Sign In
Create Account
0
I posted the same issue about a week ago and everything seemed to be resolved, but now I'm getting 404 bad gateway and redirected to mydomainadvisor.com again.
Here is the link to the original thread: http://forums.malwar...l=&fromsearch=1
-
This topic is locked
Back to top
#2
Posted 19 March 2012 - 07:03 PM
-
- Moderators
-
- 20,060 posts
Forum Deity
- Gender:Male
- Location:Missouri, USA
Please do not attach the scan results from Combofx. Use copy/paste.
Vista and Windows 7 users:
1. These tools MUST be run from the executable. (.exe) every time you run them
2. With Admin Rights (Right click, choose "Run as Administrator")
Download ComboFix from one of these locations:
Link 1
Link 2 If using this link, Right Click and select Save As.
* IMPORTANT !!! Save ComboFix.exe to your Desktop
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt using Copy / Paste in your next reply.
Notes:
1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Give it atleast 20-30 minutes to finish if needed.
Please do not attach the scan results from Combofx. Use copy/paste.
Also please describe how your computer behaves at the moment.
Vista and Windows 7 users:
1. These tools MUST be run from the executable. (.exe) every time you run them
2. With Admin Rights (Right click, choose "Run as Administrator")
Download ComboFix from one of these locations:
Link 1
Link 2 If using this link, Right Click and select Save As.
* IMPORTANT !!! Save ComboFix.exe to your Desktop
- Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : Protective Programs
- Double click on ComboFix.exe & follow the prompts.
Notes: Combofix will run without the Recovery Console installed. Skip the Recovery Console part if you're running Vista or Windows 7.
Note: If you have XP SP3, use the XP SP2 package.
If Vista or Windows 7, skip the Recovery Console part
- As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
- Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt using Copy / Paste in your next reply.
Notes:
1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Give it atleast 20-30 minutes to finish if needed.
Please do not attach the scan results from Combofx. Use copy/paste.
Also please describe how your computer behaves at the moment.
#3
Posted 19 March 2012 - 08:49 PM
-
- Members
-
- 15 posts
New Member
It seems like this problem comes and goes. It starts with a 404 bad gateway and then i start to get redirected occasionally. It's not just google searches that redirect me either.
Thank You.
Combo Fix Log:
ComboFix 12-03-18.04 - dougg 03/19/2012 20:24:19.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4094.2608 [GMT -4:00]
Running from: c:\users\dougg\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-02-20 to 2012-03-20 )))))))))))))))))))))))))))))))
.
.
2012-03-20 01:12 . 2012-03-20 01:12 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-03-20 01:12 . 2012-03-20 01:12 -------- d-----w- c:\users\Mcx1-DOUG-PC\AppData\Local\temp
2012-03-20 01:12 . 2012-03-20 01:12 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-03-20 01:12 . 2012-03-20 01:12 -------- d-----w- c:\users\Doug\AppData\Local\temp
2012-03-20 01:12 . 2012-03-20 01:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-15 01:07 . 2012-03-15 01:07 -------- d-----w- c:\program files (x86)\ESET
2012-03-15 00:21 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-15 00:21 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-15 00:21 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 22:11 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 22:11 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 22:11 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-14 22:11 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 22:11 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 22:11 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-14 22:11 . 2012-02-17 06:38 1112064 ----a-w- c:\windows\system32\rdpcorets.dll
2012-03-14 22:11 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 22:11 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-14 22:11 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-14 22:11 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-06 03:32 . 2012-03-06 03:32 -------- d-----w- c:\users\dougg\.idlerc
2012-03-05 05:46 . 2012-03-05 05:46 -------- d-----w- C:\Python27
2012-03-05 01:06 . 2012-03-05 01:06 -------- d-----w- c:\users\dougg\AppData\Roaming\SpeedyPC Software
2012-03-05 01:06 . 2012-03-05 01:06 -------- d-----w- c:\users\dougg\AppData\Roaming\DriverCure
2012-03-05 01:06 . 2012-03-05 01:06 -------- d-----w- c:\programdata\SpeedyPC Software
2012-03-05 01:06 . 2012-03-05 01:06 -------- d-----w- c:\program files (x86)\SpeedyPC Software
2012-03-05 01:06 . 2012-03-05 01:06 -------- d-----w- c:\program files (x86)\Common Files\SpeedyPC Software
2012-03-04 19:16 . 2012-03-04 19:16 -------- d-----w- c:\users\dougg\AppData\Roaming\SUPERAntiSpyware.com
2012-03-04 19:14 . 2012-03-05 00:45 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-03-04 19:14 . 2012-03-04 19:14 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-03-03 08:31 . 2012-03-03 08:36 -------- d-----w- c:\users\dougg\AppData\Roaming\GRETECH
2012-03-03 08:30 . 2012-03-03 08:30 -------- d-----w- c:\users\dougg\AppData\Local\blekkotb
2012-03-03 08:30 . 2012-03-18 20:15 -------- d-----w- c:\programdata\Anti-phishing Domain Advisor
2012-03-03 08:30 . 2012-03-03 08:36 -------- d-----w- c:\program files (x86)\GRETECH
2012-03-03 08:30 . 2012-03-03 08:30 -------- d-----w- c:\program files (x86)\blekkotb
2012-02-26 03:28 . 2012-02-27 21:27 -------- d-----w- c:\users\dougg\AppData\Roaming\vlc
2012-02-26 03:28 . 2012-02-26 03:28 -------- d-----w- c:\program files (x86)\VideoLAN
2012-02-21 04:26 . 2012-02-21 04:26 -------- d-----w- c:\program files (x86)\uTorrent
2012-02-21 04:26 . 2012-03-20 01:13 -------- d-----w- c:\users\dougg\AppData\Roaming\uTorrent
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-20 01:14 . 2010-06-24 00:20 25640 ----a-w- c:\windows\gdrv.sys
2012-02-23 13:18 . 2010-06-23 23:59 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-17 21:18 . 2010-07-29 07:29 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-02-17 20:41 . 2011-06-01 20:42 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-10 23:05 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-01-10 23:05 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-01-10 02:18 . 2012-01-10 02:18 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2012-01-04 10:44 . 2012-02-15 03:27 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-01-04 08:58 . 2012-02-15 03:27 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2011-12-30 06:26 . 2012-02-15 03:27 515584 ----a-w- c:\windows\system32\timedate.cpl
2011-12-30 05:27 . 2012-02-15 03:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2011-12-28 03:59 . 2012-02-15 03:27 498688 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{20a0be68-8fd9-4539-8712-ce3d1c1fdfc6}]
2012-01-17 19:28 262312 ----a-w- c:\program files (x86)\blekkotb\auxi\blekkoAu.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{26c9e18c-3717-4be1-a225-04e4471f5b6e}]
2012-01-17 19:28 86696 ----a-w- c:\program files (x86)\blekkotb\blekkoDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{26c9e18c-3717-4be1-a225-04e4471f5b6e}"= "c:\program files (x86)\blekkotb\blekkoDx.dll" [2012-01-17 86696]
.
[HKEY_CLASSES_ROOT\clsid\{26c9e18c-3717-4be1-a225-04e4471f5b6e}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dyyno Launcher"="c:\program files (x86)\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe" [2011-01-15 2151776]
"Akamai NetSession Interface"="c:\users\dougg\AppData\Local\Akamai\netsession_win.exe" [2012-02-02 3329824]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-15 17146504]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-03-06 741240]
"SUPERAntiSpyware"="c:\program files\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE" [2012-01-20 5487488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-08-04 346320]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2012-01-17 232616]
.
c:\users\dougg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-10-14 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-01-31 158856]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERANTISPYWARE\SASCORE64.EXE [2011-08-11 140672]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-28 136360]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-08-04 219360]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 Dyyno Launcher;Dyyno Service;c:\program files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe [2011-01-15 415072]
S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [2012-01-13 103440]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-10-14 994360]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-10-14 399416]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [2011-11-22 1148632]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-06-08 240232]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 PAC207;Webcam;c:\windows\system32\DRIVERS\PFC027.SYS [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-05 c:\windows\Tasks\SpeedyPC Pro.job
- c:\program files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe [2011-10-09 01:19]
.
2012-03-05 c:\windows\Tasks\SpeedyPC Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2012-03-05 c:\windows\Tasks\SpeedyPC Update Version3.job
- c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2011-10-06 16:18]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
"PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2012-02-20 2786480]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2012-02-20 3669680]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 167.206.254.1 167.206.254.2
FF - ProfilePath - c:\users\dougg\AppData\Roaming\Mozilla\Firefox\Profiles\xm5exn3q.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10y_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10y_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10y.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10y.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10y.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10y.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\rundll32.exe
.
**************************************************************************
.
Completion time: 2012-03-19 21:34:48 - machine was rebooted
ComboFix-quarantined-files.txt 2012-03-20 01:34
ComboFix2.txt 2012-03-14 23:00
.
Pre-Run: 729,603,268,608 bytes free
Post-Run: 729,260,109,824 bytes free
.
- - End Of File - - A0F23C631C7D1DF95D4DD9D6B2808AE6
Thank You.
Combo Fix Log:
ComboFix 12-03-18.04 - dougg 03/19/2012 20:24:19.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4094.2608 [GMT -4:00]
Running from: c:\users\dougg\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-02-20 to 2012-03-20 )))))))))))))))))))))))))))))))
.
.
2012-03-20 01:12 . 2012-03-20 01:12 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-03-20 01:12 . 2012-03-20 01:12 -------- d-----w- c:\users\Mcx1-DOUG-PC\AppData\Local\temp
2012-03-20 01:12 . 2012-03-20 01:12 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-03-20 01:12 . 2012-03-20 01:12 -------- d-----w- c:\users\Doug\AppData\Local\temp
2012-03-20 01:12 . 2012-03-20 01:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-15 01:07 . 2012-03-15 01:07 -------- d-----w- c:\program files (x86)\ESET
2012-03-15 00:21 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-15 00:21 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-15 00:21 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 22:11 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 22:11 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 22:11 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-14 22:11 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 22:11 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 22:11 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-14 22:11 . 2012-02-17 06:38 1112064 ----a-w- c:\windows\system32\rdpcorets.dll
2012-03-14 22:11 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 22:11 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-14 22:11 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-14 22:11 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-06 03:32 . 2012-03-06 03:32 -------- d-----w- c:\users\dougg\.idlerc
2012-03-05 05:46 . 2012-03-05 05:46 -------- d-----w- C:\Python27
2012-03-05 01:06 . 2012-03-05 01:06 -------- d-----w- c:\users\dougg\AppData\Roaming\SpeedyPC Software
2012-03-05 01:06 . 2012-03-05 01:06 -------- d-----w- c:\users\dougg\AppData\Roaming\DriverCure
2012-03-05 01:06 . 2012-03-05 01:06 -------- d-----w- c:\programdata\SpeedyPC Software
2012-03-05 01:06 . 2012-03-05 01:06 -------- d-----w- c:\program files (x86)\SpeedyPC Software
2012-03-05 01:06 . 2012-03-05 01:06 -------- d-----w- c:\program files (x86)\Common Files\SpeedyPC Software
2012-03-04 19:16 . 2012-03-04 19:16 -------- d-----w- c:\users\dougg\AppData\Roaming\SUPERAntiSpyware.com
2012-03-04 19:14 . 2012-03-05 00:45 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-03-04 19:14 . 2012-03-04 19:14 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-03-03 08:31 . 2012-03-03 08:36 -------- d-----w- c:\users\dougg\AppData\Roaming\GRETECH
2012-03-03 08:30 . 2012-03-03 08:30 -------- d-----w- c:\users\dougg\AppData\Local\blekkotb
2012-03-03 08:30 . 2012-03-18 20:15 -------- d-----w- c:\programdata\Anti-phishing Domain Advisor
2012-03-03 08:30 . 2012-03-03 08:36 -------- d-----w- c:\program files (x86)\GRETECH
2012-03-03 08:30 . 2012-03-03 08:30 -------- d-----w- c:\program files (x86)\blekkotb
2012-02-26 03:28 . 2012-02-27 21:27 -------- d-----w- c:\users\dougg\AppData\Roaming\vlc
2012-02-26 03:28 . 2012-02-26 03:28 -------- d-----w- c:\program files (x86)\VideoLAN
2012-02-21 04:26 . 2012-02-21 04:26 -------- d-----w- c:\program files (x86)\uTorrent
2012-02-21 04:26 . 2012-03-20 01:13 -------- d-----w- c:\users\dougg\AppData\Roaming\uTorrent
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-20 01:14 . 2010-06-24 00:20 25640 ----a-w- c:\windows\gdrv.sys
2012-02-23 13:18 . 2010-06-23 23:59 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-17 21:18 . 2010-07-29 07:29 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-02-17 20:41 . 2011-06-01 20:42 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-10 23:05 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-01-10 23:05 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-01-10 02:18 . 2012-01-10 02:18 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2012-01-04 10:44 . 2012-02-15 03:27 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-01-04 08:58 . 2012-02-15 03:27 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2011-12-30 06:26 . 2012-02-15 03:27 515584 ----a-w- c:\windows\system32\timedate.cpl
2011-12-30 05:27 . 2012-02-15 03:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2011-12-28 03:59 . 2012-02-15 03:27 498688 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{20a0be68-8fd9-4539-8712-ce3d1c1fdfc6}]
2012-01-17 19:28 262312 ----a-w- c:\program files (x86)\blekkotb\auxi\blekkoAu.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{26c9e18c-3717-4be1-a225-04e4471f5b6e}]
2012-01-17 19:28 86696 ----a-w- c:\program files (x86)\blekkotb\blekkoDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{26c9e18c-3717-4be1-a225-04e4471f5b6e}"= "c:\program files (x86)\blekkotb\blekkoDx.dll" [2012-01-17 86696]
.
[HKEY_CLASSES_ROOT\clsid\{26c9e18c-3717-4be1-a225-04e4471f5b6e}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dyyno Launcher"="c:\program files (x86)\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe" [2011-01-15 2151776]
"Akamai NetSession Interface"="c:\users\dougg\AppData\Local\Akamai\netsession_win.exe" [2012-02-02 3329824]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-15 17146504]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-03-06 741240]
"SUPERAntiSpyware"="c:\program files\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE" [2012-01-20 5487488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-08-04 346320]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2012-01-17 232616]
.
c:\users\dougg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-10-14 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-01-31 158856]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERANTISPYWARE\SASCORE64.EXE [2011-08-11 140672]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-28 136360]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-08-04 219360]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 Dyyno Launcher;Dyyno Service;c:\program files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe [2011-01-15 415072]
S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [2012-01-13 103440]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-10-14 994360]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-10-14 399416]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [2011-11-22 1148632]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-06-08 240232]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 PAC207;Webcam;c:\windows\system32\DRIVERS\PFC027.SYS [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-05 c:\windows\Tasks\SpeedyPC Pro.job
- c:\program files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe [2011-10-09 01:19]
.
2012-03-05 c:\windows\Tasks\SpeedyPC Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2012-03-05 c:\windows\Tasks\SpeedyPC Update Version3.job
- c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2011-10-06 16:18]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
"PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2012-02-20 2786480]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2012-02-20 3669680]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 167.206.254.1 167.206.254.2
FF - ProfilePath - c:\users\dougg\AppData\Roaming\Mozilla\Firefox\Profiles\xm5exn3q.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10y_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10y_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10y.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10y.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10y.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10y.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\rundll32.exe
.
**************************************************************************
.
Completion time: 2012-03-19 21:34:48 - machine was rebooted
ComboFix-quarantined-files.txt 2012-03-20 01:34
ComboFix2.txt 2012-03-14 23:00
.
Pre-Run: 729,603,268,608 bytes free
Post-Run: 729,260,109,824 bytes free
.
- - End Of File - - A0F23C631C7D1DF95D4DD9D6B2808AE6
#4
Posted 20 March 2012 - 09:38 AM
-
- Moderators
-
- 20,060 posts
Forum Deity
- Gender:Male
- Location:Missouri, USA
Copy/paste the text in the Codebox below into notepad:
Here's how to do that:
Click Start > Run type Notepad click OK.
This will open an empty notepad file:
Take your mouse, and place your cursor at the beginning of the text in the box below, then click and hold the left mouse button, while pulling your mouse over the text. This should highlight the text. Now release the left mouse button. Now, with the cursor over the highlighted text, right click the mouse for options, and select 'copy'. Now over the empty Notepad box, right click your mouse again, and select 'paste' and you will have copied and pasted the text.
Save this file to your desktop, Save this as "CFScript"
Here's how to do that:
1.Click File;
2.Click Save As... Change the directory to your desktop;
3.Change the Save as type to "All Files";
4.Type in the file name: CFScript
5.Click Save ...
Drag CFScript.txt into ComboFix.exe
Then post the results log using Copy / Paste
Also please describe how your computer behaves at the moment.
Here's how to do that:
Click Start > Run type Notepad click OK.
This will open an empty notepad file:
Take your mouse, and place your cursor at the beginning of the text in the box below, then click and hold the left mouse button, while pulling your mouse over the text. This should highlight the text. Now release the left mouse button. Now, with the cursor over the highlighted text, right click the mouse for options, and select 'copy'. Now over the empty Notepad box, right click your mouse again, and select 'paste' and you will have copied and pasted the text.
KillAll::
DDS::
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;
Folder::
c:\program files (x86)\blekkotb
Registry::
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{20a0be68-8fd9-4539-8712-ce3d1c1fdfc6}]
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{26c9e18c-3717-4be1-a225-04e4471f5b6e}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{26c9e18c-3717-4be1-a225-04e4471f5b6e}"=-
[-HKEY_CLASSES_ROOT\clsid\{26c9e18c-3717-4be1-a225-04e4471f5b6e}]
Save this file to your desktop, Save this as "CFScript"
Here's how to do that:
1.Click File;
2.Click Save As... Change the directory to your desktop;
3.Change the Save as type to "All Files";
4.Type in the file name: CFScript
5.Click Save ...
Drag CFScript.txt into ComboFix.exe
Then post the results log using Copy / Paste
Also please describe how your computer behaves at the moment.
#5
Posted 20 March 2012 - 08:29 PM
-
- Members
-
- 15 posts
New Member
I cant seem to disable this properly. I tried following the guide you linked me before but i couldn't figure it out.
http://imgur.com/nxq3o
http://imgur.com/nxq3o
#6
Posted 21 March 2012 - 06:52 AM
-
- Moderators
-
- 20,060 posts
Forum Deity
- Gender:Male
- Location:Missouri, USA
Just keep going as combofix should do it's thing anyway
#7
Posted 21 March 2012 - 05:33 PM
-
- Members
-
- 15 posts
New Member
ComboFix 12-03-18.04 - dougg 03/21/2012 17:37:49.3.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4094.2505 [GMT -4:00]
Running from: c:\users\dougg\Desktop\ComboFix.exe
Command switches used :: c:\users\dougg\Desktop\CFScript.txt
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\blekkotb
c:\program files (x86)\blekkotb\auxi\blekkoAu.dll
c:\program files (x86)\blekkotb\auxi\config.xml
c:\program files (x86)\blekkotb\blekkoDx.dll
c:\program files (x86)\blekkotb\blekkotb.dll
c:\program files (x86)\blekkotb\chrome\content\custom.js
c:\program files (x86)\blekkotb\chrome\content\lib\about.xml
c:\program files (x86)\blekkotb\chrome\content\lib\dtxpanel.xul
c:\program files (x86)\blekkotb\chrome\content\lib\dtxpaneltransparent.xul
c:\program files (x86)\blekkotb\chrome\content\lib\dtxpanelwin.xul
c:\program files (x86)\blekkotb\chrome\content\lib\dtxprefwin.xul
c:\program files (x86)\blekkotb\chrome\content\lib\dtxtransparentwin.xul
c:\program files (x86)\blekkotb\chrome\content\lib\dtxwin.xul
c:\program files (x86)\blekkotb\chrome\content\lib\emailnotifierproviders.xml
c:\program files (x86)\blekkotb\chrome\content\lib\external.js
c:\program files (x86)\blekkotb\chrome\content\lib\neterror.xhtml
c:\program files (x86)\blekkotb\chrome\content\lib\rsspreview.html
c:\program files (x86)\blekkotb\chrome\content\lib\rsswin.xml
c:\program files (x86)\blekkotb\chrome\content\lib\rsswin.xsl
c:\program files (x86)\blekkotb\chrome\content\modules\datastore.jsm
c:\program files (x86)\blekkotb\chrome\content\modules\nsDragAndDrop.js
c:\program files (x86)\blekkotb\chrome\content\newtab\images\btn_search.gif
c:\program files (x86)\blekkotb\chrome\content\newtab\images\bullet.gif
c:\program files (x86)\blekkotb\chrome\content\newtab\images\field_bg.gif
c:\program files (x86)\blekkotb\chrome\content\newtab\images\powered_by_yahoo.gif
c:\program files (x86)\blekkotb\chrome\content\newtab\newtab.html
c:\program files (x86)\blekkotb\chrome\content\preferences.xml
c:\program files (x86)\blekkotb\chrome\content\toolbar.htm
c:\program files (x86)\blekkotb\chrome\content\toolbar.xul
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\css\dialog.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\images\arrow-grey.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\images\arrows_grey-left.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\images\arrows_grey-right.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\images\bg.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\images\btn-search-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\images\btn-search.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\images\throbber.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\index.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\css\dialog.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\1x1_transparent.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\bg.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\btn-search.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\btn-wide-close-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\btn-wide-close.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\btn_close_x.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\default.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\transparent.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\win-btm-left.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\win-btm-mdl.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\win-btm-right-resize.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\win-btm-right.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\main.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\scripts\defscript.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\tb_icon.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\widget.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\widget.xml
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\widget_version.txt
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\.project
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\alert_coupon.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\arrow-next-off.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\arrow-next.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\arrow-previous-off.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\arrow-previous.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\bg-coupon-blue.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\bg-save.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\blank_image.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\border-radius.htc
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\btn-getcoupon.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\btn-next-blue.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\btn-previous-blue.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\btn-wide-close-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\btn-wide-close.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\checked.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\coupon-activated.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\couponTooltip.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\css\appversion.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\css\dialog.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\css\IE7Styles.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\ico-coupon-hover.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\ico-coupon.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\ico-dollar.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\arrow-grey.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\arrows_grey-left.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\arrows_grey-right.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\bg_top.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\btn-back.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\btn-getcoupon.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\btn-search.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\coupon-activated.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\delete.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\loader.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\save.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollb-disable.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollb-down.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollb.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollt-disable.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollt-down.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollt.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\sprite.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-arrow-hover.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-arrow.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-off-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-off-l_BAK.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-off-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-off-r_BAK.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-on-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-on-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-over-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-over-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-white-left.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-white-mdl.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-white-right.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\vid-bg.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\index.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\jquery.contextMenu.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\jquery.contextMenu.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\js\appversion.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\js\jquery-1.4.2.min.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\js\jquery.event.wheel.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\js\jquery.pagination.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\js\jquery.scrollTo-min.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\js\JSON.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\js\listnav.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\js\main.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\js\main.js.bak
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\page_white_copy.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\panel.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\partner.xml
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\placeholder-logo.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\css\dialog.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\bg.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-disablealert-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-disablealert.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-enablealert-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-enablealert.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-help-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-help.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-managealerts-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-managealerts.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-showalert-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-showalert.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-wide-close-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-wide-close.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\default.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\power-couponcamp.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\poweredby-couponwinner.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\transparent.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\win-btm-left.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\win-btm-left_old.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\win-btm-mdl.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\win-btm-mdl_old.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\win-btm-right-resize.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\win-btm-right.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\win-btm-right_old.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\main.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\scripts\defscript.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\tb_icon.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\unchecked.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\widget.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\widget.xml
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\widget_version.txt
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Grooveshark\tb_icon.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Grooveshark\widget.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Grooveshark\widget.xml
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Grooveshark\widget_version.txt
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\skin\css\messageContent.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\skin\css\messageList.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\skin\images\bg_header.jpg
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\skin\images\btn-close-grey.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\skin\images\mail.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\skin\images\msg-btn.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\skin\messageContent.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\skin\messageList.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\skin\scripts\messageList.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\tb_icon.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\widget.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\widget.xml
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\.cvsignore
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\css\dialog.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\arrow-grey.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\arrows_grey-left.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\arrows_grey-right.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\back.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\btn-search-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\btn-search.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\delete.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollb-disable.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollb-down.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollb.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollt-disable.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollt-down.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollt.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-arrow-hover.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-arrow.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-off-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-off-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-on-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-on-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-over-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-over-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-red-left.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-red-mdl.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-red-right.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-white-left.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-white-mdl.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-white-right.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\throbber.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\vid-bg.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\youtube.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\index.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\js\function.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\js\jquery-1.4.2.min.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\js\JSON.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\css\dialog.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\bg-facebook.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\blank.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\btn-wide-close-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\btn-wide-close.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\default.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\transparent.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\win-btm-left.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\win-btm-mdl.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\win-btm-right-resize.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\win-btm-right.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\main.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\scripts\defscript.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\scripts\jquery-1.4.2.min.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\tb_icon.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\widget.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\widget.xml
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\widget_version.txt
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-buffering.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-connecting.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-playing.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-stopped.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta.ico
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.RadioBeta\tb_icon.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.RadioBeta\widget.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.RadioBeta\widget.xml
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\css\twitter.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\btn-login-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\btn-login.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\btn-submit.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\loginbg.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\refresh-over.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\refresh.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\scrollbottom-disable.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\scrollbottom-down.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\scrollbottom-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\scrollbottom.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\scrolltop-disable.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\scrolltop-down.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\scrolltop-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\scrolltop.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\tab-off-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\tab-off-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\tab-on-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\tab-on-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\throbber.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\twitter-logo48.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\twitter_top.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\index.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\js\defscript.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\js\jquery.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\js\scripts.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\login.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\css\dialog.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\images\bg.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\images\btn-wide-close-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\images\btn-wide-close.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\images\default.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\images\transparent.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\images\win-btm-left.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\images\win-btm-mdl.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\images\win-btm-right-resize.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\images\win-btm-right.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\main.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\scripts\defscript.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\tb_icon.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\widget.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\widget.xml
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\widget_version.txt
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\css\autocomplete.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\css\dialog.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\arrow-grey.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\arrows_grey-left.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\arrows_grey-right.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\bg.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\btn-search-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\btn-search.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\powered-by-youtube.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-off-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-off-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-on-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-on-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-red-left.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-red-mdl.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-red-right.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-white-left.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-white-mdl.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-white-right.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\throbber.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\vid-bg.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\youtube.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\index.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\js\autocomplete.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\js\jquery-1.4.3.min.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\js\paginator.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\js\youtube.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\css\dialog.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\bg.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\btn-search.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\btn-wide-close-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\btn-wide-close.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\default.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\tab-off-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\tab-off-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\tab-on-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\tab-on-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\transparent.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\win-btm-left.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\win-btm-mdl.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\win-btm-right-resize.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\win-btm-right.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\main.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\scripts\defscript.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\tb_icon.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\widget.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\widget.xml
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\widget_version.txt
c:\program files (x86)\blekkotb\chrome\data\search\engines.xml
c:\program files (x86)\blekkotb\chrome\data\search\search.xsl
c:\program files (x86)\blekkotb\chrome\skin\bg-btnover-mdl_ff_bluelite.png
c:\program files (x86)\blekkotb\chrome\skin\bg-btnover-mdl_ff_bluesky.png
c:\program files (x86)\blekkotb\chrome\skin\blekko16.png
c:\program files (x86)\blekkotb\chrome\skin\blogger.png
c:\program files (x86)\blekkotb\chrome\skin\bluelite.gif
c:\program files (x86)\blekkotb\chrome\skin\bluesky.gif
c:\program files (x86)\blekkotb\chrome\skin\btn-search-over.png
c:\program files (x86)\blekkotb\chrome\skin\btn-search.png
c:\program files (x86)\blekkotb\chrome\skin\btn-settings-over.png
c:\program files (x86)\blekkotb\chrome\skin\btn-settings.png
c:\program files (x86)\blekkotb\chrome\skin\btn-widgets-over.png
c:\program files (x86)\blekkotb\chrome\skin\btn-widgets.png
c:\program files (x86)\blekkotb\chrome\skin\coupons-hover.png
c:\program files (x86)\blekkotb\chrome\skin\coupons.png
c:\program files (x86)\blekkotb\chrome\skin\custom.css
c:\program files (x86)\blekkotb\chrome\skin\dictionary.png
c:\program files (x86)\blekkotb\chrome\skin\downloadcom.png
c:\program files (x86)\blekkotb\chrome\skin\dtxlogo.png
c:\program files (x86)\blekkotb\chrome\skin\facebook-blekko-hover.png
c:\program files (x86)\blekkotb\chrome\skin\facebook-blekko.png
c:\program files (x86)\blekkotb\chrome\skin\facebook-hover.png
c:\program files (x86)\blekkotb\chrome\skin\facebook.png
c:\program files (x86)\blekkotb\chrome\skin\fb.png
c:\program files (x86)\blekkotb\chrome\skin\games.png
c:\program files (x86)\blekkotb\chrome\skin\google.png
c:\program files (x86)\blekkotb\chrome\skin\graphna.png
c:\program files (x86)\blekkotb\chrome\skin\graphred0.png
c:\program files (x86)\blekkotb\chrome\skin\graphred0_5.png
c:\program files (x86)\blekkotb\chrome\skin\graphred1.png
c:\program files (x86)\blekkotb\chrome\skin\graphred1_5.png
c:\program files (x86)\blekkotb\chrome\skin\graphred2.png
c:\program files (x86)\blekkotb\chrome\skin\graphred2_5.png
c:\program files (x86)\blekkotb\chrome\skin\graphred3.png
c:\program files (x86)\blekkotb\chrome\skin\graphred3_5.png
c:\program files (x86)\blekkotb\chrome\skin\graphred4.png
c:\program files (x86)\blekkotb\chrome\skin\graphred4_5.png
c:\program files (x86)\blekkotb\chrome\skin\graphred5.png
c:\program files (x86)\blekkotb\chrome\skin\graphredna.png
c:\program files (x86)\blekkotb\chrome\skin\grey.gif
c:\program files (x86)\blekkotb\chrome\skin\hulu.png
c:\program files (x86)\blekkotb\chrome\skin\ico-digg.png
c:\program files (x86)\blekkotb\chrome\skin\ico-shield.png
c:\program files (x86)\blekkotb\chrome\skin\icon_blekko.png
c:\program files (x86)\blekkotb\chrome\skin\images.png
c:\program files (x86)\blekkotb\chrome\skin\lib\add.png
c:\program files (x86)\blekkotb\chrome\skin\lib\aol.png
c:\program files (x86)\blekkotb\chrome\skin\lib\arrow-dn.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\arrow-right-disabled.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\arrow-right.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\arrow-up.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\bg-btn-end.png
c:\program files (x86)\blekkotb\chrome\skin\lib\bg-btn-mdl.png
c:\program files (x86)\blekkotb\chrome\skin\lib\bg-btn-mdl_ff.png
c:\program files (x86)\blekkotb\chrome\skin\lib\bg-btn-start.png
c:\program files (x86)\blekkotb\chrome\skin\lib\bg-btnover-end.png
c:\program files (x86)\blekkotb\chrome\skin\lib\bg-btnover-mdl.png
c:\program files (x86)\blekkotb\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\program files (x86)\blekkotb\chrome\skin\lib\bg-btnover-start.png
c:\program files (x86)\blekkotb\chrome\skin\lib\blank.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\btnback-down-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\btnback-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\btnleft-down-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\btnleft-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\btnright-down-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\btnright-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\button-splitter-down-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\button-splitter-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\checkmark.png
c:\program files (x86)\blekkotb\chrome\skin\lib\chevron.png
c:\program files (x86)\blekkotb\chrome\skin\lib\collapse.png
c:\program files (x86)\blekkotb\chrome\skin\lib\dtx.css
c:\program files (x86)\blekkotb\chrome\skin\lib\edit-back-hot.png
c:\program files (x86)\blekkotb\chrome\skin\lib\edit-back.png
c:\program files (x86)\blekkotb\chrome\skin\lib\expand.png
c:\program files (x86)\blekkotb\chrome\skin\lib\found.png
c:\program files (x86)\blekkotb\chrome\skin\lib\gmail.png
c:\program files (x86)\blekkotb\chrome\skin\lib\highlight.png
c:\program files (x86)\blekkotb\chrome\skin\lib\highlight_blue.png
c:\program files (x86)\blekkotb\chrome\skin\lib\highlight_cyan.png
c:\program files (x86)\blekkotb\chrome\skin\lib\highlight_lime.png
c:\program files (x86)\blekkotb\chrome\skin\lib\highlight_magenta.png
c:\program files (x86)\blekkotb\chrome\skin\lib\highlight_yellow.png
c:\program files (x86)\blekkotb\chrome\skin\lib\hotmail.png
c:\program files (x86)\blekkotb\chrome\skin\lib\imap.png
c:\program files (x86)\blekkotb\chrome\skin\lib\lastsearch-thumb-back.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\loadingMid.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\lock.png
c:\program files (x86)\blekkotb\chrome\skin\lib\mailcom.png
c:\program files (x86)\blekkotb\chrome\skin\lib\menu_bg-basic.png
c:\program files (x86)\blekkotb\chrome\skin\lib\menu_separator_bar.png
c:\program files (x86)\blekkotb\chrome\skin\lib\menuitem-splitter.png
c:\program files (x86)\blekkotb\chrome\skin\lib\menuitemback-down-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\menuitemback-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\menuitemleft-down-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\menuitemleft-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\menuitemright-down-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\menuitemright-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\modify.png
c:\program files (x86)\blekkotb\chrome\skin\lib\move.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\movetarget.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\css\popupAbout.css
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\css\popupWidgets.css
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\css\dialog.css
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\images\bg.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\images\btn-wide-close-over.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\images\btn-wide-close.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\images\default.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\images\transparent.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\images\win-btm-left.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\images\win-btm-mdl.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\images\win-btm-right-resize.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\images\win-btm-right.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\main.html
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\scripts\defscript.js
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\arrow-sml.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\bg-btnover.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-addtoolbar-left.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-addtoolbar-right.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-close-grey.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-drag.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-mdl-over.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-mdl.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-next-over.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-next.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-previous-over.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-previous.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-right-over.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\gamethumb-on.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\ico-calendar.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\ico-download.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\ico-tags.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\icon-Add.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\icon-Info.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\menul-bgon.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\menul-bgover.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\scroll-bg.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\scroll-topwin.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\scrollb-disable.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\scrollb-down.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\scrollb-over.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\scrollb.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\scrollt-disable.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\scrollt-down.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\scrollt-over.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\scrollt.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\star_x_grey.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\star_x_orange.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\throbber.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\view-detailed-on.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\view-detailed-over.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\view-thumb-on.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\view-thumb-over.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\popupWidgets.html
c:\program files (x86)\blekkotb\chrome\skin\lib\pop.png
c:\program files (x86)\blekkotb\chrome\skin\lib\radio.png
c:\program files (x86)\blekkotb\chrome\skin\lib\reload.png
c:\program files (x86)\blekkotb\chrome\skin\lib\remove.png
c:\program files (x86)\blekkotb\chrome\skin\lib\rename.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\resize-box.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\rss.png
c:\program files (x86)\blekkotb\chrome\skin\lib\rsschannelback.png
c:\program files (x86)\blekkotb\chrome\skin\lib\RSSLogo.png
c:\program files (x86)\blekkotb\chrome\skin\lib\rsstabdivider.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\scroll-left.png
c:\program files (x86)\blekkotb\chrome\skin\lib\scroll-right.png
c:\program files (x86)\blekkotb\chrome\skin\lib\search-go.png
c:\program files (x86)\blekkotb\chrome\skin\lib\search.png
c:\program files (x86)\blekkotb\chrome\skin\lib\text-ellipsis.xml
c:\program files (x86)\blekkotb\chrome\skin\lib\throbber.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\toolbarsplitter.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\transparent_1px.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_02.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_03.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_04.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_06.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_07.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_08.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_09.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_10.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_11.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_12.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_13.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_14.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_15.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_16.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_18.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_19.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_20.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_21.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\btn-close-grey.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\btn-close-greyover.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\close-hot.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\close-normal.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\loadingMid.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\paneltemplate.html
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\proxy.html
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\template.html
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\template.xml
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\templateFF.html
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\throbber.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\icons\na.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\icons\weather.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\program files (x86)\blekkotb\chrome\skin\lib\yahoo.png
c:\program files (x86)\blekkotb\chrome\skin\lichen.gif
c:\program files (x86)\blekkotb\chrome\skin\local-deals-hover.png
c:\program files (x86)\blekkotb\chrome\skin\local-deals.png
c:\program files (x86)\blekkotb\chrome\skin\logo-about.png
c:\program files (x86)\blekkotb\chrome\skin\logo-over.png
c:\program files (x86)\blekkotb\chrome\skin\logo.png
c:\program files (x86)\blekkotb\chrome\skin\mail-blekko-hover.png
c:\program files (x86)\blekkotb\chrome\skin\mail-blekko.png
c:\program files (x86)\blekkotb\chrome\skin\mail-hover.png
c:\program files (x86)\blekkotb\chrome\skin\mail.png
c:\program files (x86)\blekkotb\chrome\skin\modify-save.png
c:\program files (x86)\blekkotb\chrome\skin\modify.png
c:\program files (x86)\blekkotb\chrome\skin\music.png
c:\program files (x86)\blekkotb\chrome\skin\myspace.png
c:\program files (x86)\blekkotb\chrome\skin\news.png
c:\program files (x86)\blekkotb\chrome\skin\options-main.png
c:\program files (x86)\blekkotb\chrome\skin\options-search.png
c:\program files (x86)\blekkotb\chrome\skin\options\options-main.png
c:\program files (x86)\blekkotb\chrome\skin\options\options-search.png
c:\program files (x86)\blekkotb\chrome\skin\options\options-weather.png
c:\program files (x86)\blekkotb\chrome\skin\options\options-widgets.png
c:\program files (x86)\blekkotb\chrome\skin\orange.gif
c:\program files (x86)\blekkotb\chrome\skin\p_yahoo.png
c:\program files (x86)\blekkotb\chrome\skin\rss-collapse.png
c:\program files (x86)\blekkotb\chrome\skin\rss-delete.png
c:\program files (x86)\blekkotb\chrome\skin\rss-expand.png
c:\program files (x86)\blekkotb\chrome\skin\rss-feed.png
c:\program files (x86)\blekkotb\chrome\skin\rss-folder-remove.png
c:\program files (x86)\blekkotb\chrome\skin\rss-folder-rename.png
c:\program files (x86)\blekkotb\chrome\skin\rss-folder.png
c:\program files (x86)\blekkotb\chrome\skin\rss-found.png
c:\program files (x86)\blekkotb\chrome\skin\rss-reload.png
c:\program files (x86)\blekkotb\chrome\skin\rss-subscribe.png
c:\program files (x86)\blekkotb\chrome\skin\rss.png
c:\program files (x86)\blekkotb\chrome\skin\rssback.gif
c:\program files (x86)\blekkotb\chrome\skin\rsstopback.gif
c:\program files (x86)\blekkotb\chrome\skin\search.png
c:\program files (x86)\blekkotb\chrome\skin\settings.png
c:\program files (x86)\blekkotb\chrome\skin\shopping.png
c:\program files (x86)\blekkotb\chrome\skin\skin-bluelite.png
c:\program files (x86)\blekkotb\chrome\skin\skin-bluesky.png
c:\program files (x86)\blekkotb\chrome\skin\skin-grey.png
c:\program files (x86)\blekkotb\chrome\skin\skin-lichen.png
c:\program files (x86)\blekkotb\chrome\skin\skin-orange.png
c:\program files (x86)\blekkotb\chrome\skin\skin-yellow.png
c:\program files (x86)\blekkotb\chrome\skin\social_delicious.png
c:\program files (x86)\blekkotb\chrome\skin\social_stumbleupon.png
c:\program files (x86)\blekkotb\chrome\skin\technorati.png
c:\program files (x86)\blekkotb\chrome\skin\throbber.gif
c:\program files (x86)\blekkotb\chrome\skin\toolbarsplitter.png
c:\program files (x86)\blekkotb\chrome\skin\twitter-blekko-hover.png
c:\program files (x86)\blekkotb\chrome\skin\twitter-blekko.png
c:\program files (x86)\blekkotb\chrome\skin\twitter-hover.png
c:\program files (x86)\blekkotb\chrome\skin\twitter.png
c:\program files (x86)\blekkotb\chrome\skin\weather-blekko.png
c:\program files (x86)\blekkotb\chrome\skin\web.png
c:\program files (x86)\blekkotb\chrome\skin\websearch.png
c:\program files (x86)\blekkotb\chrome\skin\wikipedia.png
c:\program files (x86)\blekkotb\chrome\skin\yahoosearch.png
c:\program files (x86)\blekkotb\chrome\skin\yellow.gif
c:\program files (x86)\blekkotb\chrome\skin\youtube.png
c:\program files (x86)\blekkotb\components\windowmediator.js
c:\program files (x86)\blekkotb\install.ico
c:\program files (x86)\blekkotb\manifest.xml
c:\program files (x86)\blekkotb\search.ico
c:\program files (x86)\blekkotb\uninstall.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-02-21 to 2012-03-21 )))))))))))))))))))))))))))))))
.
.
2012-03-21 21:50 . 2012-03-21 21:50 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-03-21 21:50 . 2012-03-21 21:50 -------- d-----w- c:\users\Mcx1-DOUG-PC\AppData\Local\temp
2012-03-21 21:50 . 2012-03-21 21:50 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-03-21 21:50 . 2012-03-21 21:50 -------- d-----w- c:\users\Doug\AppData\Local\temp
2012-03-21 21:50 . 2012-03-21 21:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-20 21:25 . 2012-03-01 18:21 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{82A05B51-0363-4E2F-B248-6ECC3549C05C}\mpengine.dll
2012-03-15 01:07 . 2012-03-15 01:07 -------- d-----w- c:\program files (x86)\ESET
2012-03-15 00:21 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-15 00:21 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-15 00:21 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 22:11 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 22:11 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 22:11 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-14 22:11 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 22:11 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 22:11 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-14 22:11 . 2012-02-17 06:38 1112064 ----a-w- c:\windows\system32\rdpcorets.dll
2012-03-14 22:11 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 22:11 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-14 22:11 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-14 22:11 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-06 03:32 . 2012-03-06 03:32 -------- d-----w- c:\users\dougg\.idlerc
2012-03-05 05:46 . 2012-03-05 05:46 -------- d-----w- C:\Python27
2012-03-05 01:06 . 2012-03-05 01:06 -------- d-----w- c:\users\dougg\AppData\Roaming\SpeedyPC Software
2012-03-05 01:06 . 2012-03-05 01:06 -------- d-----w- c:\users\dougg\AppData\Roaming\DriverCure
2012-03-05 01:06 . 2012-03-05 01:06 -------- d-----w- c:\programdata\SpeedyPC Software
2012-03-05 01:06 . 2012-03-05 01:06 -------- d-----w- c:\program files (x86)\SpeedyPC Software
2012-03-05 01:06 . 2012-03-05 01:06 -------- d-----w- c:\program files (x86)\Common Files\SpeedyPC Software
2012-03-04 19:16 . 2012-03-04 19:16 -------- d-----w- c:\users\dougg\AppData\Roaming\SUPERAntiSpyware.com
2012-03-04 19:14 . 2012-03-05 00:45 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-03-04 19:14 . 2012-03-04 19:14 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-03-03 08:31 . 2012-03-03 08:36 -------- d-----w- c:\users\dougg\AppData\Roaming\GRETECH
2012-03-03 08:30 . 2012-03-03 08:30 -------- d-----w- c:\users\dougg\AppData\Local\blekkotb
2012-03-03 08:30 . 2012-03-21 21:29 -------- d-----w- c:\programdata\Anti-phishing Domain Advisor
2012-03-03 08:30 . 2012-03-03 08:36 -------- d-----w- c:\program files (x86)\GRETECH
2012-02-26 03:28 . 2012-02-27 21:27 -------- d-----w- c:\users\dougg\AppData\Roaming\vlc
2012-02-26 03:28 . 2012-02-26 03:28 -------- d-----w- c:\program files (x86)\VideoLAN
2012-02-21 04:26 . 2012-02-21 04:26 -------- d-----w- c:\program files (x86)\uTorrent
2012-02-21 04:26 . 2012-03-21 21:51 -------- d-----w- c:\users\dougg\AppData\Roaming\uTorrent
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-21 21:52 . 2010-06-24 00:20 25640 ----a-w- c:\windows\gdrv.sys
2012-02-23 13:18 . 2010-06-23 23:59 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-17 21:18 . 2010-07-29 07:29 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-02-17 20:41 . 2011-06-01 20:42 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-10 23:05 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-01-10 23:05 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-01-10 02:18 . 2012-01-10 02:18 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2012-01-04 10:44 . 2012-02-15 03:27 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-01-04 08:58 . 2012-02-15 03:27 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2011-12-30 06:26 . 2012-02-15 03:27 515584 ----a-w- c:\windows\system32\timedate.cpl
2011-12-30 05:27 . 2012-02-15 03:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2011-12-28 03:59 . 2012-02-15 03:27 498688 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2012-03-20_01.18.26 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-03-20 01:14 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-03-21 21:52 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-03-20 01:14 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-21 21:52 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-03-20 12:41 . 2012-03-21 21:31 52234 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-03-21 21:31 37982 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-11-22 22:32 . 2012-03-21 21:31 15692 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-877017928-3376076803-442139301-1003_UserData.bin
- 2010-06-23 23:39 . 2012-03-20 01:06 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-06-23 23:39 . 2012-03-21 21:34 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-06-23 23:39 . 2012-03-20 01:06 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-06-23 23:39 . 2012-03-21 21:34 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-20 01:06 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-21 21:34 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-06-23 23:47 . 2012-03-20 01:16 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-06-23 23:47 . 2012-03-21 21:54 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-06-23 23:47 . 2012-03-21 21:54 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-06-23 23:47 . 2012-03-20 01:16 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-06-23 23:47 . 2012-03-20 01:16 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-06-23 23:47 . 2012-03-21 21:54 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-06-23 23:47 . 2012-03-20 01:16 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-06-23 23:47 . 2012-03-21 22:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-06-23 23:47 . 2012-03-20 01:16 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-06-23 23:47 . 2012-03-21 22:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-03-21 21:35 . 2012-03-21 21:35 9560 c:\windows\system32\NetworkList\Icons\{9DCD3DB9-C6E2-485F-AC02-CC6F96E07F6A}_48.bin
+ 2012-03-21 21:35 . 2012-03-21 21:35 4280 c:\windows\system32\NetworkList\Icons\{9DCD3DB9-C6E2-485F-AC02-CC6F96E07F6A}_32.bin
+ 2012-03-21 21:35 . 2012-03-21 21:35 2456 c:\windows\system32\NetworkList\Icons\{9DCD3DB9-C6E2-485F-AC02-CC6F96E07F6A}_24.bin
+ 2012-03-21 21:52 . 2012-03-21 21:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-20 01:14 . 2012-03-20 01:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-20 01:14 . 2012-03-20 01:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-21 21:52 . 2012-03-21 21:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 04:54 . 2012-03-20 01:14 311296 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-21 21:52 311296 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-06-24 00:32 . 2012-03-21 01:08 286062 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
- 2009-07-14 02:36 . 2012-03-18 20:19 624606 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-03-21 21:56 624606 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-03-18 20:19 106724 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-03-21 21:56 106724 c:\windows\system32\perfc009.dat
+ 2009-07-14 05:01 . 2012-03-21 21:51 560512 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-03-20 01:13 560512 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-12-23 05:55 . 2012-03-21 21:51 21304132 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-877017928-3376076803-442139301-1003-8192.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dyyno Launcher"="c:\program files (x86)\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe" [2011-01-15 2151776]
"Akamai NetSession Interface"="c:\users\dougg\AppData\Local\Akamai\netsession_win.exe" [2012-03-13 3331872]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-15 17146504]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-03-06 741240]
"SUPERAntiSpyware"="c:\program files\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE" [2012-01-20 5487488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-08-04 346320]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2012-01-17 232616]
.
c:\users\dougg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-10-14 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-01-31 158856]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERANTISPYWARE\SASCORE64.EXE [2011-08-11 140672]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-28 136360]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-08-04 219360]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 Dyyno Launcher;Dyyno Service;c:\program files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe [2011-01-15 415072]
S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [2012-01-13 103440]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-10-14 994360]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-10-14 399416]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [2011-11-22 1148632]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-06-08 240232]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 PAC207;Webcam;c:\windows\system32\DRIVERS\PFC027.SYS [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-05 c:\windows\Tasks\SpeedyPC Pro.job
- c:\program files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe [2011-10-09 01:19]
.
2012-03-05 c:\windows\Tasks\SpeedyPC Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2012-03-05 c:\windows\Tasks\SpeedyPC Update Version3.job
- c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2011-10-06 16:18]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
"PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2012-02-20 2786480]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2012-02-20 3669680]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 167.206.254.2 167.206.254.1 192.168.1.1
FF - ProfilePath - c:\users\dougg\AppData\Roaming\Mozilla\Firefox\Profiles\xm5exn3q.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-blekkotb - c:\program files (x86)\blekkotb\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10y_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10y_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10y.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10y.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10y.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10y.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\rundll32.exe
.
**************************************************************************
.
Completion time: 2012-03-21 18:24:06 - machine was rebooted
ComboFix-quarantined-files.txt 2012-03-21 22:23
ComboFix2.txt 2012-03-20 01:34
ComboFix3.txt 2012-03-14 23:00
.
Pre-Run: 730,066,997,248 bytes free
Post-Run: 729,633,361,920 bytes free
.
- - End Of File - - A4867463E21539E0BE25C10029C84FCD
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4094.2505 [GMT -4:00]
Running from: c:\users\dougg\Desktop\ComboFix.exe
Command switches used :: c:\users\dougg\Desktop\CFScript.txt
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\blekkotb
c:\program files (x86)\blekkotb\auxi\blekkoAu.dll
c:\program files (x86)\blekkotb\auxi\config.xml
c:\program files (x86)\blekkotb\blekkoDx.dll
c:\program files (x86)\blekkotb\blekkotb.dll
c:\program files (x86)\blekkotb\chrome\content\custom.js
c:\program files (x86)\blekkotb\chrome\content\lib\about.xml
c:\program files (x86)\blekkotb\chrome\content\lib\dtxpanel.xul
c:\program files (x86)\blekkotb\chrome\content\lib\dtxpaneltransparent.xul
c:\program files (x86)\blekkotb\chrome\content\lib\dtxpanelwin.xul
c:\program files (x86)\blekkotb\chrome\content\lib\dtxprefwin.xul
c:\program files (x86)\blekkotb\chrome\content\lib\dtxtransparentwin.xul
c:\program files (x86)\blekkotb\chrome\content\lib\dtxwin.xul
c:\program files (x86)\blekkotb\chrome\content\lib\emailnotifierproviders.xml
c:\program files (x86)\blekkotb\chrome\content\lib\external.js
c:\program files (x86)\blekkotb\chrome\content\lib\neterror.xhtml
c:\program files (x86)\blekkotb\chrome\content\lib\rsspreview.html
c:\program files (x86)\blekkotb\chrome\content\lib\rsswin.xml
c:\program files (x86)\blekkotb\chrome\content\lib\rsswin.xsl
c:\program files (x86)\blekkotb\chrome\content\modules\datastore.jsm
c:\program files (x86)\blekkotb\chrome\content\modules\nsDragAndDrop.js
c:\program files (x86)\blekkotb\chrome\content\newtab\images\btn_search.gif
c:\program files (x86)\blekkotb\chrome\content\newtab\images\bullet.gif
c:\program files (x86)\blekkotb\chrome\content\newtab\images\field_bg.gif
c:\program files (x86)\blekkotb\chrome\content\newtab\images\powered_by_yahoo.gif
c:\program files (x86)\blekkotb\chrome\content\newtab\newtab.html
c:\program files (x86)\blekkotb\chrome\content\preferences.xml
c:\program files (x86)\blekkotb\chrome\content\toolbar.htm
c:\program files (x86)\blekkotb\chrome\content\toolbar.xul
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\css\dialog.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\images\arrow-grey.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\images\arrows_grey-left.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\images\arrows_grey-right.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\images\bg.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\images\btn-search-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\images\btn-search.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\images\throbber.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\index.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\css\dialog.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\1x1_transparent.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\bg.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\btn-search.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\btn-wide-close-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\btn-wide-close.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\btn_close_x.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\default.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\transparent.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\win-btm-left.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\win-btm-mdl.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\win-btm-right-resize.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images\win-btm-right.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\main.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\scripts\defscript.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\tb_icon.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\widget.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\widget.xml
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.BlekkoMap\widget_version.txt
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\.project
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\alert_coupon.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\arrow-next-off.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\arrow-next.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\arrow-previous-off.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\arrow-previous.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\bg-coupon-blue.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\bg-save.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\blank_image.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\border-radius.htc
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\btn-getcoupon.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\btn-next-blue.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\btn-previous-blue.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\btn-wide-close-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\btn-wide-close.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\checked.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\coupon-activated.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\couponTooltip.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\css\appversion.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\css\dialog.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\css\IE7Styles.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\ico-coupon-hover.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\ico-coupon.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\ico-dollar.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\arrow-grey.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\arrows_grey-left.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\arrows_grey-right.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\bg_top.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\btn-back.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\btn-getcoupon.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\btn-search.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\coupon-activated.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\delete.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\loader.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\save.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollb-disable.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollb-down.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollb.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollt-disable.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollt-down.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\scrollt.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\sprite.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-arrow-hover.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-arrow.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-off-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-off-l_BAK.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-off-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-off-r_BAK.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-on-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-on-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-over-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-over-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-white-left.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-white-mdl.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\tab-white-right.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\images\vid-bg.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\index.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\jquery.contextMenu.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\jquery.contextMenu.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\js\appversion.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\js\jquery-1.4.2.min.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\js\jquery.event.wheel.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\js\jquery.pagination.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\js\jquery.scrollTo-min.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\js\JSON.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\js\listnav.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\js\main.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\js\main.js.bak
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\page_white_copy.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\panel.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\partner.xml
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\placeholder-logo.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\css\dialog.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\bg.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-disablealert-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-disablealert.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-enablealert-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-enablealert.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-help-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-help.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-managealerts-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-managealerts.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-showalert-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-showalert.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-wide-close-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\btn-wide-close.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\default.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\power-couponcamp.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\poweredby-couponwinner.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\transparent.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\win-btm-left.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\win-btm-left_old.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\win-btm-mdl.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\win-btm-mdl_old.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\win-btm-right-resize.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\win-btm-right.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images\win-btm-right_old.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\main.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\scripts\defscript.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\tb_icon.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\unchecked.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\widget.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\widget.xml
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Coupons_v2\widget_version.txt
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Grooveshark\tb_icon.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Grooveshark\widget.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Grooveshark\widget.xml
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Grooveshark\widget_version.txt
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\skin\css\messageContent.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\skin\css\messageList.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\skin\images\bg_header.jpg
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\skin\images\btn-close-grey.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\skin\images\mail.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\skin\images\msg-btn.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\skin\messageContent.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\skin\messageList.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\skin\scripts\messageList.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\tb_icon.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\widget.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Messaging\widget.xml
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\.cvsignore
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\css\dialog.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\arrow-grey.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\arrows_grey-left.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\arrows_grey-right.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\back.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\btn-search-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\btn-search.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\delete.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollb-disable.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollb-down.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollb.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollt-disable.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollt-down.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollt.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-arrow-hover.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-arrow.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-off-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-off-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-on-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-on-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-over-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-over-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-red-left.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-red-mdl.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-red-right.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-white-left.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-white-mdl.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-white-right.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\throbber.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\vid-bg.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\youtube.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\index.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\js\function.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\js\jquery-1.4.2.min.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\js\JSON.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\css\dialog.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\bg-facebook.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\blank.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\btn-wide-close-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\btn-wide-close.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\default.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\transparent.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\win-btm-left.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\win-btm-mdl.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\win-btm-right-resize.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\win-btm-right.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\main.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\scripts\defscript.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\scripts\jquery-1.4.2.min.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\tb_icon.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\widget.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\widget.xml
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.MyStartFacebook\widget_version.txt
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-buffering.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-connecting.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-playing.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-stopped.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta.ico
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.RadioBeta\tb_icon.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.RadioBeta\widget.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.RadioBeta\widget.xml
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\css\twitter.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\btn-login-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\btn-login.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\btn-submit.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\loginbg.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\refresh-over.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\refresh.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\scrollbottom-disable.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\scrollbottom-down.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\scrollbottom-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\scrollbottom.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\scrolltop-disable.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\scrolltop-down.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\scrolltop-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\scrolltop.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\tab-off-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\tab-off-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\tab-on-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\tab-on-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\throbber.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\twitter-logo48.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\images\twitter_top.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\index.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\js\defscript.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\js\jquery.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\js\scripts.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\login.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\css\dialog.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\images\bg.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\images\btn-wide-close-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\images\btn-wide-close.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\images\default.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\images\transparent.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\images\win-btm-left.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\images\win-btm-mdl.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\images\win-btm-right-resize.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\images\win-btm-right.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\main.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\skin\scripts\defscript.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\tb_icon.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\widget.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\widget.xml
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.Twitter\widget_version.txt
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\css\autocomplete.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\css\dialog.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\arrow-grey.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\arrows_grey-left.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\arrows_grey-right.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\bg.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\btn-search-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\btn-search.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\powered-by-youtube.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-off-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-off-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-on-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-on-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-red-left.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-red-mdl.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-red-right.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-white-left.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-white-mdl.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-white-right.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\throbber.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\vid-bg.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\youtube.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\index.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\js\autocomplete.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\js\jquery-1.4.3.min.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\js\paginator.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\js\youtube.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\css\dialog.css
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\bg.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\btn-search.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\btn-wide-close-over.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\btn-wide-close.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\default.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\tab-off-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\tab-off-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\tab-on-l.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\tab-on-r.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\transparent.gif
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\win-btm-left.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\win-btm-mdl.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\win-btm-right-resize.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\win-btm-right.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\main.html
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\scripts\defscript.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\tb_icon.png
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\widget.js
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\widget.xml
c:\program files (x86)\blekkotb\chrome\content\widgets\net.vmn.www.YouTube_v2\widget_version.txt
c:\program files (x86)\blekkotb\chrome\data\search\engines.xml
c:\program files (x86)\blekkotb\chrome\data\search\search.xsl
c:\program files (x86)\blekkotb\chrome\skin\bg-btnover-mdl_ff_bluelite.png
c:\program files (x86)\blekkotb\chrome\skin\bg-btnover-mdl_ff_bluesky.png
c:\program files (x86)\blekkotb\chrome\skin\blekko16.png
c:\program files (x86)\blekkotb\chrome\skin\blogger.png
c:\program files (x86)\blekkotb\chrome\skin\bluelite.gif
c:\program files (x86)\blekkotb\chrome\skin\bluesky.gif
c:\program files (x86)\blekkotb\chrome\skin\btn-search-over.png
c:\program files (x86)\blekkotb\chrome\skin\btn-search.png
c:\program files (x86)\blekkotb\chrome\skin\btn-settings-over.png
c:\program files (x86)\blekkotb\chrome\skin\btn-settings.png
c:\program files (x86)\blekkotb\chrome\skin\btn-widgets-over.png
c:\program files (x86)\blekkotb\chrome\skin\btn-widgets.png
c:\program files (x86)\blekkotb\chrome\skin\coupons-hover.png
c:\program files (x86)\blekkotb\chrome\skin\coupons.png
c:\program files (x86)\blekkotb\chrome\skin\custom.css
c:\program files (x86)\blekkotb\chrome\skin\dictionary.png
c:\program files (x86)\blekkotb\chrome\skin\downloadcom.png
c:\program files (x86)\blekkotb\chrome\skin\dtxlogo.png
c:\program files (x86)\blekkotb\chrome\skin\facebook-blekko-hover.png
c:\program files (x86)\blekkotb\chrome\skin\facebook-blekko.png
c:\program files (x86)\blekkotb\chrome\skin\facebook-hover.png
c:\program files (x86)\blekkotb\chrome\skin\facebook.png
c:\program files (x86)\blekkotb\chrome\skin\fb.png
c:\program files (x86)\blekkotb\chrome\skin\games.png
c:\program files (x86)\blekkotb\chrome\skin\google.png
c:\program files (x86)\blekkotb\chrome\skin\graphna.png
c:\program files (x86)\blekkotb\chrome\skin\graphred0.png
c:\program files (x86)\blekkotb\chrome\skin\graphred0_5.png
c:\program files (x86)\blekkotb\chrome\skin\graphred1.png
c:\program files (x86)\blekkotb\chrome\skin\graphred1_5.png
c:\program files (x86)\blekkotb\chrome\skin\graphred2.png
c:\program files (x86)\blekkotb\chrome\skin\graphred2_5.png
c:\program files (x86)\blekkotb\chrome\skin\graphred3.png
c:\program files (x86)\blekkotb\chrome\skin\graphred3_5.png
c:\program files (x86)\blekkotb\chrome\skin\graphred4.png
c:\program files (x86)\blekkotb\chrome\skin\graphred4_5.png
c:\program files (x86)\blekkotb\chrome\skin\graphred5.png
c:\program files (x86)\blekkotb\chrome\skin\graphredna.png
c:\program files (x86)\blekkotb\chrome\skin\grey.gif
c:\program files (x86)\blekkotb\chrome\skin\hulu.png
c:\program files (x86)\blekkotb\chrome\skin\ico-digg.png
c:\program files (x86)\blekkotb\chrome\skin\ico-shield.png
c:\program files (x86)\blekkotb\chrome\skin\icon_blekko.png
c:\program files (x86)\blekkotb\chrome\skin\images.png
c:\program files (x86)\blekkotb\chrome\skin\lib\add.png
c:\program files (x86)\blekkotb\chrome\skin\lib\aol.png
c:\program files (x86)\blekkotb\chrome\skin\lib\arrow-dn.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\arrow-right-disabled.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\arrow-right.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\arrow-up.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\bg-btn-end.png
c:\program files (x86)\blekkotb\chrome\skin\lib\bg-btn-mdl.png
c:\program files (x86)\blekkotb\chrome\skin\lib\bg-btn-mdl_ff.png
c:\program files (x86)\blekkotb\chrome\skin\lib\bg-btn-start.png
c:\program files (x86)\blekkotb\chrome\skin\lib\bg-btnover-end.png
c:\program files (x86)\blekkotb\chrome\skin\lib\bg-btnover-mdl.png
c:\program files (x86)\blekkotb\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\program files (x86)\blekkotb\chrome\skin\lib\bg-btnover-start.png
c:\program files (x86)\blekkotb\chrome\skin\lib\blank.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\btnback-down-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\btnback-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\btnleft-down-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\btnleft-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\btnright-down-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\btnright-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\button-splitter-down-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\button-splitter-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\checkmark.png
c:\program files (x86)\blekkotb\chrome\skin\lib\chevron.png
c:\program files (x86)\blekkotb\chrome\skin\lib\collapse.png
c:\program files (x86)\blekkotb\chrome\skin\lib\dtx.css
c:\program files (x86)\blekkotb\chrome\skin\lib\edit-back-hot.png
c:\program files (x86)\blekkotb\chrome\skin\lib\edit-back.png
c:\program files (x86)\blekkotb\chrome\skin\lib\expand.png
c:\program files (x86)\blekkotb\chrome\skin\lib\found.png
c:\program files (x86)\blekkotb\chrome\skin\lib\gmail.png
c:\program files (x86)\blekkotb\chrome\skin\lib\highlight.png
c:\program files (x86)\blekkotb\chrome\skin\lib\highlight_blue.png
c:\program files (x86)\blekkotb\chrome\skin\lib\highlight_cyan.png
c:\program files (x86)\blekkotb\chrome\skin\lib\highlight_lime.png
c:\program files (x86)\blekkotb\chrome\skin\lib\highlight_magenta.png
c:\program files (x86)\blekkotb\chrome\skin\lib\highlight_yellow.png
c:\program files (x86)\blekkotb\chrome\skin\lib\hotmail.png
c:\program files (x86)\blekkotb\chrome\skin\lib\imap.png
c:\program files (x86)\blekkotb\chrome\skin\lib\lastsearch-thumb-back.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\loadingMid.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\lock.png
c:\program files (x86)\blekkotb\chrome\skin\lib\mailcom.png
c:\program files (x86)\blekkotb\chrome\skin\lib\menu_bg-basic.png
c:\program files (x86)\blekkotb\chrome\skin\lib\menu_separator_bar.png
c:\program files (x86)\blekkotb\chrome\skin\lib\menuitem-splitter.png
c:\program files (x86)\blekkotb\chrome\skin\lib\menuitemback-down-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\menuitemback-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\menuitemleft-down-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\menuitemleft-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\menuitemright-down-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\menuitemright-vista.png
c:\program files (x86)\blekkotb\chrome\skin\lib\modify.png
c:\program files (x86)\blekkotb\chrome\skin\lib\move.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\movetarget.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\css\popupAbout.css
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\css\popupWidgets.css
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\css\dialog.css
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\images\bg.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\images\btn-wide-close-over.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\images\btn-wide-close.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\images\default.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\images\transparent.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\images\win-btm-left.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\images\win-btm-mdl.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\images\win-btm-right-resize.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\images\win-btm-right.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\main.html
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\default\scripts\defscript.js
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\arrow-sml.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\bg-btnover.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-addtoolbar-left.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-addtoolbar-right.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-close-grey.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-drag.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-mdl-over.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-mdl.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-next-over.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-next.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-previous-over.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-previous.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-right-over.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\gamethumb-on.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\ico-calendar.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\ico-download.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\ico-tags.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\icon-Add.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\icon-Info.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\menul-bgon.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\menul-bgover.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\scroll-bg.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\scroll-topwin.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\scrollb-disable.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\scrollb-down.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\scrollb-over.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\scrollb.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\scrollt-disable.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\scrollt-down.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\scrollt-over.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\scrollt.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\star_x_grey.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\star_x_orange.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\throbber.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\view-detailed-on.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\view-detailed-over.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\view-thumb-on.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\view-thumb-over.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\program files (x86)\blekkotb\chrome\skin\lib\panels\popupWidgets.html
c:\program files (x86)\blekkotb\chrome\skin\lib\pop.png
c:\program files (x86)\blekkotb\chrome\skin\lib\radio.png
c:\program files (x86)\blekkotb\chrome\skin\lib\reload.png
c:\program files (x86)\blekkotb\chrome\skin\lib\remove.png
c:\program files (x86)\blekkotb\chrome\skin\lib\rename.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\resize-box.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\rss.png
c:\program files (x86)\blekkotb\chrome\skin\lib\rsschannelback.png
c:\program files (x86)\blekkotb\chrome\skin\lib\RSSLogo.png
c:\program files (x86)\blekkotb\chrome\skin\lib\rsstabdivider.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\scroll-left.png
c:\program files (x86)\blekkotb\chrome\skin\lib\scroll-right.png
c:\program files (x86)\blekkotb\chrome\skin\lib\search-go.png
c:\program files (x86)\blekkotb\chrome\skin\lib\search.png
c:\program files (x86)\blekkotb\chrome\skin\lib\text-ellipsis.xml
c:\program files (x86)\blekkotb\chrome\skin\lib\throbber.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\toolbarsplitter.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\transparent_1px.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_02.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_03.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_04.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_06.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_07.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_08.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_09.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_10.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_11.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_12.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_13.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_14.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_15.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_16.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_18.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_19.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_20.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\border_21.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\btn-close-grey.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\btn-close-greyover.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\close-hot.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\close-normal.png
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\loadingMid.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\paneltemplate.html
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\proxy.html
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\template.html
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\template.xml
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\templateFF.html
c:\program files (x86)\blekkotb\chrome\skin\lib\uwa\throbber.gif
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\icons\na.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\icons\weather.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\program files (x86)\blekkotb\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\program files (x86)\blekkotb\chrome\skin\lib\yahoo.png
c:\program files (x86)\blekkotb\chrome\skin\lichen.gif
c:\program files (x86)\blekkotb\chrome\skin\local-deals-hover.png
c:\program files (x86)\blekkotb\chrome\skin\local-deals.png
c:\program files (x86)\blekkotb\chrome\skin\logo-about.png
c:\program files (x86)\blekkotb\chrome\skin\logo-over.png
c:\program files (x86)\blekkotb\chrome\skin\logo.png
c:\program files (x86)\blekkotb\chrome\skin\mail-blekko-hover.png
c:\program files (x86)\blekkotb\chrome\skin\mail-blekko.png
c:\program files (x86)\blekkotb\chrome\skin\mail-hover.png
c:\program files (x86)\blekkotb\chrome\skin\mail.png
c:\program files (x86)\blekkotb\chrome\skin\modify-save.png
c:\program files (x86)\blekkotb\chrome\skin\modify.png
c:\program files (x86)\blekkotb\chrome\skin\music.png
c:\program files (x86)\blekkotb\chrome\skin\myspace.png
c:\program files (x86)\blekkotb\chrome\skin\news.png
c:\program files (x86)\blekkotb\chrome\skin\options-main.png
c:\program files (x86)\blekkotb\chrome\skin\options-search.png
c:\program files (x86)\blekkotb\chrome\skin\options\options-main.png
c:\program files (x86)\blekkotb\chrome\skin\options\options-search.png
c:\program files (x86)\blekkotb\chrome\skin\options\options-weather.png
c:\program files (x86)\blekkotb\chrome\skin\options\options-widgets.png
c:\program files (x86)\blekkotb\chrome\skin\orange.gif
c:\program files (x86)\blekkotb\chrome\skin\p_yahoo.png
c:\program files (x86)\blekkotb\chrome\skin\rss-collapse.png
c:\program files (x86)\blekkotb\chrome\skin\rss-delete.png
c:\program files (x86)\blekkotb\chrome\skin\rss-expand.png
c:\program files (x86)\blekkotb\chrome\skin\rss-feed.png
c:\program files (x86)\blekkotb\chrome\skin\rss-folder-remove.png
c:\program files (x86)\blekkotb\chrome\skin\rss-folder-rename.png
c:\program files (x86)\blekkotb\chrome\skin\rss-folder.png
c:\program files (x86)\blekkotb\chrome\skin\rss-found.png
c:\program files (x86)\blekkotb\chrome\skin\rss-reload.png
c:\program files (x86)\blekkotb\chrome\skin\rss-subscribe.png
c:\program files (x86)\blekkotb\chrome\skin\rss.png
c:\program files (x86)\blekkotb\chrome\skin\rssback.gif
c:\program files (x86)\blekkotb\chrome\skin\rsstopback.gif
c:\program files (x86)\blekkotb\chrome\skin\search.png
c:\program files (x86)\blekkotb\chrome\skin\settings.png
c:\program files (x86)\blekkotb\chrome\skin\shopping.png
c:\program files (x86)\blekkotb\chrome\skin\skin-bluelite.png
c:\program files (x86)\blekkotb\chrome\skin\skin-bluesky.png
c:\program files (x86)\blekkotb\chrome\skin\skin-grey.png
c:\program files (x86)\blekkotb\chrome\skin\skin-lichen.png
c:\program files (x86)\blekkotb\chrome\skin\skin-orange.png
c:\program files (x86)\blekkotb\chrome\skin\skin-yellow.png
c:\program files (x86)\blekkotb\chrome\skin\social_delicious.png
c:\program files (x86)\blekkotb\chrome\skin\social_stumbleupon.png
c:\program files (x86)\blekkotb\chrome\skin\technorati.png
c:\program files (x86)\blekkotb\chrome\skin\throbber.gif
c:\program files (x86)\blekkotb\chrome\skin\toolbarsplitter.png
c:\program files (x86)\blekkotb\chrome\skin\twitter-blekko-hover.png
c:\program files (x86)\blekkotb\chrome\skin\twitter-blekko.png
c:\program files (x86)\blekkotb\chrome\skin\twitter-hover.png
c:\program files (x86)\blekkotb\chrome\skin\twitter.png
c:\program files (x86)\blekkotb\chrome\skin\weather-blekko.png
c:\program files (x86)\blekkotb\chrome\skin\web.png
c:\program files (x86)\blekkotb\chrome\skin\websearch.png
c:\program files (x86)\blekkotb\chrome\skin\wikipedia.png
c:\program files (x86)\blekkotb\chrome\skin\yahoosearch.png
c:\program files (x86)\blekkotb\chrome\skin\yellow.gif
c:\program files (x86)\blekkotb\chrome\skin\youtube.png
c:\program files (x86)\blekkotb\components\windowmediator.js
c:\program files (x86)\blekkotb\install.ico
c:\program files (x86)\blekkotb\manifest.xml
c:\program files (x86)\blekkotb\search.ico
c:\program files (x86)\blekkotb\uninstall.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-02-21 to 2012-03-21 )))))))))))))))))))))))))))))))
.
.
2012-03-21 21:50 . 2012-03-21 21:50 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-03-21 21:50 . 2012-03-21 21:50 -------- d-----w- c:\users\Mcx1-DOUG-PC\AppData\Local\temp
2012-03-21 21:50 . 2012-03-21 21:50 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-03-21 21:50 . 2012-03-21 21:50 -------- d-----w- c:\users\Doug\AppData\Local\temp
2012-03-21 21:50 . 2012-03-21 21:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-20 21:25 . 2012-03-01 18:21 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{82A05B51-0363-4E2F-B248-6ECC3549C05C}\mpengine.dll
2012-03-15 01:07 . 2012-03-15 01:07 -------- d-----w- c:\program files (x86)\ESET
2012-03-15 00:21 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-15 00:21 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-15 00:21 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 22:11 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 22:11 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 22:11 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-14 22:11 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 22:11 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 22:11 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-14 22:11 . 2012-02-17 06:38 1112064 ----a-w- c:\windows\system32\rdpcorets.dll
2012-03-14 22:11 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 22:11 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-14 22:11 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-14 22:11 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-06 03:32 . 2012-03-06 03:32 -------- d-----w- c:\users\dougg\.idlerc
2012-03-05 05:46 . 2012-03-05 05:46 -------- d-----w- C:\Python27
2012-03-05 01:06 . 2012-03-05 01:06 -------- d-----w- c:\users\dougg\AppData\Roaming\SpeedyPC Software
2012-03-05 01:06 . 2012-03-05 01:06 -------- d-----w- c:\users\dougg\AppData\Roaming\DriverCure
2012-03-05 01:06 . 2012-03-05 01:06 -------- d-----w- c:\programdata\SpeedyPC Software
2012-03-05 01:06 . 2012-03-05 01:06 -------- d-----w- c:\program files (x86)\SpeedyPC Software
2012-03-05 01:06 . 2012-03-05 01:06 -------- d-----w- c:\program files (x86)\Common Files\SpeedyPC Software
2012-03-04 19:16 . 2012-03-04 19:16 -------- d-----w- c:\users\dougg\AppData\Roaming\SUPERAntiSpyware.com
2012-03-04 19:14 . 2012-03-05 00:45 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-03-04 19:14 . 2012-03-04 19:14 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-03-03 08:31 . 2012-03-03 08:36 -------- d-----w- c:\users\dougg\AppData\Roaming\GRETECH
2012-03-03 08:30 . 2012-03-03 08:30 -------- d-----w- c:\users\dougg\AppData\Local\blekkotb
2012-03-03 08:30 . 2012-03-21 21:29 -------- d-----w- c:\programdata\Anti-phishing Domain Advisor
2012-03-03 08:30 . 2012-03-03 08:36 -------- d-----w- c:\program files (x86)\GRETECH
2012-02-26 03:28 . 2012-02-27 21:27 -------- d-----w- c:\users\dougg\AppData\Roaming\vlc
2012-02-26 03:28 . 2012-02-26 03:28 -------- d-----w- c:\program files (x86)\VideoLAN
2012-02-21 04:26 . 2012-02-21 04:26 -------- d-----w- c:\program files (x86)\uTorrent
2012-02-21 04:26 . 2012-03-21 21:51 -------- d-----w- c:\users\dougg\AppData\Roaming\uTorrent
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-21 21:52 . 2010-06-24 00:20 25640 ----a-w- c:\windows\gdrv.sys
2012-02-23 13:18 . 2010-06-23 23:59 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-17 21:18 . 2010-07-29 07:29 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-02-17 20:41 . 2011-06-01 20:42 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-10 23:05 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-01-10 23:05 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-01-10 02:18 . 2012-01-10 02:18 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2012-01-04 10:44 . 2012-02-15 03:27 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-01-04 08:58 . 2012-02-15 03:27 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2011-12-30 06:26 . 2012-02-15 03:27 515584 ----a-w- c:\windows\system32\timedate.cpl
2011-12-30 05:27 . 2012-02-15 03:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2011-12-28 03:59 . 2012-02-15 03:27 498688 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2012-03-20_01.18.26 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-03-20 01:14 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-03-21 21:52 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-03-20 01:14 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-21 21:52 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-03-20 12:41 . 2012-03-21 21:31 52234 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-03-21 21:31 37982 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-11-22 22:32 . 2012-03-21 21:31 15692 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-877017928-3376076803-442139301-1003_UserData.bin
- 2010-06-23 23:39 . 2012-03-20 01:06 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-06-23 23:39 . 2012-03-21 21:34 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-06-23 23:39 . 2012-03-20 01:06 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-06-23 23:39 . 2012-03-21 21:34 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-20 01:06 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-21 21:34 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-06-23 23:47 . 2012-03-20 01:16 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-06-23 23:47 . 2012-03-21 21:54 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-06-23 23:47 . 2012-03-21 21:54 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-06-23 23:47 . 2012-03-20 01:16 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-06-23 23:47 . 2012-03-20 01:16 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-06-23 23:47 . 2012-03-21 21:54 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-06-23 23:47 . 2012-03-20 01:16 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-06-23 23:47 . 2012-03-21 22:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-06-23 23:47 . 2012-03-20 01:16 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-06-23 23:47 . 2012-03-21 22:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-03-21 21:35 . 2012-03-21 21:35 9560 c:\windows\system32\NetworkList\Icons\{9DCD3DB9-C6E2-485F-AC02-CC6F96E07F6A}_48.bin
+ 2012-03-21 21:35 . 2012-03-21 21:35 4280 c:\windows\system32\NetworkList\Icons\{9DCD3DB9-C6E2-485F-AC02-CC6F96E07F6A}_32.bin
+ 2012-03-21 21:35 . 2012-03-21 21:35 2456 c:\windows\system32\NetworkList\Icons\{9DCD3DB9-C6E2-485F-AC02-CC6F96E07F6A}_24.bin
+ 2012-03-21 21:52 . 2012-03-21 21:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-20 01:14 . 2012-03-20 01:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-20 01:14 . 2012-03-20 01:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-21 21:52 . 2012-03-21 21:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 04:54 . 2012-03-20 01:14 311296 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-21 21:52 311296 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-06-24 00:32 . 2012-03-21 01:08 286062 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
- 2009-07-14 02:36 . 2012-03-18 20:19 624606 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-03-21 21:56 624606 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-03-18 20:19 106724 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-03-21 21:56 106724 c:\windows\system32\perfc009.dat
+ 2009-07-14 05:01 . 2012-03-21 21:51 560512 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-03-20 01:13 560512 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-12-23 05:55 . 2012-03-21 21:51 21304132 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-877017928-3376076803-442139301-1003-8192.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dyyno Launcher"="c:\program files (x86)\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe" [2011-01-15 2151776]
"Akamai NetSession Interface"="c:\users\dougg\AppData\Local\Akamai\netsession_win.exe" [2012-03-13 3331872]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-15 17146504]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-03-06 741240]
"SUPERAntiSpyware"="c:\program files\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE" [2012-01-20 5487488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-08-04 346320]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2012-01-17 232616]
.
c:\users\dougg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-10-14 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-01-31 158856]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERANTISPYWARE\SASCORE64.EXE [2011-08-11 140672]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-28 136360]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-08-04 219360]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 Dyyno Launcher;Dyyno Service;c:\program files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe [2011-01-15 415072]
S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [2012-01-13 103440]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-10-14 994360]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-10-14 399416]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [2011-11-22 1148632]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-06-08 240232]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 PAC207;Webcam;c:\windows\system32\DRIVERS\PFC027.SYS [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-05 c:\windows\Tasks\SpeedyPC Pro.job
- c:\program files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe [2011-10-09 01:19]
.
2012-03-05 c:\windows\Tasks\SpeedyPC Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2012-03-05 c:\windows\Tasks\SpeedyPC Update Version3.job
- c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2011-10-06 16:18]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
"PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2012-02-20 2786480]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2012-02-20 3669680]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 167.206.254.2 167.206.254.1 192.168.1.1
FF - ProfilePath - c:\users\dougg\AppData\Roaming\Mozilla\Firefox\Profiles\xm5exn3q.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-blekkotb - c:\program files (x86)\blekkotb\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10y_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10y_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10y.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10y.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10y.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10y.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\rundll32.exe
.
**************************************************************************
.
Completion time: 2012-03-21 18:24:06 - machine was rebooted
ComboFix-quarantined-files.txt 2012-03-21 22:23
ComboFix2.txt 2012-03-20 01:34
ComboFix3.txt 2012-03-14 23:00
.
Pre-Run: 730,066,997,248 bytes free
Post-Run: 729,633,361,920 bytes free
.
- - End Of File - - A4867463E21539E0BE25C10029C84FCD
#8
Posted 21 March 2012 - 05:37 PM
-
- Moderators
-
- 20,060 posts
Forum Deity
- Gender:Male
- Location:Missouri, USA
please describe how your computer behaves at the moment
#9
Posted 21 March 2012 - 05:41 PM
-
- Members
-
- 15 posts
New Member
Pages are loading quickly and I'm not getting redirected at all. Seems to be back to normal.
#10
Posted 21 March 2012 - 05:42 PM
-
- Moderators
-
- 20,060 posts
Forum Deity
- Gender:Male
- Location:Missouri, USA
The following will implement some cleanup procedures as well as reset System Restore points:
For XP:
- Click START run
- Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.
For Vista / Windows 7
- Click START Search
- Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.
#11
Posted 21 March 2012 - 05:47 PM
-
- Members
-
- 15 posts
New Member
ComboFix is uninstalled.
Thank you so much for your time and help. I appreciate it so much.
Thank you so much for your time and help. I appreciate it so much.
#12
Posted 21 March 2012 - 05:50 PM
-
- Moderators
-
- 20,060 posts
Forum Deity
- Gender:Male
- Location:Missouri, USA
Be careful what you use uTorrent for.
http://forums.malwar...showtopic=97700
You're more than welcome.
Glad we were able to help
Peace be with you
http://forums.malwar...showtopic=97700
You're more than welcome.
Glad we were able to help
Peace be with you
#13
Posted 21 March 2012 - 06:06 PM
-
- Moderators
-
- 20,060 posts
Forum Deity
- Gender:Male
- Location:Missouri, USA
Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
