Jump to content
Sign in to follow this  
Springbreakbox

Korean software Daum is overriding IE defaults; preventing chan

Recommended Posts

Someone used my computer and installed a Korean media player "Gom Player" and now my Internet Explorer homepage is set to Daum.net and can't be changed. Once the homepage is changed in settings (or asked to be blank), and applied, there is no effect, and I'm looking the Daum homepage still. The Gom Player program has been uninstalled, but they must have packaged it with a bunch of insidious BS. I only even use IE because the Korean government forces people to use that browser for online banking, in addition to being forced to install a bunch of "safety" programs ("Keysecure" anyone?) in order to check balances and such (which is probably a Samsung conspiracy to keep Apple unviable).

 

Anyway, I'm running Spybot and Avast right now, and hating these Korean companies. Can anybody solve this problem, and/or advise me of what other things they might have done to my system?

Share this post


Link to post
Share on other sites

Hi Springbreakbox,

 

Welcome to the pit!

 

Let's get a log for me to look at and see if we can tell what is going on.

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Check the boxes beside LOP Check and Purity Check.
  • Under Custom Scan paste this in

     

    netsvcs
    drivers32
    %SYSTEMDRIVE%\*.*
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\Fonts\*.ini
    %systemroot%\Fonts\*.ini2
    %systemroot%\Fonts\*.exe
    %systemroot%\system32\spool\prtprocs\w32x86\*.*
    %systemroot%\REPAIR\*.bak1
    %systemroot%\REPAIR\*.ini
    %systemroot%\system32\*.jpg
    %systemroot%\*.jpg
    %systemroot%\*.png
    %systemroot%\*.scr
    %systemroot%\*._sy
    %APPDATA%\Adobe\Update\*.*
    %ALLUSERSPROFILE%\Favorites\*.*
    %APPDATA%\Microsoft\*.*
    %PROGRAMFILES%\*.*
    %APPDATA%\Update\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    %PROGRAMFILES%\bak. /s
    %systemroot%\system32\bak. /s
    %ALLUSERSPROFILE%\Start Menu\*.lnk /x
    %systemroot%\system32\config\systemprofile\*.dat /x
    %systemroot%\*.config
    %systemroot%\system32\*.db
    %PROGRAMFILES%\Internet Explorer\*.dat
    %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
    %USERPROFILE%\Desktop\*.exe
    %PROGRAMFILES%\Common Files\*.*
    %systemroot%\*.src
    %systemroot%\install\*.*
    %systemroot%\system32\DLL\*.*
    %systemroot%\system32\HelpFiles\*.*
    %systemroot%\system32\rundll\*.*
    %systemroot%\winn32\*.*
    %systemroot%\Java\*.*
    %systemroot%\system32\test\*.*
    %systemroot%\system32\Rundll32\*.*
    %systemroot%\AppPatch\Custom\*.*
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.

    Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.

  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

Share this post


Link to post
Share on other sites

Hello Tomk_, thank you for the guidance. OTL.Txt output is here:

 

OTL logfile created on: 7/22/2012 1:12:27 AM - Run 1

OTL by OldTimer - Version 3.2.54.0 Folder = C:UsersUSERDesktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

5.87 Gb Total Physical Memory | 3.92 Gb Available Physical Memory | 66.85% Memory free

11.73 Gb Paging File | 8.75 Gb Available in Paging File | 74.62% Paging File free

Paging file location(s): ?:pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files (x86)

Drive C: | 581.42 Gb Total Space | 263.72 Gb Free Space | 45.36% Space Free | Partition Type: NTFS

 

Computer Name: USER-PC | User Name: USER | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2012/07/22 01:06:31 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:UsersUSERDesktopOTL.exe

PRC - [2012/07/15 02:47:16 | 000,529,232 | ---- | M] (Valve Corporation) -- C:Program Files (x86)Common FilesSteamSteamService.exe

PRC - [2012/06/12 13:10:02 | 000,686,280 | ---- | M] (Adobe Systems Incorporated) -- C:WINDOWSSysWOW64MacromedFlashFlashUtil32_11_3_300_257_ActiveX.exe

PRC - [2012/05/25 03:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:UsersUSERAppDataRoamingDropboxbinDropbox.exe

PRC - [2012/03/07 09:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:Program FilesAlwil SoftwareAvast5AvastUI.exe

PRC - [2012/03/07 09:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:Program FilesAlwil SoftwareAvast5AvastSvc.exe

PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:Program Files (x86)Common FilesAppleInternet Servicesubd.exe

PRC - [2011/12/02 21:13:00 | 000,044,032 | ---- | M] (Smart PC Utilities, Ltd.) -- C:Program Files (x86)Smart PC UtilitiesGame FireGFTray.exe

PRC - [2011/10/02 20:15:02 | 001,700,752 | ---- | M] (Bandoo Media, inc) -- C:Program Files (x86)SearchCore for BrowsersSearchCore for BrowsersdatamngrUI.exe

PRC - [2011/08/14 21:19:54 | 001,242,448 | ---- | M] (Valve Corporation) -- C:Program Files (x86)Steamsteam.exe

PRC - [2010/06/09 01:49:30 | 000,013,336 | ---- | M] (Intel Corporation) -- C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe

PRC - [2010/06/09 01:49:26 | 000,284,696 | ---- | M] (Intel Corporation) -- C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe

PRC - [2010/03/04 05:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe

PRC - [2010/03/04 05:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe

PRC - [2009/12/30 05:19:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:Program FilesWIDCOMMBluetooth SoftwareBluetoothHeadsetProxy.exe

PRC - [2009/12/10 18:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:Program Files (x86)PostgreSQL8.3binpg_ctl.exe

PRC - [2009/12/10 18:37:16 | 003,690,496 | ---- | M] (PostgreSQL Global Development Group) -- C:Program Files (x86)PostgreSQL8.3binpostgres.exe

PRC - [2009/09/18 19:54:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:Program Files (x86)AdobeElements Organizer 8.0PhotoshopElementsFileAgent.exe

PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:Program Files (x86)Spybot - Search & DestroyTeaTimer.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2012/07/15 02:47:15 | 020,313,384 | ---- | M] () -- C:Program Files (x86)Steambinlibcef.dll

MOD - [2012/07/15 02:47:13 | 001,099,576 | ---- | M] () -- C:Program Files (x86)Steambinavcodec-53.dll

MOD - [2012/07/15 02:47:13 | 000,895,312 | ---- | M] () -- C:Program Files (x86)Steambinchromehtml.dll

MOD - [2012/07/15 02:47:13 | 000,190,776 | ---- | M] () -- C:Program Files (x86)Steambinavformat-53.dll

MOD - [2012/07/15 02:47:13 | 000,123,192 | ---- | M] () -- C:Program Files (x86)Steambinavutil-51.dll

MOD - [2012/07/10 13:09:00 | 000,438,296 | ---- | M] () -- C:UsersUSERAppDataLocalGoogleChromeApplication20.0.1132.57ppGoogleNaClPluginChrome.dll

MOD - [2012/07/10 13:08:59 | 003,972,120 | ---- | M] () -- C:UsersUSERAppDataLocalGoogleChromeApplication20.0.1132.57pdf.dll

MOD - [2012/07/10 13:07:39 | 000,554,520 | ---- | M] () -- C:UsersUSERAppDataLocalGoogleChromeApplication20.0.1132.57libglesv2.dll

MOD - [2012/07/10 13:07:37 | 000,117,784 | ---- | M] () -- C:UsersUSERAppDataLocalGoogleChromeApplication20.0.1132.57libegl.dll

MOD - [2012/07/10 13:07:22 | 000,140,328 | ---- | M] () -- C:UsersUSERAppDataLocalGoogleChromeApplication20.0.1132.57avutil-51.dll

MOD - [2012/07/10 13:07:21 | 000,262,184 | ---- | M] () -- C:UsersUSERAppDataLocalGoogleChromeApplication20.0.1132.57avformat-54.dll

MOD - [2012/07/10 13:07:19 | 002,386,984 | ---- | M] () -- C:UsersUSERAppDataLocalGoogleChromeApplication20.0.1132.57avcodec-54.dll

MOD - [2012/06/18 05:20:36 | 001,838,080 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v4.0.30319_32Microsoft.VisualBas#09c2f8f606e09d85cfe6e0ad89fbe729Microsoft.VisualBasic.ni.dll

MOD - [2012/06/18 05:10:34 | 012,436,480 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32System.Windows.Forms7b7fbe651c6e72f12099a298654c9594System.Windows.Forms.ni.dll

MOD - [2012/06/18 05:10:27 | 001,591,808 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32System.Drawing6bb439b3f87736d3248ae27d43e2c0d6System.Drawing.ni.dll

MOD - [2012/06/14 12:47:22 | 013,198,336 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v4.0.30319_32System.Windows.Forms3971e166cf827b6726e142f344061dc9System.Windows.Forms.ni.dll

MOD - [2012/06/14 12:47:13 | 001,666,048 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v4.0.30319_32System.Drawing8c40f40ef36622109793788049fbe9abSystem.Drawing.ni.dll

MOD - [2012/05/12 19:24:37 | 000,452,608 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32IAStorUtil06269663e6482bc4ceeb48c2a7d1ad34IAStorUtil.ni.dll

MOD - [2012/05/12 19:22:40 | 000,771,584 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32System.Runtime.Remo#03dee80574f4ec770b6f77ca030ded6cSystem.Runtime.Remoting.ni.dll

MOD - [2012/05/12 19:22:03 | 003,347,968 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32WindowsBase46fce56db7685a586d3eeb7c373e3c1cWindowsBase.ni.dll

MOD - [2012/05/12 19:21:59 | 005,452,800 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32System.Xmlba3d70b651454c7d49b407b93663bfedSystem.Xml.ni.dll

MOD - [2012/05/12 19:21:56 | 000,971,264 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32System.Configurationcfa9c506bfb9254c89dace7b83bc9f9dSystem.Configuration.ni.dll

MOD - [2012/05/12 19:21:55 | 007,967,232 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32Systemce9ff6baf9053ed2ed673d948179195cSystem.ni.dll

MOD - [2012/05/12 19:21:49 | 011,492,864 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32mscorlibacfc1391e45fedd2a359778ea57d914cmscorlib.ni.dll

MOD - [2012/05/12 10:58:06 | 000,771,584 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v4.0.30319_32System.Runtime.Remo#94b346f2ab12d38efb1331ded5783396System.Runtime.Remoting.ni.dll

MOD - [2012/05/12 09:49:26 | 007,069,184 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v4.0.30319_32System.Coreed91b57205429a23bb91f4499059a459System.Core.ni.dll

MOD - [2012/05/12 09:49:26 | 000,982,528 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v4.0.30319_32System.Configuration623d2a0f11dd82bb9bc13d1cb981b239System.Configuration.ni.dll

MOD - [2012/05/12 09:49:25 | 005,617,664 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v4.0.30319_32System.Xmld1f299160424bad90fe9f658661389e2System.Xml.ni.dll

MOD - [2012/05/12 09:49:17 | 009,091,584 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v4.0.30319_32System6f9f0467e8b2dd3f69b015c8e30ac945System.ni.dll

MOD - [2012/05/12 09:49:11 | 014,412,800 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v4.0.30319_32mscorlib3953b1d8b9b57e4957bff8f58145384emscorlib.ni.dll

MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:Program Files (x86)Common FilesAppleApple Application Supportzlib1.dll

MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:Program Files (x86)Common FilesAppleApple Application Supportlibxml2.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV:64bit: - File not found [Auto | Stopped] -- C:Program FilesDellDellDockDockLogin.exe -- (DockLoginService)

SRV:64bit: - [2012/03/07 09:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:Program FilesAlwil SoftwareAvast5AvastSvc.exe -- (avast! Antivirus)

SRV:64bit: - [2011/01/05 11:57:44 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:WINDOWSSysNativeatiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2010/06/18 14:10:14 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:Program FilesIDTWDMstacsv64.exe -- (STacSV)

SRV:64bit: - [2010/02/03 15:13:10 | 000,048,128 | ---- | M] (Dell Inc.) [Disabled | Stopped] -- C:Program FilesDellDW WLAN CardWLTRYSVC.EXE -- (wltrysvc)

SRV:64bit: - [2009/12/30 05:19:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:Program FilesWIDCOMMBluetooth Softwarebtwdins.exe -- (btwdins)

SRV:64bit: - [2009/11/03 03:48:18 | 000,126,352 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:Program FilesIntelTurboBoostTurboBoost.exe -- (TurboBoost)

SRV:64bit: - [2009/07/14 10:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:Program FilesWindows DefenderMpSvc.dll -- (WinDefend)

SRV:64bit: - [2009/03/03 19:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:Program FilesIDTWDMAESTSr64.exe -- (AESTFilters)

SRV - [2012/07/15 02:47:16 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:Program Files (x86)Common FilesSteamSteamService.exe -- (Steam Client Service)

SRV - [2012/07/01 09:12:34 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/06/08 11:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:Program Files (x86)SkypeUpdaterUpdater.exe -- (SkypeUpdate)

SRV - [2010/11/10 20:17:34 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:Program Files (x86)Common FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2010/11/10 20:05:24 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:Program Files (x86)CitrixGoToAssist514g2aservice.exe -- (GoToAssist)

SRV - [2010/06/09 01:49:30 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®

SRV - [2010/03/19 06:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:WINDOWSMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/03/04 05:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe -- (UNS) Intel®

SRV - [2010/03/04 05:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe -- (LMS) Intel®

SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe -- (SwitchBoard)

SRV - [2009/12/10 18:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:Program Files (x86)PostgreSQL8.3binpg_ctl.exe -- (pgsql-8.3)

SRV - [2009/09/18 19:54:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:Program Files (x86)AdobeElements Organizer 8.0PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)

SRV - [2009/06/11 06:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2012/03/07 09:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:WINDOWSSysNativedriversaswSnx.sys -- (aswSnx)

DRV:64bit: - [2012/03/07 09:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:WINDOWSSysNativedriversaswSP.sys -- (aswSP)

DRV:64bit: - [2012/03/07 09:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:WINDOWSSysNativedriversaswRdr2.sys -- (aswRdr)

DRV:64bit: - [2012/03/07 09:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:WINDOWSSysNativedriversaswTdi.sys -- (aswTdi)

DRV:64bit: - [2012/03/07 09:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:WINDOWSSysNativedriversaswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2012/03/07 09:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:WINDOWSSysNativedriversaswFsBlk.sys -- (aswFsBlk)

DRV:64bit: - [2012/03/01 15:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:WINDOWSSysNativedriversfs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:WINDOWSSysNativedriversusbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2011/12/30 19:07:30 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:WINDOWSSysNativedriversdtsoftbus01.sys -- (dtsoftbus01)

DRV:64bit: - [2011/08/15 23:34:58 | 000,867,064 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:WINDOWSSysNativedriverssptd.sys -- (sptd)

DRV:64bit: - [2011/03/11 15:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:WINDOWSSysNativedriversamdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 15:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:WINDOWSSysNativedriversamdxata.sys -- (amdxata)

DRV:64bit: - [2011/01/05 12:37:14 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:WINDOWSSysNativedriversatikmdag.sys -- (atikmdag)

DRV:64bit: - [2011/01/05 12:37:14 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:WINDOWSSysNativedriversatikmdag.sys -- (amdkmdag)

DRV:64bit: - [2011/01/05 11:19:38 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:WINDOWSSysNativedriversatikmpag.sys -- (amdkmdap)

DRV:64bit: - [2010/11/20 22:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:WINDOWSSysNativedriversHpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/20 20:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSSysNativedriversTsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010/09/07 17:03:44 | 000,054,880 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:WINDOWSSysNativeNPIdsVt64.sys -- (NPIDS)

DRV:64bit: - [2010/07/13 03:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:WINDOWSSysNativedriversPxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2010/06/18 14:10:14 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:WINDOWSSysNativedriversstwrt64.sys -- (STHDA)

DRV:64bit: - [2010/06/09 01:33:14 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:WINDOWSSysNativedriversiaStor.sys -- (iaStor)

DRV:64bit: - [2010/05/06 22:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:WINDOWSSysNativedriversAtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2010/03/31 04:58:06 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:WINDOWSSysNativedriversbtwavdt.sys -- (btwavdt)

DRV:64bit: - [2010/03/31 04:58:06 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:WINDOWSSysNativedriversbtwaudio.sys -- (btwaudio)

DRV:64bit: - [2010/03/31 04:58:06 | 000,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:WINDOWSSysNativedriversbtusbflt.sys -- (btusbflt)

DRV:64bit: - [2010/03/31 04:58:06 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:WINDOWSSysNativedriversbtwl2cap.sys -- (btwl2cap)

DRV:64bit: - [2010/03/31 04:58:06 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:WINDOWSSysNativedriversbtwrchid.sys -- (btwrchid)

DRV:64bit: - [2010/03/18 06:44:44 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:WINDOWSSysNativedriversSynTP.sys -- (SynTP)

DRV:64bit: - [2010/03/18 06:41:48 | 000,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:WINDOWSSysNativedriversRt64win7.sys -- (RTL8167)

DRV:64bit: - [2010/03/18 06:29:52 | 000,232,480 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:WINDOWSSysNativedriversRtsUStor.sys -- (RSUSBSTOR)

DRV:64bit: - [2010/02/03 15:13:08 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSSysNativedriversbcm42rly.sys -- (BCM42RLY)

DRV:64bit: - [2010/02/03 15:13:08 | 000,020,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:WINDOWSSysNativedriversbcmvwl64.sys -- (BcmVWL)

DRV:64bit: - [2010/02/03 15:13:06 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:WINDOWSSysNativedriversBCMWL664.SYS -- (BCM43XX)

DRV:64bit: - [2009/11/03 03:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:WINDOWSSysNativedriversTurboB.sys -- (TurboB)

DRV:64bit: - [2009/09/18 03:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:WINDOWSSysNativedriversHECIx64.sys -- (HECIx64) Intel®

DRV:64bit: - [2009/07/24 08:55:10 | 000,011,264 | ---- | M] (Primax Ltd) [Kernel | On_Demand | Stopped] -- C:WINDOWSSysNativedriversNMgamingms.sys -- (NMgamingmsFltr)

DRV:64bit: - [2009/07/14 10:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:WINDOWSSysNativedriversamdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 10:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSSysNativedriverslsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 10:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:WINDOWSSysNativedriversstexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/16 04:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:WINDOWSSysNativedriversCtClsFlt.sys -- (CtClsFlt)

DRV:64bit: - [2009/06/11 05:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSSysNativedriversigdkmd64.sys -- (igfx)

DRV:64bit: - [2009/06/11 05:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:WINDOWSSysNativedriversyk62x64.sys -- (yukonw7)

DRV:64bit: - [2009/06/11 05:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSSysNativedriversevbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/11 05:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSSysNativedriversbxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/11 05:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSSysNativedriversb57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/11 05:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:WINDOWSSysNativedrivershcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/19 04:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:WINDOWSSysNativedriversGEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2006/11/02 03:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:WINDOWSSysNativedriversWimFltr.sys -- (WimFltr)

DRV - [2010/09/07 17:03:44 | 000,054,880 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:WINDOWSSysWOW64NPIdsVt64.sys -- (NPIDS)

DRV - [2009/07/14 10:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:WINDOWSSysWOW64driverswimmount.sys -- (WIMMount)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLM..SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}

IE:64bit: - HKLM..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE:64bit: - HKLM..SearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}

IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm

IE - HKLM..SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}

IE - HKLM..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM..SearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}

 

IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.daum.net

IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page Restore = http://g.msn.com/USCON/1

IE - HKCU..SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU..SearchScopes{63140ECF-C629-BE59-8F0E-90B4FF340C03}: "URL" = http://lf.startnow.com/s/?q={searchTerms}&src=defsearch&provider=bing&provider_name=bing&provider_code=Z051&partner_id=276&product_id=709&affiliate_id=&channel=4000&toolbar_id=200&toolbar_version=2.1.0&install_country=US&install_date=20110704&user_guid=4DCB040EC91042659BCF26ADC50E91E0&machine_id=4b7b1b78881c518a64c0bd6c42850c42&browser=IE&os=win&os_version=6.1-x64-SP0&iesrc={referrer:source}

IE - HKCU..SearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}

IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0

IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "reddit.com"

FF - prefs.js..keyword.URL: "http://www.searchqu.com/web?src=ffb&appid=0&systemid=410&sr=0&q="

FF - user.js - File not found

 

FF:64bit: - [email protected]/FlashPlayer: C:WINDOWSsystem32MacromedFlashNPSWF64_11_2_202_235.dll File not found

FF:64bit: - [email protected]/DivX VOD Helper,version=1.0.0: C:Program FilesDivXDivX OVS Helpernpovshelper.dll (DivX, LLC.)

FF:64bit: - [email protected]/GENUINE: disabled File not found

FF:64bit: - [email protected]/OfficeAuthz,version=14.0: C:PROGRA~1MICROS~2Office14NPAUTHZ.DLL (Microsoft Corporation)

FF - [email protected]/FlashPlayer: C:WINDOWSSysWOW64MacromedFlashNPSWF32_11_2_202_235.dll ()

FF - [email protected]/ShockwavePlayer: C:WINDOWSsystem32AdobeDirectornp32dsw.dll (Adobe Systems, Inc.)

FF - [email protected]/iTunes,version=: File not found

FF - [email protected]/iTunes,version=1.0: C:Program Files (x86)iTunesMozilla Pluginsnpitunes.dll ()

FF - [email protected]/DivX Browser Plugin,version=1.0.0: C:Program Files (x86)DivXDivX Plus Web Playernpdivx32.dll (DivX, LLC)

FF - [email protected]/DivX VOD Helper,version=1.0.0: C:Program Files (x86)DivXDivX OVS Helpernpovshelper.dll (DivX, LLC.)

FF - [email protected]/GoogleEarthPlugin: C:Program Files (x86)GoogleGoogle Earthpluginnpgeplugin.dll (Google)

FF - [email protected]/DTPlugin,version=10.5.1: C:WINDOWSSysWOW64npDeployJava1.dll (Oracle Corporation)

FF - [email protected]/JavaPlugin,version=10.5.1: C:Program Files (x86)OracleJavaFX 2.1 Runtimebinplugin2npjp2.dll (Oracle Corporation)

FF - [email protected]/GENUINE: disabled File not found

FF - [email protected]/NpCtrl,version=1.0: c:Program Files (x86)Microsoft Silverlight4.1.10329.0npctrl.dll ( Microsoft Corporation)

FF - [email protected]/OfficeAuthz,version=14.0: C:PROGRA~2MIF5BA~1Office14NPAUTHZ.DLL (Microsoft Corporation)

FF - [email protected]/SharePoint,version=14.0: C:PROGRA~2MIF5BA~1Office14NPSPWRAP.DLL (Microsoft Corporation)

FF - [email protected]/WLPG,version=15.4.3502.0922: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation)

FF - [email protected]/WLPG,version=15.4.3508.1109: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation)

FF - [email protected]/WLPG,version=15.4.3538.0513: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation)

FF - [email protected]/WLPG,version=15.4.3555.0308: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation)

FF - [email protected]/npEfdsWPlugin: C:UsersUSERAppDataLocalLownProtectnpEfdsWCtrlnpEfdsWPlugin.dll (INCA Internet Co., Ltd)

FF - [email protected]/nppl3260;version=6.0.12.450: C:Program Files (x86)Real Alternativebrowserpluginsnppl3260.dll (RealNetworks, Inc.)

FF - [email protected]/nprpjplug;version=6.0.12.448: C:Program Files (x86)Real Alternativebrowserpluginsnprpjplug.dll (RealNetworks, Inc.)

FF - [email protected]/nsJSRealPlayerPlugin;version=: File not found

FF - [email protected]/npxwebplugins: C:Program Files (x86)SoftForumXecureWebActiveXnpxwebplugin.dll (SoftForum Co., Ltd.)

FF - [email protected]/npxwebplugins_file: C:Program Files (x86)SoftForumXecureWebActiveXnpxwebplugin_file.dll (SoftForum Co., Ltd.)

FF - [email protected]/Google Update;version=3: C:Program Files (x86)GoogleUpdate1.3.21.111npGoogleUpdate3.dll File not found

FF - [email protected]/Google Update;version=9: C:Program Files (x86)GoogleUpdate1.3.21.111npGoogleUpdate3.dll File not found

FF - [email protected]/npdolphin: C:Program Files (x86)WizveraDelfinonpdelfinoplugin.dll (Wizvera)

FF - [email protected]/npVeraport20: C:Program Files (x86)WizveraVeraport20npveraport20.dll ()

FF - [email protected]/npxwebplugins: C:Program Files (x86)SoftForumXecureWebActiveXnpxwebplugin.dll (SoftForum Co., Ltd.)

FF - [email protected]/npxwebplugins_file: C:Program Files (x86)SoftForumXecureWebActiveXnpxwebplugin_file.dll (SoftForum Co., Ltd.)

FF - [email protected]/Google Update;version=3: C:UsersUSERAppDataLocalGoogleUpdate1.3.21.115npGoogleUpdate3.dll (Google Inc.)

FF - [email protected]/Google Update;version=9: C:UsersUSERAppDataLocalGoogleUpdate1.3.21.115npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:Program Files (x86)DivXDivX Plus Web PlayerfirefoxDivXHTML5 [2012/01/24 11:35:42 | 000,000,000 | ---D | M]

FF - [email protected]: C:Program FilesAlwil SoftwareAvast5WebRepFF [2012/03/25 13:27:13 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 13.0.1extensionsComponents: C:Program Files (x86)Mozilla Firefoxcomponents [2012/07/01 09:12:35 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 13.0.1extensionsPlugins: C:Program Files (x86)Mozilla Firefoxplugins

FF - HKEY_CURRENT_USERsoftwaremozillaMozilla Firefox 13.0.1extensionsComponents: C:Program Files (x86)Mozilla Firefoxcomponents [2012/07/01 09:12:35 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USERsoftwaremozillaMozilla Firefox 13.0.1extensionsPlugins: C:Program Files (x86)Mozilla Firefoxplugins

 

[2012/03/09 23:22:24 | 000,000,000 | ---D | M] (No name found) -- C:UsersUSERAppDataRoamingmozillaExtensions

[2012/07/01 09:12:43 | 000,000,000 | ---D | M] (No name found) -- C:UsersUSERAppDataRoamingmozillaFirefoxProfilesq865faf3.defaultextensions

[2012/03/09 23:22:15 | 000,000,000 | ---D | M] (No name found) -- C:Program Files (x86)Mozilla Firefoxextensions

[2012/03/25 13:27:13 | 000,000,000 | ---D | M] (avast! WebRep) -- C:PROGRAM FILESALWIL SOFTWAREAVAST5WEBREPFF

[2012/07/01 09:12:35 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:Program Files (x86)mozilla firefoxcomponentsbrowsercomps.dll

[2012/02/16 19:42:53 | 000,002,252 | ---- | M] () -- C:Program Files (x86)mozilla firefoxsearchpluginsbing.xml

[2012/02/16 19:42:53 | 000,002,040 | ---- | M] () -- C:Program Files (x86)mozilla firefoxsearchpluginstwitter.xml

 

========== Chrome ==========

 

CHR - homepage:

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:UsersUSERAppDataLocalGoogleChromeApplication20.0.1132.57ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:UsersUSERAppDataLocalGoogleChromeApplication20.0.1132.57pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:UsersUSERAppDataLocalGoogleChromeApplication20.0.1132.57gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:UsersUSERAppDataLocalGoogleChromeUser DataPepperFlash11.2.31.144pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:WINDOWSSysWOW64MacromedFlashNPSWF32_11_2_202_235.dll

CHR - plugin: Skype Toolbars (Enabled) = C:UsersUSERAppDataLocalGoogleChromeUser DataDefaultExtensionslifbcibllhkdhoafpjfnlhfpfgnpldfl5.9.0.9216_0npSkypeChromePlugin.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:Program Files (x86)AdobeReader 9.0ReaderBrowsernppdf32.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:Program Files (x86)QuickTimepluginsnpqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:Program Files (x86)QuickTimepluginsnpqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:Program Files (x86)QuickTimepluginsnpqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:Program Files (x86)QuickTimepluginsnpqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:Program Files (x86)QuickTimepluginsnpqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:Program Files (x86)QuickTimepluginsnpqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:Program Files (x86)QuickTimepluginsnpqtplugin7.dll

CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:UsersUSERAppDataLocalGoogleChromeApplicationpluginsnppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:UsersUSERAppDataLocalGoogleChromeApplicationpluginsnprpjplug.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:PROGRA~2MIF5BA~1Office14NPAUTHZ.DLL

CHR - plugin: Microsoft Office 2010 (Enabled) = C:PROGRA~2MIF5BA~1Office14NPSPWRAP.DLL

CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:Program Files (x86)DivXDivX OVS Helpernpovshelper.dll

CHR - plugin: DivX Plus Web Player (Enabled) = C:Program Files (x86)DivXDivX Plus Web Playernpdivx32.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:Program Files (x86)GoogleGoogle Earthpluginnpgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:Program Files (x86)GoogleUpdate1.3.21.111npGoogleUpdate3.dll

CHR - plugin: Java Platform SE 6 U31 (Enabled) = C:Program Files (x86)Javajre6binplugin2npjp2.dll

CHR - plugin: SoftForum XecureWeb Control Plug-in (Enabled) = C:Program Files (x86)SoftForumXecureWebActiveXnpxwebplugin.dll

CHR - plugin: SoftForum XecureWeb File Control Plug-in (Enabled) = C:Program Files (x86)SoftForumXecureWebActiveXnpxwebplugin_file.dll

CHR - plugin: Windows Live Photo Gallery (Enabled) = C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:Program Files (x86)iTunesMozilla Pluginsnpitunes.dll

CHR - plugin: Shockwave for Director (Enabled) = C:WINDOWSsystem32AdobeDirectornp32dsw.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:Program Files (x86)Microsoft Silverlight4.1.10329.0npctrl.dll

CHR - Extension: Adblock Plus (Beta) = C:UsersUSERAppDataLocalGoogleChromeUser DataDefaultExtensionscfhdojbkjhnklbpkdaibdccddilifddb1.2_0

CHR - Extension: avast! WebRep = C:UsersUSERAppDataLocalGoogleChromeUser DataDefaultExtensionsicmlaeflemplmjndnaapfdbbnpncnbda7.0.1426_0

CHR - Extension: Skype Click to Call = C:UsersUSERAppDataLocalGoogleChromeUser DataDefaultExtensionslifbcibllhkdhoafpjfnlhfpfgnpldfl5.9.0.9216_0

CHR - Extension: DivX Plus Web Player HTML5 u003Cvideou003E = C:UsersUSERAppDataLocalGoogleChromeUser DataDefaultExtensionsnneajnkjbffgblleaoojgaacokifdkhm2.1.2.145_0

 

O1 HOSTS File: ([2010/05/13 17:53:40 | 000,001,204 | ---- | M]) - C:WINDOWSSysNativedriversetchosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 activate.adobe.com

O1 - Hosts: 127.0.0.1 3dns-3.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com

O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com

O1 - Hosts: 127.0.0.1 activate-sea.adobe.com

O1 - Hosts: 127.0.0.1 wip3.adobe.com

O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com

O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com

O1 - Hosts: 127.0.0.1 practivate.adobe.com

O1 - Hosts: 127.0.0.1 ereg.adobe.com

O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com

O1 - Hosts: 127.0.0.1 3dns-2.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com

O1 - Hosts: ::1 localhost

O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE64.dll (AVAST Software)

O2:64bit: - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:Program Files (x86)SearchCore for BrowsersSearchCore for Browsersx64BrowserConnection.dll (Bandoo Media, inc)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:Program Files (x86)DivXDivX Plus Web PlayerieDivXHTML5DivXHTML5.dll (DivX, LLC)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)OracleJavaFX 2.1 Runtimebinssv.dll (Oracle Corporation)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:Program Files (x86)Windows Searchqu ToolbarDatamngrToolBarsearchqudtx.dll ()

O2 - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:Program Files (x86)SearchCore for BrowsersSearchCore for BrowsersBrowserConnection.dll (Bandoo Media, inc)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)OracleJavaFX 2.1 Runtimebinjp2ssv.dll (Oracle Corporation)

O3:64bit: - HKLM..Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE64.dll (AVAST Software)

O3:64bit: - HKLM..Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKLM..Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE.dll (AVAST Software)

O3 - HKLM..Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:Program Files (x86)Windows Searchqu ToolbarDatamngrToolBarsearchqudtx.dll ()

O3 - HKLM..Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKCU..ToolbarWebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O4:64bit: - HKLM..Run: [broadcom Wireless Manager UI] C:Program FilesDellDW WLAN CardWLTRAY.EXE (Dell Inc.)

O4:64bit: - HKLM..Run: [QuickSet] C:Program FilesDellQuickSetquickset.exe (Dell Inc.)

O4:64bit: - HKLM..Run: [sysTrayApp] C:Program FilesIDTWDMsttray64.exe (IDT, Inc.)

O4 - HKLM..Run: [AdobeCS5.5ServiceManager] "C:Program Files (x86)Common FilesAdobeCS5.5ServiceManagerCS5.5ServiceManager.exe" -launchedbylogin File not found

O4 - HKLM..Run: [APSDaemon] C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe (Apple Inc.)

O4 - HKLM..Run: [avast5] C:Program FilesAlwil SoftwareAvast5avastUI.exe (AVAST Software)

O4 - HKLM..Run: [DATAMNGR] C:Program Files (x86)SearchCore for BrowsersSearchCore for BrowsersdatamngrUI.exe (Bandoo Media, inc)

O4 - HKLM..Run: [iAStorIcon] C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe (Intel Corporation)

O4 - HKLM..Run: [startCCC] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..Run: [switchBoard] C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe (Adobe Systems Incorporated)

O4 - HKCU..Run: [Game Fire] C:Program Files (x86)Smart PC UtilitiesGame FireGFTray.exe (Smart PC Utilities, Ltd.)

O4 - HKCU..Run: [MobileDocuments] C:Program Files (x86)Common FilesAppleInternet Servicesubd.exe (Apple Inc.)

O4 - HKCU..Run: [spybotSD TeaTimer] C:Program Files (x86)Spybot - Search & DestroyTeaTimer.exe (Safer-Networking Ltd.)

O4 - HKCU..RunOnce: [FlashPlayerUpdate] C:WINDOWSSysWOW64MacromedFlashFlashUtil32_11_3_300_257_ActiveX.exe (Adobe Systems Incorporated)

O4 - Startup: C:UsersUSERAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupDropbox.lnk = C:UsersUSERAppDataRoamingDropboxbinDropbox.exe (Dropbox, Inc.)

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoActiveDesktop = 1

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoActiveDesktopChanges = 1

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorAdmin = 5

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm ()

O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm ()

O8 - Extra context menu item: Send image to &Bluetooth Device... - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm ()

O8 - Extra context menu item: Send page to &Bluetooth Device... - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm ()

O9:64bit: - Extra Button: @C:Program FilesWIDCOMMBluetooth Softwarebtrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @C:Program FilesWIDCOMMBluetooth Softwarebtrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm ()

O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:Program Files (x86)PokerStarsPokerStarsUpdate.exe (PokerStars)

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm ()

O10:64bit: - NameSpace_Catalog5Catalog_Entries64000000000008 [] - C:Program FilesBonjourmdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5Catalog_Entries000000000008 [] - C:Program Files (x86)BonjourmdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {286A75C3-11FB-4FB4-AC4A-4DD1B0750050} http://bkbcard.kbstar.com/initech/plugin/down/INIS60.cab (INISAFEWeb6 V6 Class)

O16 - DPF: {39FC0CF9-86F3-4502-B773-D16706EDEC83} http://download.kbstar.com/security/SCSK/403174/SCSK4_WOW64.cab (SCSK Control)

O16 - DPF: {51B1D5ED-67DC-43F0-A3F8-8502F1A5E404} http://download.kbstar.com/security/nprotect/netizenv4/npstarter.cab (Reg Error: Key error.)

O16 - DPF: {7E9FDB80-5316-11D4-B02C-00C04F0CD404} http://download.softforum.co.kr/Published/XecureWeb/v7.2.5.0/xw_install.cab (XecureWeb 4.0 Client Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)

O16 - DPF: {F939FEB8-9518-4A4A-BE60-D10FFB9557F2} http://download.kbstar.com/security/nprotect/netizenv55/npenkIEInstall5.cab (nProtect Netizen v5.5)

O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 203.246.162.253 164.124.101.2

O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{8CC105DE-F3DA-41FC-88C6-AA6376814A0E}: DhcpNameServer = 203.246.162.253 164.124.101.2

O18:64bit: - ProtocolHandlerlivecall - No CLSID value found

O18:64bit: - ProtocolHandlerms-help - No CLSID value found

O18:64bit: - ProtocolHandlermsnim - No CLSID value found

O18:64bit: - ProtocolHandlerskype4com - No CLSID value found

O18:64bit: - ProtocolHandlerskype-ie-addon-data - No CLSID value found

O18:64bit: - ProtocolHandlerwlmailhtml - No CLSID value found

O18:64bit: - ProtocolHandlerwlpg - No CLSID value found

O18 - ProtocolHandlerskype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dll (Skype Technologies)

O18 - ProtocolHandlerskype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)

O20:64bit: - AppInit_DLLs: (C:PROGRA~2SEARCH~1SEARCH~1x64datamngr.dll) - C:Program Files (x86)SearchCore for BrowsersSearchCore for Browsersx64datamngr.dll (Bandoo Media, inc)

O20:64bit: - AppInit_DLLs: (C:PROGRA~2SEARCH~1SEARCH~1x64IEBHO.dll) - C:Program Files (x86)SearchCore for BrowsersSearchCore for Browsersx64IEBHO.dll (Bandoo Media, inc)

O20 - AppInit_DLLs: (C:PROGRA~2SEARCH~1SEARCH~1datamngr.dll) - C:Program Files (x86)SearchCore for BrowsersSearchCore for Browsersdatamngr.dll (Bandoo Media, inc)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:WINDOWSexplorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:Windowssystem32userinit.exe) - C:WINDOWSSysNativeuserinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:WINDOWSSysNativeSystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:WINDOWSSysWow64explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:WINDOWSSysWow64userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - WinlogonNotifyGoToAssist: DllName - (C:Program Files (x86)CitrixGoToAssist514G2AWinLogon_x64.dll) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2{74b23c1a-f458-11e0-ac66-906c1f95ad20}Shell - "" = AutoRun

O33 - MountPoints2{74b23c1a-f458-11e0-ac66-906c1f95ad20}ShellAutoRuncommand - "" = E:Setup.exe

O33 - MountPoints2{8b509f7e-9cf5-11e0-a86b-e9dd2ea3922d}ShellAutoRuncommand - "" = F:autorun.exe

O33 - MountPoints2{8b509f7e-9cf5-11e0-a86b-e9dd2ea3922d}Shellphonecommand - "" = F:autorun.exe

O33 - MountPoints2{c32c7121-9b2e-11e1-a463-996928a67a2e}Shell - "" = AutoRun

O33 - MountPoints2{c32c7121-9b2e-11e1-a463-996928a67a2e}ShellAutoRuncommand - "" = F:iStudio.exe

O33 - MountPoints2{f58be9ec-32b8-11e1-86aa-da4e4bab762a}Shell - "" = AutoRun

O33 - MountPoints2{f58be9ec-32b8-11e1-86aa-da4e4bab762a}ShellAutoRuncommand - "" = E:BSAutoRun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM..comfile [open] -- "%1" %*

O35:64bit: - HKLM..exefile [open] -- "%1" %*

O35 - HKLM..comfile [open] -- "%1" %*

O35 - HKLM..exefile [open] -- "%1" %*

O37:64bit: - HKLM...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM...exe [@ = exefile] -- "%1" %*

O37 - HKLM...com [@ = comfile] -- "%1" %*

O37 - HKLM...exe [@ = exefile] -- "%1" %*

O38 - SubSystemsWindows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystemsWindows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystemsWindows: (ServerDll=sxssrv,4)

 

 

========== Files/Folders - Created Within 30 Days ==========

 

[2012/07/22 01:06:28 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:UsersUSERDesktopOTL.exe

[2012/07/17 01:59:57 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSysWow64qdvd.dll

[2012/07/17 01:59:57 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSysNativeqdvd.dll

[2012/07/17 01:45:11 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocaladaware

[2012/07/17 01:45:09 | 000,000,000 | ---D | C] -- C:ProgramDataAd-Aware Browsing Protection

[2012/07/17 01:45:02 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsAd-Aware Antivirus

[2012/07/17 01:44:58 | 000,060,536 | ---- | C] (GFI Software) -- C:WINDOWSSysNativedriverssbhips.sys

[2012/07/17 01:44:38 | 000,119,416 | ---- | C] (GFI Software) -- C:WINDOWSSysNativedriversSbFwIm.sys

[2012/07/17 01:44:36 | 000,256,632 | ---- | C] (GFI Software) -- C:WINDOWSSysNativedriversSbFw.sys

[2012/07/17 01:44:34 | 000,057,976 | ---- | C] (GFI Software) -- C:WINDOWSSysNativedriverssbredrv.sys

[2012/07/17 01:44:34 | 000,045,936 | ---- | C] (GFI Software) -- C:WINDOWSSysNativesbbd.exe

[2012/07/17 01:44:27 | 000,000,000 | ---D | C] -- C:ProgramDataLavasoft

[2012/07/17 01:44:26 | 000,000,000 | ---D | C] -- C:Program Files (x86)Ad-Aware Antivirus

[2012/07/17 01:42:41 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataRoamingAd-Aware Antivirus

[2012/07/17 01:20:54 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsSpybot - Search & Destroy

[2012/07/17 01:20:49 | 000,000,000 | ---D | C] -- C:ProgramDataSpybot - Search & Destroy

[2012/07/17 01:20:49 | 000,000,000 | ---D | C] -- C:Program Files (x86)Spybot - Search & Destroy

[2012/07/17 00:13:59 | 000,000,000 | ---D | C] -- C:UsersUSERDocuments°õ³ìÀ½±â

[2012/07/17 00:13:56 | 000,000,000 | ---D | C] -- C:Program Files (x86)GRETECH

[2012/07/17 00:06:00 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsUltraUCC

[2012/07/17 00:05:44 | 000,000,000 | ---D | C] -- C:Program Files (x86)UltraUCC

[2012/07/16 20:59:08 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{6DD0D11C-624D-4A94-9FA4-9E79EF8BCC3B}

[2012/07/16 20:58:56 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{0B53E40F-919F-40C5-99F1-AC57DD36D83F}

[2012/07/16 08:58:40 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{F99FD651-49E1-446E-BE39-462ED38D20D7}

[2012/07/16 08:58:27 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{7BA99F2F-93AD-46F7-8946-9DA5D40388CE}

[2012/07/15 02:49:30 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{82EFEFC8-C32A-45B6-8325-C5424540C9C7}

[2012/07/15 02:49:18 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{51E96D29-4F54-480D-8F1F-358E4FDAB5A4}

[2012/07/11 23:35:18 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSysNativemshtmled.dll

[2012/07/11 23:35:17 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSysNativeurl.dll

[2012/07/11 23:35:17 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSysWow64url.dll

[2012/07/11 23:35:17 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSysWow64mshtmled.dll

[2012/07/11 23:35:15 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSysNativeieui.dll

[2012/07/11 23:35:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSysWow64ieui.dll

[2012/07/11 23:35:14 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSysNativeieUnatt.exe

[2012/07/11 23:35:14 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSysWow64ieUnatt.exe

[2012/07/11 23:35:13 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSysWow64inetcpl.cpl

[2012/07/11 23:35:12 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSysNativejscript9.dll

[2012/07/11 23:35:12 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSysNativeinetcpl.cpl

[2012/07/11 23:35:11 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSysNativejscript.dll

[2012/07/11 23:35:11 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSysWow64jscript.dll

[2012/07/11 18:49:00 | 000,040,848 | ---- | C] (SoftCamp) -- C:WINDOWSSysWow64driversscskusbs.sys

[2012/07/11 18:49:00 | 000,018,832 | ---- | C] (SoftCamp) -- C:WINDOWSSysWow64driversscskusbf.sys

[2012/07/11 11:18:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSysWow64msxml3r.dll

[2012/07/11 11:18:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSysNativemsxml3r.dll

[2012/07/11 11:18:03 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSysNativencrypt.dll

[2012/07/11 11:17:58 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSysWow64cdosys.dll

[2012/07/11 11:17:56 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:WINDOWSSysNativecdosys.dll

[2012/07/10 21:49:40 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{F1889D12-A45A-4FA1-BC3A-16EDC99FA7B6}

[2012/07/10 21:49:28 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{7A826A3D-150E-45E6-A9B8-63CEF0D16F50}

[2012/07/08 09:59:20 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{741CC80D-1481-4660-9EFC-2FC8F4B7249C}

[2012/07/08 09:59:09 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{6745B772-8A1B-4992-BAEB-C38621AC81B3}

[2012/07/05 23:28:15 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{1B815B31-288F-45BB-9F3A-DCD0BCEA7E88}

[2012/07/05 23:28:05 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{9E62C4B2-6E71-4266-B0AD-E239FC66A1DE}

[2012/07/05 17:52:57 | 000,000,000 | ---D | C] -- C:UsersUSERDesktopFirework Pics

[2012/07/05 11:27:52 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{2F5F6A44-DB49-49C2-82A7-EBAA45E69B66}

[2012/07/05 11:27:42 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{A7A6A834-5778-4922-BF9E-668AC8EA7A96}

[2012/07/04 10:14:27 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataRoamingMicrosoftWindowsStart MenuProgramsBluetooth Devices

[2012/07/03 12:32:37 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesJava

[2012/07/03 02:26:28 | 000,000,000 | ---D | C] -- C:Program Files (x86)Oracle

[2012/07/03 02:26:20 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:WINDOWSSysWow64npDeployJava1.dll

[2012/07/03 02:26:20 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:WINDOWSSysWow64javaws.exe

[2012/07/02 20:01:44 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{3A881B87-D4D9-4BE1-A475-2B1E1A7D542F}

[2012/07/02 20:01:30 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{73DA0107-1E13-4DA6-8E4D-2D78277977FE}

[2012/07/02 18:41:22 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsiTunes

[2012/07/02 18:40:37 | 000,000,000 | ---D | C] -- C:Program FilesiPod

[2012/07/02 18:40:36 | 000,000,000 | ---D | C] -- C:Program FilesiTunes

[2012/07/02 18:40:36 | 000,000,000 | ---D | C] -- C:Program Files (x86)iTunes

[2012/07/01 17:11:46 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{0EE717FC-9632-443C-9E94-B92E65E7D4E2}

[2012/07/01 17:11:36 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{4480A435-B4C4-4D70-8CDD-28482C8414F8}

[2012/07/01 05:11:25 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{D2DB5B85-8DD6-4A48-A63E-0FA6BD5F2BAF}

[2012/07/01 05:11:15 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{E220B24C-AE47-44E5-BE4F-F1AAEEC6F1D4}

[2012/06/30 17:11:02 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{AD76B5D4-6F22-4665-83D8-392347FF8774}

[2012/06/30 17:10:52 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{DC443248-CBBD-4C87-B0EB-2958B2A8D982}

[2012/06/30 05:10:40 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{C4181A7F-0EC0-4F65-95BC-CE193FC00C65}

[2012/06/30 05:10:30 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{ABA59DD5-0566-47E7-BA1C-A5F57F6968CC}

[2012/06/29 17:10:19 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{BCC8D22E-FCF3-48B2-9270-1C982F4ECCF4}

[2012/06/29 17:10:09 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{43B4EEE2-DF6E-42F5-8CA8-8AA9BEFA7AC7}

[2012/06/29 01:10:54 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{4462840C-AA47-43F0-98C4-8301F67701E7}

[2012/06/29 01:10:44 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{C93E6441-D750-4BB8-9339-8C972B8D916A}

[2012/06/28 13:10:32 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{A4D9A620-5665-4E9F-AC19-5A5777AF3185}

[2012/06/28 13:10:22 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{F41745CE-5913-4AF7-8FB8-BE024ED65EE4}

[2012/06/28 01:10:09 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{1EAD0B53-706D-49BD-A179-5A143C221307}

[2012/06/28 01:09:59 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{E1B6900B-55F9-46B0-8434-CA4493050BB4}

[2012/06/27 13:09:48 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{E04ED124-60D6-49CD-B0E6-5C7903019BB6}

[2012/06/27 13:09:38 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{C0C5C221-2A5A-40C5-BF75-FFCC58F8B9CE}

[2012/06/27 01:09:25 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{4016DC68-8677-4047-8D26-2DD5FFAD8ADD}

[2012/06/27 01:09:15 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{DBB13A6B-7B0C-4178-B46E-4B2C3EB8F3C8}

[2012/06/26 23:45:05 | 000,000,000 | ---D | C] -- C:UsersUSERDesktopFinal Layout from Pagoda

[2012/06/26 13:09:04 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{3C617F48-8CB3-4328-AAED-6F5F33B3DAC2}

[2012/06/26 13:08:54 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{3B06E2B7-7BE9-4677-A2B1-B7A384ED64E9}

[2012/06/26 01:08:43 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{3805FAD7-70F2-4081-9D8E-CFDB1609F426}

[2012/06/26 01:08:32 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{02BFC5C8-0ECE-44E0-8306-A79E03C2842E}

[2012/06/25 13:08:21 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{C44D1705-09F2-49AC-88E1-56689FD8ACBF}

[2012/06/25 13:08:12 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{93E5C0B5-F906-4AAB-A015-4778A93FB072}

[20

Share this post


Link to post
Share on other sites

SprinkbreakBox,

 

It does not appear that the log you provided is complete... but let's get started cleaning things out with the information we have.

 

Double click on OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following
  • Do Not copy the word CODE
  • please note the fix starts with the :
:Processes

:OTL
PRC - [2011/10/02 20:15:02 | 001,700,752 | ---- | M] (Bandoo Media, inc) -- C:Program Files (x86)SearchCore for BrowsersSearchCore for BrowsersdatamngrUI.exe
IE:64bit: - HKLM..SearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://www.searchqu....&q={searchTerms}
IE - HKLM..SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
IE - HKLM..SearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://www.searchqu....&q={searchTerms}
IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.daum.net
IE - HKCU..SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU..SearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://www.searchqu....&q={searchTerms}
FF - prefs.js..browser.startup.homepage: "reddit.com"
FF - prefs.js..keyword.URL: "http://www.searchqu....emid=410&sr=0="
O2:64bit: - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:Program Files (x86)SearchCore for BrowsersSearchCore for Browsersx64BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:Program Files (x86)Windows Searchqu ToolbarDatamngrToolBarsearchqudtx.dll ()
O2 - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:Program Files (x86)SearchCore for BrowsersSearchCore for BrowsersBrowserConnection.dll (Bandoo Media, inc)
O3:64bit: - HKLM..Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM..Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:Program Files (x86)Windows Searchqu ToolbarDatamngrToolBarsearchqudtx.dll ()
O3 - HKLM..Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..Run: [DATAMNGR] C:Program Files (x86)SearchCore for BrowsersSearchCore for BrowsersdatamngrUI.exe (Bandoo Media, inc)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {51B1D5ED-67DC-43F0-A3F8-8502F1A5E404} http://download.kbst...4/npstarter.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O20:64bit: - AppInit_DLLs: (C:PROGRA~2SEARCH~1SEARCH~1x64datamngr.dll) - C:Program Files (x86)SearchCore for BrowsersSearchCore for Browsersx64datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:PROGRA~2SEARCH~1SEARCH~1x64IEBHO.dll) - C:Program Files (x86)SearchCore for BrowsersSearchCore for Browsersx64IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:PROGRA~2SEARCH~1SEARCH~1datamngr.dll) - C:Program Files (x86)SearchCore for BrowsersSearchCore for Browsersdatamngr.dll (Bandoo Media, inc)
O33 - MountPoints2{74b23c1a-f458-11e0-ac66-906c1f95ad20}Shell - "" = AutoRun
O33 - MountPoints2{74b23c1a-f458-11e0-ac66-906c1f95ad20}ShellAutoRuncommand - "" = E:Setup.exe
O33 - MountPoints2{8b509f7e-9cf5-11e0-a86b-e9dd2ea3922d}ShellAutoRuncommand - "" = F:autorun.exe
O33 - MountPoints2{8b509f7e-9cf5-11e0-a86b-e9dd2ea3922d}Shellphonecommand - "" = F:autorun.exe
O33 - MountPoints2{c32c7121-9b2e-11e1-a463-996928a67a2e}Shell - "" = AutoRun
O33 - MountPoints2{c32c7121-9b2e-11e1-a463-996928a67a2e}ShellAutoRuncommand - "" = F:iStudio.exe
O33 - MountPoints2{f58be9ec-32b8-11e1-86aa-da4e4bab762a}Shell - "" = AutoRun
O33 - MountPoints2{f58be9ec-32b8-11e1-86aa-da4e4bab762a}ShellAutoRuncommand - "" = E:BSAutoRun.exe
[2012/07/16 20:59:08 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{6DD0D11C-624D-4A94-9FA4-9E79EF8BCC3B}
[2012/07/16 20:58:56 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{0B53E40F-919F-40C5-99F1-AC57DD36D83F}
[2012/07/16 08:58:40 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{F99FD651-49E1-446E-BE39-462ED38D20D7}
[2012/07/16 08:58:27 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{7BA99F2F-93AD-46F7-8946-9DA5D40388CE}
[2012/07/15 02:49:30 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{82EFEFC8-C32A-45B6-8325-C5424540C9C7}
[2012/07/15 02:49:18 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{51E96D29-4F54-480D-8F1F-358E4FDAB5A4}
[2012/07/10 21:49:40 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{F1889D12-A45A-4FA1-BC3A-16EDC99FA7B6}
[2012/07/10 21:49:28 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{7A826A3D-150E-45E6-A9B8-63CEF0D16F50}
[2012/07/08 09:59:20 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{741CC80D-1481-4660-9EFC-2FC8F4B7249C}
[2012/07/08 09:59:09 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{6745B772-8A1B-4992-BAEB-C38621AC81B3}
[2012/07/05 23:28:15 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{1B815B31-288F-45BB-9F3A-DCD0BCEA7E88}
[2012/07/05 23:28:05 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{9E62C4B2-6E71-4266-B0AD-E239FC66A1DE}
[2012/07/05 11:27:52 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{2F5F6A44-DB49-49C2-82A7-EBAA45E69B66}
[2012/07/05 11:27:42 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{A7A6A834-5778-4922-BF9E-668AC8EA7A96}
[2012/07/02 20:01:44 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{3A881B87-D4D9-4BE1-A475-2B1E1A7D542F}
[2012/07/02 20:01:30 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{73DA0107-1E13-4DA6-8E4D-2D78277977FE}
[2012/07/01 17:11:46 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{0EE717FC-9632-443C-9E94-B92E65E7D4E2}
[2012/07/01 17:11:36 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{4480A435-B4C4-4D70-8CDD-28482C8414F8}
[2012/07/01 05:11:25 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{D2DB5B85-8DD6-4A48-A63E-0FA6BD5F2BAF}
[2012/07/01 05:11:15 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{E220B24C-AE47-44E5-BE4F-F1AAEEC6F1D4}
[2012/06/30 17:11:02 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{AD76B5D4-6F22-4665-83D8-392347FF8774}
[2012/06/30 17:10:52 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{DC443248-CBBD-4C87-B0EB-2958B2A8D982}
[2012/06/30 05:10:40 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{C4181A7F-0EC0-4F65-95BC-CE193FC00C65}
[2012/06/30 05:10:30 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{ABA59DD5-0566-47E7-BA1C-A5F57F6968CC}
[2012/06/29 17:10:19 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{BCC8D22E-FCF3-48B2-9270-1C982F4ECCF4}
[2012/06/29 17:10:09 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{43B4EEE2-DF6E-42F5-8CA8-8AA9BEFA7AC7}
[2012/06/29 01:10:54 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{4462840C-AA47-43F0-98C4-8301F67701E7}
[2012/06/29 01:10:44 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{C93E6441-D750-4BB8-9339-8C972B8D916A}
[2012/06/28 13:10:32 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{A4D9A620-5665-4E9F-AC19-5A5777AF3185}
[2012/06/28 13:10:22 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{F41745CE-5913-4AF7-8FB8-BE024ED65EE4}
[2012/06/28 01:10:09 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{1EAD0B53-706D-49BD-A179-5A143C221307}
[2012/06/28 01:09:59 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{E1B6900B-55F9-46B0-8434-CA4493050BB4}
[2012/06/27 13:09:48 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{E04ED124-60D6-49CD-B0E6-5C7903019BB6}
[2012/06/27 13:09:38 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{C0C5C221-2A5A-40C5-BF75-FFCC58F8B9CE}
[2012/06/27 01:09:25 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{4016DC68-8677-4047-8D26-2DD5FFAD8ADD}
[2012/06/27 01:09:15 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{DBB13A6B-7B0C-4178-B46E-4B2C3EB8F3C8}
[2012/06/26 13:09:04 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{3C617F48-8CB3-4328-AAED-6F5F33B3DAC2}
[2012/06/26 13:08:54 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{3B06E2B7-7BE9-4677-A2B1-B7A384ED64E9}
[2012/06/26 01:08:43 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{3805FAD7-70F2-4081-9D8E-CFDB1609F426}
[2012/06/26 01:08:32 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{02BFC5C8-0ECE-44E0-8306-A79E03C2842E}
[2012/06/25 13:08:21 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{C44D1705-09F2-49AC-88E1-56689FD8ACBF}
[2012/06/25 13:08:12 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{93E5C0B5-F906-4AAB-A015-4778A93FB072}
[2012/06/24 16:15:59 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{30DB6D21-E88A-4630-BDDB-4D041C881767}
[2012/06/24 16:15:49 | 000,000,000 | ---D | C] -- C:UsersUSERAppDataLocal{D1E5FB20-94DC-436D-9C2C-56F0B1D0268B}

:Commands
[purity]
[emptytemp]
[resethosts]
[start explorer]
[Reboot]

Then click the Run Fix button at the top

  • Let the program run unhindered
  • Please save the resulting log to be posted in your next reply.
  • Reboot your computer
Please post the OTL log.

Share this post


Link to post
Share on other sites

Have run that fix. After reboot, the text file which loaded at startup read:

 

 

All processes killed

========== PROCESSES ==========

========== OTL ==========

No active process named datamngrUI.exe was found!

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} not found.

HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopesDefaultScope| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} not found.

HKCUSOFTWAREMicrosoftInternet ExplorerMainStart Page| /E : value set successfully!

HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerSearchScopesDefaultScope| /E : value set successfully!

Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerSearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} not found.

Prefs.js: "reddit.com" removed from browser.startup.homepage

Prefs.js: "http://www.searchqu....emid=410&sr=0=" removed from keyword.URL

64bit-Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully.

C:Program Files (x86)SearchCore for BrowsersSearchCore for Browsersx64BrowserConnection.dll moved successfully.

Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.

C:Program Files (x86)Windows Searchqu ToolbarDatamngrToolBarsearchqudtx.dll moved successfully.

Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully.

C:Program Files (x86)SearchCore for BrowsersSearchCore for BrowsersBrowserConnection.dll moved successfully.

64bit-Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar10 deleted successfully.

Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7} not found.

File C:Program Files (x86)Windows Searchqu ToolbarDatamngrToolBarsearchqudtx.dll not found.

Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar10 deleted successfully.

Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunDATAMNGR deleted successfully.

C:Program Files (x86)SearchCore for BrowsersSearchCore for BrowsersdatamngrUI.exe moved successfully.

Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units{8AD9C840-044E-11D1-B3E9-00805F499D93} deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{8AD9C840-044E-11D1-B3E9-00805F499D93} deleted successfully.

Registry key HKEY_CURRENT_USERSOFTWAREClassesCLSID{8AD9C840-044E-11D1-B3E9-00805F499D93} deleted successfully.

Registry key HKEY_USERS.DEFAULTSOFTWAREClassesCLSID{8AD9C840-044E-11D1-B3E9-00805F499D93} deleted successfully.

Registry key HKEY_USERSS-1-5-21-781000255-4049561891-2088489889-1003SOFTWAREClassesCLSID{8AD9C840-044E-11D1-B3E9-00805F499D93} deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{8AD9C840-044E-11D1-B3E9-00805F499D93} not found.

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{8AD9C840-044E-11D1-B3E9-00805F499D93} not found.

Starting removal of ActiveX control {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} deleted successfully.

Registry key HKEY_CURRENT_USERSOFTWAREClassesCLSID{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} deleted successfully.

Registry key HKEY_USERS.DEFAULTSOFTWAREClassesCLSID{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} deleted successfully.

Registry key HKEY_USERSS-1-5-21-781000255-4049561891-2088489889-1003SOFTWAREClassesCLSID{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} not found.

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} not found.

Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} deleted successfully.

Registry key HKEY_CURRENT_USERSOFTWAREClassesCLSID{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} deleted successfully.

Registry key HKEY_USERS.DEFAULTSOFTWAREClassesCLSID{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} not found.

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} not found.

Starting removal of ActiveX control {51B1D5ED-67DC-43F0-A3F8-8502F1A5E404}

C:WindowsDownloaded Program Filesnpstarter.inf moved successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units{51B1D5ED-67DC-43F0-A3F8-8502F1A5E404} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{51B1D5ED-67DC-43F0-A3F8-8502F1A5E404} not found.

Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{51B1D5ED-67DC-43F0-A3F8-8502F1A5E404} not found.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{51B1D5ED-67DC-43F0-A3F8-8502F1A5E404} not found.

Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}

Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units{8AD9C840-044E-11D1-B3E9-00805F499D93} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{8AD9C840-044E-11D1-B3E9-00805F499D93} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{8AD9C840-044E-11D1-B3E9-00805F499D93} not found.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{8AD9C840-044E-11D1-B3E9-00805F499D93} not found.

Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} not found.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} not found.

64bit-Registry value HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindowsAppInit_Dlls:C:PROGRA~2SEARCH~1SEARCH~1x64datamngr.dll deleted successfully.

C:Program Files (x86)SearchCore for BrowsersSearchCore for Browsersx64datamngr.dll moved successfully.

64bit-Registry value HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindowsAppInit_Dlls:C:PROGRA~2SEARCH~1SEARCH~1x64IEBHO.dll deleted successfully.

C:Program Files (x86)SearchCore for BrowsersSearchCore for Browsersx64IEBHO.dll moved successfully.

Registry value HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindowsAppInit_Dlls:C:PROGRA~2SEARCH~1SEARCH~1datamngr.dll deleted successfully.

C:Program Files (x86)SearchCore for BrowsersSearchCore for Browsersdatamngr.dll moved successfully.

Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{74b23c1a-f458-11e0-ac66-906c1f95ad20} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{74b23c1a-f458-11e0-ac66-906c1f95ad20} not found.

Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{74b23c1a-f458-11e0-ac66-906c1f95ad20} not found.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{74b23c1a-f458-11e0-ac66-906c1f95ad20} not found.

File E:Setup.exe not found.

Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{8b509f7e-9cf5-11e0-a86b-e9dd2ea3922d} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{8b509f7e-9cf5-11e0-a86b-e9dd2ea3922d} not found.

File F:autorun.exe not found.

Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{8b509f7e-9cf5-11e0-a86b-e9dd2ea3922d} not found.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{8b509f7e-9cf5-11e0-a86b-e9dd2ea3922d} not found.

File F:autorun.exe not found.

Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{c32c7121-9b2e-11e1-a463-996928a67a2e} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{c32c7121-9b2e-11e1-a463-996928a67a2e} not found.

Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{c32c7121-9b2e-11e1-a463-996928a67a2e} not found.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{c32c7121-9b2e-11e1-a463-996928a67a2e} not found.

File F:iStudio.exe not found.

Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{f58be9ec-32b8-11e1-86aa-da4e4bab762a} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{f58be9ec-32b8-11e1-86aa-da4e4bab762a} not found.

Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{f58be9ec-32b8-11e1-86aa-da4e4bab762a} not found.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{f58be9ec-32b8-11e1-86aa-da4e4bab762a} not found.

File E:BSAutoRun.exe not found.

C:UsersUSERAppDataLocal{6DD0D11C-624D-4A94-9FA4-9E79EF8BCC3B} folder moved successfully.

C:UsersUSERAppDataLocal{0B53E40F-919F-40C5-99F1-AC57DD36D83F} folder moved successfully.

C:UsersUSERAppDataLocal{F99FD651-49E1-446E-BE39-462ED38D20D7} folder moved successfully.

C:UsersUSERAppDataLocal{7BA99F2F-93AD-46F7-8946-9DA5D40388CE} folder moved successfully.

C:UsersUSERAppDataLocal{82EFEFC8-C32A-45B6-8325-C5424540C9C7} folder moved successfully.

C:UsersUSERAppDataLocal{51E96D29-4F54-480D-8F1F-358E4FDAB5A4} folder moved successfully.

C:UsersUSERAppDataLocal{F1889D12-A45A-4FA1-BC3A-16EDC99FA7B6} folder moved successfully.

C:UsersUSERAppDataLocal{7A826A3D-150E-45E6-A9B8-63CEF0D16F50} folder moved successfully.

C:UsersUSERAppDataLocal{741CC80D-1481-4660-9EFC-2FC8F4B7249C} folder moved successfully.

C:UsersUSERAppDataLocal{6745B772-8A1B-4992-BAEB-C38621AC81B3} folder moved successfully.

C:UsersUSERAppDataLocal{1B815B31-288F-45BB-9F3A-DCD0BCEA7E88} folder moved successfully.

C:UsersUSERAppDataLocal{9E62C4B2-6E71-4266-B0AD-E239FC66A1DE} folder moved successfully.

C:UsersUSERAppDataLocal{2F5F6A44-DB49-49C2-82A7-EBAA45E69B66} folder moved successfully.

C:UsersUSERAppDataLocal{A7A6A834-5778-4922-BF9E-668AC8EA7A96} folder moved successfully.

C:UsersUSERAppDataLocal{3A881B87-D4D9-4BE1-A475-2B1E1A7D542F} folder moved successfully.

C:UsersUSERAppDataLocal{73DA0107-1E13-4DA6-8E4D-2D78277977FE} folder moved successfully.

C:UsersUSERAppDataLocal{0EE717FC-9632-443C-9E94-B92E65E7D4E2} folder moved successfully.

C:UsersUSERAppDataLocal{4480A435-B4C4-4D70-8CDD-28482C8414F8} folder moved successfully.

C:UsersUSERAppDataLocal{D2DB5B85-8DD6-4A48-A63E-0FA6BD5F2BAF} folder moved successfully.

C:UsersUSERAppDataLocal{E220B24C-AE47-44E5-BE4F-F1AAEEC6F1D4} folder moved successfully.

C:UsersUSERAppDataLocal{AD76B5D4-6F22-4665-83D8-392347FF8774} folder moved successfully.

C:UsersUSERAppDataLocal{DC443248-CBBD-4C87-B0EB-2958B2A8D982} folder moved successfully.

C:UsersUSERAppDataLocal{C4181A7F-0EC0-4F65-95BC-CE193FC00C65} folder moved successfully.

C:UsersUSERAppDataLocal{ABA59DD5-0566-47E7-BA1C-A5F57F6968CC} folder moved successfully.

C:UsersUSERAppDataLocal{BCC8D22E-FCF3-48B2-9270-1C982F4ECCF4} folder moved successfully.

C:UsersUSERAppDataLocal{43B4EEE2-DF6E-42F5-8CA8-8AA9BEFA7AC7} folder moved successfully.

C:UsersUSERAppDataLocal{4462840C-AA47-43F0-98C4-8301F67701E7} folder moved successfully.

C:UsersUSERAppDataLocal{C93E6441-D750-4BB8-9339-8C972B8D916A} folder moved successfully.

C:UsersUSERAppDataLocal{A4D9A620-5665-4E9F-AC19-5A5777AF3185} folder moved successfully.

C:UsersUSERAppDataLocal{F41745CE-5913-4AF7-8FB8-BE024ED65EE4} folder moved successfully.

C:UsersUSERAppDataLocal{1EAD0B53-706D-49BD-A179-5A143C221307} folder moved successfully.

C:UsersUSERAppDataLocal{E1B6900B-55F9-46B0-8434-CA4493050BB4} folder moved successfully.

C:UsersUSERAppDataLocal{E04ED124-60D6-49CD-B0E6-5C7903019BB6} folder moved successfully.

C:UsersUSERAppDataLocal{C0C5C221-2A5A-40C5-BF75-FFCC58F8B9CE} folder moved successfully.

C:UsersUSERAppDataLocal{4016DC68-8677-4047-8D26-2DD5FFAD8ADD} folder moved successfully.

C:UsersUSERAppDataLocal{DBB13A6B-7B0C-4178-B46E-4B2C3EB8F3C8} folder moved successfully.

C:UsersUSERAppDataLocal{3C617F48-8CB3-4328-AAED-6F5F33B3DAC2} folder moved successfully.

C:UsersUSERAppDataLocal{3B06E2B7-7BE9-4677-A2B1-B7A384ED64E9} folder moved successfully.

C:UsersUSERAppDataLocal{3805FAD7-70F2-4081-9D8E-CFDB1609F426} folder moved successfully.

C:UsersUSERAppDataLocal{02BFC5C8-0ECE-44E0-8306-A79E03C2842E} folder moved successfully.

C:UsersUSERAppDataLocal{C44D1705-09F2-49AC-88E1-56689FD8ACBF} folder moved successfully.

C:UsersUSERAppDataLocal{93E5C0B5-F906-4AAB-A015-4778A93FB072} folder moved successfully.

C:UsersUSERAppDataLocal{30DB6D21-E88A-4630-BDDB-4D041C881767} folder moved successfully.

C:UsersUSERAppDataLocal{D1E5FB20-94DC-436D-9C2C-56F0B1D0268B} folder moved successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 56475 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Guest

->Temp folder emptied: 57382 bytes

->Temporary Internet Files folder emptied: 65679168 bytes

->Java cache emptied: 1456238 bytes

->Flash cache emptied: 1037 bytes

 

User: postgres

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Public

 

User: USER

->Temp folder emptied: 12628837 bytes

->Temporary Internet Files folder emptied: 6759083 bytes

->Java cache emptied: 3023574 bytes

->FireFox cache emptied: 333657302 bytes

->Google Chrome cache emptied: 365481268 bytes

->Apple Safari cache emptied: 54469632 bytes

->Flash cache emptied: 180386 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%System32 .tmp files removed: 0 bytes

%systemroot%System32 (64bit) .tmp files removed: 0 bytes

%systemroot%System32drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 59816290 bytes

%systemroot%sysnativeconfigsystemprofileAppDataLocalMicrosoftWindowsTemporary Internet Files folder emptied: 50400 bytes

RecycleBin emptied: 6592227560 bytes

 

Total Files Cleaned = 7,148.00 mb

 

C:WINDOWSSystem32driversetcHosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.54.0 log created on 07232012_014319

 

FilesFolders moved on Reboot...

C:UsersUSERAppDataLocalTempFXSAPIDebugLogFile.txt moved successfully.

C:UsersUSERAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.Word~WRS{089C6C37-3AF6-448B-9E06-733B57AC38AB}.tmp moved successfully.

C:UsersUSERAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.Word~WRS{BC179806-C9B9-4774-BD90-5B07B38A6509}.tmp moved successfully.

File move failed. C:WINDOWStemp_avast_Webshlock.txt scheduled to be moved on reboot.

 

PendingFileRenameOperations files...

File C:UsersUSERAppDataLocalTempFXSAPIDebugLogFile.txt not found!

File C:UsersUSERAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.Word~WRS{089C6C37-3AF6-448B-9E06-733B57AC38AB}.tmp not found!

File C:UsersUSERAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.Word~WRS{BC179806-C9B9-4774-BD90-5B07B38A6509}.tmp not found!

[2012/07/23 01:47:40 | 000,000,000 | ---- | M] () C:WINDOWStemp_avast_Webshlock.txt : Unable to obtain MD5

 

Registry entries deleted on Reboot...

Share this post


Link to post
Share on other sites

This seems to have cured the IE homepage-hijack symptom I encountered! Thank you very much! I never thought I'd be so glad to see the MSN homepage. Now when I open IE, I get a Windows User-Account-Control security window, with a program called ssvagent.exe requesting permissions, published by "Oracle America, Inc." I assume I should grant those permissions to software from Oracle after whatever kind of reset I performed with OTL?

 

Is there more to this fix? You mentioned my first OTL log posts were incomplete... don't know how that happened, but I can try following those instructions again. ...Would it be possible for you to give me a brief layperson explanation of what actions were just performed? I see the words "registry" or "reg edit" and am out of my depth. Thanks again!

Share this post


Link to post
Share on other sites

That Oracle window is for your Java. It should be OK to grant permission.

 

All I've done so far is remove a searchqu redirect. The fix you ran removed the entries related to it that were shown in the log. A couple of files were removed and then all of the registry "adjustments" were to remove entries that pointed to the "bad" files.

 

I'd still like to run a few scans before I believe you are clean.

 

Download ComboFix:

 

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

 

* IMPORTANT !!! Save ComboFix.exe to your Desktop

 

 

When finished, it shall produce a log for you. Please include the C:ComboFix.txt in your next reply.

 

 

Notes:

 

1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.

2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

3. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.

4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Share this post


Link to post
Share on other sites

Have run ComboFix. Log reads:

 

 

ComboFix 12-07-21.01 - USER 07/23/2012 5:59.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6007.4095 [GMT 9:00]

Running from: c:usersUSERDesktopComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Lavasoft Ad-Aware *Disabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}

FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Lavasoft Ad-Aware *Disabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:program files (x86)Windows Searchqu Toolbar

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBaras_guid.dat

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentbandoocode.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentdatasearchengines.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentdatasearchsearch.xsl

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibabout.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibbandoocode.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibdtxpanel.xul

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibdtxpaneltransparent.xul

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibdtxpanelwin.xul

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibdtxprefwin.xul

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibdtxtransparentwin.xul

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibdtxwin.xul

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibemailnotifierproviders.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibexternal.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibimeshcode.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibneterror.xhtml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibvmncode.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibwmpstreamer.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentmodulesdatastore.jsm

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentmodulesnsDragAndDrop.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentneterror.xhtml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentpartner.coupons.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentpreferences.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentradiobeta.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontenttemplate.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontenttoolbar.htm

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontenttoolbar.xul

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentvmncode.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentvmnrsswin.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentwidgetsnet.vmn.www.PPCBullytb_icon.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentwidgetsnet.vmn.www.PPCBullywidget.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentwidgetsnet.vmn.www.PPCBullywidget.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentwidgetsnet.vmn.www.PPCBullywidget_version

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinbabylon_logo.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinbandoo.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinbluelite.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinbluesky.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinbtn-search-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinbtn-search.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinbtn-settings-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinbtn-settings.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinbtn-widgets-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinbtn-widgets.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinbtn_settings.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinca.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskindictionary.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskindivider.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskindownloadcom.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskindtxlogo.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinebay.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinemail.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinemail_on.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinfacebook.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingames.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphred0.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphred0_5.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphred1.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphred1_5.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphred2.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphred2_5.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphred3.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphred3_5.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphred4.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphred4_5.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphred5.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphredna.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingrey.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinico-shield.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinicon_radio_png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinicon_seperator_png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinicon_twitter.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinicon_youtube.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinimages.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinimesh.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibadd.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibaol.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibarrow-dn.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibarrow-right-disabled.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibarrow-right.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibarrow-up.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbg-btn-divider.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbg-btn-end.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbg-btn-mdl.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbg-btn-mdl_ff.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbg-btn-start.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbg-btnover-divider.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbg-btnover-end.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbg-btnover-mdl.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbg-btnover-mdl_ff.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbg-btnover-start.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibblank.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbtn-widgets-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbtn-widgets.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbtn_slider.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbtnback-down-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbtnback-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbtnleft-down-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbtnleft-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbtnright-down-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbtnright-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbutton-splitter-down-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbutton-splitter-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibcheckmark.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibchevron.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibcollapse.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibcomcast.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibdtx.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibedit-back-hot.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibedit-back.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibexpand.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibfound.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibgmail.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibhighlight.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibhighlight_blue.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibhighlight_cyan.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibhighlight_lime.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibhighlight_magenta.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibhighlight_yellow.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibhotmail.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibico-check.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibimap.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinliblastsearch-thumb-back.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibloadingMid.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinliblock.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinliblogo-separator.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmailcom.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmenu_bg-basic.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmenu_separator_bar.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmenu_separator_white.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmenuitem-splitter.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmenuitemback-down-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmenuitemback-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmenuitemleft-down-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmenuitemleft-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmenuitemright-down-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmenuitemright-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmodify.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmove.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmovetarget.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelscsspanels.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelscsspopupAbout.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelscsspopupGames.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelscsspopupRSS.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelscsspopupWidgets.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultcssdialog.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagesbg.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagesbtn-search.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagesbtn-wide-close-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagesbtn-wide-close.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagesdefault.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagestab-off-l.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagestab-off-r.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagestab-on-l.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagestab-on-r.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagestransparent.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagesttlbar-left.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagesttlbar-mdl.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagesttlbar-right.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimageswin-btm-left.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimageswin-btm-mdl.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimageswin-btm-right-resize.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimageswin-btm-right.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimageswin-left.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimageswin-right.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultmain.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultscriptsdefscript.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsfooter.htm

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsgamecategory.xsl

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsgameData.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsgameList.xsl

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsgames.xsl

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsgametype.xsl

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesarrow-dn.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesarrow-sml-drop.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesarrow-sml.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesarrow-up.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesarrowr-bluew5.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbg-aboutbox.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbg-btnover.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbg-pnl520x390.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-addtoolbar-left-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-addtoolbar-left.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-addtoolbar-right.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-back.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-close-grey.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-close-greyover.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-drag.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-mdl-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-mdl.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-moredetails.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-next-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-next.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-play-left-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-play-left.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-previous-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-previous.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-right-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-search-pnlbtm-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-search-pnlbtm.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-try-left-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-try-left.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbullet-orange.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesgamethumb-on.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesgamethumb2-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesico-calendar.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesico-dollar.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesico-download.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesico-joystick24.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesico-news24.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesico-play.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesico-tags.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesicon-Add.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesicon-download.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesicon-Info.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesicon-play.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesicon-shop.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesmenul-bgon.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesmenul-bgover.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagespanel-botm-noscroll.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesscroll-bg-206.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesscroll-bg.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesscroll-topwin.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesscrollb-disable.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesscrollb-down.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesscrollb-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesscrollb.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesscrollt-disable.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesscrollt-down.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesscrollt-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesscrollt.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagessearchbox-pnlbtm.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesstar_x_grey.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesstar_x_orange.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesTRUSTe_about.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesview-detailed-on.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesview-detailed-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesview-thumb-on.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesview-thumb-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimageswidgets-square-16px.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimageswidgets-square-24px.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimageswidgets.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsinitHTML.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelspopupGames.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelspopupHTML.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelspopupRSS.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelspopupWidgets.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsscroll.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpop.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradio.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradiocssmanager.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradiocssslider.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesbg-pnl.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesbtn-close-grey.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesbtn-close-greyover.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagescollapsed_button.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesexpanded_button.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesico-playstation-down.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesico-playstation-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesico-playstation.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesico-radio.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesmusic-note.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-btn-pause-on.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-btn-pause.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-btn-play-on.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-btn-play.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-eq-bg.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-eq-buffer.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-eq-busy.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-eq-off.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-eq-on.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-eq-warning.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-options-design-on.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-options-design.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-options-on.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-options.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-volume-0.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-volume-1.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-volume-2.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-volume-3.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-volume-mute.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesscrollbar-handle.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesscrollbar-track.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesslider.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesslideron.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagestrack.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradiomanagerpanel.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradiovolumeslider.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradiobeta-buffering.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradiobeta-connecting.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradiobeta-playing.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradiobeta-stopped.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradiobeta.ico

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibreload.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibremove.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibrename.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibresize-box.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibrss.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibrsschannelback.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibRSSLogo.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibrsstabdivider.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibscroll-left.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibscroll-right.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibsearch-go.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibsearch.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibtext-ellipsis.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibthrobber.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibtoolbarsplitter.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibtransparent_1px.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_02.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_03.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_04.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_06.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_07.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_08.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_09.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_10.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_11.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_12.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_13.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_14.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_15.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_16.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_18.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_19.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_20.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_21.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwabtn-close-grey.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwabtn-close-greyover.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaclose-hot.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaclose-normal.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaloadingMid.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaproxy.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwatemplate.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwatemplate.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwatemplateFF.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwathrobber.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttoniconscond999.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttoniconsicons.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttoniconsna-s.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttoniconsna-t.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttoniconsna.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesadd.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesarrowr-bluew5.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbg-pnl.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbg-pnl520x350.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbg-pnl520x350blue-whitebg.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbg-pnl520x350blue.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbox-check.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbox-uncheck.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbtn-close-grey.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbtn-close-greyover.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbtn-delete.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbtn-search-pnlbtm-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbtn-search-pnlbtm.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbtnarrow-next-off.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbtnarrow-next.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbtnarrow-previous-off.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbtnarrow-previous.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesico-check.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesico-hotandhumid-s.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesico-hotandhumid.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesoptions-weather.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesover-blue.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesover-orange.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagespowered-by-weatherbug.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagespowered-by-weatherbug2.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesradio-checked.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesradio-unchecked.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagessearchbox-pnlbtm.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesweather-contour.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelspopupWeather.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelspopupWeather.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibyahoo.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlichen.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlogo-about.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlogo-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlogo-separator.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlogo.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinmail.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinmaps.bmp

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinmenuseparatorback.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinmodify-save.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinmodify.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinmodifyhot.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinmusic.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinnews.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinoptionsoptions-main.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinoptionsoptions-search.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinoptionsoptions-weather.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinoptionsoptions-weather.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinoptionsoptions-widgets.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinorange.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinpixsy.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinprotect-id.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinradiobeta-buffering.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinradiobeta-connecting.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinradiobeta-playing.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinradiobeta-stopped.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinradiobeta.ico

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrelatedlinks.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrss-collapse.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrss-delete.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrss-expand.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrss-feed.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrss-folder-remove.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrss-folder-rename.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrss-folder.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrss-found.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrss-reload.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrss-subscribe.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrss.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrssback.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrsstopback.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinsearch-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinsearch.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinsearch_button_over_png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinsearch_button_png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinsearchbarsearchbar-background-left.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinsearchbarsearchbar-background-middle.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinsearchbarsearchbar-background-right.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinsettings.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinshopping.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinsiteinfo.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinskin-bluelite.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinskin-bluesky.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinskin-grey.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinskin-lichen.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinskin-orange.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinskin-yellow.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinskin.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskintechnorati.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinthrobber.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskintoolbarsplitter.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskintranslate.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinvideo.bmp

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinvmn.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinvmn.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinweather.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinweb.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinwidgets-square-16px.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinwikipedia.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinyahoosearch.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinyellow.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinyoutube.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinzoom.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarcomponentswindowmediator.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBardtUser.exe

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarmanifest.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarsearchquband.dll

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBaruninstall.exe

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBaruninstallTB.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-06-22 to 2012-07-22 )))))))))))))))))))))))))))))))

.

.

2012-07-22 21:13 . 2012-07-22 21:13 -------- d-----w- c:userspostgresAppDataLocaltemp

2012-07-22 21:13 . 2012-07-22 21:13 -------- d-----w- c:usersGuestAppDataLocaltemp

2012-07-22 21:13 . 2012-07-22 21:13 -------- d-----w- c:usersDefaultAppDataLocaltemp

2012-07-22 17:20 . 2012-07-22 17:20 69000 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{767E16FB-C0EF-4D73-B8F4-B328D0E912FC}offreg.dll

2012-07-22 16:43 . 2012-07-22 16:43 -------- d-----w- C:_OTL

2012-07-21 11:30 . 2012-06-29 10:04 9133488 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{767E16FB-C0EF-4D73-B8F4-B328D0E912FC}mpengine.dll

2012-07-16 16:59 . 2012-05-04 11:00 366592 ----a-w- c:windowssystem32qdvd.dll

2012-07-16 16:59 . 2012-05-04 09:59 514560 ----a-w- c:windowsSysWow64qdvd.dll

2012-07-16 16:45 . 2012-07-16 16:45 -------- d-----w- c:usersUSERAppDataLocaladaware

2012-07-16 16:45 . 2012-07-19 12:19 -------- d-----w- c:programdataAd-Aware Browsing Protection

2012-07-16 16:44 . 2011-12-19 03:44 60536 ----a-w- c:windowssystem32driverssbhips.sys

2012-07-16 16:44 . 2011-09-29 03:16 119416 ----a-w- c:windowssystem32driversSbFwIm.sys

2012-07-16 16:44 . 2011-12-19 03:44 256632 ----a-w- c:windowssystem32driversSbFw.sys

2012-07-16 16:44 . 2011-12-19 04:21 45936 ----a-w- c:windowssystem32sbbd.exe

2012-07-16 16:44 . 2011-10-26 05:23 57976 ----a-w- c:windowssystem32driverssbredrv.sys

2012-07-16 16:44 . 2012-07-16 16:44 -------- d-----w- c:programdataLavasoft

2012-07-16 16:44 . 2012-07-16 19:07 -------- d-----w- c:program files (x86)Ad-Aware Antivirus

2012-07-16 16:42 . 2012-07-17 15:47 -------- d-----w- c:usersUSERAppDataRoamingAd-Aware Antivirus

2012-07-16 16:20 . 2012-07-16 16:45 -------- d-----w- c:programdataSpybot - Search & Destroy

2012-07-16 16:20 . 2012-07-16 16:43 -------- d-----w- c:program files (x86)Spybot - Search & Destroy

2012-07-16 15:13 . 2012-07-16 15:58 -------- d-----w- c:program files (x86)GRETECH

2012-07-16 15:05 . 2012-07-16 15:05 -------- d-----w- c:program files (x86)UltraUCC

2012-07-11 14:39 . 2012-06-12 03:08 3148800 ----a-w- c:windowssystem32win32k.sys

2012-07-11 09:49 . 2012-07-11 09:49 40848 ----a-w- c:windowsSysWow64driversscskusbs.sys

2012-07-11 09:49 . 2012-07-11 09:49 18832 ----a-w- c:windowsSysWow64driversscskusbf.sys

2012-07-11 02:17 . 2012-06-06 06:05 1499136 ----a-w- c:program filesCommon FilesSystemadomsado15.dll

2012-07-11 02:17 . 2012-06-06 05:05 1019904 ----a-w- c:program files (x86)Common FilesSystemadomsado15.dll

2012-07-11 02:17 . 2012-06-06 06:05 495616 ----a-w- c:program filesCommon FilesSystemadomsadox.dll

2012-07-11 02:17 . 2012-06-06 06:05 466944 ----a-w- c:program filesCommon FilesSystemadomsadomd.dll

2012-07-11 02:17 . 2012-06-06 06:05 258048 ----a-w- c:program filesCommon FilesSystemmsadcmsadco.dll

2012-07-11 02:17 . 2012-06-06 05:03 805376 ----a-w- c:windowsSysWow64cdosys.dll

2012-07-11 02:17 . 2012-06-06 06:05 61440 ----a-w- c:program filesCommon FilesSystemadomsador15.dll

2012-07-11 02:17 . 2012-06-06 05:05 143360 ----a-w- c:program files (x86)Common FilesSystemadomsjro.dll

2012-07-11 02:17 . 2012-06-06 05:05 372736 ----a-w- c:program files (x86)Common FilesSystemadomsadox.dll

2012-07-11 02:17 . 2012-06-06 05:05 57344 ----a-w- c:program files (x86)Common FilesSystemadomsador15.dll

2012-07-11 02:17 . 2012-06-06 05:05 352256 ----a-w- c:program files (x86)Common FilesSystemadomsadomd.dll

2012-07-11 02:17 . 2012-06-06 05:05 212992 ----a-w- c:program files (x86)Common FilesSystemmsadcmsadco.dll

2012-07-11 02:17 . 2012-06-06 06:02 1133568 ----a-w- c:windowssystem32cdosys.dll

2012-07-03 03:32 . 2012-07-03 03:32 -------- d-----w- c:program files (x86)Common FilesJava

2012-07-02 17:26 . 2012-07-02 17:26 -------- d-----w- c:program files (x86)Oracle

2012-07-02 17:26 . 2012-05-05 02:29 772504 ----a-w- c:windowsSysWow64npDeployJava1.dll

2012-07-02 09:40 . 2012-07-02 09:40 -------- d-----w- c:program filesiPod

2012-07-02 09:40 . 2012-07-02 09:41 -------- d-----w- c:program filesiTunes

2012-07-02 09:40 . 2012-07-02 09:41 -------- d-----w- c:program files (x86)iTunes

2012-07-01 00:12 . 2012-07-01 00:12 770384 ----a-w- c:program files (x86)Mozilla Firefoxmsvcr100.dll

2012-07-01 00:12 . 2012-07-01 00:12 421200 ----a-w- c:program files (x86)Mozilla Firefoxmsvcp100.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-07-22 17:07 . 2012-04-08 01:51 426184 ----a-w- c:windowsSysWow64FlashPlayerApp.exe

2012-07-22 17:07 . 2011-05-15 05:32 70344 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl

2012-07-11 14:36 . 2011-02-06 23:37 59701280 ----a-w- c:windowssystem32MRT.exe

2012-07-11 09:49 . 2011-04-21 14:41 373640 ----a-w- c:windowsSysWow64SCSKUSB64Restarter.exe

2012-07-11 09:49 . 2012-05-31 07:13 49032 ----a-w- c:windowsSysWow64driversSCSK5.sys

2012-06-02 22:19 . 2012-06-22 02:38 38424 ----a-w- c:windowssystem32wups.dll

2012-06-02 22:19 . 2012-06-22 02:38 2428952 ----a-w- c:windowssystem32wuaueng.dll

2012-06-02 22:19 . 2012-06-22 02:38 57880 ----a-w- c:windowssystem32wuauclt.exe

2012-06-02 22:19 . 2012-06-22 02:38 44056 ----a-w- c:windowssystem32wups2.dll

2012-06-02 22:19 . 2012-06-22 02:38 186752 ----a-w- c:windowssystem32wuwebv.dll

2012-06-02 22:19 . 2012-06-22 02:38 701976 ----a-w- c:windowssystem32wuapi.dll

2012-06-02 22:15 . 2012-06-22 02:38 2622464 ----a-w- c:windowssystem32wucltux.dll

2012-06-02 22:15 . 2012-06-22 02:38 36864 ----a-w- c:windowssystem32wuapp.exe

2012-06-02 22:15 . 2012-06-22 02:38 99840 ----a-w- c:windowssystem32wudriver.dll

2012-05-31 07:09 . 2010-12-29 01:02 241648 ----a-w- c:windowsSysWow64npEfdsWCtrl.dll

2012-05-31 04:25 . 2011-02-05 18:52 279656 ------w- c:windowssystem32MpSigStub.exe

2012-05-21 05:22 . 2012-05-21 05:22 427920 ----a-w- c:windowsSysWow64DaumFDL.exe

2012-05-18 02:14 . 2012-05-18 02:14 386960 ----a-w- c:windowsSysWow64DaumFile.ocx

2012-05-05 02:29 . 2011-02-07 07:43 687504 ----a-w- c:windowsSysWow64deployJava1.dll

2012-05-04 11:06 . 2012-06-13 17:26 5559664 ----a-w- c:windowssystem32ntoskrnl.exe

2012-05-04 10:03 . 2012-06-13 17:26 3968368 ----a-w- c:windowsSysWow64ntkrnlpa.exe

2012-05-04 10:03 . 2012-06-13 17:26 3913072 ----a-w- c:windowsSysWow64ntoskrnl.exe

2012-05-01 05:40 . 2012-06-13 17:26 209920 ----a-w- c:windowssystem32profsvc.dll

2012-04-28 03:55 . 2012-06-13 17:25 210944 ----a-w- c:windowssystem32driversrdpwd.sys

2012-04-26 05:41 . 2012-06-13 17:26 77312 ----a-w- c:windowssystem32rdpwsx.dll

2012-04-26 05:41 . 2012-06-13 17:26 149504 ----a-w- c:windowssystem32rdpcorekmts.dll

2012-04-26 05:34 . 2012-06-13 17:26 9216 ----a-w- c:windowssystem32rdrmemptylst.exe

2012-04-24 05:37 . 2012-06-13 17:25 184320 ----a-w- c:windowssystem32cryptsvc.dll

2012-04-24 05:37 . 2012-06-13 17:25 140288 ----a-w- c:windowssystem32cryptnet.dll

2012-04-24 05:37 . 2012-06-13 17:25 1462272 ----a-w- c:windowssystem32crypt32.dll

2012-04-24 04:36 . 2012-06-13 17:25 140288 ----a-w- c:windowsSysWow64cryptsvc.dll

2012-04-24 04:36 . 2012-06-13 17:25 1158656 ----a-w- c:windowsSysWow64crypt32.dll

2012-04-24 04:36 . 2012-06-13 17:25 103936 ----a-w- c:windowsSysWow64cryptnet.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOTCLSID{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:usersUSERAppDataRoamingDropboxbinDropboxExt.14.dll

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOTCLSID{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:usersUSERAppDataRoamingDropboxbinDropboxExt.14.dll

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOTCLSID{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:usersUSERAppDataRoamingDropboxbinDropboxExt.14.dll

.

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]

"Skype"="c:program files (x86)SkypePhoneSkype.exe" [2012-06-08 17425072]

"MobileDocuments"="c:program files (x86)Common FilesAppleInternet Servicesubd.exe" [2012-02-23 59240]

"Game Fire"="c:program files (x86)Smart PC UtilitiesGame FireGFTray.exe" [2011-12-02 44032]

"SpybotSD TeaTimer"="c:program files (x86)Spybot - Search & DestroyTeaTimer.exe" [2009-03-05 2260480]

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun]

"IAStorIcon"="c:program files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe" [2010-06-08 284696]

"Adobe Reader Speed Launcher"="c:program files (x86)AdobeReader 9.0ReaderReader_sl.exe" [2009-02-27 35696]

"StartCCC"="c:program files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" [2011-01-05 336384]

"APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2012-05-31 59280]

"SwitchBoard"="c:program files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe" [2010-02-19 517096]

"AdobeCS5.5ServiceManager"="c:program files (x86)Common FilesAdobeCS5.5ServiceManagerCS5.5ServiceManager.exe" [2011-01-11 1523360]

"QuickTime Task"="c:program files (x86)QuickTimeQTTask.exe" [2012-04-19 421888]

"iTunesHelper"="c:program files (x86)iTunesiTunesHelper.exe" [2012-06-08 421776]

"SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava Updatejusched.exe" [2012-01-17 252296]

.

c:usersGuestAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup

Dell Dock First Run.lnk - c:program filesDellDellDockDellDock.exe [N/A]

.

c:usersUSERAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup

Dropbox.lnk - c:usersUSERAppDataRoamingDropboxbinDropbox.exe [2012-5-25 27112840]

.

c:programdataMicrosoftWindowsStart MenuProgramsStartup

Bluetooth.lnk - c:program filesWIDCOMMBluetooth SoftwareBTTray.exe [2009-12-30 1082656]

.

c:usersDefault UserAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup

Dell Dock First Run.lnk - c:program filesDellDellDockDellDock.exe [N/A]

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32]

"mixer9"=wdmaud.drv

.

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrollsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMCODS]

@=""

.

R0 sptd;sptd;c:windowsSystem32Driverssptd.sys [2011-08-15 867064]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576]

R2 DockLoginService;Dock Login Service;c:program filesDellDellDockDockLogin.exe [x]

R2 gupdate;Google Update Service (gupdate);c:program files (x86)GoogleUpdateGoogleUpdate.exe [2011-02-05 136176]

R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe [2012-06-08 160944]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-07-22 250056]

R3 gupdatem;Google Update Service (gupdatem);c:program files (x86)GoogleUpdateGoogleUpdate.exe [2011-02-05 136176]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:program files (x86)Mozilla Maintenance Servicemaintenanceservice.exe [2012-07-01 113120]

R3 NMgamingmsFltr;USB Optical Mouse;c:windowssystem32driversNMgamingms.sys [2009-07-23 11264]

R3 NPIDS;NPIDS;c:windowssystem32NpIdsVt64.sys [2010-09-07 54880]

R3 osppsvc;Office Software Protection Platform;c:program filesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE [2010-01-10 4925184]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:windowssystem32DriversRtsUStor.sys [2010-03-17 232480]

R3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys [2010-03-17 325152]

R3 scsk5;SCSK5 Driver Service;syswow64driversscsk5.sys [x]

R3 scskusbf;USB SCSK Filter Driver Service;syswow64driversscskusbf.sys [x]

R3 scskusbs;USB SCSK Driver Service;syswow64driversscskusbs.sys [x]

R3 SwitchBoard;Adobe SwitchBoard;c:program files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe [2010-02-19 517096]

R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [2010-11-20 59392]

R3 TurboBoost;TurboBoost;c:program filesIntelTurboBoostTurboBoost.exe [2009-11-02 126352]

R3 USBAAPL64;Apple Mobile USB Driver;c:windowssystem32Driversusbaapl64.sys [2012-02-15 52736]

R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2011-02-06 1255736]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:windowssystem32DRIVERSyk62x64.sys [2009-06-10 389120]

S0 PxHlpa64;PxHlpa64;c:windowsSystem32DriversPxHlpa64.sys [2010-07-12 558

Share this post


Link to post
Share on other sites

Nope. Not at this point anyway. Windows Defender doesn't really interfere like the Anti-virus's and SpyBot do.

 

That log is incomplete. Could you please look for C:ComboFix.txt and post the whole thing.

Share this post


Link to post
Share on other sites

ComboFix 12-07-21.01 - USER 07/23/2012 5:59.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6007.4095 [GMT 9:00]

Running from: c:usersUSERDesktopComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Lavasoft Ad-Aware *Disabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}

FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Lavasoft Ad-Aware *Disabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:program files (x86)Windows Searchqu Toolbar

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBaras_guid.dat

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentbandoocode.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentdatasearchengines.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentdatasearchsearch.xsl

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibabout.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibbandoocode.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibdtxpanel.xul

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibdtxpaneltransparent.xul

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibdtxpanelwin.xul

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibdtxprefwin.xul

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibdtxtransparentwin.xul

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibdtxwin.xul

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibemailnotifierproviders.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibexternal.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibimeshcode.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibneterror.xhtml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibvmncode.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentlibwmpstreamer.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentmodulesdatastore.jsm

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentmodulesnsDragAndDrop.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentneterror.xhtml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentpartner.coupons.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentpreferences.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentradiobeta.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontenttemplate.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontenttoolbar.htm

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontenttoolbar.xul

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentvmncode.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentvmnrsswin.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentwidgetsnet.vmn.www.PPCBullytb_icon.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentwidgetsnet.vmn.www.PPCBullywidget.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentwidgetsnet.vmn.www.PPCBullywidget.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromecontentwidgetsnet.vmn.www.PPCBullywidget_version

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinbabylon_logo.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinbandoo.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinbluelite.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinbluesky.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinbtn-search-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinbtn-search.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinbtn-settings-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinbtn-settings.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinbtn-widgets-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinbtn-widgets.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinbtn_settings.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinca.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskindictionary.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskindivider.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskindownloadcom.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskindtxlogo.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinebay.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinemail.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinemail_on.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinfacebook.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingames.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphred0.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphred0_5.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphred1.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphred1_5.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphred2.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphred2_5.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphred3.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphred3_5.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphred4.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphred4_5.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphred5.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingraphredna.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskingrey.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinico-shield.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinicon_radio_png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinicon_seperator_png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinicon_twitter.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinicon_youtube.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinimages.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinimesh.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibadd.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibaol.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibarrow-dn.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibarrow-right-disabled.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibarrow-right.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibarrow-up.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbg-btn-divider.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbg-btn-end.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbg-btn-mdl.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbg-btn-mdl_ff.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbg-btn-start.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbg-btnover-divider.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbg-btnover-end.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbg-btnover-mdl.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbg-btnover-mdl_ff.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbg-btnover-start.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibblank.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbtn-widgets-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbtn-widgets.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbtn_slider.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbtnback-down-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbtnback-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbtnleft-down-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbtnleft-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbtnright-down-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbtnright-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbutton-splitter-down-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibbutton-splitter-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibcheckmark.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibchevron.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibcollapse.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibcomcast.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibdtx.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibedit-back-hot.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibedit-back.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibexpand.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibfound.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibgmail.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibhighlight.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibhighlight_blue.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibhighlight_cyan.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibhighlight_lime.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibhighlight_magenta.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibhighlight_yellow.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibhotmail.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibico-check.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibimap.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinliblastsearch-thumb-back.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibloadingMid.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinliblock.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinliblogo-separator.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmailcom.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmenu_bg-basic.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmenu_separator_bar.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmenu_separator_white.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmenuitem-splitter.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmenuitemback-down-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmenuitemback-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmenuitemleft-down-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmenuitemleft-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmenuitemright-down-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmenuitemright-vista.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmodify.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmove.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibmovetarget.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelscsspanels.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelscsspopupAbout.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelscsspopupGames.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelscsspopupRSS.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelscsspopupWidgets.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultcssdialog.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagesbg.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagesbtn-search.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagesbtn-wide-close-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagesbtn-wide-close.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagesdefault.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagestab-off-l.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagestab-off-r.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagestab-on-l.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagestab-on-r.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagestransparent.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagesttlbar-left.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagesttlbar-mdl.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimagesttlbar-right.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimageswin-btm-left.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimageswin-btm-mdl.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimageswin-btm-right-resize.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimageswin-btm-right.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimageswin-left.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultimageswin-right.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultmain.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsdefaultscriptsdefscript.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsfooter.htm

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsgamecategory.xsl

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsgameData.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsgameList.xsl

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsgames.xsl

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsgametype.xsl

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesarrow-dn.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesarrow-sml-drop.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesarrow-sml.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesarrow-up.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesarrowr-bluew5.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbg-aboutbox.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbg-btnover.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbg-pnl520x390.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-addtoolbar-left-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-addtoolbar-left.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-addtoolbar-right.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-back.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-close-grey.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-close-greyover.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-drag.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-mdl-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-mdl.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-moredetails.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-next-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-next.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-play-left-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-play-left.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-previous-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-previous.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-right-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-search-pnlbtm-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-search-pnlbtm.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-try-left-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbtn-try-left.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesbullet-orange.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesgamethumb-on.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesgamethumb2-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesico-calendar.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesico-dollar.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesico-download.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesico-joystick24.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesico-news24.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesico-play.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesico-tags.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesicon-Add.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesicon-download.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesicon-Info.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesicon-play.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesicon-shop.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesmenul-bgon.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesmenul-bgover.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagespanel-botm-noscroll.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesscroll-bg-206.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesscroll-bg.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesscroll-topwin.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesscrollb-disable.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesscrollb-down.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesscrollb-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesscrollb.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesscrollt-disable.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesscrollt-down.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesscrollt-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesscrollt.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagessearchbox-pnlbtm.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesstar_x_grey.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesstar_x_orange.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesTRUSTe_about.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesview-detailed-on.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesview-detailed-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesview-thumb-on.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimagesview-thumb-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimageswidgets-square-16px.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimageswidgets-square-24px.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsimageswidgets.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsinitHTML.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelspopupGames.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelspopupHTML.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelspopupRSS.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelspopupWidgets.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpanelsscroll.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibpop.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradio.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradiocssmanager.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradiocssslider.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesbg-pnl.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesbtn-close-grey.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesbtn-close-greyover.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagescollapsed_button.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesexpanded_button.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesico-playstation-down.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesico-playstation-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesico-playstation.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesico-radio.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesmusic-note.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-btn-pause-on.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-btn-pause.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-btn-play-on.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-btn-play.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-eq-bg.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-eq-buffer.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-eq-busy.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-eq-off.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-eq-on.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-eq-warning.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-options-design-on.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-options-design.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-options-on.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-options.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-volume-0.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-volume-1.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-volume-2.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-volume-3.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesradio-volume-mute.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesscrollbar-handle.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesscrollbar-track.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesslider.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagesslideron.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradioimagestrack.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradiomanagerpanel.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradiovolumeslider.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradiobeta-buffering.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradiobeta-connecting.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradiobeta-playing.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradiobeta-stopped.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibradiobeta.ico

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibreload.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibremove.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibrename.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibresize-box.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibrss.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibrsschannelback.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibRSSLogo.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibrsstabdivider.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibscroll-left.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibscroll-right.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibsearch-go.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibsearch.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibtext-ellipsis.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibthrobber.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibtoolbarsplitter.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibtransparent_1px.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_02.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_03.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_04.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_06.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_07.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_08.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_09.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_10.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_11.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_12.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_13.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_14.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_15.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_16.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_18.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_19.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_20.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaborder_21.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwabtn-close-grey.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwabtn-close-greyover.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaclose-hot.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaclose-normal.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaloadingMid.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwaproxy.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwatemplate.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwatemplate.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwatemplateFF.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibuwathrobber.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttoniconscond999.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttoniconsicons.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttoniconsna-s.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttoniconsna-t.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttoniconsna.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesadd.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesarrowr-bluew5.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbg-pnl.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbg-pnl520x350.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbg-pnl520x350blue-whitebg.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbg-pnl520x350blue.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbox-check.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbox-uncheck.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbtn-close-grey.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbtn-close-greyover.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbtn-delete.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbtn-search-pnlbtm-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbtn-search-pnlbtm.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbtnarrow-next-off.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbtnarrow-next.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbtnarrow-previous-off.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesbtnarrow-previous.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesico-check.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesico-hotandhumid-s.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesico-hotandhumid.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesoptions-weather.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesover-blue.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesover-orange.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagespowered-by-weatherbug.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagespowered-by-weatherbug2.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesradio-checked.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesradio-unchecked.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagessearchbox-pnlbtm.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelsimagesweather-contour.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelspopupWeather.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibweatherbuttonpanelspopupWeather.html

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlibyahoo.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlichen.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlogo-about.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlogo-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlogo-separator.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinlogo.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinmail.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinmaps.bmp

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinmenuseparatorback.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinmodify-save.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinmodify.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinmodifyhot.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinmusic.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinnews.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinoptionsoptions-main.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinoptionsoptions-search.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinoptionsoptions-weather.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinoptionsoptions-weather.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinoptionsoptions-widgets.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinorange.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinpixsy.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinprotect-id.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinradiobeta-buffering.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinradiobeta-connecting.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinradiobeta-playing.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinradiobeta-stopped.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinradiobeta.ico

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrelatedlinks.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrss-collapse.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrss-delete.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrss-expand.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrss-feed.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrss-folder-remove.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrss-folder-rename.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrss-folder.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrss-found.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrss-reload.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrss-subscribe.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrss.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrssback.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinrsstopback.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinsearch-over.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinsearch.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinsearch_button_over_png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinsearch_button_png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinsearchbarsearchbar-background-left.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinsearchbarsearchbar-background-middle.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinsearchbarsearchbar-background-right.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinsettings.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinshopping.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinsiteinfo.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinskin-bluelite.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinskin-bluesky.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinskin-grey.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinskin-lichen.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinskin-orange.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinskin-yellow.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinskin.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskintechnorati.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinthrobber.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskintoolbarsplitter.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskintranslate.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinvideo.bmp

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinvmn.css

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinvmn.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinweather.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinweb.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinwidgets-square-16px.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinwikipedia.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinyahoosearch.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinyellow.gif

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinyoutube.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarchromeskinzoom.png

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarcomponentswindowmediator.js

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBardtUser.exe

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarmanifest.xml

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBarsearchquband.dll

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBaruninstall.exe

c:program files (x86)Windows Searchqu ToolbarDatamngrToolBaruninstallTB.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-06-22 to 2012-07-22 )))))))))))))))))))))))))))))))

.

.

2012-07-22 21:13 . 2012-07-22 21:13 -------- d-----w- c:userspostgresAppDataLocaltemp

2012-07-22 21:13 . 2012-07-22 21:13 -------- d-----w- c:usersGuestAppDataLocaltemp

2012-07-22 21:13 . 2012-07-22 21:13 -------- d-----w- c:usersDefaultAppDataLocaltemp

2012-07-22 17:20 . 2012-07-22 17:20 69000 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{767E16FB-C0EF-4D73-B8F4-B328D0E912FC}offreg.dll

2012-07-22 16:43 . 2012-07-22 16:43 -------- d-----w- C:_OTL

2012-07-21 11:30 . 2012-06-29 10:04 9133488 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{767E16FB-C0EF-4D73-B8F4-B328D0E912FC}mpengine.dll

2012-07-16 16:59 . 2012-05-04 11:00 366592 ----a-w- c:windowssystem32qdvd.dll

2012-07-16 16:59 . 2012-05-04 09:59 514560 ----a-w- c:windowsSysWow64qdvd.dll

2012-07-16 16:45 . 2012-07-16 16:45 -------- d-----w- c:usersUSERAppDataLocaladaware

2012-07-16 16:45 . 2012-07-19 12:19 -------- d-----w- c:programdataAd-Aware Browsing Protection

2012-07-16 16:44 . 2011-12-19 03:44 60536 ----a-w- c:windowssystem32driverssbhips.sys

2012-07-16 16:44 . 2011-09-29 03:16 119416 ----a-w- c:windowssystem32driversSbFwIm.sys

2012-07-16 16:44 . 2011-12-19 03:44 256632 ----a-w- c:windowssystem32driversSbFw.sys

2012-07-16 16:44 . 2011-12-19 04:21 45936 ----a-w- c:windowssystem32sbbd.exe

2012-07-16 16:44 . 2011-10-26 05:23 57976 ----a-w- c:windowssystem32driverssbredrv.sys

2012-07-16 16:44 . 2012-07-16 16:44 -------- d-----w- c:programdataLavasoft

2012-07-16 16:44 . 2012-07-16 19:07 -------- d-----w- c:program files (x86)Ad-Aware Antivirus

2012-07-16 16:42 . 2012-07-17 15:47 -------- d-----w- c:usersUSERAppDataRoamingAd-Aware Antivirus

2012-07-16 16:20 . 2012-07-16 16:45 -------- d-----w- c:programdataSpybot - Search & Destroy

2012-07-16 16:20 . 2012-07-16 16:43 -------- d-----w- c:program files (x86)Spybot - Search & Destroy

2012-07-16 15:13 . 2012-07-16 15:58 -------- d-----w- c:program files (x86)GRETECH

2012-07-16 15:05 . 2012-07-16 15:05 -------- d-----w- c:program files (x86)UltraUCC

2012-07-11 14:39 . 2012-06-12 03:08 3148800 ----a-w- c:windowssystem32win32k.sys

2012-07-11 09:49 . 2012-07-11 09:49 40848 ----a-w- c:windowsSysWow64driversscskusbs.sys

2012-07-11 09:49 . 2012-07-11 09:49 18832 ----a-w- c:windowsSysWow64driversscskusbf.sys

2012-07-11 02:17 . 2012-06-06 06:05 1499136 ----a-w- c:program filesCommon FilesSystemadomsado15.dll

2012-07-11 02:17 . 2012-06-06 05:05 1019904 ----a-w- c:program files (x86)Common FilesSystemadomsado15.dll

2012-07-11 02:17 . 2012-06-06 06:05 495616 ----a-w- c:program filesCommon FilesSystemadomsadox.dll

2012-07-11 02:17 . 2012-06-06 06:05 466944 ----a-w- c:program filesCommon FilesSystemadomsadomd.dll

2012-07-11 02:17 . 2012-06-06 06:05 258048 ----a-w- c:program filesCommon FilesSystemmsadcmsadco.dll

2012-07-11 02:17 . 2012-06-06 05:03 805376 ----a-w- c:windowsSysWow64cdosys.dll

2012-07-11 02:17 . 2012-06-06 06:05 61440 ----a-w- c:program filesCommon FilesSystemadomsador15.dll

2012-07-11 02:17 . 2012-06-06 05:05 143360 ----a-w- c:program files (x86)Common FilesSystemadomsjro.dll

2012-07-11 02:17 . 2012-06-06 05:05 372736 ----a-w- c:program files (x86)Common FilesSystemadomsadox.dll

2012-07-11 02:17 . 2012-06-06 05:05 57344 ----a-w- c:program files (x86)Common FilesSystemadomsador15.dll

2012-07-11 02:17 . 2012-06-06 05:05 352256 ----a-w- c:program files (x86)Common FilesSystemadomsadomd.dll

2012-07-11 02:17 . 2012-06-06 05:05 212992 ----a-w- c:program files (x86)Common FilesSystemmsadcmsadco.dll

2012-07-11 02:17 . 2012-06-06 06:02 1133568 ----a-w- c:windowssystem32cdosys.dll

2012-07-03 03:32 . 2012-07-03 03:32 -------- d-----w- c:program files (x86)Common FilesJava

2012-07-02 17:26 . 2012-07-02 17:26 -------- d-----w- c:program files (x86)Oracle

2012-07-02 17:26 . 2012-05-05 02:29 772504 ----a-w- c:windowsSysWow64npDeployJava1.dll

2012-07-02 09:40 . 2012-07-02 09:40 -------- d-----w- c:program filesiPod

2012-07-02 09:40 . 2012-07-02 09:41 -------- d-----w- c:program filesiTunes

2012-07-02 09:40 . 2012-07-02 09:41 -------- d-----w- c:program files (x86)iTunes

2012-07-01 00:12 . 2012-07-01 00:12 770384 ----a-w- c:program files (x86)Mozilla Firefoxmsvcr100.dll

2012-07-01 00:12 . 2012-07-01 00:12 421200 ----a-w- c:program files (x86)Mozilla Firefoxmsvcp100.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-07-22 17:07 . 2012-04-08 01:51 426184 ----a-w- c:windowsSysWow64FlashPlayerApp.exe

2012-07-22 17:07 . 2011-05-15 05:32 70344 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl

2012-07-11 14:36 . 2011-02-06 23:37 59701280 ----a-w- c:windowssystem32MRT.exe

2012-07-11 09:49 . 2011-04-21 14:41 373640 ----a-w- c:windowsSysWow64SCSKUSB64Restarter.exe

2012-07-11 09:49 . 2012-05-31 07:13 49032 ----a-w- c:windowsSysWow64driversSCSK5.sys

2012-06-02 22:19 . 2012-06-22 02:38 38424 ----a-w- c:windowssystem32wups.dll

2012-06-02 22:19 . 2012-06-22 02:38 2428952 ----a-w- c:windowssystem32wuaueng.dll

2012-06-02 22:19 . 2012-06-22 02:38 57880 ----a-w- c:windowssystem32wuauclt.exe

2012-06-02 22:19 . 2012-06-22 02:38 44056 ----a-w- c:windowssystem32wups2.dll

2012-06-02 22:19 . 2012-06-22 02:38 186752 ----a-w- c:windowssystem32wuwebv.dll

2012-06-02 22:19 . 2012-06-22 02:38 701976 ----a-w- c:windowssystem32wuapi.dll

2012-06-02 22:15 . 2012-06-22 02:38 2622464 ----a-w- c:windowssystem32wucltux.dll

2012-06-02 22:15 . 2012-06-22 02:38 36864 ----a-w- c:windowssystem32wuapp.exe

2012-06-02 22:15 . 2012-06-22 02:38 99840 ----a-w- c:windowssystem32wudriver.dll

2012-05-31 07:09 . 2010-12-29 01:02 241648 ----a-w- c:windowsSysWow64npEfdsWCtrl.dll

2012-05-31 04:25 . 2011-02-05 18:52 279656 ------w- c:windowssystem32MpSigStub.exe

2012-05-21 05:22 . 2012-05-21 05:22 427920 ----a-w- c:windowsSysWow64DaumFDL.exe

2012-05-18 02:14 . 2012-05-18 02:14 386960 ----a-w- c:windowsSysWow64DaumFile.ocx

2012-05-05 02:29 . 2011-02-07 07:43 687504 ----a-w- c:windowsSysWow64deployJava1.dll

2012-05-04 11:06 . 2012-06-13 17:26 5559664 ----a-w- c:windowssystem32ntoskrnl.exe

2012-05-04 10:03 . 2012-06-13 17:26 3968368 ----a-w- c:windowsSysWow64ntkrnlpa.exe

2012-05-04 10:03 . 2012-06-13 17:26 3913072 ----a-w- c:windowsSysWow64ntoskrnl.exe

2012-05-01 05:40 . 2012-06-13 17:26 209920 ----a-w- c:windowssystem32profsvc.dll

2012-04-28 03:55 . 2012-06-13 17:25 210944 ----a-w- c:windowssystem32driversrdpwd.sys

2012-04-26 05:41 . 2012-06-13 17:26 77312 ----a-w- c:windowssystem32rdpwsx.dll

2012-04-26 05:41 . 2012-06-13 17:26 149504 ----a-w- c:windowssystem32rdpcorekmts.dll

2012-04-26 05:34 . 2012-06-13 17:26 9216 ----a-w- c:windowssystem32rdrmemptylst.exe

2012-04-24 05:37 . 2012-06-13 17:25 184320 ----a-w- c:windowssystem32cryptsvc.dll

2012-04-24 05:37 . 2012-06-13 17:25 140288 ----a-w- c:windowssystem32cryptnet.dll

2012-04-24 05:37 . 2012-06-13 17:25 1462272 ----a-w- c:windowssystem32crypt32.dll

2012-04-24 04:36 . 2012-06-13 17:25 140288 ----a-w- c:windowsSysWow64cryptsvc.dll

2012-04-24 04:36 . 2012-06-13 17:25 1158656 ----a-w- c:windowsSysWow64crypt32.dll

2012-04-24 04:36 . 2012-06-13 17:25 103936 ----a-w- c:windowsSysWow64cryptnet.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOTCLSID{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:usersUSERAppDataRoamingDropboxbinDropboxExt.14.dll

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOTCLSID{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:usersUSERAppDataRoamingDropboxbinDropboxExt.14.dll

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOTCLSID{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:usersUSERAppDataRoamingDropboxbinDropboxExt.14.dll

.

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]

"Skype"="c:program files (x86)SkypePhoneSkype.exe" [2012-06-08 17425072]

"MobileDocuments"="c:program files (x86)Common FilesAppleInternet Servicesubd.exe" [2012-02-23 59240]

"Game Fire"="c:program files (x86)Smart PC UtilitiesGame FireGFTray.exe" [2011-12-02 44032]

"SpybotSD TeaTimer"="c:program files (x86)Spybot - Search & DestroyTeaTimer.exe" [2009-03-05 2260480]

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun]

"IAStorIcon"="c:program files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe" [2010-06-08 284696]

"Adobe Reader Speed Launcher"="c:program files (x86)AdobeReader 9.0ReaderReader_sl.exe" [2009-02-27 35696]

"StartCCC"="c:program files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" [2011-01-05 336384]

"APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2012-05-31 59280]

"SwitchBoard"="c:program files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe" [2010-02-19 517096]

"AdobeCS5.5ServiceManager"="c:program files (x86)Common FilesAdobeCS5.5ServiceManagerCS5.5ServiceManager.exe" [2011-01-11 1523360]

"QuickTime Task"="c:program files (x86)QuickTimeQTTask.exe" [2012-04-19 421888]

"iTunesHelper"="c:program files (x86)iTunesiTunesHelper.exe" [2012-06-08 421776]

"SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava Updatejusched.exe" [2012-01-17 252296]

.

c:usersGuestAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup

Dell Dock First Run.lnk - c:program filesDellDellDockDellDock.exe [N/A]

.

c:usersUSERAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup

Dropbox.lnk - c:usersUSERAppDataRoamingDropboxbinDropbox.exe [2012-5-25 27112840]

.

c:programdataMicrosoftWindowsStart MenuProgramsStartup

Bluetooth.lnk - c:program filesWIDCOMMBluetooth SoftwareBTTray.exe [2009-12-30 1082656]

.

c:usersDefault UserAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup

Dell Dock First Run.lnk - c:program filesDellDellDockDellDock.exe [N/A]

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32]

"mixer9"=wdmaud.drv

.

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrollsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMCODS]

@=""

.

R0 sptd;sptd;c:windowsSystem32Driverssptd.sys [2011-08-15 867064]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576]

R2 DockLoginService;Dock Login Service;c:program filesDellDellDockDockLogin.exe [x]

R2 gupdate;Google Update Service (gupdate);c:program files (x86)GoogleUpdateGoogleUpdate.exe [2011-02-05 136176]

R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe [2012-06-08 160944]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-07-22 250056]

R3 gupdatem;Google Update Service (gupdatem);c:program files (x86)GoogleUpdateGoogleUpdate.exe [2011-02-05 136176]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:program files (x86)Mozilla Maintenance Servicemaintenanceservice.exe [2012-07-01 113120]

R3 NMgamingmsFltr;USB Optical Mouse;c:windowssystem32driversNMgamingms.sys [2009-07-23 11264]

R3 NPIDS;NPIDS;c:windowssystem32NpIdsVt64.sys [2010-09-07 54880]

R3 osppsvc;Office Software Protection Platform;c:program filesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE [2010-01-10 4925184]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:windowssystem32DriversRtsUStor.sys [2010-03-17 232480]

R3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys [2010-03-17 325152]

R3 scsk5;SCSK5 Driver Service;syswow64driversscsk5.sys [x]

R3 scskusbf;USB SCSK Filter Driver Service;syswow64driversscskusbf.sys [x]

R3 scskusbs;USB SCSK Driver Service;syswow64driversscskusbs.sys [x]

R3 SwitchBoard;Adobe SwitchBoard;c:program files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe [2010-02-19 517096]

R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [2010-11-20 59392]

R3 TurboBoost;TurboBoost;c:program filesIntelTurboBoostTurboBoost.exe [2009-11-02 126352]

R3 USBAAPL64;Apple Mobile USB Driver;c:windowssystem32Driversusbaapl64.sys [2012-02-15 52736]

R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2011-02-06 1255736]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:windowssystem32DRIVERSyk62x64.sys [2009-06-10 389120]

S0 PxHlpa64;PxHlpa64;c:windowsSystem32DriversPxHlpa64.sys [2010-07-12 55856]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswS

Share this post


Link to post
Share on other sites

S1 aswSP;aswSP; [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:windowssystem32DRIVERSdtsoftbus01.sys [2011-12-30 279616]

S1 vwififlt;Virtual WiFi Filter Driver;c:windowssystem32DRIVERSvwififlt.sys [2009-07-14 59904]

S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:program files (x86)AdobeElements Organizer 8.0PhotoshopElementsFileAgent.exe [2009-09-18 169312]

S2 AESTFilters;Andrea ST Filters Service;c:program filesIDTWDMAESTSr64.exe [2009-03-03 89600]

S2 AMD External Events Utility;AMD External Events Utility;c:windowssystem32atiesrxx.exe [2011-01-05 203776]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [2012-03-07 69976]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:program files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe [2010-06-08 13336]

S2 pgsql-8.3;PostgreSQL Database Server 8.3;c:program files (x86)PostgreSQL8.3binpg_ctl.exe [2009-12-10 65536]

S2 TurboB;Turbo Boost UI Monitor driver;c:windowssystem32DRIVERSTurboB.sys [2009-11-02 13784]

S2 UNS;Intel® Management & Security Application User Notification Service;c:program files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2010-03-03 2320920]

S3 ALSysIO;ALSysIO;c:usersUSERAppDataLocalTempALSysIO64.sys [x]

S3 amdkmdag;amdkmdag;c:windowssystem32DRIVERSatikmdag.sys [2011-01-05 8283136]

S3 amdkmdap;amdkmdap;c:windowssystem32DRIVERSatikmpag.sys [2011-01-05 294400]

S3 BcmVWL;Broadcom Virtual Wireless;c:windowssystem32DRIVERSbcmvwl64.sys [2010-02-03 20984]

S3 btusbflt;Bluetooth USB Filter;c:windowssystem32driversbtusbflt.sys [2010-03-30 53800]

S3 btwl2cap;Bluetooth L2CAP Service;c:windowssystem32DRIVERSbtwl2cap.sys [2010-03-30 35104]

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:windowssystem32DRIVERSCtClsFlt.sys [2009-06-15 172704]

S3 HECIx64;Intel® Management Engine Interface;c:windowssystem32DRIVERSHECIx64.sys [2009-09-17 56344]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - ALSYSIO

.

Contents of the 'Scheduled Tasks' folder

.

2012-07-22 c:windowsTasksAdobe Flash Player Updater.job

- c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-04-08 17:07]

.

2012-07-22 c:windowsTasksGoogleUpdateTaskMachineCore1cd682df83ff923.job

- c:program files (x86)GoogleUpdateGoogleUpdate.exe [2011-03-17 18:26]

.

2012-07-22 c:windowsTasksGoogleUpdateTaskMachineUA1cd682df8b2e0e2.job

- c:program files (x86)GoogleUpdateGoogleUpdate.exe [2011-03-17 18:26]

.

2012-07-20 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-781000255-4049561891-2088489889-1000Core.job

- c:usersUSERAppDataLocalGoogleUpdateGoogleUpdate.exe [2011-02-05 18:26]

.

2012-07-20 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-781000255-4049561891-2088489889-1000UA.job

- c:usersUSERAppDataLocalGoogleUpdateGoogleUpdate.exe [2011-02-05 18:26]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOTCLSID{472083B0-C522-11CF-8763-00608CC02F24}]

2012-03-07 00:15 135408 ----a-w- c:program filesAlwil SoftwareAvast5ashShA64.dll

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOTCLSID{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:usersUSERAppDataRoamingDropboxbinDropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOTCLSID{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:usersUSERAppDataRoamingDropboxbinDropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOTCLSID{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:usersUSERAppDataRoamingDropboxbinDropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOTCLSID{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:usersUSERAppDataRoamingDropboxbinDropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

"QuickSet"="c:program filesDellQuickSetQuickSet.exe" [2010-01-06 3179288]

"SysTrayApp"="c:program filesIDTWDMsttray64.exe" [2010-06-18 487424]

"Broadcom Wireless Manager UI"="c:program filesDellDW WLAN CardWLTRAY.exe" [2010-02-03 5712896]

.

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]

"LoadAppInit_DLLs"=0x1

.

------- Supplementary Scan -------

.

uLocal Page = c:windowssystem32blank.htm

uStart Page =

mLocal Page = c:windowsSysWOW64blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:progra~2MIF5BA~1Office14EXCEL.EXE/3000

IE: Se&nd to OneNote - c:progra~2MIF5BA~1Office14ONBttnIE.dll/105

IE: Send image to &Bluetooth Device... - c:program filesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:program filesWIDCOMMBluetooth Softwarebtsendto_ie.htm

TCP: DhcpNameServer = 203.246.162.253 164.124.101.2

DPF: {286A75C3-11FB-4FB4-AC4A-4DD1B0750050} - hxxp://bkbcard.kbstar.com/initech/plugin/down/INIS60.cab

DPF: {7E9FDB80-5316-11D4-B02C-00C04F0CD404} - hxxp://download.softforum.co.kr/Published/XecureWeb/v7.2.5.0/xw_install.cab

DPF: {F939FEB8-9518-4A4A-BE60-D10FFB9557F2} - hxxp://download.kbstar.com/security/nprotect/netizenv55/npenkIEInstall5.cab

FF - ProfilePath - c:usersUSERAppDataRoamingMozillaFirefoxProfilesq865faf3.default

FF - prefs.js: browser.startup.homepage -

FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&appid=0&systemid=410&sr=0&q=

.

- - - - ORPHANS REMOVED - - - -

.

HKLM-Run-SynTPEnh - c:program files (x86)SynapticsSynTPSynTPEnh.exe

AddRemove-Adobe Shockwave Player - c:windowssystem32AdobeShockwave 11uninstaller.exe

AddRemove-Searchqu 410 MediaBar - c:program files (x86)Windows Searchqu ToolbarDatamngrToolBaruninstallTB.exe

AddRemove-SoftcampSCSK - c:windowssystem32UnSCSK.exe

AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:programdata{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}bm_installer.exe

AddRemove-{C73A3942-84C8-4597-9F9B-EE227DCBA758} - c:programdata{D19C2D22-6043-47E7-B400-83A351841204}delldock.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERSS-1-5-21-781000255-4049561891-2088489889-1000SoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.emlUserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERSS-1-5-21-781000255-4049561891-2088489889-1000SoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.vcfUserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_USERSS-1-5-21-781000255-4049561891-2088489889-1000SoftwareSecuROMLicense information*]

"datasecu"=hex:21,17,f5,25,45,a0,e2,d2,ad,3f,8d,98,57,c1,f3,f4,e9,5b,3e,a9,f9,

7d,09,4c,05,f2,74,76,6b,7b,0d,f8,53,c0,07,37,0c,71,4a,54,b6,8c,df,00,f0,50,

"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:WINDOWSSysWOW64MacromedFlashFlashUtil32_11_3_300_265_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}LocalServer32]

@="c:WINDOWSSysWOW64MacromedFlashFlashUtil32_11_3_300_265_ActiveX.exe"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32]

@="c:WINDOWSSysWOW64MacromedFlashFlash32_11_3_300_265.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]

@="c:WINDOWSSysWOW64MacromedFlashFlash32_11_3_300_265.ocx, 1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version]

@="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32]

@="c:WINDOWSSysWOW64MacromedFlashFlash32_11_3_300_265.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]

@="c:WINDOWSSysWOW64MacromedFlashFlash32_11_3_300_265.ocx, 1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version]

@="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftOfficeCommonSmart TagActions{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftSchema LibraryActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftSchema LibraryActionsPane30]

"Key"="ActionsPane3"

"Location"="c:Program Files (x86)Common FilesMicrosoft SharedVSTOActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity]

@Denied: (Full) (Everyone)

.

Completion time: 2012-07-23 06:16:26

ComboFix-quarantined-files.txt 2012-07-22 21:16

.

Pre-Run: 291,168,935,936 bytes free

Post-Run: 291,028,783,104 bytes free

.

- - End Of File - - 18924985E6EE0E726049027C888CABCD

Share this post


Link to post
Share on other sites

Good. That is complete now.

 

I used to reccomend Ad-Aware for most users. However, Lavasoft sold out to LuLu software - a company with a suspicous history. At this point I must reccomend that you remove Ad-Aware from your system. Besides, it now contains an AV component that could interfere with your Avast Anti-virus.

 

COMBOFIX-Script

  • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:

     

    File::
    c:windowsSysWow64DaumFDL.exe
    c:windowsSysWow64DaumFile.ocx
    
    FireFox::
    FF - ProfilePath - c:usersUSERAppDataRoamingMozillaFirefoxProfilesq865faf3.default
    FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&appid=0&systemid=410&sr=0&q=
    
  • Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.

     

    Posted Image

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.
CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

Share this post


Link to post
Share on other sites

ComboFix 12-07-24.01 - USER 07/24/2012 8:56.2.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6007.4378 [GMT 9:00]

Running from: c:usersUSERDesktopComboFix.exe

Command switches used :: c:usersUSERDesktopCFScript.txt

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Lavasoft Ad-Aware *Disabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}

FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Lavasoft Ad-Aware *Disabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

FILE ::

"c:windowsSysWow64DaumFDL.exe"

"c:windowsSysWow64DaumFile.ocx"

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:windowsSysWow64DaumFDL.exe

c:windowsSysWow64DaumFile.ocx

.

.

((((((((((((((((((((((((( Files Created from 2012-06-24 to 2012-07-24 )))))))))))))))))))))))))))))))

.

.

2012-07-24 00:09 . 2012-07-24 00:09 -------- d-----w- c:userspostgresAppDataLocaltemp

2012-07-24 00:09 . 2012-07-24 00:09 -------- d-----w- c:usersGuestAppDataLocaltemp

2012-07-24 00:09 . 2012-07-24 00:09 -------- d-----w- c:usersDefaultAppDataLocaltemp

2012-07-23 16:58 . 2012-07-23 16:58 69000 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{767E16FB-C0EF-4D73-B8F4-B328D0E912FC}offreg.dll

2012-07-22 16:43 . 2012-07-22 16:43 -------- d-----w- C:_OTL

2012-07-21 11:30 . 2012-06-29 10:04 9133488 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{767E16FB-C0EF-4D73-B8F4-B328D0E912FC}mpengine.dll

2012-07-16 16:59 . 2012-05-04 11:00 366592 ----a-w- c:windowssystem32qdvd.dll

2012-07-16 16:59 . 2012-05-04 09:59 514560 ----a-w- c:windowsSysWow64qdvd.dll

2012-07-16 16:45 . 2012-07-16 16:45 -------- d-----w- c:usersUSERAppDataLocaladaware

2012-07-16 16:45 . 2012-07-19 12:19 -------- d-----w- c:programdataAd-Aware Browsing Protection

2012-07-16 16:44 . 2011-12-19 03:44 60536 ----a-w- c:windowssystem32driverssbhips.sys

2012-07-16 16:44 . 2011-09-29 03:16 119416 ----a-w- c:windowssystem32driversSbFwIm.sys

2012-07-16 16:44 . 2011-12-19 03:44 256632 ----a-w- c:windowssystem32driversSbFw.sys

2012-07-16 16:44 . 2011-12-19 04:21 45936 ----a-w- c:windowssystem32sbbd.exe

2012-07-16 16:44 . 2011-10-26 05:23 57976 ----a-w- c:windowssystem32driverssbredrv.sys

2012-07-16 16:44 . 2012-07-16 16:44 -------- d-----w- c:programdataLavasoft

2012-07-16 16:44 . 2012-07-16 19:07 -------- d-----w- c:program files (x86)Ad-Aware Antivirus

2012-07-16 16:42 . 2012-07-17 15:47 -------- d-----w- c:usersUSERAppDataRoamingAd-Aware Antivirus

2012-07-16 16:20 . 2012-07-16 16:45 -------- d-----w- c:programdataSpybot - Search & Destroy

2012-07-16 16:20 . 2012-07-16 16:43 -------- d-----w- c:program files (x86)Spybot - Search & Destroy

2012-07-16 15:13 . 2012-07-16 15:58 -------- d-----w- c:program files (x86)GRETECH

2012-07-16 15:05 . 2012-07-16 15:05 -------- d-----w- c:program files (x86)UltraUCC

2012-07-11 14:39 . 2012-06-12 03:08 3148800 ----a-w- c:windowssystem32win32k.sys

2012-07-11 09:49 . 2012-07-22 23:20 40848 ----a-w- c:windowsSysWow64driversscskusbs.sys

2012-07-11 09:49 . 2012-07-22 23:20 18832 ----a-w- c:windowsSysWow64driversscskusbf.sys

2012-07-11 02:17 . 2012-06-06 06:05 1499136 ----a-w- c:program filesCommon FilesSystemadomsado15.dll

2012-07-11 02:17 . 2012-06-06 05:05 1019904 ----a-w- c:program files (x86)Common FilesSystemadomsado15.dll

2012-07-11 02:17 . 2012-06-06 06:05 495616 ----a-w- c:program filesCommon FilesSystemadomsadox.dll

2012-07-11 02:17 . 2012-06-06 06:05 466944 ----a-w- c:program filesCommon FilesSystemadomsadomd.dll

2012-07-11 02:17 . 2012-06-06 06:05 258048 ----a-w- c:program filesCommon FilesSystemmsadcmsadco.dll

2012-07-11 02:17 . 2012-06-06 05:03 805376 ----a-w- c:windowsSysWow64cdosys.dll

2012-07-11 02:17 . 2012-06-06 06:05 61440 ----a-w- c:program filesCommon FilesSystemadomsador15.dll

2012-07-11 02:17 . 2012-06-06 05:05 143360 ----a-w- c:program files (x86)Common FilesSystemadomsjro.dll

2012-07-11 02:17 . 2012-06-06 05:05 372736 ----a-w- c:program files (x86)Common FilesSystemadomsadox.dll

2012-07-11 02:17 . 2012-06-06 05:05 57344 ----a-w- c:program files (x86)Common FilesSystemadomsador15.dll

2012-07-11 02:17 . 2012-06-06 05:05 352256 ----a-w- c:program files (x86)Common FilesSystemadomsadomd.dll

2012-07-11 02:17 . 2012-06-06 05:05 212992 ----a-w- c:program files (x86)Common FilesSystemmsadcmsadco.dll

2012-07-11 02:17 . 2012-06-06 06:02 1133568 ----a-w- c:windowssystem32cdosys.dll

2012-07-03 03:32 . 2012-07-03 03:32 -------- d-----w- c:program files (x86)Common FilesJava

2012-07-02 17:26 . 2012-07-02 17:26 -------- d-----w- c:program files (x86)Oracle

2012-07-02 17:26 . 2012-05-05 02:29 772504 ----a-w- c:windowsSysWow64npDeployJava1.dll

2012-07-02 09:40 . 2012-07-02 09:40 -------- d-----w- c:program filesiPod

2012-07-02 09:40 . 2012-07-02 09:41 -------- d-----w- c:program filesiTunes

2012-07-02 09:40 . 2012-07-02 09:41 -------- d-----w- c:program files (x86)iTunes

2012-07-01 00:12 . 2012-07-01 00:12 770384 ----a-w- c:program files (x86)Mozilla Firefoxmsvcr100.dll

2012-07-01 00:12 . 2012-07-01 00:12 421200 ----a-w- c:program files (x86)Mozilla Firefoxmsvcp100.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-07-22 23:20 . 2012-05-31 07:13 49032 ----a-w- c:windowsSysWow64driversSCSK5.sys

2012-07-22 23:20 . 2011-04-21 14:41 373640 ----a-w- c:windowsSysWow64SCSKUSB64Restarter.exe

2012-07-22 17:07 . 2012-04-08 01:51 426184 ----a-w- c:windowsSysWow64FlashPlayerApp.exe

2012-07-22 17:07 . 2011-05-15 05:32 70344 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl

2012-07-11 14:36 . 2011-02-06 23:37 59701280 ----a-w- c:windowssystem32MRT.exe

2012-07-03 16:21 . 2012-03-25 04:27 54072 ----a-w- c:windowssystem32driversaswRdr2.sys

2012-07-03 16:21 . 2011-07-17 04:40 958400 ----a-w- c:windowssystem32driversaswSnx.sys

2012-07-03 16:21 . 2011-02-23 13:15 71064 ----a-w- c:windowssystem32driversaswMonFlt.sys

2012-07-03 16:21 . 2011-02-23 13:15 59728 ----a-w- c:windowssystem32driversaswTdi.sys

2012-07-03 16:21 . 2011-02-23 13:15 355856 ----a-w- c:windowssystem32driversaswSP.sys

2012-07-03 16:21 . 2011-02-23 13:15 25232 ----a-w- c:windowssystem32driversaswFsBlk.sys

2012-07-03 16:21 . 2011-02-23 13:15 41224 ----a-w- c:windowsavastSS.scr

2012-07-03 16:21 . 2011-02-23 13:15 227648 ----a-w- c:windowsSysWow64aswBoot.exe

2012-07-03 16:21 . 2011-02-23 13:15 285328 ----a-w- c:windowssystem32aswBoot.exe

2012-06-02 22:19 . 2012-06-22 02:38 38424 ----a-w- c:windowssystem32wups.dll

2012-06-02 22:19 . 2012-06-22 02:38 2428952 ----a-w- c:windowssystem32wuaueng.dll

2012-06-02 22:19 . 2012-06-22 02:38 57880 ----a-w- c:windowssystem32wuauclt.exe

2012-06-02 22:19 . 2012-06-22 02:38 44056 ----a-w- c:windowssystem32wups2.dll

2012-06-02 22:19 . 2012-06-22 02:38 186752 ----a-w- c:windowssystem32wuwebv.dll

2012-06-02 22:19 . 2012-06-22 02:38 701976 ----a-w- c:windowssystem32wuapi.dll

2012-06-02 22:15 . 2012-06-22 02:38 2622464 ----a-w- c:windowssystem32wucltux.dll

2012-06-02 22:15 . 2012-06-22 02:38 36864 ----a-w- c:windowssystem32wuapp.exe

2012-06-02 22:15 . 2012-06-22 02:38 99840 ----a-w- c:windowssystem32wudriver.dll

2012-05-31 07:09 . 2010-12-29 01:02 241648 ----a-w- c:windowsSysWow64npEfdsWCtrl.dll

2012-05-31 04:25 . 2011-02-05 18:52 279656 ------w- c:windowssystem32MpSigStub.exe

2012-05-05 02:29 . 2011-02-07 07:43 687504 ----a-w- c:windowsSysWow64deployJava1.dll

2012-05-04 11:06 . 2012-06-13 17:26 5559664 ----a-w- c:windowssystem32ntoskrnl.exe

2012-05-04 10:03 . 2012-06-13 17:26 3968368 ----a-w- c:windowsSysWow64ntkrnlpa.exe

2012-05-04 10:03 . 2012-06-13 17:26 3913072 ----a-w- c:windowsSysWow64ntoskrnl.exe

2012-05-01 05:40 . 2012-06-13 17:26 209920 ----a-w- c:windowssystem32profsvc.dll

2012-04-28 03:55 . 2012-06-13 17:25 210944 ----a-w- c:windowssystem32driversrdpwd.sys

2012-04-26 05:41 . 2012-06-13 17:26 77312 ----a-w- c:windowssystem32rdpwsx.dll

2012-04-26 05:41 . 2012-06-13 17:26 149504 ----a-w- c:windowssystem32rdpcorekmts.dll

2012-04-26 05:34 . 2012-06-13 17:26 9216 ----a-w- c:windowssystem32rdrmemptylst.exe

.

.

((((((((((((((((((((((((((((( [email protected]_21.13.08 )))))))))))))))))))))))))))))))))))))))))

.

- 2009-07-14 04:54 . 2012-07-22 20:51 32768 c:windowsSysWOW64configsystemprofileAppDataRoamingMicrosoftWindowsCookiesindex.dat

+ 2009-07-14 04:54 . 2012-07-23 23:52 32768 c:windowsSysWOW64configsystemprofileAppDataRoamingMicrosoftWindowsCookiesindex.dat

+ 2009-07-14 04:54 . 2012-07-23 23:52 98304 c:windowsSysWOW64configsystemprofileAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5index.dat

- 2009-07-14 04:54 . 2012-07-22 20:51 98304 c:windowsSysWOW64configsystemprofileAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5index.dat

- 2009-07-14 04:54 . 2012-07-22 20:51 16384 c:windowsSysWOW64configsystemprofileAppDataLocalMicrosoftWindowsHistoryHistory.IE5index.dat

+ 2009-07-14 04:54 . 2012-07-23 23:52 16384 c:windowsSysWOW64configsystemprofileAppDataLocalMicrosoftWindowsHistoryHistory.IE5index.dat

+ 2009-04-29 12:31 . 2012-07-23 13:14 69616 c:windowssystem32wdiShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2012-07-23 13:14 33896 c:windowssystem32wdiBootPerformanceDiagnostics_SystemData.bin

- 2011-01-19 12:37 . 2012-07-22 16:50 21836 c:windowssystem32wdi{86432a0b-3c7d-4ddf-a89c-172faa90485d}S-1-5-21-781000255-4049561891-2088489889-1000_UserData.bin

+ 2011-01-19 12:37 . 2012-07-23 13:14 21836 c:windowssystem32wdi{86432a0b-3c7d-4ddf-a89c-172faa90485d}S-1-5-21-781000255-4049561891-2088489889-1000_UserData.bin

+ 2012-07-23 13:11 . 2012-07-23 13:11 2048 c:windowsServiceProfilesLocalServiceAppDataLocallastalive1.dat

- 2012-07-22 16:47 . 2012-07-22 16:47 2048 c:windowsServiceProfilesLocalServiceAppDataLocallastalive1.dat

- 2012-07-22 16:47 . 2012-07-22 16:47 2048 c:windowsServiceProfilesLocalServiceAppDataLocallastalive0.dat

+ 2012-07-23 13:11 . 2012-07-23 13:11 2048 c:windowsServiceProfilesLocalServiceAppDataLocallastalive0.dat

+ 2011-02-06 19:02 . 2012-07-23 08:26 363938 c:windowssystem32wdiSuspendPerformanceDiagnostics_SystemData_S4.bin

+ 2009-07-14 05:01 . 2012-07-23 12:58 473528 c:windowsServiceProfilesLocalServiceAppDataLocalFontCache-System.dat

- 2009-07-14 05:01 . 2012-07-22 16:46 473528 c:windowsServiceProfilesLocalServiceAppDataLocalFontCache-System.dat

- 2011-02-05 19:20 . 2012-07-22 16:46 2156024 c:windowsServiceProfilesLocalServiceAppDataLocalFontCache3.0.0.0.dat

+ 2011-02-05 19:20 . 2012-07-23 12:58 2156024 c:windowsServiceProfilesLocalServiceAppDataLocalFontCache3.0.0.0.dat

- 2011-02-16 15:41 . 2012-07-22 16:46 30784574 c:windowsServiceProfilesLocalServiceAppDataLocalFontCache-S-1-5-21-781000255-4049561891-2088489889-1000-8192.dat

+ 2011-02-16 15:41 . 2012-07-23 12:58 30784574 c:windowsServiceProfilesLocalServiceAppDataLocalFontCache-S-1-5-21-781000255-4049561891-2088489889-1000-8192.dat

+ 2011-03-20 04:59 . 2012-07-23 06:59 18242582 c:windowsServiceProfilesLocalServiceAppDataLocalFontCache-S-1-5-21-781000255-4049561891-2088489889-1000-4096.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOTCLSID{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:usersUSERAppDataRoamingDropboxbinDropboxExt.14.dll

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOTCLSID{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:usersUSERAppDataRoamingDropboxbinDropboxExt.14.dll

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOTCLSID{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:usersUSERAppDataRoamingDropboxbinDropboxExt.14.dll

.

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]

"Skype"="c:program files (x86)SkypePhoneSkype.exe" [2012-06-08 17425072]

"MobileDocuments"="c:program files (x86)Common FilesAppleInternet Servicesubd.exe" [2012-02-23 59240]

"Game Fire"="c:program files (x86)Smart PC UtilitiesGame FireGFTray.exe" [2011-12-02 44032]

"SpybotSD TeaTimer"="c:program files (x86)Spybot - Search & DestroyTeaTimer.exe" [2009-03-05 2260480]

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun]

"IAStorIcon"="c:program files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe" [2010-06-08 284696]

"Adobe Reader Speed Launcher"="c:program files (x86)AdobeReader 9.0ReaderReader_sl.exe" [2009-02-27 35696]

"StartCCC"="c:program files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" [2011-01-05 336384]

"APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2012-05-31 59280]

"SwitchBoard"="c:program files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe" [2010-02-19 517096]

"AdobeCS5.5ServiceManager"="c:program files (x86)Common FilesAdobeCS5.5ServiceManagerCS5.5ServiceManager.exe" [2011-01-11 1523360]

"QuickTime Task"="c:program files (x86)QuickTimeQTTask.exe" [2012-04-19 421888]

"iTunesHelper"="c:program files (x86)iTunesiTunesHelper.exe" [2012-06-08 421776]

"SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava Updatejusched.exe" [2012-01-17 252296]

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRunOnce]

"aswAhAScr.dll"="c:program filesAlwil SoftwareAvast5aswRegSvr.exe" [2012-07-03 76648]

"aswasOutExt.dll"="c:program filesAlwil SoftwareAvast5aswRegSvr.exe" [2012-07-03 76648]

.

c:usersGuestAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup

Dell Dock First Run.lnk - c:program filesDellDellDockDellDock.exe [N/A]

.

c:usersUSERAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup

Dropbox.lnk - c:usersUSERAppDataRoamingDropboxbinDropbox.exe [2012-5-25 27112840]

.

c:programdataMicrosoftWindowsStart MenuProgramsStartup

Bluetooth.lnk - c:program filesWIDCOMMBluetooth SoftwareBTTray.exe [2009-12-30 1082656]

.

c:usersDefault UserAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup

Dell Dock First Run.lnk - c:program filesDellDellDockDellDock.exe [N/A]

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32]

"mixer9"=wdmaud.drv

.

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrollsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMCODS]

@=""

.

R0 sptd;sptd;c:windowsSystem32Driverssptd.sys [2011-08-15 867064]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576]

R2 DockLoginService;Dock Login Service;c:program filesDellDellDockDockLogin.exe [x]

R2 gupdate;Google Update Service (gupdate);c:program files (x86)GoogleUpdateGoogleUpdate.exe [2011-02-05 136176]

R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe [2012-06-08 160944]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-07-22 250056]

R3 gupdatem;Google Update Service (gupdatem);c:program files (x86)GoogleUpdateGoogleUpdate.exe [2011-02-05 136176]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:program files (x86)Mozilla Maintenance Servicemaintenanceservice.exe [2012-07-01 113120]

R3 NMgamingmsFltr;USB Optical Mouse;c:windowssystem32driversNMgamingms.sys [2009-07-23 11264]

R3 NPIDS;NPIDS;c:windowssystem32NpIdsVt64.sys [2010-09-07 54880]

R3 osppsvc;Office Software Protection Platform;c:program filesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE [2010-01-10 4925184]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:windowssystem32DriversRtsUStor.sys [2010-03-17 232480]

R3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys [2010-03-17 325152]

R3 scsk5;SCSK5 Driver Service;syswow64driversscsk5.sys [x]

R3 scskusbs;USB SCSK Driver Service;syswow64driversscskusbs.sys [x]

R3 SwitchBoard;Adobe SwitchBoard;c:program files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe [2010-02-19 517096]

R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [2010-11-20 59392]

R3 TurboBoost;TurboBoost;c:program filesIntelTurboBoostTurboBoost.exe [2009-11-02 126352]

R3 USBAAPL64;Apple Mobile USB Driver;c:windowssystem32Driversusbaapl64.sys [2012-02-15 52736]

R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2011-02-06 1255736]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:windowssystem32DRIVERSyk62x64.sys [2009-06-10 389120]

S0 PxHlpa64;PxHlpa64;c:windowsSystem32DriversPxHlpa64.sys [2010-07-12 55856]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:windowssystem32DRIVERSdtsoftbus01.sys [2011-12-30 279616]

S1 vwififlt;Virtual WiFi Filter Driver;c:windowssystem32DRIVERSvwififlt.sys [2009-07-14 59904]

S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:program files (x86)AdobeElements Organizer 8.0PhotoshopElementsFileAgent.exe [2009-09-18 169312]

S2 AESTFilters;Andrea ST Filters Service;c:program filesIDTWDMAESTSr64.exe [2009-03-03 89600]

S2 AMD External Events Utility;AMD External Events Utility;c:windowssystem32atiesrxx.exe [2011-01-05 203776]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [2012-07-03 71064]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:program files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe [2010-06-08 13336]

S2 pgsql-8.3;PostgreSQL Database Server 8.3;c:program files (x86)PostgreSQL8.3binpg_ctl.exe [2009-12-10 65536]

S2 TurboB;Turbo Boost UI Monitor driver;c:windowssystem32DRIVERSTurboB.sys [2009-11-02 13784]

S2 UNS;Intel® Management & Security Application User Notification Service;c:program files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2010-03-03 2320920]

S3 ALSysIO;ALSysIO;c:usersUSERAppDataLocalTempALSysIO64.sys [x]

S3 amdkmdag;amdkmdag;c:windowssystem32DRIVERSatikmdag.sys [2011-01-05 8283136]

S3 amdkmdap;amdkmdap;c:windowssystem32DRIVERSatikmpag.sys [2011-01-05 294400]

S3 BcmVWL;Broadcom Virtual Wireless;c:windowssystem32DRIVERSbcmvwl64.sys [2010-02-03 20984]

S3 btusbflt;Bluetooth USB Filter;c:windowssystem32driversbtusbflt.sys [2010-03-30 53800]

S3 btwl2cap;Bluetooth L2CAP Service;c:windowssystem32DRIVERSbtwl2cap.sys [2010-03-30 35104]

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:windowssystem32DRIVERSCtClsFlt.sys [2009-06-15 172704]

S3 HECIx64;Intel® Management Engine Interface;c:windowssystem32DRIVERSHECIx64.sys [2009-09-17 56344]

S3 scskusbf;USB SCSK Filter Driver Service;syswow64driversscskusbf.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - ALSYSIO

.

Contents of the 'Scheduled Tasks' folder

.

2012-07-24 c:windowsTasksAdobe Flash Player Updater.job

- c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-04-08 17:07]

.

2012-07-23 c:windowsTasksGoogleUpdateTaskMachineCore1cd682df83ff923.job

- c:program files (x86)GoogleUpdateGoogleUpdate.exe [2011-03-17 18:26]

.

2012-07-23 c:windowsTasksGoogleUpdateTaskMachineUA1cd682df8b2e0e2.job

- c:program files (x86)GoogleUpdateGoogleUpdate.exe [2011-03-17 18:26]

.

2012-07-20 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-781000255-4049561891-2088489889-1000Core.job

- c:usersUSERAppDataLocalGoogleUpdateGoogleUpdate.exe [2011-02-05 18:26]

.

2012-07-20 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-781000255-4049561891-2088489889-1000UA.job

- c:usersUSERAppDataLocalGoogleUpdateGoogleUpdate.exe [2011-02-05 18:26]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOTCLSID{472083B0-C522-11CF-8763-00608CC02F24}]

2012-03-07 00:15 135408 ------w- c:program filesAlwil SoftwareAvast5ashShA64.dll

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOTCLSID{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:usersUSERAppDataRoamingDropboxbinDropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOTCLSID{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:usersUSERAppDataRoamingDropboxbinDropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOTCLSID{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:usersUSERAppDataRoamingDropboxbinDropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersDropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOTCLSID{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:usersUSERAppDataRoamingDropboxbinDropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

"SysTrayApp"="c:program filesIDTWDMsttray64.exe" [2010-06-18 487424]

"SynTPEnh"="c:program files (x86)SynapticsSynTPSynTPEnh.exe" [bU]

"Broadcom Wireless Manager UI"="c:program filesDellDW WLAN CardWLTRAY.exe" [2010-02-03 5712896]

.

------- Supplementary Scan -------

.

uLocal Page = c:windowssystem32blank.htm

uStart Page =

mLocal Page = c:windowsSysWOW64blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:progra~2MIF5BA~1Office14EXCEL.EXE/3000

IE: Se&nd to OneNote - c:progra~2MIF5BA~1Office14ONBttnIE.dll/105

IE: Send image to &Bluetooth Device... - c:program filesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:program filesWIDCOMMBluetooth Softwarebtsendto_ie.htm

TCP: DhcpNameServer = 203.246.162.253 164.124.101.2

DPF: {286A75C3-11FB-4FB4-AC4A-4DD1B0750050} - hxxp://bkbcard.kbstar.com/initech/plugin/down/INIS60.cab

DPF: {7E9FDB80-5316-11D4-B02C-00C04F0CD404} - hxxp://download.softforum.co.kr/Published/XecureWeb/v7.2.5.0/xw_install.cab

DPF: {F939FEB8-9518-4A4A-BE60-D10FFB9557F2} - hxxp://download.kbstar.com/security/nprotect/netizenv55/npenkIEInstall5.cab

FF - ProfilePath - c:usersUSERAppDataRoamingMozillaFirefoxProfilesq865faf3.default

FF - prefs.js: browser.startup.homepage -

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERSS-1-5-21-781000255-4049561891-2088489889-1000SoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.emlUserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERSS-1-5-21-781000255-4049561891-2088489889-1000SoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.vcfUserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_USERSS-1-5-21-781000255-4049561891-2088489889-1000SoftwareSecuROMLicense information*]

"datasecu"=hex:21,17,f5,25,45,a0,e2,d2,ad,3f,8d,98,57,c1,f3,f4,e9,5b,3e,a9,f9,

7d,09,4c,05,f2,74,76,6b,7b,0d,f8,53,c0,07,37,0c,71,4a,54,b6,8c,df,00,f0,50,

"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:WINDOWSSysWOW64MacromedFlashFlashUtil32_11_3_300_265_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}LocalServer32]

@="c:WINDOWSSysWOW64MacromedFlashFlashUtil32_11_3_300_265_ActiveX.exe"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32]

@="c:WINDOWSSysWOW64MacromedFlashFlash32_11_3_300_265.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]

@="c:WINDOWSSysWOW64MacromedFlashFlash32_11_3_300_265.ocx, 1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version]

@="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32]

@="c:WINDOWSSysWOW64MacromedFlashFlash32_11_3_300_265.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]

@="c:WINDOWSSysWOW64MacromedFlashFlash32_11_3_300_265.ocx, 1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version]

@="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftOfficeCommonSmart TagActions{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftSchema LibraryActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftSchema LibraryActionsPane30]

"Key"="ActionsPane3"

"Location"="c:Program Files (x86)Common FilesMicrosoft SharedVSTOActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity]

@Denied: (Full) (Everyone)

.

Completion time: 2012-07-24 09:12:49

ComboFix-quarantined-files.txt 2012-07-24 00:12

ComboFix2.txt 2012-07-22 21:16

.

Pre-Run: 291,264,811,008 bytes free

Post-Run: 291,314,888,704 bytes free

.

- - End Of File - - E84A84CAA806DEB8632199943B4F899C

Share this post


Link to post
Share on other sites

Good. Let's get an online scan and see if I've missed anything.

 

Go here to run an online scanner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activeX control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan completes, press the LIST OF THREATS FOUND button
  • Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
  • Include the contents of this report in your next reply.
  • Press the BACK button.
  • Press Finish

Share this post


Link to post
Share on other sites

Scan has been running for 2 hours... and has been "99% complete" for most of that. It seems to be checking every file on the C drive? 2 threats found so far (varients of "Win32/primecasino application") out of 412k files scanned. Is this a typical runtime for this scan? It's still going...

Edited by Springbreakbox

Share this post


Link to post
Share on other sites

...And there we go. TXT report is just these 2 lines here:

 

 

C:UsersUSERDownloadsbjballroom (1).exe a variant of Win32/PrimeCasino application

C:UsersUSERDownloadsbjballroom.exe a variant of Win32/PrimeCasino application

 

Would it be enough to just manually delete these (duplicated) files from my Downloads folder?

Share this post


Link to post
Share on other sites

Yep. Go ahead and delete them.

 

Then, unless you know of any more issues, we can cleanup.

 

Time for some housekeeping

  • Click START then RUN
  • Now type ComboFix /Uninstall in the runbox and click OK.
  • Note the space between the X and the U, it needs to be there.
  • Posted Image
The above procedure will:
  • Implement some cleanup procedures.
  • Reset System Restore.

  • Double click on OTL to run it.
  • Click on CleanUp!
  • When done, you will be prompted to restart your computer. Please restart your computer.

Please re-enable any security that was disabled.

 

 

The following is my standard advice for the future. Use what you can and pat yourself on the back for what you're already doing.

 

Please take time to read Preventing Malware - Tools and Practices for Safe Computing. Very important information for your consideration is contained therein.

 

I would also suggest you read this:

So how did I get infected in the first place?

by Tony Klein

 

 

Also: "How to prevent malware"

by miekiemoes

 

Please respond back that you understand the above and let me know if you have any questions. Otherwise, this thread will be closed Resolved.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×
×
  • Create New...