w- c:\program files\GotClip
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-24 20:56 . 2011-06-16 10:14 4764 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2012-04-11 13:55 . 2004-08-17 15:45 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 13:55 . 2005-11-02 18:25 1862272 ----a-w- c:\windows\system32\win32k.sys
2012-04-11 13:55 . 2005-11-02 18:25 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-29 20:57 . 2012-03-29 20:58 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-03-29 20:57 . 2012-03-29 20:29 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-12 23:46 . 2012-03-11 22:37 58390 ----a-w- c:\documents and settings\Uživatel\Data aplikací\mdbu.bin
2012-03-01 10:59 . 2005-11-02 18:25 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 10:59 . 2005-11-02 18:25 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 10:59 . 2005-11-02 18:25 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2005-11-02 18:25 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2005-11-02 18:25 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2005-11-02 18:25 385024 ----a-w- c:\windows\system32\html.iec
2009-09-04 17:01 . 2009-09-04 17:01 525656 -c--a-w- c:\program files\DXSETUP.exe
2009-09-04 17:01 . 2009-09-04 17:01 94024 -c--a-w- c:\program files\DSETUP.dll
2009-09-04 17:01 . 2009-09-04 17:01 1691464 -c--a-w- c:\program files\dsetup32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00cbb66b-1d3b-46d3-9577-323a336acb50}]
2012-03-27 15:00 225584 ----a-w- c:\program files\BrowserCompanion\jsloader.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{27CF82B1-E1D2-4f9b-976E-62095A52BA4A}]
2012-03-01 16:34 175408 ----a-w- c:\program files\Search Fairy\SearchFairy.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2011-05-09 09:49 176936 ----a-w- c:\program files\uTorrentBar\prxtbuTo0.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-05-17 12:29 1490312 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTo0.dll" [2011-05-09 176936]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\Windows iLivid Toolbar\\Datamngr\\ToolBar\\dtUser.exe"=
"c:\\Documents and Settings\\Uživatel\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 nvcchflt;NVIDIA Disk Cache Filter Driver;c:\windows\system32\drivers\nvcchflt.sys [3.11.2005 9:38 16640]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3.2.2011 23:37 717296]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [3.2.2011 0:46 218688]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [16.6.2011 19:43 251560]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [9.12.2008 20:28 141312]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [16.6.2011 19:43 160576]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [16.6.2011 19:42 89472]
R3 pctNdisMP;PC Tools Driver;c:\windows\system32\drivers\pctNdis.sys [16.6.2011 19:42 57536]
R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [16.6.2011 19:42 125248]
S2 BT848;WinFast TV2000 XP WDM Video Capture;c:\windows\system32\drivers\wf2kvcap.sys [3.11.2005 9:49 75829]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [3.5.2012 8:31 158856]
S2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;c:\windows\system32\drivers\wf2ktunr.sys [3.11.2005 9:50 33959]
S2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;c:\windows\system32\drivers\wf2kXbar.sys [3.11.2005 9:50 10005]
S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [16.11.2007 17:37 23524]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [15.6.2011 17:25 39984]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [12.6.2011 11:15 31125880]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 22:37 4640000]
S3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\drivers\pctNdis.sys [16.6.2011 19:42 57536]
S3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.sys [3.11.2005 9:53 9446]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-05-24 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-05-17 12:29]
.
2012-05-24 c:\windows\Tasks\User_Feed_Synchronization-{A1A97911-778F-443D-8245-2B21FAB18BE9}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.thebflix.com
mStart Page = hxxp://search.thebflix.com
uInternet Settings,ProxyOverride = *.local;<local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: {{81727BE7-50E7-48ed-A547-F0274756E2DD} - {27CF82B1-E1D2-4f9b-976E-62095A52BA4A} - c:\program files\Search Fairy\SearchFairy.dll
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
TCP: Interfaces\{1D5F9AC3-4742-44F7-BAEC-3CBEF54937A9}: NameServer = 77.87.238.65,77.87.232.17
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - c:\program files\Complitly\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-24 22:55
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1004)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(712)
c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~3\Office14\1029\GrooveIntlResource.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\PC Tools Firewall Plus\FWService.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2012-05-24 23:04:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-05-24 21:04
.
Před spuštěním: Volných bajtů: 53 397 393 408
Po spuštění: Volných bajtů: 53 518 704 640
.
- - End Of File - - 13C66EBC6B2286DA61BE75EE0A070ABF
ComboFix 12-05-24.03 - Uživatel 24.05.2012 22:30:59.5.2 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1015.748 [GMT 2:00]
Spuštěný z: c:\documents and settings\Uživatel\Dokumenty\Downloads\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: PC Tools Firewall Plus *Enabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Complitly
c:\program files\Complitly\FireFoxExtensionWithFF8Fix.exe
c:\program files\Complitly\FireFoxUninstaller.exe
c:\program files\Complitly\chrome\ComplitlyChrome.crx
c:\program files\Complitly\InstTracker.exe
c:\program files\Complitly\support@Complitly.com\defaults\preferences\predictad.js
c:\program files\Complitly\support@Complitly.com\chrome.manifest
c:\program files\Complitly\support@Complitly.com\chrome\content\appIcon.png
c:\program files\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul
c:\program files\Complitly\support@Complitly.com\chrome\content\options.js
c:\program files\Complitly\support@Complitly.com\chrome\content\options.xul
c:\program files\Complitly\support@Complitly.com\chrome\content\utils.js
c:\program files\Complitly\support@Complitly.com\install.rdf
c:\program files\Complitly\System.Data.SQLite.dll
c:\program files\Complitly\unins000.dat
c:\program files\Complitly\unins000.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-24 do 2012-05-24 )))))))))))))))))))))))))))))))
.
.
2012-05-24 19:26 . 2012-05-24 20:19 -------- dc----w- C:\rsit
2012-05-22 15:51 . 2012-05-24 20:25 -------- dc----w- C:\4430242dfb4f04ec3ad615d7f0
2012-05-13 08:33 . 2012-05-13 08:33 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\PCHealth
2012-05-12 02:20 . 2012-05-24 20:25 -------- dc----w- C:\333e72749b298076fe5fb20a
2012-05-10 00:32 . 2012-05-10 00:32 -------- d-----w- c:\program files\Common Files\Skype
2012-05-10 00:32 . 2012-05-10 00:32 -------- d-----r- c:\program files\Skype
2012-05-08 16:48 . 2012-05-08 16:48 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Complitly
2012-05-08 16:48 . 2012-05-08 16:48 -------- d-----w- c:\program files\Search Fairy
2012-05-08 16:48 . 2012-05-08 16:48 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\BrowserCompanion
2012-05-08 16:48 . 2012-05-08 16:48 -------- d-----w- c:\program files\BrowserCompanion
2012-05-08 16:48 . 2012-05-08 16:48 -------- d-----w- c:\program files\GotClip
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-24 20:56 . 2011-06-16 10:14 4764 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2012-04-11 13:55 . 2004-08-17 15:45 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 13:55 . 2005-11-02 18:25 1862272 ----a-w- c:\windows\system32\win32k.sys
2012-04-11 13:55 . 2005-11-02 18:25 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-29 20:57 . 2012-03-29 20:58 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-03-29 20:57 . 2012-03-29 20:29 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-12 23:46 . 2012-03-11 22:37 58390 ----a-w- c:\documents and settings\Uživatel\Data aplikací\mdbu.bin
2012-03-01 10:59 . 2005-11-02 18:25 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 10:59 . 2005-11-02 18:25 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 10:59 . 2005-11-02 18:25 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2005-11-02 18:25 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2005-11-02 18:25 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2005-11-02 18:25 385024 ----a-w- c:\windows\system32\html.iec
2009-09-04 17:01 . 2009-09-04 17:01 525656 -c--a-w- c:\program files\DXSETUP.exe
2009-09-04 17:01 . 2009-09-04 17:01 94024 -c--a-w- c:\program files\DSETUP.dll
2009-09-04 17:01 . 2009-09-04 17:01 1691464 -c--a-w- c:\program files\dsetup32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00cbb66b-1d3b-46d3-9577-323a336acb50}]
2012-03-27 15:00 225584 ----a-w- c:\program files\BrowserCompanion\jsloader.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{27CF82B1-E1D2-4f9b-976E-62095A52BA4A}]
2012-03-01 16:34 175408 ----a-w- c:\program files\Search Fairy\SearchFairy.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2011-05-09 09:49 176936 ----a-w- c:\program files\uTorrentBar\prxtbuTo0.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-05-17 12:29 1490312 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTo0.dll" [2011-05-09 176936]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\Windows iLivid Toolbar\\Datamngr\\ToolBar\\dtUser.exe"=
"c:\\Documents and Settings\\Uživatel\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 nvcchflt;NVIDIA Disk Cache Filter Driver;c:\windows\system32\drivers\nvcchflt.sys [3.11.2005 9:38 16640]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3.2.2011 23:37 717296]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [3.2.2011 0:46 218688]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [16.6.2011 19:43 251560]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [9.12.2008 20:28 141312]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [16.6.2011 19:43 160576]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [16.6.2011 19:42 89472]
R3 pctNdisMP;PC Tools Driver;c:\windows\system32\drivers\pctNdis.sys [16.6.2011 19:42 57536]
R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [16.6.2011 19:42 125248]
S2 BT848;WinFast TV2000 XP WDM Video Capture;c:\windows\system32\drivers\wf2kvcap.sys [3.11.2005 9:49 75829]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [3.5.2012 8:31 158856]
S2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;c:\windows\system32\drivers\wf2ktunr.sys [3.11.2005 9:50 33959]
S2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;c:\windows\system32\drivers\wf2kXbar.sys [3.11.2005 9:50 10005]
S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [16.11.2007 17:37 23524]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [15.6.2011 17:25 39984]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [12.6.2011 11:15 31125880]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 22:37 4640000]
S3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\drivers\pctNdis.sys [16.6.2011 19:42 57536]
S3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.sys [3.11.2005 9:53 9446]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-05-24 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-05-17 12:29]
.
2012-05-24 c:\windows\Tasks\User_Feed_Synchronization-{A1A97911-778F-443D-8245-2B21FAB18BE9}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.thebflix.com
mStart Page = hxxp://search.thebflix.com
uInternet Settings,ProxyOverride = *.local;<local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: {{81727BE7-50E7-48ed-A547-F0274756E2DD} - {27CF82B1-E1D2-4f9b-976E-62095A52BA4A} - c:\program files\Search Fairy\SearchFairy.dll
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
TCP: Interfaces\{1D5F9AC3-4742-44F7-BAEC-3CBEF54937A9}: NameServer = 77.87.238.65,77.87.232.17
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - c:\program files\Complitly\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-24 22:55
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1004)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(712)
c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~3\Office14\1029\GrooveIntlResource.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\PC Tools Firewall Plus\FWService.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2012-05-24 23:04:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-05-24 21:04
.
Před spuštěním: Volných bajtů: 53 397 393 408
Po spuštění: Volných bajtů: 53 518 704 640
.
- - End Of File - - 13C66EBC6B2286DA61BE75EE0A070ABF
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: pomoc
Pokud nemate, tak presunte Combofix primo na disk c:\
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
KillAll:: Folder:: c:\program files\uTorrentBar c:\program files\Ask.com C:\PROGRA~1\WI371A~1 File:: c:\program files\Search Fairy\SearchFairy.dll Registry:: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{00000000-6E41-4FD3-8538-502F5495E5FC}"=- "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"=- [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{27CF82B1-E1D2-4f9b-976E-62095A52BA4A}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"=- "{D4027C7F-154A-4066-A1AD-4243D8127440}"=- [-HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] [-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" DDS:: uStart Page = hxxp://search.thebflix.com mStart Page = hxxp://search.thebflix.com uInternet Settings,ProxyOverride = *.local;<local> Trusted Zone: mojebanka.cz\www ClearJavaCache:: Reboot::- Ulozte vytvoreny TXT jako CFScript.txt tez primo na disku c:\
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: pomoc
udelejte jej jest jednou prosim, ale nedavejte posledni znamou konfiguraci, ta log neudela, ba naopak vrati PC do stavu pred jeho aplikovanim, je to jen zachrana kdyz PC nechce nabehnout...
A zkuste ten skript aplikovat v normalnim rezimu
A zkuste ten skript aplikovat v normalnim rezimu
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: pomoc
ComboFix 12-05-24.03 - Uživatel 25.05.2012 0:43.6.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1015.572 [GMT 2:00]
Spuštěný z: c:\documents and settings\Uživatel\Dokumenty\Downloads\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
FW: PC Tools Firewall Plus *Enabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52}
.
FILE ::
"c:\program files\Search Fairy\SearchFairy.dll"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\progra~1\WI371A~1
c:\progra~1\WI371A~1\Datamngr\BrowserConnection.dll
c:\progra~1\WI371A~1\Datamngr\datamngr.dll
c:\progra~1\WI371A~1\Datamngr\datamngrUI.exe
c:\progra~1\WI371A~1\Datamngr\DnsBHO.dll
c:\progra~1\WI371A~1\Datamngr\IEBHO.dll
c:\progra~1\WI371A~1\Datamngr\ToolBar\as_guid.dat
c:\progra~1\WI371A~1\Datamngr\ToolBar\components\windowmediator.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\dtUser.exe
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\bandoocode.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\data\search\engines.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\data\search\search.xsl
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\about.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\bandoocode.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\dtxpanel.xul
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\dtxpaneltransparent.xul
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\dtxtransparentwin.xul
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\dtxwin.xul
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\external.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\imeshcode.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\neterror.xhtml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\vmncode.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\wmpstreamer.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\modules\datastore.jsm
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\modules\nsDragAndDrop.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\neterror.xhtml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\partner.coupons.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\preferences.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\radiobeta.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\template.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\toolbar.htm
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\toolbar.xul
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\vmncode.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\vmnrsswin.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\tb_icon.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget_version
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\babylon_logo.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\bandoo.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\bluelite.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\bluesky.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\btn-search-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\btn-search.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\btn-settings-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\btn-settings.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\btn-widgets-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\btn-widgets.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\btn_settings.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\ca.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\dictionary.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\divider.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\downloadcom.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\dtxlogo.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\ebay.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\email.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\email_on.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\facebook.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\games.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphred0.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphred0_5.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphred1.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphred1_5.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphred2.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphred2_5.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphred3.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphred3_5.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphred4.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphred4_5.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphred5.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphredna.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\grey.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\ico-shield.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\icon_amazon.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\icon_games.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\icon_radio_png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\icon_seperator_png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\icon_twitter.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\icon_youtube.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\images.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\imesh.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\add.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\aol.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\arrow-right-disabled.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\arrow-right.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\arrow-up.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\bg-btn-divider.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-divider.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\blank.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\btn-widgets-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\btn-widgets.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\btn_slider.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\btnback-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\btnright-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\collapse.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\comcast.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\dtx.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\edit-back.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\expand.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\found.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\gmail.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\highlight.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\highlight_blue.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\highlight_lime.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\hotmail.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\checkmark.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\chevron.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\ico-check.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\imap.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\loadingMid.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\lock.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\logo-separator.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\mailcom.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\menu_separator_white.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\menuitemright-down-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\menuitemright-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\modify.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\move.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\movetarget.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\css\panels.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupAbout.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupGames.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupRSS.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\css\dialog.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\bg.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-search.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\default.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-l.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-r.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-l.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-r.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\transparent.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-left.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-mdl.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-right.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-left.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-mdl.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right-resize.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-left.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-right.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\main.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts\defscript.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\footer.htm
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\gamecategory.xsl
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\gameData.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\gameList.xsl
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\games.xsl
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\gametype.xsl
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-dn.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-up.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-right.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-back.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-drag.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-moredetails.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-right-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\bullet-orange.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-dollar.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-download.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-news24.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-play.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-tags.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Add.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-download.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Info.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-play.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-shop.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\initHTML.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\popupGames.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\popupHTML.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\popupRSS.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\scroll.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\pop.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\css\manager.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\css\slider.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-radio.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\music-note.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-buffer.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\slider.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\slideron.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\track.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\managerpanel.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\volumeslider.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radiobeta-buffering.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radiobeta-connecting.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radiobeta-playing.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radiobeta-stopped.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radiobeta.ico
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\reload.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\remove.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\rename.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\resize-box.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\rss.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\rsschannelback.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\RSSLogo.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\rsstabdivider.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\scroll-left.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\scroll-right.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\search-go.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\search.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\text-ellipsis.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\throbber.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\toolbarsplitter.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\transparent_1px.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_02.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_03.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_04.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_06.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_07.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_08.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_09.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_10.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_11.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_12.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_13.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_15.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_16.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_18.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_19.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_20.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_21.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\close-hot.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\close-normal.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\loadingMid.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\proxy.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\template.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\template.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\templateFF.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\throbber.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-t.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\yahoo.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lichen.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\logo-about.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\logo-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\logo-separator.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\logo.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\mail.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\maps.bmp
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\menuseparatorback.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\modify-save.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\modify.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\modifyhot.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\music.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\news.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\options\options-main.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\options\options-search.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\options\options-weather.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\options\options-weather.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\options\options-widgets.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\orange.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\pixsy.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\protect-id.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\radiobeta-buffering.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\radiobeta-connecting.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\radiobeta-playing.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\radiobeta-stopped.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\radiobeta.ico
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\relatedlinks.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rss-collapse.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rss-delete.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rss-expand.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rss-feed.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rss-folder-remove.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rss-folder-rename.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rss-folder.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rss-found.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rss-reload.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rss-subscribe.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rss.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rssback.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rsstopback.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\search-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\search.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\search_button_over_png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\search_button_png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-left.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-right.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\settings.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\shopping.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\siteinfo.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\skin-bluelite.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\skin-bluesky.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\skin-grey.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\skin-lichen.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\skin-orange.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\skin-yellow.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\skin.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\technorati.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\throbber.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\toolbarsplitter.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\translate.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\video.bmp
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\vmn.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\vmn.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\weather.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\web.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\widgets-square-16px.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\wikipedia.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\yahoosearch.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\yellow.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\youtube.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\zoom.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\manifest.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\searchquband.dll
c:\progra~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll
c:\progra~1\WI371A~1\Datamngr\ToolBar\uninstall.exe
c:\progra~1\WI371A~1\sysid.ini
c:\progra~1\WI371A~1\uninstall.exe
c:\program files\Ask.com
c:\program files\Ask.com\assets\oobe\b.png
c:\program files\Ask.com\assets\oobe\bl.png
c:\program files\Ask.com\assets\oobe\br.png
c:\program files\Ask.com\assets\oobe\l.png
c:\program files\Ask.com\assets\oobe\pointer.png
c:\program files\Ask.com\assets\oobe\r.png
c:\program files\Ask.com\assets\oobe\t.png
c:\program files\Ask.com\assets\oobe\tl.png
c:\program files\Ask.com\assets\oobe\tr.png
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_39a.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\precache.exe
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\Updater\config.xml
c:\program files\Ask.com\Updater\Updater.exe
c:\program files\Ask.com\UpdateTask.exe
c:\program files\uTorrentBar
c:\program files\uTorrentBar\GottenAppsContextMenu.xml
c:\program files\uTorrentBar\INSTALL.LOG
c:\program files\uTorrentBar\ldrtbuTo0.dll
c:\program files\uTorrentBar\ldrtbuTo2.dll
c:\program files\uTorrentBar\OtherAppsContextMenu.xml
c:\program files\uTorrentBar\prxtbuTo0.dll
c:\program files\uTorrentBar\prxtbuTo2.dll
c:\program files\uTorrentBar\SharedAppsContextMenu.xml
c:\program files\uTorrentBar\tbuTo1.dll
c:\program files\uTorrentBar\tbuTo2.dll
c:\program files\uTorrentBar\tbuTor.dll
c:\program files\uTorrentBar\toolbar.cfg
c:\program files\uTorrentBar\ToolbarContextMenu.xml
c:\program files\uTorrentBar\uninstall.exe
c:\program files\uTorrentBar\UNWISE.EXE
c:\program files\uTorrentBar\uTorrentBarToolbarHelper.exe
c:\program files\uTorrentBar\uTorrentBarToolbarHelper1.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-24 do 2012-05-24 )))))))))))))))))))))))))))))))
.
.
2012-05-24 19:26 . 2012-05-24 20:19 -------- dc----w- C:\rsit
2012-05-22 15:51 . 2012-05-24 20:25 -------- dc----w- C:\4430242dfb4f04ec3ad615d7f0
2012-05-13 08:33 . 2012-05-13 08:33 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\PCHealth
2012-05-12 02:20 . 2012-05-24 20:25 -------- dc----w- C:\333e72749b298076fe5fb20a
2012-05-10 00:32 . 2012-05-10 00:32 -------- d-----w- c:\program files\Common Files\Skype
2012-05-10 00:32 . 2012-05-10 00:32 -------- d-----r- c:\program files\Skype
2012-05-08 16:48 . 2012-05-08 16:48 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Complitly
2012-05-08 16:48 . 2012-05-08 16:48 -------- d-----w- c:\program files\Search Fairy
2012-05-08 16:48 . 2012-05-08 16:48 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\BrowserCompanion
2012-05-08 16:48 . 2012-05-08 16:48 -------- d-----w- c:\program files\BrowserCompanion
2012-05-08 16:48 . 2012-05-08 16:48 -------- d-----w- c:\program files\GotClip
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-24 22:09 . 2011-06-16 10:14 4764 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2012-04-11 13:55 . 2004-08-17 15:45 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 13:55 . 2005-11-02 18:25 1862272 ----a-w- c:\windows\system32\win32k.sys
2012-04-11 13:55 . 2005-11-02 18:25 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-29 20:57 . 2012-03-29 20:58 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-03-29 20:57 . 2012-03-29 20:29 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-12 23:46 . 2012-03-11 22:37 58390 ----a-w- c:\documents and settings\Uživatel\Data aplikací\mdbu.bin
2012-03-01 10:59 . 2005-11-02 18:25 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 10:59 . 2005-11-02 18:25 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 10:59 . 2005-11-02 18:25 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2005-11-02 18:25 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2005-11-02 18:25 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2005-11-02 18:25 385024 ----a-w- c:\windows\system32\html.iec
2009-09-04 17:01 . 2009-09-04 17:01 525656 -c--a-w- c:\program files\DXSETUP.exe
2009-09-04 17:01 . 2009-09-04 17:01 94024 -c--a-w- c:\program files\DSETUP.dll
2009-09-04 17:01 . 2009-09-04 17:01 1691464 -c--a-w- c:\program files\dsetup32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00cbb66b-1d3b-46d3-9577-323a336acb50}]
2012-03-27 15:00 225584 ----a-w- c:\program files\BrowserCompanion\jsloader.dll
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Documents and Settings\\Uživatel\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 nvcchflt;NVIDIA Disk Cache Filter Driver;c:\windows\system32\drivers\nvcchflt.sys [3.11.2005 9:38 16640]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3.2.2011 23:37 717296]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [3.2.2011 0:46 218688]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [16.6.2011 19:43 251560]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [9.12.2008 20:28 141312]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [16.6.2011 19:43 160576]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [16.6.2011 19:42 89472]
R3 pctNdisMP;PC Tools Driver;c:\windows\system32\drivers\pctNdis.sys [16.6.2011 19:42 57536]
R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [16.6.2011 19:42 125248]
S2 BT848;WinFast TV2000 XP WDM Video Capture;c:\windows\system32\drivers\wf2kvcap.sys [3.11.2005 9:49 75829]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [3.5.2012 8:31 158856]
S2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;c:\windows\system32\drivers\wf2ktunr.sys [3.11.2005 9:50 33959]
S2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;c:\windows\system32\drivers\wf2kXbar.sys [3.11.2005 9:50 10005]
S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [16.11.2007 17:37 23524]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [15.6.2011 17:25 39984]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [12.6.2011 11:15 31125880]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 22:37 4640000]
S3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\drivers\pctNdis.sys [16.6.2011 19:42 57536]
S3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.sys [3.11.2005 9:53 9446]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-05-24 c:\windows\Tasks\User_Feed_Synchronization-{A1A97911-778F-443D-8245-2B21FAB18BE9}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: {{81727BE7-50E7-48ed-A547-F0274756E2DD} - {27CF82B1-E1D2-4f9b-976E-62095A52BA4A} -
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
TCP: Interfaces\{1D5F9AC3-4742-44F7-BAEC-3CBEF54937A9}: NameServer = 77.87.238.65,77.87.232.17
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-uTorrentBar Toolbar - c:\program files\uTorrentBar\uninstall.exe
AddRemove-Windows Searchqu Toolbar - c:\program files\Windows iLivid Toolbar\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-25 01:07
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1004)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(1124)
c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~3\Office14\1029\GrooveIntlResource.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\PC Tools Firewall Plus\FWService.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2012-05-25 01:15:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-05-24 23:14
ComboFix2.txt 2012-05-24 21:04
.
Před spuštěním: Volných bajtů: 53 498 396 672
Po spuštění: Volných bajtů: 53 494 484 992
.
- - End Of File - - C8F1CBD5E1C74B930A2D592D0A98276B
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1015.572 [GMT 2:00]
Spuštěný z: c:\documents and settings\Uživatel\Dokumenty\Downloads\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
FW: PC Tools Firewall Plus *Enabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52}
.
FILE ::
"c:\program files\Search Fairy\SearchFairy.dll"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\progra~1\WI371A~1
c:\progra~1\WI371A~1\Datamngr\BrowserConnection.dll
c:\progra~1\WI371A~1\Datamngr\datamngr.dll
c:\progra~1\WI371A~1\Datamngr\datamngrUI.exe
c:\progra~1\WI371A~1\Datamngr\DnsBHO.dll
c:\progra~1\WI371A~1\Datamngr\IEBHO.dll
c:\progra~1\WI371A~1\Datamngr\ToolBar\as_guid.dat
c:\progra~1\WI371A~1\Datamngr\ToolBar\components\windowmediator.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\dtUser.exe
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\bandoocode.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\data\search\engines.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\data\search\search.xsl
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\about.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\bandoocode.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\dtxpanel.xul
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\dtxpaneltransparent.xul
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\dtxtransparentwin.xul
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\dtxwin.xul
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\external.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\imeshcode.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\neterror.xhtml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\vmncode.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\lib\wmpstreamer.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\modules\datastore.jsm
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\modules\nsDragAndDrop.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\neterror.xhtml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\partner.coupons.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\preferences.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\radiobeta.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\template.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\toolbar.htm
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\toolbar.xul
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\vmncode.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\vmnrsswin.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\tb_icon.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget_version
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\babylon_logo.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\bandoo.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\bluelite.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\bluesky.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\btn-search-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\btn-search.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\btn-settings-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\btn-settings.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\btn-widgets-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\btn-widgets.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\btn_settings.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\ca.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\dictionary.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\divider.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\downloadcom.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\dtxlogo.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\ebay.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\email.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\email_on.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\facebook.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\games.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphred0.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphred0_5.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphred1.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphred1_5.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphred2.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphred2_5.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphred3.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphred3_5.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphred4.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphred4_5.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphred5.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\graphredna.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\grey.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\ico-shield.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\icon_amazon.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\icon_games.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\icon_radio_png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\icon_seperator_png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\icon_twitter.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\icon_youtube.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\images.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\imesh.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\add.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\aol.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\arrow-right-disabled.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\arrow-right.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\arrow-up.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\bg-btn-divider.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-divider.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\blank.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\btn-widgets-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\btn-widgets.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\btn_slider.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\btnback-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\btnright-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\collapse.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\comcast.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\dtx.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\edit-back.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\expand.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\found.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\gmail.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\highlight.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\highlight_blue.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\highlight_lime.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\hotmail.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\checkmark.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\chevron.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\ico-check.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\imap.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\loadingMid.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\lock.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\logo-separator.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\mailcom.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\menu_separator_white.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\menuitemright-down-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\menuitemright-vista.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\modify.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\move.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\movetarget.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\css\panels.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupAbout.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupGames.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupRSS.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\css\dialog.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\bg.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-search.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\default.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-l.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-r.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-l.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-r.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\transparent.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-left.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-mdl.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-right.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-left.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-mdl.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right-resize.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-left.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-right.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\main.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts\defscript.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\footer.htm
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\gamecategory.xsl
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\gameData.js
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\gameList.xsl
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\games.xsl
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\gametype.xsl
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-dn.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-up.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-right.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-back.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-drag.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-moredetails.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-right-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\bullet-orange.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-dollar.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-download.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-news24.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-play.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-tags.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Add.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-download.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Info.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-play.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-shop.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\initHTML.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\popupGames.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\popupHTML.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\popupRSS.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\panels\scroll.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\pop.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\css\manager.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\css\slider.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-radio.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\music-note.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-buffer.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\slider.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\slideron.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\images\track.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\managerpanel.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radio\volumeslider.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radiobeta-buffering.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radiobeta-connecting.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radiobeta-playing.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radiobeta-stopped.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\radiobeta.ico
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\reload.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\remove.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\rename.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\resize-box.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\rss.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\rsschannelback.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\RSSLogo.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\rsstabdivider.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\scroll-left.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\scroll-right.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\search-go.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\search.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\text-ellipsis.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\throbber.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\toolbarsplitter.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\transparent_1px.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_02.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_03.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_04.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_06.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_07.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_08.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_09.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_10.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_11.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_12.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_13.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_15.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_16.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_18.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_19.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_20.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\border_21.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\close-hot.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\close-normal.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\loadingMid.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\proxy.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\template.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\template.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\templateFF.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\uwa\throbber.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-t.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lib\yahoo.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\lichen.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\logo-about.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\logo-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\logo-separator.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\logo.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\mail.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\maps.bmp
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\menuseparatorback.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\modify-save.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\modify.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\modifyhot.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\music.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\news.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\options\options-main.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\options\options-search.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\options\options-weather.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\options\options-weather.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\options\options-widgets.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\orange.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\pixsy.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\protect-id.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\radiobeta-buffering.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\radiobeta-connecting.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\radiobeta-playing.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\radiobeta-stopped.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\radiobeta.ico
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\relatedlinks.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rss-collapse.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rss-delete.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rss-expand.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rss-feed.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rss-folder-remove.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rss-folder-rename.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rss-folder.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rss-found.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rss-reload.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rss-subscribe.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rss.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rssback.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\rsstopback.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\search-over.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\search.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\search_button_over_png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\search_button_png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-left.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-right.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\settings.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\shopping.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\siteinfo.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\skin-bluelite.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\skin-bluesky.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\skin-grey.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\skin-lichen.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\skin-orange.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\skin-yellow.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\skin.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\technorati.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\throbber.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\toolbarsplitter.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\translate.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\video.bmp
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\vmn.css
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\vmn.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\weather.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\web.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\widgets-square-16px.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\wikipedia.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\yahoosearch.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\yellow.gif
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\youtube.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\chrome\skin\zoom.png
c:\progra~1\WI371A~1\Datamngr\ToolBar\manifest.xml
c:\progra~1\WI371A~1\Datamngr\ToolBar\searchquband.dll
c:\progra~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll
c:\progra~1\WI371A~1\Datamngr\ToolBar\uninstall.exe
c:\progra~1\WI371A~1\sysid.ini
c:\progra~1\WI371A~1\uninstall.exe
c:\program files\Ask.com
c:\program files\Ask.com\assets\oobe\b.png
c:\program files\Ask.com\assets\oobe\bl.png
c:\program files\Ask.com\assets\oobe\br.png
c:\program files\Ask.com\assets\oobe\l.png
c:\program files\Ask.com\assets\oobe\pointer.png
c:\program files\Ask.com\assets\oobe\r.png
c:\program files\Ask.com\assets\oobe\t.png
c:\program files\Ask.com\assets\oobe\tl.png
c:\program files\Ask.com\assets\oobe\tr.png
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_39a.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\precache.exe
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\Updater\config.xml
c:\program files\Ask.com\Updater\Updater.exe
c:\program files\Ask.com\UpdateTask.exe
c:\program files\uTorrentBar
c:\program files\uTorrentBar\GottenAppsContextMenu.xml
c:\program files\uTorrentBar\INSTALL.LOG
c:\program files\uTorrentBar\ldrtbuTo0.dll
c:\program files\uTorrentBar\ldrtbuTo2.dll
c:\program files\uTorrentBar\OtherAppsContextMenu.xml
c:\program files\uTorrentBar\prxtbuTo0.dll
c:\program files\uTorrentBar\prxtbuTo2.dll
c:\program files\uTorrentBar\SharedAppsContextMenu.xml
c:\program files\uTorrentBar\tbuTo1.dll
c:\program files\uTorrentBar\tbuTo2.dll
c:\program files\uTorrentBar\tbuTor.dll
c:\program files\uTorrentBar\toolbar.cfg
c:\program files\uTorrentBar\ToolbarContextMenu.xml
c:\program files\uTorrentBar\uninstall.exe
c:\program files\uTorrentBar\UNWISE.EXE
c:\program files\uTorrentBar\uTorrentBarToolbarHelper.exe
c:\program files\uTorrentBar\uTorrentBarToolbarHelper1.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-24 do 2012-05-24 )))))))))))))))))))))))))))))))
.
.
2012-05-24 19:26 . 2012-05-24 20:19 -------- dc----w- C:\rsit
2012-05-22 15:51 . 2012-05-24 20:25 -------- dc----w- C:\4430242dfb4f04ec3ad615d7f0
2012-05-13 08:33 . 2012-05-13 08:33 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\PCHealth
2012-05-12 02:20 . 2012-05-24 20:25 -------- dc----w- C:\333e72749b298076fe5fb20a
2012-05-10 00:32 . 2012-05-10 00:32 -------- d-----w- c:\program files\Common Files\Skype
2012-05-10 00:32 . 2012-05-10 00:32 -------- d-----r- c:\program files\Skype
2012-05-08 16:48 . 2012-05-08 16:48 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Complitly
2012-05-08 16:48 . 2012-05-08 16:48 -------- d-----w- c:\program files\Search Fairy
2012-05-08 16:48 . 2012-05-08 16:48 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\BrowserCompanion
2012-05-08 16:48 . 2012-05-08 16:48 -------- d-----w- c:\program files\BrowserCompanion
2012-05-08 16:48 . 2012-05-08 16:48 -------- d-----w- c:\program files\GotClip
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-24 22:09 . 2011-06-16 10:14 4764 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2012-04-11 13:55 . 2004-08-17 15:45 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 13:55 . 2005-11-02 18:25 1862272 ----a-w- c:\windows\system32\win32k.sys
2012-04-11 13:55 . 2005-11-02 18:25 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-29 20:57 . 2012-03-29 20:58 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-03-29 20:57 . 2012-03-29 20:29 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-12 23:46 . 2012-03-11 22:37 58390 ----a-w- c:\documents and settings\Uživatel\Data aplikací\mdbu.bin
2012-03-01 10:59 . 2005-11-02 18:25 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 10:59 . 2005-11-02 18:25 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 10:59 . 2005-11-02 18:25 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2005-11-02 18:25 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2005-11-02 18:25 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2005-11-02 18:25 385024 ----a-w- c:\windows\system32\html.iec
2009-09-04 17:01 . 2009-09-04 17:01 525656 -c--a-w- c:\program files\DXSETUP.exe
2009-09-04 17:01 . 2009-09-04 17:01 94024 -c--a-w- c:\program files\DSETUP.dll
2009-09-04 17:01 . 2009-09-04 17:01 1691464 -c--a-w- c:\program files\dsetup32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00cbb66b-1d3b-46d3-9577-323a336acb50}]
2012-03-27 15:00 225584 ----a-w- c:\program files\BrowserCompanion\jsloader.dll
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Documents and Settings\\Uživatel\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 nvcchflt;NVIDIA Disk Cache Filter Driver;c:\windows\system32\drivers\nvcchflt.sys [3.11.2005 9:38 16640]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3.2.2011 23:37 717296]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [3.2.2011 0:46 218688]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [16.6.2011 19:43 251560]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [9.12.2008 20:28 141312]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [16.6.2011 19:43 160576]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [16.6.2011 19:42 89472]
R3 pctNdisMP;PC Tools Driver;c:\windows\system32\drivers\pctNdis.sys [16.6.2011 19:42 57536]
R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [16.6.2011 19:42 125248]
S2 BT848;WinFast TV2000 XP WDM Video Capture;c:\windows\system32\drivers\wf2kvcap.sys [3.11.2005 9:49 75829]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [3.5.2012 8:31 158856]
S2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;c:\windows\system32\drivers\wf2ktunr.sys [3.11.2005 9:50 33959]
S2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;c:\windows\system32\drivers\wf2kXbar.sys [3.11.2005 9:50 10005]
S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [16.11.2007 17:37 23524]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [15.6.2011 17:25 39984]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [12.6.2011 11:15 31125880]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 22:37 4640000]
S3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\drivers\pctNdis.sys [16.6.2011 19:42 57536]
S3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.sys [3.11.2005 9:53 9446]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-05-24 c:\windows\Tasks\User_Feed_Synchronization-{A1A97911-778F-443D-8245-2B21FAB18BE9}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: {{81727BE7-50E7-48ed-A547-F0274756E2DD} - {27CF82B1-E1D2-4f9b-976E-62095A52BA4A} -
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
TCP: Interfaces\{1D5F9AC3-4742-44F7-BAEC-3CBEF54937A9}: NameServer = 77.87.238.65,77.87.232.17
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-uTorrentBar Toolbar - c:\program files\uTorrentBar\uninstall.exe
AddRemove-Windows Searchqu Toolbar - c:\program files\Windows iLivid Toolbar\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-25 01:07
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1004)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(1124)
c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~3\Office14\1029\GrooveIntlResource.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\PC Tools Firewall Plus\FWService.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2012-05-25 01:15:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-05-24 23:14
ComboFix2.txt 2012-05-24 21:04
.
Před spuštěním: Volných bajtů: 53 498 396 672
Po spuštění: Volných bajtů: 53 494 484 992
.
- - End Of File - - C8F1CBD5E1C74B930A2D592D0A98276B
Přispějete na provoz fóra?
