dalsie Pc zase haved

[KAUBOUN]

pc bol prejdejdeny najprv RSitom potom combofixom tu je vysledok

Logfile of random's system information tool 1.08 (written by random/random)
Run by Gabi at 2010-11-08 21:59:53
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 30 GB (30%) free of 100 GB
Total RAM: 3069 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:00:13, on 8.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\DataMngrUI.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Gabi\Desktop\BitTorrent-7.1.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ResultBar\resultbar.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\TuneUp Utilities 2009\OneClick.exe
C:\Program Files\TuneUp Utilities 2009\RegistryCleaner.exe
C:\WINDOWS\System32\TuneUpDefragService.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\All Users\Application Data\ResultBar\resultbar113.exe
D:\mp3 TORRENT\mp3 Music\RSIT.exe
C:\Program Files\trend micro\Gabi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.europe.creative.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: SHOUTcast Toolbar Search Class - {14f0d511-36a2-41ca-ae01-ba4f87282c97} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll
O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: SHOUTcast Loader - {ccec60fc-2608-4e58-9659-3ffc159e8ea9} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: SHOUTcast Radio Toolbar - {0457331d-8ca6-4f97-9c26-6a9ef2b2dba8} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll
O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [DataMngr] C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\DataMngrUI.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [ClickPotatoLiteSA] "C:\Program Files\ClickPotatoLite\bin\10.0.536.0\ClickPotatoLiteSA.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [BitTorrent] "C:\Documents and Settings\Gabi\Desktop\BitTorrent-7.1.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10k_Plugin.exe -update plugin
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &SHOUTcast Search - C:\Documents and Settings\All Users\Application Data\SHOUTcast Radio Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ClickPotato - {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - C:\Program Files\ClickPotatoLite\bin\10.0.536.0\ClickPotatoLiteSABHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\datamngr.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Služba Google Update (gupdate1ca064c46475da6) (gupdate1ca064c46475da6) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ResultBar Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\ResultBar\resultbar113.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 14651 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Automatic maintenance.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-06-19 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
MediaBar - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll [2009-12-20 87480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-09-29 325000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\tbSof1.dll [2010-11-07 2735200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
UrlHelper Class - C:\Program Files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll [2010-03-28 393144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-05 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-27 297648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-10-27 843832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ccec60fc-2608-4e58-9659-3ffc159e8ea9}]
SHOUTcast Loader - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll [2008-09-17 1275176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-05 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-05 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-09-29 325000]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-06-12 958712]
{0457331d-8ca6-4f97-9c26-6a9ef2b2dba8} - SHOUTcast Radio Toolbar - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dll [2008-09-17 1275176]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{0974BA1E-64EC-11DE-B2A5-E43756D89593} - MediaBar - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll [2009-12-20 87480]
{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\tbSof1.dll [2010-11-07 2735200]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-27 297648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-12-04 8523776]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2007-05-17 279912]
"VX1000"=C:\WINDOWS\vVX1000.exe [2007-04-10 709992]
"AudioDrvEmulator"=C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe [2005-11-04 49152]
"DataMngr"=C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\DataMngrUI.exe [2010-03-28 797112]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"CTHelper"=C:\WINDOWS\system32\CTHELPER.EXE [2006-12-12 19456]
"CTxfiHlp"=C:\WINDOWS\system32\CTXFIHLP.EXE [2006-05-24 18944]
"VolPanel"=C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [2006-07-13 122880]
"Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-06-22 68592]
"nwiz"=nwiz.exe /install []
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-09-08 47904]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2005-12-07 30208]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-04-13 49152]
"ClickPotatoLiteSA"=C:\Program Files\ClickPotatoLite\bin\10.0.536.0\ClickPotatoLiteSA.exe [2010-10-29 740144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-04-08 39408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"NVIDIA nTune"=C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-09-04 81920]
"BitTorrent"=C:\Documents and Settings\Gabi\Desktop\BitTorrent-7.1.exe [2010-10-17 2984816]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2007-01-05 204288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\WINDOWS\system32\Macromed\Flash\FlashUtil10k_Plugin.exe [2010-10-04 232912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\datamngr.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x5F000000
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe"="D:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"D:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe"="D:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"D:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe"="D:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\Program Files\AntikVirtualSTB\AntikVirtualSTB.exe"="C:\Program Files\AntikVirtualSTB\AntikVirtualSTB.exe:*:Enabled:AntikVirtualSTB"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\DC++\DCPlusPlus.exe"="C:\Program Files\DC++\DCPlusPlus.exe:*:Enabled:DC++"
"D:\sdc211\Downloads\jkjjk\StrongDC.exe"="D:\sdc211\Downloads\jkjjk\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"
"D:\Iveta\AntikVirtualSTB\AntikVirtualSTB.exe"="D:\Iveta\AntikVirtualSTB\AntikVirtualSTB.exe:*:Enabled:AntikVirtualSTB"
"C:\Program Files\Counter-Strike Source\hl2.exe"="C:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\Gabi\Desktop\StrongDC\StrongDC.exe"="C:\Documents and Settings\Gabi\Desktop\StrongDC\StrongDC.exe:*:Enabled:StrongDC++"
"G:\Program Files\Ubisoft\James Cameron's AVATAR - THE GAME\bin\Avatar.exe"="G:\Program Files\Ubisoft\James Cameron's AVATAR - THE GAME\bin\Avatar.exe:*:Enabled:James Cameron's AVATAR(tm): THE GAME"
"G:\Program Files\Ubisoft\James Cameron's AVATAR - THE GAME\bin\AvatarLauncher.exe"="G:\Program Files\Ubisoft\James Cameron's AVATAR - THE GAME\bin\AvatarLauncher.exe:*:Enabled:Updater"
"C:\Documents and Settings\Gabi\Local Settings\Application Data\AntikVirtualSTB\AntikVirtualSTB.exe"="C:\Documents and Settings\Gabi\Local Settings\Application Data\AntikVirtualSTB\AntikVirtualSTB.exe:*:Enabled:AntikVirtualSTB"
"G:\dc\ApexDC\ApexDC.exe"="G:\dc\ApexDC\ApexDC.exe:*:Enabled:ApexDC++"
"G:\dc\ApexDC\ApexDC\ApexDC.exe"="G:\dc\ApexDC\ApexDC\ApexDC.exe:*:Enabled:ApexDC++"
"G:\dc\StrongDC\StrongDC\StrongDC.exe"="G:\dc\StrongDC\StrongDC\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Program Files\VideoLAN\VLC\vlc.exe"="D:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\Gabi\Desktop\BitTorrent-7.1.exe"="C:\Documents and Settings\Gabi\Desktop\BitTorrent-7.1.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-11-08 21:59:55 ----D---- C:\Program Files\trend micro
2010-11-08 21:59:53 ----D---- C:\rsit
2010-11-08 20:47:19 ----D---- C:\Program Files\ResultBar
2010-11-08 20:47:19 ----D---- C:\Documents and Settings\All Users\Application Data\ResultBar
2010-11-08 20:47:13 ----D---- C:\Documents and Settings\All Users\Application Data\ClickPotatoLiteSA
2010-11-08 20:47:13 ----D---- C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
2010-11-08 20:47:12 ----D---- C:\Program Files\ClickPotatoLite
2010-11-08 20:47:12 ----D---- C:\Documents and Settings\Gabi\Application Data\ClickPotatoLite
2010-11-07 00:09:38 ----D---- C:\Documents and Settings\Gabi\Application Data\CyberLink
2010-11-07 00:09:07 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2010-11-07 00:07:23 ----D---- C:\Program Files\CyberLink
2010-10-31 23:31:13 ----D---- C:\Program Files\Activision
2010-10-17 14:48:01 ----D---- C:\Program Files\Softonic-Eng7
2010-10-17 14:48:01 ----D---- C:\Program Files\Conduit
2010-10-13 21:14:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2010-10-13 21:14:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2279986$
2010-10-13 21:14:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2010-10-13 21:14:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2010-10-13 21:14:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2010-10-13 21:13:53 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2010-10-13 21:13:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2360131$
2010-10-13 21:13:13 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2010-10-13 21:10:25 ----HDC---- C:\WINDOWS\$NtUninstallKB981957$
2010-10-13 21:10:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$

======List of files/folders modified in the last 1 months======

2010-11-08 22:00:10 ----D---- C:\Documents and Settings\Gabi\Application Data\BitTorrent
2010-11-08 22:00:01 ----D---- C:\WINDOWS\Prefetch
2010-11-08 21:59:55 ----RD---- C:\Program Files
2010-11-08 21:50:56 ----D---- C:\WINDOWS\Temp
2010-11-08 21:32:23 ----A---- C:\WINDOWS\wincmd.ini
2010-11-08 19:14:15 ----D---- C:\Program Files\DC++
2010-11-08 17:16:00 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-08 01:49:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-11-08 01:45:03 ----SD---- C:\WINDOWS\Tasks
2010-11-07 22:49:42 ----A---- C:\WINDOWS\NeroDigital.ini
2010-11-07 02:02:19 ----D---- C:\Documents and Settings\Gabi\Application Data\vlc
2010-11-07 00:07:48 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-03 20:01:40 ----D---- C:\WINDOWS\Minidump
2010-11-03 20:01:40 ----D---- C:\WINDOWS
2010-11-02 00:23:33 ----D---- C:\Documents and Settings\Gabi\Application Data\Skype
2010-11-02 00:03:27 ----D---- C:\Documents and Settings\Gabi\Application Data\skypePM
2010-11-01 10:28:57 ----D---- C:\WINDOWS\system32
2010-11-01 10:28:57 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-01 00:05:32 ----SHD---- C:\WINDOWS\Installer
2010-11-01 00:05:13 ----HD---- C:\Config.Msi
2010-10-31 23:16:21 ----D---- C:\Program Files\Aliens Vs Predator
2010-10-31 23:01:08 ----A---- C:\WINDOWS\disney.ini
2010-10-29 23:17:22 ----D---- C:\Documents and Settings\Gabi\Application Data\dvdcss
2010-10-17 14:48:30 ----D---- C:\Program Files\BitTorrent
2010-10-14 00:25:12 ----D---- C:\Program Files\Opera
2010-10-13 21:21:46 ----HD---- C:\WINDOWS\inf
2010-10-13 21:14:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-10-13 21:14:36 ----HD---- C:\WINDOWS\$hf_mig$
2010-10-13 21:14:34 ----A---- C:\WINDOWS\imsins.BAK
2010-10-13 21:14:28 ----D---- C:\WINDOWS\system32\drivers
2010-10-13 21:14:24 ----D---- C:\WINDOWS\WinSxS
2010-10-13 21:14:12 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-10-13 21:10:33 ----D---- C:\WINDOWS\Debug
2010-10-13 21:10:31 ----A---- C:\WINDOWS\system32\MRT.exe
2010-10-10 15:49:48 ----A---- C:\WINDOWS\win.ini
2010-10-09 11:55:26 ----A---- C:\WINDOWS\wcx_ftp.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-06-10 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-03-12 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-05-27 75096]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 tvtool;tvtool; \??\C:\Program Files\TVTool\tvtool.sys []
R2 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [2002-07-18 16877]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-01-13 279712]
R2 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINDOWS\system32\Drivers\eusk2par.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-01-13 25888]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2006-05-24 502272]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2006-05-24 499584]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2006-05-24 7168]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2006-05-24 143872]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2006-05-24 78336]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 ha20x2k;Creative 20X HAL Driver; C:\WINDOWS\system32\drivers\ha20x2k.sys [2006-05-24 1110016]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-12-04 7435392]
R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys []
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2006-05-24 116224]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-05-25 90880]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2005-11-10 340704]
S3 ctljystk;Creative SBLive! Gameport; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 emu10k;Creative SB Live! Value (WDM); C:\WINDOWS\system32\drivers\emu10k1f.sys [2001-08-14 775296]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-02-15 47360]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
S3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2007-04-10 1966312]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2009-01-05 151297]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2009-01-05 68865]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-12 44032]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-06-10 222456]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-05 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-05-15 79400]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 271720]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 nTuneService;nTune Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-09-04 131072]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-12-04 155716]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-01-11 66872]
R2 ResultBar Service;ResultBar Service; C:\Documents and Settings\All Users\Application Data\ResultBar\resultbar113.exe [2010-11-08 61704]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-01-23 167936]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-01-05 603904]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2000-06-26 53520]
R2 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-09-01 820008]
R3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-08-01 360192]
S2 gupdate1ca064c46475da6;Služba Google Update (gupdate1ca064c46475da6); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-16 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-08 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[KAUBOUN]

combofix log ...
ComboFix 10-11-07.A2 - Gabi 08.11.2010 22:08:19.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.3069.2011 [GMT 1:00]
Running from: C:\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
c:\documents and settings\All Users\Application Data\ClickPotatoLiteSA
c:\documents and settings\All Users\Application Data\ClickPotatoLiteSA\ClickPotatoLiteSA.dat
c:\documents and settings\All Users\Application Data\ClickPotatoLiteSA\ClickPotatoLiteSA_hpk.dat
c:\documents and settings\All Users\Application Data\ClickPotatoLiteSA\ClickPotatoLiteSA_kyf.dat
c:\documents and settings\All Users\Application Data\ClickPotatoLiteSA\ClickPotatoLiteSAAbout.mht
c:\documents and settings\All Users\Application Data\ClickPotatoLiteSA\ClickPotatoLiteSAau.dat
c:\documents and settings\All Users\Application Data\ClickPotatoLiteSA\ClickPotatoLiteSAEULA.mht
c:\documents and settings\All Users\Application Data\ResultBar
c:\documents and settings\All Users\Application Data\ResultBar\resultbar111.exe
c:\documents and settings\All Users\Application Data\ResultBar\resultbar113.exe
c:\documents and settings\All Users\Start Menu\Programs\ClickPotato
c:\documents and settings\All Users\Start Menu\Programs\ClickPotato\About Us.lnk
c:\documents and settings\All Users\Start Menu\Programs\ClickPotato\ClickPotato Customer Support.lnk
c:\documents and settings\All Users\Start Menu\Programs\ClickPotato\ClickPotato Uninstall Instructions.lnk
c:\documents and settings\Gabi\Application Data\ClickPotatoLite
c:\documents and settings\Gabi\Application Data\inst.exe
c:\program files\AskSearch\bin\DeFAultsearch.dll
c:\program files\ClickPotatoLite
c:\program files\ClickPotatoLite\bin\10.0.536.0\ClickPotatoLiteSA.exe
c:\program files\ClickPotatoLite\bin\10.0.536.0\ClickPotatoLiteSAAX.dll
c:\program files\ClickPotatoLite\bin\10.0.536.0\ClickPotatoLiteSABHO.dll
c:\program files\ClickPotatoLite\bin\10.0.536.0\ClickPotatoLiteSAHook.dll
c:\program files\ClickPotatoLite\bin\10.0.536.0\ClickPotatoLiteUninstaller.exe
c:\program files\ClickPotatoLite\bin\10.0.536.0\firefox\extensions\install.rdf
c:\program files\ClickPotatoLite\bin\10.0.536.0\firefox\extensions\plugins\npclntax_ClickPotatoLiteSA.dll
c:\program files\ResultBar
c:\program files\ResultBar\resultbar.dll
c:\program files\ResultBar\resultbar.exe
c:\program files\ResultBar\ResultBar_deleted_\resultbar.exe
c:\program files\ResultBar\uninstall.exe
c:\windows\system32\AutoRun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_RESULTBAR_SERVICE
-------\Service_ResultBar Service


((((((((((((((((((((((((( Files Created from 2010-10-08 to 2010-11-08 )))))))))))))))))))))))))))))))
.

2010-11-08 20:59 . 2010-11-08 21:00 -------- d-----w- c:\program files\trend micro
2010-11-08 20:59 . 2010-11-08 21:01 -------- d-----w- C:\rsit
2010-11-06 23:09 . 2010-11-06 23:09 -------- d-----w- c:\documents and settings\Gabi\Application Data\CyberLink
2010-11-06 23:09 . 2010-11-06 23:09 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2010-11-06 23:07 . 2010-11-06 23:08 -------- d-----w- c:\program files\CyberLink
2010-10-31 22:31 . 2010-10-31 22:31 -------- d-----w- c:\program files\Activision
2010-10-18 22:48 . 2010-10-18 22:48 -------- d-----w- c:\documents and settings\Gabi\Local Settings\Application Data\PackageAware
2010-10-17 13:48 . 2010-11-06 23:37 -------- d-----w- c:\program files\Softonic-Eng7
2010-10-17 13:48 . 2010-11-06 23:37 -------- d-----w- c:\documents and settings\Gabi\Local Settings\Application Data\Softonic-Eng7
2010-10-17 13:48 . 2010-11-06 23:36 -------- d-----w- c:\documents and settings\Gabi\Local Settings\Application Data\Conduit
2010-10-17 13:48 . 2010-10-17 13:48 -------- d-----w- c:\program files\Conduit
2010-10-13 19:07 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2010-10-13 19:07 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2010-10-13 19:07 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-18 10:23 . 2004-08-04 01:07 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-04 01:07 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2004-08-04 01:07 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2004-08-04 01:07 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-09 14:16 . 2004-08-04 01:07 667136 ----a-w- c:\windows\system32\wininet.dll
2010-09-09 14:16 . 2004-08-04 01:07 61952 ----a-w- c:\windows\system32\tdc.ocx
2010-09-09 14:16 . 2004-08-04 01:07 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-09-08 16:49 . 2004-08-04 01:07 369664 ----a-w- c:\windows\system32\html.iec
2010-09-08 09:17 . 2010-09-08 09:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 09:17 . 2010-09-08 09:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-01 11:51 . 2004-08-04 01:07 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42 . 2004-08-04 01:07 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02 . 2004-08-04 01:07 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57 . 2004-08-04 01:07 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 13:39 . 2004-08-04 01:07 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-26 12:52 . 2009-12-02 21:46 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-23 16:12 . 2004-08-04 01:07 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17 . 2004-08-04 01:07 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45 . 2004-08-04 01:07 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-25 16:16 . 2010-07-25 16:15 19473201 ----a-w- c:\program files\vlc-1.1.1-win32.exe
2010-03-13 13:32 . 2010-03-13 13:32 98181416 ----a-w- c:\program files\iTunesSetup.exe
2010-03-08 20:36 . 2010-03-08 20:36 4142680 ----a-w- c:\program files\dfsetup117.exe
2010-03-08 19:41 . 2010-03-08 19:41 4110200 ----a-w- c:\program files\dfsetup116.exe
2009-01-27 01:34 . 2009-01-27 01:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-01-27 01:34 . 2009-01-27 01:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{14f0d511-36a2-41ca-ae01-ba4f87282c97}"= "c:\program files\SHOUTcast Radio Toolbar\shoutcasttb.dll" [2008-09-17 1275176]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSof1.dll" [2010-11-06 2735200]

[HKEY_CLASSES_ROOT\clsid\{14f0d511-36a2-41ca-ae01-ba4f87282c97}]
[HKEY_CLASSES_ROOT\SHOUTcastTb.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{8613efdf-b530-4b1d-b970-b09f99977813}]
[HKEY_CLASSES_ROOT\SHOUTcastTb.AOLTBSearch]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
2009-12-20 09:51 87480 ----a-w- c:\program files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-09-29 16:24 325000 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2010-11-06 23:37 2735200 ----a-w- c:\program files\Softonic-Eng7\tbSof1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
2010-03-28 09:16 393144 ----a-w- c:\program files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-09-29 325000]
"{0974BA1E-64EC-11DE-B2A5-E43756D89593}"= "c:\program files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll" [2009-12-20 87480]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSof1.dll" [2010-11-06 2735200]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CLASSES_ROOT\clsid\{0974ba1e-64ec-11de-b2a5-e43756d89593}]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-09-29 325000]
"{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\tbSof1.dll" [2010-11-06 2735200]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-08 39408]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]
"BitTorrent"="c:\documents and settings\Gabi\Desktop\BitTorrent-7.1.exe" [2010-10-17 2984816]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2007-01-05 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-04 8523776]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]
"VX1000"="c:\windows\vVX1000.exe" [2007-04-10 709992]
"AudioDrvEmulator"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-11-04 49152]
"DataMngr"="c:\progra~1\BEARSH~1\MediaBar\DataMngr\DataMngrUI.exe" [2010-03-28 797112]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"CTHelper"="CTHELPER.EXE" [2006-12-12 19456]
"CTxfiHlp"="CTXFIHLP.EXE" [2006-05-24 18944]
"VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2006-07-13 122880]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-06-22 68592]
"nwiz"="nwiz.exe" [2007-12-04 1626112]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-09-08 47904]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 30208]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 49152]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"LightScribe Control Panel"=c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
"BitTorrent DNA"="c:\program files\DNA\btdna.exe"
"swg"=c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"nwiz"=nwiz.exe /install
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
"UpdReg"=c:\windows\UpdReg.EXE
"CTRegRun"=c:\windows\CTRegRun.EXE
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"d:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"d:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\AntikVirtualSTB\\AntikVirtualSTB.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\DC++\\DCPlusPlus.exe"=
"d:\\sdc211\\Downloads\\jkjjk\\StrongDC.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"d:\\Iveta\\AntikVirtualSTB\\AntikVirtualSTB.exe"=
"c:\\Program Files\\Counter-Strike Source\\hl2.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"c:\\Documents and Settings\\Gabi\\Desktop\\StrongDC\\StrongDC.exe"=
"g:\\Program Files\\Ubisoft\\James Cameron's AVATAR - THE GAME\\bin\\Avatar.exe"=
"g:\\Program Files\\Ubisoft\\James Cameron's AVATAR - THE GAME\\bin\\AvatarLauncher.exe"=
"c:\\Documents and Settings\\Gabi\\Local Settings\\Application Data\\AntikVirtualSTB\\AntikVirtualSTB.exe"=
"g:\\dc\\ApexDC\\ApexDC.exe"=
"g:\\dc\\ApexDC\\ApexDC\\ApexDC.exe"=
"g:\\dc\\StrongDC\\StrongDC\\StrongDC.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Gabi\\Desktop\\BitTorrent-7.1.exe"=

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [7.1.2009 12:56 691696]
R1 tvtool;tvtool;c:\program files\TVTool\TVTOOL.SYS [3.4.1996 19:33 5248]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler;c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe [5.1.2009 20:31 68865]
R2 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [31.1.2009 13:27 16695]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [9.1.2009 12:51 222456]
S2 gupdate1ca064c46475da6;Služba Google Update (gupdate1ca064c46475da6);c:\program files\Google\Update\GoogleUpdate.exe [16.7.2009 20:33 133104]
S3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.sys [5.1.2009 20:17 9446]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-05-15 16:08 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2010-11-08 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]

2010-04-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-11-08 c:\windows\Tasks\Automatic maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]

2010-11-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-16 19:33]

2010-11-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-16 19:33]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.bearshare.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://www.europe.creative.com/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
IE: &SHOUTcast Search - c:\documents and settings\All Users\Application Data\SHOUTcast Radio Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-ClickPotatoLiteSA - c:\program files\ClickPotatoLite\bin\10.0.536.0\ClickPotatoLiteSA.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-08 22:25
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


c:\windows\system.ini 227 bytes

scan completed successfully
hidden files: 1

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-682003330-1229272821-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:8c,f2,a7,a5,2c,fc,9e,f2,9a,72,33,aa,b4,62,26,0a,9c,e8,bc,85,bc,28,80,
2e,10,f5,e0,20,48,17,b3,97,ea,b8,80,84,10,b4,dc,51,af,b6,01,11,9d,17,56,de,\
"??"=hex:f3,9d,4a,72,df,98,61,5b,da,ca,a0,5a,ea,b1,e2,ec

[HKEY_USERS\S-1-5-21-682003330-1229272821-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:41,15,d4,6e,96,51,e6,c3,7c,63,87,98,5a,62,37,1a,15,d0,d5,ea,05,
7b,21,2d,7b,b6,69,89,bb,df,e6,7d,69,fc,99,c2,f8,32,3d,ef,7e,df,a1,a8,8a,99,\
"rkeysecu"=hex:7b,2a,55,dd,1f,fd,e8,44,c5,b3,09,57,6a,6b,2d,46
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2792)
c:\program files\Common Files\Ahead\Lib\NeroSearchBar.dll
c:\program files\Common Files\Ahead\Lib\MFC71U.DLL
c:\program files\Common Files\Ahead\Lib\BCGCBPRO860un71.dll
c:\program files\Google\Quick Search Box\bin\1.2.1151.245\qsb.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_slk.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\devldr32.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CTsvcCDA.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\windows\SYSTEM32\CTXFISPI.EXE
c:\program files\NVIDIA Corporation\nTune\nTuneService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\windows\System32\TUProgSt.exe
c:\windows\system32\MsPMSPSv.exe
c:\program files\Windows Media Player\WMPNetwk.exe
.
**************************************************************************
.
Completion time: 2010-11-08 22:27:55 - machine was rebooted
ComboFix-quarantined-files.txt 2010-11-08 21:27

Pre-Run: 31 332 982 784 bytes free
Post-Run: 31 315 472 384 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 804C237D84D59F0D54A9C07C13C87715

[Roli]

Zdravím, tohle fixni v HJT :

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll
O4 - HKLM\..\Run: [DataMngr] C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\DataMngrUI.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [ClickPotatoLiteSA] "C:\Program Files\ClickPotatoLite\bin\10.0.536.0\ClickPotatoLiteSA.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10k_Plugin.exe -update plugin
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

HJT najdeš zde :

C:\Program Files\trend micro\Gabi.exe

Fix znamená že spustíš HJT

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :

Služba Google Update

Google Software Updater

ICQ Service

NBService

NMIndexingService

ResultBar Service

Cyberlink RichVideo Service

TuneUp Program Statistics Service

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.


Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

Folder::
c:\program files\BearShare Applications
c:\program files\AskBarDis
c:\program files\ICQ6Toolbar

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{0974BA1E-64EC-11DE-B2A5-E43756D89593}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"=-

Driver::
ICQ Service

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

[KAUBOUN]

ComboFix 10-11-09.02 - Gabi 10.11.2010 13:23:00.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.3069.2561 [GMT 1:00]
Running from: C:\ComboFix.exe
Command switches used :: c:\documents and settings\Gabi\Desktop\CFScript.txt
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\AskBarDis
c:\program files\AskBarDis\bar\bin\askPopStp.dll
c:\program files\AskBarDis\bar\bin\psvince.dll
c:\program files\AskBarDis\bar\Cache\0002AED4
c:\program files\AskBarDis\bar\Cache\00968D23.bin
c:\program files\AskBarDis\bar\Cache\009691A7.bin
c:\program files\AskBarDis\bar\Cache\009693E9.bin
c:\program files\AskBarDis\bar\Cache\00969541.bin
c:\program files\AskBarDis\bar\Cache\00969793.bin
c:\program files\AskBarDis\bar\Cache\0346D0FF.bin
c:\program files\AskBarDis\bar\Cache\files.ini
c:\program files\AskBarDis\bar\History\search
c:\program files\AskBarDis\bar\Settings\config.dat
c:\program files\AskBarDis\bar\Settings\config.dat.bak
c:\program files\AskBarDis\bar\Settings\prevcfg.htm
c:\program files\AskBarDis\bar\Settings\prevCfg2.htm
c:\program files\AskBarDis\PopSwatter\History\notallow
c:\program files\AskBarDis\unins000.dat
c:\program files\AskBarDis\unins000.exe
c:\program files\BearShare Applications
c:\program files\BearShare Applications\MediaBar\DataMngr\datamngr.dll
c:\program files\BearShare Applications\MediaBar\DataMngr\DataMngrUI.exe
c:\program files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll
c:\program files\BearShare Applications\MediaBar\INSTALL.LOG
c:\program files\BearShare Applications\MediaBar\main.ico
c:\program files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarTb.dll
c:\program files\BearShare Applications\MediaBar\ToolBar\components\windowmediator.js
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\bearshare.js
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\data\search\engines.xml
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\data\search\search.xsl
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\lib\about.xml
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\lib\dtxwin.xul
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\lib\external.js
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\lib\neterror.xhtml
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\lib\wmpstreamer.html
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\modules\datastore.jsm
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\preferences.xml
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\toolbar.htm
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\toolbar.xul
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-mdl.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tl.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tr.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-dragresize.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-down.PNG
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-over.PNG
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-down.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-over.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-down.PNG
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-over.PNG
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize.PNG
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next-off.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous-off.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\navico-home.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\panel.html
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\powered-mystart.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\tb_icon.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.js
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.xml
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-mdl.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tl.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tr.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-dragresize.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close-down.PNG
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close-over.PNG
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize-down.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize-over.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize-down.PNG
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize-over.PNG
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize.PNG
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-next-off.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-next.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-previous-off.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-previous.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\navico-home.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\panel.html
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\powered-mystart.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\tb_icon.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\widget.js
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\widget.xml
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\bearshare.css
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\bluelite.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\bluesky.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\btn-search-over.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\btn-search.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\btn-settings-over.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\btn-settings.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\btn-widgets-over.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\btn-widgets.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\btn_settings.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\button-down-back-ff.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\button-down-back.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\button-down-left.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\button-down-right.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\button-down-splitter.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\button-drop-back.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\button-drop-left.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\button-drop-right.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\button-drop-splitter.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\button-hover-back-ff.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\button-hover-back.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\button-hover-left.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\button-hover-right.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\button-hover-splitter.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\ca.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\dictionary.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\divider.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\downloadcom.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\dtxlogo.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\email.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\email_on.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\games.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\graphred0.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\graphred0_5.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\grey.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\headsup.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\ico-shield.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\images.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\add.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\aol.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\arrow-right.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\arrow-up.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\blank.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\btnback-vista.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\btnright-vista.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\collapse.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\comcast.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\dtx.css
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\edit-back.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\expand.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\found.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\gmail.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\highlight.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\highlight_blue.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\highlight_lime.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\hotmail.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\checkmark.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\chevron.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\imap.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\loadingMid.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\lock.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\mailcom.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\menu_separator_white.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\menuitemright-down-vista.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\menuitemright-vista.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\modify.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\move.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\movetarget.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\css\popupAbout.css
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\css\popupGames.css
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\footer.htm
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\gamecategory.xsl
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\gameData.js
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\gameList.xsl
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\gametype.xsl
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-drag.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-next.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-previous.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-download.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-play.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-tags.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-Add.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-download.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-Info.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-play.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-shop.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollb.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollt.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\popupGames.html
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\pop.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\css\manager.css
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\css\slider.css
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\ico-radio.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\music-note.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-options.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\slider.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\slideron.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images\track.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\managerpanel.html
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\volumeslider.html
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\reload.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\remove.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\rename.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\resize-box.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\rss.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\rsschannelback.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\RSSLogo.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\rsstabdivider.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\scroll-left.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\scroll-right.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\search-go.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\search.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\text-ellipsis.xml
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\toolbarsplitter.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\transparent_1px.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_02.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_03.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_04.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_06.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_07.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_08.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_09.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_10.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_11.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_12.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_13.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_15.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_16.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_18.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_19.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_20.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\border_21.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\close-hot.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\close-normal.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\loadingMid.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\proxy.html
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\template.html
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\template.xml
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\templateFF.html
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa\throbber.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\weather.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\yahoo.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lichen.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\logo-about.jpg
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\logo-about.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\logo-over.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\logo.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\logo_old.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\maps.bmp
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\menuseparatorback.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\modify-save.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\modify.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\modifyhot.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\music.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\news.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\options\options-main.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\options\options-search.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\options\options-weather.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\options\options-widgets.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\orange.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\pixsy.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\relatedlinks.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\rss-collapse.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\rss-delete.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\rss-expand.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\rss-feed.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\rss-folder-remove.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\rss-folder-rename.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\rss-folder.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\rss-found.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\rss-reload.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\rss-subscribe.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\rss.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\rssback.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\rsstopback.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\search-over.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\search.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\searchbar\searchbar-background-left.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\searchbar\searchbar-background-right.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\settings.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\shopping.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\siteinfo.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\skin-bluelite.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\skin-bluesky.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\skin-grey.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\skin-lichen.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\skin-orange.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\skin-yellow.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\technorati.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\throbber.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\toolbarsplitter.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\video.bmp
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\weather.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\web.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\widget_allocine.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\widget_bliptv.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\widget_calcal.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\widget_calculator.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\widget_gservices.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\widget_sudoku.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\widget_todo.jpg
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\widget_todo.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\widget_trio.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\widget_uconverter.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\widgets-square-16px.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\widgets.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\wikipedia.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\yahoosearch.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\yellow.gif
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\youtube.png
c:\program files\BearShare Applications\MediaBar\ToolBar\chrome\skin\zoom.png
c:\program files\BearShare Applications\MediaBar\ToolBar\manifest.xml
c:\program files\BearShare Applications\MediaBar\ToolBar\uninstall.exe
c:\program files\BearShare Applications\MediaBar\UNWISE.EXE
c:\program files\BearShare Applications\MediaBar\UnwiseLauncher.exe
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ICQ_SERVICE
-------\Service_ICQ Service


((((((((((((((((((((((((( Files Created from 2010-10-10 to 2010-11-10 )))))))))))))))))))))))))))))))
.

2010-11-10 11:52 . 2010-11-10 11:53 -------- d-----w- c:\documents and settings\Gabi\Application Data\Media Player Classic
2010-11-10 11:37 . 2010-11-10 11:47 -------- d-----w- c:\documents and settings\Gabi\Application Data\vlc
2010-11-08 23:59 . 2010-11-09 00:00 -------- d-----w- c:\program files\The KMPlayer
2010-11-08 20:59 . 2010-11-10 12:07 -------- d-----w- c:\program files\trend micro
2010-11-08 20:59 . 2010-11-08 21:30 -------- d-----w- C:\rsit
2010-11-06 23:09 . 2010-11-06 23:09 -------- d-----w- c:\documents and settings\Gabi\Application Data\CyberLink
2010-11-06 23:09 . 2010-11-06 23:09 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2010-11-06 23:07 . 2010-11-06 23:08 -------- d-----w- c:\program files\CyberLink
2010-10-31 22:31 . 2010-10-31 22:31 -------- d-----w- c:\program files\Activision
2010-10-18 22:48 . 2010-10-18 22:48 -------- d-----w- c:\documents and settings\Gabi\Local Settings\Application Data\PackageAware
2010-10-17 13:48 . 2010-11-06 23:37 -------- d-----w- c:\program files\Softonic-Eng7
2010-10-17 13:48 . 2010-11-06 23:37 -------- d-----w- c:\documents and settings\Gabi\Local Settings\Application Data\Softonic-Eng7
2010-10-17 13:48 . 2010-11-06 23:36 -------- d-----w- c:\documents and settings\Gabi\Local Settings\Application Data\Conduit
2010-10-17 13:48 . 2010-10-17 13:48 -------- d-----w- c:\program files\Conduit
2010-10-13 19:07 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2010-10-13 19:07 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2010-10-13 19:07 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-18 10:23 . 2004-08-04 01:07 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-04 01:07 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2004-08-04 01:07 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2004-08-04 01:07 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-09 14:16 . 2004-08-04 01:07 667136 ----a-w- c:\windows\system32\wininet.dll
2010-09-09 14:16 . 2004-08-04 01:07 61952 ----a-w- c:\windows\system32\tdc.ocx
2010-09-09 14:16 . 2004-08-04 01:07 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-09-08 16:49 . 2004-08-04 01:07 369664 ----a-w- c:\windows\system32\html.iec
2010-09-08 09:17 . 2010-09-08 09:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 09:17 . 2010-09-08 09:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-01 11:51 . 2004-08-04 01:07 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42 . 2004-08-04 01:07 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02 . 2004-08-04 01:07 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57 . 2004-08-04 01:07 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 13:39 . 2004-08-04 01:07 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-26 12:52 . 2009-12-02 21:46 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-23 16:12 . 2004-08-04 01:07 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17 . 2004-08-04 01:07 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45 . 2004-08-04 01:07 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-25 16:16 . 2010-07-25 16:15 19473201 ----a-w- c:\program files\vlc-1.1.1-win32.exe
2010-03-13 13:32 . 2010-03-13 13:32 98181416 ----a-w- c:\program files\iTunesSetup.exe
2010-03-08 20:36 . 2010-03-08 20:36 4142680 ----a-w- c:\program files\dfsetup117.exe
2010-03-08 19:41 . 2010-03-08 19:41 4110200 ----a-w- c:\program files\dfsetup116.exe
2009-01-27 01:34 . 2009-01-27 01:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-01-27 01:34 . 2009-01-27 01:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-11-08_21.25.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-11-10 12:28 . 2010-11-10 12:28 16384 c:\windows\Temp\Perflib_Perfdata_6c4.dat
+ 2010-11-10 12:28 . 2010-11-10 12:28 16384 c:\windows\Temp\Perflib_Perfdata_31c.dat
+ 2010-11-08 21:31 . 2010-11-08 21:31 2233344 c:\windows\Installer\5efc7.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{14f0d511-36a2-41ca-ae01-ba4f87282c97}"= "c:\program files\SHOUTcast Radio Toolbar\shoutcasttb.dll" [2008-09-17 1275176]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSof1.dll" [2010-11-06 2735200]

[HKEY_CLASSES_ROOT\clsid\{14f0d511-36a2-41ca-ae01-ba4f87282c97}]
[HKEY_CLASSES_ROOT\SHOUTcastTb.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{8613efdf-b530-4b1d-b970-b09f99977813}]
[HKEY_CLASSES_ROOT\SHOUTcastTb.AOLTBSearch]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2010-11-06 23:37 2735200 ----a-w- c:\program files\Softonic-Eng7\tbSof1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSof1.dll" [2010-11-06 2735200]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\tbSof1.dll" [2010-11-06 2735200]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]
"BitTorrent"="c:\documents and settings\Gabi\Desktop\BitTorrent-7.1.exe" [2010-10-17 2984816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-04 8523776]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]
"VX1000"="c:\windows\vVX1000.exe" [2007-04-10 709992]
"AudioDrvEmulator"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-11-04 49152]
"CTHelper"="CTHELPER.EXE" [2006-12-12 19456]
"CTxfiHlp"="CTXFIHLP.EXE" [2006-05-24 18944]
"VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2006-07-13 122880]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-06-22 68592]
"nwiz"="nwiz.exe" [2007-12-04 1626112]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-09-08 47904]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"LightScribe Control Panel"=c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
"BitTorrent DNA"="c:\program files\DNA\btdna.exe"
"swg"=c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"nwiz"=nwiz.exe /install
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
"UpdReg"=c:\windows\UpdReg.EXE
"CTRegRun"=c:\windows\CTRegRun.EXE
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"d:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"d:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\AntikVirtualSTB\\AntikVirtualSTB.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\DC++\\DCPlusPlus.exe"=
"d:\\sdc211\\Downloads\\jkjjk\\StrongDC.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"d:\\Iveta\\AntikVirtualSTB\\AntikVirtualSTB.exe"=
"c:\\Program Files\\Counter-Strike Source\\hl2.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"c:\\Documents and Settings\\Gabi\\Desktop\\StrongDC\\StrongDC.exe"=
"g:\\Program Files\\Ubisoft\\James Cameron's AVATAR - THE GAME\\bin\\Avatar.exe"=
"g:\\Program Files\\Ubisoft\\James Cameron's AVATAR - THE GAME\\bin\\AvatarLauncher.exe"=
"c:\\Documents and Settings\\Gabi\\Local Settings\\Application Data\\AntikVirtualSTB\\AntikVirtualSTB.exe"=
"g:\\dc\\ApexDC\\ApexDC.exe"=
"g:\\dc\\ApexDC\\ApexDC\\ApexDC.exe"=
"g:\\dc\\StrongDC\\StrongDC\\StrongDC.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Documents and Settings\\Gabi\\Desktop\\BitTorrent-7.1.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [7.1.2009 12:56 691696]
R1 tvtool;tvtool;c:\program files\TVTool\TVTOOL.SYS [3.4.1996 19:33 5248]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler;c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe [5.1.2009 20:31 68865]
R2 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [31.1.2009 13:27 16695]
S2 gupdate1ca064c46475da6;Služba Google Update (gupdate1ca064c46475da6);c:\program files\Google\Update\GoogleUpdate.exe [16.7.2009 20:33 133104]
S3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.sys [5.1.2009 20:17 9446]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-05-15 16:08 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2010-11-10 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]

2010-04-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-11-10 c:\windows\Tasks\Automatic maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]

2010-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-16 19:33]

2010-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-16 19:33]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = hxxp://www.europe.creative.com/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &SHOUTcast Search - c:\documents and settings\All Users\Application Data\SHOUTcast Radio Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
.
- - - - ORPHANS REMOVED - - - -

AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe
AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-10 13:33
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-682003330-1229272821-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:8c,f2,a7,a5,2c,fc,9e,f2,9a,72,33,aa,b4,62,26,0a,9c,e8,bc,85,bc,28,80,
2e,10,f5,e0,20,48,17,b3,97,ea,b8,80,84,10,b4,dc,51,af,b6,01,11,9d,17,56,de,\
"??"=hex:f3,9d,4a,72,df,98,61,5b,da,ca,a0,5a,ea,b1,e2,ec

[HKEY_USERS\S-1-5-21-682003330-1229272821-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:41,15,d4,6e,96,51,e6,c3,7c,63,87,98,5a,62,37,1a,15,d0,d5,ea,05,
7b,21,2d,7b,b6,69,89,bb,df,e6,7d,69,fc,99,c2,f8,32,3d,ef,7e,df,a1,a8,8a,99,\
"rkeysecu"=hex:7b,2a,55,dd,1f,fd,e8,44,c5,b3,09,57,6a,6b,2d,46
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3048)
c:\program files\Common Files\Ahead\Lib\NeroSearchBar.dll
c:\program files\Common Files\Ahead\Lib\MFC71U.DLL
c:\program files\Common Files\Ahead\Lib\BCGCBPRO860un71.dll
c:\program files\Google\Quick Search Box\bin\1.2.1151.245\qsb.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_slk.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll

[KAUBOUN]

------------------------ Other Running Processes ------------------------
.
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CTsvcCDA.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\program files\NVIDIA Corporation\nTune\nTuneService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\MsPMSPSv.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\windows\system32\devldr32.exe
c:\windows\SYSTEM32\CTXFISPI.EXE
.
**************************************************************************
.
Completion time: 2010-11-10 13:36:07 - machine was rebooted
ComboFix-quarantined-files.txt 2010-11-10 12:36
ComboFix2.txt 2010-11-08 21:27

Pre-Run: 30 918 930 432 bytes free
Post-Run: 18 adresárov, 30 905 090 048 voľných bajtov

Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 7F27D6A228A537C6395C85498EB41D30

[Roli]

Nepořádek je pryč, nyní přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak dej vědět jaký je stav PC.