VIRY.CZ

Zdravím páni,
poprosil by som o skontrolovanie logu.
Jedná sa o notebook Fujitsu Siemens ( užívateľka žena, takže treba chápať )
Notebook nebol pred tým žiadno čistený.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Užívateľ at 2012-02-03 12:27:18
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 13 GB (12%) free of 114 GB
Total RAM: 765 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:28:08, on 3. 2. 2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Fujitsu Siemens Computers\DeskView\Common\FscHMCfg.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Program Files\Office\Office12\GrooveMonitor.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SiteRanker\SiteRankTray.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Cyberlink\Shared files\brs.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\PC Tools Security\pctsGui.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\PC Tools Security\pctsAuxs.exe
C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
C:\Program Files\PC Tools Security\pctsSvc.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\WINDOWS\system32\ctfmon.exe
C:\DOCUME~1\UVATE~1\LOCALS~1\Temp\Rar$EX00.812\maydesign mxClock\mxClock.exe
C:\Program Files\ICQ7.4\ICQ.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Fujitsu Siemens Computers\DeskView\Presentation\DskEngy.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\FinePixViewer\QuickDCF2.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Office\Office12\ONENOTEM.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Užívateľ\Plocha\RSIT.exe
C:\Program Files\trend micro\Užívateľ.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.imesh.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search13.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60415
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=9705
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll
R3 - URLSearchHook: Games.com Toolbar Search Class - {e3dce200-ae96-4a64-9fe7-b5d2d8569768} - C:\Program Files\Games.com Toolbar\gamescomtb.dll
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\PROGRA~1\SITERA~1\SiteRank.dll
O2 - BHO: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll
O2 - BHO: RadioBar Toolbar - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Program Files\RadioBar\toolbar.ni.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Office\Office12\GrooveShellExtensions.dll
O2 - BHO: DVDVideoSoftTB - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Zango - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5825.1100\swg.dll
O2 - BHO: Games.com Toolbar Loader - {b07040d6-4cb3-4af4-8a5c-038b7cd8a5d8} - C:\Program Files\Games.com Toolbar\gamescomtb.dll
O2 - BHO: DataMngr - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\BROWSE~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll
O3 - Toolbar: Zango - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O3 - Toolbar: RadioBar Toolbar - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Program Files\RadioBar\toolbar.ni.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Games.com Toolbar - {9da1bcf1-77f5-41c5-b7c3-c597dc20752c} - C:\Program Files\Games.com Toolbar\gamescomtb.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll
O3 - Toolbar: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll
O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [TouchPadHotKey] C:\Program Files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SiteRanker] "C:\Program Files\SiteRanker\SiteRankTray.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\PC Tools Security\pctsGui.exe" /hideGUI
O4 - HKLM\..\Run: [Google Updater] "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -check_deprecation
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Zango\bin\10.3.36.0\Weather.exe" -auto
O4 - HKCU\..\Run: [mxClock] C:\DOCUME~1\UVATE~1\LOCALS~1\Temp\Rar$EX00.812\maydesign mxClock\mxClock.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 4] "C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Office\Office12\ONENOTEM.EXE
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: DeskView Presentation.lnk = C:\Program Files\Fujitsu Siemens Computers\DeskView\Presentation\DskEngy.exe
O4 - Global Startup: ExifLauncher2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... p=GRman000
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Desktop Notes - {035E680E-B668-472F-91F3-E850BCC5051F} - C:\Program Files\Crawler\Notes\CNotes.exe
O9 - Extra button: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Stylish Profile\ct.htm
O9 - Extra 'Tools' menuitem: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Stylish Profile\ct.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\Office\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Office\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Office\Office12\GrooveSystemServices.dll
O18 - Protocol: toolbarchrome - {718733BC-AD64-4E5F-AC18-A85FBD75D54D} - C:\Program Files\RadioBar\toolbar.ni.dll
O20 - AppInit_DLLs: C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Fujitsu Siemens Computers HMC Service (FscHmCfg) - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens Computers\DeskView\Common\FscHMCfg.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate1c9fc076cdc6ac8) (gupdate1c9fc076cdc6ac8) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\PC Tools Security\pctsSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 17240 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Norton Security Scan for Užívateľ.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Užívateľ\Data aplikací\Mozilla\Firefox\Profiles\40a7rcro.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://search.imesh.com"
prefs.js - "extensions.enabledItems" - "wrc@avast.com:6.0.1367, {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0, {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.8.6, {8675f4b3-2f19-11ed-2d6b-0800600c0a19}:1.0, {493b4069-8c4f-4b4a-8f8c-506200c9887a}:5.87.1.6112, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, jqs@sun.com:1.0, {8675f4b3-2f19-11ed-2d6b-0800600c0a16}:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {8a6264b5-a8f2-494b-8f37-cf898a763e42}:2.3.0.4, {63414328-3ab4-2c84-6c41-5a473c4b2ff7}:1.0, {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1, siteranker@siteranker.com:1.0, {6236BA26-C117-4007-928C-DE0716C7FA80}:1.0.21, {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.8, {7645f4b1-1f19-13dd-2d6b-0200600c2a56}:1.0, {6236BA26-C117-4007-928C-DE0716C7FA96}:1.0.8, {8675f4b3-2f19-11ed-2d6b-0800600c0a17}:1.0, {8675f4b3-2f19-11ed-2d6b-0800600c0a18}:1.0, wtxpcom@mybrowserbar.com:4.9, {28387537-e3f9-4ed7-860c-11e69af4a8a0}:4.5.0.01, youtubedownloader@mybrowserbar.com:4.9, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =937811&p="

"Zango@Zango.com"=C:\Program Files\Zango\bin\10.3.36.0\firefox\extensions
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"siteranker@siteranker.com"=C:\Program Files\SiteRanker\firefox\
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@joj.sk/TV_JOJ_Media_Player]
"Description"=TV JOJ Media Player
"Path"=C:\Program Files\TV JOJ Media Player\npplugin_netscape.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=14]
"Description"=Google Updater
"Path"=C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571]
"Description"=RealMedia Plugin
"Path"=C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739]
"Description"=RealPlayer Version Plugin
"Path"=C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@zylom.com/ZylomGamesPlayer]
"Description"=Zylom Games Player 1.00
"Path"=C:\Documents and Settings\All Users\Data aplikací\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}

C:\Program Files\Mozilla Firefox\components\
aboutRights.js
aboutRobots.js
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GoogleDesktopMozilla.dll
GoogleDesktopMozillaStub.js
GoogleDesktopMozillaStub.xpt
jsconsole-clhandler.js
npclntax.xpt
nppl3260.xpt
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsHandlerService.js
nsHelperAppDlg.js
nsIQTScriptablePlugin.xpt
nsIZylomPlugin.xpt
nsJSRealPlayerPlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesTransactionsService.js
nsPostUpdateWin.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
qippipe.dll
qippipe.xpt
storage-Legacy.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat

C:\Program Files\Mozilla Firefox\plugins\
install.rdf
libdivx.dll
npclntax_ZangoSA.dll
npdeploytk.dll
npdivx32.dll
npdivx32.xpt
npdnu.dll
npdnu.xpt
npdnupdater2.dll
npdnupdater2.xpt
npnul32.dll
NPOFF12.DLL
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
nprpjplug.dll
npzylomgamesplayer.dll
QuickTimePlugin.class
ssldivx.dll

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
crawlersrch.xml
dunaj-sk.xml
eBay.xml
fcmdSrch.xml
google.xml
googledesktop.xml
SearchResults.xml
wikipedia-sk.xml
yahoo.xml
zoznam-sk.xml

C:\Documents and Settings\Užívateľ\Data aplikací\Mozilla\Firefox\Profiles\40a7rcro.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
{28387537-e3f9-4ed7-860c-11e69af4a8a0}
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{493b4069-8c4f-4b4a-8f8c-506200c9887a}
{6236BA26-C117-4007-928C-DE0716C7FA80}
{6236BA26-C117-4007-928C-DE0716C7FA96}
{63414328-3ab4-2c84-6c41-5a473c4b2ff7}
{635abd67-4fe9-1b23-4f01-e679fa7484c1}
{7645f4b1-1f19-13dd-2d6b-0200600c2a56}
{800b5000-a755-47e1-992b-48a1c1357f07}
{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
{8675f4b3-2f19-11ed-2d6b-0800600c0a17}
{8675f4b3-2f19-11ed-2d6b-0800600c0a18}
{8675f4b3-2f19-11ed-2d6b-0800600c0a19}
{8a6264b5-a8f2-494b-8f37-cf898a763e42}
{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
{EEE6C361-6118-11DC-9C72-001320C79847}

C:\Documents and Settings\Užívateľ\Data aplikací\Mozilla\Firefox\Profiles\40a7rcro.default\searchplugins\
aol-search.xml
askcom.xml
bing.xml
conduit.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
inbox-search.xml
mywebsearch.xml
qip-search.xml
qipsearch.xml
SearchResults.xml
sweetim.xml
web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}]
C:\PROGRA~1\SITERA~1\SiteRank.dll [2010-01-28 318904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
Wincore Mediabar - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll [2011-10-30 89008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5B291E6C-9A74-4034-971B-A4B007A0B315}]
RadioBar Toolbar - C:\Program Files\RadioBar\toolbar.ni.dll [2010-01-11 451808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}]
Zango

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5825.1100\swg.dll [2011-08-26 841880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b07040d6-4cb3-4af4-8a5c-038b7cd8a5d8}]
Games.com Toolbar Loader - C:\Program Files\Games.com Toolbar\gamescomtb.dll [2010-09-03 1353032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}]
DataMngr - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\BROWSE~1.DLL [2011-10-30 101256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]
YouTube Downloader Toolbar - C:\Program Files\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll [2011-12-13 1071456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} -
{5B291E6C-9A74-4034-971B-A4B007A0B315} - RadioBar Toolbar - C:\Program Files\RadioBar\toolbar.ni.dll [2010-01-11 451808]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{9da1bcf1-77f5-41c5-b7c3-c597dc20752c} - Games.com Toolbar - C:\Program Files\Games.com Toolbar\gamescomtb.dll [2010-09-03 1353032]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]
{872b5b88-9db5-4310-bdd0-ac189557e5f5} - DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll [2011-05-09 176936]
{28387537-e3f9-4ed7-860c-11e69af4a8a0} - Wincore Mediabar - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll [2011-10-30 89008]
{F3FEE66E-E034-436a-86E4-9690573BEE8A} - YouTube Downloader Toolbar - C:\Program Files\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll [2011-12-13 1071456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SiSPower"=SiSPower.dll,ModeAgent []
"TouchPadHotKey"=C:\Program Files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe [2007-08-13 364544]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-08-10 16384000]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-02-07 54832]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-05-16 213936]
"Corel File Shell Monitor"=C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [2008-08-18 16712]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"GrooveMonitor"=C:\Program Files\Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"SiteRanker"=C:\Program Files\SiteRanker\SiteRankTray.exe [2010-01-28 279552]
"PinnacleDriverCheck"=C:\WINDOWS\system32\\PSDrvCheck.exe [2004-03-10 406016]
"QuickTime Task"=C:\Program Files\QuickTime Alternative\QTTask.exe [2007-10-19 286720]
"RemoteControl10"=C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-02 87336]
"BDRegion"=C:\Program Files\Cyberlink\Shared files\brs.exe [2010-06-28 75048]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2011-07-24 30192]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"ISTray"=C:\Program Files\PC Tools Security\pctsGui.exe [2010-12-01 1589208]
"Google Updater"=C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2011-09-18 161336]
"DATAMNGR"=C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE [2011-10-30 1694128]
""= []
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2011-12-13 922976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"WeatherDPA"=C:\Program Files\Zango\bin\10.3.36.0\Weather.exe -auto []
"mxClock"=C:\DOCUME~1\UVATE~1\LOCALS~1\Temp\Rar$EX00.812\maydesign mxClock\mxClock.exe [2006-10-12 720482]
"OEXPRESS"= []
"ICQ"=C:\Program Files\ICQ7.4\ICQ.exe [2011-04-02 119608]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-07-24 39408]
"Advanced SystemCare 4"=C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe [2011-05-28 412560]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe [2009-02-03 240544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-23 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Utility Tray.lnk]
C:\WINDOWS\system32\sistray.exe [2007-08-03 262144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^WirelessSelector.lnk]
C:\PROGRA~1\FSC\WIRELE~1\WIRELE~1.EXE [2007-08-14 650752]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
DeskView Presentation.lnk - C:\Program Files\Fujitsu Siemens Computers\DeskView\Presentation\DskEngy.exe
ExifLauncher2.lnk - C:\Program Files\FinePixViewer\QuickDCF2.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Documents and Settings\Užívateľ\Nabídka Start\Programy\Po spuštění
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, msansspc.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=157

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Office\Office12\OUTLOOK.EXE"="C:\Program Files\Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\Office\Office12\GROOVE.EXE"="C:\Program Files\Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Office\Office12\ONENOTE.EXE"="C:\Program Files\Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Pinnacle\Studio 10\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\Program Files\Pinnacle\Studio 10\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi"
"C:\Program Files\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe"="C:\Program Files\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe:*:Enabled:CyberLink PowerDVD 10.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"
"C:\Program Files\iMesh Applications\MediaBar\Datamngr\ToolBar\dtUser.exe"="C:\Program Files\iMesh Applications\MediaBar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=vdrcodec.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=AC3ACM.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.xvid"=xvidvfw.dll
"vidc.DIVX"=DivX.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.MJPG"=Pvmjpg30.dll
"VIDC.PIM1"=pclepim1.dll
"VIDC.FFDS"=ff_vfw.dll

======List of files/folders created in the last 1 month======

2012-02-03 12:27:20 ----D---- C:\Program Files\trend micro
2012-02-03 12:27:18 ----D---- C:\rsit
2012-01-29 10:30:00 ----D---- C:\Documents and Settings\Užívateľ\Data aplikací\PriceGong
2012-01-22 10:01:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2012-01-14 15:40:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-01-14 15:39:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2012-01-14 15:28:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2012-01-14 15:01:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2012-01-14 14:37:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2012-01-04 18:22:01 ----D---- C:\Documents and Settings\Užívateľ\Data aplikací\Search Settings
2012-01-04 18:21:18 ----D---- C:\Program Files\Application Updater
2012-01-04 18:21:16 ----D---- C:\Program Files\YouTube Downloader Toolbar
2012-01-04 18:21:16 ----D---- C:\Program Files\Common Files\Spigot

======List of files/folders modified in the last 1 month======

2012-02-03 12:27:24 ----D---- C:\WINDOWS\Prefetch
2012-02-03 12:27:20 ----RD---- C:\Program Files
2012-02-03 10:45:52 ----A---- C:\WINDOWS\NeroDigital.ini
2012-02-03 10:22:12 ----D---- C:\Program Files\Mozilla Firefox
2012-02-03 10:15:26 ----D---- C:\WINDOWS\Temp
2012-01-31 17:01:51 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2012-01-30 16:22:16 ----D---- C:\Program Files\FinePixViewer
2012-01-29 21:31:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-01-29 11:35:39 ----D---- C:\Program Files\Common Files\Symantec Shared
2012-01-29 10:33:15 ----D---- C:\WINDOWS\system32
2012-01-29 10:30:31 ----D---- C:\Program Files\DVDVideoSoftTB
2012-01-28 20:26:17 ----SHD---- C:\WINDOWS\Installer
2012-01-28 20:05:37 ----D---- C:\WINDOWS
2012-01-27 18:50:51 ----D---- C:\Program Files\PC Tools Security
2012-01-24 23:23:04 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-22 10:04:54 ----HD---- C:\WINDOWS\inf
2012-01-22 10:02:56 ----RSHD---- C:\WINDOWS\system32\dllcache
2012-01-20 12:38:35 ----HD---- C:\WINDOWS\$hf_mig$
2012-01-19 20:27:09 ----SD---- C:\WINDOWS\Tasks
2012-01-14 17:51:49 ----SHD---- C:\Config.Msi
2012-01-14 17:19:46 ----D---- C:\WINDOWS\Microsoft.NET
2012-01-14 17:19:34 ----RSD---- C:\WINDOWS\assembly
2012-01-14 15:40:35 ----A---- C:\WINDOWS\imsins.BAK
2012-01-14 15:29:12 ----A---- C:\WINDOWS\system32\MRT.exe
2012-01-14 15:19:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-01-14 15:17:38 ----D---- C:\WINDOWS\WinSxS
2012-01-14 14:56:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-01-07 19:54:12 ----SHD---- C:\System Volume Information
2012-01-04 18:21:16 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys [2007-03-05 20880]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2007-03-05 35600]
R0 PCTCore;PCTools KDS; C:\WINDOWS\system32\drivers\PCTCore.sys [2010-11-25 239168]
R0 pctDS;PC Tools Data Store; C:\WINDOWS\system32\drivers\pctDS.sys [2010-07-16 338880]
R0 pctEFA;PC Tools Extended File Attributes; C:\WINDOWS\system32\drivers\pctEFA.sys [2010-07-16 656320]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-03-13 685816]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2007-08-03 18688]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/09/04 00:45:11]; \??\C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl []
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R2 V7;V7; \??\C:\WINDOWS\system32\Drivers\V7.SYS []
R2 zntport;NTPort Library Driver; \??\C:\WINDOWS\system32\drivers\zntport.sys []
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-06-21 547072]
R3 ASAPIW2K;ASAPIW2K; C:\WINDOWS\System32\Drivers\ASAPIW2K.sys [2005-01-10 11264]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 FscCmos;FscCmos; C:\WINDOWS\system32\DRIVERS\FscCmos.sys [2007-08-02 9728]
R3 FscCpuid;FscCpuid; C:\WINDOWS\system32\DRIVERS\FscCpuid.sys [2007-08-02 10112]
R3 FscEfDmi;FscEfDmi; C:\WINDOWS\system32\DRIVERS\FscEfDmi.sys [2007-08-02 10752]
R3 FscTime;FscTime; C:\WINDOWS\system32\DRIVERS\FscTime.sys [2007-08-02 11904]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-08-10 4603904]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2007-08-03 321536]
R3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys [2007-05-16 42368]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
S1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
S1 glaide32;glaide32; \??\C:\WINDOWS\system32\drivers\glaide32.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 SUUSSNPO;SUUSSNPO; \??\C:\WINDOWS\system32\drivers\SUUSSNPO.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-05-09 36496]
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 FlashDrv;FlashDrv; C:\WINDOWS\system32\DRIVERS\FlashDrv.sys [2007-08-02 14848]
S3 FscBapi;FscBapi; C:\WINDOWS\system32\DRIVERS\FscBapi.sys [2007-08-02 11264]
S3 FscGabi;FscGabi; C:\WINDOWS\system32\DRIVERS\FscGabi.sys [2007-08-02 12160]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\NSNDIS5.SYS []
S3 OemF0211;OemF0211; C:\WINDOWS\system32\DRIVERS\OemF0211.sys [2007-08-02 27648]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 S3SavageNB;S3SavageNB; C:\WINDOWS\system32\DRIVERS\s3gnbm.sys [2004-08-03 166912]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 snpstd;VideoCAM Trek; C:\WINDOWS\system32\DRIVERS\snpstd.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2007-02-12 277784]
S4 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 AdvancedSystemCareService;Advanced SystemCare Service; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2011-12-14 748440]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 FscHmCfg;Fujitsu Siemens Computers HMC Service; C:\Program Files\Fujitsu Siemens Computers\DeskView\Common\FscHMCfg.exe [2007-07-09 95504]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-05-14 272024]
R2 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\PC Tools Security\pctsAuxs.exe [2010-03-15 366840]
R2 sdCoreService;PC Tools Security Service; C:\Program Files\PC Tools Security\pctsSvc.exe [2010-11-19 1150936]
R2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate1c9fc076cdc6ac8;Služba Google Update (gupdate1c9fc076cdc6ac8); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-03 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-18 194104]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-03-11 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2011-07-24 30192]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-03 133104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Také zdravím!
Poprosím o log ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

ComboFix 12-02-03.02 - Užívateľ . 02. 2012 11:22:22.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.765.192 [GMT 1:00]
Spuštěný z: c:\documents and settings\U×Ývateż\Plocha\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msmqinst.log
c:\windows\system32\SET75.tmp
c:\windows\system32\SET79.tmp
c:\windows\system32\SET7A.tmp
c:\windows\system32\SET81.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_glaide32
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-04 do 2012-02-04 )))))))))))))))))))))))))))))))
.
.
2012-02-03 11:27 . 2012-02-03 11:28 -------- d-----w- c:\program files\trend micro
2012-02-03 11:27 . 2012-02-03 11:28 -------- d-----w- C:\rsit
2012-01-29 09:33 . 2012-01-29 09:33 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-29 09:30 . 2012-01-29 09:30 -------- d-----w- c:\documents and settings\Užívateľ\Data aplikací\PriceGong
2012-01-28 19:05 . 2012-01-28 19:05 1409 ----a-w- c:\windows\QTFont.for
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-22 12:20 . 2011-12-22 12:20 723294 ----a-w- c:\windows\unins000.exe
2011-11-28 18:01 . 2011-07-24 14:13 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-07-24 14:13 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-07-24 14:13 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-07-24 14:13 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2009-07-02 18:10 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-07-24 14:13 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2009-07-02 18:10 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2009-07-02 18:10 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2011-07-24 14:13 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2009-07-02 18:10 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-11-25 21:57 . 2007-08-07 14:15 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 14:40 . 2007-08-07 14:15 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 06:12 . 2007-08-07 14:14 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21 . 2007-08-07 14:15 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:21 . 2007-08-07 14:14 152064 ----a-w- c:\windows\system32\schannel.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2011-07-24 14:07 . 2011-07-24 14:07 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2009-08-31 16:55 . 2010-03-12 15:37 118000 ----a-w- c:\program files\mozilla firefox\components\qippipe.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\prxtbDVD2.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}]
2010-01-28 06:38 318904 ----a-w- c:\progra~1\SITERA~1\SiteRank.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
2011-10-30 08:46 89008 ----a-w- c:\progra~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5B291E6C-9A74-4034-971B-A4B007A0B315}]
2010-01-11 11:18 451808 ----a-w- c:\program files\RadioBar\toolbar.ni.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2011-05-09 09:49 176936 ----a-w- c:\program files\DVDVideoSoftTB\prxtbDVD2.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{5B291E6C-9A74-4034-971B-A4B007A0B315}"= "c:\program files\RadioBar\toolbar.ni.dll" [2010-01-11 451808]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\prxtbDVD2.dll" [2011-05-09 176936]
"{28387537-e3f9-4ed7-860c-11e69af4a8a0}"= "c:\progra~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll" [2011-10-30 89008]
.
[HKEY_CLASSES_ROOT\clsid\{5b291e6c-9a74-4034-971b-a4b007a0b315}]
[HKEY_CLASSES_ROOT\Pugi.PugiObj.1]
[HKEY_CLASSES_ROOT\TypeLib\{810FCC0F-2CA3-414a-B8C8-550910C8B664}]
[HKEY_CLASSES_ROOT\Pugi.PugiObj]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CLASSES_ROOT\clsid\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{5B291E6C-9A74-4034-971B-A4B007A0B315}"= "c:\program files\RadioBar\toolbar.ni.dll" [2010-01-11 451808]
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\program files\DVDVideoSoftTB\prxtbDVD2.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{5b291e6c-9a74-4034-971b-a4b007a0b315}]
[HKEY_CLASSES_ROOT\Pugi.PugiObj.1]
[HKEY_CLASSES_ROOT\TypeLib\{810FCC0F-2CA3-414a-B8C8-550910C8B664}]
[HKEY_CLASSES_ROOT\Pugi.PugiObj]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files\ICQ7.4\ICQ.exe" [2011-04-02 119608]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-07-24 39408]
"Advanced SystemCare 4"="c:\program files\IObit\Advanced SystemCare 4\ASCTray.exe" [2011-05-28 412560]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSPower"="SiSPower.dll" [2007-08-03 53248]
"TouchPadHotKey"="c:\program files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe" [2007-08-13 364544]
"RTHDCPL"="RTHDCPL.EXE" [2007-08-10 16384000]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 71216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-02-07 54832]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-05-16 213936]
"Corel File Shell Monitor"="c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [2008-08-18 16712]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"GrooveMonitor"="c:\program files\Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"SiteRanker"="c:\program files\SiteRanker\SiteRankTray.exe" [2010-01-28 279552]
"PinnacleDriverCheck"="c:\windows\system32\\PSDrvCheck.exe" [2004-03-10 406016]
"QuickTime Task"="c:\program files\QuickTime Alternative\QTTask.exe" [2007-10-19 286720]
"RemoteControl10"="c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336]
"BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2010-06-28 75048]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2011-07-24 30192]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"ISTray"="c:\program files\PC Tools Security\pctsGui.exe" [2010-12-01 1589208]
"Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2011-09-18 161336]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-12-13 922976]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Užívateľ\Nabídka Start\Programy\Po spuštění\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-5-17 661776]
DeskView Presentation.lnk - c:\program files\Fujitsu Siemens Computers\DeskView\Presentation\DskEngy.exe [2007-8-1 507904]
ExifLauncher2.lnk - c:\program files\FinePixViewer\QuickDCF2.exe [2010-8-27 303104]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Utility Tray.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Utility Tray.lnk
backup=c:\windows\pss\Utility Tray.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^WirelessSelector.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\WirelessSelector.lnk
backup=c:\windows\pss\WirelessSelector.lnkCommon Startup
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD10\\PowerDVD Cinema\\PowerDVDCinema10.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\iMesh Applications\\iMesh\\iMesh.exe"=
"c:\\Program Files\\iMesh Applications\\MediaBar\\Datamngr\\ToolBar\\dtUser.exe"=
.
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [24. 7. 2011 15:28 239168]
R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [24. 7. 2011 15:28 338880]
R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [24. 7. 2011 15:28 656320]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2. 3. 2008 14:56 685816]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [24. 7. 2011 15:13 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [24. 7. 2011 15:13 314456]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/09/04 00:45];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [28. 6. 2010 21:50 87536]
R2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\IObit\Advanced SystemCare 4\ASCService.exe [1. 8. 2011 13:28 353168]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [14. 12. 2011 13:13 748440]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [24. 7. 2011 15:13 20568]
R2 FscHmCfg;Fujitsu Siemens Computers HMC Service;c:\program files\Fujitsu Siemens Computers\DeskView\Common\FscHMCfg.exe [9. 7. 2007 22:27 95504]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [1. 7. 2008 19:30 247096]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools Security\pctsAuxs.exe [24. 7. 2011 15:24 366840]
R2 V7;V7;c:\windows\system32\drivers\V7.SYS [3. 9. 2010 23:02 7196]
R3 FscCmos;FscCmos;c:\windows\system32\drivers\FscCmos.sys [21. 2. 2008 20:07 9728]
R3 FscCpuid;FscCpuid;c:\windows\system32\drivers\FscCpuid.sys [21. 2. 2008 20:07 10112]
R3 FscEfDmi;FscEfDmi;c:\windows\system32\drivers\FscEfDmi.sys [21. 2. 2008 20:07 10752]
R3 FscTime;FscTime;c:\windows\system32\drivers\FscTime.sys [21. 2. 2008 20:07 11904]
S2 gupdate1c9fc076cdc6ac8;Služba Google Update (gupdate1c9fc076cdc6ac8);c:\program files\Google\Update\GoogleUpdate.exe [3. 7. 2009 18:55 133104]
S2 SUUSSNPO;SUUSSNPO;\??\c:\windows\system32\drivers\SUUSSNPO.sys --> c:\windows\system32\drivers\SUUSSNPO.sys [?]
S3 FlashDrv;FlashDrv;c:\windows\system32\drivers\FlashDrv.sys [21. 2. 2008 20:07 14848]
S3 FscBapi;FscBapi;c:\windows\system32\drivers\FscBapi.sys [21. 2. 2008 20:07 11264]
S3 FscGabi;FscGabi;c:\windows\system32\drivers\FscGabi.sys [21. 2. 2008 20:07 12160]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [24. 7. 2011 15:07 30192]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [3. 7. 2009 18:55 133104]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15. 1. 2010 13:49 227232]
S3 OemF0211;OemF0211;c:\windows\system32\drivers\OemF0211.sys [21. 2. 2008 20:07 27648]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - PCTSDInjDriver32
.
Obsah adresáře 'Naplánované úlohy'
.
2012-02-03 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-16 10:02]
.
2012-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-03 17:55]
.
2012-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-03 17:55]
.
2012-01-29 c:\windows\Tasks\Norton Security Scan for Užívateľ.job
- c:\progra~1\NORTON~2\Engine\313~1.7\Nss.exe [2011-06-26 06:22]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.imesh.com
uDefault_Search_URL = hxxp://search.qip.ru
mStart Page = hxxp://home.sweetim.com
uSearchAssistant = hxxp://search.qip.ru/ie
uCustomizeSearch = hxxp://search13.net/
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\Office\Office12\EXCEL.EXE/3000
IE: {{035E680E-B668-472F-91F3-E850BCC5051F} - c:\program files\Crawler\Notes\CNotes.exe
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
Handler: toolbarchrome - {718733BC-AD64-4e5f-AC18-A85FBD75D54D} - c:\program files\RadioBar\toolbar.ni.dll
FF - ProfilePath - c:\documents and settings\Užívateľ\Data aplikací\Mozilla\Firefox\Profiles\40a7rcro.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://search.imesh.com
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: WincoreMediabar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - %profile%\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
FF - Ext: QipAuthorizer: {32a1fd71-835e-4b11-8e54-886fda0b4c89} - %profile%\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
FF - Ext: Games.com Toolbar: {493b4069-8c4f-4b4a-8f8c-506200c9887a} - %profile%\extensions\{493b4069-8c4f-4b4a-8f8c-506200c9887a}
FF - Ext: Stylish Profile: {6236BA26-C117-4007-928C-DE0716C7FA80} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
FF - Ext: Usage Stat: {6236BA26-C117-4007-928C-DE0716C7FA96} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
FF - Ext: QAssistant: {63414328-3ab4-2c84-6c41-5a473c4b2ff7} - %profile%\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}
FF - Ext: QAssistant: {63414328-3ab4-2c84-6c41-5a473c4b2ff7} - %profile%\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}
FF - Ext: U Flv: {7645f4b1-1f19-13dd-2d6b-0200600c2a56} - %profile%\extensions\{7645f4b1-1f19-13dd-2d6b-0200600c2a56}
FF - Ext: {7645f4b1-1f19-13dd-2d6b-0200600c2a56}: {7645f4b1-1f19-13dd-2d6b-0200600c2a56} - %profile%\extensions\{7645f4b1-1f19-13dd-2d6b-0200600c2a56}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: KFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a16} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a16}: {8675f4b3-2f19-11ed-2d6b-0800600c0a16} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
FF - Ext: VFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a17} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a17}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a17}: {8675f4b3-2f19-11ed-2d6b-0800600c0a17} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a17}
FF - Ext: VFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a18} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a18}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a18}: {8675f4b3-2f19-11ed-2d6b-0800600c0a18} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a18}
FF - Ext: Feedback module: {8675f4b3-2f19-11ed-2d6b-0800600c0a19} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a19}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a19}: {8675f4b3-2f19-11ed-2d6b-0800600c0a19} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a19}
FF - Ext: Net Games Toolbar: {8a6264b5-a8f2-494b-8f37-cf898a763e42} - %profile%\extensions\{8a6264b5-a8f2-494b-8f37-cf898a763e42}
FF - Ext: DVDVideoSoft Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - %profile%\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
FF - Ext: SweetIM Toolbar for Firefox: {EEE6C361-6118-11DC-9C72-001320C79847} - %profile%\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: SiteRanker: siteranker@siteranker.com - c:\program files\SiteRanker\firefox
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-OEXPRESS - (no file)
AddRemove-{A9DCC49B-E188-4A4D-8125-5E66121CBA53} - c:\program files\Mesa Dynamics
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-04 12:17
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
C:\## aswSnx private storage
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1606980848-1677128483-839522115-500_Classes\Software\CLASSES\CLSID\{2CDC19AF-8603-2A41-69DD-72C69844EE53}*\InprocServer32]
"{2CDC19AF-8603-2A41-69DD-72C69844EE53}"=hex:a5,cf,39,a0,8d,84,6a,c8,02,89,95,
ff,bd,13,f5,9f,4f,a8,ce,8f,ed,d1,fc,92,a5,cf,39,a0,8d,84,6a,c8,a5,cf,39,a0,\
.
[HKEY_USERS\S-1-5-21-1606980848-1677128483-839522115-500_Classes\Software\CLASSES\CLSID\{4ADD3D0D-1B17-5755-7F97-AD2A71A2E27A}*\InprocServer32]
"{4ADD3D0D-1B17-5755-7F97-AD2A71A2E27A}"=hex:1e,73,f3,70,50,35,18,65,d4,81,4f,
63,7b,6a,29,c6,b2,36,3b,28,f3,d1,5d,95,1e,73,f3,70,50,35,18,65,1e,73,f3,70,\
.
[HKEY_USERS\S-1-5-21-1606980848-1677128483-839522115-500_Classes\Software\CLASSES\CLSID\{50B22C5B-FF37-F69D-6540-4D9CA61E6256}*\InprocServer32]
"{50B22C5B-FF37-F69D-6540-4D9CA61E6256}"=hex:e7,43,de,8f,8e,0b,c0,09,c2,6e,d0,
40,84,21,ca,19,d9,47,b1,cb,bf,3b,d2,67,e7,43,de,8f,8e,0b,c0,09,e7,43,de,8f,\
.
[HKEY_USERS\S-1-5-21-1606980848-1677128483-839522115-500_Classes\Software\CLASSES\CLSID\{5956025D-122E-984A-B0AB-A95C4402A935}*\InprocServer32]
"{5956025D-122E-984A-B0AB-A95C4402A935}"=hex:a1,32,f4,39,c3,87,f2,f0,06,25,2c,
0d,da,3a,b5,92,14,2b,df,b7,30,64,a6,7b,a1,32,f4,39,c3,87,f2,f0,a1,32,f4,39,\
.
[HKEY_USERS\S-1-5-21-1606980848-1677128483-839522115-500_Classes\Software\CLASSES\CLSID\{802C461E-D244-85C4-2DE7-48FF83089E92}*\InprocServer32]
"{802C461E-D244-85C4-2DE7-48FF83089E92}"=hex:b4,48,dc,a0,4b,8d,42,68,59,5f,cb,
12,22,dc,bb,b5,ec,99,dd,cc,3e,70,d1,d1,b4,48,dc,a0,4b,8d,42,68,b4,48,dc,a0,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):ef,7e,46,ce,b1,07,6b,3e,57,0a,11,be,3f,da,66,4a,18,3c,41,fc,eb,
e9,94,21,b2,b3,93,5a,34,ce,3b,e6,c1,84,32,c7,f7,d9,ad,32,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{636cbc88-5b43-4bf6-9721-ad7090a449ad}]
@Denied: (Full) (Everyone)
"Model"=dword:00000076
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,49,8c,bf,1a,9d,fe,41,71,cb,3f,46,a4,7c,ab,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2564)
c:\windows\system32\WS2_32.dll
c:\windows\system32\WS2HELP.dll
c:\windows\system32\mswsock.dll
c:\windows\System32\wshtcpip.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\MPR.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\PC Tools Security\pctsSvc.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\progra~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
c:\program files\Java\jre6\bin\jucheck.exe
.
**************************************************************************
.
Celkový čas: 2012-02-04 12:45:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-02-04 11:44
.
Před spuštěním: Volných bajtů: 14 245 523 456
Po spuštění: Volných bajtů: 15 901 753 344
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 58E09A1E9F5A671D5AB36D1748808877

Ještě dočistíme. Přesuňte Combofix na kořenový adresář C:\. Otevřte poznámový blok a zkopírujte do něj:

Folder::
c:\program files\SiteRanker
c:\Program Files\iMesh Applications
c:\program files\RadioBar
c:\program files\ICQ6Toolbar

Driver::
ICQ Service

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5B291E6C-9A74-4034-971B-A4B007A0B315}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{5B291E6C-9A74-4034-971B-A4B007A0B315}"=-
"{28387537-e3f9-4ed7-860c-11e69af4a8a0}"=-
[-HKEY_CLASSES_ROOT\clsid\{5b291e6c-9a74-4034-971b-a4b007a0b315}]
[-HKEY_CLASSES_ROOT\Pugi.PugiObj.1]
[-HKEY_CLASSES_ROOT\TypeLib\{810FCC0F-2CA3-414a-B8C8-550910C8B664}]
[-HKEY_CLASSES_ROOT\Pugi.PugiObj]
[-HKEY_CLASSES_ROOT\clsid\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{5B291E6C-9A74-4034-971B-A4B007A0B315}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SearchSettings"=-

Firefox::
FF - ProfilePath - c:\documents and settings\Užívateľ\Data aplikací\Mozilla\Firefox\Profiles\40a7rcro.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://search.imesh.com
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =937811&p=
FF - Ext: WincoreMediabar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - %profile%\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
FF - Ext: QipAuthorizer: {32a1fd71-835e-4b11-8e54-886fda0b4c89} - %profile%\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
FF - Ext: Games.com Toolbar: {493b4069-8c4f-4b4a-8f8c-506200c9887a} - %profile%\extensions\{493b4069-8c4f-4b4a-8f8c-506200c9887a}
FF - Ext: Stylish Profile: {6236BA26-C117-4007-928C-DE0716C7FA80} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
FF - Ext: Usage Stat: {6236BA26-C117-4007-928C-DE0716C7FA96} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
FF - Ext: QAssistant: {63414328-3ab4-2c84-6c41-5a473c4b2ff7} - %profile%\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}
FF - Ext: QAssistant: {63414328-3ab4-2c84-6c41-5a473c4b2ff7} - %profile%\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}
FF - Ext: U Flv: {7645f4b1-1f19-13dd-2d6b-0200600c2a56} - %profile%\extensions\{7645f4b1-1f19-13dd-2d6b-0200600c2a56}
FF - Ext: {7645f4b1-1f19-13dd-2d6b-0200600c2a56}: {7645f4b1-1f19-13dd-2d6b-0200600c2a56} - %profile%\extensions\{7645f4b1-1f19-13dd-2d6b-0200600c2a56}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: KFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a16} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a16}: {8675f4b3-2f19-11ed-2d6b-0800600c0a16} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
FF - Ext: VFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a17} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a17}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a17}: {8675f4b3-2f19-11ed-2d6b-0800600c0a17} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a17}
FF - Ext: VFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a18} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a18}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a18}: {8675f4b3-2f19-11ed-2d6b-0800600c0a18} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a18}
FF - Ext: Feedback module: {8675f4b3-2f19-11ed-2d6b-0800600c0a19} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a19}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a19}: {8675f4b3-2f19-11ed-2d6b-0800600c0a19} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a19}
FF - Ext: Net Games Toolbar: {8a6264b5-a8f2-494b-8f37-cf898a763e42} - %profile%\extensions\{8a6264b5-a8f2-494b-8f37-cf898a763e42}
FF - Ext: SweetIM Toolbar for Firefox: {EEE6C361-6118-11DC-9C72-001320C79847} - %profile%\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
FF - Ext: SiteRanker: siteranker@siteranker.com - c:\program files\SiteRanker\firefox

RegLock::
[HKEY_USERS\S-1-5-21-1606980848-1677128483-839522115-500_Classes\Software\CLASSES\CLSID\{2CDC19AF-8603-2A41-69DD-72C69844EE53}*\InprocServer32]
[HKEY_USERS\S-1-5-21-1606980848-1677128483-839522115-500_Classes\Software\CLASSES\CLSID\{4ADD3D0D-1B17-5755-7F97-AD2A71A2E27A}*\InprocServer32]
[HKEY_USERS\S-1-5-21-1606980848-1677128483-839522115-500_Classes\Software\CLASSES\CLSID\{50B22C5B-FF37-F69D-6540-4D9CA61E6256}*\InprocServer32]
[HKEY_USERS\S-1-5-21-1606980848-1677128483-839522115-500_Classes\Software\CLASSES\CLSID\{5956025D-122E-984A-B0AB-A95C4402A935}*\InprocServer32]
[HKEY_USERS\S-1-5-21-1606980848-1677128483-839522115-500_Classes\Software\CLASSES\CLSID\{802C461E-D244-85C4-2DE7-48FF83089E92}*\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{636cbc88-5b43-4bf6-9721-ad7090a449ad}]

Uložte rovněž do kořenového adresáře C:\ jako CFScript.txt. Pak přes průzkumník windows, nebo jiný souborový manažér přesuňte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

OK, vykonal som. Vypísalo toto:

ComboFix 12-02-03.02 - Užívateľ . 02. 2012 14:02:26.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.765.224 [GMT 1:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Spyware Doctor with AntiVirus *Enabled/Updated* {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\program files\ICQ6Toolbar\voucher.bmp
c:\program files\ICQ6Toolbar\voucher2.bmp
c:\program files\iMesh Applications
c:\program files\iMesh Applications\iMesh\aac_parser.ax
c:\program files\iMesh Applications\iMesh\ac3filter.ax
c:\program files\iMesh Applications\iMesh\ammp3.dll
c:\program files\iMesh Applications\iMesh\avcodec-51.dll
c:\program files\iMesh Applications\iMesh\avformat-51.dll
c:\program files\iMesh Applications\iMesh\avutil-49.dll
c:\program files\iMesh Applications\iMesh\BerkeleyLoader.dll
c:\program files\iMesh Applications\iMesh\CDRip.dll
c:\program files\iMesh Applications\iMesh\Copy_Folder.bat
c:\program files\iMesh Applications\iMesh\DiscoveryHelper.dll
c:\program files\iMesh Applications\iMesh\FixAudioDriverSignature.reg
c:\program files\iMesh Applications\iMesh\GIFAnimator.dll
c:\program files\iMesh Applications\iMesh\HTML\error.html
c:\program files\iMesh Applications\iMesh\HTML\Images\bg-top.jpg
c:\program files\iMesh Applications\iMesh\HTML\Images\closeRecommend.gif
c:\program files\iMesh Applications\iMesh\HTML\loading.html
c:\program files\iMesh Applications\iMesh\HTML\noInternet.html
c:\program files\iMesh Applications\iMesh\HTML\offline.html
c:\program files\iMesh Applications\iMesh\HTML\Recommendation_Offline.html
c:\program files\iMesh Applications\iMesh\ImageUploader5.ocx
c:\program files\iMesh Applications\iMesh\iMesh.exe
c:\program files\iMesh Applications\iMesh\iMesh.ico
c:\program files\iMesh Applications\iMesh\IMTrProgress.dll
c:\program files\iMesh Applications\iMesh\IMWebControl.dll
c:\program files\iMesh Applications\iMesh\InstallHelper.dll
c:\program files\iMesh Applications\iMesh\lame_enc.dll
c:\program files\iMesh Applications\iMesh\libungif4.dll
c:\program files\iMesh Applications\iMesh\lic_helper.dll
c:\program files\iMesh Applications\iMesh\license.txt
c:\program files\iMesh Applications\iMesh\MP4Splitter.ax
c:\program files\iMesh Applications\iMesh\MpaDecFilter.ax
c:\program files\iMesh Applications\iMesh\Nickel.ocx
c:\program files\iMesh Applications\iMesh\ResourcesLoc.dll
c:\program files\iMesh Applications\iMesh\sciter-x.dll
c:\program files\iMesh Applications\iMesh\SHW32.DLL
c:\program files\iMesh Applications\iMesh\Skins\Default.skn
c:\program files\iMesh Applications\iMesh\Skins\Default.xml
c:\program files\iMesh Applications\iMesh\Skins\html\albumsview\albums.css
c:\program files\iMesh Applications\iMesh\Skins\html\albumsview\albums.html
c:\program files\iMesh Applications\iMesh\Skins\html\albumsview\images\defpreview.png
c:\program files\iMesh Applications\iMesh\Skins\html\albumsview\images\playbtn.png
c:\program files\iMesh Applications\iMesh\Skins\html\albumsview\images\playing.png
c:\program files\iMesh Applications\iMesh\Skins\html\artistsview\artists.css
c:\program files\iMesh Applications\iMesh\Skins\html\artistsview\artists.html
c:\program files\iMesh Applications\iMesh\Skins\html\artistsview\header.css
c:\program files\iMesh Applications\iMesh\Skins\html\artistsview\header.html
c:\program files\iMesh Applications\iMesh\Skins\html\artistsview\images\defpreview.png
c:\program files\iMesh Applications\iMesh\Skins\html\artistsview\images\play.png
c:\program files\iMesh Applications\iMesh\Skins\html\artistsview\images\play_disabled.png
c:\program files\iMesh Applications\iMesh\Skins\html\artistsview\images\play_down.png
c:\program files\iMesh Applications\iMesh\Skins\html\artistsview\images\play_over.png
c:\program files\iMesh Applications\iMesh\Skins\html\cdripview\cdrip_view.css
c:\program files\iMesh Applications\iMesh\Skins\html\cdripview\cdrip_view.html
c:\program files\iMesh Applications\iMesh\Skins\html\cdripview\cdrip_view.tis
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\images\active.png
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\images\azure.png
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\images\black.png
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\images\blue.png
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\images\bs.png
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\images\byzantium.png
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\images\close-hovered.png
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\images\close-normal.png
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\images\close-pressed.png
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\images\close.png
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\images\dark-blue.png
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\images\green.png
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\images\grey.png
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\images\hover.png
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\images\inactive.png
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\images\magenta.png
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\images\olive.png
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\images\orange.png
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\images\pink.png
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\images\pro.png
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\images\red.png
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\pro-view.html
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\scheme.css
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\scheme.tis
c:\program files\iMesh Applications\iMesh\Skins\html\colorsbubble\view.html
c:\program files\iMesh Applications\iMesh\Skins\html\common.css
c:\program files\iMesh Applications\iMesh\Skins\html\common.tis
c:\program files\iMesh Applications\iMesh\Skins\html\guitest.html
c:\program files\iMesh Applications\iMesh\Skins\html\images\defalbum.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\defbutton.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\ls_btn.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\ls_btn_hover.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\ls_btn_pressed.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\sbv_bottom.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\sbv_bottom_over.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\sbv_bottom_pressed.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\sbv_fill.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\sbv_slider.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\sbv_slider_center.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\sbv_slider_center_over.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\sbv_slider_center_pressed.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\sbv_slider_over.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\sbv_slider_pressed.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\sbv_top.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\sbv_top_over.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\sbv_top_pressed.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\th_btn.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\th_btn_hover.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\th_btn_pressed.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\tip.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\tipb.png
c:\program files\iMesh Applications\iMesh\Skins\html\images\white.png
c:\program files\iMesh Applications\iMesh\Skins\html\videosview\images\defpreview.png
c:\program files\iMesh Applications\iMesh\Skins\html\videosview\images\list_btn.png
c:\program files\iMesh Applications\iMesh\Skins\html\videosview\images\playbtn.png
c:\program files\iMesh Applications\iMesh\Skins\html\videosview\images\playing.png
c:\program files\iMesh Applications\iMesh\Skins\html\videosview\videos.css
c:\program files\iMesh Applications\iMesh\Skins\html\videosview\videos.html
c:\program files\iMesh Applications\iMesh\Skins\Images\DefArtwork.jpg
c:\program files\iMesh Applications\iMesh\Skins\Images\DefFemale.gif
c:\program files\iMesh Applications\iMesh\Skins\Images\DefMale.gif
c:\program files\iMesh Applications\iMesh\Skins\Images\FriendshipNotif.jpg
c:\program files\iMesh Applications\iMesh\Skins\Images\SendPlaylist.jpg
c:\program files\iMesh Applications\iMesh\Skins\Images\TAFLogo.PNG
c:\program files\iMesh Applications\iMesh\Skins\Images\ToGoLogo.PNG
c:\program files\iMesh Applications\iMesh\Skins\RemoteSkin.wmz
c:\program files\iMesh Applications\iMesh\Skins\Settings.xml
c:\program files\iMesh Applications\iMesh\UninstallUsers.exe
c:\program files\iMesh Applications\iMesh\UpdateInst.exe
c:\program files\iMesh Applications\iMesh\WMAProfiles.prx
c:\program files\iMesh Applications\iMesh\WMHelper.dll
c:\program files\iMesh Applications\iMesh\WMHelper.log
c:\program files\iMesh Applications\MediaBar\Datamngr\BrowserConnection.dll
c:\program files\iMesh Applications\MediaBar\Datamngr\datamngr.dll
c:\program files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe
c:\program files\iMesh Applications\MediaBar\Datamngr\DnsBHO.dll
c:\program files\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\components\DataMngrHlp.dll
c:\program files\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\components\DataMngrHlp.xpt
c:\program files\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\components\DataMngrHlpFF3.dll
c:\program files\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\components\DataMngrHlpFF4.dll
c:\program files\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\components\DataMngrHlpFF5.dll
c:\program files\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\components\DataMngrHlpFF6.dll
c:\program files\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\components\DataMngrHlpFF7.dll
c:\program files\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\content\DataMngr.js
c:\program files\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\content\DnsBHO.js
c:\program files\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\content\Error404BHO.js
c:\program files\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\content\NewTabBHO.js
c:\program files\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\content\overlay.js
c:\program files\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\content\overlay.xul
c:\program files\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\content\RelatedSearch.js
c:\program files\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\content\SearchBHO.js
c:\program files\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\content\SettingManager.js
c:\program files\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\content\Settings.xml
c:\program files\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\content\Settings.xml.alt
c:\program files\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\chrome.manifest
c:\program files\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\chrome.manifest.alt
c:\program files\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\install.rdf
c:\program files\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\install.rdf.alt
c:\program files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\as_guid.dat
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\components\windowmediator.js
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\dtUser.exe
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\data\search\engines.xml
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\data\search\search.xsl
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\imeshcode.js
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\about.xml
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\dtxpanel.xul
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\dtxpaneltransparent.xul
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\dtxtransparentwin.xul
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\dtxwin.xul
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\external.js
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\imeshcode.js
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\neterror.xhtml
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\rsspreview.html
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\rsswin.xml
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\rsswin.xsl
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\vmncode.js
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib\wmpstreamer.html
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\modules\datastore.jsm
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\modules\nsDragAndDrop.js
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\neterror.xhtml
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\partner.coupons.xml
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\preferences.xml
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\radiobeta.js
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\template.xml
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\toolbar.htm
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\toolbar.xul
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\vmncode.js
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\vmnrsswin.xml
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_icon.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_iconFF.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_iconPressed.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_iconPressedFF.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_pref_icon.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox\thumbs\tb_thumb_icon.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox\widget.js
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox\widget.jsw
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox\widget.xml
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\tb_icon.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.js
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.xml
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget_version
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\about_logo.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\babylon_logo.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\bluelite.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\bluesky.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\btn-search-over.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\btn-search.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\btn-settings-over.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\btn-settings.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\btn-widgets-over.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\btn-widgets.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\btn_settings.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\ca.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\dictionary.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\divider.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\downloadcom.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\dtxlogo.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\ebay.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\ebay_png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\email.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\email_on.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\email_png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\facebook.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\games.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\go_idle.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\go_rollover.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphred0.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphred0_5.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphred1.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphred1_5.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphred2.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphred2_5.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphred3.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphred3_5.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphred4.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphred4_5.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphred5.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\graphredna.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\grey.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\ico-shield.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\icon_amazon.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\icon_seperator_png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\icon_twitter.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\icon_youtube.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\images.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\imesh.css
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\add.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\aol.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\arrow-right-disabled.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\arrow-right.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\arrow-up.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-divider.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-divider.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\blank.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets-over.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\btn_slider.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\btnback-vista.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\btnright-vista.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\collapse.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\comcast.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\dtx.css
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\edit-back.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\expand.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\found.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\gmail.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\highlight.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\highlight_blue.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\highlight_lime.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\hotmail.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\checkmark.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\chevron.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\ico-check.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\imap.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\loadingMid.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\lock.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\logo-separator.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\mailcom.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_white.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-down-vista.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-vista.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\modify.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\move.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\movetarget.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\css\panels.css
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupAbout.css
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupGames.css
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupRSS.css
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css\dialog.css
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\bg.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-search.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close-over.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\default.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-l.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-r.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-l.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-r.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\transparent.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-left.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-mdl.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-right.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-left.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-mdl.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right-resize.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-left.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-right.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\main.html
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts\defscript.js
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\footer.htm
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\gamecategory.xsl
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\gameData.js
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\gameList.xsl
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\games.xsl
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\gametype.xsl
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-dn.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-up.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-right.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-back.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-drag.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl-over.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-moredetails.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left-over.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-right-over.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left-over.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bullet-orange.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-dollar.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-download.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-news24.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-play.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-tags.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Add.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-download.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Info.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-play.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-shop.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\initHTML.html
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\popupGames.html
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\popupHTML.html
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\popupRSS.html
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\scroll.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\pop.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\css\manager.css
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\css\slider.css
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-radio.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\music-note.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-buffer.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slider.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slideron.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images\track.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\managerpanel.html
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\volumeslider.html
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-buffering.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-connecting.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-playing.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-stopped.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radiobeta.ico
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\reload.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\remove.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\rename.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\resize-box.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\rss.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\rsschannelback.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\RSSLogo.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\rsstabdivider.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\scroll-left.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\scroll-right.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\search-go.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\search.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\text-ellipsis.xml
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\throbber.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\toolbarsplitter.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\transparent_1px.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_02.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_03.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_04.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_06.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_07.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_08.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_09.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_10.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_11.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_12.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_13.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_15.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_16.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_18.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_19.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_20.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_21.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-hot.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-normal.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\loadingMid.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\proxy.html
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.html
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.xml
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\templateFF.html
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa\throbber.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-t.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\yahoo.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lichen.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\logo-about.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\logo-over.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\logo-separator.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\logo.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\logo_about_png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\logo_over_png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\logo_over_t_png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\logo_png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\logo_t_png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\mail.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\maps.bmp
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\menuseparatorback.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\modify-save.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\modify.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\modifyhot.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\music.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\news.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\options\options-main.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\options\options-search.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\options\options-weather.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\options\options-weather.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\options\options-widgets.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\orange.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\pixsy.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\protect-id.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\radiobeta-buffering.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\radiobeta-connecting.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\radiobeta-playing.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\radiobeta-stopped.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\radiobeta.ico
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\relatedlinks.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rss-collapse.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rss-delete.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rss-expand.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rss-feed.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rss-folder-remove.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rss-folder-rename.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rss-folder.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rss-found.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rss-reload.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rss-subscribe.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rss.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rssback.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\rsstopback.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\search-over.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\search.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\search_button_over_png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\search_button_png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-left.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-right.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\settings.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\shopping.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\siteinfo.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\skin-bluelite.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\skin-bluesky.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\skin-grey.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\skin-lichen.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\skin-orange.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\skin-yellow.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\skin.xml
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\technorati.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\throbber.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\toolbarsplitter.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\translate.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\TRUSTe_about.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\video.bmp
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\vmn.css
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\vmn.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\weather.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\web.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\widgets-square-16px.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\wikipedia.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\Wincore_icon20.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\Wincore_with_shade.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\Wincore_with_shade16.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\yahoosearch.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\yellow.gif
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\youtube.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\zoom.png
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\manifest.xml
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\uninstall.exe
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\wincoreimband.dll
c:\program files\iMesh Applications\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll
c:\program files\iMesh Applications\MediaBar\sysid.ini
c:\program files\iMesh Applications\MediaBar\uninstall.exe
c:\program files\Mozilla Firefox\components\npclntax.xpt
c:\program files\Mozilla Firefox\plugins\npclntax_ZangoSA.dll
c:\program files\RadioBar
c:\program files\RadioBar\configuration.xml
c:\program files\RadioBar\icon_logo.bmp
c:\program files\RadioBar\images.bmp
c:\program files\RadioBar\INSTALL.LOG
c:\program files\RadioBar\latestVersion.txt
c:\program files\RadioBar\lip.exe
c:\program files\RadioBar\radio\ajax.js
c:\program files\RadioBar\radio\bg.gif
c:\program files\RadioBar\radio\bg.jpg
c:\program files\RadioBar\radio\bg.png
c:\program files\RadioBar\radio\equ_animated.gif
c:\program files\RadioBar\radio\equ_off.png
c:\program files\RadioBar\radio\lines.png
c:\program files\RadioBar\radio\minus.png
c:\program files\RadioBar\radio\play.png
c:\program files\RadioBar\radio\play_hover.png
c:\program files\RadioBar\radio\plus.png
c:\program files\RadioBar\radio\radio.html
c:\program files\RadioBar\radio\radio.js
c:\program files\RadioBar\radio\radio2.js
c:\program files\RadioBar\radio\stations.xml
c:\program files\RadioBar\radio\stop.png
c:\program files\RadioBar\radio\stop_hover.png
c:\program files\RadioBar\thisversion.txt
c:\program files\RadioBar\TollbarHome.rtf
c:\program files\RadioBar\toolbar.ni.dll
c:\program files\RadioBar\Uninstall.exe
c:\program files\RadioBar\UNWISE.EXE
c:\program files\SiteRanker
c:\program files\SiteRanker\firefox\components\siterank.dll
c:\program files\SiteRanker\firefox\components\siterank.xpt
c:\program files\SiteRanker\firefox\chrome.manifest
c:\program files\SiteRanker\firefox\chrome\content\siterank.js
c:\program files\SiteRanker\firefox\chrome\content\siterank.xul
c:\program files\SiteRanker\firefox\install.rdf
c:\program files\SiteRanker\SiteRank.dll
c:\program files\SiteRanker\SiteRankTray.exe
c:\program files\SiteRanker\unins000.dat
c:\program files\SiteRanker\unins000.exe
c:\windows\gvcasinos.ini
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-04 do 2012-02-04 )))))))))))))))))))))))))))))))
.
.
2012-02-04 12:00 . 2012-02-04 12:00 -------- d-----w- c:\documents and settings\All Users\Data aplikací\BigFishSavedGames
2012-02-03 11:27 . 2012-02-03 11:28 -------- d-----w- c:\program files\trend micro
2012-02-03 11:27 . 2012-02-03 11:28 -------- d-----w- C:\rsit
2012-01-29 09:33 . 2012-01-29 09:33 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-29 09:30 . 2012-01-29 09:30 -------- d-----w- c:\documents and settings\Užívateľ\Data aplikací\PriceGong
2012-01-28 19:05 . 2012-01-28 19:05 1409 ----a-w- c:\windows\QTFont.for
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 18:01 . 2011-07-24 14:13 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-07-24 14:13 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-07-24 14:13 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-07-24 14:13 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2009-07-02 18:10 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-07-24 14:13 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2009-07-02 18:10 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2009-07-02 18:10 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2011-07-24 14:13 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2009-07-02 18:10 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-11-25 21:57 . 2007-08-07 14:15 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 14:40 . 2007-08-07 14:15 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 06:12 . 2007-08-07 14:14 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21 . 2007-08-07 14:15 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:21 . 2007-08-07 14:14 152064 ----a-w- c:\windows\system32\schannel.dll
2011-07-24 14:07 . 2011-07-24 14:07 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2009-08-31 16:55 . 2010-03-12 15:37 118000 ----a-w- c:\program files\mozilla firefox\components\qippipe.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files\ICQ7.4\ICQ.exe" [2011-04-02 119608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSPower"="SiSPower.dll" [2007-08-03 53248]
"TouchPadHotKey"="c:\program files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe" [2007-08-13 364544]
"RTHDCPL"="RTHDCPL.EXE" [2007-08-10 16384000]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 71216]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-05-16 213936]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"GrooveMonitor"="c:\program files\Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"PinnacleDriverCheck"="c:\windows\system32\\PSDrvCheck.exe" [2004-03-10 406016]
"QuickTime Task"="c:\program files\QuickTime Alternative\QTTask.exe" [2007-10-19 286720]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2011-07-24 30192]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Užívateľ\Nabídka Start\Programy\Po spuštění\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-5-17 661776]
ExifLauncher2.lnk - c:\program files\FinePixViewer\QuickDCF2.exe [2010-8-27 303104]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Utility Tray.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Utility Tray.lnk
backup=c:\windows\pss\Utility Tray.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^WirelessSelector.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\WirelessSelector.lnk
backup=c:\windows\pss\WirelessSelector.lnkCommon Startup
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [24. 7. 2011 15:28 239168]
R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [24. 7. 2011 15:28 338880]
R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [24. 7. 2011 15:28 656320]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2. 3. 2008 14:56 685816]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [24. 7. 2011 15:13 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [24. 7. 2011 15:13 314456]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [14. 12. 2011 13:13 748440]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [24. 7. 2011 15:13 20568]
S2 gupdate1c9fc076cdc6ac8;Služba Google Update (gupdate1c9fc076cdc6ac8);c:\program files\Google\Update\GoogleUpdate.exe [3. 7. 2009 18:55 133104]
S2 SUUSSNPO;SUUSSNPO;\??\c:\windows\system32\drivers\SUUSSNPO.sys --> c:\windows\system32\drivers\SUUSSNPO.sys [?]
S3 FlashDrv;FlashDrv;c:\windows\system32\drivers\FlashDrv.sys [21. 2. 2008 20:07 14848]
S3 FscBapi;FscBapi;c:\windows\system32\drivers\FscBapi.sys [21. 2. 2008 20:07 11264]
S3 FscCmos;FscCmos;c:\windows\system32\drivers\FscCmos.sys [21. 2. 2008 20:07 9728]
S3 FscCpuid;FscCpuid;c:\windows\system32\drivers\FscCpuid.sys [21. 2. 2008 20:07 10112]
S3 FscEfDmi;FscEfDmi;c:\windows\system32\drivers\FscEfDmi.sys [21. 2. 2008 20:07 10752]
S3 FscGabi;FscGabi;c:\windows\system32\drivers\FscGabi.sys [21. 2. 2008 20:07 12160]
S3 FscTime;FscTime;c:\windows\system32\drivers\FscTime.sys [21. 2. 2008 20:07 11904]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [24. 7. 2011 15:07 30192]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [3. 7. 2009 18:55 133104]
S3 OemF0211;OemF0211;c:\windows\system32\drivers\OemF0211.sys [21. 2. 2008 20:07 27648]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools Security\pctsAuxs.exe [24. 7. 2011 15:24 366840]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}
*Deregistered* - PCTSDInjDriver32
.
Obsah adresáře 'Naplánované úlohy'
.
2012-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-03 17:55]
.
2012-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-03 17:55]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.imesh.com
uDefault_Search_URL = hxxp://search.qip.ru
mStart Page = hxxp://home.sweetim.com
uSearchAssistant = hxxp://search.qip.ru/ie
uCustomizeSearch = hxxp://search13.net/
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\Office\Office12\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
Handler: toolbarchrome - {718733BC-AD64-4e5f-AC18-A85FBD75D54D} -
FF - ProfilePath - c:\documents and settings\Užívateľ\Data aplikací\Mozilla\Firefox\Profiles\40a7rcro.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: WincoreMediabar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - %profile%\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
FF - Ext: QipAuthorizer: {32a1fd71-835e-4b11-8e54-886fda0b4c89} - %profile%\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
FF - Ext: Games.com Toolbar: {493b4069-8c4f-4b4a-8f8c-506200c9887a} - %profile%\extensions\{493b4069-8c4f-4b4a-8f8c-506200c9887a}
FF - Ext: Stylish Profile: {6236BA26-C117-4007-928C-DE0716C7FA80} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
FF - Ext: Usage Stat: {6236BA26-C117-4007-928C-DE0716C7FA96} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
FF - Ext: QAssistant: {63414328-3ab4-2c84-6c41-5a473c4b2ff7} - %profile%\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}
FF - Ext: QAssistant: {63414328-3ab4-2c84-6c41-5a473c4b2ff7} - %profile%\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}
FF - Ext: U Flv: {7645f4b1-1f19-13dd-2d6b-0200600c2a56} - %profile%\extensions\{7645f4b1-1f19-13dd-2d6b-0200600c2a56}
FF - Ext: {7645f4b1-1f19-13dd-2d6b-0200600c2a56}: {7645f4b1-1f19-13dd-2d6b-0200600c2a56} - %profile%\extensions\{7645f4b1-1f19-13dd-2d6b-0200600c2a56}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: KFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a16} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a16}: {8675f4b3-2f19-11ed-2d6b-0800600c0a16} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
FF - Ext: VFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a17} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a17}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a17}: {8675f4b3-2f19-11ed-2d6b-0800600c0a17} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a17}
FF - Ext: VFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a18} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a18}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a18}: {8675f4b3-2f19-11ed-2d6b-0800600c0a18} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a18}
FF - Ext: Feedback module: {8675f4b3-2f19-11ed-2d6b-0800600c0a19} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a19}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a19}: {8675f4b3-2f19-11ed-2d6b-0800600c0a19} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a19}
FF - Ext: Net Games Toolbar: {8a6264b5-a8f2-494b-8f37-cf898a763e42} - %profile%\extensions\{8a6264b5-a8f2-494b-8f37-cf898a763e42}
FF - Ext: DVDVideoSoft Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - %profile%\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
FF - Ext: SweetIM Toolbar for Firefox: {EEE6C361-6118-11DC-9C72-001320C79847} - %profile%\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - c:\progra~1\IMESHA~1\MediaBar\Datamngr\BROWSE~1.DLL
HKLM-Run-SiteRanker - c:\program files\SiteRanker\SiteRankTray.exe
HKLM-Run-DATAMNGR - c:\progra~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
AddRemove-RadioBar - c:\program files\RadioBar\UNINSTALL.exe
AddRemove-Wincore MediaBar - c:\program files\iMesh Applications\MediaBar\uninstall.exe
AddRemove-{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1 - c:\program files\SiteRanker\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-04 14:29
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1606980848-1677128483-839522115-500_Classes\Software\CLASSES\CLSID\{2CDC19AF-8603-2A41-69DD-72C69844EE53}*\InprocServer32]
"{2CDC19AF-8603-2A41-69DD-72C69844EE53}"=hex:a5,cf,39,a0,8d,84,6a,c8,02,89,95,
ff,bd,13,f5,9f,4f,a8,ce,8f,ed,d1,fc,92,a5,cf,39,a0,8d,84,6a,c8,a5,cf,39,a0,\
.
[HKEY_USERS\S-1-5-21-1606980848-1677128483-839522115-500_Classes\Software\CLASSES\CLSID\{4ADD3D0D-1B17-5755-7F97-AD2A71A2E27A}*\InprocServer32]
"{4ADD3D0D-1B17-5755-7F97-AD2A71A2E27A}"=hex:1e,73,f3,70,50,35,18,65,d4,81,4f,
63,7b,6a,29,c6,b2,36,3b,28,f3,d1,5d,95,1e,73,f3,70,50,35,18,65,1e,73,f3,70,\
.
[HKEY_USERS\S-1-5-21-1606980848-1677128483-839522115-500_Classes\Software\CLASSES\CLSID\{50B22C5B-FF37-F69D-6540-4D9CA61E6256}*\InprocServer32]
"{50B22C5B-FF37-F69D-6540-4D9CA61E6256}"=hex:e7,43,de,8f,8e,0b,c0,09,c2,6e,d0,
40,84,21,ca,19,d9,47,b1,cb,bf,3b,d2,67,e7,43,de,8f,8e,0b,c0,09,e7,43,de,8f,\
.
[HKEY_USERS\S-1-5-21-1606980848-1677128483-839522115-500_Classes\Software\CLASSES\CLSID\{5956025D-122E-984A-B0AB-A95C4402A935}*\InprocServer32]
"{5956025D-122E-984A-B0AB-A95C4402A935}"=hex:a1,32,f4,39,c3,87,f2,f0,06,25,2c,
0d,da,3a,b5,92,14,2b,df,b7,30,64,a6,7b,a1,32,f4,39,c3,87,f2,f0,a1,32,f4,39,\
.
[HKEY_USERS\S-1-5-21-1606980848-1677128483-839522115-500_Classes\Software\CLASSES\CLSID\{802C461E-D244-85C4-2DE7-48FF83089E92}*\InprocServer32]
"{802C461E-D244-85C4-2DE7-48FF83089E92}"=hex:b4,48,dc,a0,4b,8d,42,68,59,5f,cb,
12,22,dc,bb,b5,ec,99,dd,cc,3e,70,d1,d1,b4,48,dc,a0,4b,8d,42,68,b4,48,dc,a0,\
.
Celkový čas: 2012-02-04 14:35:08
ComboFix-quarantined-files.txt 2012-02-04 13:35
ComboFix2.txt 2012-02-04 11:45
.
Před spuštěním: Volných bajtů: 19 225 214 976
Po spuštění: Volných bajtů: 19 165 138 944
.
- - End Of File - - 6D9B5E64F3CF6ECD9BD93D37441BF65F

Smazáno. Nastala nějaká změna?

Pravdupovediac ani moc nie, stále zamŕza.

OK. Udělejte sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 a dejte log.

Log z AVP:

Status: Deleted (events: 2)
5. 2. 2012 14:59:23 Deleted adware not-a-virus:AdWare.Win32.Zwangi.dms C:\Qoobox\Quarantine\C\Program Files\Mozilla Firefox\plugins\npclntax_ZangoSA.dll.vir Medium
5. 2. 2012 15:19:52 Deleted adware not-a-virus:AdWare.Win32.Zwangi.dms C:\System Volume Information\_restore{D1B3071F-DBDE-4107-ABD4-3F7750C095B0}\RP760\A0227597.dll Medium

Jeden byl ze zálohy ComboFixu a druhý ze zálohy systému. Oba smazáni. Co jste instaloval těsně před tím, než se problém objevil?

Ťažko povedať, to je sestrin notebook a ona tam inštalovala samé hry (cca 100 mb hry).

Vyčistěte PC CCleanerem: http://forum.viry.cz/viewtopic.php?f=46&t=7478 , případně defragmentujte disk. Pokud se stav ani pak nezmění, budete muste jednu hru po druhé odinstalovat a zkoušet, kdy změna nastane. Připustit lze i možnost poškození systému.