Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bad Image "virus" problem


  • This topic is locked This topic is locked
20 replies to this topic

#1 christyjh

christyjh

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:12 AM

Posted 16 September 2013 - 04:01 PM

Hi there

 

My PC seems to have caught the Bad Image "virus". Having done a lot of searching this forum seems the most helpful at assisting users get rid of it. If anyone can help it would be much appreciated as I myself are not too hot with this sort of thing.

 

Everytime I try to run something I get the "[Program].exe - Bad Image" Title of opo up box, then text of -  "c:\progra~2\browse~2\261339~1.144\{c16c1~1\browse~1.dll is either not designed to runon Windows or it contains an error. Try installing the program again using the original installation media or contacts your system administrator for support"

 

PC running Windows Vista Home Premium

 

As I said, If anyone can walk my through how to identify and perhaps remove the issue it would be really appreciated. Ive followed the prep instructions and pasted DDS log below and attached the "attach" file

 

Thanks

 

Christy

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16506  BrowserJavaVersion: 1.6.0_26
Run by Sacha at 21:45:59 on 2013-09-16
#Option MBR scan  is disabled.
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.44.1033.18.3002.873 [GMT 1:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\STacSV.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Music Toolbar\Datamngr\DatamngrCoordinator.exe
C:\Program Files\DefaultTab\DefaultTabSearch.exe
C:\Users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
C:\Program Files\SMINST\BLService.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\Program Files\WebCake\WebCakeDesktop.Updater.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Music Toolbar\Datamngr\DatamngrUI.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Sacha\AppData\Roaming\Spotify\spotify.exe
C:\Users\Sacha\AppData\Local\Smartbar\Application\QuickShare.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.search.ask.com/?o=APN10641A&gct=hp&d=2-133&v=n8812-90&t=4
uSearch Bar = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=GB&userid=d5c32e9b-908e-4627-bf54-b72c60e84c7c&searchtype=ds&q={searchTerms}&installDate=03/06/2013
uSearch Page = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=GB&userid=d5c32e9b-908e-4627-bf54-b72c60e84c7c&searchtype=ds&q={searchTerms}&installDate=03/06/2013
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=91&bd=Presario&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=91&bd=Presario&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=91&bd=Presario&pf=cnnb
uSearchAssistant = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=GB&userid=d5c32e9b-908e-4627-bf54-b72c60e84c7c&searchtype=ds&q={searchTerms}&installDate=03/06/2013
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.0.318\McAfeeMSS_IE.dll
BHO: Music Box Toolbar (Dist. by Musiclab, Inc.): {104d74b8-67eb-4f25-8294-04eecfa292e4} - c:\program files\music toolbar\datamngr\srtool~1\ie\searchresultsDx.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - c:\program files\babylontoolbar\babylontoolbar\1.8.4.9\bh\BabylonToolbar.dll
BHO: QuickShare WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -
BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton internet security\engine\16.8.3.6\CoIEPlg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton internet security\engine\16.8.3.6\IPSBHO.dll
BHO: AOL Toolbar BHO: {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - c:\users\sacha\appdata\roaming\defaulttab\defaulttab\DefaultTabBHO.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - c:\program files\delta\delta\1.8.21.5\bh\delta.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\16.8.3.6\CoIEPlg.dll
TB: AOL Toolbar: {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\16.8.3.6\CoIEPlg.dll
TB: AOL Toolbar: {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - c:\program files\babylontoolbar\babylontoolbar\1.8.4.9\BabylonToolbarTlbr.dll
TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - c:\program files\delta\delta\1.8.21.5\deltaTlbr.dll
TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Music Box Toolbar (Dist. by Musiclab, Inc.): {104d74b8-67eb-4f25-8294-04eecfa292e4} - c:\program files\music toolbar\datamngr\srtool~1\ie\searchresultsDx.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [HPAdvisor] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe autorun=AUTORUN
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"
uRun: [Spotify] "c:\users\sacha\appdata\roaming\spotify\Spotify.exe" /uri spotify:autostart
uRun: [Browser Infrastructure Helper] c:\users\sacha\appdata\local\smartbar\application\QuickShare.exe startup
uRun: [InstallIQUpdater] "c:\program files\w3i\installiqupdater\InstallIQUpdater.exe" /silent /autorun
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [UpdateLBPShortCut] "c:\program files\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"
mRun: [UpdatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"
mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\2.0"
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [UpdateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
mRun: [UpdatePDIRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [WirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe"  /autorun
mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [SweetIM] c:\program files\sweetim\messenger\SweetIM.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\sacha\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.318\SSScheduler.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &AOL Toolbar Search - c:\programdata\aol\ietoolbar\resources\en-gb\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office10\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {38E51477-DDB4-4aed-9D61-D0C193E10749} - {38E51477-DDB4-4aed-9D61-D0C193E10749} - c:\program files\allmusicconverter\YouTubeRipper.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {A9CF3378-D60E-40A8-927D-7EA0D5B0AA98} - hxxp://webalbum.bonusprint.com/ukipc01/downloads//ImageUploader6.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{08343F08-394F-47C3-99B0-96C5E9E63432} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{6ED7D53E-46B9-4E7D-A265-C5BC9996EFB5} : DHCPNameServer = 192.168.0.1
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton internet security\engine\16.8.3.6\CoIEPlg.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= c:\progra~2\wincert\win32c~1.dll c:\progra~1\musict~1\datamngr\mgrldr.dll c:\progra~2\browse~2\261339~1.144\{c16c1~1\browse~1.dll
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.66\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\sacha\appdata\roaming\mozilla\firefox\profiles\ylhnuwgm.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxp://www.search.ask.com/?o=APN10641A&gct=hp&d=2-133&v=n8812-90&t=4
FF - prefs.js: keyword.URL - hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=133&systemid=2&v=n8812-90&apn_dtid=IME002&apn_ptnrs=AG2&apn_uid=3600287536204013&o=APN10641&q=
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\coffplgn\components\coFFPlgn.dll
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\ipsffplgn\components\IPSFFPl.dll
FF - component: c:\users\sacha\appdata\roaming\mozilla\firefox\profiles\ylhnuwgm.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\users\sacha\appdata\roaming\mozilla\firefox\profiles\ylhnuwgm.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mcafee security scan\3.0.318\npMcAfeeMSS.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\program files\photodex presenter\npPxPlay.dll
FF - plugin: c:\users\sacha\appdata\roaming\mozilla\firefox\profiles\ylhnuwgm.default\extensions\{195a3098-0bd5-4e90-ae22-ba1c540afd1e}\plugins\npGarmin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_168.dll
FF - ExtSQL: 2013-08-30 21:37; {104d74b8-67eb-4f25-8294-04eecfa292e4}; c:\users\sacha\appdata\roaming\mozilla\firefox\profiles\ylhnuwgm.default\extensions\{104d74b8-67eb-4f25-8294-04eecfa292e4}
FF - ExtSQL: !HIDDEN! 2009-09-16 19:49; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2010-08-30 21:35; [email protected]; c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=75513bd9000000000000002556a9e873&q=
FF - user.js: extensions.BabylonToolbar.id - 75513bd9000000000000002556a9e873
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15666
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.4.9
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.4.9
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.4.922:18:07
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - irhnew
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar_i.excTlbr - false
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110824&tt=201112_1849_4712_6
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar.rvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 75513bd9000000000000002556a9e873
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15859
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.521:36:20
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=121240&tt=gc_
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
FF - user.js: extentions.webcake.installId - 66aca9a4-88d8-45e5-8db7-66390bc2928c
FF - user.js: extentions.webcake.defaultEnableAppsList - layers,brain/features,newOffers/wc
.
============= SERVICES / DRIVERS ===============
.
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1008030.006\SymEFA.sys [2011-10-11 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nis\1008030.006\BHDrvx86.sys [2011-10-11 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1008030.006\cchpx86.sys [2011-10-11 467592]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20130913.001\IDSvix86.sys [2013-9-14 392792]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_b9d13b43\AEstSrv.exe [2011-4-24 81920]
R2 DatamngrCoordinator;Datamngr Coordinator;c:\program files\music toolbar\datamngr\DatamngrCoordinator.exe [2013-8-30 3363904]
R2 DefaultTabSearch;DefaultTabSearch;c:\program files\defaulttab\DefaultTabSearch.exe [2013-9-9 573952]
R2 DefaultTabUpdate;DefaultTabUpdate;c:\users\sacha\appdata\roaming\defaulttab\defaulttab\DTUpdate.exe [2013-6-3 107520]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 Norton Internet Security;Norton Internet Security;c:\program files\norton internet security\engine\16.8.3.6\ccSvcHst.exe [2011-10-11 117648]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\sminst\BLService.exe [2009-2-28 365952]
R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2009-2-28 222512]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2013-9-15 108120]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-9-22 112128]
R3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [2010-1-16 23096]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\system32\drivers\nis\1008030.006\symndisv.sys [2011-10-11 48760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [2009-7-30 19456]
S3 Leapfrog-USBLAN;Leapfrog-USBLAN;c:\windows\system32\drivers\btblan.sys [2010-6-9 33792]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.318\McCHSvc.exe [2013-2-5 235216]
S3 SMServer;SMServer;c:\windows\system32\snmvtsvc.exe [2010-1-16 249856]
S3 STSService;STSService;"c:\program files\allmusicconverter media suite\stsservice.exe" --> c:\program files\allmusicconverter media suite\STSService.exe [?]
.
=============== Created Last 30 ================
.
2013-09-15 02:59:07    2382848    ----a-w-    c:\windows\system32\mshtml.tlb
2013-09-15 02:59:05    420864    ----a-w-    c:\windows\system32\vbscript.dll
2013-09-15 02:59:03    149656    ----a-w-    c:\program files\internet explorer\sqmapi.dll
2013-09-15 02:59:02    768512    ----a-w-    c:\program files\common files\microsoft shared\vgx\VGX.dll
2013-09-15 02:59:01    194560    ----a-w-    c:\program files\internet explorer\IEShims.dll
2013-09-13 21:34:17    615936    ----a-w-    c:\windows\system32\themeui.dll
2013-09-13 21:34:14    2049536    ----a-w-    c:\windows\system32\win32k.sys
2013-08-30 22:49:25    --------    d-----w-    c:\programdata\Browser Manager
2013-08-30 20:42:46    --------    d-----w-    c:\users\sacha\appdata\roaming\MusicNet
2013-08-30 20:39:17    --------    d-----w-    c:\users\sacha\appdata\local\BearShare
2013-08-30 20:38:28    --------    d-----w-    c:\programdata\Wincert
2013-08-30 20:34:47    --------    d-----w-    c:\program files\Music Toolbar
2013-08-30 20:34:42    --------    d-----w-    c:\programdata\Datamngr
2013-08-30 20:33:31    --------    d-----w-    c:\program files\BearShare Applications
2013-08-27 20:33:19    1548288    ----a-w-    c:\windows\system32\WMVDECOD.DLL
.
==================== Find3M  ====================
.
2013-09-13 21:15:44    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-09-13 21:15:43    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-31 10:00:20    1800704    ----a-w-    c:\windows\system32\jscript9.dll
2013-07-31 09:52:44    1129472    ----a-w-    c:\windows\system32\wininet.dll
2013-07-31 09:52:34    1427968    ----a-w-    c:\windows\system32\inetcpl.cpl
2013-07-31 09:48:43    142848    ----a-w-    c:\windows\system32\ieUnatt.exe
2013-07-17 19:41:34    2048    ----a-w-    c:\windows\system32\tzres.dll
2013-07-10 09:47:00    783360    ----a-w-    c:\windows\system32\rpcrt4.dll
2013-07-09 12:10:36    1205168    ----a-w-    c:\windows\system32\ntdll.dll
2013-07-08 04:55:51    3603904    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2013-07-08 04:55:51    3551680    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-07-08 04:20:04    172544    ----a-w-    c:\windows\system32\wintrust.dll
2013-07-08 04:16:55    98304    ----a-w-    c:\windows\system32\cryptnet.dll
2013-07-08 04:16:55    133120    ----a-w-    c:\windows\system32\cryptsvc.dll
2013-07-08 04:16:54    992768    ----a-w-    c:\windows\system32\crypt32.dll
2013-07-05 04:53:33    905664    ----a-w-    c:\windows\system32\drivers\tcpip.sys
.
============= FINISH: 21:47:22.75 ===============
 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 4,368 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:12 AM

Posted 18 September 2013 - 03:38 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

 

Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.

  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries


My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

 


#3 christyjh

christyjh
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:12 AM

Posted 19 September 2013 - 04:09 PM

Marius

Thank you. I will run the scan tomorrow evening and post the results.

Christyjh

#4 christyjh

christyjh
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:12 AM

Posted 19 September 2013 - 04:12 PM

Marius

While I was typing that reply I tried to run the scan and got the blue screen! Twice.

Regards

Christy

#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 4,368 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:12 AM

Posted 20 September 2013 - 12:12 AM

OK, skip that...

 

 

Scan with aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.

  • Double click the aswMBR.exe icon, and click Run.
  • There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
  • Click the Scan button to start the scan once the update has finished downloading
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).


My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

 


#6 christyjh

christyjh
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:12 AM

Posted 20 September 2013 - 04:39 PM

Marius

 

See below.

 

I ran the scan but then left my PC and more happened (you can see from the time gaps). I created the log but it looks like it might still be scanning. I will leave my PC and if more comes up while I'm asleep I will paste tomorrow. 

 

Thanks

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-09-20 19:35:17
-----------------------------
19:35:17.077    OS Version: Windows 6.0.6002 Service Pack 2
19:35:17.077    Number of processors: 2 586 0x170A
19:35:17.078    ComputerName: SACHA-PC  UserName: Sacha
19:35:32.320    Initialize success
19:37:34.316    AVAST engine defs: 13092001
19:40:50.640    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:40:50.643    Disk 0 Vendor: ST9250320AS HP07 Size: 238475MB BusType: 3
19:40:51.017    Disk 0 MBR read successfully
19:40:51.020    Disk 0 MBR scan
19:40:51.030    Disk 0 unknown MBR code
19:40:51.097    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       227666 MB offset 2048
19:40:51.363    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        10805 MB offset 466262016
19:40:51.461    Disk 0 scanning sectors +488390656
19:40:52.180    Disk 0 scanning C:\Windows\system32\drivers
19:41:47.375    Service scanning
19:42:43.786    Modules scanning
19:42:52.549    Disk 0 trace - called modules:
19:42:52.566    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys tcpip.sys NETIO.SYS dxgkrnl.sys igdkmd32.sys
19:42:52.573    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x862d4ac8]
19:42:52.579    3 CLASSPNP.SYS[8a6138b3] -> nt!IofCallDriver -> [0x85b56c10]
19:42:52.585    5 acpi.sys[8069e6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85a8db98]
19:42:55.291    AVAST engine scan C:\Windows
19:43:01.393    AVAST engine scan C:\Windows\system32
19:50:33.527    AVAST engine scan C:\Windows\system32\drivers
19:51:41.640    AVAST engine scan C:\Users\Sacha
19:52:54.175    Disk 0 MBR has been saved successfully to "C:\Users\Sacha\Desktop\MBR.dat"
19:52:54.185    The log file has been saved successfully to "C:\Users\Sacha\Desktop\aswMBRlog.txt"
20:08:46.464    File: C:\Users\Sacha\AppData\Local\Temp\iqu_bootstrap.exe  **INFECTED** Win32:Adware-gen [Adw]
21:34:55.937    File: C:\Users\Sacha\AppData\Roaming\WebCake\dat\Desktop.OS.dll  **INFECTED** Win32:Webcake-A [Adw]
21:34:56.196    File: C:\Users\Sacha\AppData\Roaming\WebCake\dat\Dora.dat  **INFECTED** Win32:Webcake-A [Adw]
21:34:56.504    File: C:\Users\Sacha\AppData\Roaming\WebCake\dat\Maintain.dat  **INFECTED** Win32:Webcake-A [Adw]
21:34:56.671    File: C:\Users\Sacha\AppData\Roaming\WebCake\dat\Paladin.dat  **INFECTED** Win32:Webcake-A [Adw]
21:34:56.914    File: C:\Users\Sacha\AppData\Roaming\WebCake\dat\Phoenix.dat  **INFECTED** Win32:Webcake-A [Adw]
22:08:23.897    AVAST engine scan C:\ProgramData
22:34:30.616    Disk 0 MBR has been saved successfully to "C:\Users\Sacha\Desktop\MBR.dat"
22:34:30.634    The log file has been saved successfully to "C:\Users\Sacha\Desktop\aswMBRlog2.txt"



#7 christyjh

christyjh
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:12 AM

Posted 21 September 2013 - 01:58 AM

Final scan note log

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-09-20 19:35:17
-----------------------------
19:35:17.077    OS Version: Windows 6.0.6002 Service Pack 2
19:35:17.077    Number of processors: 2 586 0x170A
19:35:17.078    ComputerName: SACHA-PC  UserName: Sacha
19:35:32.320    Initialize success
19:37:34.316    AVAST engine defs: 13092001
19:40:50.640    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:40:50.643    Disk 0 Vendor: ST9250320AS HP07 Size: 238475MB BusType: 3
19:40:51.017    Disk 0 MBR read successfully
19:40:51.020    Disk 0 MBR scan
19:40:51.030    Disk 0 unknown MBR code
19:40:51.097    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       227666 MB offset 2048
19:40:51.363    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        10805 MB offset 466262016
19:40:51.461    Disk 0 scanning sectors +488390656
19:40:52.180    Disk 0 scanning C:\Windows\system32\drivers
19:41:47.375    Service scanning
19:42:43.786    Modules scanning
19:42:52.549    Disk 0 trace - called modules:
19:42:52.566    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys tcpip.sys NETIO.SYS dxgkrnl.sys igdkmd32.sys
19:42:52.573    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x862d4ac8]
19:42:52.579    3 CLASSPNP.SYS[8a6138b3] -> nt!IofCallDriver -> [0x85b56c10]
19:42:52.585    5 acpi.sys[8069e6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85a8db98]
19:42:55.291    AVAST engine scan C:\Windows
19:43:01.393    AVAST engine scan C:\Windows\system32
19:50:33.527    AVAST engine scan C:\Windows\system32\drivers
19:51:41.640    AVAST engine scan C:\Users\Sacha
19:52:54.175    Disk 0 MBR has been saved successfully to "C:\Users\Sacha\Desktop\MBR.dat"
19:52:54.185    The log file has been saved successfully to "C:\Users\Sacha\Desktop\aswMBRlog.txt"
20:08:46.464    File: C:\Users\Sacha\AppData\Local\Temp\iqu_bootstrap.exe  **INFECTED** Win32:Adware-gen [Adw]
21:34:55.937    File: C:\Users\Sacha\AppData\Roaming\WebCake\dat\Desktop.OS.dll  **INFECTED** Win32:Webcake-A [Adw]
21:34:56.196    File: C:\Users\Sacha\AppData\Roaming\WebCake\dat\Dora.dat  **INFECTED** Win32:Webcake-A [Adw]
21:34:56.504    File: C:\Users\Sacha\AppData\Roaming\WebCake\dat\Maintain.dat  **INFECTED** Win32:Webcake-A [Adw]
21:34:56.671    File: C:\Users\Sacha\AppData\Roaming\WebCake\dat\Paladin.dat  **INFECTED** Win32:Webcake-A [Adw]
21:34:56.914    File: C:\Users\Sacha\AppData\Roaming\WebCake\dat\Phoenix.dat  **INFECTED** Win32:Webcake-A [Adw]
22:08:23.897    AVAST engine scan C:\ProgramData
22:34:30.616    Disk 0 MBR has been saved successfully to "C:\Users\Sacha\Desktop\MBR.dat"
22:34:30.634    The log file has been saved successfully to "C:\Users\Sacha\Desktop\aswMBRlog2.txt"
23:06:51.714    Scan finished successfully
07:51:15.978    Disk 0 MBR has been saved successfully to "C:\Users\Sacha\Desktop\MBR.dat"
07:51:15.986    The log file has been saved successfully to "C:\Users\Sacha\Desktop\aswMBRfinal scan.txt"

 



#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 4,368 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:12 AM

Posted 21 September 2013 - 05:48 AM

Combofix

Combofix should only be run when adviced by a team member!

Link


Important - Save the file to your desktop!


  • Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work.
  • Run Combofix.exe


When finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.

Note: When receiving an error message containing ""Illegal operation attempted on a registry key that has been marked for deletion" simply restart your computer to fix this.


My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

 


#9 christyjh

christyjh
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:12 AM

Posted 21 September 2013 - 11:14 AM

ComboFix 13-09-19.01 - Sacha 21/09/2013  13:18:34.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.44.1033.18.3002.1110 [GMT 1:00]
Running from: c:\users\Sacha\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\DFR1E62.tmp
C:\DFRB9A1.tmp
c:\program files\DefaultTab
c:\program files\DefaultTab\DefaultTab.crx
c:\program files\DefaultTab\DefaultTabSearch.exe
c:\program files\DefaultTab\uid
c:\program files\DefaultTab\uninstaller.exe
c:\programdata\BrowserDefender
c:\programdata\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl
c:\programdata\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll
c:\programdata\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings
c:\programdata\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm
c:\programdata\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00
c:\programdata\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01
c:\programdata\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02
c:\programdata\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03
c:\programdata\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10
c:\programdata\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11
c:\programdata\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12
c:\programdata\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13
c:\programdata\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20
c:\programdata\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21
c:\programdata\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22
c:\programdata\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23
c:\programdata\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe
c:\users\Sacha\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Sacha\AppData\Roaming\DefaultTab\DefaultTab
c:\users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\addon.ico
c:\users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.cfg
c:\users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
c:\users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart.exe
c:\users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart64.exe
c:\users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabUninstaller.exe
c:\users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap.dll
c:\users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap64.dll
c:\users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\DT.ico
c:\users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
c:\users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\searchhere.ico
c:\users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\uninstalldt.exe
c:\users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\update.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_DefaultTabSearch
-------\Service_DefaultTabUpdate
-------\Service_DefaultTabUpdate
.
.
(((((((((((((((((((((((((   Files Created from 2013-08-21 to 2013-09-21  )))))))))))))))))))))))))))))))
.
.
2013-09-21 12:35 . 2013-09-21 12:35    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-09-21 12:10 . 2013-09-21 12:11    --------    d-----w-    c:\windows\4941BFEB62C047A2801E998FC469CC2C.TMP
2013-09-21 12:05 . 2013-09-21 12:05    3723656    ----a-w-    c:\windows\system32\FlashPlayerInstaller.exe
2013-09-15 02:59 . 2013-07-31 09:45    2382848    ----a-w-    c:\windows\system32\mshtml.tlb
2013-09-15 02:59 . 2013-07-31 09:48    420864    ----a-w-    c:\windows\system32\vbscript.dll
2013-09-15 02:59 . 2013-07-31 10:39    149656    ----a-w-    c:\program files\Internet Explorer\sqmapi.dll
2013-09-15 02:59 . 2013-07-31 09:50    768512    ----a-w-    c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll
2013-09-15 02:59 . 2013-07-31 09:50    194560    ----a-w-    c:\program files\Internet Explorer\IEShims.dll
2013-09-13 21:34 . 2013-07-16 04:35    615936    ----a-w-    c:\windows\system32\themeui.dll
2013-09-13 21:34 . 2013-08-08 01:45    2049536    ----a-w-    c:\windows\system32\win32k.sys
2013-08-30 22:49 . 2013-08-30 22:49    --------    d-----w-    c:\programdata\Browser Manager
2013-08-30 20:42 . 2013-08-30 20:42    --------    d-----w-    c:\users\Sacha\AppData\Roaming\MusicNet
2013-08-30 20:39 . 2013-08-30 20:45    --------    d-----w-    c:\users\Sacha\AppData\Local\BearShare
2013-08-30 20:38 . 2013-08-30 20:38    --------    d-----w-    c:\programdata\Wincert
2013-08-30 20:34 . 2013-08-30 20:34    --------    d-----w-    c:\program files\Music Toolbar
2013-08-30 20:34 . 2013-09-21 15:53    --------    d-----w-    c:\programdata\Datamngr
2013-08-30 20:33 . 2013-08-30 20:39    --------    d-----w-    c:\program files\BearShare Applications
2013-08-27 20:33 . 2013-08-02 04:09    1548288    ----a-w-    c:\windows\system32\WMVDECOD.DLL
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-21 12:06 . 2012-06-02 06:25    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-09-21 12:06 . 2011-07-14 07:46    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-17 19:41 . 2013-08-17 20:10    2048    ----a-w-    c:\windows\system32\tzres.dll
2013-07-10 09:47 . 2013-08-17 20:15    783360    ----a-w-    c:\windows\system32\rpcrt4.dll
2013-07-09 12:10 . 2013-08-17 20:11    1205168    ----a-w-    c:\windows\system32\ntdll.dll
2013-07-08 04:55 . 2013-08-17 20:11    3603904    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2013-07-08 04:55 . 2013-08-17 20:11    3551680    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-07-08 04:20 . 2013-08-17 20:15    172544    ----a-w-    c:\windows\system32\wintrust.dll
2013-07-08 04:16 . 2013-08-17 20:15    133120    ----a-w-    c:\windows\system32\cryptsvc.dll
2013-07-08 04:16 . 2013-08-17 20:15    98304    ----a-w-    c:\windows\system32\cryptnet.dll
2013-07-08 04:16 . 2013-08-17 20:15    992768    ----a-w-    c:\windows\system32\crypt32.dll
2013-07-05 04:53 . 2013-08-17 20:15    905664    ----a-w-    c:\windows\system32\drivers\tcpip.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"HPAdvisor"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2008-11-18 966656]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-12 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Spotify"="c:\users\Sacha\AppData\Roaming\Spotify\Spotify.exe" [2013-07-13 4640768]
"Browser Infrastructure Helper"="c:\users\Sacha\AppData\Local\Smartbar\Application\QuickShare.exe" [2013-05-09 20248]
"InstallIQUpdater"="c:\program files\W3i\InstallIQUpdater\InstallIQUpdater.exe" [2011-10-11 1179648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-10-28 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-10-28 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-10-28 154136]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-12-04 1410344]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-09-24 468264]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-12-24 210216]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-10-10 206128]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-10-30 210216]
"UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-12-08 432432]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-09-13 122368]
"Monitor"="c:\program files\LeapFrog\LeapFrog Connect\Monitor.exe" [2010-11-19 193880]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-02-18 49208]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-02-23 483420]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2012-01-19 114992]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544]
.
c:\users\Sacha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-6-23 113664]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-6-19 727592]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-10-16 214360]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\aestsrv.exe [2009-02-12 81920]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs    REG_MULTI_SZ       BthServ
HPZ12    REG_MULTI_SZ       Pml Driver HPZ12 Net Driver HPZ12
HPService    REG_MULTI_SZ       HPSLPSVC
hpdevmgmt    REG_MULTI_SZ       hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation    REG_MULTI_SZ       FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14    451872    ----a-w-    c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-06 11:18    1177552    ----a-w-    c:\program files\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-02 21:15]
.
2013-09-20 c:\windows\Tasks\Foresight Software Registration3.job
- c:\program files\Common Files\Foresight Software\UUS3\UUS3.dll [2013-01-15 21:40]
.
2013-09-15 c:\windows\Tasks\Foresight Software Update3.job
- c:\program files\Common Files\Foresight Software\UUS3\Update3.exe [2013-01-15 21:40]
.
2013-09-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-17 21:22]
.
2013-09-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-17 21:22]
.
2013-09-21 c:\windows\Tasks\PC Helper 360.job
- c:\program files\Foresight Software\PC Helper 360\pch360.exe [2013-01-15 21:40]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.search.ask.com/?o=APN10641A&gct=hp&d=2-133&v=n8812-90&t=4
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=91&bd=Presario&pf=cnnb
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=GB&userid=d5c32e9b-908e-4627-bf54-b72c60e84c7c&searchtype=ds&q={searchTerms}&installDate=03/06/2013
IE: &AOL Toolbar Search - c:\programdata\AOL\ieToolbar\resources\en-GB\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
DPF: {A9CF3378-D60E-40A8-927D-7EA0D5B0AA98} - hxxp://webalbum.bonusprint.com/ukipc01/downloads//ImageUploader6.cab
FF - ProfilePath - c:\users\Sacha\AppData\Roaming\Mozilla\Firefox\Profiles\ylhnuwgm.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxp://www.search.ask.com/?o=APN10641A&gct=hp&d=2-133&v=n8812-90&t=4
FF - prefs.js: keyword.URL - hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=133&systemid=2&v=n8812-90&apn_dtid=IME002&apn_ptnrs=AG2&apn_uid=3600287536204013&o=APN10641&q=
FF - ExtSQL: 2013-08-30 21:37; {104d74b8-67eb-4f25-8294-04eecfa292e4}; c:\users\Sacha\AppData\Roaming\Mozilla\Firefox\Profiles\ylhnuwgm.default\extensions\{104d74b8-67eb-4f25-8294-04eecfa292e4}
FF - ExtSQL: !HIDDEN! 2009-09-16 19:49; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2010-08-30 21:35; [email protected]; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=75513bd9000000000000002556a9e873&q=
FF - user.js: extensions.BabylonToolbar.id - 75513bd9000000000000002556a9e873
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15666
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.4.9
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.4.9
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.4.922:18
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - irhnew
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar_i.excTlbr - false
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110824&tt=201112_1849_4712_6
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar.rvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 75513bd9000000000000002556a9e873
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15859
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.521:36
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=121240&tt=gc_
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
FF - user.js: extentions.webcake.installId - 66aca9a4-88d8-45e5-8db7-66390bc2928c
FF - user.js: extentions.webcake.defaultEnableAppsList - layers,brain/features,newOffers/wc
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
HKCU-Run-TomTomHOME.exe - c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-DefaultTab - c:\users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\uninstalldt.exe
AddRemove-DefaultTab Chrome - c:\program files\DefaultTab\uninstaller.exe
AddRemove-{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} - c:\programdata\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe
AddRemove-{458F6A39-C520-4BB3-A8CD-E5492CCB343C} - c:\program files\InstallShield Installation Information\{458F6A39-C520-4BB3-A8CD-E5492CCB343C}\Setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-21 16:53
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ...
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.8.3.6\diMaster.dll\" /prefetch:1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3948)
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\STacSV.exe
c:\windows\system32\WLANExt.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Music Toolbar\Datamngr\DatamngrCoordinator.exe
c:\program files\LeapFrog\LeapFrog Connect\CommandService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
c:\program files\SMINST\BLService.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Photodex\ProShowGold\ScsiAccess.exe
c:\program files\WebCake\WebCakeDesktop.Updater.exe
c:\windows\system32\DllHost.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\program files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
c:\program files\Microsoft Office\Office12\ONENOTEM.EXE
c:\windows\system32\igfxsrvc.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Music Toolbar\Datamngr\DatamngrUI.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
c:\program files\Hewlett-Packard\Shared\hpqToaster.exe
.
**************************************************************************
.
Completion time: 2013-09-21  17:01:14 - machine was rebooted
ComboFix-quarantined-files.txt  2013-09-21 16:00
.
Pre-Run: 58,138,787,840 bytes free
Post-Run: 67,234,611,200 bytes free
.
- - End Of File - - E6529A5228B769159ED20A1989162D37
588AE8F0C685C02BA11F30D9CD7E61A0
 



#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 4,368 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:12 AM

Posted 23 September 2013 - 05:29 AM

Combofix scripting

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Download the attached CFScript.txt and save it to the location where Combofix is.


CFScriptB-4.gif


Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.

 

Attached Files


My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

 


#11 christyjh

christyjh
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:12 AM

Posted 23 September 2013 - 04:31 PM

Here is the Combofix log

 

Malware scan still runiing. Will post when done.

 

Thank you

 

 

ComboFix 13-09-23.02 - Sacha 23/09/2013  20:47:45.2.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.44.1033.18.3002.1769 [GMT 1:00]
Running from: c:\users\Sacha\Desktop\ComboFix.exe
Command switches used :: c:\users\Sacha\Desktop\CFScript.txt
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk"
"c:\users\Sacha\AppData\Local\Temp\iqu_bootstrap.exe"
"c:\windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\STacSV.exe"
"c:\windows\Tasks\PC Helper 360.job"
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Foresight Software
c:\program files\Foresight Software\PC Helper 360\7ZipDLL.dll
c:\program files\Foresight Software\PC Helper 360\colors.xml
c:\program files\Foresight Software\PC Helper 360\CommonLoggingExtension.pxt
c:\program files\Foresight Software\PC Helper 360\CommonSpecialist.pxt
c:\program files\Foresight Software\PC Helper 360\ExtensionManager.dll
c:\program files\Foresight Software\PC Helper 360\filecachedb.xml
c:\program files\Foresight Software\PC Helper 360\HandleUpdate.dll
c:\program files\Foresight Software\PC Helper 360\HTML\0_days.htm
c:\program files\Foresight Software\PC Helper 360\HTML\1_days.htm
c:\program files\Foresight Software\PC Helper 360\HTML\15_days.htm
c:\program files\Foresight Software\PC Helper 360\HTML\2_days.htm
c:\program files\Foresight Software\PC Helper 360\HTML\30_days.htm
c:\program files\Foresight Software\PC Helper 360\HTML\5_days.htm
c:\program files\Foresight Software\PC Helper 360\HTML\container_content_bkimg.gif
c:\program files\Foresight Software\PC Helper 360\HTML\container_content_leftimg.gif
c:\program files\Foresight Software\PC Helper 360\HTML\container_content_rightimg.gif
c:\program files\Foresight Software\PC Helper 360\HTML\error_connect.html
c:\program files\Foresight Software\PC Helper 360\HTML\images\10x10.gif
c:\program files\Foresight Software\PC Helper 360\HTML\images\10x10tile.gif
c:\program files\Foresight Software\PC Helper 360\HTML\images\background.jpg
c:\program files\Foresight Software\PC Helper 360\HTML\images\contentwrapper.gif
c:\program files\Foresight Software\PC Helper 360\HTML\images\error_internet.jpg
c:\program files\Foresight Software\PC Helper 360\HTML\images\footerbarfill.gif
c:\program files\Foresight Software\PC Helper 360\HTML\images\info_bubble.jpg
c:\program files\Foresight Software\PC Helper 360\HTML\images\tile_footerbarbase.jpg
c:\program files\Foresight Software\PC Helper 360\HTML\images\tile_subheadbarbase.jpg
c:\program files\Foresight Software\PC Helper 360\HTML\images\tile_titlebarbase.jpg
c:\program files\Foresight Software\PC Helper 360\HTML\main.css
c:\program files\Foresight Software\PC Helper 360\HTML\main_error.css
c:\program files\Foresight Software\PC Helper 360\HTML\package_titlebar_bkimg.jpg
c:\program files\Foresight Software\PC Helper 360\HTML\uninstall\box_screen.jpg
c:\program files\Foresight Software\PC Helper 360\HTML\uninstall\default_button.gif
c:\program files\Foresight Software\PC Helper 360\HTML\uninstall\default_button_over.gif
c:\program files\Foresight Software\PC Helper 360\HTML\uninstall\header_background.jpg
c:\program files\Foresight Software\PC Helper 360\HTML\uninstall\index.html
c:\program files\Foresight Software\PC Helper 360\Images\buttons\btn.png
c:\program files\Foresight Software\PC Helper 360\Images\buttons\btn_over.png
c:\program files\Foresight Software\PC Helper 360\Images\buttons\button_bho.png
c:\program files\Foresight Software\PC Helper 360\Images\buttons\button_defrag.png
c:\program files\Foresight Software\PC Helper 360\Images\buttons\button_file.png
c:\program files\Foresight Software\PC Helper 360\Images\buttons\button_generalsettings.png
c:\program files\Foresight Software\PC Helper 360\Images\buttons\button_ignore.png
c:\program files\Foresight Software\PC Helper 360\Images\buttons\button_junk.png
c:\program files\Foresight Software\PC Helper 360\Images\buttons\button_privacy.png
c:\program files\Foresight Software\PC Helper 360\Images\buttons\button_process.png
c:\program files\Foresight Software\PC Helper 360\Images\buttons\button_registry.png
c:\program files\Foresight Software\PC Helper 360\Images\buttons\button_schedule.png
c:\program files\Foresight Software\PC Helper 360\Images\buttons\button_startup.png
c:\program files\Foresight Software\PC Helper 360\Images\buttons\register.png
c:\program files\Foresight Software\PC Helper 360\Images\buttons\register_over.png
c:\program files\Foresight Software\PC Helper 360\Images\buttons\register_over_small.png
c:\program files\Foresight Software\PC Helper 360\Images\buttons\register_small.png
c:\program files\Foresight Software\PC Helper 360\Images\buttons\renew.png
c:\program files\Foresight Software\PC Helper 360\Images\buttons\renew_over.png
c:\program files\Foresight Software\PC Helper 360\Images\buttons\settings_button.png
c:\program files\Foresight Software\PC Helper 360\Images\buttons\settings_button_over.png
c:\program files\Foresight Software\PC Helper 360\Images\buttons\start.png
c:\program files\Foresight Software\PC Helper 360\Images\buttons\start_over.png
c:\program files\Foresight Software\PC Helper 360\Images\defrag\c_empty.png
c:\program files\Foresight Software\PC Helper 360\Images\defrag\c_frag.png
c:\program files\Foresight Software\PC Helper 360\Images\defrag\c_unfrag.png
c:\program files\Foresight Software\PC Helper 360\Images\defrag\c_unknown.png
c:\program files\Foresight Software\PC Helper 360\Images\defrag\c_unmove.png
c:\program files\Foresight Software\PC Helper 360\Images\Frame\close.png
c:\program files\Foresight Software\PC Helper 360\Images\Frame\dlg_title.png
c:\program files\Foresight Software\PC Helper 360\Images\Frame\logo.png
c:\program files\Foresight Software\PC Helper 360\Images\Frame\max.png
c:\program files\Foresight Software\PC Helper 360\Images\Frame\min.png
c:\program files\Foresight Software\PC Helper 360\Images\Frame\register.png
c:\program files\Foresight Software\PC Helper 360\Images\Frame\register_close.png
c:\program files\Foresight Software\PC Helper 360\Images\Frame\register_close_over.png
c:\program files\Foresight Software\PC Helper 360\Images\Frame\register_over.png
c:\program files\Foresight Software\PC Helper 360\Images\Frame\renew.png
c:\program files\Foresight Software\PC Helper 360\Images\Frame\renew_over.png
c:\program files\Foresight Software\PC Helper 360\Images\Frame\restore.png
c:\program files\Foresight Software\PC Helper 360\Images\Frame\tab_bg.png
c:\program files\Foresight Software\PC Helper 360\Images\Frame\tabactive_bg.png
c:\program files\Foresight Software\PC Helper 360\Images\Frame\tabover_bg.png
c:\program files\Foresight Software\PC Helper 360\Images\Frame\tfn_bg.png
c:\program files\Foresight Software\PC Helper 360\Images\Frame\tfn_logo.png
c:\program files\Foresight Software\PC Helper 360\Images\Frame\title_bar.png
c:\program files\Foresight Software\PC Helper 360\Images\Frame\upper_divider.png
c:\program files\Foresight Software\PC Helper 360\Images\general\collapse.png
c:\program files\Foresight Software\PC Helper 360\Images\general\delete.png
c:\program files\Foresight Software\PC Helper 360\Images\general\expand.png
c:\program files\Foresight Software\PC Helper 360\Images\general\progress_glow.png
c:\program files\Foresight Software\PC Helper 360\Images\group\bho.png
c:\program files\Foresight Software\PC Helper 360\Images\group\dup_audio.png
c:\program files\Foresight Software\PC Helper 360\Images\group\dup_doc.png
c:\program files\Foresight Software\PC Helper 360\Images\group\dup_image.png
c:\program files\Foresight Software\PC Helper 360\Images\group\dup_other.png
c:\program files\Foresight Software\PC Helper 360\Images\group\dup_video.png
c:\program files\Foresight Software\PC Helper 360\Images\group\ig_drivers.png
c:\program files\Foresight Software\PC Helper 360\Images\group\ig_proc.png
c:\program files\Foresight Software\PC Helper 360\Images\group\ig_reg.png
c:\program files\Foresight Software\PC Helper 360\Images\group\junk.png
c:\program files\Foresight Software\PC Helper 360\Images\group\priv_3rd.png
c:\program files\Foresight Software\PC Helper 360\Images\group\priv_browser.png
c:\program files\Foresight Software\PC Helper 360\Images\group\priv_email.png
c:\program files\Foresight Software\PC Helper 360\Images\group\priv_fs.png
c:\program files\Foresight Software\PC Helper 360\Images\group\priv_im.png
c:\program files\Foresight Software\PC Helper 360\Images\group\priv_multi.png
c:\program files\Foresight Software\PC Helper 360\Images\group\priv_office.png
c:\program files\Foresight Software\PC Helper 360\Images\group\priv_other.png
c:\program files\Foresight Software\PC Helper 360\Images\group\priv_windows.png
c:\program files\Foresight Software\PC Helper 360\Images\group\reg_apppath.png
c:\program files\Foresight Software\PC Helper 360\Images\group\reg_com.png
c:\program files\Foresight Software\PC Helper 360\Images\group\reg_dll.png
c:\program files\Foresight Software\PC Helper 360\Images\group\reg_empty.png
c:\program files\Foresight Software\PC Helper 360\Images\group\reg_extensions.png
c:\program files\Foresight Software\PC Helper 360\Images\group\reg_filepath.png
c:\program files\Foresight Software\PC Helper 360\Images\group\reg_font.png
c:\program files\Foresight Software\PC Helper 360\Images\group\reg_help.png
c:\program files\Foresight Software\PC Helper 360\Images\group\reg_shortcut.png
c:\program files\Foresight Software\PC Helper 360\Images\group\reg_startup.png
c:\program files\Foresight Software\PC Helper 360\Images\group\reg_uninstall.png
c:\program files\Foresight Software\PC Helper 360\Images\group\startup.png
c:\program files\Foresight Software\PC Helper 360\Images\headers\header_about.png
c:\program files\Foresight Software\PC Helper 360\Images\headers\header_bho.png
c:\program files\Foresight Software\PC Helper 360\Images\headers\header_clean.png
c:\program files\Foresight Software\PC Helper 360\Images\headers\header_defrag.png
c:\program files\Foresight Software\PC Helper 360\Images\headers\header_file.png
c:\program files\Foresight Software\PC Helper 360\Images\headers\header_junk.png
c:\program files\Foresight Software\PC Helper 360\Images\headers\header_junk_settings.png
c:\program files\Foresight Software\PC Helper 360\Images\headers\header_malware.png
c:\program files\Foresight Software\PC Helper 360\Images\headers\header_performance.png
c:\program files\Foresight Software\PC Helper 360\Images\headers\header_privacy.png
c:\program files\Foresight Software\PC Helper 360\Images\headers\header_process.png
c:\program files\Foresight Software\PC Helper 360\Images\headers\header_registry.png
c:\program files\Foresight Software\PC Helper 360\Images\headers\header_restore.png
c:\program files\Foresight Software\PC Helper 360\Images\headers\header_settings.png
c:\program files\Foresight Software\PC Helper 360\Images\headers\header_startup.png
c:\program files\Foresight Software\PC Helper 360\Images\headers\header_tools.png
c:\program files\Foresight Software\PC Helper 360\Images\headers\settings_general.png
c:\program files\Foresight Software\PC Helper 360\Images\headers\settings_ignore.png
c:\program files\Foresight Software\PC Helper 360\Images\headers\settings_privacy.png
c:\program files\Foresight Software\PC Helper 360\Images\headers\settings_registry.png
c:\program files\Foresight Software\PC Helper 360\Images\headers\settings_schedule.png
c:\program files\Foresight Software\PC Helper 360\Images\Icons\info.png
c:\program files\Foresight Software\PC Helper 360\Images\Icons\warning.png
c:\program files\Foresight Software\PC Helper 360\Images\list\other.png
c:\program files\Foresight Software\PC Helper 360\Images\list\process\bho.png
c:\program files\Foresight Software\PC Helper 360\Images\list\process\process.png
c:\program files\Foresight Software\PC Helper 360\Images\list\process\startup.png
c:\program files\Foresight Software\PC Helper 360\Images\list\recommendations\rec_malware16.png
c:\program files\Foresight Software\PC Helper 360\Images\list\recommendations\rec_malware24.png
c:\program files\Foresight Software\PC Helper 360\Images\list\recommendations\rec_malware32.png
c:\program files\Foresight Software\PC Helper 360\Images\list\recommendations\rec_system16.png
c:\program files\Foresight Software\PC Helper 360\Images\list\recommendations\rec_system24.png
c:\program files\Foresight Software\PC Helper 360\Images\list\recommendations\rec_system32.png
c:\program files\Foresight Software\PC Helper 360\Images\list\recommendations\rec_unknown16.png
c:\program files\Foresight Software\PC Helper 360\Images\list\recommendations\rec_unknown24.png
c:\program files\Foresight Software\PC Helper 360\Images\list\recommendations\rec_unknown32.png
c:\program files\Foresight Software\PC Helper 360\Images\list\recommendations\rec_unwanted16.png
c:\program files\Foresight Software\PC Helper 360\Images\list\recommendations\rec_unwanted24.png
c:\program files\Foresight Software\PC Helper 360\Images\list\recommendations\rec_unwanted32.png
c:\program files\Foresight Software\PC Helper 360\Images\list\recommendations\rec_userapp16.png
c:\program files\Foresight Software\PC Helper 360\Images\list\recommendations\rec_userapp24.png
c:\program files\Foresight Software\PC Helper 360\Images\list\recommendations\rec_userapp32.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\animation\01.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\animation\02.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\animation\03.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\animation\04.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\animation\05.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\animation\06.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\animation\07.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\animation\08.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\animation\09.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\check.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\damage1.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\damage2.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\damage3.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\damage4.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\damage5.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\damage6.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\error.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\error_large.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\Fix.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\Fix_over.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\junk.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\malware.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\md5.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\privacy.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\process-animation.gif
c:\program files\Foresight Software\PC Helper 360\Images\Scan\rating_h.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\rating_h_scan.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\rating_l.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\rating_l_scan.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\rating_m.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\rating_m_scan.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\rating_mh.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\rating_mh_scan.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\rating_ml.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\rating_ml_scan.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\registry.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\security_high.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\security_low.png
c:\program files\Foresight Software\PC Helper 360\Images\Scan\warning.png
c:\program files\Foresight Software\PC Helper 360\Images\Tabs\overview.png
c:\program files\Foresight Software\PC Helper 360\Images\Tabs\restore.png
c:\program files\Foresight Software\PC Helper 360\Images\Tabs\scan.png
c:\program files\Foresight Software\PC Helper 360\Images\Tabs\settings.png
c:\program files\Foresight Software\PC Helper 360\Images\Tabs\tools.png
c:\program files\Foresight Software\PC Helper 360\LiteUnzip.dll
c:\program files\Foresight Software\PC Helper 360\LiteZip.dll
c:\program files\Foresight Software\PC Helper 360\LogSettings.xml
c:\program files\Foresight Software\PC Helper 360\MyResources.dll
c:\program files\Foresight Software\PC Helper 360\pch360.exe
c:\program files\Foresight Software\PC Helper 360\privacy.db
c:\program files\Foresight Software\PC Helper 360\RegHookSpecialist.pxt
c:\program files\Foresight Software\PC Helper 360\SandBoxer.dll
c:\program files\Foresight Software\PC Helper 360\settings.xml
c:\program files\Foresight Software\PC Helper 360\sqlite3.dll
c:\program files\Foresight Software\PC Helper 360\tfn.xml
c:\program files\Foresight Software\PC Helper 360\uninstall.exe
c:\program files\Foresight Software\PC Helper 360\UNS.xml
c:\program files\Foresight Software\PC Helper 360\Utility.pxt
c:\program files\Foresight Software\PC Helper 360\whitelist.dat
c:\program files\McAfee Security Scan
c:\program files\McAfee Security Scan\3.0.318\AVScanComponent.dll
c:\program files\McAfee Security Scan\3.0.318\AVScanner.ini
c:\program files\McAfee Security Scan\3.0.318\avvclean.dat
c:\program files\McAfee Security Scan\3.0.318\avvnames.dat
c:\program files\McAfee Security Scan\3.0.318\avvscan.dat
c:\program files\McAfee Security Scan\3.0.318\config.dat
c:\program files\McAfee Security Scan\3.0.318\ftconfig.ini
c:\program files\McAfee Security Scan\3.0.318\McAfee.ico
c:\program files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
c:\program files\McAfee Security Scan\3.0.318\mcbrwsr2.dll
c:\program files\McAfee Security Scan\3.0.318\McCHSvc.exe
c:\program files\McAfee Security Scan\3.0.318\MCCompHostConfig.ini
c:\program files\McAfee Security Scan\3.0.318\McInstallerRes.dll
c:\program files\McAfee Security Scan\3.0.318\McInstallerRes_LD.dll
c:\program files\McAfee Security Scan\3.0.318\McInstallerStartup.dll
c:\program files\McAfee Security Scan\3.0.318\mcscan32.dll
c:\program files\McAfee Security Scan\3.0.318\mcuicnt.exe
c:\program files\McAfee Security Scan\3.0.318\McUpdater.dll
c:\program files\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll
c:\program files\McAfee Security Scan\3.0.318\sa_cache_sqlite.dll
c:\program files\McAfee Security Scan\3.0.318\sa_http_win32.dll
c:\program files\McAfee Security Scan\3.0.318\sa_mbl.dll
c:\program files\McAfee Security Scan\3.0.318\sa_store_sqlite.dll
c:\program files\McAfee Security Scan\3.0.318\sacore.db
c:\program files\McAfee Security Scan\3.0.318\sacore.dll
c:\program files\McAfee Security Scan\3.0.318\sacoredata\uds_filetypes.txt
c:\program files\McAfee Security Scan\3.0.318\sacoredata\uds_hosting.txt
c:\program files\McAfee Security Scan\3.0.318\sacoredata\uds_tlds.txt
c:\program files\McAfee Security Scan\3.0.318\SecurityScanner.dll
c:\program files\McAfee Security Scan\3.0.318\SecurityScanner_LD.dll
c:\program files\McAfee Security Scan\3.0.318\signlic.txt
c:\program files\McAfee Security Scan\3.0.318\sqlite3.dll
c:\program files\McAfee Security Scan\3.0.318\SSScheduler.exe
c:\program files\McAfee Security Scan\3.0.318\uninstaller.ini
c:\program files\McAfee Security Scan\3.0.318\WebInfoScanner.dll
c:\program files\McAfee Security Scan\3.0.318\WMIScanner.dll
c:\program files\McAfee Security Scan\uninstall.exe
c:\program files\Music Toolbar
c:\program files\Music Toolbar\Datamngr\apcrtldr.dll
c:\program files\Music Toolbar\Datamngr\Datamngr.dll
c:\program files\Music Toolbar\Datamngr\DatamngrCoordinator.exe
c:\program files\Music Toolbar\Datamngr\DatamngrUI.exe
c:\program files\Music Toolbar\Datamngr\Helper.dll
c:\program files\Music Toolbar\Datamngr\IEBHO.dll
c:\program files\Music Toolbar\Datamngr\Internet Explorer Settings.exe
c:\program files\Music Toolbar\Datamngr\mgrldr.dll
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\FF\install.ico
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\FF\uninstall.exe
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\as_guid.dat
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\custom.js
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib\about.xml
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib\custom.js
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib\dtxpanel.xul
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib\dtxpaneltransparent.xul
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib\dtxpanelwin.xul
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib\dtxprefwin.xul
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib\dtxtransparentwin.xul
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib\dtxwin.xul
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib\emailnotifierproviders.xml
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib\external.js
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib\neterror.xhtml
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib\rsspreview.html
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib\rsswin.xml
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib\rsswin.xsl
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib\wmpstreamer.html
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\modules\datastore.jsm
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\modules\nsDragAndDrop.js
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\neterror.xhtml
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\preferences.xml
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\template.xml
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\toolbar.htm
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\toolbar.xul
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\vmncode.js
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\vmnrsswin.xml
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_icon.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_iconFF.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_iconPressed.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_iconPressedFF.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_pref_icon.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\widgets\com.djboxservice.dj.DJBox\thumbs\tb_thumb_icon.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\widgets\com.djboxservice.dj.DJBox\widget.jsw
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\widgets\com.djboxservice.dj.DJBox\widget.jsww
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\widgets\com.djboxservice.dj.DJBox\widget.xml
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-buffering.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-connecting.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-ico.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-playing.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-stopped.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta.ico
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\widgets\net.vmn.www.RadioBeta\tb_icon.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\widgets\net.vmn.www.RadioBeta\widget.jsw
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\widgets\net.vmn.www.RadioBeta\widget.xml
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\data\search\engines.xml
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\data\search\search.xsl
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\data\weather\icons.xml
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\lib\en.js
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\locale.js
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar\de.js
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar\en.js
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar\es.js
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar\fr.js
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar\it.js
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\ask_logo_18x14.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\ask_logo_24x20.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\blip.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\bluelite.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\bluesky.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\break.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\btn-search-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\btn-search.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\btn-settings-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\btn-settings.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\btn-widgets-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\btn-widgets.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\btn_ask_search.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\btn_music_16x.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\btn_settings.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\btn_settings_17padding_18pxheight.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\custom.css
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\dailymotion.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\divider.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\ebay.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\facebook.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\find-videos.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\grey.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\icon_games.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\images.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\Koyotesoft_Icon_16x16.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\add.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\alexabutton.css
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\aol.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\arrow-dn.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\arrow-right-disabled.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\arrow-right.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\arrow-up.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\bg-btn-divider.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\bg-btn-end.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\bg-btn-mdl.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\bg-btn-mdl_ff.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\bg-btn-start.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\bg-btnover-divider.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\bg-btnover-end.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\bg-btnover-mdl.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\bg-btnover-start.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\blank.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\btn-widgets-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\btn-widgets.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\btn_slider.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\btnback-down-vista.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\btnback-vista.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\btnleft-down-vista.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\btnleft-vista.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\btnright-down-vista.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\btnright-vista.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\button-splitter-down-vista.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\button-splitter-vista.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\button-splitter.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\checkmark.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\chevron.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\collapse.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\debugbar\debug.html
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\dtx-test.css
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\dtx.css
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\edit-back-hot.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\edit-back.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\expand.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\found.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\gmail.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\highlight.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\highlight_blue.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\highlight_cyan.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\highlight_lime.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\highlight_magenta.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\highlight_yellow.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\hotmail.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\imap.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\lastsearch-thumb-back.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\launchers.css
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\loadingMid.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\lock.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\logo-separator.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\mailcom.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\menu_bg-basic.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\menu_separator_bar.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\menu_separator_white.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\menuitem-splitter.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\menuitemback-down-vista.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\menuitemback-vista.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\menuitemleft-down-vista.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\menuitemleft-vista.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\menuitemleft.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\menuitemright-down-vista.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\menuitemright-vista.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\minus.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\modify.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\move.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\movetarget.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\css\ie-only.css
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\css\ie7-only.css
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\css\panels.css
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\css\popupAbout.css
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\css\popupGames.css
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\css\popupWidgets.css
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\css\dialog.css
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\bg.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\btn-close-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\btn-close.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\btn-search.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\btn-wide-close-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\btn-wide-close.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\default.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\footer-short-left.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\footer-short-middle.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\footer-short-right.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\tab-off-l.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\tab-off-r.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\tab-on-l.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\tab-on-r.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\titlebar-left.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\titlebar-middle.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\titlebar-right.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\transparent.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\ttlbar-left.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\ttlbar-mdl.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\ttlbar-right.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\win-btm-left.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\win-btm-mdl.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\win-btm-right-resize.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\win-btm-right.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\win-left.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\images\win-right.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\main.html
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\main.html.bak
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\scripts\defscript.js
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\scripts\defscript.js.bak
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\footer.htm
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\gamecategory.xsl
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\gameData.js
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\gameList.xsl
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\gametype.xsl
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\ajax-loader.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\apps-bg-gradient-grid.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\apps-hover.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\appsfeatured-bg-gradient-grid.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\arrow-dn.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\arrow-down-white.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\arrow-left.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\arrow-right.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\arrow-sml.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\arrow-up.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\ask_search_212wide.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\ask_search_215wide.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\bg-btnover.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\bg-scrollbar-thumb-y.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\bg-scrollbar-track-y.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\bg-scrollbar-trackend-y.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-add-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-add.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-addtoolbar-left.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-addtoolbar-right.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-back.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-close-grey-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-close-grey.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-close-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-close.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-dark-left22-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-dark-left22.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-dark-middle22-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-dark-middle22.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-dark-right22-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-dark-right22.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-drag.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-install.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-launch-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-launch.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-mdl-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-mdl.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-moredetails.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-next-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-next.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-play-left-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-play-left.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-previous-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-previous.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-right-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-try-left-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\btn-try-left.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\bullet-orange.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\categories-bg-gradient-grid.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\featured-bg-btm-gradient.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\footer-short-left.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\footer-short-middle.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\footer-short-right.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\gamethumb-on.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\ico-box-next.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\ico-calendar.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\ico-dollar.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\ico-download.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\ico-info-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\ico-info.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\ico-joystick24.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\ico-news24.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\ico-play.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\ico-pref-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\ico-pref.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\ico-tags.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\ico-user-monitor.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\icon-Add.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\icon-download.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\icon-Info.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\icon-play.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\icon-shop.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\left-menu-hover.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\menul-bgon.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\menul-bgover.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\scroll-bg.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\scroll-topwin.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\scrollb-disable.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\scrollb-down.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\scrollb-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\scrollb.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\scrollt-disable.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\scrollt-down.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\scrollt-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\scrollt.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\searchbox.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\searchboxlite.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\searchboxlite_end.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\searchtheweb.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\shadow-leftmenu.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\sprite-dropdown.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\star.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\star_blank.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\star_x_grey.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\star_x_orange.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\titlebar-left.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\titlebar-middle.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\titlebar-right.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\topbar-inside-gradient.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\view-detailed-on.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\view-detailed-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\view-thumb-on.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\view-thumb-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\widgets.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\win-bottom-middleglow.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\win-left-bottomglow.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\win-left-middleglow.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\win-left-topglow.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\win-right-bottomglow.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\win-right-middleglow.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\win-right-topglow.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\win-top-middleglow.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\initHTML.html
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\default.js
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\jquery.js
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\jquery.tinyscrollbar.js
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\jquery.tinyscrollbar.min.js
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\jquery.uniform.min.js
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\jquery.url.js
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\popupGames.html
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\popupHTML.html
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\popupWidgets.html
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\scroll.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\plus.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\pop.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\radio.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\reload.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\remove.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\rename.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\resize-box.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\rss.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\rsschannelback.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\RSSLogo.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\rsstabdivider.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\scroll-left.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\scroll-right.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\search-go.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\search.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\separator.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\text-ellipsis.xml
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\throbber.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\toolbarsplitter.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\transparent_1px.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\border_02.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\border_03.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\border_04.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\border_06.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\border_07.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\border_08.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\border_09.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\border_10.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\border_11.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\border_12.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\border_13.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\border_14.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\border_15.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\border_16.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\border_18.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\border_19.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\border_20.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\border_21.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\btn-close-grey.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\btn-close-greyover.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\close-hot.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\close-normal.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\loadingMid.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\paneltemplate.html
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\proxy.html
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\template.html
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\template.html.bak
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\template.xml
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\templateFF.html
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\uwa\throbber.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton.css
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\icons\na-t.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\icons\na.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\icons\weather.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\yahoo.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lichen.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\logo-about.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\logo-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\logo-separator.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\logo.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\logo_headphones_18h.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\menuseparatorback.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\metacafe.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\microphone_16x.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\modify-save.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\modify.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\modifyhot.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\namespacetoolbar.css
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\options-search.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\options\options-main.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\options\options-search.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\options\options-weather.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\options\options-weather.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\options\options-widgets.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\orange.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\radiobeta-stopped.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\search-over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\search_icon.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\searchbar\searchbar-background-left.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\searchbar\searchbar-background-middle.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\searchbar\searchbar-background-right.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\searchtheweb.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\setting_stb_16x.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\settings.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\settings_stb_19x.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\settings_stb_19x_over.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\skin-bluelite.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\skin-bluesky.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\skin-grey.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\skin-lichen.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\skin-orange.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\skin-yellow.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\skin.xml
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\sv.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\throbber.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\toolbarsplitter.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\TRUSTe_about.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\tv.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\twitter.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\veoh.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\video.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\vimeo.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\vmn.css
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\web.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\websearch.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\yellow.gif
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\youtube.png
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\components\windowmediator.js
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\install.ico
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\manifest.xml
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\searchresultsDx.dll
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\searchresultstb.dll
c:\program files\Music Toolbar\Datamngr\SRTOOL~1\IE\uninstall.exe
c:\program files\Music Toolbar\Datamngr\Uninstall.exe
c:\program files\SweetIM
c:\program files\SweetIM\Messenger\ContentPackagesActivationHandler.exe
c:\program files\SweetIM\Messenger\default.xml
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\program files\SweetIM\Messenger\mgArchive.dll
c:\program files\SweetIM\Messenger\mgcommon.dll
c:\program files\SweetIM\Messenger\mgcommunication.dll
c:\program files\SweetIM\Messenger\mgconfig.dll
c:\program files\SweetIM\Messenger\mgFlashPlayer.dll
c:\program files\SweetIM\Messenger\mghooking.dll
c:\program files\SweetIM\Messenger\mgICQAuto.dll
c:\program files\SweetIM\Messenger\mgICQMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mglogger.dll
c:\program files\SweetIM\Messenger\mgMediaPlayer.dll
c:\program files\SweetIM\Messenger\mgMsnAuto.dll
c:\program files\SweetIM\Messenger\mgMsnMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgsimcommon.dll
c:\program files\SweetIM\Messenger\mgSweetIM.dll
c:\program files\SweetIM\Messenger\mgUpdateSupport.dll
c:\program files\SweetIM\Messenger\mgxml_wrapper.dll
c:\program files\SweetIM\Messenger\mgYahooAuto.dll
c:\program files\SweetIM\Messenger\mgYahooMessengerAdapter.dll
c:\program files\SweetIM\Messenger\msvcp71.dll
c:\program files\SweetIM\Messenger\msvcr71.dll
c:\program files\SweetIM\Messenger\resources\images\AudibleButton.png
c:\program files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png
c:\program files\SweetIM\Messenger\resources\images\EmoticonButton.png
c:\program files\SweetIM\Messenger\resources\images\GamesButton.png
c:\program files\SweetIM\Messenger\resources\images\KeyboardButton.png
c:\program files\SweetIM\Messenger\resources\images\NudgeButton.png
c:\program files\SweetIM\Messenger\resources\images\SoundFxButton.png
c:\program files\SweetIM\Messenger\resources\images\WinksButton.png
c:\program files\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll
c:\program files\SweetIM\Messenger\SweetIM.exe
c:\program files\W3i\InstallIQUpdater
c:\program files\W3i\InstallIQUpdater\images\btn_bg.gif
c:\program files\W3i\InstallIQUpdater\images\ico_cog.gif
c:\program files\W3i\InstallIQUpdater\images\ico_cog.png
c:\program files\W3i\InstallIQUpdater\images\ico_help.gif
c:\program files\W3i\InstallIQUpdater\images\ico_help.png
c:\program files\W3i\InstallIQUpdater\images\ico_information.gif
c:\program files\W3i\InstallIQUpdater\images\ico_information.png
c:\program files\W3i\InstallIQUpdater\images\ico_installed.gif
c:\program files\W3i\InstallIQUpdater\images\ico_installed.png
c:\program files\W3i\InstallIQUpdater\images\ico_updates.gif
c:\program files\W3i\InstallIQUpdater\images\ico_updates.png
c:\program files\W3i\InstallIQUpdater\images\iqu_logo.jpg
c:\program files\W3i\InstallIQUpdater\images\jackpot_logos.gif
c:\program files\W3i\InstallIQUpdater\images\tab_bg.gif
c:\program files\W3i\InstallIQUpdater\images\tab_bg_o.gif
c:\program files\W3i\InstallIQUpdater\images\temp_icon.gif
c:\program files\W3i\InstallIQUpdater\images\yahootoolbar.png
c:\program files\W3i\InstallIQUpdater\InstallIQUpdater.exe
c:\program files\W3i\InstallIQUpdater\iqu.xsl
c:\program files\WebCake
c:\program files\WebCake\sqlite3.exe
c:\program files\WebCake\WebCakeDesktop.Updater.exe
c:\program files\WebCake\WebCakeLayers.crx
c:\programdata\Browser Manager
c:\programdata\Datamngr
c:\programdata\Datamngr\coordinator.cfg
c:\programdata\Datamngr\general.cfg
c:\programdata\Datamngr\S-1-5-21-1798735391-3457249164-430106338-1000.cfg
c:\programdata\Datamngr\stats.cfg
c:\users\Sacha\AppData\Local\Smartbar
c:\users\Sacha\AppData\Local\Smartbar\Application\1Extension.crx
c:\users\Sacha\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\BrowserHelper.exe
c:\users\Sacha\AppData\Local\Smartbar\Application\BrowserHelper.exe.config
c:\users\Sacha\AppData\Local\Smartbar\Application\Configs\QueryParameters.xml
c:\users\Sacha\AppData\Local\Smartbar\Application\Configs\XmlSideBySideProtocol.xml
c:\users\Sacha\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome.manifest
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\BackPageRemove.js
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\externalJS.js
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\FBImagePreview.js
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\FirefoxExtensionMain.css
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\FirefoxExtensionMain.js
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\FirefoxExtensionMain.xul
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\down-1.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\down-2.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\down-3.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\down.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\fb.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\fblike.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\gmail.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\googleplus.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\hide-1.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\hide-2.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\hide-3.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\left.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\maximize-1.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\maximize-2.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\maximize-3.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\mgsplusvideo.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\minimize-1.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\minimize-2.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\minimize-3.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\PBQuickShare.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\pinit.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\right.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\searchBox.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\show-1.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\show-2.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\show-3.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\twitter.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\up-1.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\up-2.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\up-3.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\images\up.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\InternalJS.js
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\jquery-1.5.1.min.js
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\publisherDefinitions.js
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\PublisherImages\QuickShare.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\PublisherImages\QuickShare128.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\chrome\PublisherImages\QuickShare16.png
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\components\ISmartbarFireFoxRemotePlugin.xpt
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_16.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_17.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_18.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_19.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_20.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_21.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\[email protected]\install.rdf
c:\users\Sacha\AppData\Local\Smartbar\Application\IEButton.png
c:\users\Sacha\AppData\Local\Smartbar\Application\Interop.SHDocVw.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Microsoft.mshtml.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.Common.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.Logging.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Microsoft.Practices.ObjectBuilder.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\NDde.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\ProductsRemovalTool.exe
c:\users\Sacha\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\QuickShare.exe
c:\users\Sacha\AppData\Local\Smartbar\Application\QuickShare.exe.config
c:\users\Sacha\AppData\Local\Smartbar\Application\RegAsm.exe
c:\users\Sacha\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.Base.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.DefaultBrowser.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ShareManagerLocalPlugin.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessEntities.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.PersonalizationSettingsManager.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.UserSettingsManager.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Resources.BrowserHelperUtils.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Resources.ProductsRemovalLibary.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Resources.ProductUninstaller.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Resources.SetBrowsersSettings.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Resources.SetBrowsersSettingsAutoUpdater.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Resources.ShortcutsLibrary.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Resources.Translations.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Resources.UninstallScreen.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Resources.UrlHistorySupplier.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\SmartbarInstallationIcon.ico
c:\users\Sacha\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\SmartbarShortcutIcon.ico
c:\users\Sacha\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe
c:\users\Sacha\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.config
c:\users\Sacha\AppData\Local\Smartbar\Application\System.Data.SQLite.dll
c:\users\Sacha\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll
c:\users\Sacha\AppData\Local\Smartbar\Common\Configs\UserInfo.xml
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\00659FA4-2CAD-45fc-A8A0-DB7862840BA9.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\00659FA4-2CAD-45fc-A8A0-DB7862840BA9hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\00659FA4-2CAD-45fc-A8A0-DB7862840BA9press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\07a9a58b-c653-4285-a870-1fa70cb6c00c.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\07a9a58b-c653-4285-a870-1fa70cb6c00chover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\07a9a58b-c653-4285-a870-1fa70cb6c00cPress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\0E29BC94-7C9B-4A23-B682-81D0D1A806E1.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\0E29BC94-7C9B-4A23-B682-81D0D1A806E1hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\0E29BC94-7C9B-4A23-B682-81D0D1A806E1press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\0FA6F971-16AA-4921-A39F-543C9839CABE.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\0FA6F971-16AA-4921-A39F-543C9839CABEhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\0FA6F971-16AA-4921-A39F-543C9839CABEpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\101FF2F5-9F51-405F-ACBB-D4A5F3601679.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\101FF2F5-9F51-405F-ACBB-D4A5F3601679hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\101FF2F5-9F51-405F-ACBB-D4A5F3601679press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\1A039A19-BD34-4760-8DE0-E9A8E8AA8827.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\1A039A19-BD34-4760-8DE0-E9A8E8AA8827Ehover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\1A039A19-BD34-4760-8DE0-E9A8E8AA8827press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\1FFDDB6E-8EB3-4CE0-9C2B-44910A3C5975.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\1FFDDB6E-8EB3-4CE0-9C2B-44910A3C5975hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\1FFDDB6E-8EB3-4CE0-9C2B-44910A3C5975press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\30657846-199A-4D0D-984D-BE588084F1F6.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\30657846-199A-4D0D-984D-BE588084F1F6hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\30657846-199A-4D0D-984D-BE588084F1F6press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\30DFF8F0-BA79-4360-A3EA-51B6D006133C.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\30DFF8F0-BA79-4360-A3EA-51B6D006133CHover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\30DFF8F0-BA79-4360-A3EA-51B6D006133CPress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\372FF78B-6E4B-4B38-8E3F-797B4680FB98.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\372FF78B-6E4B-4B38-8E3F-797B4680FB98hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\372FF78B-6E4B-4B38-8E3F-797B4680FB98press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\39028511-3F15-4442-9188-DDC86BE1BBD0.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\39028511-3F15-4442-9188-DDC86BE1BBD0hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\39028511-3F15-4442-9188-DDC86BE1BBD0press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\39079B96-6DD1-42DE-89E6-76F79C8BB4E4.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\39079B96-6DD1-42DE-89E6-76F79C8BB4E4Hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\39079B96-6DD1-42DE-89E6-76F79C8BB4E4Press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\3C610B86-19DE-4757-B46A-871C9C27FF0A.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\3C610B86-19DE-4757-B46A-871C9C27FF0AHover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\3C610B86-19DE-4757-B46A-871C9C27FF0APress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\3f9ac55c-6db5-4c01-9d34-a92da2347be6.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\3f9ac55c-6db5-4c01-9d34-a92da2347be6hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\3f9ac55c-6db5-4c01-9d34-a92da2347be6press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\412D5531-A3E1-40BB-B0C3-71E3C45A4E13.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\412D5531-A3E1-40BB-B0C3-71E3C45A4E13hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\412D5531-A3E1-40BB-B0C3-71E3C45A4E13press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\4a110a71-0e7e-4552-af6e-3ef88b2d6511.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\4a110a71-0e7e-4552-af6e-3ef88b2d6511Hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\4a110a71-0e7e-4552-af6e-3ef88b2d6511Press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\5252af60-ef03-41a8-babe-415dba235478.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\5252af60-ef03-41a8-babe-415dba235478Hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\5252af60-ef03-41a8-babe-415dba235478Press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\536b9063-fc09-4e82-8769-73c77317aae6.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\536b9063-fc09-4e82-8769-73c77317aae6hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\536b9063-fc09-4e82-8769-73c77317aae6press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\56591C8E-DA35-4A97-AC9B-5055E0F7089E.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\56591C8E-DA35-4A97-AC9B-5055E0F7089Ehover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\56591C8E-DA35-4A97-AC9B-5055E0F7089Epress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\5D0A6D97-85F2-47E9-8F04-04A747B25A0E.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\5D0A6D97-85F2-47E9-8F04-04A747B25A0Ehover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\5D0A6D97-85F2-47E9-8F04-04A747B25A0Epress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\5F488FA5-C35B-44A9-A0E4-2C7B41035780.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\5F488FA5-C35B-44A9-A0E4-2C7B41035780hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\5F488FA5-C35B-44A9-A0E4-2C7B41035780press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\65B1A402-FC79-410D-AE1C-AF92E206AC1D.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\65B1A402-FC79-410D-AE1C-AF92E206AC1Dhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\65B1A402-FC79-410D-AE1C-AF92E206AC1Dpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7EC.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7EChover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7ECpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\708d8b1e-6545-474a-9f07-d854acf8ad43.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\708d8b1e-6545-474a-9f07-d854acf8ad43hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\708d8b1e-6545-474a-9f07-d854acf8ad43press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\72CDFC8C-6F2D-4df8-9811-18C4D682C406.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\72CDFC8C-6F2D-4df8-9811-18C4D682C406hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\72CDFC8C-6F2D-4df8-9811-18C4D682C406press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\7CF3BACC-BF1C-4860-BB4E-F1A8440250FE.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\7CF3BACC-BF1C-4860-BB4E-F1A8440250FEhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\7CF3BACC-BF1C-4860-BB4E-F1A8440250FEpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\7fe83ae9-caef-41f0-aa99-d114c0ce3941.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\7fe83ae9-caef-41f0-aa99-d114c0ce3941hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\7fe83ae9-caef-41f0-aa99-d114c0ce3941press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\8217d395-9ebe-4ebb-807c-38cc911a307f.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\8217d395-9ebe-4ebb-807c-38cc911a307fHover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\8217d395-9ebe-4ebb-807c-38cc911a307fPress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\87442BEF-FD31-405C-A807-650CB7CC8886.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\87442BEF-FD31-405C-A807-650CB7CC8886hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\87442BEF-FD31-405C-A807-650CB7CC8886press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\89582936-094C-4880-B87A-2AF16FC33B2C.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\89582936-094C-4880-B87A-2AF16FC33B2Chover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\89582936-094C-4880-B87A-2AF16FC33B2Cpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\8b3608b1-c2d5-4ad3-a382-33601228c6d3.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\8b3608b1-c2d5-4ad3-a382-33601228c6d3hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\8b3608b1-c2d5-4ad3-a382-33601228c6d3press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\8F4131CE-D4F0-4F08-9102-78C397F3748C.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\8F4131CE-D4F0-4F08-9102-78C397F3748CHover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\8F4131CE-D4F0-4F08-9102-78C397F3748CPress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\90165d32-a3ef-438c-8625-be9b538b6eba.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\90165d32-a3ef-438c-8625-be9b538b6ebaHover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\90165d32-a3ef-438c-8625-be9b538b6ebaPress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\929407CC-7E48-47E0-A9F9-A4A167AC24D1.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\929407CC-7E48-47E0-A9F9-A4A167AC24D1hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\929407CC-7E48-47E0-A9F9-A4A167AC24D1press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\95ae73f0-9799-46fd-bceb-57efcb7f0537.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\95ae73f0-9799-46fd-bceb-57efcb7f0537hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\95ae73f0-9799-46fd-bceb-57efcb7f0537press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\A1D51ECC-DBD7-4C7E-9A75-364B8E2F1D8C.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\A1D51ECC-DBD7-4C7E-9A75-364B8E2F1D8Chover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\A1D51ECC-DBD7-4C7E-9A75-364B8E2F1D8Cpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\A75C6A50-13B0-4704-AA87-8DD113E31310.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\A75C6A50-13B0-4704-AA87-8DD113E31310hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\A75C6A50-13B0-4704-AA87-8DD113E31310press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\a94e6710-6021-4cdc-82de-1c001238bd8f.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\a94e6710-6021-4cdc-82de-1c001238bd8fHover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\a94e6710-6021-4cdc-82de-1c001238bd8fPress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\B1BEF453-913F-4EC4-B057-A2BB21C09DCB.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\B1BEF453-913F-4EC4-B057-A2BB21C09DCBhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\B1BEF453-913F-4EC4-B057-A2BB21C09DCBpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\B1FE90EC-CEDA-4467-86CE-6CD7F1D3D55F.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\B1FE90EC-CEDA-4467-86CE-6CD7F1D3D55Fhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\B1FE90EC-CEDA-4467-86CE-6CD7F1D3D55Fpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\B81443D4-15F7-4B97-9DC8-3645A012C817.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\B81443D4-15F7-4B97-9DC8-3645A012C817hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\B81443D4-15F7-4B97-9DC8-3645A012C817press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\bc8dcde3-3fd0-4f9b-af5d-15c20f3239ab.ico
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\bc8dcde3-3fd0-4f9b-af5d-15c20f3239ab.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\bc8dcde3-3fd0-4f9b-af5d-15c20f3239abhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\bc8dcde3-3fd0-4f9b-af5d-15c20f3239abpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\C0AC006A-9C65-42F9-AE11-D675DCCC6840.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\C0AC006A-9C65-42F9-AE11-D675DCCC6840hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\C0AC006A-9C65-42F9-AE11-D675DCCC6840press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\c1546a00-e42d-4ce7-aac5-5353a895f3cf.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\c1546a00-e42d-4ce7-aac5-5353a895f3cfhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\c1546a00-e42d-4ce7-aac5-5353a895f3cfpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\CCEE5A80-8C88-4BB1-89BF-4A7EFF93E452.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\CCEE5A80-8C88-4BB1-89BF-4A7EFF93E452hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\CCEE5A80-8C88-4BB1-89BF-4A7EFF93E452press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\CE1500FE-6F59-421C-8005-3E137AC051A2.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\CE1500FE-6F59-421C-8005-3E137AC051A2hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\CE1500FE-6F59-421C-8005-3E137AC051A2press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\D2B0680C-17C4-492D-85D7-D4CA3E724D50.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\D2B0680C-17C4-492D-85D7-D4CA3E724D50hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\D2B0680C-17C4-492D-85D7-D4CA3E724D50press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\D469E1BA-B745-45B3-B7EE-378E000E74C8.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\D469E1BA-B745-45B3-B7EE-378E000E74C8Hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\D469E1BA-B745-45B3-B7EE-378E000E74C8Press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\D5113B95-781C-4737-A26F-3ED3A2CB876F.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\D5113B95-781C-4737-A26F-3ED3A2CB876Fhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\D5113B95-781C-4737-A26F-3ED3A2CB876Fpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1Hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1Press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0Hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0Press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\e2870479-a572-412b-8a8f-5604d19b55cd.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\e2870479-a572-412b-8a8f-5604d19b55cdhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\e2870479-a572-412b-8a8f-5604d19b55cdpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\E3345571-EEF9-4041-8C24-F7F5A9331C23.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\E3345571-EEF9-4041-8C24-F7F5A9331C23hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\E3345571-EEF9-4041-8C24-F7F5A9331C23press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\e357f164-c5d8-4257-aab2-fe0cad41c12e.ico
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\e357f164-c5d8-4257-aab2-fe0cad41c12e.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\e357f164-c5d8-4257-aab2-fe0cad41c12ehover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\e357f164-c5d8-4257-aab2-fe0cad41c12epress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\E458493F-867F-4712-A3AF-D9664ED47C19.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\E458493F-867F-4712-A3AF-D9664ED47C19hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\E458493F-867F-4712-A3AF-D9664ED47C19press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\E52BEFE7-6535-439c-B168-A3B105E4212E.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\E52BEFE7-6535-439c-B168-A3B105E4212Ehover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\E52BEFE7-6535-439c-B168-A3B105E4212Epress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\E6EE3C0D-1AF6-4A1E-AD63-1AFD7CB84583.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\E6EE3C0D-1AF6-4A1E-AD63-1AFD7CB84583hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\E6EE3C0D-1AF6-4A1E-AD63-1AFD7CB84583press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\E8584703-6CA5-4351-82CC-09E40938A066.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\E8584703-6CA5-4351-82CC-09E40938A066hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\E8584703-6CA5-4351-82CC-09E40938A066press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\e8967c62-9ea0-4fde-9832-2c10f1d580de.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\e8967c62-9ea0-4fde-9832-2c10f1d580dehover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\e8967c62-9ea0-4fde-9832-2c10f1d580depress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\EA99E20A-FBBA-4197-954B-E2013280A29B.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\EA99E20A-FBBA-4197-954B-E2013280A29Bhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\EA99E20A-FBBA-4197-954B-E2013280A29Bpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\F5297DBC-3B3B-4744-A54D-308EAD98D223.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\F5297DBC-3B3B-4744-A54D-308EAD98D223hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\F5297DBC-3B3B-4744-A54D-308EAD98D223press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\f7fd4890-7f89-4c73-8ff2-52105657cbb6.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\f7fd4890-7f89-4c73-8ff2-52105657cbb6Hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\f7fd4890-7f89-4c73-8ff2-52105657cbb6Press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BD.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BDhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BDpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\FA3DE5E1-19AC-42FA-8E77-C25C60E60EC7.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\FA3DE5E1-19AC-42FA-8E77-C25C60E60EC7hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\FA3DE5E1-19AC-42FA-8E77-C25C60E60EC7press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\fac5189f-f2c7-4eed-bae8-011eca170d7b.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\fac5189f-f2c7-4eed-bae8-011eca170d7bhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\icons\fac5189f-f2c7-4eed-bae8-011eca170d7bpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\00659FA4-2CAD-45fc-A8A0-DB7862840BA9.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\00659FA4-2CAD-45fc-A8A0-DB7862840BA9hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\00659FA4-2CAD-45fc-A8A0-DB7862840BA9press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\07a9a58b-c653-4285-a870-1fa70cb6c00c.ico
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\07a9a58b-c653-4285-a870-1fa70cb6c00c.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\07a9a58b-c653-4285-a870-1fa70cb6c00chover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\07a9a58b-c653-4285-a870-1fa70cb6c00cpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\0DB19630-EB33-4B18-8357-78FC2687C788.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\0DB19630-EB33-4B18-8357-78FC2687C788hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\0DB19630-EB33-4B18-8357-78FC2687C788press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\0E29BC94-7C9B-4A23-B682-81D0D1A806E1.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\0E29BC94-7C9B-4A23-B682-81D0D1A806E1hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\0E29BC94-7C9B-4A23-B682-81D0D1A806E1press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\0FA6F971-16AA-4921-A39F-543C9839CABE.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\0FA6F971-16AA-4921-A39F-543C9839CABEhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\0FA6F971-16AA-4921-A39F-543C9839CABEpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\101FF2F5-9F51-405F-ACBB-D4A5F3601679.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\101FF2F5-9F51-405F-ACBB-D4A5F3601679hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\101FF2F5-9F51-405F-ACBB-D4A5F3601679press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE081313.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE081313hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE081313press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE08E613.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE08E613hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE08E613press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE131313.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE131313hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE131313press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\1A039A19-BD34-4760-8DE0-E9A8E8AA8827.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\1A039A19-BD34-4760-8DE0-E9A8E8AA8827hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\1A039A19-BD34-4760-8DE0-E9A8E8AA8827press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\1FFDDB6E-8EB3-4CE0-9C2B-44910A3C5975.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\1FFDDB6E-8EB3-4CE0-9C2B-44910A3C5975hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\1FFDDB6E-8EB3-4CE0-9C2B-44910A3C5975press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\2141A104-423C-43EF-A27A-CA0DADB7B9BC.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\2141A104-423C-43EF-A27A-CA0DADB7B9BChover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\2141A104-423C-43EF-A27A-CA0DADB7B9BCpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\28E2C7BC-F857-44D5-A42F-7DD66FAB5EE6.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\28E2C7BC-F857-44D5-A42F-7DD66FAB5EE6hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\28E2C7BC-F857-44D5-A42F-7DD66FAB5EE6press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\30657846-199A-4D0D-984D-BE588084F1F6.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\30657846-199A-4D0D-984D-BE588084F1F6hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\30657846-199A-4D0D-984D-BE588084F1F6press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\30DEBC8A-1CC6-4480-B3E5-C55E214043A8.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\30DEBC8A-1CC6-4480-B3E5-C55E214043A8Hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\30DEBC8A-1CC6-4480-B3E5-C55E214043A8Press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\30DFF8F0-BA79-4360-A3EA-51B6D006133C.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\30DFF8F0-BA79-4360-A3EA-51B6D006133CHover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\30DFF8F0-BA79-4360-A3EA-51B6D006133CPress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\372FF78B-6E4B-4B38-8E3F-797B4680FB98.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\372FF78B-6E4B-4B38-8E3F-797B4680FB98hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\372FF78B-6E4B-4B38-8E3F-797B4680FB98press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\39028511-3F15-4442-9188-DDC86BE1BBD0.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\39028511-3F15-4442-9188-DDC86BE1BBD0hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\39028511-3F15-4442-9188-DDC86BE1BBD0press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\39079B96-6DD1-42DE-89E6-76F79C8BB4E4.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\39079B96-6DD1-42DE-89E6-76F79C8BB4E4Hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\39079B96-6DD1-42DE-89E6-76F79C8BB4E4Press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\3C610B86-19DE-4757-B46A-871C9C27FF0A.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\3C610B86-19DE-4757-B46A-871C9C27FF0AHover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\3C610B86-19DE-4757-B46A-871C9C27FF0APress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\3f9ac55c-6db5-4c01-9d34-a92da2347be6.ico
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\3f9ac55c-6db5-4c01-9d34-a92da2347be6.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\3f9ac55c-6db5-4c01-9d34-a92da2347be6hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\3f9ac55c-6db5-4c01-9d34-a92da2347be6press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\412D5531-A3E1-40BB-B0C3-71E3C45A4E13.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\412D5531-A3E1-40BB-B0C3-71E3C45A4E13hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\412D5531-A3E1-40BB-B0C3-71E3C45A4E13press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\47BFF758-9581-4C68-9293-1181A70CDEE8.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\47BFF758-9581-4C68-9293-1181A70CDEE8Hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\47BFF758-9581-4C68-9293-1181A70CDEE8Press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\48A9C19C-5A4C-4652-A6E7-1C17AEE45675.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\48A9C19C-5A4C-4652-A6E7-1C17AEE45675Hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\48A9C19C-5A4C-4652-A6E7-1C17AEE45675Press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\4a110a71-0e7e-4552-af6e-3ef88b2d6511.ico
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\4a110a71-0e7e-4552-af6e-3ef88b2d6511.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\4a110a71-0e7e-4552-af6e-3ef88b2d6511Hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\4a110a71-0e7e-4552-af6e-3ef88b2d6511Press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\511B6809-2468-4A36-A6FC-FC24F05499BE.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\511B6809-2468-4A36-A6FC-FC24F05499BEHover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\511B6809-2468-4A36-A6FC-FC24F05499BEPress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\5252af60-ef03-41a8-babe-415dba235478.ico
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\5252af60-ef03-41a8-babe-415dba235478.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\5252af60-ef03-41a8-babe-415dba235478Hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\5252af60-ef03-41a8-babe-415dba235478Press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\536b9063-fc09-4e82-8769-73c77317aae6.ico
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\536b9063-fc09-4e82-8769-73c77317aae6.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\536b9063-fc09-4e82-8769-73c77317aae6hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\536b9063-fc09-4e82-8769-73c77317aae6press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\56591C8E-DA35-4A97-AC9B-5055E0F7089E.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\56591C8E-DA35-4A97-AC9B-5055E0F7089Ehover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\56591C8E-DA35-4A97-AC9B-5055E0F7089Epress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\5D0A6D97-85F2-47E9-8F04-04A747B25A0E.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\5D0A6D97-85F2-47E9-8F04-04A747B25A0Ehover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\5D0A6D97-85F2-47E9-8F04-04A747B25A0Epress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\5F1B269B-7C66-474F-A473-BE7FA51BE5B2.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\5F1B269B-7C66-474F-A473-BE7FA51BE5B2hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\5F1B269B-7C66-474F-A473-BE7FA51BE5B2press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\5F488FA5-C35B-44A9-A0E4-2C7B41035780.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\5F488FA5-C35B-44A9-A0E4-2C7B41035780hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\5F488FA5-C35B-44A9-A0E4-2C7B41035780press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\65B1A402-FC79-410D-AE1C-AF92E206AC1D.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\65B1A402-FC79-410D-AE1C-AF92E206AC1Dhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\65B1A402-FC79-410D-AE1C-AF92E206AC1Dpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7EC.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7EChover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7ECpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\708d8b1e-6545-474a-9f07-d854acf8ad43.ico
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\708d8b1e-6545-474a-9f07-d854acf8ad43.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\708d8b1e-6545-474a-9f07-d854acf8ad43hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\708d8b1e-6545-474a-9f07-d854acf8ad43press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\72CDFC8C-6F2D-4df8-9811-18C4D682C406.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\72CDFC8C-6F2D-4df8-9811-18C4D682C406hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\72CDFC8C-6F2D-4df8-9811-18C4D682C406press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\7CF3BACC-BF1C-4860-BB4E-F1A8440250FE.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\7CF3BACC-BF1C-4860-BB4E-F1A8440250FEhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\7CF3BACC-BF1C-4860-BB4E-F1A8440250FEpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\7fe83ae9-caef-41f0-aa99-d114c0ce3941.ico
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\7fe83ae9-caef-41f0-aa99-d114c0ce3941.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\7fe83ae9-caef-41f0-aa99-d114c0ce3941hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\7fe83ae9-caef-41f0-aa99-d114c0ce3941press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\8217d395-9ebe-4ebb-807c-38cc911a307f.ico
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\8217d395-9ebe-4ebb-807c-38cc911a307f.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\8217d395-9ebe-4ebb-807c-38cc911a307fHover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\8217d395-9ebe-4ebb-807c-38cc911a307fPress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\87442BEF-FD31-405C-A807-650CB7CC8886.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\87442BEF-FD31-405C-A807-650CB7CC8886hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\87442BEF-FD31-405C-A807-650CB7CC8886press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\89582936-094c-4880-b87a-2af16fc31313.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\89582936-094c-4880-b87a-2af16fc31313Hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\89582936-094c-4880-b87a-2af16fc31313Press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\89582936-094C-4880-B87A-2AF16FC33B2C.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\89582936-094C-4880-B87A-2AF16FC33B2Chover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\89582936-094C-4880-B87A-2AF16FC33B2Cpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\8b3608b1-c2d5-4ad3-a382-33601228c6d3.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\8b3608b1-c2d5-4ad3-a382-33601228c6d3hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\8b3608b1-c2d5-4ad3-a382-33601228c6d3press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\8D338D8F-3189-41AB-BCFF-2958D48AAA6A.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\8D338D8F-3189-41AB-BCFF-2958D48AAA6AHover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\8D338D8F-3189-41AB-BCFF-2958D48AAA6APress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\8F4131CE-D4F0-4F08-9102-78C397F3748C.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\8F4131CE-D4F0-4F08-9102-78C397F3748CHover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\8F4131CE-D4F0-4F08-9102-78C397F3748CPress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\90165d32-a3ef-438c-8625-be9b538b6eba.ico
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\90165d32-a3ef-438c-8625-be9b538b6eba.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\90165d32-a3ef-438c-8625-be9b538b6ebaHover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\90165d32-a3ef-438c-8625-be9b538b6ebaPress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\929407CC-7E48-47E0-A9F9-A4A167AC24D1.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\929407CC-7E48-47E0-A9F9-A4A167AC24D1hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\929407CC-7E48-47E0-A9F9-A4A167AC24D1press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\95ae73f0-9799-46fd-bceb-57efcb7f0537.ico
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\95ae73f0-9799-46fd-bceb-57efcb7f0537.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\95ae73f0-9799-46fd-bceb-57efcb7f0537hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\95ae73f0-9799-46fd-bceb-57efcb7f0537press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\95D9E2EA-40AD-40B8-95D0-58209F584BBE.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\95D9E2EA-40AD-40B8-95D0-58209F584BBEHover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\95D9E2EA-40AD-40B8-95D0-58209F584BBEPress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\A1D51ECC-DBD7-4C7E-9A75-364B8E2F1D8C.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\A1D51ECC-DBD7-4C7E-9A75-364B8E2F1D8Chover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\A1D51ECC-DBD7-4C7E-9A75-364B8E2F1D8Cpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\A46C5E77-16B5-42A0-8761-C6F861D22308.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\A46C5E77-16B5-42A0-8761-C6F861D22308Hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\A46C5E77-16B5-42A0-8761-C6F861D22308Press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\A75C6A50-13B0-4704-AA87-8DD113E31310.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\A75C6A50-13B0-4704-AA87-8DD113E31310hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\A75C6A50-13B0-4704-AA87-8DD113E31310press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\a94e6710-6021-4cdc-82de-1c001238bd8f.ico
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\a94e6710-6021-4cdc-82de-1c001238bd8f.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\a94e6710-6021-4cdc-82de-1c001238bd8fHover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\a94e6710-6021-4cdc-82de-1c001238bd8fPress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\B1BEF453-913F-4EC4-B057-A2BB21C09DCB.ico
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\B1BEF453-913F-4EC4-B057-A2BB21C09DCB.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\B1BEF453-913F-4EC4-B057-A2BB21C09DCBhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\B1BEF453-913F-4EC4-B057-A2BB21C09DCBpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\B1FE90EC-CEDA-4467-86CE-6CD7F1D3D55F.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\B1FE90EC-CEDA-4467-86CE-6CD7F1D3D55Fhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\B1FE90EC-CEDA-4467-86CE-6CD7F1D3D55Fpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\B81443D4-15F7-4B97-9DC8-3645A012C817.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\B81443D4-15F7-4B97-9DC8-3645A012C817hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\B81443D4-15F7-4B97-9DC8-3645A012C817press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\BC303DD4-37E7-4242-8DDD-8DEE2171066B.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\BC303DD4-37E7-4242-8DDD-8DEE2171066Bhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\BC303DD4-37E7-4242-8DDD-8DEE2171066Bpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\bc8dcde3-3fd0-4f9b-af5d-15c20f3239ab.ico
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\bc8dcde3-3fd0-4f9b-af5d-15c20f3239ab.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\bc8dcde3-3fd0-4f9b-af5d-15c20f3239abhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\bc8dcde3-3fd0-4f9b-af5d-15c20f3239abpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\BE3608B1-C2D5-4AD3-A382-45635338C6D1.PNG
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\BE3608B1-C2D5-4AD3-A382-45635338C6D1HOVER.PNG
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\BE3608B1-C2D5-4AD3-A382-45635338C6D1PRESS.PNG
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\C0AC006A-9C65-42F9-AE11-D675DCCC6840.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\C0AC006A-9C65-42F9-AE11-D675DCCC6840hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\C0AC006A-9C65-42F9-AE11-D675DCCC6840press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\c1546a00-e42d-4ce7-aac5-5353a895f3cf.ico
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\c1546a00-e42d-4ce7-aac5-5353a895f3cf.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\c1546a00-e42d-4ce7-aac5-5353a895f3cfhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\c1546a00-e42d-4ce7-aac5-5353a895f3cfpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\C41AD485-FE91-4EFE-A613-66CB2BA96EAB.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\C41AD485-FE91-4EFE-A613-66CB2BA96EABHover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\C41AD485-FE91-4EFE-A613-66CB2BA96EABPress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\CCEE5A80-8C88-4BB1-89BF-4A7EFF93E452.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\CCEE5A80-8C88-4BB1-89BF-4A7EFF93E452hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\CCEE5A80-8C88-4BB1-89BF-4A7EFF93E452press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\CE1500FE-6F59-421C-8005-3E137AC051A2.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\CE1500FE-6F59-421C-8005-3E137AC051A2hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\CE1500FE-6F59-421C-8005-3E137AC051A2press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\D2B0680C-17C4-492D-85D7-D4CA3E724D50.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\D2B0680C-17C4-492D-85D7-D4CA3E724D50hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\D2B0680C-17C4-492D-85D7-D4CA3E724D50press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\D469E1BA-B745-45B3-B7EE-378E000E74C8.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\D469E1BA-B745-45B3-B7EE-378E000E74C8Hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\D469E1BA-B745-45B3-B7EE-378E000E74C8Press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\D5113B95-781C-4737-A26F-3ED3A2CB876F.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\D5113B95-781C-4737-A26F-3ED3A2CB876FHover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\D5113B95-781C-4737-A26F-3ED3A2CB876FPress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1Hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1Press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0.ico
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0Hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0Press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\e2870479-a572-412b-8a8f-5604d19b55cd.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\e2870479-a572-412b-8a8f-5604d19b55cdhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\e2870479-a572-412b-8a8f-5604d19b55cdpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\E3345571-EEF9-4041-8C24-F7F5A9331C23.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\E3345571-EEF9-4041-8C24-F7F5A9331C23hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\E3345571-EEF9-4041-8C24-F7F5A9331C23press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\e357f164-c5d8-4257-aab2-fe0cad41c12e.ico
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\e357f164-c5d8-4257-aab2-fe0cad41c12e.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\e357f164-c5d8-4257-aab2-fe0cad41c12ehover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\e357f164-c5d8-4257-aab2-fe0cad41c12epress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\e3c610dc-deed-47cd-acc0-493d71556c16.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\e3c610dc-deed-47cd-acc0-493d71556c16Hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\e3c610dc-deed-47cd-acc0-493d71556c16Press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\E458493F-867F-4712-A3AF-D9664ED47C19.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\E458493F-867F-4712-A3AF-D9664ED47C19hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\E458493F-867F-4712-A3AF-D9664ED47C19press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\E52BEFE7-6535-439c-B168-A3B105E4212E.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\E52BEFE7-6535-439c-B168-A3B105E4212Ehover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\E52BEFE7-6535-439c-B168-A3B105E4212Epress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\E6EE3C0D-1AF6-4A1E-AD63-1AFD7CB84583.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\E6EE3C0D-1AF6-4A1E-AD63-1AFD7CB84583hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\E6EE3C0D-1AF6-4A1E-AD63-1AFD7CB84583press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\E8584703-6CA5-4351-82CC-09E40938A066.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\E8584703-6CA5-4351-82CC-09E40938A066hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\E8584703-6CA5-4351-82CC-09E40938A066press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\e8967c62-9ea0-4fde-9832-2c10f1d580de.ico
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\e8967c62-9ea0-4fde-9832-2c10f1d580de.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\e8967c62-9ea0-4fde-9832-2c10f1d580dehover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\e8967c62-9ea0-4fde-9832-2c10f1d580depress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\EA99E20A-FBBA-4197-954B-E2013280A29B.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\EA99E20A-FBBA-4197-954B-E2013280A29Bhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\EA99E20A-FBBA-4197-954B-E2013280A29Bpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\EC116BC4-0583-4E07-908A-9D2AD3647177.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\EC116BC4-0583-4E07-908A-9D2AD3647177Hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\EC116BC4-0583-4E07-908A-9D2AD3647177Press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\f41901a8-2a78-4794-b455-d53a24b37aef.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\f41901a8-2a78-4794-b455-d53a24b37aefHover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\f41901a8-2a78-4794-b455-d53a24b37aefPress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\F5297DBC-3B3B-4744-A54D-308EAD98D223.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\F5297DBC-3B3B-4744-A54D-308EAD98D223hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\F5297DBC-3B3B-4744-A54D-308EAD98D223press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\f7fd4890-7f89-4c73-8ff2-52105657cbb6.ico
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\f7fd4890-7f89-4c73-8ff2-52105657cbb6.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\f7fd4890-7f89-4c73-8ff2-52105657cbb6Hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\f7fd4890-7f89-4c73-8ff2-52105657cbb6Press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BD.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BDhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BDpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\FA3DE5E1-19AC-42FA-8E77-C25C60E60EC7.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\FA3DE5E1-19AC-42FA-8E77-C25C60E60EC7hover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\FA3DE5E1-19AC-42FA-8E77-C25C60E60EC7press.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\fac5189f-f2c7-4eed-bae8-011eca170d7b.ico
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\fac5189f-f2c7-4eed-bae8-011eca170d7b.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\fac5189f-f2c7-4eed-bae8-011eca170d7bhover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\fac5189f-f2c7-4eed-bae8-011eca170d7bpress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\youtube.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\youtubehover.png
c:\users\Sacha\AppData\Local\Smartbar\Common\iconsWide\youtubepress.png
c:\users\Sacha\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.DMP.dll
c:\users\Sacha\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.MessengerPlugin.dll
c:\users\Sacha\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.NotepadPlugin.dll
c:\users\Sacha\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.ScreenCapturePlugin.dll
c:\users\Sacha\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.UninstallProductsPlugin.dll
c:\users\Sacha\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WeatherPlugin.dll
c:\users\Sacha\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WordPlugin.dll
c:\users\Sacha\AppData\Local\Smartbar\DistributionFiles\Configs\IconsSettings.xml
c:\users\Sacha\AppData\Local\Smartbar\DistributionFiles\Configs\LocalMethods.xml
c:\users\Sacha\AppData\Local\Smartbar\DistributionFiles\Configs\ProfileManager.xml
c:\users\Sacha\AppData\Local\Smartbar\DistributionFiles\Configs\PublisherSettings.xml
c:\users\Sacha\AppData\Local\Smartbar\DistributionFiles\Configs\UserSettings.xml
c:\users\Sacha\AppData\Local\Smartbar\DistributionFiles\Profiles\F3B1A35F-8F34-4AA2-9F30-6B414BABD905.xml
c:\users\Sacha\AppData\Local\Smartbar\QuickShare.exe_StrongName_vuedtbpoockmp1sq45awfxuouevabx0i\1.6.1.949\user.config
c:\users\Sacha\AppData\Roaming\WebCake
c:\users\Sacha\AppData\Roaming\WebCake\dat\Desktop.OS.dll
c:\users\Sacha\AppData\Roaming\WebCake\dat\Dora.dat
c:\users\Sacha\AppData\Roaming\WebCake\dat\Maintain.dat
c:\users\Sacha\AppData\Roaming\WebCake\dat\Paladin.dat
c:\users\Sacha\AppData\Roaming\WebCake\dat\Phoenix.dat
c:\users\Sacha\AppData\Roaming\WebCake\PlugIns.cache
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_DatamngrCoordinator
-------\Service_McComponentHostService
-------\Service_WebCake Desktop Updater
-------\Service_DatamngrCoordinator
-------\Service_McComponentHostService
-------\Service_WebCake Desktop Updater
.
.
(((((((((((((((((((((((((   Files Created from 2013-08-23 to 2013-09-23  )))))))))))))))))))))))))))))))
.
.
2013-09-23 20:03 . 2013-09-23 20:03    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-09-21 12:10 . 2013-09-21 12:11    --------    d-----w-    c:\windows\4941BFEB62C047A2801E998FC469CC2C.TMP
2013-09-21 12:05 . 2013-09-21 12:05    3723656    ----a-w-    c:\windows\system32\FlashPlayerInstaller.exe
2013-09-15 02:59 . 2013-07-31 09:45    2382848    ----a-w-    c:\windows\system32\mshtml.tlb
2013-09-15 02:59 . 2013-07-31 10:39    149656    ----a-w-    c:\program files\Internet Explorer\sqmapi.dll
2013-09-15 02:59 . 2013-07-31 09:50    768512    ----a-w-    c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll
2013-09-15 02:59 . 2013-07-31 09:50    194560    ----a-w-    c:\program files\Internet Explorer\IEShims.dll
2013-08-30 20:42 . 2013-08-30 20:42    --------    d-----w-    c:\users\Sacha\AppData\Roaming\MusicNet
2013-08-30 20:39 . 2013-08-30 20:45    --------    d-----w-    c:\users\Sacha\AppData\Local\BearShare
2013-08-30 20:38 . 2013-08-30 20:38    --------    d-----w-    c:\programdata\Wincert
2013-08-30 20:33 . 2013-08-30 20:39    --------    d-----w-    c:\program files\BearShare Applications
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-21 12:06 . 2012-06-02 06:25    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-09-21 12:06 . 2011-07-14 07:46    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-08 01:45 . 2013-09-13 21:34    2049536    ----a-w-    c:\windows\system32\win32k.sys
2013-08-02 04:09 . 2013-08-27 20:33    1548288    ----a-w-    c:\windows\system32\WMVDECOD.DLL
2013-07-31 09:52 . 2013-09-15 02:58    1129472    ----a-w-    c:\windows\system32\wininet.dll
2013-07-31 09:48 . 2013-09-15 02:59    420864    ----a-w-    c:\windows\system32\vbscript.dll
2013-07-17 19:41 . 2013-08-17 20:10    2048    ----a-w-    c:\windows\system32\tzres.dll
2013-07-16 04:35 . 2013-09-13 21:34    615936    ----a-w-    c:\windows\system32\themeui.dll
2013-07-10 09:47 . 2013-08-17 20:15    783360    ----a-w-    c:\windows\system32\rpcrt4.dll
2013-07-09 12:10 . 2013-08-17 20:11    1205168    ----a-w-    c:\windows\system32\ntdll.dll
2013-07-08 04:55 . 2013-08-17 20:11    3603904    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2013-07-08 04:55 . 2013-08-17 20:11    3551680    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-07-08 04:20 . 2013-08-17 20:15    172544    ----a-w-    c:\windows\system32\wintrust.dll
2013-07-08 04:16 . 2013-08-17 20:15    133120    ----a-w-    c:\windows\system32\cryptsvc.dll
2013-07-08 04:16 . 2013-08-17 20:15    98304    ----a-w-    c:\windows\system32\cryptnet.dll
2013-07-08 04:16 . 2013-08-17 20:15    992768    ----a-w-    c:\windows\system32\crypt32.dll
2013-07-05 04:53 . 2013-08-17 20:15    905664    ----a-w-    c:\windows\system32\drivers\tcpip.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"HPAdvisor"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2008-11-18 966656]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-12 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Spotify"="c:\users\Sacha\AppData\Roaming\Spotify\Spotify.exe" [2013-07-13 4640768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-10-28 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-10-28 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-10-28 154136]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-12-04 1410344]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-09-24 468264]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-12-24 210216]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-10-10 206128]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-10-30 210216]
"UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-12-08 432432]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-09-13 122368]
"Monitor"="c:\program files\LeapFrog\LeapFrog Connect\Monitor.exe" [2010-11-19 193880]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-02-18 49208]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-02-23 483420]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544]
.
c:\users\Sacha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-6-23 113664]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-6-19 727592]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-10-16 214360]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\aestsrv.exe [2009-02-12 81920]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs    REG_MULTI_SZ       BthServ
HPZ12    REG_MULTI_SZ       Pml Driver HPZ12 Net Driver HPZ12
HPService    REG_MULTI_SZ       HPSLPSVC
hpdevmgmt    REG_MULTI_SZ       hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation    REG_MULTI_SZ       FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14    451872    ----a-w-    c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-21 17:16    1177552    ----a-w-    c:\program files\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-02 21:15]
.
2013-09-23 c:\windows\Tasks\Foresight Software Registration3.job
- c:\program files\Common Files\Foresight Software\UUS3\UUS3.dll [2013-01-15 21:40]
.
2013-09-15 c:\windows\Tasks\Foresight Software Update3.job
- c:\program files\Common Files\Foresight Software\UUS3\Update3.exe [2013-01-15 21:40]
.
2013-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-17 21:22]
.
2013-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-17 21:22]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=91&bd=Presario&pf=cnnb
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=GB&userid=d5c32e9b-908e-4627-bf54-b72c60e84c7c&searchtype=ds&q={searchTerms}&installDate=03/06/2013
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
DPF: {A9CF3378-D60E-40A8-927D-7EA0D5B0AA98} - hxxp://webalbum.bonusprint.com/ukipc01/downloads//ImageUploader6.cab
FF - ProfilePath - c:\users\Sacha\AppData\Roaming\Mozilla\Firefox\Profiles\ylhnuwgm.default\
FF - prefs.js: browser.search.defaulturl -
FF - ExtSQL: 2013-08-30 21:37; {104d74b8-67eb-4f25-8294-04eecfa292e4}; c:\users\Sacha\AppData\Roaming\Mozilla\Firefox\Profiles\ylhnuwgm.default\extensions\{104d74b8-67eb-4f25-8294-04eecfa292e4}
FF - ExtSQL: !HIDDEN! 2009-09-16 19:49; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2010-08-30 21:35; [email protected]; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=75513bd9000000000000002556a9e873&q=
FF - user.js: extensions.BabylonToolbar.id - 75513bd9000000000000002556a9e873
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15666
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.4.9
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.4.9
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.4.922:18
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - irhnew
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar_i.excTlbr - false
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110824&tt=201112_1849_4712_6
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar.rvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 75513bd9000000000000002556a9e873
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15859
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.521:36
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=121240&tt=gc_
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
FF - user.js: extentions.webcake.installId - 66aca9a4-88d8-45e5-8db7-66390bc2928c
FF - user.js: extentions.webcake.defaultEnableAppsList - layers,brain/features,newOffers/wc
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-Browser Infrastructure Helper - c:\users\Sacha\AppData\Local\Smartbar\Application\QuickShare.exe
HKCU-Run-InstallIQUpdater - c:\program files\W3i\InstallIQUpdater\InstallIQUpdater.exe
HKLM-Run-SweetIM - c:\program files\SweetIM\Messenger\SweetIM.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.318\SSScheduler.exe
AddRemove-bearsharemusicboxtoolbarFF - c:\progra~1\MUSICT~1\Datamngr\SRTOOL~1\FF\uninstall.exe
AddRemove-bearsharemusicboxtoolbarIE - c:\progra~1\MUSICT~1\Datamngr\SRTOOL~1\IE\uninstall.exe
AddRemove-McAfee Security Scan - c:\program files\McAfee Security Scan\uninstall.exe
AddRemove-{CED0FE94-7795-42b5-978C-B247EB3EDE66} - c:\program files\Foresight Software\PC Helper 360\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-23 21:08
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ...
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.8.3.6\diMaster.dll\" /prefetch:1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(2932)
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\STacSV.exe
c:\windows\system32\WLANExt.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\LeapFrog\LeapFrog Connect\CommandService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
c:\program files\SMINST\BLService.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Photodex\ProShowGold\ScsiAccess.exe
c:\windows\system32\DllHost.exe
c:\program files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Microsoft Office\Office12\ONENOTEM.EXE
c:\windows\ehome\ehmsas.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Hewlett-Packard\Shared\hpqToaster.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\program files\Norton Internet Security\Engine\16.8.3.6\WSCStub.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Common Files\Java\Java Update\jucheck.exe
.
**************************************************************************
.
Completion time: 2013-09-23  21:18:36 - machine was rebooted
ComboFix-quarantined-files.txt  2013-09-23 20:18
ComboFix2.txt  2013-09-21 16:01
.
Pre-Run: 66,128,486,400 bytes free
Post-Run: 65,856,167,936 bytes free
.
- - End Of File - - BF97F8CD29169E1F7E6CEF1B82AE168A
5C86ADEC17B739C437E145E3B3FC2E6D
 



#12 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 4,368 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:12 AM

Posted 24 September 2013 - 04:40 AM

Did MBAM finish?


My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

 


#13 christyjh

christyjh
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:12 AM

Posted 24 September 2013 - 03:51 PM

Here it is. Thanks again Marius

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.23.11

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Sacha :: SACHA-PC [administrator]

23/09/2013 21:24:31
mbam-log-2013-09-23 (21-24-31).txt

Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 493890
Time elapsed: 3 hour(s), 16 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 62
HKCR\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\AppID\{38495740-0035-4471-851E-F5BBB86AB085} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\esrv.BabylonESrvc.1 (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\esrv.BabylonESrvc (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} (PUP.Optional.BearshareTB.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{74322BF9-DF26-493F-B0DA-6D2FC5E6429E} (PUP.Optional.BearshareTB.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{A1E28287-1A31-4b0f-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\DefaultTabBHO.DefaultTabBrowserActiveX.1 (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\DefaultTabBHO.DefaultTabBrowserActiveX (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\b (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\Typelib\{4599D05A-D545-4069-BB42-5895B4EAE05B} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\Interface\{1231839B-064E-4788-B865-465A1B5266FD} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\Typelib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\delta.deltaappCore.1 (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\delta.deltaappCore (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\bbylnApp.appCore.1 (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\bbylnApp.appCore (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\Babylon.dskBnd.1 (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\Babylon.dskBnd (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
HKCR\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
HKCR\escort.escortIEPane.1 (PUP.Optional.Delta) -> Quarantined and deleted successfully.
HKCR\escort.escortIEPane (PUP.Optional.Delta) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38} (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
HKCR\BearshareIEHelper.DNSGuard (PUP.Optional.BearshareTB.A) -> Quarantined and deleted successfully.
HKCR\BearshareIEHelper.DNSGuard.1 (PUP.Optional.BearshareTB.A) -> Quarantined and deleted successfully.
HKCR\AppID\DefaultTabBHO.DLL (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\BabylonToolbar (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DEFAULT TAB (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DELTA\DELTA (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\Software\DefaultTab (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\BabylonToolbar (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\DEFAULT TAB (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Delta\delta\Instl (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh (PUP.WebCake) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\delta (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.

Registry Values Detected: 9
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{98889811-442D-49DD-99D7-DC866BE87DBC} (PUP.Optional.BabylonToolBar.A) -> Data: Babylon Toolbar -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Default Tab|Version (PUP.Optional.DefaultTab.A) -> Data: 2.2.8.0 -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Delta\Delta|tlbrSrchUrl (PUP.Optional.Delta.A) -> Data:  -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Data: http://search.babylon.com/?affID=110824&tt=201112_1849_4712_6&babsrc=HP_ss&mntrId=75513bd9000000000000002556a9e873 -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Data: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> Quarantined and deleted successfully.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0A1F1KtGtDtH1F1T1OtLtF1W -> Quarantined and deleted successfully.
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {088801F9-77BF-4DCC-B746-16DA8A2BFDB8} -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Default Tab|Version (PUP.Optional.DefaultTab.A) -> Data: 2.2.8.0 -> Quarantined and deleted successfully.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {088801F9-77BF-4DCC-B746-16DA8A2BFDB8} -> Quarantined and deleted successfully.

Registry Data Items Detected: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (PUP.Optional.Snapdo) -> Bad: (http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=GB&userid=d5c32e9b-908e-4627-bf54-b72c60e84c7c&searchtype=ds&q={searchTerms}&installDate=03/06/2013) Good: (http://www.google.com) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|SearchAssistant (PUP.Optional.Snapdo) -> Bad: (http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=GB&userid=d5c32e9b-908e-4627-bf54-b72c60e84c7c&searchtype=ds&q={searchTerms}&installDate=03/06/2013) Good: (http://www.google.com) -> Quarantined and repaired successfully.

Folders Detected: 12
C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38} (PUP.WebCake) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Cache (PUP.WebCake) -> Quarantined and deleted successfully.
C:\Users\Sacha\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Sacha\AppData\Roaming\Delta (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\Users\Sacha\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Users\Sacha\AppData\Roaming\BabSolution\CR (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Users\Sacha\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Program Files\Delta\delta\1.8.21.5 (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Program Files\Delta\delta\1.8.21.5\bh (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.

Files Detected: 75
C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.4.9\BabylonToolbarsrv.exe (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.4.9\BabylonToolbarEng.dll (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.4.9\BabylonToolbarApp.dll (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files\Delta\delta\1.8.21.5\deltaApp.dll (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.4.9\BabylonToolbarTlbr.dll (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files\Delta\delta\1.8.21.5\deltaEng.dll (PUP.Optional.Delta) -> Quarantined and deleted successfully.
C:\Program Files\Delta\delta\1.8.21.5\deltasrv.exe (PUP.Optional.Delta) -> Quarantined and deleted successfully.
C:\Program Files\Delta\delta\1.8.21.5\deltaTlbr.dll (PUP.Optional.Delta) -> Quarantined and deleted successfully.
C:\Program Files\Delta\delta\1.8.21.5\bh\delta.dll (PUP.Optional.Delta) -> Quarantined and deleted successfully.
C:\ProgramData\SweetIM\Messenger\update\sweetimsetup.exe (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\SweetIM\Messenger\mghooking.dll.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\SweetIM\Messenger\ContentPackagesActivationHandler.exe.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\SweetIM\Messenger\mgArchive.dll.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\SweetIM\Messenger\mgcommon.dll.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\SweetIM\Messenger\mgcommunication.dll.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\SweetIM\Messenger\mgconfig.dll.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\SweetIM\Messenger\mgFlashPlayer.dll.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\SweetIM\Messenger\mgICQAuto.dll.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\SweetIM\Messenger\mgICQMessengerAdapter.dll.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\SweetIM\Messenger\mglogger.dll.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\SweetIM\Messenger\mgMediaPlayer.dll.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\SweetIM\Messenger\mgMsnAuto.dll.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\SweetIM\Messenger\mgMsnMessengerAdapter.dll.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\SweetIM\Messenger\mgsimcommon.dll.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\SweetIM\Messenger\mgSweetIM.dll.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\SweetIM\Messenger\mgUpdateSupport.dll.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\SweetIM\Messenger\mgxml_wrapper.dll.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\SweetIM\Messenger\mgYahooAuto.dll.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\SweetIM\Messenger\mgYahooMessengerAdapter.dll.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\SweetIM\Messenger\SweetIM.exe.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe.vir (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\WebCake\WebCakeDesktop.Updater.exe.vir (Adware.WebCake) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll.vir (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart.exe.vir (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart64.exe.vir (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap.dll.vir (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap64.dll.vir (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe.vir (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\update.exe.vir (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Users\Sacha\AppData\Local\Temp\is1373634743\MyBabylonTB.exe (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Sacha\Downloads\BearShareSetup-r133-n-bf.exe (PUP.Optional.MusicToolbar.A) -> Quarantined and deleted successfully.
C:\Users\Sacha\Downloads\gimp(2).exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
C:\Users\Sacha\Downloads\gimp.exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
C:\Users\Sacha\Downloads\SweetImSetup.exe (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Users\Sacha\Downloads\Express_Installer(1).exe (PUP.Optional.Ibryte) -> Quarantined and deleted successfully.
C:\Users\Sacha\Downloads\Express_Installer.exe (PUP.Optional.Ibryte) -> Quarantined and deleted successfully.
C:\Windows\Installer\1ad3824b.msi (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.ico (PUP.WebCake) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.dat (PUP.WebCake) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setup.dll (PUP.WebCake) -> Quarantined and deleted successfully.
C:\Users\Sacha\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Sacha\AppData\Roaming\Delta\sqlite3.dll (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Users\Sacha\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
C:\Users\Sacha\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
C:\ProgramData\Wincert\win32cert.dll (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\ProgramData\Wincert\win64cert.dll (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\ProgramData\Wincert\win32prop.dll (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\ProgramData\Wincert\win64prop.dll (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\Users\Sacha\AppData\Roaming\BabSolution\CR\Delta.crx (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Users\Sacha\AppData\Roaming\BabSolution\Shared\BabMaint.exe (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Users\Sacha\AppData\Roaming\BabSolution\Shared\BUSolution.dll (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Users\Sacha\AppData\Roaming\BabSolution\Shared\chu.js (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Users\Sacha\AppData\Roaming\BabSolution\Shared\Delta.ico (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Users\Sacha\AppData\Roaming\BabSolution\Shared\GUninstaller.exe (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Users\Sacha\AppData\Roaming\BabSolution\Shared\SetupParams.ini (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Users\Sacha\AppData\Roaming\BabSolution\Shared\sqlite3.dll (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Program Files\Delta\delta\1.8.21.5\GUninstaller.exe (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Program Files\Delta\delta\1.8.21.5\uninstall.exe (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.

(end)
 



#14 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 4,368 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:12 AM

Posted 25 September 2013 - 03:42 AM

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.


My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

 


#15 christyjh

christyjh
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:12 AM

Posted 25 September 2013 - 04:52 PM

Thanks

 

C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.4.9\bh\BabylonToolbar.dll    a variant of Win32/Toolbar.Escort.A application
C:\Program Files\Giant Savings\ButtonUtil.dll    a variant of Win32/Toolbar.CrossRider.G application
C:\Program Files\Giant Savings\Giant Savings-bg.exe    a variant of Win32/Toolbar.CrossRider.E application
C:\Program Files\Giant Savings\Giant Savings.exe    a variant of Win32/Toolbar.CrossRider.E application
C:\Program Files\PDFReader\Uninstall\Uninstall.exe    a variant of Win32/InstallCore.AX application
C:\Qoobox\Quarantine\C\Program Files\DefaultTab\DefaultTabSearch.exe.vir    a variant of Win32/Toolbar.DefaultTab.B application
C:\Qoobox\Quarantine\C\Program Files\Music Toolbar\Datamngr\apcrtldr.dll.vir    a variant of Win32/Toolbar.SearchSuite.C application
C:\Qoobox\Quarantine\C\Program Files\Music Toolbar\Datamngr\Datamngr.dll.vir    a variant of Win32/Toolbar.SearchSuite.C application
C:\Qoobox\Quarantine\C\Program Files\Music Toolbar\Datamngr\DatamngrCoordinator.exe.vir    a variant of Win32/Toolbar.SearchSuite.D application
C:\Qoobox\Quarantine\C\Program Files\Music Toolbar\Datamngr\Helper.dll.vir    a variant of Win32/Toolbar.SearchSuite.C application
C:\Qoobox\Quarantine\C\Program Files\Music Toolbar\Datamngr\IEBHO.dll.vir    a variant of Win32/Toolbar.SearchSuite.C application
C:\Qoobox\Quarantine\C\Program Files\Music Toolbar\Datamngr\mgrldr.dll.vir    Win32/Toolbar.SearchSuite.B application
C:\Qoobox\Quarantine\C\Users\Sacha\AppData\Local\Smartbar\Application\BrowserHelper.exe.vir    a variant of MSIL/Toolbar.Linkury.A application
C:\Qoobox\Quarantine\C\Users\Sacha\AppData\Local\Smartbar\Application\QuickShare.exe.vir    a variant of Win32/Toolbar.Linkury.A application
C:\Qoobox\Quarantine\C\Users\Sacha\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_16.dll.vir    Win32/Toolbar.Linkury.D application
C:\Qoobox\Quarantine\C\Users\Sacha\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_17.dll.vir    Win32/Toolbar.Linkury.D application
C:\Qoobox\Quarantine\C\Users\Sacha\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_18.dll.vir    Win32/Toolbar.Linkury.D application
C:\Qoobox\Quarantine\C\Users\Sacha\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_19.dll.vir    Win32/Toolbar.Linkury.D application
C:\Qoobox\Quarantine\C\Users\Sacha\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_20.dll.vir    Win32/Toolbar.Linkury.D application
C:\Qoobox\Quarantine\C\Users\Sacha\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_21.dll.vir    Win32/Toolbar.Linkury.D application
C:\Qoobox\Quarantine\C\Users\Sacha\AppData\Roaming\WebCake\dat\Desktop.OS.dll.vir    a variant of MSIL/WebCake.A application
C:\Qoobox\Quarantine\C\Users\Sacha\AppData\Roaming\WebCake\dat\Dora.dat.vir    a variant of MSIL/WebCake.A application
C:\Qoobox\Quarantine\C\Users\Sacha\AppData\Roaming\WebCake\dat\Maintain.dat.vir    a variant of MSIL/WebCake.A application
C:\Qoobox\Quarantine\C\Users\Sacha\AppData\Roaming\WebCake\dat\Paladin.dat.vir    a variant of MSIL/WebCake.A application
C:\Qoobox\Quarantine\C\Users\Sacha\AppData\Roaming\WebCake\dat\Phoenix.dat.vir    a variant of MSIL/WebCake.A application
C:\Users\Sacha\AppData\Roaming\Mozilla\Firefox\Profiles\ylhnuwgm.default\extensions\[email protected]\content\bprotector.js    Win32/bProtector.F application
C:\Users\Sacha\AppData\Roaming\Mozilla\Firefox\Profiles\ylhnuwgm.default\extensions\[email protected]\content\overlay.js    JS/Adware.Yontoo.C application
C:\Users\Sacha\Desktop\Downloads\CuteWriter.exe    a variant of Win32/Bundled.Toolbar.Ask.A application
C:\Users\Sacha\Downloads\CuteWriter.exe    a variant of Win32/Bundled.Toolbar.Ask.A application
C:\Users\Sacha\Downloads\MyFunCardsbar.exe    a variant of Win32/AdInstaller application
C:\Users\Sacha\Downloads\PDFReaderSetup.exe    a variant of Win32/InstallCore.AX application
C:\Users\Sacha\Downloads\SweetImSetup(1).exe    a variant of Win32/SweetIM.B application
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users