Dobrý den, před časem nám počítač hlásil nějakou havěť. Teď už tam prý nic není, ale od té doby mi jede všechno hrozitánsky pomalu.
Logfile of random's system information tool 1.08 (written by random/random)
Run by admin at 2010-12-22 20:43:15
Microsoft Windows 7 Home Premium
System drive C: has 95 GB (38%) free of 250 GB
Total RAM: 2047 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:43:32, on 22.12.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Windows\SysWOW64\runonce.exe
C:\Windows\DAODx.exe
C:\Program Files\trend micro\admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15187&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HPUsageTracking] C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe "C:\Program Files (x86)\HP\HP UT\"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SWPROguard] C:\Program Files (x86)\Fighters\SPYWAREfighter\SWPROTray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [svchost.exe] C:\Users\admin\AppData\Roaming
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: svchost.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6707CCB2-C48C-40BC-A953-C7E2F168DF96}: NameServer = 213.194.204.126,85.132.148.70
O17 - HKLM\System\CS1\Services\Tcpip\..\{6707CCB2-C48C-40BC-A953-C7E2F168DF96}: NameServer = 213.194.204.126,85.132.148.70
O17 - HKLM\System\CS2\Services\Tcpip\..\{6707CCB2-C48C-40BC-A953-C7E2F168DF96}: NameServer = 213.194.204.126,85.132.148.70
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Stavová služba ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AV Engine Scanning Service - Preventon Technologies Limited - C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe
O23 - Service: AV Watch Service - Preventon Technologies Limited - C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SensorsVService - Unknown owner - C:\Program Files (x86)\SensorsViewPro41\svservice.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\FighterSuiteService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8732 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2d8
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
atieclxx
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
C:\Windows\SysWOW64\runonce.exe /Run6432
"C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.exe"
\??\C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {FC04D9B1-BACF-4CC4-B5A7-04BB021A0981}
taskeng.exe {44ABCF4C-F9B1-4F04-95D1-950F6F6D02DA}
C:\Windows\DAODx.exe
"C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe"
"C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"C:\Program Files (x86)\SensorsViewPro41\svservice.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Fighters\FighterSuiteService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE" -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\admin\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2009-11-24 1536456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"svchost.exe"=C:\Users\admin\AppData\Roaming []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2010-01-24 2157056]
""= []
"HPUsageTracking"=C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [2007-05-04 36864]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"SWPROguard"=C:\Program Files (x86)\Fighters\SPYWAREfighter\SWPROTray.exe [2010-12-21 983688]
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-12-22 20:43:15 ----D---- C:\rsit
2010-12-22 16:38:16 ----D---- C:\Program Files (x86)\Fighters
2010-12-22 16:38:10 ----HDC---- C:\ProgramData\{9BD83767-EB49-45A6-B0F1-0DB1897926F9}
2010-12-21 10:10:46 ----A---- C:\Windows\system32\drivers\avfsfilter.sys
2010-12-20 15:11:48 ----A---- C:\Users\admin\AppData\Roaming\svchost.exe
2010-12-18 15:06:25 ----A---- C:\Windows\SYSWOW64\javaws.exe
2010-12-18 15:06:25 ----A---- C:\Windows\SYSWOW64\javaw.exe
2010-12-18 15:06:25 ----A---- C:\Windows\SYSWOW64\java.exe
2010-12-16 13:33:23 ----D---- C:\Program Files\CCleaner
2010-12-16 13:13:20 ----D---- C:\Program Files\trend micro
2010-12-15 16:34:01 ----A---- C:\Windows\SYSWOW64\tzres.dll
2010-12-15 16:34:01 ----A---- C:\Windows\system32\tzres.dll
2010-12-15 16:33:51 ----A---- C:\Windows\system32\taskschd.dll
2010-12-15 16:33:51 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-15 16:33:50 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2010-12-15 16:33:50 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2010-12-15 16:33:50 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2010-12-15 16:33:50 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2010-12-15 16:33:50 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-15 16:33:50 ----A---- C:\Windows\system32\taskeng.exe
2010-12-15 16:33:50 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-15 16:33:50 ----A---- C:\Windows\system32\schtasks.exe
2010-12-15 16:33:46 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2010-12-15 16:33:46 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2010-12-15 16:33:46 ----A---- C:\Windows\system32\atmlib.dll
2010-12-15 16:33:46 ----A---- C:\Windows\system32\atmfd.dll
2010-12-15 16:33:45 ----A---- C:\Windows\system32\win32k.sys
2010-12-15 16:33:43 ----A---- C:\Windows\SYSWOW64\webio.dll
2010-12-15 16:33:43 ----A---- C:\Windows\system32\webio.dll
2010-12-15 16:33:40 ----A---- C:\Windows\system32\consent.exe
2010-12-15 16:33:37 ----A---- C:\Windows\system32\mshtml.dll
2010-12-15 16:33:36 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-12-15 16:33:36 ----A---- C:\Windows\system32\iertutil.dll
2010-12-15 16:33:36 ----A---- C:\Windows\system32\ieframe.dll
2010-12-15 16:33:35 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-12-15 16:33:35 ----A---- C:\Windows\system32\mstime.dll
2010-12-15 16:33:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-12-15 16:33:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-12-15 16:33:33 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-12-15 16:33:33 ----A---- C:\Windows\system32\wininet.dll
2010-12-15 16:33:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-12-15 16:33:32 ----A---- C:\Windows\system32\urlmon.dll
2010-12-15 16:33:32 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-15 16:33:32 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-15 16:33:31 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2010-12-15 16:33:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2010-12-15 16:33:31 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-12-15 16:33:31 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-12-15 16:33:31 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-12-15 16:33:31 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-15 16:33:31 ----A---- C:\Windows\system32\ieui.dll
2010-12-15 16:33:31 ----A---- C:\Windows\system32\iepeers.dll
2010-12-15 16:33:30 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-12-15 16:33:30 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2010-12-15 16:33:30 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-15 16:33:30 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-15 16:33:29 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-12-15 16:33:29 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-15 16:33:29 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-15 16:33:28 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-12-13 21:26:33 ----D---- C:\ProgramData\clp
2010-12-13 21:25:58 ----D---- C:\ProgramData\Common Toolkit Suite
2010-12-13 21:25:26 ----D---- C:\ProgramData\Fighters
2010-12-13 21:23:32 ----D---- C:\Users\admin\AppData\Roaming\Fighters
2010-12-12 21:23:52 ----D---- C:\Qoobox
2010-12-12 20:12:07 ----D---- C:\Users\admin\AppData\Roaming\QuickScan
2010-12-12 20:00:45 ----D---- C:\Program Files (x86)\ESET
======List of files/folders modified in the last 1 months======
2010-12-22 20:43:36 ----D---- C:\Windows\Temp
2010-12-22 20:43:32 ----D---- C:\Windows\Prefetch
2010-12-22 20:40:18 ----D---- C:\Windows\system32\config
2010-12-22 17:45:22 ----D---- C:\Windows\System32
2010-12-22 17:45:22 ----D---- C:\Windows\inf
2010-12-22 17:45:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-22 16:38:28 ----D---- C:\Windows\system32\drivers
2010-12-22 16:38:22 ----D---- C:\Windows\system32\catroot
2010-12-22 16:38:18 ----SHD---- C:\Windows\Installer
2010-12-22 16:38:16 ----RD---- C:\Program Files (x86)
2010-12-22 16:38:16 ----D---- C:\Program Files (x86)\Common Files
2010-12-22 16:38:10 ----HD---- C:\ProgramData
2010-12-21 09:10:24 ----SHD---- C:\System Volume Information
2010-12-19 11:22:06 ----D---- C:\Windows\system32\catroot2
2010-12-18 17:19:15 ----D---- C:\Users\admin\AppData\Roaming\Winamp
2010-12-18 15:06:25 ----D---- C:\Windows\SysWOW64
2010-12-18 15:06:20 ----D---- C:\Program Files (x86)\Java
2010-12-18 14:31:44 ----D---- C:\Program Files (x86)\Winamp
2010-12-18 14:31:13 ----D---- C:\Program Files (x86)\Winamp Detect
2010-12-16 22:14:50 ----D---- C:\Windows
2010-12-16 21:18:28 ----D---- C:\Windows\rescache
2010-12-16 13:34:52 ----D---- C:\Windows\debug
2010-12-16 13:33:23 ----RD---- C:\Program Files
2010-12-15 20:09:52 ----D---- C:\Windows\winsxs
2010-12-15 20:07:46 ----D---- C:\Windows\SYSWOW64\cs-CZ
2010-12-15 20:07:46 ----D---- C:\Windows\system32\cs-CZ
2010-12-15 20:07:42 ----D---- C:\Program Files\Windows Mail
2010-12-15 20:07:41 ----D---- C:\Program Files\Internet Explorer
2010-12-15 20:07:41 ----D---- C:\Program Files (x86)\Windows Mail
2010-12-15 20:07:41 ----D---- C:\Program Files (x86)\Internet Explorer
2010-12-15 20:07:40 ----D---- C:\Windows\SYSWOW64\migration
2010-12-15 20:07:40 ----D---- C:\Windows\system32\migration
2010-12-15 19:32:19 ----A---- C:\Windows\system32\MRT.exe
2010-12-15 18:05:12 ----SD---- C:\Users\admin\AppData\Roaming\Microsoft
2010-12-14 14:54:56 ----D---- C:\Windows\system32\wdi
2010-12-10 09:05:54 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2007-02-07 14104]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-02-15 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 28752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 121936]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 51280]
R1 sensorsview;sensorsview; \??\C:\Program Files (x86)\SensorsViewPro41\drv\sensorsview32_64.sys [2008-07-26 14544]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 20048]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
R3 AVFSFilter;AVFSFilter; C:\Windows\system32\DRIVERS\avfsfilter.sys [2010-12-21 13720]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2010-01-24 1196032]
S3 a0pucu2f;a0pucu2f; C:\Windows\system32\drivers\a0pucu2f.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 AV Engine Scanning Service;AV Engine Scanning Service; C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe []
R2 AV Watch Service;AV Watch Service; C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe []
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 SensorsVService;SensorsVService; C:\Program Files (x86)\SensorsViewPro41\svservice.exe [2010-06-17 923648]
R2 Suite Service;Suite Service; C:\Program Files (x86)\Fighters\FighterSuiteService.exe [2010-12-21 1141896]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-22 1255736]
S4 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2009-04-22 124256]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu
Zdravim a pekny vecer preji 
Vas log se studuje
a pracuje se na nem 
.
Prosim o strpeni!
Vas log se studuje
a pracuje se na nem .Prosim o strpeni!
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu
Havet tam jeste je a ne ze neee 
Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com
- Pokud ho havet blokuje, pouzijte jeden z nasledujicich
motji píše: Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe
Rkill SCR:
http://download.bleepingcomputer.com/grinler/rkill.scr
Rkill PIF:
http://download.bleepingcomputer.com/grinler/rkill.pif - Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
- Spustte tradicne dvojklikem - program probehne temer okamzite a ukonci i svou cinnost
- RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
- V zadnem pripade ted nerestartujte PC - prisli byste o ucinek RKillu
Spustte HJT a provedeme fixnuti polozek
- HJT najdete zde C:\Program Files\trend micro\admin.exe
- Otevre se Vam okno, kliknete na Do a system scan only
- V dalsim okne najdete radky které jsem Vam vypsal nize, vedle nich je ctverecek, do ktereho udelate zatrzitko
- R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15187&l=dis
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file) - Kliknete na Fix checked (vlevo dole)
- HJT se Vas zepta zda opravdu ANO, s tim souhlasite a je hotovo
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
yohannka
- Návštěvník
- Příspěvky: 20
- Registrován: 13 říj 2006 20:53
- Bydliště: Brno
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
vše provedeno, jenom Combofix mi nevytvořil žádný log a po dvou minutkách bylo hotovo...a jediný log, co jem našla bylo tohle
ComboFix 10-12-22.01 - admin 22.12.2010 22:14:09.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.2047.1085 [GMT 1:00]
Spuštěný z: C:\Users\admin\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: SPYWAREfighter *Disabled/Updated* {54CEAF19-6DDF-F31A-F96A-11F730C2EC03}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ComboFix 10-12-22.01 - admin 22.12.2010 22:14:09.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.2047.1085 [GMT 1:00]
Spuštěný z: C:\Users\admin\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: SPYWAREfighter *Disabled/Updated* {54CEAF19-6DDF-F31A-F96A-11F730C2EC03}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
Re: Prosím o kontrolu logu
No tak ten se trosku nepovedlo, nevadi, zkusime jinak 
Mimochodem, to Vam rekl kdo ze tam havet jiz neni 
Odinstalujte SPYWAREfighter - muze byt v kolizi s Avastem
Prihlaste se do nouzoveho rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti)
Prejmenujte combofix na cokoliv.com a spustte jej
Mimochodem, to Vam rekl kdo ze tam havet jiz neni Odinstalujte SPYWAREfighter - muze byt v kolizi s Avastem Prihlaste se do nouzoveho rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) Prejmenujte combofix na cokoliv.com a spustte jej"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
yohannka
- Návštěvník
- Příspěvky: 20
- Registrován: 13 říj 2006 20:53
- Bydliště: Brno
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
to jsem se špatně vyjádřila, to mi povídaly antivirové programy.. proto jsem zavítala radši sem
po restartu se combofix sám hezky dokončil, takže log máme
ComboFix 10-12-22.01 - admin 22.12.2010 22:14:09.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.2047.1085 [GMT 1:00]
Spuštěný z: c:\users\admin\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: SPYWAREfighter *Disabled/Updated* {54CEAF19-6DDF-F31A-F96A-11F730C2EC03}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.exe
c:\users\admin\AppData\Roaming\svchost.exe
c:\windows\TEMP\zvzgdjhr.vbt
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-22 do 2010-12-22 )))))))))))))))))))))))))))))))
.
2010-12-22 21:17 . 2010-12-22 21:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-22 19:43 . 2010-12-22 19:43 -------- d-----w- C:\rsit
2010-12-21 08:10 . 2010-11-10 05:35 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{511B754E-8160-46FE-A5F5-2600E594BAD1}\mpengine.dll
2010-12-20 14:11 . 2010-12-20 14:11 13824 ----a-w- c:\users\admin\avgupsvc.exe
2010-12-16 12:33 . 2010-12-16 12:33 -------- d-----w- c:\program files\CCleaner
2010-12-16 12:13 . 2010-12-22 19:43 -------- d-----w- c:\program files\trend micro
2010-12-15 15:34 . 2010-10-27 05:06 2048 ----a-w- c:\windows\system32\tzres.dll
2010-12-15 15:34 . 2010-10-27 04:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2010-12-13 20:26 . 2010-12-13 20:56 -------- d-----w- c:\programdata\clp
2010-12-13 20:25 . 2010-12-13 20:25 -------- d-----w- c:\programdata\Common Toolkit Suite
2010-12-13 20:23 . 2010-12-13 20:23 -------- d-----w- c:\users\admin\AppData\Local\PackageAware
2010-12-12 19:12 . 2010-12-13 21:04 -------- d-----w- c:\users\admin\AppData\Roaming\QuickScan
2010-12-09 10:47 . 2010-12-09 10:47 12800 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npwachk.dll
2010-11-23 22:29 . 2010-10-19 08:47 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-23 22:29 . 2010-10-19 08:10 7680 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-12 17:53 . 2010-06-02 10:45 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-10-19 09:41 . 2010-01-19 10:49 270720 ------w- c:\windows\system32\MpSigStub.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-01-24 2157056]
"HPUsageTracking"="c:\program files (x86)\HP\HP UT\bin\hppusg.exe" [2007-05-04 36864]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-22 1255736]
R4 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2009-04-22 124256]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-15 834544]
S1 aswSP;aswSP; [x]
S1 sensorsview;sensorsview;c:\program files (x86)\SensorsViewPro41\drv\sensorsview32_64.sys [2008-07-26 14544]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 203264]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
S2 SensorsVService;SensorsVService;c:\program files (x86)\SensorsViewPro41\svservice.exe [2010-06-17 923648]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-01-24 1196032]
.
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: {6707CCB2-C48C-40BC-A953-C7E2F168DF96} = 213.194.204.126,85.132.148.70
FF - ProfilePath - c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: ImTranslator: {9AA46F4F-4DC7-4c06-97AF-5035170634FE} - %profile%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: Save Images: LDSI_plashcor@gmail.com - %profile%\extensions\LDSI_plashcor@gmail.com
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: BitDefender QuickScan: {e001c731-5e37-4538-a5cb-8168736a2360} - %profile%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\programdata\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-3357358439-205563845-817867230-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A3F37455-2F68-F96F-11C3-9CB1CD6F5E3E}*]
"haoeahcdgboccfob"=hex:6a,61,6d,66,65,63,69,63,63,6e,67,64,66,66,6f,63,63,6c,
69,61,00,fe
"iaieglpkhcjonhgcim"=hex:6a,61,6d,66,63,63,6b,63,6d,61,68,6a,6c,61,6d,6b,70,6b,
69,63,00,01
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\DAODx.exe
c:\windows\SysWOW64\runonce.exe
.
**************************************************************************
.
Celkový čas: 2010-12-22 23:03:52 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-12-22 22:03
Před spuštěním: Volných bajtů: 99 855 450 112
Po spuštění: Volných bajtů: 99 736 199 168
- - End Of File - - EFC619EF1AED48F99A39F07CAC08C357
po restartu se combofix sám hezky dokončil, takže log máme
ComboFix 10-12-22.01 - admin 22.12.2010 22:14:09.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.2047.1085 [GMT 1:00]
Spuštěný z: c:\users\admin\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: SPYWAREfighter *Disabled/Updated* {54CEAF19-6DDF-F31A-F96A-11F730C2EC03}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.exe
c:\users\admin\AppData\Roaming\svchost.exe
c:\windows\TEMP\zvzgdjhr.vbt
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-22 do 2010-12-22 )))))))))))))))))))))))))))))))
.
2010-12-22 21:17 . 2010-12-22 21:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-22 19:43 . 2010-12-22 19:43 -------- d-----w- C:\rsit
2010-12-21 08:10 . 2010-11-10 05:35 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{511B754E-8160-46FE-A5F5-2600E594BAD1}\mpengine.dll
2010-12-20 14:11 . 2010-12-20 14:11 13824 ----a-w- c:\users\admin\avgupsvc.exe
2010-12-16 12:33 . 2010-12-16 12:33 -------- d-----w- c:\program files\CCleaner
2010-12-16 12:13 . 2010-12-22 19:43 -------- d-----w- c:\program files\trend micro
2010-12-15 15:34 . 2010-10-27 05:06 2048 ----a-w- c:\windows\system32\tzres.dll
2010-12-15 15:34 . 2010-10-27 04:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2010-12-13 20:26 . 2010-12-13 20:56 -------- d-----w- c:\programdata\clp
2010-12-13 20:25 . 2010-12-13 20:25 -------- d-----w- c:\programdata\Common Toolkit Suite
2010-12-13 20:23 . 2010-12-13 20:23 -------- d-----w- c:\users\admin\AppData\Local\PackageAware
2010-12-12 19:12 . 2010-12-13 21:04 -------- d-----w- c:\users\admin\AppData\Roaming\QuickScan
2010-12-09 10:47 . 2010-12-09 10:47 12800 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npwachk.dll
2010-11-23 22:29 . 2010-10-19 08:47 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-23 22:29 . 2010-10-19 08:10 7680 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-12 17:53 . 2010-06-02 10:45 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-10-19 09:41 . 2010-01-19 10:49 270720 ------w- c:\windows\system32\MpSigStub.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-01-24 2157056]
"HPUsageTracking"="c:\program files (x86)\HP\HP UT\bin\hppusg.exe" [2007-05-04 36864]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-22 1255736]
R4 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2009-04-22 124256]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-15 834544]
S1 aswSP;aswSP; [x]
S1 sensorsview;sensorsview;c:\program files (x86)\SensorsViewPro41\drv\sensorsview32_64.sys [2008-07-26 14544]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 203264]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
S2 SensorsVService;SensorsVService;c:\program files (x86)\SensorsViewPro41\svservice.exe [2010-06-17 923648]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-01-24 1196032]
.
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: {6707CCB2-C48C-40BC-A953-C7E2F168DF96} = 213.194.204.126,85.132.148.70
FF - ProfilePath - c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: ImTranslator: {9AA46F4F-4DC7-4c06-97AF-5035170634FE} - %profile%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: Save Images: LDSI_plashcor@gmail.com - %profile%\extensions\LDSI_plashcor@gmail.com
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: BitDefender QuickScan: {e001c731-5e37-4538-a5cb-8168736a2360} - %profile%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\programdata\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-3357358439-205563845-817867230-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A3F37455-2F68-F96F-11C3-9CB1CD6F5E3E}*]
"haoeahcdgboccfob"=hex:6a,61,6d,66,65,63,69,63,63,6e,67,64,66,66,6f,63,63,6c,
69,61,00,fe
"iaieglpkhcjonhgcim"=hex:6a,61,6d,66,63,63,6b,63,6d,61,68,6a,6c,61,6d,6b,70,6b,
69,63,00,01
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\DAODx.exe
c:\windows\SysWOW64\runonce.exe
.
**************************************************************************
.
Celkový čas: 2010-12-22 23:03:52 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-12-22 22:03
Před spuštěním: Volných bajtů: 99 855 450 112
Po spuštění: Volných bajtů: 99 736 199 168
- - End Of File - - EFC619EF1AED48F99A39F07CAC08C357
Re: Prosím o kontrolu logu
Pokud nemate, tak presunte Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"=- "Adobe Reader Speed Launcher"=- "Adobe ARM"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{32099AAC-C132-4136-9E9A-4E364A424E17}"=- [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] "{32099AAC-C132-4136-9E9A-4E364A424E17}"=- [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}] File:: C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll Folder:: C:\Program Files (x86)\DAEMON Tools Toolbar Firefox:: FF - ProfilePath - c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query= FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com RegNull:: [HKEY_USERS\S-1-5-21-3357358439-205563845-817867230-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A3F37455-2F68-F96F-11C3-9CB1CD6F5E3E}*] RegLock:: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
yohannka
- Návštěvník
- Příspěvky: 20
- Registrován: 13 říj 2006 20:53
- Bydliště: Brno
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
první část
ComboFix 10-12-22.01 - admin 22.12.2010 23:29:25.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.2047.1225 [GMT 1:00]
Spuštěný z: c:\users\admin\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\admin\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FILE ::
"c:\users\admin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files (x86)\DAEMON Tools Toolbar
c:\program files (x86)\DAEMON Tools Toolbar\_DTLite.xml
c:\program files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
c:\program files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll
c:\program files (x86)\DAEMON Tools Toolbar\Resources\about.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\AboutWindow.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\accept.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\AddRadioStation.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\as.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\as.png
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_buy.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_download.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_feedback.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_forum.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_home.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_lite.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astroburn_site.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astroLite_16.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\az.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\b1.png
c:\program files (x86)\DAEMON Tools Toolbar\Resources\burn_files.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\burn_image.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\burn_imgs.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\BurnImage.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\buy.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Config.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\d.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\d2.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\daemon.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\daemon_search.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\daemon_search_site.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dot_disabled.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dot_enabled.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dot_on_over.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\download.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ds.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dsearch.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt-home.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_about.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_buy.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_download.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_faq.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_feedback.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_forum.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_line.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_lite.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_manual.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_pro.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\DTPro.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dtt16.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dtt32.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Dwnl.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\emulation.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\favicon.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\features.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\feedback.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\forum.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrix.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrixCristals.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrixDownload.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrixPlayOnline.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrixTop.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameS.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\games_search.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\games_search_SA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameSA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\gct16.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\gd.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\genre.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\globe.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GrabImage.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\hb.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\hb.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\help.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\hide.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\home.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\image_search.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\image_search_SA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ImageS.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ImageSA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ip.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\lang.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\lingvo.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\m.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail_disable.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\MenuRSCur.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\MenuTr.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mount.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mount_n_drive.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\next.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\next_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\next_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\next_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\none.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\none_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\op.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\pragma.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prev.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prev_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prev_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prev_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prod.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Radio.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioBg.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioBg.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDisp.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioE.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioG.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioL.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioLeft.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioLM.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioM.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioN.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioR.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioR.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioRM.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioRU.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioVolume.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioW.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rbcheck.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rbtxt.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\refresh.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\refresh_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\refresh_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\refresh_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Rss.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Rss1.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RssA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RssA1.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rssClose.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rssL.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rssOpen.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RssRefresh.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\s2.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\show.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\size.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\size_lr.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\size_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\size_rl.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\skins.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\spt.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\style.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\SupportRequest.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\timer.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\TitleIcon.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\toolbar.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\trans.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\u.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\unmount-all.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_back.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_dott.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_mute.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_mute_check.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtClose.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtText.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\web_resources.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\web_search.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\web_search_SA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\WebS.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\WebSa.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi0.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi1.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi10.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi11.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi12.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi13.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi14.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi2.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi3.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi4.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi5.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi6.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi7.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi8.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi9.ico
c:\program files (x86)\DAEMON Tools Toolbar\uninst.exe
c:\users\admin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.xpt
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\about.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\AboutWindow.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\accept.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\AddRadioStation.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\as.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\as.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_buy.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_download.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_feedback.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_forum.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_home.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_lite.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astroburn_site.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astroLite_16.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\az.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\b1.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\b1.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\burn_files.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\burn_image.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\burn_imgs.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\BurnImage.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\buy.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond000.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond001.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond003.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond004.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond005.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond006.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond007.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond008.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond009.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond010.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond011.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond019.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond020.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond021.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond022.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond023.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond024.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond025.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond026.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond037.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond038.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond039.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond040.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond041.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond046.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond048.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond050.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond051.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond052.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond053.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond054.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond055.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond056.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond057.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond058.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond059.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond060.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond061.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond062.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond063.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond064.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond065.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond066.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond067.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond068.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond069.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond075.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond076.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond077.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond078.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond079.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond080.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond084.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond085.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond086.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond087.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond088.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond089.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond090.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond091.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond092.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond093.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond094.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond095.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond108.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond109.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond110.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond111.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond112.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond113.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond120.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond121.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond122.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond126.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond127.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond128.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond129.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond130.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond131.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond132.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond133.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond134.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond135.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond136.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond137.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond138.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond140.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond141.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond142.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond143.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond148.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond149.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond152.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond154.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond155.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond156.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond157.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Config.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\d.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\d2.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\daemon.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\daemon_search.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\daemon_search_site.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dot_disabled.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dot_enabled.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dot_on_over.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\download.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\ds.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dsearch.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt-home.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_about.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_buy.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_download.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_faq.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_feedback.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_forum.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_line.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_lite.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_manual.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_pro.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\DTPro.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dtt16.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dtt32.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Dwnl.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\emulation.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\faq.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\favicon.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\features.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\feedback.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\forum.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameCentrix.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameCentrixCristals.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameCentrixDownload.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameCentrixPlayOnline.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameCentrixTop.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameS.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\games_search.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\games_search_SA.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameSA.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\gct16.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\gd.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\genre.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\globe.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GrabImage.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\hb.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\hb.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\help.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\hide.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\home.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\image_search.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\image_search_SA.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\ImageS.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\ImageSA.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\ip.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\lang.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\lingvo.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\m.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mail.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mail_disable.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mail_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mail_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mail_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mailc.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mailc_disable.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mailc_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mailc_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mailc_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\manual.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\map.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\MenuRadioConfig.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\MenuRadioStation.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\MenuRSCur.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\MenuTr.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mount.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mount_n_drive.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\next.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\next_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\next_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\next_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\none.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\none_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\noW.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\op.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\play.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\play.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\play_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\play_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\play_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\pragma.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\prev.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\prev_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\prev_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\prev_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\prod.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Radio.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioBg.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioBg.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioBgMask.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDisp.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDisp_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDown.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDown.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDown_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDown_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDown_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioE.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioG.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioL.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioLDotMask.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioLeft.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioLeftMask.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioLM.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioM.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioN.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioR.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioR.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioRM.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioRU.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioVolume.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioVolume_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioVolume_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioVolume_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioW.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\rbcheck.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\rbtxt.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\refresh.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\refresh_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\refresh_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\refresh_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Rss.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Rss1.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RssA.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RssA1.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\rssClose.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\rssL.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\rssOpen.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RssRefresh.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\s2.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\show.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\size.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\size_lr.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\size_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\size_rl.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\skins.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\soft24.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\soft24_SA.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\spt.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\stop.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\stop.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\stop_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\stop_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\stop_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\style.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\SupportRequest.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\time.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\timer.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\TitleIcon.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\toolbar.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\trans.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Trash.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Trash_disable.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Trash_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Trash_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Trash_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\u.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\unmount-all.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_back.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_dott.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_dott_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_mute.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_mute_check.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wb.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtClose.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtClose_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtClose_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtClose_under.bmp
ComboFix 10-12-22.01 - admin 22.12.2010 23:29:25.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.2047.1225 [GMT 1:00]
Spuštěný z: c:\users\admin\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\admin\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FILE ::
"c:\users\admin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files (x86)\DAEMON Tools Toolbar
c:\program files (x86)\DAEMON Tools Toolbar\_DTLite.xml
c:\program files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
c:\program files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll
c:\program files (x86)\DAEMON Tools Toolbar\Resources\about.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\AboutWindow.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\accept.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\AddRadioStation.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\as.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\as.png
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_buy.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_download.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_feedback.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_forum.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_home.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astro_lite.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astroburn_site.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\astroLite_16.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\az.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\b1.png
c:\program files (x86)\DAEMON Tools Toolbar\Resources\burn_files.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\burn_image.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\burn_imgs.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\BurnImage.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\buy.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Config.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\d.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\d2.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\daemon.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\daemon_search.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\daemon_search_site.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dot_disabled.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dot_enabled.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dot_on_over.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\download.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ds.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dsearch.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt-home.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_about.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_buy.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_download.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_faq.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_feedback.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_forum.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_line.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_lite.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_manual.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dt_pro.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\DTPro.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dtt16.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\dtt32.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Dwnl.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\emulation.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\favicon.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\features.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\feedback.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\forum.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrix.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrixCristals.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrixDownload.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrixPlayOnline.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameCentrixTop.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameS.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\games_search.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\games_search_SA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GameSA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\gct16.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\gd.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\genre.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\globe.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\GrabImage.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\hb.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\hb.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\help.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\hide.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\home.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\image_search.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\image_search_SA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ImageS.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ImageSA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\ip.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\lang.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\lingvo.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\m.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail_disable.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mail_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mailc_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\MenuRSCur.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\MenuTr.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mount.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\mount_n_drive.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\next.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\next_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\next_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\next_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\none.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\none_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\op.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\play_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\pragma.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prev.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prev_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prev_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prev_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\prod.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Radio.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioBg.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioBg.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDisp.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioE.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioG.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioL.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioLeft.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioLM.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioM.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioN.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioR.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioR.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioRM.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioRU.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioVolume.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RadioW.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rbcheck.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rbtxt.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\refresh.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\refresh_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\refresh_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\refresh_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Rss.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Rss1.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RssA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RssA1.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rssClose.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rssL.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\rssOpen.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\RssRefresh.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\s2.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\show.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\size.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\size_lr.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\size_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\size_rl.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\skins.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\spt.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\stop_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\style.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\SupportRequest.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\timer.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\TitleIcon.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\toolbar.xml
c:\program files (x86)\DAEMON Tools Toolbar\Resources\trans.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\Trash_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\u.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\unmount-all.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_back.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_dott.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_mute.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_mute_check.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\vol_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtClose.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtText.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
c:\program files (x86)\DAEMON Tools Toolbar\Resources\web_resources.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\web_search.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\web_search_SA.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\WebS.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\WebSa.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi0.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi1.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi10.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi11.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi12.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi13.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi14.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi2.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi3.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi4.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi5.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi6.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi7.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi8.ico
c:\program files (x86)\DAEMON Tools Toolbar\Resources\wi9.ico
c:\program files (x86)\DAEMON Tools Toolbar\uninst.exe
c:\users\admin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.xpt
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\about.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\AboutWindow.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\accept.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\AddRadioStation.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\as.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\as.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_buy.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_download.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_feedback.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_forum.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_home.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_lite.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astroburn_site.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astroLite_16.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\az.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\b1.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\b1.png
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\burn_files.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\burn_image.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\burn_imgs.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\BurnImage.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\buy.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond000.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond001.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond003.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond004.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond005.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond006.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond007.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond008.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond009.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond010.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond011.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond019.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond020.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond021.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond022.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond023.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond024.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond025.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond026.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond037.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond038.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond039.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond040.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond041.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond046.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond048.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond050.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond051.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond052.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond053.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond054.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond055.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond056.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond057.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond058.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond059.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond060.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond061.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond062.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond063.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond064.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond065.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond066.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond067.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond068.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond069.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond075.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond076.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond077.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond078.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond079.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond080.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond084.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond085.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond086.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond087.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond088.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond089.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond090.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond091.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond092.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond093.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond094.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond095.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond108.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond109.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond110.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond111.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond112.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond113.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond120.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond121.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond122.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond126.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond127.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond128.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond129.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond130.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond131.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond132.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond133.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond134.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond135.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond136.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond137.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond138.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond140.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond141.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond142.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond143.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond148.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond149.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond152.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond154.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond155.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond156.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\cond157.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Config.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\d.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\d2.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\daemon.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\daemon_search.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\daemon_search_site.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dot_disabled.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dot_enabled.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dot_on_over.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\download.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\ds.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dsearch.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt-home.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_about.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_buy.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_download.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_faq.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_feedback.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_forum.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_line.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_lite.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_manual.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_pro.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\DTPro.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dtt16.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dtt32.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Dwnl.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\emulation.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\faq.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\favicon.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\features.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\feedback.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\forum.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameCentrix.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameCentrixCristals.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameCentrixDownload.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameCentrixPlayOnline.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameCentrixTop.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameS.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\games_search.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\games_search_SA.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameSA.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\gct16.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\gd.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\genre.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\globe.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GrabImage.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\hb.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\hb.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\help.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\hide.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\home.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\image_search.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\image_search_SA.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\ImageS.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\ImageSA.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\ip.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\lang.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\lingvo.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\m.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mail.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mail_disable.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mail_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mail_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mail_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mailc.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mailc_disable.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mailc_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mailc_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mailc_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\manual.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\map.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\MenuRadioConfig.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\MenuRadioStation.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\MenuRSCur.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\MenuTr.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mount.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mount_n_drive.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\next.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\next_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\next_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\next_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\none.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\none_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\noW.gif
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\op.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\play.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\play.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\play_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\play_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\play_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\pragma.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\prev.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\prev_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\prev_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\prev_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\prod.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Radio.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioBg.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioBg.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioBgMask.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDisp.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDisp_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDown.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDown.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDown_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDown_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDown_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioE.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioG.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioL.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioLDotMask.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioLeft.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioLeftMask.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioLM.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioM.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioN.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioR.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioR.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioRM.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioRU.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioVolume.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioVolume_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioVolume_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioVolume_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioW.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\rbcheck.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\rbtxt.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\refresh.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\refresh_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\refresh_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\refresh_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Rss.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Rss1.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RssA.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RssA1.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\rssClose.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\rssL.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\rssOpen.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RssRefresh.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\s2.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\show.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\size.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\size_lr.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\size_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\size_rl.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\skins.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\soft24.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\soft24_SA.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\spt.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\stop.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\stop.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\stop_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\stop_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\stop_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\style.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\SupportRequest.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\time.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\timer.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\TitleIcon.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\toolbar.xml
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\trans.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Trash.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Trash_disable.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Trash_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Trash_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Trash_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\u.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\unmount-all.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_back.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_dott.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_dott_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_mute.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_mute_check.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wb.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtClose.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtClose_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtClose_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtClose_under.bmp
-
yohannka
- Návštěvník
- Příspěvky: 20
- Registrován: 13 říj 2006 20:53
- Bydliště: Brno
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
druhá část
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtText.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtText_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtText_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtText_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Weather_m42.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Weather_m43.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\web_resources.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\web_search.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\web_search_SA.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\WebS.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\WebSa.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi0.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi1.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi10.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi11.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi12.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi13.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi14.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi2.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi3.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi4.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi5.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi6.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi7.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi8.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi9.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\chrome.manifest
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\chrome\dttoolbar.jar
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\install.rdf
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-22 do 2010-12-22 )))))))))))))))))))))))))))))))
.
2010-12-22 22:32 . 2010-12-22 22:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-22 19:43 . 2010-12-22 19:43 -------- d-----w- C:\rsit
2010-12-21 08:10 . 2010-11-10 05:35 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{511B754E-8160-46FE-A5F5-2600E594BAD1}\mpengine.dll
2010-12-20 14:11 . 2010-12-20 14:11 13824 ----a-w- c:\users\admin\avgupsvc.exe
2010-12-16 12:33 . 2010-12-16 12:33 -------- d-----w- c:\program files\CCleaner
2010-12-16 12:13 . 2010-12-22 19:43 -------- d-----w- c:\program files\trend micro
2010-12-15 15:34 . 2010-10-27 05:06 2048 ----a-w- c:\windows\system32\tzres.dll
2010-12-15 15:34 . 2010-10-27 04:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2010-12-13 20:26 . 2010-12-13 20:56 -------- d-----w- c:\programdata\clp
2010-12-13 20:25 . 2010-12-13 20:25 -------- d-----w- c:\programdata\Common Toolkit Suite
2010-12-13 20:23 . 2010-12-13 20:23 -------- d-----w- c:\users\admin\AppData\Local\PackageAware
2010-12-12 19:12 . 2010-12-13 21:04 -------- d-----w- c:\users\admin\AppData\Roaming\QuickScan
2010-12-09 10:47 . 2010-12-09 10:47 12800 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npwachk.dll
2010-11-23 22:29 . 2010-10-19 08:47 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-23 22:29 . 2010-10-19 08:10 7680 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-12 17:53 . 2010-06-02 10:45 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-10-19 09:41 . 2010-01-19 10:49 270720 ------w- c:\windows\system32\MpSigStub.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-12-22_22.01.43 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-22 09:24 . 2010-12-22 22:02 30346 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2010-12-22 22:03 29932 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2010-12-22 19:43 29932 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-01-24 16:54 . 2010-12-22 22:03 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-24 16:54 . 2010-12-22 19:43 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-24 16:54 . 2010-12-22 22:03 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-01-24 16:54 . 2010-12-22 19:43 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-19 17:46 . 2010-12-22 22:03 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-19 17:46 . 2010-12-22 19:43 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-19 10:52 . 2010-12-22 22:03 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-19 10:52 . 2010-12-22 19:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-19 10:52 . 2010-12-22 22:03 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-19 10:52 . 2010-12-22 19:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-19 10:53 . 2010-12-22 22:03 8980 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3357358439-205563845-817867230-1001_UserData.bin
+ 2010-12-22 22:01 . 2010-12-22 22:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-07-14 02:36 . 2010-12-22 22:05 624578 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2010-12-22 19:46 624578 c:\windows\system32\perfh009.dat
- 2009-07-14 15:18 . 2010-12-22 19:46 639748 c:\windows\system32\perfh005.dat
+ 2009-07-14 15:18 . 2010-12-22 22:05 639748 c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2010-12-22 19:46 110216 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2010-12-22 22:05 110216 c:\windows\system32\perfc009.dat
- 2009-07-14 15:18 . 2010-12-22 19:46 126660 c:\windows\system32\perfc005.dat
+ 2009-07-14 15:18 . 2010-12-22 22:05 126660 c:\windows\system32\perfc005.dat
- 2009-07-14 02:34 . 2010-12-22 14:15 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2010-12-22 22:14 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-01-24 2157056]
"HPUsageTracking"="c:\program files (x86)\HP\HP UT\bin\hppusg.exe" [2007-05-04 36864]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SensorsVService;SensorsVService;c:\program files (x86)\SensorsViewPro41\svservice.exe [2010-06-17 923648]
R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-22 1255736]
R4 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2009-04-22 124256]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-15 834544]
S1 aswSP;aswSP; [x]
S1 sensorsview;sensorsview;c:\program files (x86)\SensorsViewPro41\drv\sensorsview32_64.sys [2008-07-26 14544]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 203264]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-01-24 1196032]
.
--------- x86-64 -----------
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: {6707CCB2-C48C-40BC-A953-C7E2F168DF96} = 213.194.204.126,85.132.148.70
FF - ProfilePath - c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: ImTranslator: {9AA46F4F-4DC7-4c06-97AF-5035170634FE} - %profile%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: Save Images: LDSI_plashcor@gmail.com - %profile%\extensions\LDSI_plashcor@gmail.com
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: BitDefender QuickScan: {e001c731-5e37-4538-a5cb-8168736a2360} - %profile%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\programdata\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-DAEMON Tools Toolbar - c:\program files (x86)\DAEMON Tools Toolbar\uninst.exe
.
Celkový čas: 2010-12-22 23:34:19
ComboFix-quarantined-files.txt 2010-12-22 22:34
ComboFix2.txt 2010-12-22 22:03
Před spuštěním: Volných bajtů: 99 541 643 264
Po spuštění: Volných bajtů: 99 492 872 192
- - End Of File - - 37ECE1FFB817744221629EC9CCB6E674
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtText.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtText_down.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtText_m.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtText_under.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Weather_m42.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Weather_m43.bmp
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\web_resources.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\web_search.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\web_search_SA.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\WebS.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\WebSa.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi0.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi1.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi10.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi11.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi12.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi13.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi14.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi2.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi3.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi4.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi5.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi6.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi7.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi8.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi9.ico
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\chrome.manifest
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\chrome\dttoolbar.jar
c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\extensions\DTToolbar@toolbarnet.com\install.rdf
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-22 do 2010-12-22 )))))))))))))))))))))))))))))))
.
2010-12-22 22:32 . 2010-12-22 22:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-22 19:43 . 2010-12-22 19:43 -------- d-----w- C:\rsit
2010-12-21 08:10 . 2010-11-10 05:35 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{511B754E-8160-46FE-A5F5-2600E594BAD1}\mpengine.dll
2010-12-20 14:11 . 2010-12-20 14:11 13824 ----a-w- c:\users\admin\avgupsvc.exe
2010-12-16 12:33 . 2010-12-16 12:33 -------- d-----w- c:\program files\CCleaner
2010-12-16 12:13 . 2010-12-22 19:43 -------- d-----w- c:\program files\trend micro
2010-12-15 15:34 . 2010-10-27 05:06 2048 ----a-w- c:\windows\system32\tzres.dll
2010-12-15 15:34 . 2010-10-27 04:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2010-12-13 20:26 . 2010-12-13 20:56 -------- d-----w- c:\programdata\clp
2010-12-13 20:25 . 2010-12-13 20:25 -------- d-----w- c:\programdata\Common Toolkit Suite
2010-12-13 20:23 . 2010-12-13 20:23 -------- d-----w- c:\users\admin\AppData\Local\PackageAware
2010-12-12 19:12 . 2010-12-13 21:04 -------- d-----w- c:\users\admin\AppData\Roaming\QuickScan
2010-12-09 10:47 . 2010-12-09 10:47 12800 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npwachk.dll
2010-11-23 22:29 . 2010-10-19 08:47 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-23 22:29 . 2010-10-19 08:10 7680 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-12 17:53 . 2010-06-02 10:45 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-10-19 09:41 . 2010-01-19 10:49 270720 ------w- c:\windows\system32\MpSigStub.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-12-22_22.01.43 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-22 09:24 . 2010-12-22 22:02 30346 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2010-12-22 22:03 29932 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2010-12-22 19:43 29932 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-01-24 16:54 . 2010-12-22 22:03 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-24 16:54 . 2010-12-22 19:43 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-24 16:54 . 2010-12-22 22:03 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-01-24 16:54 . 2010-12-22 19:43 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-19 17:46 . 2010-12-22 22:03 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-19 17:46 . 2010-12-22 19:43 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-19 10:52 . 2010-12-22 22:03 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-19 10:52 . 2010-12-22 19:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-19 10:52 . 2010-12-22 22:03 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-19 10:52 . 2010-12-22 19:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-19 10:53 . 2010-12-22 22:03 8980 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3357358439-205563845-817867230-1001_UserData.bin
+ 2010-12-22 22:01 . 2010-12-22 22:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-07-14 02:36 . 2010-12-22 22:05 624578 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2010-12-22 19:46 624578 c:\windows\system32\perfh009.dat
- 2009-07-14 15:18 . 2010-12-22 19:46 639748 c:\windows\system32\perfh005.dat
+ 2009-07-14 15:18 . 2010-12-22 22:05 639748 c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2010-12-22 19:46 110216 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2010-12-22 22:05 110216 c:\windows\system32\perfc009.dat
- 2009-07-14 15:18 . 2010-12-22 19:46 126660 c:\windows\system32\perfc005.dat
+ 2009-07-14 15:18 . 2010-12-22 22:05 126660 c:\windows\system32\perfc005.dat
- 2009-07-14 02:34 . 2010-12-22 14:15 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2010-12-22 22:14 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-01-24 2157056]
"HPUsageTracking"="c:\program files (x86)\HP\HP UT\bin\hppusg.exe" [2007-05-04 36864]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SensorsVService;SensorsVService;c:\program files (x86)\SensorsViewPro41\svservice.exe [2010-06-17 923648]
R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-22 1255736]
R4 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2009-04-22 124256]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-15 834544]
S1 aswSP;aswSP; [x]
S1 sensorsview;sensorsview;c:\program files (x86)\SensorsViewPro41\drv\sensorsview32_64.sys [2008-07-26 14544]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 203264]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-01-24 1196032]
.
--------- x86-64 -----------
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: {6707CCB2-C48C-40BC-A953-C7E2F168DF96} = 213.194.204.126,85.132.148.70
FF - ProfilePath - c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3lwxoyf.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: ImTranslator: {9AA46F4F-4DC7-4c06-97AF-5035170634FE} - %profile%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: Save Images: LDSI_plashcor@gmail.com - %profile%\extensions\LDSI_plashcor@gmail.com
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: BitDefender QuickScan: {e001c731-5e37-4538-a5cb-8168736a2360} - %profile%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\programdata\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-DAEMON Tools Toolbar - c:\program files (x86)\DAEMON Tools Toolbar\uninst.exe
.
Celkový čas: 2010-12-22 23:34:19
ComboFix-quarantined-files.txt 2010-12-22 22:34
ComboFix2.txt 2010-12-22 22:03
Před spuštěním: Volných bajtů: 99 541 643 264
Po spuštění: Volných bajtů: 99 492 872 192
- - End Of File - - 37ECE1FFB817744221629EC9CCB6E674
Re: Prosím o kontrolu logu
Uz se mi log libi daleko vice, jak se chova PC 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
yohannka
- Návštěvník
- Příspěvky: 20
- Registrován: 13 říj 2006 20:53
- Bydliště: Brno
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Vypadá to, že pracuje konečně normálně, takže MOC děkuji!
Re: Prosím o kontrolu logu
Jeste mi neutikejte, uklidime 
Prejmenujte ComboFix (cokoliv) na Uninstall a spustte
T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner (viz muj podpis)
Panel čistič
Dejte novy log z RSIT
Prejmenujte ComboFix (cokoliv) na Uninstall a spustte T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis)Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Dejte novy log z RSIT"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
yohannka
- Návštěvník
- Příspěvky: 20
- Registrován: 13 říj 2006 20:53
- Bydliště: Brno
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Tak uklizeno a log je tady
Logfile of random's system information tool 1.08 (written by random/random)
Run by admin at 2010-12-23 00:06:21
Microsoft Windows 7 Home Premium
System drive C: has 104 GB (41%) free of 250 GB
Total RAM: 2047 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:06:23, on 23.12.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal
Running processes:
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\trend micro\admin.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HPUsageTracking] C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe "C:\Program Files (x86)\HP\HP UT\"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6707CCB2-C48C-40BC-A953-C7E2F168DF96}: NameServer = 213.194.204.126,85.132.148.70
O17 - HKLM\System\CS1\Services\Tcpip\..\{6707CCB2-C48C-40BC-A953-C7E2F168DF96}: NameServer = 213.194.204.126,85.132.148.70
O17 - HKLM\System\CS2\Services\Tcpip\..\{6707CCB2-C48C-40BC-A953-C7E2F168DF96}: NameServer = 213.194.204.126,85.132.148.70
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Stavová služba ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SensorsVService - Unknown owner - C:\Program Files (x86)\SensorsViewPro41\svservice.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 5585 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2e0
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
atieclxx
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"C:\Program Files (x86)\SensorsViewPro41\svservice.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE" -Embedding
taskeng.exe {2DA2195C-CE06-448C-8D54-34F36C9DAD0D}
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\admin\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2010-01-24 2157056]
"HPUsageTracking"=C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [2007-05-04 36864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 290304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2010-12-23 00:06:21 ----D---- C:\rsit
2010-12-22 23:46:06 ----SHD---- C:\$RECYCLE.BIN
2010-12-22 22:57:11 ----D---- C:\Config.Msi
2010-12-22 22:12:19 ----D---- C:\Windows\ERDNT
2010-12-18 15:06:25 ----A---- C:\Windows\SYSWOW64\javaws.exe
2010-12-18 15:06:25 ----A---- C:\Windows\SYSWOW64\javaw.exe
2010-12-18 15:06:25 ----A---- C:\Windows\SYSWOW64\java.exe
2010-12-16 13:33:23 ----D---- C:\Program Files\CCleaner
2010-12-16 13:13:20 ----D---- C:\Program Files\trend micro
2010-12-15 16:34:01 ----A---- C:\Windows\SYSWOW64\tzres.dll
2010-12-15 16:34:01 ----A---- C:\Windows\system32\tzres.dll
2010-12-15 16:33:51 ----A---- C:\Windows\system32\taskschd.dll
2010-12-15 16:33:51 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-15 16:33:50 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2010-12-15 16:33:50 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2010-12-15 16:33:50 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2010-12-15 16:33:50 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2010-12-15 16:33:50 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-15 16:33:50 ----A---- C:\Windows\system32\taskeng.exe
2010-12-15 16:33:50 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-15 16:33:50 ----A---- C:\Windows\system32\schtasks.exe
2010-12-15 16:33:46 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2010-12-15 16:33:46 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2010-12-15 16:33:46 ----A---- C:\Windows\system32\atmlib.dll
2010-12-15 16:33:46 ----A---- C:\Windows\system32\atmfd.dll
2010-12-15 16:33:45 ----A---- C:\Windows\system32\win32k.sys
2010-12-15 16:33:43 ----A---- C:\Windows\SYSWOW64\webio.dll
2010-12-15 16:33:43 ----A---- C:\Windows\system32\webio.dll
2010-12-15 16:33:40 ----A---- C:\Windows\system32\consent.exe
2010-12-15 16:33:37 ----A---- C:\Windows\system32\mshtml.dll
2010-12-15 16:33:36 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-12-15 16:33:36 ----A---- C:\Windows\system32\iertutil.dll
2010-12-15 16:33:36 ----A---- C:\Windows\system32\ieframe.dll
2010-12-15 16:33:35 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-12-15 16:33:35 ----A---- C:\Windows\system32\mstime.dll
2010-12-15 16:33:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-12-15 16:33:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-12-15 16:33:33 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-12-15 16:33:33 ----A---- C:\Windows\system32\wininet.dll
2010-12-15 16:33:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-12-15 16:33:32 ----A---- C:\Windows\system32\urlmon.dll
2010-12-15 16:33:32 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-15 16:33:32 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-15 16:33:31 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2010-12-15 16:33:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2010-12-15 16:33:31 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-12-15 16:33:31 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-12-15 16:33:31 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-12-15 16:33:31 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-15 16:33:31 ----A---- C:\Windows\system32\ieui.dll
2010-12-15 16:33:31 ----A---- C:\Windows\system32\iepeers.dll
2010-12-15 16:33:30 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-12-15 16:33:30 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2010-12-15 16:33:30 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-15 16:33:30 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-15 16:33:29 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-12-15 16:33:29 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-15 16:33:29 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-15 16:33:28 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-12-13 21:26:33 ----D---- C:\ProgramData\clp
2010-12-13 21:25:58 ----D---- C:\ProgramData\Common Toolkit Suite
2010-12-12 20:12:07 ----D---- C:\Users\admin\AppData\Roaming\QuickScan
======List of files/folders modified in the last 1 months======
2010-12-23 00:06:22 ----D---- C:\Windows\Temp
2010-12-23 00:05:33 ----D---- C:\Program Files (x86)\Winamp
2010-12-23 00:05:19 ----D---- C:\Windows\System32
2010-12-23 00:05:19 ----D---- C:\Windows\inf
2010-12-23 00:05:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-23 00:04:12 ----D---- C:\Windows
2010-12-23 00:04:12 ----D---- C:\Users\admin\AppData\Roaming\Winamp
2010-12-23 00:04:02 ----D---- C:\Windows\system32\config
2010-12-22 23:55:39 ----SHD---- C:\System Volume Information
2010-12-22 23:32:58 ----A---- C:\Windows\system.ini
2010-12-22 23:32:39 ----RD---- C:\Program Files (x86)
2010-12-22 23:30:45 ----D---- C:\Windows\SYSWOW64\drivers
2010-12-22 23:30:45 ----D---- C:\Windows\SysWOW64
2010-12-22 23:30:45 ----D---- C:\Windows\system32\drivers
2010-12-22 23:30:45 ----D---- C:\Windows\AppPatch
2010-12-22 23:30:43 ----D---- C:\Program Files\Common Files
2010-12-22 23:30:43 ----D---- C:\Program Files (x86)\Common Files
2010-12-22 23:01:11 ----D---- C:\ProgramData
2010-12-22 22:57:14 ----SHD---- C:\Windows\Installer
2010-12-22 22:23:35 ----D---- C:\Windows\system32\NDF
2010-12-22 22:14:10 ----D---- C:\Windows\Prefetch
2010-12-22 16:38:22 ----D---- C:\Windows\system32\catroot
2010-12-19 11:22:06 ----D---- C:\Windows\system32\catroot2
2010-12-18 15:06:20 ----D---- C:\Program Files (x86)\Java
2010-12-18 14:31:13 ----D---- C:\Program Files (x86)\Winamp Detect
2010-12-16 21:18:28 ----D---- C:\Windows\rescache
2010-12-16 13:34:52 ----D---- C:\Windows\debug
2010-12-16 13:33:23 ----RD---- C:\Program Files
2010-12-15 20:09:52 ----D---- C:\Windows\winsxs
2010-12-15 20:07:46 ----D---- C:\Windows\SYSWOW64\cs-CZ
2010-12-15 20:07:46 ----D---- C:\Windows\system32\cs-CZ
2010-12-15 20:07:42 ----D---- C:\Program Files\Windows Mail
2010-12-15 20:07:41 ----D---- C:\Program Files\Internet Explorer
2010-12-15 20:07:41 ----D---- C:\Program Files (x86)\Windows Mail
2010-12-15 20:07:41 ----D---- C:\Program Files (x86)\Internet Explorer
2010-12-15 20:07:40 ----D---- C:\Windows\SYSWOW64\migration
2010-12-15 20:07:40 ----D---- C:\Windows\system32\migration
2010-12-15 19:32:19 ----A---- C:\Windows\system32\MRT.exe
2010-12-15 18:05:12 ----SD---- C:\Users\admin\AppData\Roaming\Microsoft
2010-12-14 14:54:56 ----D---- C:\Windows\system32\wdi
2010-12-10 09:05:54 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2007-02-07 14104]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-02-15 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 28752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 121936]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 51280]
R1 sensorsview;sensorsview; \??\C:\Program Files (x86)\SensorsViewPro41\drv\sensorsview32_64.sys [2008-07-26 14544]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 20048]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2010-01-24 1196032]
S3 akbuga2w;akbuga2w; C:\Windows\system32\drivers\akbuga2w.sys []
S3 AVFSFilter;AVFSFilter; C:\Windows\system32\DRIVERS\avfsfilter.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 SensorsVService;SensorsVService; C:\Program Files (x86)\SensorsViewPro41\svservice.exe [2010-06-17 923648]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-22 1255736]
S4 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2009-04-22 124256]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by admin at 2010-12-23 00:06:21
Microsoft Windows 7 Home Premium
System drive C: has 104 GB (41%) free of 250 GB
Total RAM: 2047 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:06:23, on 23.12.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal
Running processes:
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\trend micro\admin.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HPUsageTracking] C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe "C:\Program Files (x86)\HP\HP UT\"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6707CCB2-C48C-40BC-A953-C7E2F168DF96}: NameServer = 213.194.204.126,85.132.148.70
O17 - HKLM\System\CS1\Services\Tcpip\..\{6707CCB2-C48C-40BC-A953-C7E2F168DF96}: NameServer = 213.194.204.126,85.132.148.70
O17 - HKLM\System\CS2\Services\Tcpip\..\{6707CCB2-C48C-40BC-A953-C7E2F168DF96}: NameServer = 213.194.204.126,85.132.148.70
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Stavová služba ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SensorsVService - Unknown owner - C:\Program Files (x86)\SensorsViewPro41\svservice.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 5585 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2e0
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
atieclxx
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"C:\Program Files (x86)\SensorsViewPro41\svservice.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE" -Embedding
taskeng.exe {2DA2195C-CE06-448C-8D54-34F36C9DAD0D}
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\admin\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2010-01-24 2157056]
"HPUsageTracking"=C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [2007-05-04 36864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 290304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2010-12-23 00:06:21 ----D---- C:\rsit
2010-12-22 23:46:06 ----SHD---- C:\$RECYCLE.BIN
2010-12-22 22:57:11 ----D---- C:\Config.Msi
2010-12-22 22:12:19 ----D---- C:\Windows\ERDNT
2010-12-18 15:06:25 ----A---- C:\Windows\SYSWOW64\javaws.exe
2010-12-18 15:06:25 ----A---- C:\Windows\SYSWOW64\javaw.exe
2010-12-18 15:06:25 ----A---- C:\Windows\SYSWOW64\java.exe
2010-12-16 13:33:23 ----D---- C:\Program Files\CCleaner
2010-12-16 13:13:20 ----D---- C:\Program Files\trend micro
2010-12-15 16:34:01 ----A---- C:\Windows\SYSWOW64\tzres.dll
2010-12-15 16:34:01 ----A---- C:\Windows\system32\tzres.dll
2010-12-15 16:33:51 ----A---- C:\Windows\system32\taskschd.dll
2010-12-15 16:33:51 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-15 16:33:50 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2010-12-15 16:33:50 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2010-12-15 16:33:50 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2010-12-15 16:33:50 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2010-12-15 16:33:50 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-15 16:33:50 ----A---- C:\Windows\system32\taskeng.exe
2010-12-15 16:33:50 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-15 16:33:50 ----A---- C:\Windows\system32\schtasks.exe
2010-12-15 16:33:46 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2010-12-15 16:33:46 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2010-12-15 16:33:46 ----A---- C:\Windows\system32\atmlib.dll
2010-12-15 16:33:46 ----A---- C:\Windows\system32\atmfd.dll
2010-12-15 16:33:45 ----A---- C:\Windows\system32\win32k.sys
2010-12-15 16:33:43 ----A---- C:\Windows\SYSWOW64\webio.dll
2010-12-15 16:33:43 ----A---- C:\Windows\system32\webio.dll
2010-12-15 16:33:40 ----A---- C:\Windows\system32\consent.exe
2010-12-15 16:33:37 ----A---- C:\Windows\system32\mshtml.dll
2010-12-15 16:33:36 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-12-15 16:33:36 ----A---- C:\Windows\system32\iertutil.dll
2010-12-15 16:33:36 ----A---- C:\Windows\system32\ieframe.dll
2010-12-15 16:33:35 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-12-15 16:33:35 ----A---- C:\Windows\system32\mstime.dll
2010-12-15 16:33:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-12-15 16:33:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-12-15 16:33:33 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-12-15 16:33:33 ----A---- C:\Windows\system32\wininet.dll
2010-12-15 16:33:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-12-15 16:33:32 ----A---- C:\Windows\system32\urlmon.dll
2010-12-15 16:33:32 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-15 16:33:32 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-15 16:33:31 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2010-12-15 16:33:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2010-12-15 16:33:31 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-12-15 16:33:31 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-12-15 16:33:31 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-12-15 16:33:31 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-15 16:33:31 ----A---- C:\Windows\system32\ieui.dll
2010-12-15 16:33:31 ----A---- C:\Windows\system32\iepeers.dll
2010-12-15 16:33:30 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-12-15 16:33:30 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2010-12-15 16:33:30 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-15 16:33:30 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-15 16:33:29 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-12-15 16:33:29 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-15 16:33:29 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-15 16:33:28 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-12-13 21:26:33 ----D---- C:\ProgramData\clp
2010-12-13 21:25:58 ----D---- C:\ProgramData\Common Toolkit Suite
2010-12-12 20:12:07 ----D---- C:\Users\admin\AppData\Roaming\QuickScan
======List of files/folders modified in the last 1 months======
2010-12-23 00:06:22 ----D---- C:\Windows\Temp
2010-12-23 00:05:33 ----D---- C:\Program Files (x86)\Winamp
2010-12-23 00:05:19 ----D---- C:\Windows\System32
2010-12-23 00:05:19 ----D---- C:\Windows\inf
2010-12-23 00:05:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-23 00:04:12 ----D---- C:\Windows
2010-12-23 00:04:12 ----D---- C:\Users\admin\AppData\Roaming\Winamp
2010-12-23 00:04:02 ----D---- C:\Windows\system32\config
2010-12-22 23:55:39 ----SHD---- C:\System Volume Information
2010-12-22 23:32:58 ----A---- C:\Windows\system.ini
2010-12-22 23:32:39 ----RD---- C:\Program Files (x86)
2010-12-22 23:30:45 ----D---- C:\Windows\SYSWOW64\drivers
2010-12-22 23:30:45 ----D---- C:\Windows\SysWOW64
2010-12-22 23:30:45 ----D---- C:\Windows\system32\drivers
2010-12-22 23:30:45 ----D---- C:\Windows\AppPatch
2010-12-22 23:30:43 ----D---- C:\Program Files\Common Files
2010-12-22 23:30:43 ----D---- C:\Program Files (x86)\Common Files
2010-12-22 23:01:11 ----D---- C:\ProgramData
2010-12-22 22:57:14 ----SHD---- C:\Windows\Installer
2010-12-22 22:23:35 ----D---- C:\Windows\system32\NDF
2010-12-22 22:14:10 ----D---- C:\Windows\Prefetch
2010-12-22 16:38:22 ----D---- C:\Windows\system32\catroot
2010-12-19 11:22:06 ----D---- C:\Windows\system32\catroot2
2010-12-18 15:06:20 ----D---- C:\Program Files (x86)\Java
2010-12-18 14:31:13 ----D---- C:\Program Files (x86)\Winamp Detect
2010-12-16 21:18:28 ----D---- C:\Windows\rescache
2010-12-16 13:34:52 ----D---- C:\Windows\debug
2010-12-16 13:33:23 ----RD---- C:\Program Files
2010-12-15 20:09:52 ----D---- C:\Windows\winsxs
2010-12-15 20:07:46 ----D---- C:\Windows\SYSWOW64\cs-CZ
2010-12-15 20:07:46 ----D---- C:\Windows\system32\cs-CZ
2010-12-15 20:07:42 ----D---- C:\Program Files\Windows Mail
2010-12-15 20:07:41 ----D---- C:\Program Files\Internet Explorer
2010-12-15 20:07:41 ----D---- C:\Program Files (x86)\Windows Mail
2010-12-15 20:07:41 ----D---- C:\Program Files (x86)\Internet Explorer
2010-12-15 20:07:40 ----D---- C:\Windows\SYSWOW64\migration
2010-12-15 20:07:40 ----D---- C:\Windows\system32\migration
2010-12-15 19:32:19 ----A---- C:\Windows\system32\MRT.exe
2010-12-15 18:05:12 ----SD---- C:\Users\admin\AppData\Roaming\Microsoft
2010-12-14 14:54:56 ----D---- C:\Windows\system32\wdi
2010-12-10 09:05:54 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2007-02-07 14104]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-02-15 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 28752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 121936]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 51280]
R1 sensorsview;sensorsview; \??\C:\Program Files (x86)\SensorsViewPro41\drv\sensorsview32_64.sys [2008-07-26 14544]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 20048]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2010-01-24 1196032]
S3 akbuga2w;akbuga2w; C:\Windows\system32\drivers\akbuga2w.sys []
S3 AVFSFilter;AVFSFilter; C:\Windows\system32\DRIVERS\avfsfilter.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 SensorsVService;SensorsVService; C:\Program Files (x86)\SensorsViewPro41\svservice.exe [2010-06-17 923648]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-22 1255736]
S4 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2009-04-22 124256]
-----------------EOF-----------------
Re: Prosím o kontrolu logu
A jeste Vam nedam pokojm jsem otravnej, vim 
Otevrete si poznamkovy blok
Jinak log jiz vypada v poradku
Otevrete si poznamkovy blok
- Start->spustit->notepad
- Vlozte text nize
Kód: Vybrat vše
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=- [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-- Soubor ulozte jako oprava.reg
- Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
- Zavrit notepad a spustit dvojklikem oprava.reg
- Pripadny dotaz na zmenu registru potvrdte
- Okno jen problikne a opravi regsitry - soubor muzete smazat
Jinak log jiz vypada v poradku "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
yohannka
- Návštěvník
- Příspěvky: 20
- Registrován: 13 říj 2006 20:53
- Bydliště: Brno
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Jenom otravujte, já jsem ráda, že mám počítač zase pěkně čistej.
Provedeno, hádám, že nový log už nechcete. Takže děkuju za podrobné návody a přeju pěkné Vánoce!
Provedeno, hádám, že nový log už nechcete. Takže děkuju za podrobné návody a přeju pěkné Vánoce!
Přispějete na provoz fóra?