MyCity » Ambulanta -> Arhiva Ambulante » Mislim da imam Viruse

Mislim da imam Viruse

Napisano na dan: 29.7.2011
1

Mislim da imam Viruse
Sledeća strana Pagination

Idi na vrh

Poslao: 29 Jul 2011 16:41
Idi na vrh
offline
  • Miloš
  • Pridružio: 26 Jan 2011
  • Poruke: 1390
  • Gde živiš: Beograd, Zvezdara

Napisano: 29 Jul 2011 12:43

Ovako, pre nekoliko meseci sam brisao neke slike iz kompjutera !
Sutradan kada sam upalio kompjuter, nisu htele da mi se upale neke igrice(PES,NFS...)
Moja sestra je sedela za Kompjuterom, i skinula nesto, upao mi virus u kompjuter, ali sam ga ja brzo izbrisao ! Od tada kompjuter mi recka, dugo se pali, i kada se upali mora da se saceka 10-ak minuta da se sve stabilizuje da moze da se koristi !


.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_24
Run by lelic at 16:06:37 on 2011-07-28
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2046.931 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe
C:\Program Files\NCH Software\BroadCam\broadcam.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation
C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Users\Public\Program Files\LabF.com\nfsAxe\xsetsrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\PROGRA~1\Bandoo\Bandoo.exe
C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\dllhost.exe
C:\Windows\system32\dllhost.exe
C:\Windows\System32\msdtc.exe
C:\Program Files\My Lockbox\mylbx.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe
C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\FileServe Manager\FSStarter.exe
C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Users\lelic\AppData\Local\MediaGet2\mediaget.exe
C:\Program Files\Samsung\Samsung PC Studio 7\PCSuite.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Users\lelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Babylon\Babylon-Pro\TC\BabylonTC.exe
C:\Users\lelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\lelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\lelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\lelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\lelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Users\lelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\lelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Users\lelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = [Link mogu videti samo ulogovani korisnici]
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSoft.dll
uURLSearchHooks: H - No File
uURLSearchHooks: N/A: {00a6faf6-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\2.bin\MWSSRCAS.DLL
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
uURLSearchHooks: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - c:\program files\pagerage\prxtbPage.dll
mURLSearchHooks: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSoft.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
mURLSearchHooks: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - c:\program files\pagerage\prxtbPage.dll
mURLSearchHooks: N/A: {00a6faf6-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\2.bin\MWSSRCAS.DLL
BHO: FileServeManager: {00000001-ab3b-4334-9da2-ec6b2a02afc6} - c:\program files\fileserve manager\FileServeBHO.dll
BHO: MyWebSearch Search Assistant BHO: {00a6faf1-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\2.bin\MWSSRCAS.DLL
BHO: mwsBar BHO: {07b18ea1-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\2.bin\MWSBAR.DLL
BHO: MediaBar: {0974ba1e-64ec-11de-b2a5-e43756d89593} - c:\progra~1\bearsh~1\mediabar\toolbar\BearshareMediabarDx.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.4.31.2\bh\BabylonToolbar.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSoft.dll
BHO: UrlHelper Class: {74322bf9-df26-493f-b0da-6d2fc5e6429e} - c:\progra~1\bearsh~1\mediabar\datamngr\IEBHO.dll
BHO: Searchqu Toolbar: {7ff99715-3016-4381-84ce-e4e4c9673020} - c:\progra~1\wia6eb~1\toolbar\SearchquDx.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - c:\program files\pagerage\prxtbPage.dll
BHO: Babylon IE plugin: {9cfaccb6-2f3f-4177-94ea-0d2b72d384c1} - c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: BandooIEPlugin Class: {eb5cee80-030a-4ed8-8e20-454e9c68380f} - c:\program files\bandoo\plugins\ie\ieplugin.dll
BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\burn4free db toolbar\tbcore3.dll
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - c:\program files\yontoo layers\YontooIEClient.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSoft.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
TB: MediaBar: {0974ba1e-64ec-11de-b2a5-e43756d89593} - c:\progra~1\bearsh~1\mediabar\toolbar\BearshareMediabarDx.dll
TB: Searchqu Toolbar: {7ff99715-3016-4381-84ce-e4e4c9673020} - c:\progra~1\wia6eb~1\toolbar\SearchquDx.dll
TB: My Web Search: {07b18ea9-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\2.bin\MWSBAR.DLL
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
TB: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - c:\program files\pagerage\prxtbPage.dll
TB: Burn4Free DB Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} - c:\program files\burn4free db toolbar\tbcore3.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.4.31.2\BabylonToolbarTlbr.dll
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\2.bin\mwsoemon.exe
uRun: [Wisdom-soft AutoScreenRecorder 3.1 Pro] 0
uRun: [AdobeBridge]
uRun: [STYLEXP] c:\program files\tgtsoft\stylexp\StyleXP.exe -Hide
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Google Update] "c:\users\lelic\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
uRun: [SpeedUpMyPC] "c:\program files\uniblue\speedupmypc\launcher.exe" delay 20000
uRun: [Facebook Update] "c:\users\lelic\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [MediaGet2] c:\users\lelic\appdata\local\mediaget2\mediaget.exe --minimized
uRun: [RockMelt Update] "c:\users\lelic\appdata\local\rockmelt\update\RockMeltUpdate.exe" /c
uRun: [S60 PC Suite Tray] "c:\program files\samsung\samsung pc studio 7\PCSuite.exe" -onlytray
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [MFARestart] "c:\programdata\mfadata\pack\avgrunasx.exe" /usereg
mRun: [mylbx] c:\program files\my lockbox\mylbx.exe /a
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [DATAMNGR] c:\progra~1\bearsh~1\mediabar\datamngr\DATAMN~1.EXE
mRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\2.bin\mwsoemon.exe
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [nusbantivirus] "c:\program files\naevius usb antivirus\usbantivirus.exe" -hide
mRun: [My Web Search Bar Search Scope Monitor] "c:\progra~1\mywebs~1\bar\2.bin\m3SrchMn.exe" /m=2 /w /h
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [<NO NAME>]
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [FileServe Manager Task] "c:\program files\fileserve manager\FSStarter.exe"
mRun: [Babylon Client] c:\program files\babylon\babylon-pro\Babylon.exe -AutoStart
dRun: [Samsung.PCSync] "c:\program files\samsung\samsung pc studio 7\PcSync2.exe" /NoDialog
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download with FileServe Manager - c:\program files\fileserve manager\GetUrl.htm
IE: Free YouTube Download - c:\users\lelic\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\lelic\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: Translate this web page with Babylon - c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll/Action.htm
IE: {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - [Link mogu videti samo ulogovani korisnici]\program files\babylon\babylon-pro\utils\BabylonIEPI.dll/ActionTU.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [Link mogu videti samo ulogovani korisnici]
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici]
TCP: DhcpNameServer = 109.206.109.129 10.200.1.30 109.206.96.6
TCP: Interfaces\{1E142242-A60B-4823-86FE-A132421528A3} : DhcpNameServer = 109.206.109.129 10.200.1.30 109.206.96.6
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: c:\progra~1\bearsh~1\mediabar\datamngr\datamngr.dll c:\progra~1\bearsh~1\mediabar\datamngr\iebho.dll c:\progra~1\bandoo\bndhook.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\lelic\appdata\roaming\mozilla\firefox\profiles\rcmc0tal.default\
FF - prefs.js: browser.search.defaulturl - [Link mogu videti samo ulogovani korisnici]{searchTerms}
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici]
FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici]
FF - component: c:\program files\bearshare applications\mediabar\datamngr\firefoxextension\components\DataMngrHlp.dll
FF - component: c:\users\lelic\appdata\roaming\mozilla\firefox\profiles\rcmc0tal.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\FFExternalAlert.dll
FF - component: c:\users\lelic\appdata\roaming\mozilla\firefox\profiles\rcmc0tal.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\RadioWMPCore.dll
FF - component: c:\users\lelic\appdata\roaming\mozilla\firefox\profiles\rcmc0tal.default\extensions\dttoolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - component: c:\users\lelic\appdata\roaming\mozilla\firefox\profiles\rcmc0tal.default\extensions\firefox@bandoo.com\components\FFPlugin.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npkimi.dll
FF - plugin: c:\program files\mywebsearch\bar\2.bin\NPMYWEBS.DLL
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\lelic\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\users\lelic\appdata\local\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\users\lelic\appdata\local\rockmelt\update\1.2.189.1\npRockMeltOneClick8.dll
FF - plugin: c:\users\lelic\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\users\lelic\appdata\roaming\mozilla\plugins\np-mswmp.dll
FF - plugin: c:\users\lelic\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\lelic\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
.
============= SERVICES / DRIVERS ===============
.
R0 FSProFilter;FSPro File Filter;c:\windows\system32\drivers\FSPFltd.sys [2011-2-6 41912]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-3-28 218688]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files\hwinfo32\HWiNFO32.SYS [2011-7-28 20216]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648]
R1 MpKsl0a8c678c;MpKsl0a8c678c;c:\programdata\microsoft\microsoft antimalware\definition updates\{9d4a85ac-b993-4345-9beb-563f707f10c8}\MpKsl0a8c678c.sys [2011-7-28 28752]
R2 BroadCamService;BroadCam Video Streaming Server;c:\program files\nch software\broadcam\broadcam.exe [2010-8-23 1052676]
R2 MyWebSearchService;My Web Search Service;c:\progra~1\mywebs~1\bar\2.bin\mwssvc.exe [2011-3-29 28762]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2011-3-4 584488]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2011-1-7 378984]
R2 XwpXSetSrvnfsAxe;XwpXSetSrvnfsAxe service;c:\users\public\program files\labf.com\nfsaxe\xsetsrv.exe [2011-6-1 106496]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-8-29 278560]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\drivers\vcsvad.sys [2010-12-19 17792]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2011-7-28 23456]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-5-30 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-10-4 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-6-19 15872]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-12-1 34384]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2011-3-20 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2011-3-20 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2011-3-20 123648]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-19 52224]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2011-07-28 13:54:53 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9d4a85ac-b993-4345-9beb-563f707f10c8}\MpKsl0a8c678c.sys
2011-07-27 23:35:09 6881616 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9d4a85ac-b993-4345-9beb-563f707f10c8}\mpengine.dll
2011-07-27 23:34:32 6881616 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\updates\mpengine.dll
2011-07-27 22:53:10 -------- d-----w- c:\program files\HWiNFO32
2011-07-27 22:49:42 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2011-07-27 22:49:42 -------- d-----w- c:\users\lelic\appdata\local\eSupport.com
2011-07-27 21:37:59 -------- d-----w- c:\windows\system32\xlive
2011-07-27 21:37:53 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2011-07-27 21:36:29 19087360 ----a-w- c:\windows\system32\mkl_blueripple.dll
2011-07-27 21:36:29 1417216 ----a-w- c:\windows\system32\rapture3d_oal.dll
2011-07-27 21:36:28 -------- d-----w- c:\program files\BRS
2011-07-27 21:36:27 809496 ----a-r- c:\windows\system32\tmpFA13.tmp
2011-07-27 21:02:23 -------- d-----w- c:\programdata\Codemasters
2011-07-27 20:57:02 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-07-27 20:57:02 -------- d-----w- c:\program files\OpenAL
2011-07-27 20:57:01 805400 ----a-r- c:\windows\system32\tmpE348.tmp
2011-07-27 20:57:01 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-07-27 20:55:51 805400 ----a-r- c:\windows\system32\tmpE327.tmp
2011-07-27 11:31:30 94208 ----a-w- c:\windows\system32\RTNUninst32.dll
2011-07-27 11:31:30 80416 ----a-w- c:\windows\system32\RtNicProp32.dll
2011-07-27 00:07:46 -------- d-----w- c:\users\lelic\appdata\local\{B52863B7-F47D-4A57-87CC-F7E048062D28}
2011-07-26 14:09:44 -------- d-----w- c:\users\lelic\appdata\roaming\go
2011-07-26 14:09:36 -------- d-----w- c:\programdata\Easybits GO
2011-07-25 21:41:58 -------- d-----w- C:\Root
2011-07-25 21:35:46 -------- d-----w- c:\users\lelic\appdata\local\{AA885B3D-EE2B-4635-88F0-8FADA8EC5F1D}
2011-07-25 17:48:36 -------- d-----w- C:\Fraps
2011-07-25 09:42:32 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-25 09:42:26 -------- d-----w- c:\programdata\McAfee Security Scan
2011-07-25 09:42:16 -------- d-----w- c:\program files\McAfee Security Scan
2011-07-25 06:20:34 -------- d-----w- c:\users\lelic\appdata\local\RockMelt
2011-07-24 21:21:33 -------- d-----w- c:\users\lelic\appdata\local\{3AF709BE-EA1E-49D9-B022-EFB5AB35F59D}
2011-07-23 08:58:16 -------- d-----w- c:\users\lelic\appdata\local\{8C18134C-3B10-481F-A20B-1FB6861F9B94}
2011-07-22 20:14:36 -------- d-----w- c:\users\lelic\appdata\local\{D6E4172D-2738-4079-93B9-E089CA1223CE}
2011-07-22 08:58:35 -------- d-----w- c:\users\lelic\appdata\local\Babylon
2011-07-22 08:52:44 -------- d-----w- c:\program files\FontTwister
2011-07-22 08:49:57 143360 ----a-w- c:\program files\mozilla firefox\BabyFox.dll
2011-07-22 08:49:54 -------- d-----w- c:\program files\Babylon
2011-07-22 08:49:31 -------- d-----w- c:\program files\BabylonToolbar
2011-07-22 08:49:14 -------- d-----w- c:\programdata\Babylon
2011-07-22 08:49:13 -------- d-----w- c:\users\lelic\appdata\roaming\Babylon
2011-07-22 08:48:59 -------- d-----w- c:\users\lelic\appdata\roaming\Media Get LLC
2011-07-22 08:48:59 -------- d-----w- c:\users\lelic\appdata\local\Media Get LLC
2011-07-22 08:48:59 -------- d-----w- c:\programdata\Media Get LLC
2011-07-22 08:48:48 -------- d-----w- c:\users\lelic\appdata\local\MediaGet2
2011-07-22 08:14:23 -------- d-----w- c:\users\lelic\appdata\local\{74C42F64-9EE8-4C86-9C5A-D33984F3636E}
2011-07-21 15:02:40 -------- d-----w- c:\users\lelic\appdata\roaming\eM Client
2011-07-21 15:02:04 -------- d-----w- c:\program files\eM Client
2011-07-21 12:53:06 -------- d-----w- c:\users\lelic\appdata\local\{21A7167D-DB5C-4B50-B0C3-A841FFBCA27D}
2011-07-20 18:31:11 -------- d-----w- c:\users\lelic\appdata\local\{232B6DBC-57C7-4897-B71B-B8267263CC3B}
2011-07-20 06:30:45 -------- d-----w- c:\users\lelic\appdata\local\{28146CD1-9FDC-45F4-87D8-909887A47595}
2011-07-19 08:03:22 -------- d-----w- c:\users\lelic\appdata\local\{300E6ABF-EAB1-4ABF-9B47-E995C5876747}
2011-07-18 06:24:53 -------- d-----w- c:\users\lelic\appdata\local\{0C527B87-69DC-47E9-BCF6-B24095385E95}
2011-07-17 11:51:09 -------- d-----w- c:\programdata\966
2011-07-17 08:00:36 -------- d-----w- c:\users\lelic\appdata\local\{4ED12814-E202-4CF8-A0E5-2CFD825F3462}
2011-07-15 23:09:20 -------- d-----w- c:\users\lelic\appdata\local\{860C77E6-3696-4A83-B8CB-A6E489837E6B}
2011-07-15 14:16:07 59392 ----a-w- c:\programdata\microsoft\microsoft antimalware\localcopy\{F091BF39-25E5-4974-AC59-787BE63C0224}-The.Karate.Kid.2010.DVDRip.XviD-DUBBY-[www.SceneTime.exe
2011-07-15 14:16:07 59392 ----a-w- c:\programdata\microsoft\microsoft antimalware\localcopy\{C7138058-B80B-4B88-B24A-691C56BB96F2}-Sample.exe
2011-07-15 14:16:07 59392 ----a-w- c:\programdata\microsoft\microsoft antimalware\localcopy\{039D07D0-D93B-4560-89F1-9FB03184FF23}-The Bank Job (2008-).exe
2011-07-15 14:16:06 59392 ----a-w- c:\programdata\microsoft\microsoft antimalware\localcopy\{EA2644FB-F209-4132-BB7F-1AAA857EB4A7}-London.2005.DVDRip.exe
2011-07-15 14:16:05 59392 ----a-w- c:\programdata\microsoft\microsoft antimalware\localcopy\{BC655A12-5D3C-43B4-8BA3-1B17CAC02BF1}-Data Pro.exe
2011-07-15 14:16:05 59392 ----a-w- c:\programdata\microsoft\microsoft antimalware\localcopy\{5917C247-4DC9-4AE8-A7FE-5AFEE6DBFB5D}-Death Race 2 2010 DVDRip -[CyberPiraten].exe
2011-07-15 14:11:45 59392 ----a-w- c:\programdata\microsoft\microsoft antimalware\localcopy\{E0249A1C-403D-4746-BAA0-66056061012F}-The.Karate.Kid.2010.DVDRip.XviD-DUBBY-[www.SceneTime.exe
2011-07-15 14:11:43 59392 ----a-w- c:\programdata\microsoft\microsoft antimalware\localcopy\{71FE819B-D226-40D4-80AF-12C1AA078DCA}-Data Pro.exe
2011-07-15 12:27:51 -------- d-----w- c:\users\lelic\appdata\local\{3F500096-F599-4A1E-9E6E-E7F606383AD6}
2011-07-15 08:20:01 -------- d-----w- c:\users\lelic\appdata\local\{8DCFAD3C-3791-45F3-AC28-3995C82DAE81}
2011-07-14 14:29:39 -------- d-----w- c:\users\lelic\appdata\roaming\PunkBuster
2011-07-14 09:04:17 -------- d-----w- c:\users\lelic\appdata\local\{E6A0B950-8CAE-4F8E-9C95-47099A339B71}
2011-07-13 16:49:23 88 --sh--r- c:\programdata\155CE64ECF.sys
2011-07-13 16:49:23 2516 --sha-w- c:\programdata\KGyGaAvL.sys
2011-07-13 16:49:20 -------- d-----w- c:\users\lelic\Corel
2011-07-13 16:47:36 -------- d-----w- c:\program files\common files\Protexis
2011-07-13 16:46:31 -------- d-----w- c:\programdata\Corel
2011-07-13 16:46:31 -------- d-----w- c:\program files\Corel
2011-07-13 12:40:19 2334208 ----a-w- c:\windows\system32\win32k.sys
2011-07-13 07:25:52 -------- d-----w- c:\users\lelic\appdata\local\{4807E479-4CD7-42EC-B818-6AE15B79A8B0}
2011-07-12 07:16:26 -------- d-----w- c:\users\lelic\appdata\local\{DAFC0953-18F6-416A-B132-A20863B79B71}
2011-07-10 13:49:44 -------- d-----w- c:\users\lelic\appdata\local\Minibar
2011-07-10 13:49:39 -------- d-----w- c:\program files\Burn4Free DB Toolbar
2011-07-10 13:49:22 -------- d-----w- c:\program files\b4ficons
2011-07-10 13:49:18 -------- d-----w- c:\program files\Burn4Free
2011-07-10 06:43:58 -------- d-----w- c:\users\lelic\appdata\local\{D603675C-0DAD-4940-9D42-5FB380EBCC02}
2011-07-08 18:31:18 -------- d-----w- c:\users\lelic\appdata\local\{3F270756-4572-4576-BF1C-BCAE02CFE500}
2011-07-08 06:30:53 -------- d-----w- c:\users\lelic\appdata\local\{87EBD50C-BD94-4A55-8964-37F59958E7AF}
2011-07-07 18:32:20 -------- d-----w- c:\users\lelic\appdata\local\Facebook
2011-07-07 10:58:35 -------- d-----w- c:\users\lelic\appdata\local\{7B66A2B0-B3FA-4150-A3DB-24A9C90BF510}
2011-07-06 21:30:46 -------- d-----w- C:\finalburner
2011-07-06 17:08:00 -------- d-----w- c:\users\lelic\appdata\local\{FB47F6A4-1542-4A88-8A33-4741E1EE1A8E}
2011-07-05 22:15:25 -------- d-----w- c:\users\lelic\appdata\local\{50223880-EFD0-4B42-ADE9-77F8832B3204}
2011-07-05 20:09:53 -------- d-----w- C:\Downloads
2011-07-05 20:09:41 -------- d-----w- c:\users\lelic\appdata\local\FileServe Manager
2011-07-05 20:09:15 -------- d-----w- c:\programdata\FileServe Limited
2011-07-05 20:09:15 -------- d-----w- c:\program files\FileServe Manager
2011-07-05 14:44:01 -------- d-----w- c:\programdata\KONAMI
2011-07-05 14:44:01 -------- d-----w- c:\program files\KONAMI
2011-07-05 10:57:51 -------- d-----w- c:\users\lelic\appdata\roaming\Rovio
2011-07-05 10:57:38 -------- d-----w- c:\program files\Rovio
2011-07-05 07:18:18 -------- d-----w- c:\users\lelic\appdata\local\{8DF654BA-07BE-48BE-9C52-3B00C6A00569}
2011-07-04 23:06:44 59392 ----a-w- c:\programdata\microsoft\microsoft antimalware\localcopy\{0EAA3839-A398-4CDE-8F40-E72868969845}-Data Computer Comp.exe
2011-07-04 23:02:32 59392 ----a-w- c:\programdata\microsoft\microsoft antimalware\localcopy\{8C2F7EBB-92E8-4D13-B85F-40F05D35DE42}-Data Computer Comp.exe
2011-07-04 10:54:16 -------- d-----w- c:\users\lelic\appdata\local\{D73C4578-F8AA-411F-B0C2-13D7DE8E0534}
2011-07-03 08:08:53 -------- d-----w- c:\users\lelic\appdata\local\{C6131506-E973-478B-896C-587C83C404E8}
2011-07-02 09:35:49 -------- d-----w- c:\windows\Profiles
2011-07-02 09:05:43 -------- d-----w- c:\users\lelic\appdata\roaming\URSoft
2011-07-02 07:30:15 -------- d-----w- c:\users\lelic\appdata\local\{226D33B5-EDC5-4B6B-94DF-D7D7A188BD99}
2011-06-30 21:05:20 -------- d-----w- c:\users\lelic\appdata\local\{554493AA-5E6D-4A14-B9B3-B5BDF2DC9BC9}
2011-06-30 19:53:38 -------- d-----w- c:\users\lelic\appdata\roaming\Multimedia Player
2011-06-30 07:25:04 -------- d-----w- c:\users\lelic\appdata\local\{6307772A-5C0C-4C79-9725-B387762B1C8B}
2011-06-29 18:24:14 -------- d-----w- c:\users\lelic\appdata\local\{035DF25A-3468-4B95-9178-1D25CA6DA3C5}
2011-06-29 06:41:43 -------- d-----w- c:\users\lelic\appdata\local\{7CA1455F-3D0C-4592-B900-68D8FA9064E5}
2011-06-29 06:40:49 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 06:40:46 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 06:40:46 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 06:40:46 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-29 06:40:46 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 06:40:46 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 06:40:45 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-29 06:40:45 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 06:40:45 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-29 06:40:45 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-28 14:24:04 -------- d-----w- c:\program files\Softick
2011-06-28 14:07:45 -------- d-----w- c:\program files\common files\PCSuite
.
==================== Find3M ====================
.
2011-07-14 14:29:46 189248 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-07-14 14:29:44 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-06-22 17:45:59 16608 ----a-w- c:\windows\gdrv.sys
2011-06-19 16:35:47 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-06-03 06:01:04 169984 ----a-w- c:\windows\system32\winsrv.dll
2011-06-03 05:59:23 290816 ----a-w- c:\windows\system32\KernelBase.dll
2011-06-03 05:56:57 271872 ----a-w- c:\windows\system32\conhost.exe
2011-06-03 03:48:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-06-03 03:48:31 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-06-03 03:48:31 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-06-03 03:48:31 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-05-28 12:56:24 65536 ----a-w- c:\windows\system32\frapsvid.dll
2011-05-28 02:53:58 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-03 04:30:02 741376 ----a-w- c:\windows\system32\inetcomm.dll
.
============= FINISH: 16:08:13.16 ===============

[Link mogu videti samo ulogovani korisnici]


[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

Hvala Unapred !

Dopuna: 29 Jul 2011 16:41

Moze neko da pomogne Shocked



Poslao: 29 Jul 2011 18:03
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Pozdrav.

Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.



Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix;
u prozoru koji se otvori klikni "I Agree".
U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.

Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.



Poslao: 29 Jul 2011 23:01
Idi na vrh
offline
  • Miloš
  • Pridružio: 26 Jan 2011
  • Poruke: 1390
  • Gde živiš: Beograd, Zvezdara

ComboFix 11-07-29.03 - lelic 07/29/2011 22:40:34.3.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2046.951 [GMT 2:00]
Running from: c:\users\lelic\Documents\Desktop\Provera malwer-a\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\progra~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
c:\program files\Burn4Free DB Toolbar\tbHElper.dll
c:\program files\FunWebProducts
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR
c:\program files\MyWebSearch\bar\1.bin\M3FFTBPR.DLL
c:\program files\MyWebSearch\bar\1.bin\M3PATCH.DLL
c:\program files\MyWebSearch\bar\2.bin\CHROME.MANIFEST
c:\program files\MyWebSearch\bar\2.bin\chrome\M3FFXTBR.JAR
c:\program files\MyWebSearch\bar\2.bin\F3BKGERR.JPG
c:\program files\MyWebSearch\bar\2.bin\F3CJPEG.DLL
c:\program files\MyWebSearch\bar\2.bin\F3DTACTL.DLL
c:\program files\MyWebSearch\bar\2.bin\F3HISTSW.DLL
c:\program files\MyWebSearch\bar\2.bin\F3HKSTUB.DLL
c:\program files\MyWebSearch\bar\2.bin\F3HTmlmu.dll
c:\program files\MyWebSearch\bar\2.bin\F3HTTPCT.DLL
c:\program files\MyWebSearch\bar\2.bin\F3IMSTUB.DLL
c:\program files\MyWebSearch\bar\2.bin\F3POPSWT.DLL
c:\program files\MyWebSearch\bar\2.bin\F3PSSAVR.SCR
c:\program files\MyWebSearch\bar\2.bin\F3REGHK.DLL
c:\program files\MyWebSearch\bar\2.bin\F3REPROX.DLL
c:\program files\MyWebSearch\bar\2.bin\F3RESTUB.DLL
c:\program files\MyWebSearch\bar\2.bin\F3SCHMON.EXE
c:\program files\MyWebSearch\bar\2.bin\F3SCRCTR.DLL
c:\program files\MyWebSearch\bar\2.bin\F3SPACER.WMV
c:\program files\MyWebSearch\bar\2.bin\F3WALLPP.DAT
c:\program files\MyWebSearch\bar\2.bin\F3WPHOOK.DLL
c:\program files\MyWebSearch\bar\2.bin\FWPBUDDY.PNG
c:\program files\MyWebSearch\bar\2.bin\INSTALL.RDF
c:\program files\MyWebSearch\bar\2.bin\M3AUXSTB.DLL
c:\program files\MyWebSearch\bar\2.bin\M3DLGHK.DLL
c:\program files\MyWebSearch\bar\2.bin\M3HIGHIN.EXE
c:\program files\MyWebSearch\bar\2.bin\M3HTml.dll
c:\program files\MyWebSearch\bar\2.bin\M3IDLE.DLL
c:\program files\MyWebSearch\bar\2.bin\M3IMPIPE.EXE
c:\program files\MyWebSearch\bar\2.bin\M3MEDINT.EXE
c:\program files\MyWebSearch\bar\2.bin\M3MSg.dll
c:\program files\MyWebSearch\bar\2.bin\M3OUtlcn.dll
c:\program files\MyWebSearch\bar\2.bin\M3PLUGIN.DLL
c:\program files\MyWebSearch\bar\2.bin\M3SKIN.DLL
c:\program files\MyWebSearch\bar\2.bin\M3SKPLAY.EXE
c:\program files\MyWebSearch\bar\2.bin\M3SLSRCH.EXE
c:\program files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE
c:\program files\MyWebSearch\bar\2.bin\M3TPINST.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSBAR.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSMLBTN.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
c:\program files\MyWebSearch\bar\2.bin\MWSOEPLG.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSSVC.EXE
c:\program files\MyWebSearch\bar\2.bin\MWSUABTN.DLL
c:\program files\MyWebSearch\bar\2.bin\NPMYWEBS.DLL
c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files\MyWebSearch\bar\Game\CHESS.F3S
c:\program files\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files\MyWebSearch\bar\icons\CM.ICO
c:\program files\MyWebSearch\bar\icons\MFC.ICO
c:\program files\MyWebSearch\bar\icons\PSS.ICO
c:\program files\MyWebSearch\bar\icons\SMILEY.ICO
c:\program files\MyWebSearch\bar\icons\WB.ICO
c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO
c:\program files\MyWebSearch\bar\Message\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\program files\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S
c:\program files\MyWebSearch\bar\Overlay\COMMON.F3S
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\program files\Windows Searchqu Toolbar
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\.#searchqutb.js.1.3
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\data\search\engines.xml
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\data\search\search.xsl
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\about.xml
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\dtxwin.xul
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\external.js
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\neterror.xhtml
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\wmpstreamer.html
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\modules\datastore.jsm
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\preferences.xml
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\searchqutb.js
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\toolbar.htm
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\toolbar.xul
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-mdl.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tl.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tr.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-dragresize.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-down.PNG
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-over.PNG
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-down.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-over.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-down.PNG
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-over.PNG
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize.PNG
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next-off.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous-off.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\navico-home.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\panel.html
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\powered-mystart.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\tb_icon.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.js
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.xml
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-mdl.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-tl.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-tr.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-dragresize.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close-down.PNG
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close-over.PNG
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize-down.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize-over.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize-down.PNG
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize-over.PNG
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize.PNG
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-next-off.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-next.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-previous-off.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-previous.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\navico-home.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\panel.html
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\powered-mystart.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\tb_icon.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\widget.js
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\widget.xml
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-mdl.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-tl.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-tr.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-dragresize.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close-down.PNG
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close-over.PNG
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize-down.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize-over.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize-down.PNG
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize-over.PNG
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize.PNG
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-next-off.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-next.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-previous-off.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-previous.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\navico-home.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\panel.html
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\powered-mystart.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\tb_icon.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\widget.js
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\widget.xml
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217.zip
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-mdl.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tl.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tr.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-dragresize.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close-down.PNG
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close-over.PNG
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize-down.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize-over.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize-down.PNG
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize-over.PNG
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize.PNG
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-next-off.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-next.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-previous-off.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-previous.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\navico-home.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\panel.html
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\powered-mystart.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\tb_icon.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\widget.js
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\widget.xml
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\bluelite.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\bluesky.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-search-over.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-search.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-settings-over.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-settings.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-widgets-over.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-widgets.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn_settings.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-back-ff.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-back.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-left.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-right.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-splitter.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-back.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-left.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-right.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-splitter.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-back-ff.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-back.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-left.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-right.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-splitter.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\ca.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\dictionary.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\divider.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\downloadcom.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\email.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\email_on.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\games.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\graphred0.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\graphred0_5.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\grey.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\headsup.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\ico-shield.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\images.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\add.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\aol.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\arrow-right.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\arrow-up.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\blank.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnback-vista.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnright-vista.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\checkmark.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\chevron.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\collapse.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\comcast.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\dtx.css
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\edit-back.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\expand.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\found.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\gmail.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_blue.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_lime.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\hotmail.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\imap.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\loadingMid.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\lock.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\mailcom.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemright-down-vista.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemright-vista.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\move.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\movetarget.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\css\popupAbout.css
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\css\popupGames.css
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\footer.htm
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gamecategory.xsl
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gameData.js
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gameList.xsl
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gametype.xsl
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-drag.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-next.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-previous.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-download.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-play.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-tags.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-Add.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-download.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-Info.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-play.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-shop.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\popupGames.html
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\pop.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\css\manager.css
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\css\slider.css
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-radio.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\music-note.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\slider.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\slideron.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\track.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\managerpanel.html
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\volumeslider.html
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\remove.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rename.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\resize-box.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rss.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rsschannelback.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\RSSLogo.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rsstabdivider.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\scroll-left.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\scroll-right.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\search-go.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\search.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\text-ellipsis.xml
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\throbber.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\toolbarsplitter.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\transparent_1px.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_02.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_03.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_04.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_06.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_07.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_08.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_09.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_10.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_11.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_12.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_13.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_15.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_16.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_18.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_19.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_20.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_21.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\close-hot.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\close-normal.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\loadingMid.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\proxy.html
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\template.html
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\template.xml
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\templateFF.html
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\throbber.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\weather.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\yahoo.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lichen.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\logo-about.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\logo.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\maps.bmp
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\menuseparatorback.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\modify-save.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\modify.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\modifyhot.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\music.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\news.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-main.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-search.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-weather.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-widgets.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\orange.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\pixsy.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\relatedlinks.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-collapse.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-delete.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-expand.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-feed.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-folder-remove.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-folder-rename.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-folder.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-found.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-reload.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-subscribe.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rssback.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rsstopback.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\search-over.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\search.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchbar\searchbar-background-left.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchbar\searchbar-background-right.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchqutb.css
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\settings.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\shopping.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\siteinfo.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-bluelite.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-bluesky.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-grey.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-lichen.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-orange.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-yellow.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\technorati.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\throbber.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\toolbarsplitter.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\video.bmp
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\weather.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\web.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_allocine.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_bliptv.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_calcal.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_calculator.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_gservices.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_sudoku.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_todo.jpg
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_todo.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_trio.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_uconverter.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widgets-square-16px.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widgets.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\wikipedia.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\yahoosearch.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\yellow.gif
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\youtube.png
c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\zoom.png
c:\program files\Windows Searchqu Toolbar\ToolBar\components\windowmediator.js
c:\program files\Windows Searchqu Toolbar\ToolBar\manifest.xml
c:\program files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll
c:\program files\Windows Searchqu Toolbar\ToolBar\SearchquTb.dll
c:\program files\Windows Searchqu Toolbar\ToolBar\uninstall.exe
c:\program files\Windows Searchqu Toolbar\uninstall.exe
c:\programdata\Tarma Installer
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome.manifest
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\.#searchqutb.js.1.3
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\data\search\engines.xml
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\data\search\search.xsl
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\lib\about.xml
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\lib\dtxpanelwin.xul
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\lib\dtxprefwin.xul
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\lib\dtxwin.xul
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\lib\emailnotifierproviders.xml
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\lib\external.js
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\lib\neterror.xhtml
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\lib\wmpstreamer.html
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\modules\datastore.jsm
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\preferences.xml
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\searchqutb.js
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\toolbar.htm
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\toolbar.xul
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-mdl.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tl.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tr.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-dragresize.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-down.PNG
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-over.PNG
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-down.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-over.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-down.PNG
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-over.PNG
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize.PNG
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next-off.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous-off.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\navico-home.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\panel.html
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\powered-mystart.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\tb_icon.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.js
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.xml
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-mdl.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-tl.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-tr.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-dragresize.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close-down.PNG
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close-over.PNG
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize-down.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize-over.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize-down.PNG
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize-over.PNG
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize.PNG
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-next-off.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-next.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-previous-off.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-previous.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\navico-home.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\panel.html
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\powered-mystart.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\tb_icon.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\widget.js
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1255\widget.xml
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-mdl.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-tl.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-tr.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-dragresize.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close-down.PNG
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close-over.PNG
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize-down.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize-over.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize-down.PNG
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize-over.PNG
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize.PNG
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-next-off.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-next.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-previous-off.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-previous.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\navico-home.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\panel.html
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\powered-mystart.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\tb_icon.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\widget.js
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.Twitter.1257\widget.xml
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.YouTube.1217.zip
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-mdl.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tl.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tr.gif
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-dragresize.png
c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}\chrome\content\widge

Poslao: 29 Jul 2011 23:04
Idi na vrh
offline
  • Miloš
  • Pridružio: 26 Jan 2011
  • Poruke: 1390
  • Gde živiš: Beograd, Zvezdara

[Link mogu videti samo ulogovani korisnici]

Poslao: 30 Jul 2011 14:08
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Prebaci ikonicu Combofixa iz foldera Provera malwer-a i stavi direktno na desktop


Arrow

Otvoriti Notepad i iskopirati sledeci tekst:

Firefox::
FF - ProfilePath - c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=GRman000&ptb=CLtzVjJFjTZfxXW_Mr9BPw&ind=2011021504&ptnrS=GRman000&si=&n=77ddc0c0&psa=&st=kwd&searchfor=

RegNull::
[HKEY_USERS\S-1-5-21-83685119-447350358-3884237969-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{58518B2D-681E-DF7A-1126-010657F58D49}*]
"oadppkcofhagdmleihaomiblghcmna"=hex:6a,61,69,64,61,6d,61,61,66,6d,67,6f,67,6b,
   67,66,6b,62,61,69,00,00
"pabpnnjianginacjakckifcfekcalhke"=hex:6a,61,6e,64,6a,6c,64,6d,6b,66,6f,61,6f,
   6e,6f,6e,6f,6b,65,6b,00,00

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Poslao: 30 Jul 2011 15:34
Idi na vrh
offline
  • Miloš
  • Pridružio: 26 Jan 2011
  • Poruke: 1390
  • Gde živiš: Beograd, Zvezdara

Gde bi tebao da mi se nalazi taj log ?!

Poslao: 30 Jul 2011 15:46
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

C:\Combofix.txt

Poslao: 30 Jul 2011 15:53
Idi na vrh
offline
  • Miloš
  • Pridružio: 26 Jan 2011
  • Poruke: 1390
  • Gde živiš: Beograd, Zvezdara

[Link mogu videti samo ulogovani korisnici]

Poslao: 30 Jul 2011 15:59
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Kakvo je stanje?

Poslao: 30 Jul 2011 16:08
Idi na vrh
offline
  • Miloš
  • Pridružio: 26 Jan 2011
  • Poruke: 1390
  • Gde živiš: Beograd, Zvezdara

argus ::Kakvo je stanje?
Pa bolje je, ali mi jos uvek nesto baguje Shocked

MyCity » Ambulanta -> Arhiva Ambulante » Mislim da imam Viruse

Ko je trenutno na forumu
 

Ukupno su 2020 korisnika na forumu :: 92 registrovanih, 4 sakrivenih i 1924 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 6018 - dana 19 Dec 2025 13:41

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, 9k38, AF-1, Agape, Aleksa-, AleksandarFKS, Aleksej, alex71, Alojzije, amaterSRB, Apok, Aristotle2002, Ba4e, babaroga, Berekin, bojanM84, brkan1, comi_pfc, dd201176, dejan.7951, deks, Dežurni pod palubom, Dioniss, Dogma21, dradex, Dragan7777, dragan_mig31, DrNeoCortex, dunavzed, gagidjuric, Great White, Jager715510, jarovitt, Jaxupa, joca83, jodzula, Kajzer Soze, kikisp, Kosmos Banja Luka, kovacicbozo, Lep1na, Lieutenant, luka35, madza, Malahit, Manjane, Marko Marković, Mickey91, Mikisha, mile.ilic75, Milo97, milos.cbr, mishkooo, mocnijogurt, nelezele, nevjerna beba, opt1, Paklenica, pceklic, PedjaDikovic, Petrusci, pfc74, PlayerOne, predragc, redstar72, RileHerc, Singidunumac, Sirius, sistem22, skylab1111, Smiljkovich, Sonic, sspp, Tandrčak, Tastatura ratnik, Tila Painen, Uros Cuore Sportivo, vaci, Vanderx, vathra, vidra1, VJ, Vlad000, vladao75, Vladonius, vladulns, vlahale, Wehicle, zaoka, zeka013, Zeka_Peka, Zoran1959