ユーザー向け情報

閉じる

マイライブラリ
マイライブラリ

+ マイライブラリに追加

検索
検索

電話
テクニカルサポート利用方法

問い合わせ

新規お問い合わせ

電話(英語)

+7 (495) 789-45-86

フォーラム(英語)

お問い合わせ履歴

新規お問い合わせ

電話(英語)

+7 (495) 789-45-86

Profile

JP

RU CN DE EN ES FR IT JP KZ UZ PL BY
閉じる
サービス
スキャナー
Dr.Web vxCube
トライアル
ウイルスライブラリ
ナレッジベース

テクノロジー

用語

トレーニングコースおよび啓蒙プロジェクト

アンチウイルスに関する誤解と噂

ニュース

Trojan.DownLoader4.36714

Added to the Dr.Web virus database: 2011-08-11

Virus description added:

Technical Information

To ensure autorun and distribution:
Modifies the following registry keys:
  • [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'FaceSmooch Toolbar Antiphishing' = '"%ALLUSERSPROFILE%\Application Data\FaceSmooch Toolbar Antiphishing\facesmo2_0dn.exe"'
Malicious functions:
To bypass firewall, removes or modifies the following registry keys:
  • [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%PROGRAM_FILES%\facesmoochtb\dtuser.exe' = '%PROGRAM_FILES%\facesmoochtb\dtuser.exe:*:Enabled:FaceSmooch Toolbar DTX Broker'
Creates and executes the following:
  • %ALLUSERSPROFILE%\Application Data\FaceSmooch Toolbar Antiphishing\facesmo2_0dn.exe 
Executes the following:
  • <SYSTEM32>\regsvr32.exe /s "%PROGRAM_FILES%\facesmoochtb\auxi\facesmoochAu.dll"
  • <SYSTEM32>\regsvr32.exe /s "%PROGRAM_FILES%\facesmoochtb\facesmoochDx.dll"
  • <SYSTEM32>\regsvr32.exe /u /s "%PROGRAM_FILES%\facesmoochtb\auxi\facesmoochAu.dll"
  • <SYSTEM32>\regsvr32.exe /u /s "%PROGRAM_FILES%\facesmoochtb\facesmoochDx.dll"
Modifies file system :
Creates the following files:
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\btn-try-left.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\bullet-orange.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\gamethumb-on.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\btn-try-left-over.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\btn-right-over.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\icon-Info.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\icon-download.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\icon-play.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\ico-play.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\gamethumb2-over.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\ico-joystick24.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\ico-news24.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\btn-close-grey.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\btn-close-greyover.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\btn-mdl-over.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\btn-addtoolbar-right.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\bg-aboutbox.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\bg-btnover.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\bg-pnl520x390.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\btn-play-left.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\btn-previous-over.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\btn-previous.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\btn-play-left-over.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\btn-mdl.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\btn-next-over.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\btn-next.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\css\manager.css
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\css\slider.css
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\bg-pnl.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\volumeslider.html
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\scrollt.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\managerpanel.html
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\ico-playstation-down.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\ico-playstation-over.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\ico-playstation.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\expanded_button.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\btn-close-grey.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\btn-close-greyover.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\collapsed_button.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\scroll-bg-206.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\scroll-bg.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\scroll-topwin.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\panel-botm-noscroll.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\icon-shop.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\menul-bgon.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\menul-bgover.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\scrollt-disable.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\scrollt-down.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\scrollt-over.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\scrollb.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\scrollb-disable.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\scrollb-down.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\scrollb-over.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\arrowr-bluew5.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\rsschannelback.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\rsstabdivider.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\scroll-left.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\rss.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\remove.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\rename.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\resize-box.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\throbber.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\toolbarsplitter.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\transparent_1px.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\text-ellipsis.xml
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\scroll-right.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\search-go.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\search.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\menuitemleft-down-vista.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\menuitemleft-vista.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\menuitemright-down-vista.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\menuitemback-vista.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\menu_separator_bar.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\menuitem-splitter.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\menuitemback-down-vista.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\pop.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\reload.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\movetarget.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\menuitemright-vista.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\modify.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\move.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\default\images\win-btm-left.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\default\images\win-btm-mdl.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\default\images\win-btm-right-resize.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\default\images\transparent.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\default\images\btn-wide-close-over.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\default\images\btn-wide-close.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\default\images\default.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\arrow-sml-drop.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\arrow-sml.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\arrow-up.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\arrow-dn.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\default\images\win-btm-right.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\default\scripts\defscript.js
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\images\TRUSTe_about.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\gamecategory.xsl
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\gametype.xsl
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\popupGames.html
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\gameList.xsl
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\yahoo.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\footer.htm
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\gameData.js
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\default\main.html
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\default\css\dialog.css
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\default\images\bg.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\css\popupRSS.css
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\popupRSS.html
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\css\popupAbout.css
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\panels\css\popupGames.css
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\ico-radio.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\add.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\icons\weather.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\popupWeather.css
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\popupWeather.html
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\box-check.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
  • %APPDATA%\Mozilla\Firefox\Profiles\przhlnon.default\facesmoochtb\config.xml
  • %TEMP%\nsa6.tmp\inetc.dll
  • %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\postdata[1].htm
  • %APPDATA%\Mozilla\Firefox\Profiles\przhlnon.default\facesmoochtb\setupCfg.xml
  • %PROGRAM_FILES%\facesmoochtb\install.ico
  • %PROGRAM_FILES%\facesmoochtb\uninstall.exe
  • %APPDATA%\facesmoochtb\setupCfg.xml
  • %APPDATA%\facesmoochtb\config.xml
  • %PROGRAM_FILES%\MP3Rocket FileBulldog Toolbar\UninstallToolbar.exe
  • %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\antiphishing-wejangotb-1_0-dn[1].xml
  • %ALLUSERSPROFILE%\Application Data\FaceSmooch Toolbar Antiphishing\facesmo2_0dn.dll
  • %TEMP%\nsa6.tmp\temp
  • %ALLUSERSPROFILE%\Application Data\FaceSmooch Toolbar Antiphishing\guid.dat
  • %ALLUSERSPROFILE%\Application Data\FaceSmooch Toolbar Antiphishing\facesmo2_0dn.exe
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\options\options-weather.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\options\options-widgets.png
  • %APPDATA%\facesmoochtb\guid.dat
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\options\options-search.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\options\options-main.png
  • %PROGRAM_FILES%\facesmoochtb\as_guid.dat
  • %TEMP%\nsa6.tmp\ioSpecial.ini
  • %PROGRAM_FILES%\facesmoochtb\search.ico
  • %TEMP%\nsa6.tmp\nsisFirewall.dll
  • %HOMEPATH%\Cookies\%USERNAME%@www.vmn[1].txt
  • %APPDATA%\facesmoochtb\dtx.ini
  • %PROGRAM_FILES%\facesmoochtb\dtuser.exe
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\icons\na.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\radio-volume-3.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\radio-volume-mute.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\scrollbar-handle.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\radio-volume-2.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\radio-options.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\radio-volume-0.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\radio-volume-1.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\border_02.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\border_03.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\border_04.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\track.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\scrollbar-track.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\slider.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\slideron.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\radio-btn-play.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\radio-eq-bg.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\radio-eq-buffer.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\radio-btn-play-on.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\music-note.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\radio-btn-pause-on.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\radio-btn-pause.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\radio-options-design-on.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\radio-options-design.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\radio-options-on.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\radio-eq-warning.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\radio-eq-busy.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\radio-eq-off.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\radio\images\radio-eq-on.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\close-normal.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\loadingMid.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\proxy.html
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\close-hot.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\border_21.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\btn-close-grey.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\btn-close-greyover.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\icons\cond999.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\icons\icons.xml
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\weatherbutton\icons\na-s.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\throbber.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\template.html
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\template.xml
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\templateFF.html
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\border_10.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\border_11.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\border_12.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\border_09.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\border_06.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\border_07.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\border_08.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\border_18.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\border_19.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\border_20.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\border_16.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\border_13.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\border_14.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\uwa\border_15.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\menu_bg-basic.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-red-mdl.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-red-right.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-white-left.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-red-left.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-off-r.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-on-l.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-on-r.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\youtube.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\js\autocomplete.js
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\js\jquery-1.4.3.min.js
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\vid-bg.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-white-mdl.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-white-right.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\throbber.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\css\autocomplete.css
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\css\dialog.css
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\arrow-grey.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\widget_version.txt
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\tb_icon.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\widget.js
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\widget.xml
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\btn-search.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\powered-by-youtube.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\tab-off-l.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\btn-search-over.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\arrows_grey-left.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\arrows_grey-right.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\images\bg.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\scripts\defscript.js
  • %PROGRAM_FILES%\facesmoochtb\chrome\data\rss\rss.xml
  • %PROGRAM_FILES%\facesmoochtb\chrome\data\search\engines.xml
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\win-btm-right.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\win-btm-left.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\win-btm-mdl.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\win-btm-right-resize.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\btn-search.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\btn-settings-over.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\btn-settings.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\btn-search-over.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\data\search\search.xsl
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\bluelite.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\bluesky.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\bg.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\btn-search.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\btn-wide-close-over.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\css\dialog.css
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\js\paginator.js
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\js\youtube.js
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\main.html
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\tab-on-l.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\tab-on-r.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\transparent.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\tab-off-r.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\btn-wide-close.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\default.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images\tab-off-l.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.YouTube_v2\index.html
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\preferences.xml
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\toolbar.htm
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\toolbar.xul
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\custom.js
  • %PROGRAM_FILES%\facesmoochtb\auxi\facesmoochAu.dll
  • %PROGRAM_FILES%\facesmoochtb\auxi\config.xml
  • %PROGRAM_FILES%\facesmoochtb\components\windowmediator.js
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\lib\dtxtransparentwin.xul
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\lib\dtxwin.xul
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\lib\emailnotifierproviders.xml
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\lib\dtxprefwin.xul
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\lib\about.xml
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\lib\dtxpanel.xul
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\lib\dtxpanelwin.xul
  • %TEMP%\nsa6.tmp\System.dll
  • %TEMP%\nsa6.tmp\UAC.dll
  • %TEMP%\facesmooch-manifest.xml
  • %TEMP%\nsf5.tmp
  • %TEMP%\nsl2.tmp
  • %TEMP%\nsr3.tmp\System.dll
  • %TEMP%\nsr3.tmp\facesmooch-visicom.exe
  • %PROGRAM_FILES%\facesmoochtb\manifest.xml
  • %PROGRAM_FILES%\facesmoochtb\facesmoochtb.dll
  • %PROGRAM_FILES%\facesmoochtb\facesmoochDx.dll
  • %TEMP%\nsa6.tmp\CountryLocaleXML.xml
  • %TEMP%\nsa6.tmp\xml.dll
  • %TEMP%\nsa6.tmp\InetLoad.dll
  • %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\geoip[1].php
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.FaceSmooch\skin\css\dialog.css
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.FaceSmooch\skin\images\bg.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.FaceSmooch\skin\images\btn-wide-close-over.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.FaceSmooch\skin\main.html
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.FaceSmooch\widget.js
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.FaceSmooch\widget.xml
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.FaceSmooch\widget_version.txt
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.FaceSmooch\skin\images\win-btm-right-resize.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.FaceSmooch\skin\images\win-btm-right.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.FaceSmooch\skin\scripts\defscript.js
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.FaceSmooch\skin\images\win-btm-mdl.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.FaceSmooch\skin\images\btn-wide-close.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.FaceSmooch\skin\images\transparent.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.FaceSmooch\skin\images\win-btm-left.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\lib\rsswin.xml
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\lib\rsswin.xsl
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\lib\wmpstreamer.html
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\lib\rsspreview.html
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\lib\external.js
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\lib\neterror.xhtml
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\lib\nsDragAndDrop.js
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\newtab\images\field_bg.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\newtab\images\powered_by_yahoo.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\widgets\net.vmn.www.FaceSmooch\tb_icon.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\newtab\images\bullet.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\modules\datastore.jsm
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\newtab\newtab.html
  • %PROGRAM_FILES%\facesmoochtb\chrome\content\newtab\images\btn_search.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\btn-widgets-over.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\bg-btn-mdl.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\bg-btn-mdl_ff.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\bg-btn-start.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\bg-btn-end.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\arrow-right-disabled.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\arrow-right.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\arrow-up.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\blank.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\btnback-down-vista.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\btnback-vista.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\bg-btnover-start.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\bg-btnover-end.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\bg-btnover-mdl.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\bg-btnover-mdl_ff.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\web.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\websearch.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\wikipedia.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\toolbarsplitter.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\skin-yellow.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\technorati.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\throbber.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\add.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\aol.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\arrow-dn.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\RSSLogo.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\yahoosearch.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\yellow.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\youtube.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\highlight_cyan.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\highlight_lime.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\highlight_magenta.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\highlight_blue.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\found.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\gmail.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\highlight.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\loadingMid.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\lock.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\mailcom.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\lastsearch-thumb-back.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\highlight_yellow.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\hotmail.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\imap.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\button-splitter-down-vista.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\button-splitter-vista.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\checkmark.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\btnright-vista.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\btnleft-down-vista.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\btnleft-vista.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\btnright-down-vista.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\edit-back-hot.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\edit-back.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\expand.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\dtx.css
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\chevron.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\collapse.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lib\comcast.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\skin-orange.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\graphred5.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\graphredna.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\grey.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\graphred4_5.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\graphred3.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\graphred3_5.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\graphred4.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\logo-over.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\logo.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\mail.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\logo-about.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\ico-shield.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\images.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\lichen.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\dtxlogo.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\facebook.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\games.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\downloadcom.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\btn-widgets.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\custom.css
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\dictionary.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\graphred1_5.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\graphred2.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\graphred2_5.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\graphred1.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\graphna.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\graphred0.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\graphred0_5.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\rss.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\rssback.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\rsstopback.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\rss-subscribe.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\rss-folder.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\rss-found.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\rss-reload.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\skin-bluesky.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\skin-grey.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\skin-lichen.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\skin-bluelite.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\search.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\settings.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\shopping.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\options-main.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\options-search.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\orange.gif
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\news.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\modify-save.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\modify.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\music.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\rss-feed.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\rss-folder-remove.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\rss-folder-rename.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\rss-expand.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\p_yahoo.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\rss-collapse.png
  • %PROGRAM_FILES%\facesmoochtb\chrome\skin\rss-delete.png
Deletes the following files:
  • %TEMP%\nsa6.tmp\UAC.dll
  • %TEMP%\nsa6.tmp\temp
  • %TEMP%\nsa6.tmp\xml.dll
  • %TEMP%\nsr3.tmp\System.dll
  • %TEMP%\nsr3.tmp\facesmooch-visicom.exe
  • %TEMP%\nsa6.tmp\System.dll
  • %TEMP%\nsa6.tmp\inetc.dll
  • %TEMP%\nsa6.tmp\CountryLocaleXML.xml
  • %TEMP%\nsa6.tmp\InetLoad.dll
  • %TEMP%\nsa6.tmp\nsisFirewall.dll
  • %TEMP%\nsa6.tmp\ioSpecial.ini
Network activity:
Connects to:
  • 'vi#####.#ntiphishingdomain.com':80
  • 'fa########tbdtx.applicationstat.com':80
  • 'se###h.vmn.net':80
TCP:
HTTP GET requests:
  • vi#####.#ntiphishingdomain.com/update/antiphishing-wejangotb-1_0-dn.xml
  • se###h.vmn.net/newtab/geoip.php
HTTP POST requests:
  • fa########tbdtx.applicationstat.com/postdata.php
UDP:
  • DNS ASK vi#####.#ntiphishingdomain.com
  • DNS ASK fa########tbdtx.applicationstat.com
  • DNS ASK se###h.vmn.net
Miscellaneous:
Searches for the following windows:
  • ClassName: 'Shell_TrayWnd' WindowName: ''

Curing recommendations

  1. If the operating system (OS) can be loaded (either normally or in safe mode), download Dr.Web Security Space and run a full scan of your computer and removable media you use. More about Dr.Web Security Space.
  2. If you cannot boot the OS, change the BIOS settings to boot your system from a CD or USB drive. Download the image of the emergency system repair disk Dr.Web® LiveDisk , mount it on a USB drive or burn it to a CD/DVD. After booting up with this media, run a full scan and cure all the detected threats.
Free trial

 

Download Dr.Web

Download by serial number

Use Dr.Web Anti-virus for macOS to run a full scan of your Mac.

Free trial

 

Download Dr.Web

Download by serial number

Download on App Store

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

 

Download Dr.Web

Download by serial number

  1. If the mobile device is operating normally, download and install Dr.Web for Android. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web for Android onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play