Jump to content

jre247

Members
  • Posts

    11
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I do have one problem with my computer now. I tried to run a backup of my computer on my external hard drive and the backup failed, giving me this error message: "Windows Backup failed while trying to read from the shadow copy on one of the volumes being backed up. Please check in the event logs for any relevant errors." I checked the event logs and only found this exact error message displayed there. I looked online to try and find information about this error message and I found information saying that this error might be caused because Microsoft Security Essentials (this is the virus detected program on my computer) detected a virus, which aborted the backup. Other information I found said that it might be a good idea to turn off Microsoft Security Essential while backing up. What are your thoughts? Thanks!
  2. my computer is also behaving normally right now, no noticeable problems.
  3. Thank you for your help so far! Here's my log for when I ran Malwarebytes: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6484 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 5/1/2011 1:24:54 PM mbam-log-2011-05-01 (13-24-54).txt Scan type: Quick scan Objects scanned: 184049 Time elapsed: 4 minute(s), 57 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 3 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 1 Files Infected: 13 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\Software\WhiteSmokeTranslator (PUP.WhiteSmoke) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\whitesmoketoolbar (PUP.Whitesmoke) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\WhiteSmokeTranslator (PUP.WhiteSmoke) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: c:\Windows\System32\config\systemprofile\AppData\Roaming\whitesmokesetup (PUP.WhiteSmoke) -> Quarantined and deleted successfully. Files Infected: c:\Windows\System32\config\systemprofile\AppData\Roaming\whitesmokesetup\0x0409.ini (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\Windows\System32\config\systemprofile\AppData\Roaming\whitesmokesetup\config.txt (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\Windows\System32\config\systemprofile\AppData\Roaming\whitesmokesetup\data1.cab (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\Windows\System32\config\systemprofile\AppData\Roaming\whitesmokesetup\data1.hdr (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\Windows\System32\config\systemprofile\AppData\Roaming\whitesmokesetup\data2.cab (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\Windows\System32\config\systemprofile\AppData\Roaming\whitesmokesetup\ISSetup.dll (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\Windows\System32\config\systemprofile\AppData\Roaming\whitesmokesetup\layout.bin (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\Windows\System32\config\systemprofile\AppData\Roaming\whitesmokesetup\setup.exe (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\Windows\System32\config\systemprofile\AppData\Roaming\whitesmokesetup\setup.ini (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\Windows\System32\config\systemprofile\AppData\Roaming\whitesmokesetup\setup.inx (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\Windows\System32\config\systemprofile\AppData\Roaming\whitesmokesetup\setup.iss (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\Windows\System32\config\systemprofile\AppData\Roaming\whitesmokesetup\setup.log (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\Windows\System32\config\systemprofile\AppData\Roaming\whitesmokesetup\setup.ocx (PUP.WhiteSmoke) -> Quarantined and deleted successfully.
  4. Hello, I just discovered when I was trying to backup my computer on an external hard drive that I have a Whitesmoke Translator malware on my computer. Would any of you be able to assist me to make sure that I have successfully removed this malware from my computer so that my external hard drive doesn't become infected, as well? Thank you! Jason Sorry, I forgot to mention that I'm running Windows 7 64 bit OS on my PC laptop. Also, I have a Western Digital 1.5 TB external hard drive, which is where I want to do my backup without any malware (hopefully). Thanks! bump
  5. Also, my computer is behaving perfectly fine at the moment.
  6. Sorry, I was away from my computer until now. I followed your above instructions. Below is the ComboFix log. Thanks! ComboFix 11-01-14.01 - Jason 01/14/2011 20:48:53.5.2 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4061.2129 [GMT -5:00] Running from: c:\users\Jason\Desktop\ComboFix.exe Command switches used :: c:\users\Jason\Desktop\CFScript.txt SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FILE :: "c:\users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files (x86)\Ask.com c:\program files (x86)\Ask.com\cobrand.ico c:\program files (x86)\Ask.com\favicon.ico c:\program files (x86)\Ask.com\GenericAskToolbar.dll c:\program files (x86)\Ask.com\SaUpdate.exe c:\program files (x86)\Ask.com\UpdateTask.exe . ((((((((((((((((((((((((( Files Created from 2010-12-15 to 2011-01-15 ))))))))))))))))))))))))))))))) . 2011-01-15 01:52 . 2011-01-15 01:52 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-01-15 01:52 . 2011-01-15 01:52 -------- d-----w- c:\users\Classic .NET AppPool\AppData\Local\temp 2011-01-14 22:06 . 2011-01-14 22:06 -------- d-----w- c:\users\Jason\AppData\Roaming\Malwarebytes 2011-01-14 22:06 . 2011-01-14 22:06 -------- d-----w- c:\programdata\Malwarebytes 2011-01-14 22:06 . 2010-12-20 23:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-01-14 22:06 . 2010-12-20 23:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-11 02:07 . 2011-01-11 02:07 469256 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\58a9f33b1cbb13410\InstallManager_WLE_WLE.exe 2011-01-11 02:07 . 2011-01-11 02:07 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\4a9772fc1cbb13405\MeshBetaRemover.exe 2010-12-24 07:30 . 2010-11-16 17:01 8199504 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{10005DB8-1211-41FE-BB51-5D2FD810123A}\mpengine.dll 2010-12-24 04:57 . 2010-04-09 11:06 374664 ----a-w- c:\windows\system32\drivers\netio.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-15 01:54 . 2009-12-12 01:43 57752 ----a-w- c:\windows\SysWow64\rpcnet.dll 2010-12-27 21:05 . 2010-02-18 13:52 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll 2010-12-27 21:01 . 2010-03-30 21:46 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2010-12-27 20:54 . 2010-06-15 02:07 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll 2010-12-10 21:41 . 2010-02-18 13:52 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2010-11-25 00:42 . 2010-03-30 21:46 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll 2010-11-25 00:41 . 2010-02-18 13:52 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2010-11-25 00:41 . 2010-05-20 07:04 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2010-11-25 00:41 . 2010-02-28 21:01 588096 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2010-11-04 06:35 . 2010-12-15 19:29 1194496 ----a-w- c:\windows\system32\wininet.dll 2010-11-04 06:31 . 2010-12-15 19:29 57856 ----a-w- c:\windows\system32\licmgr10.dll 2010-11-04 05:52 . 2010-12-15 19:29 978944 ----a-w- c:\windows\SysWow64\wininet.dll 2010-11-04 05:48 . 2010-12-15 19:29 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll 2010-11-04 05:16 . 2010-12-15 19:29 482816 ----a-w- c:\windows\system32\html.iec 2010-11-04 04:41 . 2010-12-15 19:29 386048 ----a-w- c:\windows\SysWow64\html.iec 2010-11-04 04:35 . 2010-12-15 19:29 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2010-11-04 04:08 . 2010-12-15 19:29 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb 2010-11-02 05:18 . 2010-12-15 19:30 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll 2010-11-02 05:17 . 2010-12-15 19:30 1169408 ----a-w- c:\windows\system32\taskschd.dll 2010-11-02 05:17 . 2010-12-15 19:30 473600 ----a-w- c:\windows\system32\taskcomp.dll 2010-11-02 05:16 . 2010-12-15 19:30 1114624 ----a-w- c:\windows\system32\schedsvc.dll 2010-11-02 05:10 . 2010-12-15 19:30 464384 ----a-w- c:\windows\system32\taskeng.exe 2010-11-02 05:10 . 2010-12-15 19:30 285696 ----a-w- c:\windows\system32\schtasks.exe 2010-11-02 04:40 . 2010-12-15 19:30 496128 ----a-w- c:\windows\SysWow64\taskschd.dll 2010-11-02 04:40 . 2010-12-15 19:30 305152 ----a-w- c:\windows\SysWow64\taskcomp.dll 2010-11-02 04:34 . 2010-12-15 19:30 192000 ----a-w- c:\windows\SysWow64\taskeng.exe 2010-11-02 04:34 . 2010-12-15 19:30 179712 ----a-w- c:\windows\SysWow64\schtasks.exe 2010-10-27 05:06 . 2010-12-15 19:30 2048 ----a-w- c:\windows\system32\tzres.dll 2010-10-27 04:32 . 2010-12-15 19:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2010-10-20 05:20 . 2010-12-15 19:30 46080 ----a-w- c:\windows\system32\atmlib.dll 2010-10-20 04:54 . 2010-12-15 19:30 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2010-10-20 03:09 . 2010-12-15 19:29 3124224 ----a-w- c:\windows\system32\win32k.sys 2010-10-20 03:05 . 2010-12-15 19:30 367104 ----a-w- c:\windows\system32\atmfd.dll 2010-10-20 02:58 . 2010-12-15 19:30 294400 ----a-w- c:\windows\SysWow64\atmfd.dll 2010-10-19 15:41 . 2010-11-19 15:02 270720 ------w- c:\windows\system32\MpSigStub.exe 2010-10-17 23:12 . 2010-10-17 23:12 29184 ----a-w- c:\windows\SysWow64\CtLoJack.dll . ((((((((((((((((((((((((((((( SnapShot_2011-01-14_23.24.41 ))))))))))))))))))))))))))))))))))))))))) . + 2009-12-12 00:56 . 2011-01-15 01:40 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-12-12 00:56 . 2011-01-14 23:08 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-12-12 00:56 . 2011-01-14 23:08 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-12-12 00:56 . 2011-01-15 01:40 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2011-01-14 23:08 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2011-01-15 01:40 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-12-12 01:21 . 2011-01-15 01:55 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-12-12 01:21 . 2011-01-14 23:04 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-12-12 01:21 . 2011-01-15 01:55 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-12-12 01:21 . 2011-01-14 23:04 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-12-12 01:21 . 2011-01-14 23:04 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-12-12 01:21 . 2011-01-15 01:55 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-12-12 01:46 . 2011-01-14 23:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-12-12 01:46 . 2011-01-15 01:55 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-12-12 01:46 . 2011-01-14 23:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-12-12 01:46 . 2011-01-15 01:55 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-01-15 01:53 . 2011-01-15 01:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-01-14 23:02 . 2011-01-14 23:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-01-14 23:02 . 2011-01-14 23:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-01-15 01:53 . 2011-01-15 01:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-07-14 05:01 . 2011-01-14 23:01 432688 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2011-01-15 01:52 432688 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-06-19 494064] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584] vpngui.exe.lnk - c:\windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe [2010-6-15 5120] WinZip Quick Pick.lnk - c:\program files (x86)\WinZip\WZQKPICK.EXE [2009-12-22 106560] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer3"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-28 135664] R2 SessionLauncher;SessionLauncher;c:\users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [x] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2010-04-20 22528] R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-09-28 51712] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-18 1255736] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 61976] R4 OracleJobSchedulerXE;OracleJobSchedulerXE;c:\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe XE [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-08-12 55856] S1 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-06-25 203264] S2 MsDtsServer100;SQL Server Integration Services 10.0;c:\program files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [2008-07-10 214040] S2 OracleServiceXE;OracleServiceXE;c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE XE [x] S2 OracleXETNSListener;OracleXETNSListener;c:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe [2006-02-02 204800] S2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2009-03-30 2075480] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-07-02 35104] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848] S3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [2008-07-10 34840] S3 NETw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw5v64.sys [2009-05-14 5435904] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] iissvcs REG_MULTI_SZ w3svc was apphost REG_MULTI_SZ apphostsvc . Contents of the 'Scheduled Tasks' folder 2011-01-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-28 14:09] 2011-01-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-28 14:09] . --------- x86-64 ----------- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal] @="{C5994560-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 12:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified] @="{C5994561-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 12:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict] @="{C5994562-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 12:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked] @="{C5994563-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 12:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly] @="{C5994564-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 12:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted] @="{C5994565-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 12:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded] @="{C5994566-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 12:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored] @="{C5994567-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 12:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned] @="{C5994568-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 12:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416] "Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = 127.0.0.1;<local>;*.local IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm . - - - - ORPHANS REMOVED - - - - BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll Toolbar-Locked - (no file) Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}] @Denied: (A) (Everyone) "Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane] @Denied: (A) (Everyone) [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0] "Key"="ActionsPane" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Bonjour\mDNSResponder.exe c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe c:\app\Jason\product\11.1.0\client_1\bin\omtsreco.exe c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE c:\windows\SysWOW64\rpcnet.exe c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe . ************************************************************************** . Completion time: 2011-01-14 20:59:41 - machine was rebooted ComboFix-quarantined-files.txt 2011-01-15 01:59 ComboFix2.txt 2011-01-14 23:27 ComboFix3.txt 2011-01-10 03:20 Pre-Run: 304,501,460,992 bytes free Post-Run: 304,181,182,464 bytes free - - End Of File - - 7B08E3A8C34D48FB6646159288923B30
  7. I ran ComboFix successfully, and have the log from ComboFix pasted below. At the moment, my computer is running without any problems. ComboFix 11-01-14.01 - Jason 01/14/2011 18:20:35.4.2 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4061.2306 [GMT -5:00] Running from: c:\users\Jason\Desktop\ComboFix.exe SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\users\Jason\AppData\Roaming\Install.dat c:\windows\SysWow64\html c:\windows\SysWow64\html\calendar.html c:\windows\SysWow64\html\calendarbottom.html c:\windows\SysWow64\html\calendartop.html c:\windows\SysWow64\html\crystalexportdialog.htm c:\windows\SysWow64\html\crystalprinthost.html c:\windows\SysWow64\images c:\windows\SysWow64\images\toolbar\calendar.gif c:\windows\SysWow64\images\toolbar\crlogo.gif c:\windows\SysWow64\images\toolbar\export.gif c:\windows\SysWow64\images\toolbar\export_over.gif c:\windows\SysWow64\images\toolbar\exportd.gif c:\windows\SysWow64\images\toolbar\First.gif c:\windows\SysWow64\images\toolbar\first_over.gif c:\windows\SysWow64\images\toolbar\Firstd.gif c:\windows\SysWow64\images\toolbar\gotopage.gif c:\windows\SysWow64\images\toolbar\gotopage_over.gif c:\windows\SysWow64\images\toolbar\gotopaged.gif c:\windows\SysWow64\images\toolbar\grouptree.gif c:\windows\SysWow64\images\toolbar\grouptree_over.gif c:\windows\SysWow64\images\toolbar\grouptreed.gif c:\windows\SysWow64\images\toolbar\grouptreepressed.gif c:\windows\SysWow64\images\toolbar\Last.gif c:\windows\SysWow64\images\toolbar\last_over.gif c:\windows\SysWow64\images\toolbar\Lastd.gif c:\windows\SysWow64\images\toolbar\Next.gif c:\windows\SysWow64\images\toolbar\next_over.gif c:\windows\SysWow64\images\toolbar\Nextd.gif c:\windows\SysWow64\images\toolbar\Prev.gif c:\windows\SysWow64\images\toolbar\prev_over.gif c:\windows\SysWow64\images\toolbar\Prevd.gif c:\windows\SysWow64\images\toolbar\print.gif c:\windows\SysWow64\images\toolbar\print_over.gif c:\windows\SysWow64\images\toolbar\printd.gif c:\windows\SysWow64\images\toolbar\Refresh.gif c:\windows\SysWow64\images\toolbar\refresh_over.gif c:\windows\SysWow64\images\toolbar\refreshd.gif c:\windows\SysWow64\images\toolbar\Search.gif c:\windows\SysWow64\images\toolbar\search_over.gif c:\windows\SysWow64\images\toolbar\searchd.gif c:\windows\SysWow64\images\toolbar\up.gif c:\windows\SysWow64\images\toolbar\up_over.gif c:\windows\SysWow64\images\toolbar\upd.gif c:\windows\SysWow64\images\tree\begindots.gif c:\windows\SysWow64\images\tree\beginminus.gif c:\windows\SysWow64\images\tree\beginplus.gif c:\windows\SysWow64\images\tree\blank.gif c:\windows\SysWow64\images\tree\blankdots.gif c:\windows\SysWow64\images\tree\dots.gif c:\windows\SysWow64\images\tree\lastdots.gif c:\windows\SysWow64\images\tree\lastminus.gif c:\windows\SysWow64\images\tree\lastplus.gif c:\windows\SysWow64\images\tree\Magnify.gif c:\windows\SysWow64\images\tree\minus.gif c:\windows\SysWow64\images\tree\minusbox.gif c:\windows\SysWow64\images\tree\plus.gif c:\windows\SysWow64\images\tree\plusbox.gif c:\windows\SysWow64\images\tree\singleminus.gif c:\windows\SysWow64\images\tree\singleplus.gif . ((((((((((((((((((((((((( Files Created from 2010-12-14 to 2011-01-14 ))))))))))))))))))))))))))))))) . 2011-01-14 23:24 . 2011-01-14 23:24 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-01-14 23:24 . 2011-01-14 23:24 -------- d-----w- c:\users\Classic .NET AppPool\AppData\Local\temp 2011-01-14 22:06 . 2011-01-14 22:06 -------- d-----w- c:\users\Jason\AppData\Roaming\Malwarebytes 2011-01-14 22:06 . 2011-01-14 22:06 -------- d-----w- c:\programdata\Malwarebytes 2011-01-14 22:06 . 2010-12-20 23:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-01-14 22:06 . 2010-12-20 23:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-11 02:07 . 2011-01-11 02:07 469256 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\58a9f33b1cbb13410\InstallManager_WLE_WLE.exe 2011-01-11 02:07 . 2011-01-11 02:07 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\4a9772fc1cbb13405\MeshBetaRemover.exe 2010-12-24 07:30 . 2010-11-16 17:01 8199504 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{10005DB8-1211-41FE-BB51-5D2FD810123A}\mpengine.dll 2010-12-24 04:57 . 2010-04-09 11:06 374664 ----a-w- c:\windows\system32\drivers\netio.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-14 23:03 . 2009-12-12 01:43 57752 ----a-w- c:\windows\SysWow64\rpcnet.dll 2010-12-27 21:05 . 2010-02-18 13:52 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll 2010-12-27 21:01 . 2010-03-30 21:46 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2010-12-27 20:54 . 2010-06-15 02:07 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll 2010-12-10 21:41 . 2010-02-18 13:52 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2010-11-25 00:42 . 2010-03-30 21:46 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll 2010-11-25 00:41 . 2010-02-18 13:52 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2010-11-25 00:41 . 2010-05-20 07:04 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2010-11-25 00:41 . 2010-02-28 21:01 588096 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2010-11-04 06:35 . 2010-12-15 19:29 1194496 ----a-w- c:\windows\system32\wininet.dll 2010-11-04 06:31 . 2010-12-15 19:29 57856 ----a-w- c:\windows\system32\licmgr10.dll 2010-11-04 05:52 . 2010-12-15 19:29 978944 ----a-w- c:\windows\SysWow64\wininet.dll 2010-11-04 05:48 . 2010-12-15 19:29 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll 2010-11-04 05:16 . 2010-12-15 19:29 482816 ----a-w- c:\windows\system32\html.iec 2010-11-04 04:41 . 2010-12-15 19:29 386048 ----a-w- c:\windows\SysWow64\html.iec 2010-11-04 04:35 . 2010-12-15 19:29 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2010-11-04 04:08 . 2010-12-15 19:29 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb 2010-11-02 05:18 . 2010-12-15 19:30 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll 2010-11-02 05:17 . 2010-12-15 19:30 1169408 ----a-w- c:\windows\system32\taskschd.dll 2010-11-02 05:17 . 2010-12-15 19:30 473600 ----a-w- c:\windows\system32\taskcomp.dll 2010-11-02 05:16 . 2010-12-15 19:30 1114624 ----a-w- c:\windows\system32\schedsvc.dll 2010-11-02 05:10 . 2010-12-15 19:30 464384 ----a-w- c:\windows\system32\taskeng.exe 2010-11-02 05:10 . 2010-12-15 19:30 285696 ----a-w- c:\windows\system32\schtasks.exe 2010-11-02 04:40 . 2010-12-15 19:30 496128 ----a-w- c:\windows\SysWow64\taskschd.dll 2010-11-02 04:40 . 2010-12-15 19:30 305152 ----a-w- c:\windows\SysWow64\taskcomp.dll 2010-11-02 04:34 . 2010-12-15 19:30 192000 ----a-w- c:\windows\SysWow64\taskeng.exe 2010-11-02 04:34 . 2010-12-15 19:30 179712 ----a-w- c:\windows\SysWow64\schtasks.exe 2010-10-27 05:06 . 2010-12-15 19:30 2048 ----a-w- c:\windows\system32\tzres.dll 2010-10-27 04:32 . 2010-12-15 19:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2010-10-20 05:20 . 2010-12-15 19:30 46080 ----a-w- c:\windows\system32\atmlib.dll 2010-10-20 04:54 . 2010-12-15 19:30 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2010-10-20 03:09 . 2010-12-15 19:29 3124224 ----a-w- c:\windows\system32\win32k.sys 2010-10-20 03:05 . 2010-12-15 19:30 367104 ----a-w- c:\windows\system32\atmfd.dll 2010-10-20 02:58 . 2010-12-15 19:30 294400 ----a-w- c:\windows\SysWow64\atmfd.dll 2010-10-19 15:41 . 2010-11-19 15:02 270720 ------w- c:\windows\system32\MpSigStub.exe 2010-10-17 23:12 . 2010-10-17 23:12 29184 ----a-w- c:\windows\SysWow64\CtLoJack.dll . <pre> c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier .exe c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl .exe c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart .exe c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM .exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier .exe c:\program files (x86)\Common Files\Java\Java Update\jusched .exe c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv .exe c:\program files (x86)\Dell Support Center\bin\sprtcmd .exe c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2 .exe c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier .exe c:\program files (x86)\iTunes\iTunesHelper .exe c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor .exe c:\program files (x86)\QuickTime\QTTask .exe c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher .exe </pre> ((((((((((((((((((((((((((((( SnapShot@2011-01-10_02.59.18 ))))))))))))))))))))))))))))))))))))))))) . + 2009-12-06 01:27 . 2011-01-14 23:05 74396 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2011-01-14 23:05 45048 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2009-12-12 02:06 . 2011-01-14 23:05 18316 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-67101054-879430717-4028954506-1000_UserData.bin - 2009-12-12 00:56 . 2011-01-10 02:14 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-12-12 00:56 . 2011-01-14 23:08 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-12-12 00:56 . 2011-01-10 02:14 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-12-12 00:56 . 2011-01-14 23:08 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2011-01-10 02:14 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2011-01-14 23:08 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-12-12 01:21 . 2011-01-14 23:04 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-12-12 01:21 . 2011-01-10 02:14 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:46 . 2011-01-14 22:24 79016 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat - 2009-12-12 01:21 . 2011-01-10 02:14 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-12-12 01:21 . 2011-01-14 23:04 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-12-12 01:21 . 2011-01-14 23:04 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-12-12 01:21 . 2011-01-10 02:14 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-12-12 01:46 . 2011-01-14 23:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-12-12 01:46 . 2011-01-10 02:14 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-12-12 01:46 . 2011-01-10 02:14 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-12-12 01:46 . 2011-01-14 23:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-12-12 02:31 . 2011-01-13 06:22 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe - 2009-12-12 02:31 . 2010-12-16 04:55 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe - 2009-12-12 02:31 . 2010-12-16 04:55 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe + 2009-12-12 02:31 . 2011-01-13 06:22 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe - 2009-12-12 02:31 . 2010-12-16 04:55 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2009-12-12 02:31 . 2011-01-13 06:22 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe - 2011-01-10 02:11 . 2011-01-10 02:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2011-01-14 23:02 . 2011-01-14 23:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2011-01-14 23:02 . 2011-01-14 23:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2011-01-10 02:11 . 2011-01-10 02:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-01-12 15:52 . 2010-11-02 04:41 135168 c:\windows\SysWOW64\XpsRasterService.dll - 2009-07-14 00:15 . 2009-07-14 01:16 135168 c:\windows\SysWOW64\XpsRasterService.dll + 2011-01-12 15:52 . 2010-11-02 04:41 442880 c:\windows\SysWOW64\XpsPrint.dll + 2011-01-12 15:52 . 2010-11-02 04:41 283648 c:\windows\SysWOW64\XpsGdiConverter.dll + 2011-01-12 15:52 . 2010-10-16 04:34 573440 c:\windows\SysWOW64\odbc32.dll + 2011-01-12 15:52 . 2010-11-02 04:35 218624 c:\windows\SysWOW64\d3d10_1core.dll - 2009-07-13 23:27 . 2009-07-14 01:15 161792 c:\windows\SysWOW64\d3d10_1.dll + 2011-01-12 15:52 . 2010-11-02 04:35 161792 c:\windows\SysWOW64\d3d10_1.dll + 2011-01-12 15:52 . 2010-11-02 04:35 739840 c:\windows\SysWOW64\d2d1.dll - 2009-07-14 04:54 . 2011-01-10 02:15 393216 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2011-01-14 23:06 393216 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 00:37 . 2009-07-14 01:41 229888 c:\windows\system32\XpsRasterService.dll + 2011-01-12 15:52 . 2010-11-02 05:18 229888 c:\windows\system32\XpsRasterService.dll + 2011-01-12 15:52 . 2010-11-02 05:18 662528 c:\windows\system32\XpsPrint.dll + 2011-01-12 15:52 . 2010-11-02 05:18 470016 c:\windows\system32\XpsGdiConverter.dll + 2009-07-14 02:36 . 2011-01-14 23:18 907808 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2011-01-14 23:18 211992 c:\windows\system32\perfc009.dat + 2011-01-12 15:52 . 2010-10-16 05:17 720896 c:\windows\system32\odbc32.dll + 2011-01-12 15:52 . 2010-11-02 02:50 258048 c:\windows\system32\drivers\dxgmms1.sys - 2009-07-13 23:38 . 2009-07-13 23:38 258048 c:\windows\system32\drivers\dxgmms1.sys + 2011-01-12 15:52 . 2010-11-02 05:21 982912 c:\windows\system32\drivers\dxgkrnl.sys + 2011-01-12 15:52 . 2010-11-02 05:12 320512 c:\windows\system32\d3d10_1core.dll + 2011-01-12 15:52 . 2010-11-02 05:12 197120 c:\windows\system32\d3d10_1.dll - 2009-07-13 23:41 . 2009-07-14 01:40 197120 c:\windows\system32\d3d10_1.dll + 2011-01-12 15:52 . 2010-11-02 05:12 902656 c:\windows\system32\d2d1.dll + 2009-07-14 05:12 . 2011-01-10 16:46 245760 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat - 2009-07-14 05:12 . 2010-12-13 02:54 245760 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat - 2010-07-15 14:06 . 2010-05-19 19:48 144384 c:\windows\system32\cdd.dll + 2011-01-12 15:52 . 2010-11-02 04:59 144384 c:\windows\system32\cdd.dll + 2009-07-14 05:01 . 2011-01-14 23:01 432688 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2009-12-12 02:31 . 2010-12-16 04:55 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe + 2009-12-12 02:31 . 2011-01-13 06:22 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe + 2009-12-12 02:31 . 2011-01-13 06:22 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe - 2009-12-12 02:31 . 2010-12-16 04:55 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe - 2009-12-12 02:31 . 2010-12-16 04:55 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe + 2009-12-12 02:31 . 2011-01-13 06:22 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe - 2009-12-12 02:31 . 2010-12-16 04:55 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe + 2009-12-12 02:31 . 2011-01-13 06:22 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe + 2009-12-12 02:31 . 2011-01-13 06:22 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe - 2009-12-12 02:31 . 2010-12-16 04:55 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe + 2009-12-12 02:31 . 2011-01-13 06:22 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe - 2009-12-12 02:31 . 2010-12-16 04:55 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe - 2009-12-12 02:31 . 2010-12-16 04:55 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe + 2009-12-12 02:31 . 2011-01-13 06:22 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe + 2011-01-12 15:52 . 2010-06-26 05:14 1495040 c:\windows\SysWOW64\ExplorerFrame.dll - 2009-07-13 23:44 . 2009-07-14 01:15 1495040 c:\windows\SysWOW64\ExplorerFrame.dll + 2011-01-12 15:52 . 2010-11-02 04:35 1074176 c:\windows\SysWOW64\DWrite.dll + 2011-01-12 15:52 . 2010-11-02 04:35 1170944 c:\windows\SysWOW64\d3d10warp.dll - 2009-07-14 04:54 . 2011-01-10 02:15 2801664 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2011-01-14 23:06 2801664 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2011-01-14 23:06 1572864 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2011-01-10 02:15 1572864 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-01-12 15:52 . 2010-11-02 05:12 1133568 c:\windows\system32\FntCache.dll - 2009-07-13 23:57 . 2009-07-14 01:40 1863680 c:\windows\system32\ExplorerFrame.dll + 2011-01-12 15:52 . 2010-06-26 05:31 1863680 c:\windows\system32\ExplorerFrame.dll + 2011-01-12 15:52 . 2010-11-02 05:12 1540608 c:\windows\system32\DWrite.dll + 2011-01-12 15:52 . 2010-11-02 05:12 1837568 c:\windows\system32\d3d10warp.dll - 2009-07-14 04:45 . 2010-12-24 05:07 3805550 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat + 2009-07-14 04:45 . 2011-01-14 16:31 3805550 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat + 2010-12-17 05:17 . 2010-12-17 05:17 3362304 c:\windows\Installer\321a7d4.msp + 2009-12-12 02:31 . 2011-01-13 06:22 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe - 2009-12-12 02:31 . 2010-12-16 04:55 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2009-12-12 02:31 . 2011-01-13 06:22 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe - 2009-12-12 02:31 . 2010-12-16 04:55 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe + 2009-07-14 02:34 . 2011-01-14 22:30 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat - 2009-07-14 02:34 . 2011-01-10 02:27 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat + 2009-12-12 16:34 . 2011-01-13 06:22 39334856 c:\windows\system32\MRT.exe + 2010-12-21 18:06 . 2010-12-21 18:06 11570688 c:\windows\Installer\321a7be.msp . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2010-06-10 21:28 1233288 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-06-10 1233288] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [N/A] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584] vpngui.exe.lnk - c:\windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe [2010-6-15 5120] WinZip Quick Pick.lnk - c:\program files (x86)\WinZip\WZQKPICK.EXE [2009-12-22 106560] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer3"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-28 135664] R2 OracleXETNSListener;OracleXETNSListener;c:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe [2006-02-02 204800] R2 SessionLauncher;SessionLauncher;c:\users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [x] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2010-04-20 22528] R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-09-28 51712] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-18 1255736] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 61976] R4 OracleJobSchedulerXE;OracleJobSchedulerXE;c:\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe XE [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-08-12 55856] S1 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-06-25 203264] S2 MsDtsServer100;SQL Server Integration Services 10.0;c:\program files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [2008-07-10 214040] S2 OracleServiceXE;OracleServiceXE;c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE XE [x] S2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2009-03-30 2075480] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-07-02 35104] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848] S3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [2008-07-10 34840] S3 NETw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw5v64.sys [2009-05-14 5435904] --- Other Services/Drivers In Memory --- *Deregistered* - MpNWMon *Deregistered* - NisDrv [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] iissvcs REG_MULTI_SZ w3svc was apphost REG_MULTI_SZ apphostsvc . Contents of the 'Scheduled Tasks' folder 2011-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-28 14:09] 2011-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-28 14:09] . --------- x86-64 ----------- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal] @="{C5994560-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 12:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified] @="{C5994561-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 12:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict] @="{C5994562-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 12:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked] @="{C5994563-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 12:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly] @="{C5994564-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 12:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted] @="{C5994565-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 12:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded] @="{C5994566-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 12:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored] @="{C5994567-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 12:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned] @="{C5994568-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 12:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe" [N/A] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416] "Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = 127.0.0.1;<local>;*.local IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm . - - - - ORPHANS REMOVED - - - - Toolbar-Locked - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}] @Denied: (A) (Everyone) "Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane] @Denied: (A) (Everyone) [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0] "Key"="ActionsPane" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2011-01-14 18:27:11 ComboFix-quarantined-files.txt 2011-01-14 23:27 ComboFix2.txt 2011-01-10 03:20 Pre-Run: 304,719,114,240 bytes free Post-Run: 304,444,858,368 bytes free - - End Of File - - 0FD2FA6E2128BB5641FF0440D6E9B6D7
  8. I ran Malwarebytes again, and there were no malicious items detected on my computer. Below is the log. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 5521 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 1/14/2011 5:59:36 PM mbam-log-2011-01-14 (17-59-36).txt Scan type: Quick scan Objects scanned: 178856 Time elapsed: 2 minute(s), 31 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  9. Thanks a lot for your help! I successfully followed all of your instructions. At the moment, my computer is running very smoothly, with no problems at all. Before I had run combo fix a week ago (which I now know was a bad idea from you said), Malwarebytes, and ATF Cleaner, internet explorer would usually freeze whenever I tried opening it, my computer would sometimes crash, and I would always get ad pop-ups. Below, I have pasted my log from running Malwarebytes. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 5521 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 1/14/2011 5:13:11 PM mbam-log-2011-01-14 (17-13-11).txt Scan type: Quick scan Objects scanned: 178704 Time elapsed: 2 minute(s), 53 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 5 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 63 Files Infected: 575 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52794457-af6c-4c50-9def-f2e24f4c8889} (PUP.WhiteSmoke) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: c:\program files (x86)\whitesmoketoolbar (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\lib (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\modules (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\newtab (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\newtab\images (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\images (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\scripts (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\js (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\images (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\scripts (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\scripts (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\js (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\scripts (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\data (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\data\dynamicelements (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\data\rss (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\data\search (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\data\weather (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\dtxwizard (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\dtxwizard\skin (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\dtxwizard\skin\icon_library (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\dtxwizard\skin\icon_library\Basics (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\images (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\scripts (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\icons (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\options (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\searchbar (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\components (PUP.WhiteSmoke) -> Quarantined and deleted successfully. Files Infected: c:\program files (x86)\whitesmoketoolbar\manifest.xml (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\toolbar.xml (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\uninstall.exe (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\whitesmoketoolbar.dll (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\neterror.xhtml (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\preferences.xml (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\toolbar.htm (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\toolbar.xul (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\vmncode.js (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\vmnrsswin.xml (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\lib\about.xml (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\lib\dtxpanel.xul (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\lib\dtxpanelwin.xul (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\lib\dtxprefwin.xul (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\lib\dtxwin.xul (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\lib\emailnotifierproviders.xml (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\lib\external.js (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\lib\neterror.xhtml (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\lib\rsspreview.html (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\lib\rsswin.xml (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\lib\rsswin.xsl (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\lib\vmncode.js (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\lib\wmpstreamer.html (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\modules\datastore.jsm (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\newtab\newtab.html (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\newtab\images\btn_search.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\newtab\images\bullet.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\newtab\images\field_bg.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\newtab\images\powered_by_yahoo.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\tb_icon.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\widget.jsw (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\widget.xml (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\widget_version.txt (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\main.html (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\css\dialog.css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\images\bg.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\images\btn-wide-close-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\images\btn-wide-close.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\images\default.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\images\transparent.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\images\win-btm-left.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\images\win-btm-mdl.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\images\win-btm-right-resize.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\images\win-btm-right.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\scripts\defscript.js (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\tb_icon.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\Thumbs.db (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\widget.jsw (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\widget.xml (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\widget_version.txt (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\css\twitter.css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\btn-login-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\btn-login.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\btn-submit.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\loginbg.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\refresh-over.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\refresh.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\scrollbottom-disable.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\scrollbottom-down.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\scrollbottom-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\scrollbottom.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\scrolltop-disable.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\scrolltop-down.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\scrolltop-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\scrolltop.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\tab-off-l.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\tab-off-r.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\tab-on-l.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\tab-on-r.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\throbber.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\Thumbs.db (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\twitter-logo48.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\twitter_top.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\js\jquery.js (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\js\scripts.js (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\main.html (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\css\dialog.css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\images\bg.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\images\btn-wide-close-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\images\btn-wide-close.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\images\default.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\images\transparent.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\images\win-btm-left.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\images\win-btm-mdl.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\images\win-btm-right-resize.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\images\win-btm-right.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\scripts\defscript.js (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\tb_icon.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\widget.jsw (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\widget.xml (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\widget_version.txt (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\main.html (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\css\dialog.css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images\bg.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images\btn-search.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images\btn-wide-close-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images\btn-wide-close.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images\default.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images\Thumbs.db (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images\transparent.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images\win-btm-left.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images\win-btm-mdl.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images\win-btm-right-resize.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images\win-btm-right.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\scripts\defscript.js (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\index.html (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\tb_icon.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\widget.jsw (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\widget.xml (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\widget_version.txt (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\css\dialog.css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\arrow-grey.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\arrows_grey-left.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\arrows_grey-right.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\btn-search-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\btn-search.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\powered-by-youtube.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\scrollb-disable.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\scrollb-down.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\scrollb.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\scrollt-disable.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\scrollt-down.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\scrollt.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-off-l.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-off-r.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-on-l.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-on-r.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-over-l.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-over-r.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-red-left.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-red-mdl.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-red-right.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-white-left.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-white-mdl.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-white-right.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\throbber.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\Thumbs.db (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\vid-bg.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\youtube.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\js\jquery-1.3.2.min.js (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\js\jquery.autocomplete.min.js (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\main.html (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\css\dialog.css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images\bg.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images\btn-search.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images\btn-wide-close-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images\btn-wide-close.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images\default.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images\Thumbs.db (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images\transparent.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images\win-btm-left.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images\win-btm-mdl.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images\win-btm-right-resize.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images\win-btm-right.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\scripts\defscript.js (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\data\dynamicelements\vmntoolbar.xsl (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\data\rss\rss.xml (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\data\search\engines.xml (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\data\search\search.xsl (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\data\weather\icons.xml (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\634017460871087500_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\about.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\babylon_logo.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\bing_16x16.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\bing_searchicon_20x22_spaced_hover_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\bing_searchicon_20x22_spaced_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\blank_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\bluelite.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\bluesky.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\btn-search-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\btn-search.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\btn-settings-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\btn-settings.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\btn-widgets-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\btn-widgets.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\btn_settings.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\ca.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\checkmytext_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\checkmytext_png_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\dictionary.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\dictionary_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\dictionary_png_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\divider.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\downloadcom.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\dtxlogo.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\email.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\email_on.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\eteacher_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\facebook.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\feed_icon2_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\feed_icon_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\france_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\games.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\gamesicon_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\games_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\graphred0.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\graphred0_5.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\graphred1.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\graphred1_5.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\graphred2.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\graphred2_5.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\graphred3.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\graphred3_5.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\graphred4.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\graphred4_5.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\graphred5.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\graphredna.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\grey.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\ico-shield.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\images.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\italy_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lichen.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\logo-about.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\logo-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\logo-separator.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\logo.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\mail.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\menuseparatorback.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\modify-save.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\modify.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\modifyhot.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\music.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\namespacetoolbar.css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\networkicons_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\news.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\orange.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\pixsy.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\protect-id.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\relatedlinks.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\rss-collapse.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\rss-delete.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\rss-expand.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\rss-feed.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\rss-folder-remove.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\rss-folder-rename.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\rss-folder.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\rss-found.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\rss-reload.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\rss-subscribe.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\rss.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\rssback.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\rsstopback.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\rss_feed_icon_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\search-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\search.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\settings.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\shopping.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\siteinfo.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\skin-bluelite.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\skin-bluesky.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\skin-grey.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\skin-lichen.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\skin-orange.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\skin-yellow.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\skin.xml (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\spain_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\technorati.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\throbber.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\toolbarsplitter.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\translate.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\translate_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\translate_png_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\truste_about.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\tvicons_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\tvicon_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\tv_icon3_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\usa_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\vmn.css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\vmn.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\web.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\whtsmke_logo_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\whtsmke_logo_png2_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\whtsmke_logo_png3_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\whtsmke_logo_png4_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\whtsmke_logo_png5_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\whtsmke_logo_png_png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\wikipedia.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\yahoosearch.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\yellow.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\youtube.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\zoom.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\dtxwizard\skin\icon_library\Basics\folder.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\add.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\aol.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\arrow-dn.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\arrow-right-disabled.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\arrow-right.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\arrow-up.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\bg-btn-divider.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\bg-btn-end.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\bg-btn-mdl.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\bg-btn-mdl_ff.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\bg-btn-start.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\bg-btnover-divider.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\bg-btnover-end.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\bg-btnover-mdl.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\bg-btnover-mdl_ff.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\bg-btnover-start.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\blank.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\btn-widgets-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\btn-widgets.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\btnback-down-vista.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\btnback-vista.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\btnleft-down-vista.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\btnleft-vista.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\btnright-down-vista.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\btnright-vista.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\btn_slider.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\button-splitter-down-vista.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\button-splitter-vista.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\checkmark.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\chevron.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\collapse.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\comcast.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\dtx.css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\edit-back-hot.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\edit-back.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\expand.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\found.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\gmail.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\highlight.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\highlight_blue.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\highlight_cyan.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\highlight_lime.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\highlight_magenta.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\highlight_yellow.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\hotmail.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\ico-check.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\imap.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\lastsearch-thumb-back.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\loadingmid.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\lock.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\logo-separator.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\mailcom.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\menuitem-splitter.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\menuitemback-down-vista.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\menuitemback-vista.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\menuitemleft-down-vista.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\menuitemleft-vista.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\menuitemright-down-vista.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\menuitemright-vista.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\menu_bg-basic.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\menu_separator_bar.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\menu_separator_white.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\modify.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\move.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\movetarget.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\pop.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\reload.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\remove.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\rename.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\resize-box.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\rss.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\rsschannelback.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\RSSLogo.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\rsstabdivider.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\scroll-left.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\scroll-right.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\search-go.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\search.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\text-ellipsis.xml (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\throbber.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\toolbarsplitter.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\transparent_1px.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\yahoo.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\footer.htm (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\gamecategory.xsl (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\gameData.js (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\gameList.xsl (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\games.xsl (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\gametype.xsl (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\inithtml.html (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\popupgames.html (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\popuphtml.html (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\popuprss.html (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\popupwidgets.html (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\scroll.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\css\panels.css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\css\popupabout.css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\css\popupgames.css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\css\popupRSS.css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\css\popupwidgets.css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\main.html (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\css\dialog.css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\images\bg.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\images\btn-search.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\images\btn-wide-close-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\images\btn-wide-close.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\images\default.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\images\tab-off-l.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\images\tab-off-r.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\images\tab-on-l.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\images\tab-on-r.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\images\transparent.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\images\ttlbar-left.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\images\ttlbar-mdl.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\images\ttlbar-right.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\images\win-btm-left.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\images\win-btm-mdl.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\images\win-btm-right-resize.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\images\win-btm-right.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\images\win-left.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\images\win-right.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\default\scripts\defscript.js (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\arrow-dn.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\arrow-sml-drop.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\arrow-sml.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\arrow-up.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\arrowr-bluew5.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\bg-aboutbox.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\bg-btnover.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\bg-pnl520x390.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\btn-back.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\btn-close-grey.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\btn-close-greyover.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\btn-drag.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\btn-moredetails.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\btn-next-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\btn-next.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\btn-previous-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\btn-previous.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\bullet-orange.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\gamethumb-on.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\gamethumb2-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\ico-calendar.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\ico-download.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\ico-joystick24.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\ico-news24.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\ico-play.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\ico-tags.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\icon-Add.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\icon-download.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\icon-info.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\icon-play.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\icon-shop.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\menul-bgon.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\menul-bgover.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\panel-botm-noscroll.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\scroll-bg-206.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\scroll-bg.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\scroll-topwin.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\scrollb-disable.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\scrollb-down.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\scrollb-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\scrollb.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\scrollt-disable.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\scrollt-down.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\scrollt-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\scrollt.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\star_x_grey.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\star_x_orange.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\truste_about.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\view-detailed-on.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\view-detailed-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\view-thumb-on.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\view-thumb-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\widgets-square-16px.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\widgets-square-24px.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\panels\images\widgets.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\managerpanel.html (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\volumeslider.html (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\css\manager.css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\css\slider.css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\bg-pnl.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\btn-close-grey.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\btn-close-greyover.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\collapsed_button.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\expanded_button.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\ico-playstation-down.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\ico-playstation-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\ico-playstation.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\ico-radio.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\music-note.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-btn-pause-on.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-btn-pause.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-btn-play-on.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-btn-play.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-eq-bg.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-eq-buffer.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-eq-busy.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-eq-off.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-eq-on.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-eq-warning.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-options-design-on.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-options-design.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-options-on.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-options.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-volume-0.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-volume-1.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-volume-2.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-volume-3.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-volume-mute.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\scrollbar-handle.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\scrollbar-track.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\slider.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\slideron.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\radio\images\track.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\border_02.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\border_03.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\border_04.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\border_06.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\border_07.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\border_08.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\border_09.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\border_10.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\border_11.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\border_12.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\border_13.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\border_14.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\border_15.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\border_16.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\border_18.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\border_19.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\border_20.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\border_21.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\btn-close-grey.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\btn-close-greyover.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\close-hot.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\close-normal.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\loadingmid.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\proxy.html (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\template.html (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\template.xml (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\templateff.html (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\uwa\throbber.gif (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\icons\cond999.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\icons\icons.xml (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\icons\na-s.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\icons\na-t.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\icons\na.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\icons\weather.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\popupweather.css (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\popupweather.html (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\add.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\box-check.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\options\options-main.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\options\options-search.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\options\options-weather.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\options\options-widgets.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\searchbar\searchbar-background-left.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\searchbar\searchbar-background-middle.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\chrome\skin\searchbar\searchbar-background-right.png (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\program files (x86)\whitesmoketoolbar\components\windowmediator.js (PUP.WhiteSmoke) -> Quarantined and deleted successfully. c:\Users\Jason\Desktop\explorer.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
  10. Hello, I have a nasty little virus from somehow downloading whitesmoke translator, and I'm wondering how I can remove this virus. I saw in another thread about downloading ComboFix.exe, which I ran and then created a log in a text file. Below is the text from C:ComboFix.txt. Can anyone provide me with some help to remove this virus? Thanks! ComboFix 11-01-08.05 - Jason 01/09/2011 22:11:13.2.2 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4061.2045 [GMT -5:00] Running from: c:usersJasonDesktopComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . /wow section - STAGE 50 The system cannot find the file LockedB. The system cannot find the file lockedB. The system cannot find the path specified. The system cannot find the file LockedB. The system cannot find the file LockedB. ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . c:program files (x86)whitesmoketoolbarwhITesmoketoolbarx.dll c:usersJasonAppDataRoaminginst.exe c:usersJasonGoToAssistDownloadHelper.exe c:windowsSysWow64decmprs.dll . ((((((((((((((((((((((((( Files Created from 2010-12-10 to 2011-01-10 ))))))))))))))))))))))))))))))) . 2011-01-10 03:13 . 2011-01-10 03:13 -------- d-----w- c:usersDefaultAppDataLocaltemp 2011-01-10 03:13 . 2011-01-10 03:13 -------- d-----w- c:usersClassic .NET AppPoolAppDataLocaltemp 2011-01-09 23:18 . 2010-11-10 02:35 8199504 ----a-w- c:programdataMicrosoftMicrosoft AntimalwareDefinition Updates{84503753-493F-490C-939C-2785BB32ED66}mpengine.dll 2011-01-03 17:01 . 2011-01-10 02:58 -------- d-----w- c:program files (x86)whitesmoketoolbar 2010-12-25 12:49 . 2010-11-10 02:35 8199504 ----a-w- c:programdataMicrosoftMicrosoft AntimalwareDefinition UpdatesBackupmpengine.dll 2010-12-24 14:49 . 2010-12-24 14:49 601424 ------w- c:programdataMicrosoftMicrosoft AntimalwareDefinition Updates{D26D8FA8-4A2D-439E-A61B-E982B7CC35B4}gapaengine.dll 2010-12-24 07:30 . 2010-11-16 17:01 8199504 ------w- c:programdataMicrosoftWindows DefenderDefinition Updates{10005DB8-1211-41FE-BB51-5D2FD810123A}mpengine.dll 2010-12-24 04:58 . 2010-12-24 04:58 -------- d-----w- c:program files (x86)Microsoft Security Client 2010-12-24 04:57 . 2010-12-24 04:58 -------- d-----w- c:program filesMicrosoft Security Client 2010-12-15 19:30 . 2010-10-27 04:32 2048 ----a-w- c:windowsSysWow64tzres.dll 2010-12-15 19:30 . 2010-11-02 04:40 496128 ----a-w- c:windowsSysWow64taskschd.dll 2010-12-15 19:30 . 2010-11-02 04:40 305152 ----a-w- c:windowsSysWow64taskcomp.dll 2010-12-15 19:30 . 2010-11-02 04:34 192000 ----a-w- c:windowsSysWow64taskeng.exe 2010-12-15 19:30 . 2010-11-02 04:34 179712 ----a-w- c:windowsSysWow64schtasks.exe 2010-12-15 19:30 . 2010-10-20 04:54 34304 ----a-w- c:windowsSysWow64atmlib.dll 2010-12-15 19:30 . 2010-10-20 02:58 294400 ----a-w- c:windowsSysWow64atmfd.dll 2010-12-13 04:14 . 2010-12-13 04:14 94040 ----a-w- c:program files (x86)Common FilesWindows Live.cache3971a4d11cb9a7c1aDSETUP.dll 2010-12-13 04:14 . 2010-12-13 04:14 525656 ----a-w- c:program files (x86)Common FilesWindows Live.cache3971a4d11cb9a7c1aDXSETUP.exe 2010-12-13 04:14 . 2010-12-13 04:14 1691480 ----a-w- c:program files (x86)Common FilesWindows Live.cache3971a4d11cb9a7c1adsetup32.dll 2010-12-13 04:14 . 2010-12-13 04:14 94040 ----a-w- c:program files (x86)Common FilesWindows Live.cache37ecd3e01cb9a7c19DSETUP.dll 2010-12-13 04:14 . 2010-12-13 04:14 525656 ----a-w- c:program files (x86)Common FilesWindows Live.cache37ecd3e01cb9a7c19DXSETUP.exe 2010-12-13 04:14 . 2010-12-13 04:14 1691480 ----a-w- c:program files (x86)Common FilesWindows Live.cache37ecd3e01cb9a7c19dsetup32.dll 2010-12-13 04:12 . 2010-05-23 10:15 1619456 ----a-w- c:windowsSysWow64WMVDECOD.DLL 2010-12-13 04:12 . 2010-05-23 10:11 196608 ----a-w- c:windowsSysWow64mfreadwrite.dll 2010-12-13 04:12 . 2010-05-23 10:11 3181568 ----a-w- c:windowsSysWow64mf.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-10 02:13 . 2009-12-12 01:43 57752 ----a-w- c:windowsSysWow64rpcnet.dll 2010-12-27 21:05 . 2010-02-18 13:52 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCoreMicrosoft.Me diaCenter.Sports.UI.dll 2010-12-27 21:01 . 2010-03-30 21:46 4277016 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkup-2markup.dll 2010-12-27 20:54 . 2010-06-15 02:07 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSM-2StartResources.dll 2010-12-10 21:41 . 2010-02-18 13:52 539968 ----a-w- c:programdataMicrosofteHomePackagesMCESpotlightMCESpotlightSpotlightResou rces.dll 2010-11-25 00:42 . 2010-03-30 21:46 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCore-2Microsoft.MediaCenter.Sports.UI.dll 2010-11-25 00:41 . 2010-02-18 13:52 4277016 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkupmarkup.dll 2010-11-25 00:41 . 2010-05-20 07:04 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSMStartResources.dll 2010-11-25 00:41 . 2010-02-28 21:01 588096 ----a-w- c:programdataMicrosofteHomePackagesMCESpotlightMCESpotlight-2SpotlightResources.dll 2010-10-17 23:12 . 2010-10-17 23:12 29184 ----a-w- c:windowsSysWow64CtLoJack.dll . <pre> c:program files (x86)Absolute SoftwareAbsolute NotifierAbsoluteNotifier .exe c:program files (x86)AdobeReader 10.0ReaderReader_sl .exe c:program files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart .exe c:program files (x86)Common FilesAdobeARM1.0AdobeARM .exe c:program files (x86)Common FilesAppleMobile Device SupportAppleSyncNotifier .exe c:program files (x86)Common FilesJavaJava Updatejusched .exe c:program files (x86)CyberLinkPowerDVD DXPDVDDXSrv .exe c:program files (x86)Dell Support Centerbinsprtcmd .exe c:program files (x86)Dell WebcamDell Webcam CentralWebcamDell2 .exe c:program files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier .exe c:program files (x86)iTunesiTunesHelper .exe c:program files (x86)Microsoft OfficeOffice12GrooveMonitor .exe c:program files (x86)QuickTimeQTTask .exe c:program files (x86)RoxioRoxio BurnRoxioBurnLauncher .exe </pre> ((((((((((((((((((((((((((((( SnapShot@2011-01-10_02.59.18 ))))))))))))))))))))))))))))))))))))))))) . - 2009-12-12 00:56 . 2011-01-10 02:14 32768 c:windowssystem32configsystemprofileAppDataRoamingMicrosoftWindowsCooki esindex.dat + 2009-12-12 00:56 . 2011-01-10 03:04 32768 c:windowssystem32configsystemprofileAppDataRoamingMicrosoftWindowsCooki esindex.dat + 2009-12-12 00:56 . 2011-01-10 03:04 32768 c:windowssystem32configsystemprofileAppDataLocalMicrosoftWindowsTempora ry Internet FilesContent.IE5index.dat - 2009-12-12 00:56 . 2011-01-10 02:14 32768 c:windowssystem32configsystemprofileAppDataLocalMicrosoftWindowsTempora ry Internet FilesContent.IE5index.dat + 2009-07-14 04:54 . 2011-01-10 03:04 16384 c:windowssystem32configsystemprofileAppDataLocalMicrosoftWindowsHistory History.IE5index.dat - 2009-07-14 04:54 . 2011-01-10 02:14 16384 c:windowssystem32configsystemprofileAppDataLocalMicrosoftWindowsHistory History.IE5index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{D4027C7F-154A-4066-A1AD-4243D8127440}] 2010-06-10 21:28 1233288 ----a-w- c:program files (x86)Ask.comGenericAskToolbar.dll [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:program files (x86)Ask.comGenericAskToolbar.dll" [2010-06-10 1233288] [HKEY_CLASSES_ROOTclsid{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOTGenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOTTypeLib{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOTGenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "Sidebar"="c:program filesWindows Sidebarsidebar.exe" [2009-07-14 1475072] [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun] "Desktop Disc Tool"="c:program files (x86)RoxioRoxio BurnRoxioBurnLauncher.exe" [N/A] c:programdataMicrosoftWindowsStart MenuProgramsStartup Bluetooth.lnk - c:program filesWIDCOMMBluetooth SoftwareBTTray.exe [2009-7-1 1079584] vpngui.exe.lnk - c:windowsInstaller{467D5E81-8349-4892-9E81-C3674ED8E451}Icon09DB8A851.exe [2010-6-15 5120] WinZip Quick Pick.lnk - c:program files (x86)WinZipWZQKPICK.EXE [2009-12-22 106560] [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32] "mixer3"=wdmaud.drv [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMCODS] @="" [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMsMpSvc] @="Service" R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:program files (x86)GoogleUpdateGoogleUpdate.exe [2010-06-28 135664] R2 OracleXETNSListener;OracleXETNSListener;c:oraclexeapporacleproduct10.2.0se rverBINtnslsnr.exe [2006-02-02 204800] R2 SessionLauncher;SessionLauncher;c:usersADMINI~1AppDataLocalTempDX9Session Launcher.exe [x] R3 Netaapl;Apple Mobile Device Ethernet Service;c:windowssystem32DRIVERSnetaapl64.sys [2010-04-20 22528] R3 NisDrv;Microsoft Network Inspection System;c:windowssystem32DRIVERSNisDrvWFP.sys [2010-10-25 72064] R3 NisSrv;Microsoft Network Inspection;c:program filesMicrosoft Security ClientAntimalwareNisSrv.exe [2010-11-11 282616] R3 RoxMediaDB10;RoxMediaDB10;c:program files (x86)Common FilesRoxio Shared10.0SharedCOMRoxMediaDB10.exe [2009-06-26 1124848] R3 USBAAPL64;Apple Mobile USB Driver;c:windowssystem32Driversusbaapl64.sys [2010-09-28 51712] R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2010-04-18 1255736] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:program filesMicrosoft SQL Server100SharedSQLADHLP.EXE [2008-07-10 61976] R4 OracleJobSchedulerXE;OracleJobSchedulerXE;c:oraclexeapporacleproduct10.2.0 serverBinextjob.exe XE [x] S0 PxHlpa64;PxHlpa64;c:windowsSystem32DriversPxHlpa64.sys [2010-08-12 55856] S1 RsFx0103;RsFx0103 Driver;c:windowssystem32DRIVERSRsFx0103.sys [2009-03-30 311656] S1 vwififlt;Virtual WiFi Filter Driver;c:windowssystem32DRIVERSvwififlt.sys [2009-07-14 59904] S2 AMD External Events Utility;AMD External Events Utility;c:windowssystem32atiesrxx.exe [2009-06-25 203264] S2 MsDtsServer100;SQL Server Integration Services 10.0;c:program filesMicrosoft SQL Server100DTSBinnMsDtsSrvr.exe [2008-07-10 214040] S2 OracleServiceXE;OracleServiceXE;c:oraclexeapporacleproduct10.2.0serverbin ORACLE.EXE XE [x] S2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:program filesMicrosoft SQL ServerMSRS10.MSSQLSERVERReporting ServicesReportServerbinReportingServicesService.exe [2009-03-30 2075480] S3 btwl2cap;Bluetooth L2CAP Service;c:windowssystem32DRIVERSbtwl2cap.sys [2009-07-02 35104] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:windowssystem32DRIVERSCtClsFlt.sys [2009-06-15 172704] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:windowssystem32DRIVERSk57nd60a.sys [2009-06-10 270848] S3 MpNWMon;Microsoft Malware Protection Network Driver;c:windowssystem32DRIVERSMpNWMon.sys [2010-10-25 40832] S3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);c:program filesMicrosoft SQL ServerMSSQL10.MSSQLSERVERMSSQLBinnfdlauncher.exe [2008-07-10 34840] S3 NETw5v64;Intel
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.