VIRY.CZ

Zdravim,
NOD32 mi nasiel virus Win32/Olmarik.TDL4.trojan a pise ze ho nemoze odstranit.
Myslim ze mi uz napachal dost skody - (pravdepodobne) vymazal vsetky multimedialne subory (nastastie uspesne obnovene) + momentalne mam problem s ovladacmi grafickej karty (hlasi Catalyst control center: Host application přestal pracovat)
Chcel by som poprosit o pomoc s jeho vymazanim.
System je Windows 7 64bit

Dakujem

Prikladam log.file z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by admin at 2011-10-09 11:12:46
Microsoft Windows 7 Home Premium
System drive C: has 170 GB (59%) free of 290 GB
Total RAM: 3950 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:12:55, on 09/10/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16839)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Sony\VAIO Care\VCSpt.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files (x86)\QuickTime\qttask.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
F2 - REG:system.ini: Shell=explorer.exe
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe /Stay
O4 - HKCU\..\Run: [VRLPHelper] C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe /Stay
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [SpyEmergency] C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16765 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\system32\WLANExt.exe 4845504
\??\C:\Windows\system32\conhost.exe "207489401310308141792080574798-195193022692935953-100914019-13443193671364787653
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Apoint\Apoint.exe"
taskeng.exe {6F81121A-95EF-4AF3-8FE2-FBFCB57544AD}
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe" /Stay
"C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe" /Stay
"C:\Program Files (x86)\uTorrent\uTorrent.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
"C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe"
"C:\Program Files\Apoint\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:\Program Files\Sony\VAIO Care\VCSpt.exe"
"C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe" /AutoStart
"C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" /Start
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE
"C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe"
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe"
"C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
"C:\Program Files\Apoint\Apvfb.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "2139029712-58157757-759462364-231063254-1728280435-20288248542119190952-2011188329
"C:\Program Files\Sony\VAIO Smart Network\VSNService.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe"
"C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
/Device:000000a1
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ae68fabe-e30d-4679-981b-63a380f753bd -SystemEventPortName:HostProcess-83c1fdb4-ac27-4259-8707-0a3c27b4b27b -IoCancelEventPortName:HostProcess-f12e4648-87c1-493e-a60b-85a4b911c6e8 -NonStateChangingEventPortName:HostProcess-b2fc0ed8-2a4e-4f64-a282-4197e7abf63a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:18edf48b-295b-4233-b887-c6925b9d3daf
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Sony\VAIO Care\VCsystray.exe"
"C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe" /Stationary
"C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe" -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=2000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=inteldata"
C:\Program Files\Sony\VAIO Care/listener.exe /silent /slot=0
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Sony\VAIO Power Management\SPMService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"C:\Program Files\Sony\VAIO Update Common\VUAgent.exe"
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" -Embedding
"C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1428.11cf25c0.2009848397 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 1428 plugin \\.\pipe\gecko-crash-server-pipe.1428
"C:\Users\admin\Desktop\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "DTToolbar@toolbarnet.com:1.1.4.0024, toolbar@ask.com:3.12.2.100007, {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}:3.3.3.2, engine@conduit.com:3.3.3.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.1.9&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files (x86)\Veetle\plugins\npVeetle.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files (x86)\Veetle\Player\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npnul32.dll
NPOFF12.DLL
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\
DTToolbar@toolbarnet.com
engine@conduit.com
toolbar@ask.com
{800b5000-a755-47e1-992b-48a1c1357f07}
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}

C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\searchplugins\
conduit.xml
daemon-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-08-27 410288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll [2011-06-18 341048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-01 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-08-27 305328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll [2011-06-18 1007160]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-08-01 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2011-01-20 1581376]
{2C688203-7EB3-4327-9995-1CB417BA23F9} - BS.Player ControlBar - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar64.dll [2008-08-11 1385928]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-08-27 410288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-08-27 305328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-05-31 10775584]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-05-31 2040352]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2010-05-31 212480]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-09-04 767312]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2726728]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-11-18 2919168]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Elbserver"=C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [2010-06-22 81264]
"VRLPHelper"=C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe [2010-06-22 183152]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2011-01-22 395128]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"OM2_Monitor"=C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2007-05-28 95800]
"AutoStartNPSAgent"=C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-08-01 39408]
"EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent []
"SpyEmergency"=C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-04 284696]
"ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2010-05-31 673136]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"Norton Online Backup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-01 1155928]
"PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [2010-06-01 600928]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"SHTtray.exe"=C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [2010-06-20 99696]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2010-11-30 74752]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SSBkgdUpdate"=C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"OpwareSE4"=C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\qttask.exe [2006-09-01 282624]
"NPSStartup"= []
""= []
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2011-05-17 395144]
"StartCCC"=C:\Program Files (x86)\ATI\ATI.ACE\Core-Static\CLIStart.exe [2011-09-08 343168]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-06-24 269824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-10-09 11:12:47 ----D---- C:\Program Files\trend micro
2011-10-09 11:12:46 ----D---- C:\rsit
2011-10-09 10:34:36 ----D---- C:\ProgramData\ATI
2011-10-09 10:34:34 ----D---- C:\Program Files (x86)\AMD APP
2011-10-09 10:33:07 ----D---- C:\Program Files (x86)\ATI
2011-10-09 10:30:39 ----D---- C:\ATI
2011-10-09 09:45:38 ----D---- C:\AMD
2011-10-08 23:45:28 ----D---- C:\recovery
2011-10-08 18:35:51 ----A---- C:\Windows\ntbtlog.txt
2011-10-08 18:28:17 ----D---- C:\Windows\Minidump
2011-10-06 22:50:32 ----D---- C:\ProgramData\ESET
2011-10-06 22:50:32 ----D---- C:\Program Files\ESET
2011-10-06 00:26:10 ----SHD---- C:\Config.Msi
2011-09-14 11:47:42 ----A---- C:\Windows\system32\OVDecode64.dll
2011-09-14 11:47:40 ----A---- C:\Windows\SYSWOW64\OVDecode.dll
2011-09-14 11:47:22 ----A---- C:\Windows\system32\OpenCL.dll
2011-09-14 11:47:18 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2011-09-14 11:47:10 ----A---- C:\Windows\system32\amdocl64.dll
2011-09-14 11:46:58 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2011-09-14 11:38:30 ----A---- C:\Windows\system32\amdoclcl64.dll
2011-09-14 11:38:28 ----A---- C:\Windows\SYSWOW64\amdoclcl.dll

======List of files/folders modified in the last 1 month======

2011-10-09 11:12:49 ----HD---- C:\Windows\Temp
2011-10-09 11:12:47 ----RD---- C:\Program Files
2011-10-09 11:12:29 ----D---- C:\Users\admin\AppData\Roaming\uTorrent
2011-10-09 10:54:53 ----SHD---- C:\Windows\Installer
2011-10-09 10:52:44 ----D---- C:\Windows\system32\config
2011-10-09 10:52:21 ----A---- C:\Windows\SYSWOW64\log.txt
2011-10-09 10:48:48 ----D---- C:\ProgramData\Microsoft Help
2011-10-09 10:43:52 ----RSD---- C:\Windows\assembly
2011-10-09 10:41:46 ----D---- C:\Windows\SysWOW64
2011-10-09 10:40:17 ----SHD---- C:\System Volume Information
2011-10-09 10:39:27 ----D---- C:\Windows\system32\catroot
2011-10-09 10:39:26 ----D---- C:\Windows\system32\catroot2
2011-10-09 10:37:08 ----D---- C:\Windows\winsxs
2011-10-09 10:34:36 ----HD---- C:\ProgramData
2011-10-09 10:34:35 ----D---- C:\Windows\System32
2011-10-09 10:34:34 ----RD---- C:\Program Files (x86)
2011-10-09 10:34:09 ----D---- C:\Program Files\ATI
2011-10-09 10:33:04 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-10-08 18:49:39 ----D---- C:\Windows\system32\drivers
2011-10-08 18:49:38 ----SD---- C:\ProgramData\Microsoft
2011-10-08 18:40:53 ----D---- C:\Windows
2011-10-08 18:39:47 ----HD---- C:\Windows\Prefetch
2011-10-08 18:26:49 ----SD---- C:\Users\admin\AppData\Roaming\Microsoft
2011-10-08 17:28:03 ----HD---- C:\Windows\debug
2011-10-07 00:41:09 ----D---- C:\Program Files\Sony
2011-10-07 00:37:58 ----HD---- C:\Update
2011-10-07 00:28:01 ----D---- C:\ProgramData\Sony Corporation
2011-10-06 22:51:17 ----D---- C:\Windows\system32\DriverStore
2011-10-06 22:51:17 ----D---- C:\Windows\inf
2011-10-06 22:36:08 ----D---- C:\Windows\Tasks
2011-10-06 22:36:08 ----D---- C:\Windows\system32\wfp
2011-10-06 22:36:07 ----D---- C:\Windows\system
2011-10-06 22:35:58 ----D---- C:\Program Files (x86)\ICQ6Toolbar
2011-10-06 22:35:48 ----D---- C:\Windows\system32\wbem
2011-10-06 22:34:33 ----RSD---- C:\Windows\Fonts
2011-10-06 22:34:33 ----D---- C:\Windows\TAPI
2011-10-06 22:34:33 ----D---- C:\Windows\SYSWOW64\SDA
2011-10-06 22:34:33 ----D---- C:\Windows\SYSWOW64\Recovery
2011-10-06 22:34:33 ----D---- C:\Windows\InstDrvs
2011-10-06 22:34:32 ----D---- C:\Windows\Drivers
2011-10-06 22:34:31 ----D---- C:\Windows\twain_32
2011-10-06 22:34:31 ----D---- C:\Windows\SYSWOW64\wbem
2011-10-06 22:34:31 ----D---- C:\Windows\SYSWOW64\VAIO Startup Setting Tool
2011-10-06 22:34:31 ----D---- C:\Windows\SYSWOW64\Samsung_USB_Drivers
2011-10-06 22:34:31 ----D---- C:\Program Files\Windows Sidebar
2011-10-06 22:34:31 ----D---- C:\Program Files (x86)\Windows Sidebar
2011-10-06 22:34:30 ----D---- C:\Windows\SYSWOW64\RTCOM
2011-10-06 22:34:30 ----D---- C:\Windows\SYSWOW64\oobe
2011-10-06 22:34:30 ----D---- C:\Windows\SYSWOW64\drivers
2011-10-06 22:34:29 ----D---- C:\Windows\system32\Tasks
2011-10-06 22:34:29 ----D---- C:\Windows\ShellNew
2011-10-06 22:34:29 ----D---- C:\Windows\Setup
2011-10-06 22:34:28 ----D---- C:\Windows\security
2011-10-06 22:34:27 ----D---- C:\Windows\Resources
2011-10-06 22:34:25 ----RSD---- C:\Windows\Media
2011-10-06 22:34:19 ----D---- C:\Windows\ehome
2011-10-06 22:34:15 ----D---- C:\Windows\Downloaded Program Files
2011-10-06 22:34:15 ----D---- C:\Windows\CheckSur
2011-10-06 22:34:01 ----D---- C:\Windows\AppCompat
2011-10-06 22:34:00 ----D---- C:\Users\admin\AppData\Roaming\Winamp
2011-10-06 22:34:00 ----D---- C:\Users\admin\AppData\Roaming\Sony Corporation
2011-10-06 22:34:00 ----D---- C:\Users\admin\AppData\Roaming\Skype
2011-10-06 22:34:00 ----D---- C:\Users\admin\AppData\Roaming\PhotoFiltre Studio X
2011-10-06 22:33:59 ----D---- C:\Users\admin\AppData\Roaming\Intel
2011-10-06 22:33:58 ----D---- C:\Users\admin\AppData\Roaming\GRETECH
2011-10-06 22:33:58 ----D---- C:\Users\admin\AppData\Roaming\ArcSoft
2011-10-06 22:33:52 ----HD---- C:\SPLASH.SYS
2011-10-06 22:33:50 ----D---- C:\ProgramData\Skype
2011-10-06 22:33:50 ----D---- C:\ProgramData\ScanSoft
2011-10-06 22:33:49 ----D---- C:\ProgramData\InstallShield
2011-10-06 22:33:49 ----D---- C:\ProgramData\FLEXnet
2011-10-06 22:33:49 ----D---- C:\ProgramData\eSellerate
2011-10-06 22:33:49 ----D---- C:\ProgramData\Apple Computer
2011-10-06 22:33:48 ----D---- C:\Program Files\Windows Live
2011-10-06 22:33:45 ----D---- C:\Program Files\Realtek
2011-10-06 22:33:45 ----D---- C:\Program Files\Microsoft Games
2011-10-06 22:33:44 ----D---- C:\Program Files\Google
2011-10-06 22:33:43 ----D---- C:\Program Files\DIFX
2011-10-06 22:33:42 ----D---- C:\Program Files\Apoint
2011-10-06 22:33:42 ----D---- C:\Program Files (x86)\Windows Live SkyDrive
2011-10-06 22:33:42 ----D---- C:\Program Files (x86)\Windows Live
2011-10-06 22:33:42 ----D---- C:\Program Files (x86)\Winamp
2011-10-06 22:33:41 ----D---- C:\Program Files (x86)\Winamp Detect
2011-10-06 22:33:41 ----D---- C:\Program Files (x86)\Veetle
2011-10-06 22:33:41 ----D---- C:\Program Files (x86)\VAIO screensavers
2011-10-06 22:33:41 ----D---- C:\Program Files (x86)\uTorrent
2011-10-06 22:33:32 ----RD---- C:\Program Files (x86)\Skype
2011-10-06 22:33:27 ----D---- C:\Program Files (x86)\Realtek
2011-10-06 22:33:27 ----D---- C:\Program Files (x86)\QuickTime
2011-10-06 22:33:26 ----D---- C:\Program Files (x86)\PhotoFiltre Studio X
2011-10-06 22:33:26 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2011-10-06 22:33:25 ----D---- C:\Program Files (x86)\Mv2Player
2011-10-06 22:33:25 ----D---- C:\Program Files (x86)\MSBuild
2011-10-06 22:33:25 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-10-06 22:33:24 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-10-06 22:33:24 ----D---- C:\Program Files (x86)\Microsoft Works
2011-10-06 22:33:24 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-10-06 22:33:24 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2011-10-06 22:33:22 ----D---- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2011-10-06 22:33:22 ----D---- C:\Program Files (x86)\MarkAnyContentSAFER
2011-10-06 22:33:22 ----D---- C:\Program Files (x86)\MarkAny
2011-10-06 22:33:22 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2011-10-06 22:33:21 ----D---- C:\Program Files (x86)\Internet Explorer
2011-10-06 22:33:17 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-10-06 22:33:15 ----D---- C:\Program Files (x86)\ICQ7.4
2011-10-06 22:33:13 ----D---- C:\Program Files (x86)\ICQ7.2
2011-10-06 22:33:11 ----D---- C:\Program Files (x86)\Google
2011-10-06 22:33:10 ----D---- C:\Program Files (x86)\FilZip
2011-10-06 22:33:10 ----D---- C:\Program Files (x86)\Feedback Tool
2011-10-06 22:33:09 ----D---- C:\Program Files (x86)\Downloaded Installations
2011-10-06 22:33:09 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar
2011-10-06 22:33:09 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2011-10-06 22:33:07 ----D---- C:\Program Files (x86)\Common Files
2011-10-06 22:32:58 ----D---- C:\Program Files (x86)\Combined Community Codec Pack
2011-10-06 22:32:58 ----D---- C:\Program Files (x86)\Codec Pack - All In 1
2011-10-06 22:32:57 ----D---- C:\Program Files (x86)\Canon
2011-10-06 22:32:57 ----D---- C:\Program Files (x86)\BS.Player ControlBar
2011-10-06 22:32:56 ----D---- C:\Program Files (x86)\Ask.com
2011-10-06 22:30:29 ----D---- C:\Windows\registration
2011-10-06 22:30:23 ----D---- C:\Windows\Web
2011-10-06 22:30:23 ----D---- C:\Windows\Vss
2011-10-06 22:30:20 ----D---- C:\Windows\SYSWOW64\XPSViewer
2011-10-06 22:30:20 ----D---- C:\Windows\SYSWOW64\winrm
2011-10-06 22:30:19 ----D---- C:\Windows\SYSWOW64\WindowsPowerShell
2011-10-06 22:30:19 ----D---- C:\Windows\SYSWOW64\wdi
2011-10-06 22:30:19 ----D---- C:\Windows\SYSWOW64\WCN
2011-10-06 22:30:18 ----D---- C:\Windows\SYSWOW64\spp
2011-10-06 22:30:18 ----D---- C:\Windows\SYSWOW64\Speech
2011-10-06 22:30:18 ----D---- C:\Windows\SYSWOW64\slmgr
2011-10-06 22:30:13 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2011-10-06 22:30:10 ----D---- C:\Windows\SYSWOW64\NetworkList
2011-10-06 22:30:10 ----D---- C:\Windows\SYSWOW64\MUI
2011-10-06 22:30:10 ----D---- C:\Windows\SYSWOW64\Msdtc
2011-10-06 22:30:09 ----D---- C:\Windows\SYSWOW64\migwiz
2011-10-06 22:30:09 ----D---- C:\Windows\SYSWOW64\migration
2011-10-06 22:30:07 ----D---- C:\Windows\SYSWOW64\Macromed
2011-10-06 22:30:06 ----D---- C:\Windows\SYSWOW64\InstallShield
2011-10-06 22:30:06 ----D---- C:\Windows\SYSWOW64\IME
2011-10-06 22:30:04 ----D---- C:\Windows\SYSWOW64\Dism
2011-10-06 22:30:02 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-10-06 22:29:59 ----D---- C:\Windows\SYSWOW64\config
2011-10-06 22:29:59 ----D---- C:\Windows\SYSWOW64\com
2011-10-06 22:29:24 ----D---- C:\Windows\schemas
2011-10-06 22:29:23 ----D---- C:\Windows\PolicyDefinitions
2011-10-06 22:29:23 ----D---- C:\Windows\PLA
2011-10-06 22:29:23 ----D---- C:\Windows\Performance
2011-10-06 22:29:13 ----D---- C:\Windows\Microsoft.NET
2011-10-06 22:26:29 ----D---- C:\Windows\IME
2011-10-06 22:26:28 ----D---- C:\Windows\Help
2011-10-06 22:26:23 ----D---- C:\Windows\Globalization
2011-10-06 22:24:57 ----D---- C:\Windows\Branding
2011-10-06 22:23:15 ----D---- C:\Windows\AppPatch
2011-10-06 22:23:14 ----RD---- C:\Users
2011-10-06 22:22:38 ----D---- C:\Users\admin\AppData\Roaming\SoftGrid Client
2011-10-06 22:22:24 ----D---- C:\Users\admin\AppData\Roaming\Mozilla
2011-10-06 22:22:13 ----D---- C:\Users\admin\AppData\Roaming\Macromedia
2011-10-06 22:22:12 ----D---- C:\Users\admin\AppData\Roaming\BSplayer
2011-10-06 22:22:09 ----D---- C:\Users\admin\AppData\Roaming\Adobe
2011-10-06 22:21:08 ----D---- C:\ProgramData\Symantec
2011-10-06 22:20:42 ----D---- C:\ProgramData\McAfee
2011-10-06 22:20:42 ----D---- C:\ProgramData\Intel
2011-10-06 22:20:42 ----D---- C:\ProgramData\ICQ
2011-10-06 22:20:42 ----D---- C:\ProgramData\Google
2011-10-06 22:20:37 ----HD---- C:\ProgramData\CanonBJ
2011-10-06 22:20:36 ----D---- C:\ProgramData\Adobe
2011-10-06 22:20:30 ----D---- C:\Program Files\Windows Photo Viewer
2011-10-06 22:20:30 ----D---- C:\Program Files\Windows NT
2011-10-06 22:20:30 ----D---- C:\Program Files\Windows Media Player
2011-10-06 22:20:30 ----D---- C:\Program Files\Windows Mail
2011-10-06 22:20:30 ----D---- C:\Program Files\Windows Journal
2011-10-06 22:20:30 ----D---- C:\Program Files\Windows Defender
2011-10-06 22:20:18 ----D---- C:\Program Files\WIDCOMM
2011-10-06 22:19:56 ----D---- C:\Program Files\Reference Assemblies
2011-10-06 22:19:56 ----D---- C:\Program Files\MSBuild
2011-10-06 22:19:56 ----D---- C:\Program Files\Microsoft Office
2011-10-06 22:19:46 ----D---- C:\Program Files\Java
2011-10-06 22:19:46 ----D---- C:\Program Files\Internet Explorer
2011-10-06 22:19:36 ----D---- C:\Program Files\Intel
2011-10-06 22:19:34 ----D---- C:\Program Files\DVD Maker
2011-10-06 22:19:34 ----D---- C:\Program Files\Common Files\System
2011-10-06 22:19:34 ----D---- C:\Program Files\Common Files\SpeechEngines
2011-10-06 22:19:34 ----D---- C:\Program Files\Common Files
2011-10-06 22:19:33 ----D---- C:\Program Files\Common Files\Sony Shared
2011-10-06 22:19:28 ----HD---- C:\Program Files\CanonBJ
2011-10-06 22:19:28 ----D---- C:\Program Files\Common Files\Intel
2011-10-06 22:19:27 ----D---- C:\Program Files\Canon
2011-10-06 22:19:19 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2011-10-06 22:19:19 ----D---- C:\Program Files (x86)\Windows NT
2011-10-06 22:19:19 ----D---- C:\Program Files (x86)\Windows Media Player
2011-10-06 22:19:19 ----D---- C:\Program Files (x86)\Windows Mail
2011-10-06 22:19:12 ----D---- C:\Program Files (x86)\Windows Defender
2011-10-06 22:19:00 ----D---- C:\Program Files (x86)\Symantec
2011-10-06 22:18:58 ----D---- C:\Program Files (x86)\Sony
2011-10-06 22:18:09 ----D---- C:\Program Files (x86)\SmartSound Software
2011-10-06 22:18:03 ----D---- C:\Program Files (x86)\ScanSoft
2011-10-06 22:17:50 ----D---- C:\Program Files (x86)\Samsung
2011-10-06 22:17:24 ----D---- C:\Program Files (x86)\Reference Assemblies
2011-10-06 22:17:12 ----D---- C:\Program Files (x86)\OLYMPUS
2011-10-06 22:17:10 ----D---- C:\Program Files (x86)\Nero
2011-10-06 22:16:54 ----D---- C:\Program Files (x86)\Microsoft WSE
2011-10-06 22:16:54 ----D---- C:\Program Files (x86)\Microsoft
2011-10-06 22:16:52 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-10-06 22:16:21 ----D---- C:\Program Files (x86)\Microsoft Office
2011-10-06 22:16:10 ----D---- C:\Program Files (x86)\Java
2011-10-06 22:16:09 ----D---- C:\Program Files (x86)\Intel
2011-10-06 22:15:16 ----D---- C:\Program Files (x86)\GRETECH
2011-10-06 22:14:41 ----D---- C:\Program Files (x86)\Evernote
2011-10-06 22:12:57 ----D---- C:\Program Files (x86)\Cisco
2011-10-06 22:12:36 ----D---- C:\Program Files (x86)\ArcSoft
2011-10-06 22:12:23 ----D---- C:\Program Files (x86)\Adobe
2011-10-06 22:10:50 ----RHD---- C:\MSOCache
2011-09-28 14:35:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-09-16 11:02:44 ----A---- C:\Windows\system32\MRT.exe
2011-09-10 16:03:43 ----HD---- C:\Users\admin\AppData\Roaming\skypePM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-03-04 540696]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2008-06-16 55024]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-06-19 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-23 254528]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 141264]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-09-03 170104]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 126320]
R2 rimspci;rimspci; C:\Windows\system32\drivers\rimssne64.sys [2010-06-23 94208]
R2 risdsnpe;risdsnpe; C:\Windows\system32\drivers\risdsne64.sys [2010-06-23 78848]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\drivers\Apfiltr.sys [2010-05-31 299568]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-06-24 6107136]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
R3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-06-23 342056]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-06-23 102952]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2010-06-23 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-06-23 39464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-06-23 21544]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-05-28 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-05-31 2357024]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-05-31 7689216]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2010-05-31 231328]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 109056]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys [2010-04-26 12032]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-05-31 1573888]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-06-24 10326784]
S3 Impcd;Impcd; C:\Windows\system32\drivers\Impcd.sys [2010-05-28 158976]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-06-24 271872]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2007-09-17 29184]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-04-27 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-04-27 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-04-27 172104]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-06-24 202752]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-06-09 952096]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-11-18 810144]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-03-05 1425168]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 101528]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-05-28 268824]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-01 2804568]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 367456]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-03-05 831760]
R2 SampleCollector;VAIO Care Performance Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2010-05-25 252416]
R2 SOHCImp;VAIO Media plus Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-20 108400]
R2 SOHDms;VAIO Media plus Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 423280]
R2 SOHDs;VAIO Media plus Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-20 67952]
R2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-28 2320920]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [2010-05-31 217968]
R2 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 575856]
R2 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-06-17 851824]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-06-09 537456]
R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-06-08 836608]
R3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-06-06 304496]
R3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2011-09-23 1429608]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-01 136176]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8; C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-11-18 42360]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-01 867080]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-01 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-08-01 182768]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 384880]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-06-09 101232]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-16 1255736]

-----------------EOF-----------------

Také zdravím!
Poprosím o log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Log sa mi generoval takmer 3 hodiny ale nakoniec sa to podarilo.

log z Combofix:

ComboFix 11-10-09.01 - admin 09/10/2011 14:16:24.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1029.18.3950.2139 [GMT 2:00]
Running from: c:\users\admin\Desktop\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\admin\AppData\Roaming\.#
c:\windows\iun6002.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-09-09 to 2011-10-09 )))))))))))))))))))))))))))))))
.
.
2011-10-09 16:37 . 2011-10-09 16:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-09 09:12 . 2011-10-09 09:12 -------- d-----w- c:\program files\trend micro
2011-10-09 09:12 . 2011-10-09 09:12 -------- d-----w- C:\rsit
2011-10-09 08:54 . 2011-10-09 08:54 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D75219F6-B7A8-41A1-9138-20CB49FD15CD}\offreg.dll
2011-10-09 08:44 . 2011-09-13 00:26 9049936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D75219F6-B7A8-41A1-9138-20CB49FD15CD}\mpengine.dll
2011-10-09 08:34 . 2011-10-09 08:34 -------- d-----w- c:\programdata\ATI
2011-10-09 08:34 . 2011-10-09 08:34 -------- d-----w- c:\program files (x86)\AMD APP
2011-10-09 08:33 . 2011-10-09 08:33 -------- d-----w- c:\program files (x86)\ATI
2011-10-09 08:30 . 2011-10-09 08:30 -------- d-----w- C:\ATI
2011-10-09 07:45 . 2011-10-09 07:45 -------- d-----w- C:\AMD
2011-10-08 21:45 . 2011-10-09 10:52 -------- d-----w- C:\recovery
2011-10-08 15:40 . 2011-10-08 15:40 -------- d-----w- c:\users\admin\AppData\Local\G DATA
2011-10-06 21:33 . 2011-10-06 21:33 -------- d-----w- c:\users\admin\AppData\Local\ESET
2011-10-06 20:50 . 2011-10-06 20:50 -------- d-----w- c:\program files\ESET
2011-09-14 09:47 . 2011-09-14 09:47 60416 ----a-w- c:\windows\system32\OVDecode64.dll
2011-09-14 09:47 . 2011-09-14 09:47 53760 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-09-14 09:47 . 2011-09-14 09:47 51200 ----a-w- c:\windows\system32\OpenCL.dll
2011-09-14 09:47 . 2011-09-14 09:47 43520 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-09-14 09:47 . 2011-09-14 09:47 16652288 ----a-w- c:\windows\system32\amdocl64.dll
2011-09-14 09:46 . 2011-09-14 09:46 13625856 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-09-14 09:38 . 2011-09-14 09:38 44032 ----a-w- c:\windows\system32\amdoclcl64.dll
2011-09-14 09:38 . 2011-09-14 09:38 37376 ----a-w- c:\windows\SysWow64\amdoclcl.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-22 05:35 . 2011-08-12 18:20 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-22 04:56 . 2011-08-12 18:20 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-07-16 05:26 . 2011-08-12 18:21 362496 ----a-w- c:\windows\system32\wow64win.dll
2011-07-16 05:26 . 2011-08-12 18:21 243200 ----a-w- c:\windows\system32\wow64.dll
2011-07-16 05:26 . 2011-08-12 18:21 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2011-07-16 05:26 . 2011-08-12 18:21 214528 ----a-w- c:\windows\system32\winsrv.dll
2011-07-16 05:24 . 2011-08-12 18:21 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2011-07-16 05:21 . 2011-08-12 18:21 422400 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 05:17 . 2011-08-12 18:21 338432 ----a-w- c:\windows\system32\conhost.exe
2011-07-16 05:04 . 2011-08-12 18:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 05:04 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-16 04:36 . 2011-08-12 18:21 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2011-07-16 04:32 . 2011-08-12 18:21 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-07-16 04:31 . 2011-08-12 18:21 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2011-07-16 04:30 . 2011-08-12 18:21 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2011-07-16 04:30 . 2011-08-12 18:21 272384 ----a-w- c:\windows\SysWow64\KernelBase.dll
2011-07-16 04:19 . 2011-08-12 18:21 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 04:19 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2011-07-16 02:26 . 2011-08-12 18:21 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2011-07-16 02:26 . 2011-08-12 18:21 2048 ----a-w- c:\windows\SysWow64\user.exe
2011-07-16 02:21 . 2011-08-12 18:21 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:21 . 2011-08-12 18:21 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:21 . 2011-08-12 18:21 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:21 . 2011-08-12 18:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-05-17 11:29 1490312 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Elbserver"="c:\program files (x86)\Sony\Media Gallery\ElbServer.exe" [2010-06-22 81264]
"VRLPHelper"="c:\program files (x86)\Sony\Media Gallery\VRLPHelper.exe" [2010-06-22 183152]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-01-22 395128]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"OM2_Monitor"="c:\program files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-05-28 95800]
"AutoStartNPSAgent"="c:\program files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [2010-07-04 95576]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-01 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-05-31 673136]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-06-01 600928]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"SHTtray.exe"="c:\program files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe" [2010-06-20 99696]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2010-11-30 74752]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"QuickTime Task"="c:\program files (x86)\QuickTime\qttask.exe" [2006-09-01 282624]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2011-05-17 395144]
"StartCCC"="c:\program files (x86)\ATI\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-08 343168]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-9 1128224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-01 136176]
R3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-01 136176]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 384880]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-06-09 101232]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-11-18 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 ICQ Service;ICQ Service;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 367456]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2010-05-25 252416]
S2 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-20 108400]
S2 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 423280]
S2 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-20 67952]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-28 2320920]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 575856]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-06-17 851824]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-06-09 537456]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-06-08 836608]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-06-06 304496]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-09-23 1429608]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
2009-07-14 01:14 301568 ----a-w- c:\windows\System32\cmd.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-01 13:44]
.
2011-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-01 13:44]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-31 10775584]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-05-31 2040352]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2726728]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-11-18 2919168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://start.icq.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: WikiKomentáre Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.5.1
FF - ProfilePath - c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: Nero Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: BS Player Community Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - %profile%\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
Wow6432Node-HKCU-Run-EA Core - c:\program files (x86)\Electronic Arts\EADM\Core.exe
Wow6432Node-HKCU-Run-SpyEmergency - c:\program files\NETGATE\Spy Emergency\SpyEmergency.exe
Wow6432Node-HKLM-Run-NPSStartup - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - (no file)
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=2000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-10-09 19:00:13
ComboFix-quarantined-files.txt 2011-10-09 17:00
.
Pre-Run: Volných bajtu: 178,708,910,080
Post-Run: Volných bajtu: 180,418,695,168
.
- - End Of File - - E19373CEF5439A526DF7B1578293A34A

Ještě dočistíme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Folder::
c:\program files (x86)\Ask.com

Registry::
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

Firefox::
FF - ProfilePath - c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.1.9&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: Nero Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: BS Player Community Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - %profile%\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com

Reboot::

Dále stáhněte MBR: http://www2.gmer.net/mbr/mbr.exe a uložte ho na plochu. Potom přes Startmenu>přík. řádek>(vložit) "%userprofile%\plocha\mbr" -t -s>OK jej spusťte. Utilita vytvoří krátký log, který sem zkopírujte.

Nechcelo mi to spustit MBR z prikazoveho riadku tak som urobil prepis "%userprofile%\desktop\mbr" -t -s

nasledny log z MBR:

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7600

device: opened successfully
user: error reading MBR

Disk trace:
error: Read Neplatný popisovac.
kernel: error reading MBR

Stáhněte TDSSKiller: http://support.kaspersky.com/downloads/ ... killer.zip a uložte ho na plochu. Spusťte v režimu "cure" a nechte skenovat. Po dokončení dejte log.

Sken som vykonal, ale nenasiel som moznost na ten rezim "cure"

log z TDSSKiller:

20:24:38.0830 4464 TDSS rootkit removing tool 2.6.6.0 Oct 7 2011 12:45:24
20:24:39.0004 4464 ============================================================
20:24:39.0004 4464 Current date / time: 2011/10/09 20:24:39.0004
20:24:39.0004 4464 SystemInfo:
20:24:39.0004 4464
20:24:39.0004 4464 OS Version: 6.1.7600 ServicePack: 0.0
20:24:39.0004 4464 Product type: Workstation
20:24:39.0004 4464 ComputerName: ADMIN-VAIO
20:24:39.0005 4464 UserName: admin
20:24:39.0005 4464 Windows directory: C:\Windows
20:24:39.0005 4464 System windows directory: C:\Windows
20:24:39.0005 4464 Running under WOW64
20:24:39.0005 4464 Processor architecture: Intel x64
20:24:39.0005 4464 Number of processors: 2
20:24:39.0005 4464 Page size: 0x1000
20:24:39.0005 4464 Boot type: Normal boot
20:24:39.0005 4464 ============================================================
20:24:39.0436 4464 Initialize success
20:25:00.0471 5228 ============================================================
20:25:00.0471 5228 Scan started
20:25:00.0471 5228 Mode: Manual;
20:25:00.0471 5228 ============================================================
20:25:04.0738 5228 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
20:25:04.0780 5228 1394ohci - ok
20:25:04.0935 5228 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
20:25:04.0945 5228 ACPI - ok
20:25:05.0072 5228 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
20:25:05.0107 5228 AcpiPmi - ok
20:25:05.0281 5228 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
20:25:05.0344 5228 adp94xx - ok
20:25:05.0500 5228 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
20:25:05.0558 5228 adpahci - ok
20:25:05.0714 5228 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
20:25:05.0721 5228 adpu320 - ok
20:25:05.0878 5228 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
20:25:05.0920 5228 AFD - ok
20:25:06.0072 5228 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:25:06.0119 5228 agp440 - ok
20:25:06.0273 5228 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:25:06.0308 5228 aliide - ok
20:25:06.0396 5228 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:25:06.0431 5228 amdide - ok
20:25:06.0517 5228 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
20:25:06.0553 5228 AmdK8 - ok
20:25:06.0598 5228 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
20:25:06.0620 5228 AmdPPM - ok
20:25:06.0698 5228 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\drivers\amdsata.sys
20:25:06.0736 5228 amdsata - ok
20:25:06.0776 5228 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
20:25:06.0801 5228 amdsbs - ok
20:25:06.0827 5228 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\drivers\amdxata.sys
20:25:06.0830 5228 amdxata - ok
20:25:06.0888 5228 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\drivers\Apfiltr.sys
20:25:06.0945 5228 ApfiltrService - ok
20:25:06.0991 5228 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
20:25:07.0048 5228 AppID - ok
20:25:07.0103 5228 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
20:25:07.0134 5228 arc - ok
20:25:07.0170 5228 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
20:25:07.0174 5228 arcsas - ok
20:25:07.0244 5228 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
20:25:07.0247 5228 ArcSoftKsUFilter - ok
20:25:07.0280 5228 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:25:07.0305 5228 AsyncMac - ok
20:25:07.0373 5228 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:25:07.0403 5228 atapi - ok
20:25:07.0474 5228 athr (cca705cdf038d5bc243203ce4416b345) C:\Windows\system32\DRIVERS\athrx.sys
20:25:07.0534 5228 athr - ok
20:25:07.0801 5228 atikmdag (eaea2ce49de0cca80beb9134107e5dd7) C:\Windows\system32\DRIVERS\atikmdag.sys
20:25:08.0050 5228 atikmdag - ok
20:25:08.0210 5228 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
20:25:08.0222 5228 b06bdrv - ok
20:25:08.0285 5228 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:25:08.0325 5228 b57nd60a - ok
20:25:08.0392 5228 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:25:08.0394 5228 Beep - ok
20:25:08.0449 5228 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
20:25:08.0472 5228 blbdrive - ok
20:25:08.0501 5228 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
20:25:08.0537 5228 bowser - ok
20:25:08.0566 5228 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
20:25:08.0569 5228 BrFiltLo - ok
20:25:08.0589 5228 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
20:25:08.0591 5228 BrFiltUp - ok
20:25:08.0639 5228 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:25:08.0681 5228 Brserid - ok
20:25:08.0699 5228 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:25:08.0717 5228 BrSerWdm - ok
20:25:08.0759 5228 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:25:08.0777 5228 BrUsbMdm - ok
20:25:08.0799 5228 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:25:08.0802 5228 BrUsbSer - ok
20:25:08.0872 5228 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
20:25:08.0908 5228 BthEnum - ok
20:25:08.0947 5228 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
20:25:08.0984 5228 BTHMODEM - ok
20:25:09.0030 5228 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
20:25:09.0035 5228 BthPan - ok
20:25:09.0107 5228 BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\Windows\system32\Drivers\BTHport.sys
20:25:09.0145 5228 BTHPORT - ok
20:25:09.0171 5228 BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\Windows\system32\Drivers\BTHUSB.sys
20:25:09.0192 5228 BTHUSB - ok
20:25:09.0251 5228 btwampfl (59e3510784548c6939c1b3b985c232e3) C:\Windows\system32\drivers\btwampfl.sys
20:25:09.0296 5228 btwampfl - ok
20:25:09.0313 5228 btwaudio (1872074ed0a3fb22e3f1e3197b984bfa) C:\Windows\system32\drivers\btwaudio.sys
20:25:09.0316 5228 btwaudio - ok
20:25:09.0371 5228 btwavdt (691cf076c33ab1c3a5b2fd5450300733) C:\Windows\system32\drivers\btwavdt.sys
20:25:09.0378 5228 btwavdt - ok
20:25:09.0449 5228 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
20:25:09.0453 5228 btwl2cap - ok
20:25:09.0491 5228 btwrchid (c9273b20dec8ce38dbce5d29de63c907) C:\Windows\system32\DRIVERS\btwrchid.sys
20:25:09.0495 5228 btwrchid - ok
20:25:09.0739 5228 catchme - ok
20:25:09.0828 5228 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:25:09.0832 5228 cdfs - ok
20:25:09.0873 5228 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
20:25:09.0912 5228 cdrom - ok
20:25:09.0951 5228 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
20:25:09.0955 5228 circlass - ok
20:25:10.0002 5228 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:25:10.0056 5228 CLFS - ok
20:25:10.0096 5228 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
20:25:10.0113 5228 CmBatt - ok
20:25:10.0143 5228 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:25:10.0163 5228 cmdide - ok
20:25:10.0203 5228 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
20:25:10.0230 5228 CNG - ok
20:25:10.0270 5228 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
20:25:10.0290 5228 Compbatt - ok
20:25:10.0324 5228 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
20:25:10.0327 5228 CompositeBus - ok
20:25:10.0368 5228 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
20:25:10.0371 5228 crcdisk - ok
20:25:10.0451 5228 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
20:25:10.0455 5228 DfsC - ok
20:25:10.0473 5228 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:25:10.0513 5228 discache - ok
20:25:10.0535 5228 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
20:25:10.0553 5228 Disk - ok
20:25:10.0583 5228 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:25:10.0599 5228 drmkaud - ok
20:25:10.0656 5228 dtsoftbus01 (fb9bef3401ee5ecc2603311b9c64f44a) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:25:10.0666 5228 dtsoftbus01 - ok
20:25:10.0726 5228 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
20:25:10.0747 5228 DXGKrnl - ok
20:25:10.0909 5228 eamonm (72a1aa3c6c79b928d02a6fad387b1349) C:\Windows\system32\DRIVERS\eamonm.sys
20:25:10.0914 5228 eamonm - ok
20:25:11.0027 5228 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
20:25:11.0077 5228 ebdrv - ok
20:25:11.0254 5228 ehdrv (e99457900012b53b2226f146ecaf9136) C:\Windows\system32\DRIVERS\ehdrv.sys
20:25:11.0292 5228 ehdrv - ok
20:25:11.0416 5228 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
20:25:11.0429 5228 elxstor - ok
20:25:11.0481 5228 epfwwfpr (a2af094dcbe8bff7e898d327750506a0) C:\Windows\system32\DRIVERS\epfwwfpr.sys
20:25:11.0513 5228 epfwwfpr - ok
20:25:11.0545 5228 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:25:11.0566 5228 ErrDev - ok
20:25:11.0608 5228 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:25:11.0651 5228 exfat - ok
20:25:11.0679 5228 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:25:11.0714 5228 fastfat - ok
20:25:11.0749 5228 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
20:25:11.0783 5228 fdc - ok
20:25:11.0816 5228 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:25:11.0833 5228 FileInfo - ok
20:25:11.0852 5228 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:25:11.0873 5228 Filetrace - ok
20:25:11.0897 5228 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
20:25:11.0899 5228 flpydisk - ok
20:25:11.0937 5228 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
20:25:11.0957 5228 FltMgr - ok
20:25:11.0982 5228 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:25:12.0002 5228 FsDepends - ok
20:25:12.0017 5228 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
20:25:12.0035 5228 Fs_Rec - ok
20:25:12.0074 5228 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys
20:25:12.0109 5228 fvevol - ok
20:25:12.0169 5228 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
20:25:12.0231 5228 gagp30kx - ok
20:25:12.0328 5228 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:25:12.0332 5228 hcw85cir - ok
20:25:12.0379 5228 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
20:25:12.0388 5228 HdAudAddService - ok
20:25:12.0450 5228 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
20:25:12.0454 5228 HDAudBus - ok
20:25:12.0529 5228 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys
20:25:12.0533 5228 HECIx64 - ok
20:25:12.0560 5228 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
20:25:12.0608 5228 HidBatt - ok
20:25:12.0646 5228 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
20:25:12.0680 5228 HidBth - ok
20:25:12.0705 5228 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
20:25:12.0743 5228 HidIr - ok
20:25:12.0799 5228 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
20:25:12.0830 5228 HidUsb - ok
20:25:12.0866 5228 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
20:25:12.0887 5228 HpSAMD - ok
20:25:12.0923 5228 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
20:25:12.0949 5228 HTTP - ok
20:25:12.0962 5228 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
20:25:12.0979 5228 hwpolicy - ok
20:25:13.0011 5228 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:25:13.0030 5228 i8042prt - ok
20:25:13.0084 5228 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys
20:25:13.0088 5228 iaStor - ok
20:25:13.0156 5228 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\drivers\iaStorV.sys
20:25:13.0195 5228 iaStorV - ok
20:25:13.0456 5228 igfx (2a22ab054f4630d2ef4bab2853f6d5f6) C:\Windows\system32\DRIVERS\igdkmd64.sys
20:25:13.0673 5228 igfx - ok
20:25:13.0788 5228 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
20:25:13.0792 5228 iirsp - ok
20:25:13.0885 5228 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
20:25:13.0892 5228 Impcd - ok
20:25:13.0999 5228 IntcAzAudAddService (526e482afb586cb1cdd687869decf686) C:\Windows\system32\drivers\RTKVHD64.sys
20:25:14.0047 5228 IntcAzAudAddService - ok
20:25:14.0178 5228 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
20:25:14.0234 5228 IntcDAud - ok
20:25:14.0264 5228 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:25:14.0267 5228 intelide - ok
20:25:14.0314 5228 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
20:25:14.0334 5228 intelppm - ok
20:25:14.0355 5228 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:25:14.0359 5228 IpFilterDriver - ok
20:25:14.0387 5228 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
20:25:14.0391 5228 IPMIDRV - ok
20:25:14.0444 5228 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:25:14.0481 5228 IPNAT - ok
20:25:14.0512 5228 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:25:14.0513 5228 IRENUM - ok
20:25:14.0564 5228 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:25:14.0597 5228 isapnp - ok
20:25:14.0630 5228 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
20:25:14.0654 5228 iScsiPrt - ok
20:25:14.0698 5228 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
20:25:14.0702 5228 kbdclass - ok
20:25:14.0732 5228 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\drivers\kbdhid.sys
20:25:14.0735 5228 kbdhid - ok
20:25:14.0796 5228 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
20:25:14.0800 5228 KSecDD - ok
20:25:14.0817 5228 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
20:25:14.0822 5228 KSecPkg - ok
20:25:14.0841 5228 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:25:14.0863 5228 ksthunk - ok
20:25:14.0908 5228 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:25:14.0925 5228 lltdio - ok
20:25:14.0982 5228 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
20:25:15.0002 5228 LSI_FC - ok
20:25:15.0052 5228 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
20:25:15.0089 5228 LSI_SAS - ok
20:25:15.0125 5228 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
20:25:15.0162 5228 LSI_SAS2 - ok
20:25:15.0190 5228 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
20:25:15.0213 5228 LSI_SCSI - ok
20:25:15.0280 5228 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:25:15.0285 5228 luafv - ok
20:25:15.0318 5228 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
20:25:15.0366 5228 megasas - ok
20:25:15.0392 5228 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
20:25:15.0416 5228 MegaSR - ok
20:25:15.0460 5228 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:25:15.0463 5228 Modem - ok
20:25:15.0513 5228 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:25:15.0549 5228 monitor - ok
20:25:15.0578 5228 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
20:25:15.0581 5228 mouclass - ok
20:25:15.0684 5228 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:25:15.0688 5228 mouhid - ok
20:25:15.0706 5228 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
20:25:15.0741 5228 mountmgr - ok
20:25:15.0779 5228 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
20:25:15.0784 5228 mpio - ok
20:25:15.0835 5228 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:25:15.0866 5228 mpsdrv - ok
20:25:15.0920 5228 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
20:25:15.0925 5228 MRxDAV - ok
20:25:15.0957 5228 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:25:15.0980 5228 mrxsmb - ok
20:25:16.0015 5228 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:25:16.0021 5228 mrxsmb10 - ok
20:25:16.0058 5228 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:25:16.0081 5228 mrxsmb20 - ok
20:25:16.0112 5228 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
20:25:16.0134 5228 msahci - ok
20:25:16.0188 5228 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
20:25:16.0221 5228 msdsm - ok
20:25:16.0253 5228 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:25:16.0255 5228 Msfs - ok
20:25:16.0281 5228 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:25:16.0283 5228 mshidkmdf - ok
20:25:16.0317 5228 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:25:16.0336 5228 msisadrv - ok
20:25:16.0375 5228 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:25:16.0378 5228 MSKSSRV - ok
20:25:16.0422 5228 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:25:16.0424 5228 MSPCLOCK - ok
20:25:16.0450 5228 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:25:16.0484 5228 MSPQM - ok
20:25:16.0512 5228 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
20:25:16.0518 5228 MsRPC - ok
20:25:16.0536 5228 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
20:25:16.0539 5228 mssmbios - ok
20:25:16.0557 5228 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:25:16.0559 5228 MSTEE - ok
20:25:16.0591 5228 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
20:25:16.0593 5228 MTConfig - ok
20:25:16.0610 5228 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:25:16.0631 5228 Mup - ok
20:25:16.0692 5228 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:25:16.0750 5228 NativeWifiP - ok
20:25:16.0815 5228 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
20:25:16.0850 5228 NDIS - ok
20:25:16.0878 5228 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:25:16.0900 5228 NdisCap - ok
20:25:16.0934 5228 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:25:16.0938 5228 NdisTapi - ok
20:25:16.0971 5228 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
20:25:16.0975 5228 Ndisuio - ok
20:25:16.0998 5228 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
20:25:17.0033 5228 NdisWan - ok
20:25:17.0048 5228 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
20:25:17.0070 5228 NDProxy - ok
20:25:17.0111 5228 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:25:17.0134 5228 NetBIOS - ok
20:25:17.0159 5228 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
20:25:17.0163 5228 NetBT - ok
20:25:17.0381 5228 NETw5s64 (18555f48844c2861d9dce8f2b7223ae5) C:\Windows\system32\DRIVERS\NETw5s64.sys
20:25:17.0554 5228 NETw5s64 - ok
20:25:17.0676 5228 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
20:25:17.0733 5228 nfrd960 - ok
20:25:17.0787 5228 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:25:17.0808 5228 Npfs - ok
20:25:17.0824 5228 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:25:17.0840 5228 nsiproxy - ok
20:25:17.0891 5228 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
20:25:17.0942 5228 Ntfs - ok
20:25:17.0966 5228 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:25:17.0982 5228 Null - ok
20:25:18.0023 5228 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\drivers\nvraid.sys
20:25:18.0031 5228 nvraid - ok
20:25:18.0055 5228 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\drivers\nvstor.sys
20:25:18.0094 5228 nvstor - ok
20:25:18.0156 5228 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:25:18.0194 5228 nv_agp - ok
20:25:18.0226 5228 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:25:18.0249 5228 ohci1394 - ok
20:25:18.0308 5228 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
20:25:18.0330 5228 Parport - ok
20:25:18.0370 5228 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
20:25:18.0393 5228 partmgr - ok
20:25:18.0482 5228 pccsmcfd (81b5e63131090879ad6ef9f32109b88d) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
20:25:18.0518 5228 pccsmcfd - ok
20:25:18.0541 5228 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
20:25:18.0543 5228 pci - ok
20:25:18.0562 5228 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:25:18.0580 5228 pciide - ok
20:25:18.0609 5228 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
20:25:18.0632 5228 pcmcia - ok
20:25:18.0667 5228 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:25:18.0688 5228 pcw - ok
20:25:18.0712 5228 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:25:18.0740 5228 PEAUTH - ok
20:25:18.0803 5228 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
20:25:18.0823 5228 PptpMiniport - ok
20:25:18.0853 5228 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
20:25:18.0886 5228 Processor - ok
20:25:18.0922 5228 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
20:25:18.0943 5228 Psched - ok
20:25:18.0989 5228 PxHlpa64 (fbf4db6d53585437e41a113300002a2b) C:\Windows\system32\Drivers\PxHlpa64.sys
20:25:19.0027 5228 PxHlpa64 - ok
20:25:19.0090 5228 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
20:25:19.0112 5228 ql2300 - ok
20:25:19.0149 5228 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
20:25:19.0153 5228 ql40xx - ok
20:25:19.0181 5228 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:25:19.0203 5228 QWAVEdrv - ok
20:25:19.0224 5228 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:25:19.0241 5228 RasAcd - ok
20:25:19.0276 5228 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:25:19.0281 5228 RasAgileVpn - ok
20:25:19.0313 5228 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:25:19.0344 5228 Rasl2tp - ok
20:25:19.0364 5228 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:25:19.0368 5228 RasPppoe - ok
20:25:19.0387 5228 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:25:19.0408 5228 RasSstp - ok
20:25:19.0430 5228 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
20:25:19.0439 5228 rdbss - ok
20:25:19.0491 5228 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
20:25:19.0539 5228 rdpbus - ok
20:25:19.0573 5228 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:25:19.0575 5228 RDPCDD - ok
20:25:19.0628 5228 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:25:19.0631 5228 RDPENCDD - ok
20:25:19.0664 5228 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:25:19.0667 5228 RDPREFMP - ok
20:25:19.0698 5228 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
20:25:19.0732 5228 RDPWD - ok
20:25:19.0784 5228 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys
20:25:19.0788 5228 rdyboost - ok
20:25:19.0876 5228 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
20:25:19.0894 5228 RFCOMM - ok
20:25:19.0960 5228 rimspci (fa6abc06b629da29634d31f1fe0347bd) C:\Windows\system32\drivers\rimssne64.sys
20:25:19.0978 5228 rimspci - ok
20:25:20.0034 5228 risdsnpe (8f8539a7f5c117d4407b2985995671f2) C:\Windows\system32\drivers\risdsne64.sys
20:25:20.0052 5228 risdsnpe - ok
20:25:20.0097 5228 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:25:20.0115 5228 rspndr - ok
20:25:20.0207 5228 RTHDMIAzAudService (d6d381b76056c668679723938f06f16c) C:\Windows\system32\drivers\RtHDMIVX.sys
20:25:20.0256 5228 RTHDMIAzAudService - ok
20:25:20.0348 5228 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys
20:25:20.0385 5228 sbp2port - ok
20:25:20.0412 5228 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
20:25:20.0446 5228 scfilter - ok
20:25:20.0503 5228 sdbus (2c8d162efaf73abd36d8bcbb6340cae7) C:\Windows\system32\DRIVERS\sdbus.sys
20:25:20.0508 5228 sdbus - ok
20:25:20.0591 5228 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:25:20.0626 5228 secdrv - ok
20:25:20.0665 5228 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
20:25:20.0686 5228 Serenum - ok
20:25:20.0709 5228 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
20:25:20.0771 5228 Serial - ok
20:25:20.0821 5228 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
20:25:20.0842 5228 sermouse - ok
20:25:20.0912 5228 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
20:25:20.0947 5228 SFEP - ok
20:25:20.0982 5228 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:25:21.0001 5228 sffdisk - ok
20:25:21.0020 5228 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:25:21.0038 5228 sffp_mmc - ok
20:25:21.0069 5228 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\drivers\sffp_sd.sys
20:25:21.0071 5228 sffp_sd - ok
20:25:21.0106 5228 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
20:25:21.0138 5228 sfloppy - ok
20:25:21.0192 5228 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
20:25:21.0242 5228 SiSRaid2 - ok
20:25:21.0263 5228 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
20:25:21.0281 5228 SiSRaid4 - ok
20:25:21.0325 5228 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:25:21.0329 5228 Smb - ok
20:25:21.0379 5228 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:25:21.0398 5228 spldr - ok
20:25:21.0441 5228 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
20:25:21.0449 5228 srv - ok
20:25:21.0478 5228 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
20:25:21.0504 5228 srv2 - ok
20:25:21.0531 5228 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
20:25:21.0535 5228 srvnet - ok
20:25:21.0583 5228 sscdbus (f4f1e1ff6986fe8914525af751ea3eac) C:\Windows\system32\DRIVERS\sscdbus.sys
20:25:21.0588 5228 sscdbus - ok
20:25:21.0640 5228 sscdmdfl (5447690d2cfe1bde1be3a5a5a3e2f796) C:\Windows\system32\DRIVERS\sscdmdfl.sys
20:25:21.0643 5228 sscdmdfl - ok
20:25:21.0671 5228 sscdmdm (bfda292053aeb76a0c1d63b2279d5138) C:\Windows\system32\DRIVERS\sscdmdm.sys
20:25:21.0677 5228 sscdmdm - ok
20:25:21.0723 5228 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
20:25:21.0726 5228 stexstor - ok
20:25:21.0767 5228 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
20:25:21.0793 5228 swenum - ok
20:25:21.0908 5228 Tcpip (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\drivers\tcpip.sys
20:25:21.0933 5228 Tcpip - ok
20:25:22.0094 5228 TCPIP6 (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\DRIVERS\tcpip.sys
20:25:22.0115 5228 TCPIP6 - ok
20:25:22.0156 5228 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
20:25:22.0159 5228 tcpipreg - ok
20:25:22.0179 5228 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:25:22.0197 5228 TDPIPE - ok
20:25:22.0206 5228 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
20:25:22.0218 5228 TDTCP - ok
20:25:22.0241 5228 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
20:25:22.0299 5228 tdx - ok
20:25:22.0321 5228 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
20:25:22.0324 5228 TermDD - ok
20:25:22.0367 5228 TFsExDisk (48d9d00c2e0e72c3d4f52772c80355f6) C:\Windows\System32\Drivers\TFsExDisk.sys
20:25:22.0387 5228 TFsExDisk - ok
20:25:22.0426 5228 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:25:22.0429 5228 tssecsrv - ok
20:25:22.0465 5228 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
20:25:22.0485 5228 tunnel - ok
20:25:22.0515 5228 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
20:25:22.0538 5228 uagp35 - ok
20:25:22.0567 5228 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys
20:25:22.0573 5228 udfs - ok
20:25:22.0617 5228 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:25:22.0638 5228 uliagpkx - ok
20:25:22.0675 5228 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
20:25:22.0694 5228 umbus - ok
20:25:22.0722 5228 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
20:25:22.0740 5228 UmPass - ok
20:25:22.0785 5228 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
20:25:22.0820 5228 usbccgp - ok
20:25:22.0844 5228 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:25:22.0848 5228 usbcir - ok
20:25:22.0865 5228 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\drivers\usbehci.sys
20:25:22.0868 5228 usbehci - ok
20:25:22.0934 5228 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\drivers\usbhub.sys
20:25:22.0972 5228 usbhub - ok
20:25:22.0992 5228 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
20:25:23.0012 5228 usbohci - ok
20:25:23.0055 5228 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:25:23.0077 5228 usbprint - ok
20:25:23.0112 5228 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
20:25:23.0115 5228 usbscan - ok
20:25:23.0189 5228 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:25:23.0227 5228 USBSTOR - ok
20:25:23.0248 5228 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
20:25:23.0251 5228 usbuhci - ok
20:25:23.0331 5228 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys
20:25:23.0339 5228 usbvideo - ok
20:25:23.0438 5228 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:25:23.0480 5228 vdrvroot - ok
20:25:23.0507 5228 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:25:23.0510 5228 vga - ok
20:25:23.0556 5228 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:25:23.0576 5228 VgaSave - ok
20:25:23.0616 5228 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
20:25:23.0644 5228 vhdmp - ok
20:25:23.0687 5228 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:25:23.0719 5228 viaide - ok
20:25:23.0755 5228 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
20:25:23.0792 5228 volmgr - ok
20:25:23.0830 5228 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
20:25:23.0836 5228 volmgrx - ok
20:25:23.0860 5228 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
20:25:23.0917 5228 volsnap - ok
20:25:23.0982 5228 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
20:25:24.0020 5228 vsmraid - ok
20:25:24.0072 5228 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:25:24.0095 5228 vwifibus - ok
20:25:24.0131 5228 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:25:24.0134 5228 vwififlt - ok
20:25:24.0200 5228 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
20:25:24.0204 5228 WacomPen - ok
20:25:24.0254 5228 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
20:25:24.0293 5228 WANARP - ok
20:25:24.0299 5228 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
20:25:24.0301 5228 Wanarpv6 - ok
20:25:24.0368 5228 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
20:25:24.0371 5228 Wd - ok
20:25:24.0401 5228 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:25:24.0413 5228 Wdf01000 - ok
20:25:24.0469 5228 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:25:24.0492 5228 WfpLwf - ok
20:25:24.0517 5228 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:25:24.0541 5228 WIMMount - ok
20:25:24.0587 5228 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
20:25:24.0604 5228 WmiAcpi - ok
20:25:24.0676 5228 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:25:24.0711 5228 ws2ifsl - ok
20:25:24.0752 5228 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
20:25:24.0772 5228 WudfPf - ok
20:25:24.0803 5228 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:25:24.0824 5228 WUDFRd - ok
20:25:24.0905 5228 yukonw7 (5250193ef8e173aa7491250f00eb367f) C:\Windows\system32\DRIVERS\yk62x64.sys
20:25:24.0946 5228 yukonw7 - ok
20:25:24.0991 5228 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:25:25.0041 5228 \Device\Harddisk0\DR0 - ok
20:25:25.0046 5228 Boot (0x1200) (602bb3187603a97b2d85cdbf3e99b5db) \Device\Harddisk0\DR0\Partition0
20:25:25.0048 5228 \Device\Harddisk0\DR0\Partition0 - ok
20:25:25.0062 5228 Boot (0x1200) (494a0d741fecf5d56ab66b0955369bb2) \Device\Harddisk0\DR0\Partition1
20:25:25.0063 5228 \Device\Harddisk0\DR0\Partition1 - ok
20:25:25.0064 5228 ============================================================
20:25:25.0064 5228 Scan finished
20:25:25.0064 5228 ============================================================
20:25:25.0078 1340 Detected object count: 0
20:25:25.0078 1340 Actual detected object count: 0

Mělo by to být toto:



Log je ale OK. Je jěště nějaký problém?

No bohuzial restartoval som pocitac ale stale mi vyskakuje okno NOD32 s hlaskou ze Win32/Olmarik.TDL4.trojan sa nachadza v operacnej pamati a "nelze ho lecit".
Stale je tam problem i s Catalyst control center.
Predtym ste mi este napisali ze mam presunut COMBOfix na plochu a skopirovat do notepadu vami uvedeny kratky log (KillAll::...)
Ako som mal postupovat s tym notepadom? nic som s nim nerobil..

Takto:



Před tím do něj uložte toto:

KillAll::

Folder::
c:\program files (x86)\Ask.com

Registry::
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

Firefox::
FF - ProfilePath - c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.1.9&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: Nero Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: BS Player Community Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - %profile%\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com

Reboot::

a uložte na plochu jako CFScript.txt.

Takze som urobil vsetko ako ste mi poradili, cize CFScript.txt som vlozil do ikony Combofix na ploche.
Nasledne som spustil Combofix ktory zacal pracovat a dosiel az po restart, bohuzial po zapnuti tam virus stale je.
Nevykonalo sa ziadne mazanie ako pri predchadzajucom pokuse.
Log z druheho pokusu som nasiel iba toto:

ComboFix 11-10-09.01 - admin 09/10/2011 22:06:52.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1029.18.3950.2559 [GMT 2:00]
Running from: C:\Users\admin\Desktop\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

pocas prace Combofixu mi vyhodilo hlasku ze subor 3XE prestal pracovat, ale scan pokracoval dalej

Zkuste spustit v nouz. režimu.

Dobry vecer,
Tak sa mi vcera podarilo Combofix spustit v normalnom rezime (CFScript.txt som vlozil do ikony Combofix na ploche)
Mazalo to subory asi 40 minut a tak som dufal ze Trojan bude konecne vymazany.
Bohuzial rano sa tam objavil zase.

Prikladam log z Combofix:

ComboFix 11-10-09.01 - admin 10/10/2011 21:48:13.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1029.18.3950.2547 [GMT 2:00]
Running from: C:\Users\admin\Desktop\Downloads\ComboFix.exe
Command switches used :: C:\Users\admin\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


c:\program files (x86)\Ask.com
c:\program files (x86)\Ask.com\assets\oobe\b.png
c:\program files (x86)\Ask.com\assets\oobe\bl.png
c:\program files (x86)\Ask.com\assets\oobe\br.png
c:\program files (x86)\Ask.com\assets\oobe\l.png
c:\program files (x86)\Ask.com\assets\oobe\pointer.png
c:\program files (x86)\Ask.com\assets\oobe\r.png
c:\program files (x86)\Ask.com\assets\oobe\t.png
c:\program files (x86)\Ask.com\assets\oobe\tl.png
c:\program files (x86)\Ask.com\assets\oobe\tr.png
c:\program files (x86)\Ask.com\cobrand.ico
c:\program files (x86)\Ask.com\config.xml
c:\program files (x86)\Ask.com\favicon.ico
c:\program files (x86)\Ask.com\fv_9aa7.ico
c:\program files (x86)\Ask.com\GenericAskToolbar.dll
c:\program files (x86)\Ask.com\mupcfg.xml
c:\program files (x86)\Ask.com\precache.exe
c:\program files (x86)\Ask.com\SaUpdate.exe
c:\program files (x86)\Ask.com\Updater\config.xml
c:\program files (x86)\Ask.com\Updater\Updater.exe
c:\program files (x86)\Ask.com\UpdateTask.exe
c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\icon.png
c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\install.rdf
c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\preview.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\chrome.manifest
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\chrome\bs_player.jar
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\ConduitAutoCompleteSearch.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\ConduitAutoCompleteSearch.xpt
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\ConduitToolbar.idl
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\ConduitToolbar.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\ConduitToolbar.xpt
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCore.dll
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCore.xpt
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCoreGecko19.dll
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults\alertSettingsComponent.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults\appContextMenu.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults\engineContextMenu.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults\engineSettings.json
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults\fbAlert.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults\getAppsContextMenu.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults\postAppsContextMenu.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults\toolbarContextMenu.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults\unsharedAppsContextMenu.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\install.rdf
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\lib\xpcom.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\META-INF\manifest.mf
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\META-INF\zigbert.rsa
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\META-INF\zigbert.sf
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\searchplugin\conduit.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\searchplugin\conduit.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\searchplugin\conduit.PNG
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\searchplugin\conduit.src
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\searchplugin\conduit.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\version.txt
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\chrome.manifest
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\chrome\content\AboutWindow.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\chrome\content\base.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\chrome\content\contents.rdf
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\chrome\content\dttoolbar.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\chrome\content\dttoolbar.xul
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\chrome\content\gadget.xul
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\chrome\content\options.xul
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.xpt
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\about.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\AboutWindow.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\accept.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\AddRadioStation.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\ARA.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\as.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\as.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_audio.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_buy.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_download.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_feedback.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_forum.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_home.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_lite.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astroburn_site.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astroLite_16.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\az.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\AZE.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\b1.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\burn_files.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\burn_image.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\burn_imgs.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\BurnImage.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\buy.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cal.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\CHS.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\CHT.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Config.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\d.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\d2.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\daemon_search.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\daemon_search_site.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\DEU.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dot_disabled.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dot_enabled.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dot_on_over.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\download.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\ds.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dsearch.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt-home.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_about.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_buy.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_download.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_faq.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_feedback.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_forum.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_line.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_lite.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_manual.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_pro.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\DTPro.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dtt16.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dtt32.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Dwnl.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\emulation.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\ENG.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\faq.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\favicon.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\fb.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\features.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\feedback.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\forum.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\FRA.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameCentrix.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameCentrixCristals.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameCentrixDownload.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameCentrixPlayOnline.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameCentrixTop.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameS.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\games_search.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\games_search_SA.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameSA.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\gct16.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\gd.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\genre.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\globe.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GrabImage.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\hb.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\hb.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\help.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\hide.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\home.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\image_search.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\image_search_SA.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\ImageS.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\ImageSA.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\ip.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\ITA.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\JPN.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\KOR.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\lang.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\lingvo.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\m.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mail.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mail_disable.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mail_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mail_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mail_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mailc.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mailc_disable.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mailc_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mailc_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mailc_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\manual.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\map.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\MenuRadioConfig.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\MenuRadioStation.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\MenuRSCur.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\MenuTr.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mount.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mount_n_drive.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\next.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\next_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\next_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\next_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\none.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\none_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\op.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\play.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\play.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\play_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\play_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\play_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\pragma.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\prev.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\prev_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\prev_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\prev_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\prod.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Radio.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioBg.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioBg.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioBgMask.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDisp.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDisp_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDown.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDown.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDown_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDown_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDown_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioE.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioG.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioL.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioLDotMask.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioLeft.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioLeftMask.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioLM.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioM.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioN.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioR.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioR.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioRM.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioRU.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioVolume.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioVolume_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioVolume_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioVolume_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioW.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\rbcheck.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\rbtxt.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\refresh.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\refresh_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\refresh_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\refresh_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Rss.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Rss1.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RssA.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RssA1.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\rssClose.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\rssL.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\rssOpen.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RssRefresh.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RUS.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\s2.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\show.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\size.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\size_lr.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\size_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\size_rl.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\skins.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\soft24.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\soft24_SA.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\spt.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\stop.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\stop.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\stop_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\stop_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\stop_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\style.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\SupportRequest.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\timer.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\TitleIcon.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\toolbar.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\trans.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Trash.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Trash_disable.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Trash_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Trash_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Trash_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\u.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\UKR.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\unmount-all.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_back.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_dott.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_dott_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_mute.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_mute_check.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtClose.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtClose_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtClose_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtClose_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtText.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtText_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtText_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtText_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\web_resources.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\web_search.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\web_search_SA.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\WebS.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\WebSa.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi0.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi1.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi10.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi11.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi12.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi13.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi14.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi2.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi3.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi4.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi5.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi6.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi7.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi8.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi9.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\DTToolbar@toolbarnet.com\install.rdf
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\chrome.manifest
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\chrome\conduitengine.jar
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\components\ConduitAutoCompleteSearch.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\components\ConduitAutoCompleteSearch.xpt
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\components\ConduitToolbar.idl
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\components\ConduitToolbar.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\components\ConduitToolbar.xpt
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\components\RadioWMPCore.dll
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\components\RadioWMPCore.xpt
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\defaults\alertSettingsComponent.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\defaults\appContextMenu.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\defaults\engineContextMenu.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\defaults\engineSettings.json
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\defaults\fbAlert.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\defaults\getAppsContextMenu.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\defaults\postAppsContextMenu.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\defaults\toolbarContextMenu.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\defaults\unsharedAppsContextMenu.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\DualPackage\install.rdf
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\install.rdf
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\lib\xpcom.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\META-INF\manifest.mf
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\META-INF\zigbert.rsa
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\META-INF\zigbert.sf
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\searchplugin\conduit.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\searchplugin\conduit.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\searchplugin\conduit.PNG
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\searchplugin\conduit.src
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\searchplugin\conduit.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\engine@conduit.com\version.txt
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome.manifest
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\about.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\about.xul
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\addon.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\bindings.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\button-bindings.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\cache.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\constants.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\core.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\custom-command-listener.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\dynamic-button-manager.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\dynamic-button.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\events.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\feeds.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\http-headers.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\issigned.exe
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\json.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\lifecycle.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\listeners.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\locale.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\logger.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\NeroApplicationManager.exe
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\network.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\newtab-manager.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\newtab-overlay.xul
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\newtab.html
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\newtab.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\notification-popup-controller.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\notification-popup-ff3.xul
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\notification-popup.xul
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\notification.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\observer.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\options.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\options.xul
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\preferences.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\prefetch.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\ss-popup-bindings.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\suggestions.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\update.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\updateRdf.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\utilities.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\webframe-bindings.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\webframe-manager.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\widget-controller.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\widget-popup.xul
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\content\widgets.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\ask_16x16.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\ask_32x32.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\ask_browser_ff_chrome.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\asklogo.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\b-p.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\b.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\bg.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\bl-pbl.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\bl-pbr.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\bl.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\blogs.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\br-pbl.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\br-pbr.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\br.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\chevron.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\close.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\dictionary.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\globe_18x.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\gripper.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\highlighter_off.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\highlighter_on.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\images.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\l.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\labels-de.properties
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\labels-en.properties
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\labels-es.properties
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\labels-fr.properties
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\labels-it.properties
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\labels-nl.properties
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\labels-pt.properties
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\labels-ru.properties
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\links-BR.properties
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\links-DE.properties
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\links-ES.properties
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\links-EU.properties
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\links-FR.properties
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\links-IT.properties
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\links-NL.properties
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\links-RU.properties
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\links-UK.properties
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\links-US.properties
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\loggedin.xul
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\loginframe.xul
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\logo_32x32.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\magnify_search.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\maps.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\nero.css
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\news.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\newtab.css
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\newtab_bkg.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\newtab_search_bkg.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\notification.css
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\nr_login.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\nr_logo.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\nr_photos.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\nr_rom.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\nr_videos.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\nr_whatsnew.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\preferences.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\r.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\search.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\search_ask.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\search_ask_de.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\search_ask_es.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\search_ask_fr.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\search_ask_it.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\search_ask_nl.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\search_ask_pl.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\search_ask_pt.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\search_ask_ru.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\search_cobrand.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\search_current_site.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\search_de.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\search_es.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\search_fr.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\search_grey_73x24.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\search_it.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\search_nl.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\search_pl.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\search_pt.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\search_ru.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\shopping.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\stocks.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\t-p.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\t.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\tl-ptl.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\tl-ptr.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\tl.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\toolbar.css
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\toolbar.xul
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\tr-ptl.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\tr-ptr.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\tr.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\weather.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\web.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\skin\zoomall.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-05-Aug-2011-20-16-00-GMT\ff-config.zip
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-10-Jun-2011-05-05-17-GMT\ff-config.zip
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-23-Sep-2011-05-30-37-GMT\ff-config.zip
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-22-Jan-2011-19-50-39-GMT\ff-config.zip
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-29-Jan-2011-18-02-32-GMT\ff-config.zip
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-31-May-2011-21-06-33-GMT\ff-config.zip
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-23-Mar-2011-06-16-08-GMT\ff-config.zip
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\datastore\cache.sqlite
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\defaults.js.bak
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\defaults\preferences\defaults.js
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\defaults\preferences\defaults.js.bak
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\install.rdf
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\logs\asktb-log-1318269560490.html
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\logs\asktb-log-1318270277761.html
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\logs\asktb-log-1318272913343.html
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\logs\asktb-log-1318273077172.html
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\logs\asktb-log-1318273194499.html
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\logs\asktb-log-1318273228782.html
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\logs\asktb-log-1318273261181.html
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\extensions\toolbar@ask.com\logs\asktb-log-1318273328685.html


((((((((((((((((((((((((( Files Created from 2011-09-10 to 2011-10-10 )))))))))))))))))))))))))))))))


2011-10-10 22:16:03 . 2011-10-10 22:16:03 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D75219F6-B7A8-41A1-9138-20CB49FD15CD}\offreg.dll
2011-10-10 22:11:07 . 2011-10-10 22:11:07 -------- d-----w- C:\Users\Default\AppData\Local\temp
2011-10-10 17:52:12 . 2011-04-28 03:58:42 552448 ----a-w- C:\Windows\system32\drivers\bthport.sys
2011-10-10 17:52:11 . 2011-04-28 03:58:34 80384 ----a-w- C:\Windows\system32\drivers\BTHUSB.SYS
2011-10-09 09:12:47 . 2011-10-09 09:12:55 -------- d-----w- C:\Program Files\trend micro
2011-10-09 09:12:46 . 2011-10-09 09:12:58 -------- d-----w- C:\rsit
2011-10-09 08:44:38 . 2011-09-13 00:26:15 9049936 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D75219F6-B7A8-41A1-9138-20CB49FD15CD}\mpengine.dll
2011-10-09 08:34:36 . 2011-10-09 08:34:36 -------- d-----w- C:\ProgramData\ATI
2011-10-09 08:34:34 . 2011-10-09 08:34:34 -------- d-----w- C:\Program Files (x86)\AMD APP
2011-10-09 08:33:07 . 2011-10-09 08:33:07 -------- d-----w- C:\Program Files (x86)\ATI
2011-10-09 08:30:39 . 2011-10-09 08:30:39 -------- d-----w- C:\ATI
2011-10-09 07:45:38 . 2011-10-09 07:45:38 -------- d-----w- C:\AMD
2011-10-08 21:45:28 . 2011-10-09 10:52:28 -------- d-----w- C:\recovery
2011-10-08 15:40:42 . 2011-10-08 15:40:42 -------- d-----w- C:\Users\admin\AppData\Local\G DATA
2011-10-06 21:33:25 . 2011-10-06 21:33:25 -------- d-----w- C:\Users\admin\AppData\Local\ESET
2011-10-06 20:50:32 . 2011-10-06 20:50:32 -------- d-----w- C:\Program Files\ESET
2011-10-05 22:20:18 . 2011-07-09 05:14:10 2048 ----a-w- C:\Windows\system32\tzres.dll
2011-10-05 22:20:18 . 2011-07-09 04:30:52 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-09-14 09:47:42 . 2011-09-14 09:47:42 60416 ----a-w- C:\Windows\system32\OVDecode64.dll
2011-09-14 09:47:40 . 2011-09-14 09:47:40 53760 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2011-09-14 09:47:22 . 2011-09-14 09:47:22 51200 ----a-w- C:\Windows\system32\OpenCL.dll
2011-09-14 09:47:18 . 2011-09-14 09:47:18 43520 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2011-09-14 09:47:10 . 2011-09-14 09:47:10 16652288 ----a-w- C:\Windows\system32\amdocl64.dll
2011-09-14 09:46:58 . 2011-09-14 09:46:58 13625856 ----a-w- C:\Windows\SysWow64\amdocl.dll
2011-09-14 09:38:30 . 2011-09-14 09:38:30 44032 ----a-w- C:\Windows\system32\amdoclcl64.dll
2011-09-14 09:38:28 . 2011-09-14 09:38:28 37376 ----a-w- C:\Windows\SysWow64\amdoclcl.dll
.


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2011-07-22 05:35:08 . 2011-08-12 18:20:03 1638912 ----a-w- C:\Windows\system32\mshtml.tlb
2011-07-22 04:56:17 . 2011-08-12 18:20:03 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-07-16 05:26:54 . 2011-08-12 18:21:38 362496 ----a-w- C:\Windows\system32\wow64win.dll
2011-07-16 05:26:53 . 2011-08-12 18:21:38 243200 ----a-w- C:\Windows\system32\wow64.dll
2011-07-16 05:26:53 . 2011-08-12 18:21:37 13312 ----a-w- C:\Windows\system32\wow64cpu.dll
2011-07-16 05:26:18 . 2011-08-12 18:21:38 214528 ----a-w- C:\Windows\system32\winsrv.dll
2011-07-16 05:24:09 . 2011-08-12 18:21:37 16384 ----a-w- C:\Windows\system32\ntvdm64.dll
2011-07-16 05:21:32 . 2011-08-12 18:21:39 422400 ----a-w- C:\Windows\system32\KernelBase.dll
2011-07-16 05:17:46 . 2011-08-12 18:21:38 338432 ----a-w- C:\Windows\system32\conhost.exe
2011-07-16 05:04:54 . 2011-08-12 18:21:37 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 6144 ---ha-w- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 5120 ---ha-w- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 4608 ---ha-w- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 4608 ---ha-w- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 4096 ---ha-w- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 4096 ---ha-w- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 4096 ---ha-w- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:35 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:34 4096 ---ha-w- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 05:04:54 . 2011-08-12 18:21:34 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-16 04:36:09 . 2011-08-12 18:21:37 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-07-16 04:32:14 . 2011-08-12 18:21:37 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-07-16 04:31:50 . 2011-08-12 18:21:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-07-16 04:30:29 . 2011-08-12 18:21:37 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-07-16 04:30:27 . 2011-08-12 18:21:38 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:37 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:35 5120 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:35 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:35 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:35 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:35 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:35 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:35 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:35 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:35 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:35 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:35 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:35 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:35 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:35 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:35 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:35 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:35 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:35 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:35 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:35 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:34 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:34 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 04:19:58 . 2011-08-12 18:21:34 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2011-07-16 02:26:12 . 2011-08-12 18:21:37 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-07-16 02:26:11 . 2011-08-12 18:21:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-07-16 02:21:47 . 2011-08-12 18:21:34 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:21:47 . 2011-08-12 18:21:34 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:21:47 . 2011-08-12 18:21:34 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:21:47 . 2011-08-12 18:21:34 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

pokracovanie logu:

((((((((((((((((((((((((((((( SnapShot@2011-10-09_16.39.40 )))))))))))))))))))))))))))))))))))))))))

+ 2009-07-14 04:54:17 . 2011-10-10 22:13:50 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54:17 . 2011-10-09 08:52:51 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54:17 . 2011-10-10 22:13:50 32768 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54:17 . 2011-10-09 08:52:51 32768 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54:17 . 2011-10-09 08:52:51 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54:17 . 2011-10-10 22:13:50 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-07-20 23:22:50 . 2011-10-10 22:15:18 63702 C:\Windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10:35 . 2011-10-10 22:15:16 40810 C:\Windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-10-15 07:56:50 . 2011-10-10 22:15:17 16646 C:\Windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3916835265-3772352023-1004409751-1000_UserData.bin
+ 2009-07-14 05:30:40 . 2011-10-10 17:55:48 86016 C:\Windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30:40 . 2011-10-06 20:51:19 86016 C:\Windows\system32\DriverStore\infpub.dat
+ 2011-10-10 17:52:11 . 2011-04-28 03:58:34 80384 C:\Windows\system32\DriverStore\FileRepository\bth.inf_amd64_neutral_6c7b4ac630551f33\BTHUSB.SYS
+ 2009-07-14 00:06:53 . 2009-07-14 00:06:53 41984 C:\Windows\system32\DriverStore\FileRepository\bth.inf_amd64_neutral_6c7b4ac630551f33\bthenum.sys
- 2010-08-01 13:21:00 . 2011-10-09 08:58:23 32768 C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-08-01 13:21:00 . 2011-10-10 18:02:54 32768 C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-08-01 13:21:00 . 2011-10-09 08:58:23 49152 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-08-01 13:21:00 . 2011-10-10 18:02:54 49152 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54:19 . 2011-10-10 18:02:54 16384 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54:19 . 2011-10-09 08:58:23 16384 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-10-10 17:52:27 . 2011-07-09 05:16:52 49664 C:\Windows\servicing\GC64\tzupd.exe
- 2010-08-01 13:20:45 . 2010-02-02 08:39:25 49664 C:\Windows\servicing\GC64\tzupd.exe
+ 2011-01-22 17:59:36 . 2011-10-10 22:13:22 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-01-22 17:59:36 . 2011-10-09 08:52:18 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-01-22 17:59:36 . 2011-10-10 22:13:22 32768 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-01-22 17:59:36 . 2011-10-09 08:52:18 32768 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-01-22 17:59:36 . 2011-10-09 08:52:18 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-01-22 17:59:36 . 2011-10-10 22:13:22 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-10-15 09:06:57 . 2011-10-10 22:03:12 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-10-15 09:06:57 . 2011-10-09 16:07:13 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-10-15 09:06:57 . 2011-10-09 16:07:13 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-10-15 09:06:57 . 2011-10-10 22:03:12 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-01-13 07:59:06 . 2011-10-10 22:12:40 1870 C:\Windows\system32\wdi\ERCQueuedResolutions.dat
- 2011-10-09 08:52:18 . 2011-10-09 08:52:18 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-10-10 22:13:20 . 2011-10-10 22:13:20 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-10-10 22:13:19 . 2011-10-10 22:13:19 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-10-09 08:52:18 . 2011-10-09 08:52:18 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-10-10 17:52:14 . 2011-07-27 04:30:35 361472 C:\Windows\SysWOW64\IME\IMEJP10\IMJPAPI.DLL
- 2009-07-13 23:26:59 . 2009-07-14 01:15:35 361472 C:\Windows\SysWOW64\IME\IMEJP10\IMJPAPI.DLL
+ 2010-10-15 10:03:33 . 2011-10-10 04:12:38 313856 C:\Windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2011-10-10 17:52:14 . 2011-07-27 05:31:49 546304 C:\Windows\system32\IME\IMEJP10\IMJPAPI.DLL
- 2009-07-13 23:40:33 . 2009-07-14 01:41:16 546304 C:\Windows\system32\IME\IMEJP10\IMJPAPI.DLL
+ 2009-07-14 05:30:40 . 2011-10-10 17:55:48 143360 C:\Windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30:40 . 2011-10-06 20:51:19 143360 C:\Windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30:40 . 2011-10-06 20:51:17 143360 C:\Windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30:40 . 2011-10-10 17:55:48 143360 C:\Windows\system32\DriverStore\infstor.dat
+ 2009-07-14 00:06:55 . 2009-07-14 01:39:10 229376 C:\Windows\system32\DriverStore\FileRepository\bth.inf_amd64_neutral_6c7b4ac630551f33\fsquirt.exe
+ 2011-10-10 17:52:12 . 2011-04-28 03:58:42 552448 C:\Windows\system32\DriverStore\FileRepository\bth.inf_amd64_neutral_6c7b4ac630551f33\bthport.sys
- 2009-07-14 05:31:42 . 2010-08-01 14:20:54 399360 C:\Windows\system32\DriverStore\drvindex.dat
+ 2009-07-14 05:31:42 . 2011-10-10 17:55:48 399360 C:\Windows\system32\DriverStore\drvindex.dat
+ 2009-07-14 04:45:55 . 2011-10-10 17:59:28 3801083 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45:55 . 2011-10-06 20:40:48 3801083 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 02:34:08 . 2011-10-10 21:41:53 10485760 C:\Windows\system32\SMI\Store\Machine\schema.dat
- 2009-07-14 02:34:08 . 2011-10-09 09:29:47 10485760 C:\Windows\system32\SMI\Store\Machine\schema.dat

-- Snapshot reset to current date --

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Elbserver"="C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe" [2010-06-22 08:39:28 81264]
"VRLPHelper"="C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe" [2010-06-22 08:39:28 183152]
"uTorrent"="C:\Program Files (x86)\uTorrent\uTorrent.exe" [2011-01-22 19:49:00 395128]
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 09:20:12 1305408]
"OM2_Monitor"="C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-05-28 16:59:42 95800]
"AutoStartNPSAgent"="C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [2010-07-04 17:13:56 95576]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2009-07-14 01:39:41 1475072]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-01 13:44:41 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 03:16:04 284696]
"ISBMgr.exe"="C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-05-31 16:01:52 673136]
"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 00:57:28 35760]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 18:37:40 932288]
"Norton Online Backup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 14:33:10 1155928]
"PMBVolumeWatcher"="C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-06-01 02:01:54 600928]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-02-18 10:43:18 248040]
"SHTtray.exe"="C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe" [2010-06-20 20:47:16 99696]
"WinampAgent"="C:\Program Files (x86)\Winamp\winampa.exe" [2010-11-30 13:19:40 74752]
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 09:44:34 31072]
"SSBkgdUpdate"="C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 09:03:38 210472]
"OpwareSE4"="C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 12:02:14 79400]
"QuickTime Task"="C:\Program Files (x86)\QuickTime\qttask.exe" [2006-09-01 15:57:48 282624]
"StartCCC"="C:\Program Files (x86)\ATI\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-08 12:27:50 343168]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-9 1128224]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

R2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-01 13:44:07 136176]
R3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 04:45:56 169312]
R3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-01 13:44:07 136176]
R3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys [x]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys [x]
R3 TFsExDisk;TFsExDisk;C:\Windows\System32\Drivers\TFsExDisk.sys [2010-06-14 07:32:54 16448]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 14:56:02 384880]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-06-09 14:57:16 101232]
R3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;C:\Windows\System32\Drivers\PxHlpa64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;C:\Windows\system32\DRIVERS\ehdrv.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe [x]
S2 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-11-18 12:11:36 810144]
S2 epfwwfpr;epfwwfpr;C:\Windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 03:16:06 13336]
S2 ICQ Service;ICQ Service;C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-09-06 18:56:38 247096]
S2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 12:07:22 503080]
S2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 02:01:56 367456]
S2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2010-05-25 04:23:52 252416]
S2 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-20 20:47:18 108400]
S2 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 06:07:12 423280]
S2 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-20 20:47:16 67952]
S2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 09:59:10 104960]
S2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-28 20:02:57 2320920]
S2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 17:00:52 575856]
S2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-06-17 11:44:10 851824]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-06-09 14:55:00 537456]
S2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-06-08 16:00:04 836608]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys [x]
S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-06-06 21:13:46 304496]
S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2011-09-23 13:37:08 1429608]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys [x]


[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
2009-07-14 01:14:15 301568 ----a-w- C:\Windows\System32\cmd.exe

Contents of the 'Scheduled Tasks' folder

2011-10-10 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-01 13:44:09 . 2010-08-01 13:44:07]

2011-10-10 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-01 13:44:09 . 2010-08-01 13:44:07]


--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-31 21:38:57 10775584]
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" [2010-05-31 21:38:47 2040352]
"Apoint"="C:\Program Files (x86)\Apoint\Apoint.exe" [BU]
"CanonSolutionMenu"="C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 01:43:00 767312]
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 02:50:00 2726728]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-11-18 12:11:32 2919168]

------- Supplementary Scan -------

uLocal Page = C:\Windows\system32\blank.htm
uStart Page = hxxp://start.icq.com/
mLocal Page = C:\Windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: WikiKomentáre Google... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.5.1
FF - ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\na314e36.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/

- - - - ORPHANS REMOVED - - - -

Wow6432Node-HKLM-Run-ApnUpdater - C:\Program Files (x86)\Ask.com\Updater\Updater.exe

ComboFix je již OK. Zkuste sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Dejte log. Zkuste ho raději spustit v nouz. režimu.