MyCity » Ambulanta -> Arhiva Ambulante » Komp povremeno koči

Komp povremeno koči

Napisano na dan: 7.1.2012

Komp povremeno koči
Sledeća strana Pagination

Idi na vrh

Poslao: 07 Jan 2012 16:49
Idi na vrh
offline
  • RJ 
  • SuperModerator
  • Supermoderator vojnih foruma
  • Gavrilo Milentijević
  • Komandir stanice milicije Gornje Polje
  • Pridružio: 12 Feb 2005
  • Poruke: 9506
  • Gde živiš: ovalni kabinet

Primećujem da s vremena na vreme komp hoće da se momentalno ukoči (nekoliko sekundi) - kursor miša se pomera ali otvorene stranice na internetu ne reaguju na klik. Posle toga sve bude OK.
Takođe, jedno vreme (a i danas) primetio sam da kad nešto radim, na svakih odprilike 5 sekundi kursor miša ukoči se na sekundu pri pomeranju.
Dakle nešto "koči" sistem, šta, ne bih znao...

Evo log fajlova sa Combo Fix-a, DSS-a i Gmer-a

ComboFix 12-01-06.03 - User 01/07/2012 15:16:36.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3326.2196 [GMT 1:00]
Running from: c:\users\User\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\ST6UNST.000
H:\Autorun.inf
.
.
((((((((((((((((((((((((( Files Created from 2011-12-07 to 2012-01-07 )))))))))))))))))))))))))))))))
.
.
2012-01-07 14:20 . 2012-01-07 14:29 -------- d-----w- c:\users\User\AppData\Local\temp
2012-01-05 06:31 . 2012-01-05 06:31 -------- d-----w- c:\programdata\Pinnacle VideoSpin
2012-01-05 06:27 . 2012-01-05 06:27 -------- d-----w- c:\programdata\VideoSpin
2012-01-05 06:27 . 2012-01-05 06:27 -------- d-----w- c:\program files\Pinnacle
2012-01-05 06:27 . 2012-01-05 06:27 -------- d-----w- c:\program files\Common Files\Yahoo!
2012-01-05 06:13 . 2012-01-05 06:13 -------- d-----w- c:\programdata\Pinnacle
2012-01-04 22:52 . 2012-01-04 22:52 -------- d-----w- c:\users\User\AppData\Roaming\AquaSoft
2012-01-04 22:41 . 2012-01-04 22:41 -------- d-----w- c:\program files\Movie Maker 2.6
2012-01-04 12:39 . 2012-01-04 12:39 -------- d-----w- c:\users\User\AppData\Roaming\Malwarebytes
2012-01-04 12:39 . 2012-01-04 12:39 -------- d-----w- c:\programdata\Malwarebytes
2012-01-04 12:39 . 2012-01-04 12:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-04 12:39 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-03 17:33 . 2011-11-10 04:54 476904 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-12-22 18:34 . 2011-12-22 18:40 286720 ------w- c:\windows\Setup1.exe
2011-12-22 18:34 . 2011-12-22 18:40 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-12-20 19:09 . 2011-12-20 19:10 -------- d-----w- c:\users\User\AppData\Local\Facebook
2011-12-11 16:50 . 2005-10-31 20:28 69632 ----a-w- c:\windows\system32\MobOlExt.dll
2011-12-11 10:07 . 2011-12-13 20:10 -------- d-----w- c:\program files\Alcatel PC Suite
2011-12-11 10:07 . 2003-03-18 19:04 765952 ----a-w- c:\windows\system32\msvcp71d.dll
2011-12-11 10:07 . 2003-03-18 19:03 544768 ----a-w- c:\windows\system32\msvcr71d.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-07 10:21 . 2011-07-15 12:25 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-01-07 10:21 . 2011-07-15 12:25 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-01-07 10:21 . 2011-07-15 12:25 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-12-06 06:06 . 2011-09-26 20:39 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-23 18:00 . 2011-11-29 11:03 74752 ----a-w- c:\windows\system32\ff_vfw.dll
2011-11-10 04:54 . 2011-08-19 07:40 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-20 15:37 . 2011-07-15 12:25 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-10-16 14:19 . 2011-10-16 14:19 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2011-10-16 14:18 . 2011-10-16 14:18 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2011-10-16 13:47 . 2011-10-16 13:47 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2011-11-21 04:04 . 2011-12-07 17:39 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2011-08-24 130864]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2011-08-24 16:21 1299248 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2011-08-24 1299248]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2011-08-24 1299248]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-30 9210400]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-09-23 2404704]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\WI3C8A~1\Datamngr\datamngr.dll c:\progra~1\WI3C8A~1\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-08-07 136176]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-08-07 136176]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-10 23120]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-07-10 229840]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-07-10 295248]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-07-15 218688]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011-09-12 5265248]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-20 378984]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-10 134736]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-10 24272]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-07-10 16720]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-11-11 122984]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-07 c:\windows\Tasks\AutoSmartDefrag.job
- g:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2011-02-17 17:08]
.
2012-01-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3641395576-2003788952-3425881642-1000Core.job
- c:\users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-20 19:09]
.
2012-01-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3641395576-2003788952-3425881642-1000UA.job
- c:\users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-20 19:09]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-07 08:13]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-07 08:13]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
mStart Page = hxxp://home.sweetim.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: Interfaces\{C67570C3-AAA9-4241-BE44-2BB7C2CDB677}: NameServer = 10.10.2.69,10.10.2.79
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zqpgwt7a.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q=
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.032"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.abr"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.ani"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.apd"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.arw"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.bay"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.bmp"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.bw"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.cr2"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.crw"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.cs1"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.cur"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.dcr"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.dcx"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.dib"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.dng"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.emf"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.eps"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.erf"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.fff"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.fpx"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.gif"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.hdr"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.icl"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.icn"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.iff"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.ilbm"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.int"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.inta"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.iw4"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.j2c"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.j2k"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.jbr"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.jfif"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.jif"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.jp2"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.jpc"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.jpe"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.jpeg"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-3641395576-2003788952-3425881642-1000)
@Denied: (2) (LocalSystem)
"Progid"="Applications\\xnview.exe"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.jpk"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.jpx"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.kdc"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.lbm"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.mef"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.mos"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.mrw"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.nef"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.nrw"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.orf"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pbm"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pbr"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pcd"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pct"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pcx"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pef"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pgm"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pic"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pict"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pix"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.png"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.ppm"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.psd"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.psp"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pspbrush"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pspimage"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.raf"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.ras"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.raw"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.rgb"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.rgba"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.rle"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.rsb"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.rw2"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.rwl"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.sgi"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.sr2"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.srf"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.tga"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.thm"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.tif"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.tiff"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.ttc"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.ttf"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.v30po"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.v30pp"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.v30ppf"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.wbm"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.wbmp"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.wmf"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.xbm"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.xif"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.xmp"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.xpm"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\SecuROM\License information*]
"datasecu"=hex:08,1b,47,6a,ef,76,e3,ae,f9,1e,3f,c6,d4,9b,b1,6e,cc,df,8b,77,e2,
ae,c2,35,83,d6,cb,92,82,1e,92,b3,34,d6,57,c6,27,bd,ba,77,b5,eb,a4,16,03,e1,\
"rkeysecu"=hex:b8,ae,fc,b0,2f,8d,cd,33,03,3f,77,37,2a,69,58,b4
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-01-07 15:30:26
ComboFix-quarantined-files.txt 2012-01-07 14:30
.
Pre-Run: 65,816,547,328 bytes free
Post-Run: 66,251,051,008 bytes free
.
- - End Of File - - 96EFB1EA4A6CD1ED0B5627BD393CFF69


*******************************************************************************

DSS

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_30
Run by User at 16:26:38 on 2012-01-07
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3326.2001 [GMT 1:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
G:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
mStart Page = hxxp://home.sweetim.com
uURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {eee6c35d-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgHelper.dll
BHO: Complitly: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - c:\users\user\appdata\roaming\complitly\Complitly.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SweetIM Toolbar Helper: {eee6c35c-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
BHO: GretechBHO Class: {f0181c6e-9218-4792-9f3c-e8df52b2f1ac} - c:\program files\gretech\gompicker\GomPickerBHO.dll
TB: SweetIM Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: Search the Web - c:\program files\sweetim\toolbars\internet explorer\resources\menuext.html
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: Interfaces\{C67570C3-AAA9-4241-BE44-2BB7C2CDB677} : NameServer = 10.10.2.69,10.10.2.79
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: c:\progra~1\wi3c8a~1\datamngr\datamngr.dll c:\progra~1\wi3c8a~1\datamngr\IEBHO.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\zqpgwt7a.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q=
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.50401.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\user\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-7-11 229840]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-7-15 218688]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-9-12 5265248]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-1-4 652872]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2011-1-20 378984]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-7-11 16720]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-1-4 20464]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-7-14 122984]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-8-7 136176]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-8-7 136176]
.
=============== Created Last 30 ================
.
2012-01-07 15:12:50 -------- d-----w- C:\COMBOFIX
2012-01-07 14:30:29 -------- d-sh--w- C:\$RECYCLE.BIN
2012-01-07 14:20:56 -------- d-----w- c:\users\user\appdata\local\temp
2012-01-07 14:15:16 98816 ----a-w- c:\windows\sed.exe
2012-01-07 14:15:16 518144 ----a-w- c:\windows\SWREG.exe
2012-01-07 14:15:16 256000 ----a-w- c:\windows\PEV.exe
2012-01-07 14:15:16 208896 ----a-w- c:\windows\MBR.exe
2012-01-05 06:31:44 -------- d-----w- c:\programdata\Pinnacle VideoSpin
2012-01-05 06:27:46 -------- d-----w- c:\programdata\VideoSpin
2012-01-05 06:27:46 -------- d-----w- c:\program files\Pinnacle
2012-01-05 06:27:46 -------- d-----w- c:\program files\common files\Yahoo!
2012-01-04 22:52:27 -------- d-----w- c:\users\user\appdata\roaming\AquaSoft
2012-01-04 22:42:50 -------- d-----w- c:\users\user\appdata\local\{19196881-3641-4E38-AD32-72AD437D6ABC}
2012-01-04 22:41:18 -------- d-----w- c:\program files\Movie Maker 2.6
2012-01-04 12:39:36 -------- d-----w- c:\users\user\appdata\roaming\Malwarebytes
2012-01-04 12:39:34 -------- d-----w- c:\programdata\Malwarebytes
2012-01-04 12:39:33 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-04 12:39:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-03 17:33:28 476904 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-12-22 18:34:11 286720 ------w- c:\windows\Setup1.exe
2011-12-22 18:34:10 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-12-20 19:09:53 -------- d-----w- c:\users\user\appdata\local\Facebook
2011-12-19 15:06:41 -------- d-----w- c:\users\user\appdata\local\{EBDCB9B3-AB98-41CC-AD38-ADE1069506EF}
2011-12-11 16:50:35 69632 ----a-w- c:\windows\system32\MobOlExt.dll
2011-12-11 10:07:55 765952 ----a-w- c:\windows\system32\msvcp71d.dll
2011-12-11 10:07:55 544768 ----a-w- c:\windows\system32\msvcr71d.dll
2011-12-11 10:07:55 -------- d-----w- c:\program files\Alcatel PC Suite
.
==================== Find3M ====================
.
2012-01-07 10:21:59 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-01-07 10:21:50 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-01-07 10:21:50 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-12-06 06:06:45 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-23 18:00:00 74752 ----a-w- c:\windows\system32\ff_vfw.dll
2011-11-10 04:54:13 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-20 15:37:45 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
.
============= FINISH: 16:26:53.42 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume3
Install Date: 7/15/2011 12:57:38 AM
System Uptime: 1/7/2012 3:05:32 PM (1 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | M52LT-D3
Processor: AMD Athlon(tm) II X2 250 Processor | Socket M2 | 3000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 98 GiB total, 61.646 GiB free.
D: is FIXED (NTFS) - 368 GiB total, 172.994 GiB free.
E: is CDROM (CDFS)
F: is CDROM ()
G: is FIXED (NTFS) - 10 GiB total, 1.771 GiB free.
H: is FIXED (NTFS) - 27 GiB total, 9.175 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP137: 1/3/2012 6:32:43 PM - Installed Java(TM) 6 Update 30
RP138: 1/4/2012 11:40:41 PM - Removed Windows Movie Maker 2.6
RP139: 1/4/2012 11:41:11 PM - Installed Windows Movie Maker 2.6
RP140: 1/5/2012 7:27:17 AM - Installed Pinnacle VideoSpin.
RP141: 1/7/2012 3:15:22 PM - ComboFix created restore point
.
==== Installed Programs ======================
.
µTorrent
7-Zip 9.20
ACDSee Pro 3
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.0)
Ahead.Nero v9.4.13.2
AIMP2
ALCATEL PC Suite V6.3.28
ASUS nVidia Driver
AVG 2012
Call of Duty
Call of Duty Modern Warfare 2
Call of Duty(R) - World at War(TM)
Call of Duty(R) 4 - Modern Warfare(TM)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
Call of Duty: Black Ops
Complitly
Core FTP LE
CoreAAC
D3DX10
DAEMON Tools Lite
Facebook Video Calling 1.0.0.8953
FileZilla Client 3.5.2
FormatFactory
Gadwin PrintScreen
GOM PICKER
GOM Player
Google Chrome
Google Earth
Google Update Helper
James Bond 007(TM) - Blood Stone
Java Auto Updater
Java(TM) 6 Update 30
K-Lite Mega Codec Pack 8.0.0
Malwarebytes Anti-Malware verzija 1.60.0.1800
Medal of Honor (TM)
Men of War (Remove Only)
Men of War: Assault Squad (Remove Only)
Microsoft Application Error Reporting
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox 8.0.1 (x86 en-US)
Mozilla Thunderbird (3.1.6)
MPEG2 Codec(libmpeg2/mad)
MSVCRT
Need for Speed™ Most Wanted
Nokia Connectivity Cable Driver
NVIDIA 3D Vision Controller Driver
NVIDIA 3D Vision Controller Driver 266.77
NVIDIA 3D Vision Driver 266.77
NVIDIA Control Panel 266.77
NVIDIA Drivers
NVIDIA Graphics Driver 266.77
NVIDIA HD Audio Driver 1.1.13.1
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.10.0514
NVIDIA Stereoscopic 3D Driver
Pinnacle VideoSpin
PunkBuster Services
Qtracker
Realtek High Definition Audio Driver
Skype™ 5.1
SpeedFan (remove only)
SweetIM for Messenger 3.6
SweetIM Toolbar for Internet Explorer 4.2
Take Screenshot 1.0
The KMPlayer (remove only)
Total Commander (Remove or Repair)
Ubisoft Game Launcher
Update 1.11.3.0 for "Men of War"
Windows iLivid Toolbar
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Movie Maker 2.6
Windows XP Mode
WinRAR archiver
World of Tanks v.0.6.5
Yahoo! Detect
.
==== Event Viewer Messages From Past Week ========
.
1/7/2012 3:29:00 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
1/7/2012 2:53:17 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WerSvc service.
1/7/2012 2:51:26 PM, Error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
1/6/2012 7:51:53 PM, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.
1/6/2012 11:26:02 PM, Error: Service Control Manager [7038] - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
1/6/2012 11:26:02 PM, Error: Service Control Manager [7000] - The UPnP Device Host service failed to start due to the following error: The service did not start due to a logon failure.
1/6/2012 11:26:02 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
.
==== End Of File ===========================


********************************************************************************

Gmer -

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

Poslao: 07 Jan 2012 20:04
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow

ComboFix nije dijagnostički alat poput onih iz upustva i nepravilnim rukovanjem istim, možeš oštetiti sitem. Ubuduće, ne pokreći ComboFix na svoju ruku.



Arrow Korak 1

Klikni na Start i u Search polje kopiraj sljedeći tekst:

notepad "C:\QooBox\Quarantine\H\autorun.inf.vir"

Kopiraj tekst koji će ti se otvoriti u Notepad-u u poruku.



Arrow Korak 2

Idi u Control Panel -> Programs and Features i deinstaliraj sljedeće programe:

SweetIM
Windows iLivid Toolbar

Potrebno je da deinstaliraš AVG jer može ometati rad ComboFix-a. Deinstalacija se mora obaviti isključivo kroz Control Panel -> Programs and Features aplet.

Reći ću ti kada ćeš ga moći opet instalirati.



Arrow Korak 3

Otvoriti Notepad i iskopirati sledeći tekst:

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=""

Folder::
C:\Program Files\Windows iLivid Toolbar

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)


Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledećoj poruci log koji bude bio napravljen na kraju čišćenja/skeniranja.




MyCity AMF tim

Poslao: 07 Jan 2012 22:40
Idi na vrh
offline
  • RJ 
  • SuperModerator
  • Supermoderator vojnih foruma
  • Gavrilo Milentijević
  • Komandir stanice milicije Gornje Polje
  • Pridružio: 12 Feb 2005
  • Poruke: 9506
  • Gde živiš: ovalni kabinet

Prijatelju, možda ćeš me kudiš, možda ne, nisam deinstalirao AVG jer sam sa prethodnom verzijom imao gadnih problema koje ne želim ponovo iznova da ponavljam - zato sam ga disejblovao po uputama iz ambulante.
Pri radu ComboFix-a, dobijao sam par obaveštenja o nekim trojancima - uz sve to na kraju pred log fajl sa ComboFix-a dobio sam ovo....



o čemu se ovde radi ?

******************************************************************************

inače odradio sam sve kako si napisao.....


Korak 1. - u Notepadu dobio sam sledeće:

[autorun]
open=Autorun.exe
Icon=fifawcpc.ico
Name=2006 FIFA World Cup Demo

[Special]
Disk=1
ProductGuiID={DCB1FFA9-0652-4FE0-00B2-4780507B17B2}


Korak 2. - Deinstalirano navedeno.

Korak 3. - Napravljen fajl CFScript, prebačen u ComboFix - dobijeno sledeće-

ComboFix 12-01-06.03 - User 01/07/2012 22:25:14.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3326.2040 [GMT 1:00]
Running from: c:\users\User\Desktop\ComboFix.exe
Command switches used :: c:\users\User\Desktop\CFScript.txt
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Windows iLivid Toolbar
c:\program files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll
c:\program files\Windows iLivid Toolbar\Datamngr\datamngr.dll
c:\program files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
c:\program files\Windows iLivid Toolbar\Datamngr\DnsBHO.dll
c:\program files\Windows iLivid Toolbar\Datamngr\FirefoxExtension\chrome.manifest
c:\program files\Windows iLivid Toolbar\Datamngr\FirefoxExtension\chrome.manifest.alt
c:\program files\Windows iLivid Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlp.xpt
c:\program files\Windows iLivid Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF3.dll
c:\program files\Windows iLivid Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF4.dll
c:\program files\Windows iLivid Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF5.dll
c:\program files\Windows iLivid Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF6.dll
c:\program files\Windows iLivid Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF7.dll
c:\program files\Windows iLivid Toolbar\Datamngr\FirefoxExtension\content\DataMngr.js
c:\program files\Windows iLivid Toolbar\Datamngr\FirefoxExtension\content\DnsBHO.js
c:\program files\Windows iLivid Toolbar\Datamngr\FirefoxExtension\content\Error404BHO.js
c:\program files\Windows iLivid Toolbar\Datamngr\FirefoxExtension\content\NewTabBHO.js
c:\program files\Windows iLivid Toolbar\Datamngr\FirefoxExtension\content\overlay.js
c:\program files\Windows iLivid Toolbar\Datamngr\FirefoxExtension\content\overlay.xul
c:\program files\Windows iLivid Toolbar\Datamngr\FirefoxExtension\content\RelatedSearch.js
c:\program files\Windows iLivid Toolbar\Datamngr\FirefoxExtension\content\SearchBHO.js
c:\program files\Windows iLivid Toolbar\Datamngr\FirefoxExtension\content\SettingManager.js
c:\program files\Windows iLivid Toolbar\Datamngr\FirefoxExtension\content\Settings.xml
c:\program files\Windows iLivid Toolbar\Datamngr\FirefoxExtension\content\Settings.xml.alt
c:\program files\Windows iLivid Toolbar\Datamngr\FirefoxExtension\install.rdf
c:\program files\Windows iLivid Toolbar\Datamngr\FirefoxExtension\install.rdf.alt
c:\program files\Windows iLivid Toolbar\Datamngr\IEBHO.dll
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\as_guid.dat
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\bandoocode.js
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\data\search\engines.xml
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\data\search\search.xsl
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\lib\about.xml
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\lib\bandoocode.js
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpanel.xul
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpaneltransparent.xul
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxtransparentwin.xul
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxwin.xul
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\lib\external.js
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\lib\imeshcode.js
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\lib\neterror.xhtml
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\lib\vmncode.js
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\lib\wmpstreamer.html
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\modules\datastore.jsm
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\modules\nsDragAndDrop.js
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\neterror.xhtml
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\partner.coupons.xml
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\preferences.xml
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\radiobeta.js
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\template.xml
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\toolbar.htm
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\toolbar.xul
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\vmncode.js
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\vmnrsswin.xml
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\tb_icon.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.js
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.xml
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget_version
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\babylon_logo.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\bandoo.css
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\bluelite.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\bluesky.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\btn-search-over.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\btn-search.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\btn-settings-over.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\btn-settings.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\btn-widgets-over.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\btn-widgets.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\btn_settings.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\ca.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\dictionary.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\divider.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\downloadcom.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\dtxlogo.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\ebay.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\email.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\email_on.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\facebook.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\games.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\graphred0.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\graphred0_5.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\graphred1.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\graphred1_5.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\graphred2.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\graphred2_5.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\graphred3.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\graphred3_5.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\graphred4.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\graphred4_5.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\graphred5.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\graphredna.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\grey.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\ico-shield.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\icon_amazon.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\icon_games.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\icon_radio_png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\icon_seperator_png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\icon_twitter.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\icon_youtube.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\images.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\imesh.css
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\add.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\aol.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-right-disabled.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-right.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-up.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-divider.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-divider.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\blank.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets-over.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn_slider.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-vista.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnright-vista.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\checkmark.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\chevron.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\collapse.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\comcast.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\dtx.css
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\edit-back.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\expand.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\found.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\gmail.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_blue.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_lime.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\hotmail.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\ico-check.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\imap.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\loadingMid.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\lock.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\logo-separator.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\mailcom.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_white.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-down-vista.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-vista.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\modify.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\move.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\movetarget.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\panels.css
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupAbout.css
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupGames.css
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupRSS.css
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css\dialog.css
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\bg.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-search.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close-over.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\default.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-l.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-r.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-l.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-r.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\transparent.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-left.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-mdl.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-right.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-left.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-mdl.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right-resize.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-left.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-right.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\main.html
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts\defscript.js
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\footer.htm
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gamecategory.xsl
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameData.js
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameList.xsl
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\games.xsl
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gametype.xsl
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-dn.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-up.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-right.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-back.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-drag.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl-over.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-moredetails.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left-over.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-right-over.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left-over.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bullet-orange.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-dollar.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-download.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-news24.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-play.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-tags.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Add.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-download.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Info.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-play.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-shop.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\initHTML.html
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupGames.html
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupHTML.html
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupRSS.html
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\scroll.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\pop.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css\manager.css
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css\slider.css
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-radio.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\music-note.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-buffer.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slider.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slideron.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\track.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\managerpanel.html
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\volumeslider.html
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-buffering.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-connecting.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-playing.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-stopped.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta.ico
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\reload.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\remove.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\rename.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\resize-box.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\rss.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\rsschannelback.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\RSSLogo.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\rsstabdivider.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\scroll-left.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\scroll-right.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\search-go.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\search.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\text-ellipsis.xml
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\throbber.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\toolbarsplitter.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\transparent_1px.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_02.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_03.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_04.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_06.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_07.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_08.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_09.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_10.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_11.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_12.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_13.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_15.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_16.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_18.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_19.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_20.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_21.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-hot.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-normal.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\loadingMid.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\proxy.html
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.html
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.xml
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\templateFF.html
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\throbber.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-t.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\yahoo.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lichen.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\logo-about.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\logo-over.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\logo-separator.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\logo.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\mail.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\maps.bmp
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\menuseparatorback.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\modify-save.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\modify.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\modifyhot.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\music.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\news.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\options\options-main.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\options\options-search.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\options\options-weather.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\options\options-weather.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\options\options-widgets.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\orange.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\pixsy.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\protect-id.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-buffering.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-connecting.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-playing.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-stopped.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta.ico
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\relatedlinks.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\rss-collapse.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\rss-delete.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\rss-expand.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\rss-feed.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder-remove.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder-rename.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\rss-found.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\rss-reload.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\rss-subscribe.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\rss.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\rssback.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\rsstopback.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\search-over.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\search.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\search_button_over_png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\search_button_png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-left.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-right.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\settings.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\shopping.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\siteinfo.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\skin-bluelite.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\skin-bluesky.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\skin-grey.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\skin-lichen.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\skin-orange.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\skin-yellow.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\skin.xml
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\technorati.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\throbber.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\toolbarsplitter.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\translate.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\video.bmp
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\vmn.css
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\vmn.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\weather.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\web.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\widgets-square-16px.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\wikipedia.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\yahoosearch.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\yellow.gif
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\youtube.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\zoom.png
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\components\windowmediator.js
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\manifest.xml
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\searchquband.dll
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll
c:\program files\Windows iLivid Toolbar\Datamngr\ToolBar\uninstall.exe
c:\program files\Windows iLivid Toolbar\sysid.ini
c:\program files\Windows iLivid Toolbar\uninstall.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-12-07 to 2012-01-07 )))))))))))))))))))))))))))))))
.
.
2012-01-07 21:30 . 2012-01-07 21:30 -------- d-----w- c:\users\User\AppData\Local\temp
2012-01-07 21:30 . 2012-01-07 21:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-05 06:31 . 2012-01-05 06:31 -------- d-----w- c:\programdata\Pinnacle VideoSpin
2012-01-05 06:27 . 2012-01-05 06:27 -------- d-----w- c:\programdata\VideoSpin
2012-01-05 06:27 . 2012-01-05 06:27 -------- d-----w- c:\program files\Pinnacle
2012-01-05 06:27 . 2012-01-05 06:27 -------- d-----w- c:\program files\Common Files\Yahoo!
2012-01-05 06:13 . 2012-01-05 06:13 -------- d-----w- c:\programdata\Pinnacle
2012-01-04 22:52 . 2012-01-04 22:52 -------- d-----w- c:\users\User\AppData\Roaming\AquaSoft
2012-01-04 22:41 . 2012-01-04 22:41 -------- d-----w- c:\program files\Movie Maker 2.6
2012-01-04 12:39 . 2012-01-04 12:39 -------- d-----w- c:\users\User\AppData\Roaming\Malwarebytes
2012-01-04 12:39 . 2012-01-04 12:39 -------- d-----w- c:\programdata\Malwarebytes
2012-01-04 12:39 . 2012-01-04 12:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-04 12:39 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-03 17:33 . 2011-11-10 04:54 476904 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-12-22 18:34 . 2011-12-22 18:40 286720 ------w- c:\windows\Setup1.exe
2011-12-22 18:34 . 2011-12-22 18:40 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-12-20 19:09 . 2011-12-20 19:10 -------- d-----w- c:\users\User\AppData\Local\Facebook
2011-12-11 16:50 . 2005-10-31 20:28 69632 ----a-w- c:\windows\system32\MobOlExt.dll
2011-12-11 10:07 . 2011-12-13 20:10 -------- d-----w- c:\program files\Alcatel PC Suite
2011-12-11 10:07 . 2003-03-18 19:04 765952 ----a-w- c:\windows\system32\msvcp71d.dll
2011-12-11 10:07 . 2003-03-18 19:03 544768 ----a-w- c:\windows\system32\msvcr71d.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-07 19:59 . 2011-07-15 12:25 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-01-07 19:59 . 2011-07-15 12:25 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-01-07 19:59 . 2011-07-15 12:25 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-12-06 06:06 . 2011-09-26 20:39 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-23 18:00 . 2011-11-29 11:03 74752 ----a-w- c:\windows\system32\ff_vfw.dll
2011-11-10 04:54 . 2011-08-19 07:40 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-20 15:37 . 2011-07-15 12:25 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-10-16 14:19 . 2011-10-16 14:19 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2011-10-16 14:18 . 2011-10-16 14:18 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2011-10-16 13:47 . 2011-10-16 13:47 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2011-11-21 04:04 . 2011-12-07 17:39 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-07_14.29.03 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-14 22:58 . 2012-01-07 16:52 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-07-14 22:58 . 2012-01-07 14:05 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-07-14 22:58 . 2012-01-07 14:05 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-07-14 22:58 . 2012-01-07 16:52 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:41 . 2012-01-07 16:52 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:41 . 2012-01-07 14:05 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-07-15 09:06 . 2012-01-07 14:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-07-15 09:06 . 2012-01-07 16:53 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-07-15 09:06 . 2012-01-07 14:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-07-15 09:06 . 2012-01-07 16:53 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 02:03 . 2012-01-07 15:05 6553600 c:\windows\System32\SMI\Store\Machine\schema.dat
- 2009-07-14 02:03 . 2012-01-05 12:49 6553600 c:\windows\System32\SMI\Store\Machine\schema.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-30 9210400]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-09-23 2404704]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-08-07 136176]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-08-07 136176]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-10 23120]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-07-10 229840]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-07-10 295248]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-07-15 218688]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011-09-12 5265248]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-20 378984]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-10 134736]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-10 24272]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-07-10 16720]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-11-11 122984]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - KXLDAPOB
*Deregistered* - kxldapob
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-07 c:\windows\Tasks\AutoSmartDefrag.job
- g:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2011-02-17 17:08]
.
2012-01-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3641395576-2003788952-3425881642-1000Core.job
- c:\users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-20 19:09]
.
2012-01-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3641395576-2003788952-3425881642-1000UA.job
- c:\users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-20 19:09]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-07 08:13]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-07 08:13]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: Interfaces\{C67570C3-AAA9-4241-BE44-2BB7C2CDB677}: NameServer = 10.10.2.69,10.10.2.79
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zqpgwt7a.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q=
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
AddRemove-Windows Searchqu Toolbar - c:\program files\Windows iLivid Toolbar\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.032"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.abr"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.ani"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.apd"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.arw"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.bay"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.bmp"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.bw"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.cr2"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.crw"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.cs1"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.cur"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.dcr"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.dcx"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.dib"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.dng"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.emf"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.eps"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.erf"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.fff"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.fpx"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.gif"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.hdr"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.icl"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.icn"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.iff"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.ilbm"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.int"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.inta"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.iw4"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.j2c"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.j2k"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.jbr"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.jfif"
.
[HKEY_USERS\S-1-5-21-3641395576-2003788952-3425881642-1000\Software\Microsoft\Windows\CurrentVers

Poslao: 07 Jan 2012 22:53
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Napisano: 07 Jan 2012 22:52

Nažalost, AVG ostane isključen samo na petnaest minuta i stoga si trebao izbrisati. S obzirom da je log prevelik da stavne čitav u poruku. Prikači sljedeći fajl uz poruku:

C:\ComboFix.txt

Dopuna: 07 Jan 2012 22:53

Kakvo je sad stanje sistema?

Poslao: 07 Jan 2012 23:43
Idi na vrh
offline
  • RJ 
  • SuperModerator
  • Supermoderator vojnih foruma
  • Gavrilo Milentijević
  • Komandir stanice milicije Gornje Polje
  • Pridružio: 12 Feb 2005
  • Poruke: 9506
  • Gde živiš: ovalni kabinet

Ako sam te dobro razumeo, ja sam ovo kopirao u search i dobio sledeći log fajl-

https://www.mycity.rs/must-login.png

Poslao: 08 Jan 2012 02:30
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow

Deinstaliraj AVG jer ometa ComboFix u radu. Ako bude potrebno, daću ti link za download istog na kraju slučaja.

Arrow

Ponovo pokreni Combofix i postavi izvještaj.

MyCity » Ambulanta -> Arhiva Ambulante » Komp povremeno koči

Ko je trenutno na forumu
 

Ukupno su 1028 korisnika na forumu :: 57 registrovanih, 10 sakrivenih i 961 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, A.R.Chafee.Jr., aleksmajstor, Andrija357, babaroga, Ben Roj, Bojan85, bojankrstc, bojanM84, bojcistv, cavatina, ccoogg123, chichabg, darkojbn, debeli, Denaya, djboj, Dorcolac, draganca, Duh sa sekirom, dule10savic, Džordžino, goxin, JOntra, Karla, kokodakalo, Krusarac, Krvava Devetka, Kubovac, Lubica, mackenzie, mercedesamg, MiG-29M2, milimoj, minmatar34957, mnn2, mrav pesadinac, opt1, panzerwaffe, pein, Petarvu, prle122, ruso, S2M, Shinobi, slonic_tonic, Smajser, Srle993, Stoilkovic, t84dar, tmanda323, tubular, TwinHeadedEagle, vathra, Vatreni Zmaj, voja64, xpforswodniw