How to remove VBS:mALWARE-GEN VIRUS?

Posted 9/15/2011 3:16 AM
#92287
User avatar

shannemark Advanced member

Date Joined Nov 2016
Total Posts: 32
Hi..my computer are infected with VBS:Malware-gen virus...avast detects it..but can't delete it...pls help!!! <br/> <br/> <br/>I ran Combofix and here is the log: <br/> <br/>ComboFix 11-09-14.02 - jhoy 5/2011 Thu 10:16:17.1.2 - x86 <br/>Microsoft Windows XP Professional 5.1.2600.2.936.86.1033.18.2038.1358 [GMT 8:00] <br/>执行位置: c:\documents and settings\jhoy\My Documents\Downloads\ComboFix.exe <br/>AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} <br/>. <br/>注意 - 这台电脑没有安装恢复控制台 !! <br/>. <br/>. <br/>((((((((((((((((((((((((((((((((((((((( 被删除的档案 ))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>c:\documents and settings\jhoy\Application Data\searchqutb <br/>c:\documents and settings\jhoy\Application Data\searchqutb\dtx.ini <br/>c:\documents and settings\jhoy\Application Data\searchqutb\games\00d2dfc64c07a4f32824abac1d6f735b <br/>c:\documents and settings\jhoy\Application Data\searchqutb\games\3e4265e00cbc4a9cf22a105046a46d8a <br/>c:\documents and settings\jhoy\Application Data\searchqutb\games\44a5d79f5451d3036ba3986425e234c8 <br/>c:\documents and settings\jhoy\Application Data\searchqutb\games\GameCategories.xml <br/>c:\documents and settings\jhoy\Application Data\searchqutb\games\GameTypes.xml <br/>c:\documents and settings\jhoy\Application Data\searchqutb\guid.dat <br/>c:\documents and settings\jhoy\Application Data\searchqutb\preferences.dat <br/>c:\documents and settings\jhoy\Application Data\searchqutb\stats.dat <br/>c:\documents and settings\jhoy\Application Data\searchqutb\uninstallIE.dat <br/>c:\documents and settings\jhoy\Application Data\searchqutb\version.xml <br/>c:\documents and settings\jhoy\Application Data\searchqutb\widgets_cache\84b70525cff6359fdeca553342c23e4c <br/>c:\documents and settings\jhoy\Application Data\searchqutb\widgets_cache\bf5b6317ae07da699882fc948f22eda4 <br/>c:\documents and settings\jhoy\Application Data\searchqutb\widgets_cache\category_cache.xml <br/>c:\documents and settings\jhoy\Application Data\searchqutb\widgets_cache\widget_cache.xml <br/>c:\documents and settings\jhoy\oashdihasidhasuidhiasdhiashdiuasdhasd <br/>c:\program files\360\360safe\safemon\HomePageLib.dat <br/>c:\program files\Bandoo\Plugins\IE\iePLugin.dll <br/>c:\program files\INSTALL.LOG <br/>c:\program files\UNWISE.EXE <br/>c:\program files\Windows Searchqu Toolbar <br/>c:\program files\Windows Searchqu Toolbar\DataMngr\datamngr.dll <br/>c:\program files\Windows Searchqu Toolbar\DataMngr\DataMngrUI.exe <br/>c:\program files\Windows Searchqu Toolbar\INSTALL.LOG <br/>c:\program files\Windows Searchqu Toolbar\main.ico <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\.#searchqutb.js.1.3 <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\data\search\engines.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\data\search\search.xsl <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\about.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\dtxpanelwin.xul <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\dtxprefwin.xul <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\dtxwin.xul <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\emailnotifierproviders.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\external.js <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\neterror.xhtml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\wmpstreamer.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\modules\datastore.jsm <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\preferences.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\searchqutb.js <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\toolbar.htm <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\toolbar.xul <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-mdl.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tl.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tr.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-dragresize.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-down.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-over.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-down.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-down.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-over.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next-off.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous-off.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\navico-home.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\panel.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\powered-mystart.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\tb_icon.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.js <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-mdl.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-tl.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-tr.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-dragresize.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close-down.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close-over.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize-down.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize-down.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize-over.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-next-off.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-next.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-previous-off.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-previous.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\navico-home.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\panel.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\powered-mystart.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\tb_icon.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\widget.js <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\widget.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-mdl.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-tl.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-tr.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-dragresize.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close-down.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close-over.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize-down.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize-down.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize-over.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-next-off.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-next.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-previous-off.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-previous.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\navico-home.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\panel.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\powered-mystart.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\tb_icon.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\widget.js <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\widget.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217.zip <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-mdl.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tl.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tr.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-dragresize.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close-down.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close-over.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize-down.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize-down.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize-over.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-next-off.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-next.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-previous-off.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-previous.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\navico-home.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\panel.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\powered-mystart.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\tb_icon.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\widget.js <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\widget.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\bluelite.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\bluesky.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-search-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-search.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-settings-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-settings.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-widgets-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-widgets.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn_settings.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-back-ff.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-back.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-left.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-right.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-splitter.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-back.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-left.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-right.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-splitter.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-back-ff.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-back.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-left.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-right.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-splitter.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\ca.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\dictionary.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\divider.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\downloadcom.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\email.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\email_on.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\games.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\graphred0.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\graphred0_5.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\grey.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\headsup.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\ico-shield.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\images.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\add.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\aol.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\arrow-dn.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\arrow-right.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\arrow-up.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-end.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-mdl.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-start.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-end.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-mdl.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-start.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\blank.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnback-down-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnback-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnleft-down-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnleft-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnright-down-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnright-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\button-splitter-down-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\button-splitter-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\checkmark.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\chevron.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\collapse.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\comcast.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\dtx.css <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\edit-back-hot.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\edit-back.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\expand.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\found.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\gmail.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_blue.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_cyan.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_lime.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_magenta.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_yellow.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\hotmail.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\imap.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\loadingMid.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\lock.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\mailcom.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menu_bg-basic.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menu_separator_bar.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitem-splitter.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemback-down-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemback-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemleft-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemright-down-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemright-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\move.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\movetarget.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\css\popupAbout.css <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\css\popupGames.css <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\footer.htm <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gamecategory.xsl <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gameData.js <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gameList.xsl <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gametype.xsl <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-drag.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-next.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-previous.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-download.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-play.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-tags.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-Add.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-download.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-Info.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-play.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-shop.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\Thumbs.db <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\popupGames.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\popupWidgets.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\pop.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\css\manager.css <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\css\slider.css <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-radio.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\music-note.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\slider.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\slideron.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\Thumbs.db <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\track.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\managerpanel.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\volumeslider.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\remove.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rename.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\resize-box.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rss.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rsschannelback.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\RSSLogo.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rsstabdivider.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\scroll-left.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\scroll-right.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\search-go.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\search.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\text-ellipsis.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\throbber.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\toolbarsplitter.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\transparent_1px.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_02.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_03.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_04.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_06.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_07.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_08.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_09.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_10.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_11.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_12.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_13.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_14.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_15.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_16.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_18.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_19.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_20.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_21.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\close-hot.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\close-normal.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\loadingMid.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\proxy.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\template.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\template.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\templateFF.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\throbber.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\weather.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\Thumbs.db <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\yahoo.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lichen.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\logo-about.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\logo.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\maps.bmp <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\menuseparatorback.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\modify-save.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\modify.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\modifyhot.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\music.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\news.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-main.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-search.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-weather.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-widgets.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\orange.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\pixsy.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\relatedlinks.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-collapse.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-delete.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-expand.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-feed.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-folder-remove.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-folder-rename.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-folder.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-found.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-reload.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-subscribe.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rssback.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rsstopback.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\search-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\search.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchbar\searchbar-background-left.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchbar\searchbar-background-right.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchqutb.css <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\settings.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\shopping.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\siteinfo.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-bluelite.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-bluesky.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-grey.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-lichen.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-orange.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-yellow.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\technorati.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\throbber.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\toolbarsplitter.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\video.bmp <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\weather.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\web.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_allocine.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_bliptv.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_calcal.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_calculator.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_gservices.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_sudoku.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_todo.jpg <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_todo.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_trio.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_uconverter.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widgets-square-16px.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widgets.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\wikipedia.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\yahoosearch.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\yellow.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\youtube.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\zoom.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\components\windowmediator.js <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\manifest.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\SearchquTb.dll <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\uninstall.exe <br/>c:\program files\Windows Searchqu Toolbar\UNWISE.EXE <br/>c:\program files\Windows Searchqu Toolbar\UnwiseLauncher.exe <br/>c:\windows\dasetup.log <br/>c:\windows\system32\config\systemprofile\oashdihasidhasuidhiasdhiashdiuasdhasd <br/>c:\windows\system32\drivers\RKHit.sys <br/>c:\windows\system32\drivers\str.sys <br/>c:\windows\system32\setting.ini <br/>c:\windows\system32\stu2.exe <br/>c:\windows\system32\tmp.tmp <br/>Pass LEGAL for license information. Built Sat Jun 25 23:20 2011c:\documents and settings\Administrator\NTUSER.DAT.LOG <br/>. <br/>. <br/>((((((((((((((((((((((((((((((((((((((( 驱动/服务 ))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>-------\Legacy_RKHIT <br/>-------\Service_RkHit <br/>. <br/>. <br/>((((((((((((((((((((((((( 2011-08-15 至 2011-09-15 的新的档案 ))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>2011-09-12 02:37 . 2011-09-14 02:05 -------- d-----w- C:\logs <br/>2011-09-12 02:37 . 2011-09-12 02:37 -------- d-----w- c:\documents and settings\jhoy\ChikkaV5 <br/>2011-09-12 02:37 . 2011-09-12 02:37 -------- d-----w- c:\program files\Chikka Messenger <br/>2011-09-12 02:36 . 2011-09-12 02:36 -------- d-----w- c:\program files\BabylonToolbar <br/>2011-09-12 02:36 . 2011-09-12 02:36 -------- d-----w- c:\documents and settings\jhoy\Local Settings\Application Data\Babylon <br/>2011-09-12 02:36 . 2011-09-12 02:36 -------- d-----w- c:\documents and settings\jhoy\Application Data\Babylon <br/>2011-09-12 02:36 . 2011-09-12 02:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Babylon <br/>2011-09-05 02:30 . 2011-09-05 02:30 -------- d-----w- c:\documents and settings\All Users\Application Data\EPSON <br/>2011-08-27 02:50 . 2011-09-15 01:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Autorun Eater <br/>2011-08-25 03:48 . 2011-08-25 03:48 -------- d-----w- c:\documents and settings\jhoy\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 <br/>2011-08-25 01:39 . 2011-09-02 00:21 -------- d-----w- c:\program files\PCSafeDoctor <br/>2011-08-17 05:50 . 1999-04-23 14:22 204800 ----a-w- c:\program files\Mozilla Firefox\image\WORDPAD.EXE <br/>2011-08-17 05:17 . 2011-09-12 03:27 -------- d-----w- c:\program files\LMSDiskette <br/>. <br/>. <br/>. <br/>(((((((((((((((((((((((((((((((((((((((( 在三个月内被修改的档案 )))))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>2011-09-06 20:45 . 2011-03-23 07:33 41184 ----a-w- c:\windows\avastSS.scr <br/>2011-09-06 20:45 . 2011-03-23 07:33 199304 ----a-w- c:\windows\system32\aswBoot.exe <br/>2011-09-06 20:38 . 2011-03-23 07:33 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys <br/>2011-09-06 20:37 . 2011-03-23 07:33 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys <br/>2011-09-06 20:36 . 2011-03-23 07:33 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys <br/>2011-09-06 20:36 . 2011-03-23 07:33 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys <br/>2011-09-06 20:36 . 2011-03-23 07:33 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys <br/>2011-09-06 20:36 . 2011-03-23 07:33 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys <br/>2011-09-06 20:36 . 2011-03-23 07:33 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys <br/>2011-09-06 20:33 . 2011-03-23 07:33 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys <br/>2011-08-17 05:50 . 2010-03-10 10:24 286720 ------w- c:\windows\Setup1.exe <br/>2011-08-17 05:50 . 2010-03-10 10:24 73216 ----a-w- c:\windows\ST6UNST.EXE <br/>2011-08-16 01:17 . 2011-05-17 00:44 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl <br/>2011-08-08 08:15 . 2010-01-28 03:24 9216 ----a-w- c:\windows\system32\IOCTLVDD.DLL <br/>2011-08-08 08:15 . 2010-01-28 03:24 4032 ----a-w- c:\windows\system32\drivers\hostnt.sys <br/>2011-08-08 08:15 . 2010-01-28 03:24 29056 ----a-w- c:\windows\system32\drivers\gsmhwdm.sys <br/>2011-08-08 08:15 . 2010-01-28 03:24 27696 ----a-w- c:\windows\system32\drivers\mhdrv.sys <br/>2011-08-08 08:15 . 2010-01-28 03:24 26060 ----a-w- c:\windows\system32\drivers\rcmhdog.sys <br/>2011-08-08 08:15 . 2010-01-28 03:24 25904 ----a-w- c:\windows\system32\drivers\rcusbwdm.sys <br/>2011-08-08 07:26 . 2010-01-28 03:25 69632 ----a-w- c:\windows\system32\MY3L_EX.DLL <br/>2011-08-08 07:26 . 2010-01-28 03:25 53248 ----a-w- c:\windows\system32\NT_DLL2.DLL <br/>2011-08-08 07:26 . 2010-01-28 03:25 135168 ----a-w- c:\windows\system32\YutianEx.DLL <br/>2011-09-08 04:41 . 2011-05-07 00:24 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll <br/>. <br/>. <br/>((((((((((((((((((((((((((((((((((((( 重要登入点 )))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>*注意* 空白与合法缺省登录将不会被显示 <br/>REGEDIT4 <br/>. <br/>[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] <br/>2009-07-10 09:28 1174920 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] <br/>"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-07-10 1174920] <br/>. <br/>[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] <br/>[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] <br/>[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] <br/>[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] <br/>. <br/>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] <br/>"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-07-10 1174920] <br/>. <br/>[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] <br/>[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] <br/>[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] <br/>[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] <br/>@="{472083B0-C522-11CF-8763-00608CC02F24}" <br/>[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] <br/>2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll <br/>. <br/>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"bluebirds"="c:\documents and settings\jhoy\Bluebirds\BlueBirds.exe" [2009-04-29 270336] <br/>"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-30 39408] <br/>"\\COOKIE\EPSON Stylus C90 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIBZP.EXE" [2006-09-27 139264] <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"Share-to-Web Namespace Daemon"="c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632] <br/>"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 16270848] <br/>"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168] <br/>"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168] <br/>"Persistence"="c:\windows\system32\igfxpers.exe" [2007-08-24 131072] <br/>"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 208952] <br/>"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-08-24 135168] <br/>"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-08-24 159744] <br/>"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] <br/>"Google Pinyin 2 Autoupdater"="c:\program files\Google\Google Pinyin 2\GooglePinyinDaemon.exe" [2011-02-24 1160760] <br/>"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416] <br/>. <br/>[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] <br/>"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] <br/>. <br/>c:\documents and settings\jhoy\Start Menu\Programs\Startup\ <br/>IPMSG for Win32.lnk - c:\program files\IPMsg\ipmsg.exe [2010-8-10 210432] <br/>. <br/>[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200804] <br/> Ime File REG_SZ GOOGLEPINYIN2.IME <br/>. <br/>[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digsby.lnk] <br/>path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digsby.lnk <br/>backup=c:\windows\pss\Digsby.lnkCommon Startup <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] <br/>2005-05-03 10:43 69632 ------r- c:\windows\Alcmtr.exe <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bluebirds] <br/>2009-04-29 09:02 270336 ----a-r- c:\documents and settings\jhoy\Bluebirds\BlueBirds.exe <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget] <br/>2007-09-25 09:29 2007088 ----a-w- c:\program files\FlashGet\flashget.exe <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] <br/>2009-11-10 07:39 5244216 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] <br/>2006-05-16 10:04 2879488 ------r- c:\windows\SkyTel.exe <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] <br/>2010-02-18 03:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] <br/>2010-03-30 04:58 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB Antivirus] <br/>2008-09-23 09:21 798720 ----a-w- c:\program files\USB Disk Security\USBGuard.exe <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] <br/>"gusvc"=3 (0x3) <br/>"ZhuDongFangYu"=2 (0x2) <br/>"YahooAUService"=2 (0x2) <br/>"ose"=3 (0x3) <br/>"JavaQuickStarterService"=2 (0x2) <br/>"gupdate"=2 (0x2) <br/>"AntiVirService"=2 (0x2) <br/>"AntiVirSchedulerService"=2 (0x2) <br/>. <br/>[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] <br/>"EnableFirewall"= 0 (0x0) <br/>. <br/>[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] <br/>"%windir%\\system32\\sessmgr.exe"= <br/>"c:\\Program Files\\FlashGet\\flashget.exe"= <br/>"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= <br/>"c:\\Program Files\\IPMsg\\ipmsg.exe"= <br/>"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"= <br/>"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"= <br/>"c:\\Program Files\\360\\360safe\\LiveUpdate360.exe"= <br/>"c:\\Program Files\\360\\360safe\\safemon\\360tray.exe"= <br/>"c:\\Program Files\\Skype\\Phone\\Skype.exe"= <br/>. <br/>[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] <br/>"3050:TCP"= 3050:TCP:FireBrid <br/>. <br/>R0 HookPort;HookPort;c:\windows\system32\drivers\hookport.sys [3/15/2010 4:42 PM 55040] <br/>R1 360SelfProtection;360SelfProtection;c:\windows\system32\drivers\360SelfProtection.sys [3/15/2010 4:42 PM 93952] <br/>R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [3/23/2011 3:33 PM 442200] <br/>R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [3/23/2011 3:33 PM 320856] <br/>R1 BAPIDRV;BAPIDRV;c:\windows\system32\drivers\BAPIDRV.SYS [3/15/2010 4:42 PM 66176] <br/>R1 EfiMon;EfiSystemMon;c:\windows\system32\drivers\EfiMon.sys [8/6/2009 10:29 PM 19072] <br/>R1 qutmdserv;Quantum DeepScanner Servers;c:\windows\system32\drivers\qutmdrv.sys [3/15/2010 4:42 PM 62336] <br/>R1 qutmipc;qutmipc;c:\windows\system32\drivers\qutmipc.sys [3/15/2010 4:42 PM 27648] <br/>R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3/23/2011 3:33 PM 20568] <br/>R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [8/8/2011 3:26 PM 81920] <br/>R2 HOSTNT;Hostnt;c:\windows\system32\drivers\hostnt.sys [1/28/2010 11:24 AM 4032] <br/>R2 MHDRV;Mhdrv;c:\windows\system32\drivers\mhdrv.sys [1/28/2010 11:24 AM 27696] <br/>R2 RCMHDOG;RCMHDOG;c:\windows\system32\drivers\rcmhdog.sys [1/28/2010 11:24 AM 26060] <br/>R2 TDDI;TDDI;c:\windows\system32\drivers\tddi.sys [1/28/2010 11:24 AM 46004] <br/>R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [8/8/2011 3:26 PM 2732032] <br/>S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/16/2010 2:36 PM 135664] <br/>S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/16/2010 2:36 PM 135664] <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] <br/>HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 <br/>. <br/> ‘计划任务’ 文件夹 里的内容 <br/>. <br/>2011-09-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job <br/>- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-16 06:36] <br/>. <br/>2011-09-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job <br/>- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-16 06:36] <br/>. <br/>. <br/>------- 而外的扫描 ------- <br/>. <br/>uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss&affID=100489&mntrId=d48220a7000000000000002421aa3a14 <br/>uSearch Page = hxxp://www.google.com <br/>uSearch Bar = hxxp://www.google.com/ie <br/>mDefault_Search_URL = hxxp://www.google.com/ie <br/>mStart Page = about:blank <br/>uSearchAssistant = hxxp://www.google.com/ie <br/>uSearchURL,(Default) = hxxp://www.google.com/search?q=%s <br/>mSearchAssistant = hxxp://www.google.com/ie <br/>IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm <br/>IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm <br/>IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 <br/>IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html <br/>TCP: DhcpNameServer = 124.106.5.2 124.106.6.2 <br/>FF - ProfilePath - c:\documents and settings\jhoy\Application Data\Mozilla\Firefox\Profiles\9jsspbrt.default\ <br/>FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon) <br/>FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?babsrc=HP_ss&affID=100489&mntrId=d48220a7000000000000002421aa3a14 <br/>FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=d48220a7000000000000002421aa3a14&tlver=1.4.35.10&affID=100489 <br/>. <br/>- - - - ORPHANS REMOVED - - - - <br/>. <br/>HKCU-Run-Search Protection - c:\program files\Yahoo!\Search Protection\SearchProtection.exe <br/>HKLM-Run-DataMngr - c:\progra~1\WINDOW~4\DataMngr\DataMngrUI.exe <br/>MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe <br/>MSConfigStartUp-avgnt - c:\program files\Avira\AntiVir Desktop\avgnt.exe <br/>MSConfigStartUp-YSearchProtection - c:\program files\Yahoo!\Search Protection\SearchProtection.exe <br/>AddRemove-YT Security Key Driver - c:\progra~1\UNWISE.EXE <br/>. <br/>. <br/>. <br/>************************************************************************** <br/>. <br/>catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net <br/>Rootkit scan 2011-09-15 10:26 <br/>Windows 5.1.2600 Service Pack 2 NTFS <br/>. <br/>扫描被隐藏的进程 。。。 <br/>. <br/>扫描被隐藏的启动组 。。。 <br/>. <br/>扫描被隐藏的文件 。。。 <br/>. <br/>扫描完成 <br/>被隐藏的档案: 0 <br/>. <br/>************************************************************************** <br/>. <br/>--------------------- 运行进程下的动态链接库 --------------------- <br/>. <br/>- - - - - - - > 'winlogon.exe'(764) <br/>c:\windows\system32\cscdll.dll <br/>. <br/>------------------------ 其他运行进程 ------------------------ <br/>. <br/>c:\program files\AVAST Software\Avast\AvastSvc.exe <br/>c:\windows\system32\conime.exe <br/>c:\windows\system32\wscntfy.exe <br/>c:\windows\RTHDCPL.EXE <br/>c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe <br/>c:\windows\system32\igfxsrvc.exe <br/>c:\program files\Google\Google Pinyin 2\GooglePinyinService.exe <br/>. <br/>************************************************************************** <br/>. <br/>完成时间: 2011-09-15 10:31:31 - 电脑已重新启动 <br/>ComboFix-quarantined-files.txt 2011-09-15 02:31 <br/>. <br/>Pre-Run: 116,889,673,728 bytes free <br/>Post-Run: 116,835,127,296 bytes free <br/>. <br/>- - End Of File - - 8C29BD70E0FA9B62357E0B0C80A91B60 <br/> <br/> <br/>THANKS FOR HELPING
Posted 9/15/2011 6:45 AM
#92288
User avatar

Robert Mateescu Advanced member

Date Joined Nov 2016
Total Posts: 427
Hi Shannemark! <br/> <br/>Here is what you need to do: <br/> <br/>1. Reboot your PC in Safe Mode with Networking <br/>2. Download MBAM from here: [url]http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html [/url] <br/>3. Download TDSS Killer from here : [url] http://www.softpedia.com/get/Antivirus/TDSSKiller.shtml [/url] <br/>4. Install and update MBAM, then run a full computer scan. <br/>5. When the scan is finished, you may be asked to reboot your PC. Postpone the restart. <br/>6. Run TDSS Killer. <br/>7. Reboot your PC in Normal mode and provide me with both scanlogs (MBAM and TDSS).
Robert Mateescu
Senior Support Technician EN
[url]support@bullguard.com[/url]
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security

You have a BullGuard related problem? Contact our Support team directly via Live Chat for immediate assistance: http://www.bullguard.com/support.aspx!
Posted 9/19/2011 3:45 AM
#92325
User avatar

shannemark Advanced member

Date Joined Nov 2016
Total Posts: 32
hello mr Robert Mateescu: <br/>thank you for your help. <br/>I follow your advice, I ran MBAM & TDSS <br/> <br/>Malwarebytes' Anti-Malware 1.51.2.1300 <br/>www.malwarebytes.org <br/> <br/>Database version: 7745 <br/> <br/>Windows 5.1.2600 Service Pack 2 (Safe Mode) <br/>Internet Explorer 6.0.2900.2180 <br/> <br/>9/19/2011 11:35:15 AM <br/>mbam-log-2011-09-19 (11-34-57).txt <br/> <br/>Scan type: Full scan (C:\|D:\|) <br/>Objects scanned: 309105 <br/>Time elapsed: 19 minute(s), 28 second(s) <br/> <br/>Memory Processes Infected: 0 <br/>Memory Modules Infected: 0 <br/>Registry Keys Infected: 0 <br/>Registry Values Infected: 0 <br/>Registry Data Items Infected: 0 <br/>Folders Infected: 0 <br/>Files Infected: 15 <br/> <br/>Memory Processes Infected: <br/>(No malicious items detected) <br/> <br/>Memory Modules Infected: <br/>(No malicious items detected) <br/> <br/>Registry Keys Infected: <br/>(No malicious items detected) <br/> <br/>Registry Values Infected: <br/>(No malicious items detected) <br/> <br/>Registry Data Items Infected: <br/>(No malicious items detected) <br/> <br/>Folders Infected: <br/>(No malicious items detected) <br/> <br/>Files Infected: <br/>c:\hp_cm1312_series_full_solution_v5.0_am-emea\setup\devicediscovery\devicediscovery.exe (Spyware.Agent) -> No action taken. <br/>c:\hp_cm1312_series_full_solution_v5.0_am-emea\setup\DocMgr\DocMgr.exe (Spyware.Agent) -> No action taken. <br/>c:\hp_cm1312_series_full_solution_v5.0_am-emea\setup\DTSS\DTSS.exe (Spyware.Agent) -> No action taken. <br/>c:\hp_cm1312_series_full_solution_v5.0_am-emea\setup\gpbaseservice\gpbaseservice.exe (Spyware.Agent) -> No action taken. <br/>c:\hp_cm1312_series_full_solution_v5.0_am-emea\setup\help\help.exe (Spyware.Agent) -> No action taken. <br/>c:\hp_cm1312_series_full_solution_v5.0_am-emea\setup\help\ar\ar.exe (Spyware.Agent) -> No action taken. <br/>c:\hp_cm1312_series_full_solution_v5.0_am-emea\setup\help\ca\ca.exe (Spyware.Agent) -> No action taken. <br/>c:\program files\360\360safe\360rpt.exe (Trojan.Downloader.Gen) -> No action taken. <br/>c:\program files\360\360safe\leakcheck.dll (Trojan.Agent) -> No action taken. <br/>c:\program files\360\360safe\makereport.exe (Backdoor.Wuca) -> No action taken. <br/>c:\program files\360\360safe\repairleakdll.dll (Trojan.Agent) -> No action taken. <br/>c:\program files\360\360safe\firstaid\superkiller.exe (Rogue.Installer) -> No action taken. <br/>d:\back up\drive c\backup files of joy (g)\joy\anik-anik\keygen.exe (RiskWare.Tool.CK) -> No action taken. <br/>d:\backup files of joy (g)\joy\anik-anik\keygen.exe (RiskWare.Tool.CK) -> No action taken. <br/>d:\system volume information\_restore{2b7cfd83-b26b-46aa-aca3-2cf21252d4e4}\RP12\A0014948.exe (RiskWare.Tool.CK) -> No action taken. <br/> <br/>THANK YOU VERY MUCH
Posted 9/19/2011 3:48 AM
#92326
User avatar

shannemark Advanced member

Date Joined Nov 2016
Total Posts: 32
HERE IS THE LOG FOR TDSS <br/> <br/>2011/09/19 11:46:32.0234 3576 TDSS rootkit removing tool 2.5.22.0 Sep 13 2011 15:55:17 <br/>2011/09/19 11:46:34.0234 3576 ================================================================================ <br/>2011/09/19 11:46:34.0234 3576 SystemInfo: <br/>2011/09/19 11:46:34.0234 3576 <br/>2011/09/19 11:46:34.0234 3576 OS Version: 5.1.2600 ServicePack: 2.0 <br/>2011/09/19 11:46:34.0234 3576 Product type: Workstation <br/>2011/09/19 11:46:34.0234 3576 ComputerName: JHOY <br/>2011/09/19 11:46:34.0234 3576 UserName: jhoy <br/>2011/09/19 11:46:34.0234 3576 Windows directory: C:\WINDOWS <br/>2011/09/19 11:46:34.0234 3576 System windows directory: C:\WINDOWS <br/>2011/09/19 11:46:34.0234 3576 Processor architecture: Intel x86 <br/>2011/09/19 11:46:34.0234 3576 Number of processors: 2 <br/>2011/09/19 11:46:34.0234 3576 Page size: 0x1000 <br/>2011/09/19 11:46:34.0234 3576 Boot type: Normal boot <br/>2011/09/19 11:46:34.0234 3576 ================================================================================ <br/>2011/09/19 11:46:35.0046 3576 Initialize success
Posted 9/19/2011 11:18 AM
#92332
User avatar

Robert Mateescu Advanced member

Date Joined Nov 2016
Total Posts: 427
Hi Shannemark, <br/> <br/> <br/>Rerun MBAM whilst in Safe Mode with Networking and choose to delete the infected files when the scan ends (the "Remove selected" button will be available when the scan is complete). <br/> <br/>Download HijackThis from here [url]free.antivirus.com/hijackthis/?page=download [/url](the executable version) and run it. Choose the "Do a system scan and save a log file" option to perform your scan. <br/> <br/>Post both logs, along with the Avast one your here. <br/> <br/>Note: I have deleted your other post, please reply to this one. This helps me to keep a track of the changes made to your system. :yeah: <br/> <br/> <br/>Best wishes!
Robert Mateescu
Senior Support Technician EN
[url]support@bullguard.com[/url]
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security

You have a BullGuard related problem? Contact our Support team directly via Live Chat for immediate assistance: http://www.bullguard.com/support.aspx!
Posted 9/20/2011 9:26 AM
#92340
User avatar

shannemark Advanced member

Date Joined Nov 2016
Total Posts: 32
hello mr robert, <br/> I had another computer named "cookie". it has the same virus <br/> could you please help me again with this problem? <br/> I run the combofix: here is the log <br/> <br/>ComboFix 11-09-19.05 - Cookie 0/2011 Tue 5:01.1.2 - x86 <br/>Microsoft Windows XP Professional 5.1.2600.3.936.86.1033.18.2047.1398 [GMT -4:00] <br/>执行位置: c:\documents and settings\Cookie\My Documents\Downloads\ComboFix.exe <br/>AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} <br/>. <br/>注意 - 这台电脑没有安装恢复控制台 !! <br/>. <br/>. <br/>((((((((((((((((((((((((((((((((((((((( 被删除的档案 ))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>C:\360Downloads <br/>c:\360downloads\360Downloads.exe <br/>c:\360downloads\360保险箱4.0_yjzj.exe <br/>c:\360downloads\360安全桌面1.4beta_yjzj.exe <br/>c:\360downloads\360安全浏览器3.8_yjzj.exe <br/>c:\360downloads\360杀毒 2.0正式版(四引擎).exe_yjzj.exe <br/>c:\360downloads\HM_Setup_yjzj.exe <br/>c:\360downloads\ppstream_2.7_yjzj.exe <br/>c:\360downloads\XiuXiu_360safe.exe <br/>c:\360downloads\射手影音播放器3.7_yjzj.exe <br/>c:\360downloads\有道词典_yjzj.exe <br/>c:\360downloads\益盟操盘手_yjzj.exe <br/>c:\360downloads\酷我音乐盒2011_yjzj.exe <br/>c:\360downloads\飞信2011_yjzj.exe <br/>C:\autorun.inf <br/>c:\documents and settings\All Users.WINDOWS\Documents\My Music\My Music.exe <br/>c:\documents and settings\All Users.WINDOWS\Documents\My Pictures\My Pictures.exe <br/>c:\documents and settings\All Users.WINDOWS\Documents\New Folder.exe <br/>c:\documents and settings\Cookie\Application Data\360SE <br/>c:\documents and settings\Cookie\Application Data\360SE\360se.ini <br/>c:\documents and settings\Cookie\Application Data\360SE\360se_s.ini <br/>c:\documents and settings\Cookie\Application Data\360SE\data\360sefav.db <br/>c:\documents and settings\Cookie\Application Data\360SE\data\BlankData.ini <br/>c:\documents and settings\Cookie\Application Data\360SE\data\history.dat <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\avc.360.cn.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\cn.bing.com.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\cz.360.cn.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\ddt.wan.360.cn.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\dgcs.wan.360.cn.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\dh.wan.360.cn.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\farm.wan.360.cn.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\hao.360.cn.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\hero.wan.360.cn.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\mcsd.wan.360.cn.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\me.360.cn.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\plsm.wan.360.cn.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\poker.wan.360.cn.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\se.360.cn.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\search8.taobao.com.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\wan.360.cn.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\www.baidu.com.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\www.bing.com.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\www.google.com.hk.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\www.qihoo.com.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\www.sogou.com.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\www.youdao.com.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\wxfy.wan.360.cn.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\yahoo.cn.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\ico\zqjl.wan.360.cn.ico <br/>c:\documents and settings\Cookie\Application Data\360SE\data\IEXCompat.dat <br/>c:\documents and settings\Cookie\Application Data\360SE\data\twcache.ini <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\ExtAddons\ExtStats.ini.cfg <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\ExtBank\bank2.ini <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\ExtBank\ExtBank.ini <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\ExtBank\stat.ini <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\ExtDoctor\ExtDoctor.ini <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\ExtLoginMagic\ExtLoginMagic.ini <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\extpageblank\stat.dat <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\ExtProxy\proxy.ini <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\ExtYouxi\ExtYouxi.ini <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\ExtYouxi\stat3.ini <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\ExtYouxi\ver.ini <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\Favorites\Favorites.ini <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\Favorites\Favorites2.ini <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\Favorites\Log\360log_2011_07_22.log <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\Favorites\titleopt.dll <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\Pluginbar\ver.ini <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\SafeCentral\esimple.ini <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\SafeCentral\SafeCentral.in <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\SafeCentral\SafeCentral.ini <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\SafeCentral\SafeProtect.dat <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\SafeCentral\urllib.dat <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\SafeCentral\urllibauth.dat <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\SafeCentral\urllibw.dat <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\SnapPlugin\stat.ini <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\TranslatorPlugin\stat.ini <br/>c:\documents and settings\Cookie\Application Data\360SE\extensions\TranslatorPlugin\translate.ini <br/>c:\documents and settings\Cookie\Application Data\360SE\seup.ini <br/>c:\documents and settings\Cookie\Application Data\360SE\stat.ini <br/>c:\documents and settings\Cookie\Application Data\searchqutb <br/>c:\documents and settings\Cookie\Application Data\searchqutb\dtx.ini <br/>c:\documents and settings\Cookie\Application Data\searchqutb\games\00d2dfc64c07a4f32824abac1d6f735b <br/>c:\documents and settings\Cookie\Application Data\searchqutb\games\3e4265e00cbc4a9cf22a105046a46d8a <br/>c:\documents and settings\Cookie\Application Data\searchqutb\games\44a5d79f5451d3036ba3986425e234c8 <br/>c:\documents and settings\Cookie\Application Data\searchqutb\games\GameCategories.xml <br/>c:\documents and settings\Cookie\Application Data\searchqutb\games\GameTypes.xml <br/>c:\documents and settings\Cookie\Application Data\searchqutb\guid.dat <br/>c:\documents and settings\Cookie\Application Data\searchqutb\preferences.dat <br/>c:\documents and settings\Cookie\Application Data\searchqutb\stats.dat <br/>c:\documents and settings\Cookie\Application Data\searchqutb\uninstallIE.dat <br/>c:\documents and settings\Cookie\Application Data\searchqutb\version.xml <br/>c:\documents and settings\Cookie\Application Data\searchqutb\widgets_cache\84b70525cff6359fdeca553342c23e4c <br/>c:\documents and settings\Cookie\Application Data\searchqutb\widgets_cache\bf5b6317ae07da699882fc948f22eda4 <br/>c:\documents and settings\Cookie\Application Data\searchqutb\widgets_cache\category_cache.xml <br/>c:\documents and settings\Cookie\Application Data\searchqutb\widgets_cache\widget_cache.xml <br/>C:\new folder.exe <br/>c:\new folder\New Folder.exe <br/>c:\program files\360\360safe\safemon\HomePageLib.dat <br/>c:\program files\Bandoo\Plugins\IE\iePLugin.dll <br/>c:\program files\Mozilla Firefox\searchplugins\SearchquWebSearch.xml <br/>c:\program files\Windows Searchqu Toolbar <br/>c:\program files\Windows Searchqu Toolbar\DataMngr\datamngr.dll <br/>c:\program files\Windows Searchqu Toolbar\DataMngr\DataMngrUI.exe <br/>c:\program files\Windows Searchqu Toolbar\INSTALL.LOG <br/>c:\program files\Windows Searchqu Toolbar\main.ico <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\.#searchqutb.js.1.3 <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\data\search\engines.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\data\search\search.xsl <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\about.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\dtxpanelwin.xul <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\dtxprefwin.xul <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\dtxwin.xul <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\emailnotifierproviders.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\external.js <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\neterror.xhtml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\wmpstreamer.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\modules\datastore.jsm <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\preferences.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\searchqutb.js <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\toolbar.htm <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\toolbar.xul <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-mdl.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tl.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tr.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-dragresize.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-down.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-over.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-down.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-down.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-over.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next-off.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous-off.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\navico-home.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\panel.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\powered-mystart.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\tb_icon.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.js <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-mdl.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-tl.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-tr.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-dragresize.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close-down.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close-over.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize-down.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize-down.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize-over.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-next-off.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-next.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-previous-off.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-previous.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\navico-home.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\panel.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\powered-mystart.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\tb_icon.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\widget.js <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\widget.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-mdl.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-tl.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-tr.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-dragresize.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close-down.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close-over.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize-down.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize-down.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize-over.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-next-off.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-next.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-previous-off.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-previous.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\navico-home.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\panel.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\powered-mystart.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\tb_icon.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\widget.js <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\widget.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217.zip <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-mdl.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tl.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tr.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-dragresize.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close-down.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close-over.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize-down.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize-down.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize-over.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize.PNG <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-next-off.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-next.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-previous-off.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-previous.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\navico-home.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\panel.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\powered-mystart.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\tb_icon.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\widget.js <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\widget.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\bluelite.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\bluesky.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-search-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-search.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-settings-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-settings.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-widgets-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-widgets.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn_settings.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-back-ff.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-back.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-left.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-right.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-splitter.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-back.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-left.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-right.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-splitter.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-back-ff.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-back.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-left.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-right.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-splitter.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\ca.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\dictionary.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\divider.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\downloadcom.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\email.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\email_on.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\games.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\graphred0.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\graphred0_5.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\grey.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\headsup.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\ico-shield.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\images.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\add.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\aol.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\arrow-dn.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\arrow-right.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\arrow-up.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-end.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-mdl.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-start.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-end.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-mdl.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-start.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\blank.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnback-down-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnback-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnleft-down-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnleft-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnright-down-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnright-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\button-splitter-down-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\button-splitter-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\checkmark.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\chevron.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\collapse.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\comcast.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\dtx.css <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\edit-back-hot.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\edit-back.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\expand.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\found.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\gmail.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_blue.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_cyan.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_lime.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_magenta.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_yellow.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\hotmail.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\imap.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\loadingMid.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\lock.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\mailcom.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menu_bg-basic.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menu_separator_bar.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitem-splitter.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemback-down-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemback-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemleft-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemright-down-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemright-vista.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\move.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\movetarget.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\css\popupAbout.css <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\css\popupGames.css <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\footer.htm <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gamecategory.xsl <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gameData.js <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gameList.xsl <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gametype.xsl <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-drag.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-next.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-previous.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-download.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-play.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-tags.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-Add.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-download.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-Info.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-play.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-shop.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\popupGames.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\popupWidgets.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\pop.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\css\manager.css <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\css\slider.css <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-radio.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\music-note.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\slider.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\slideron.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\track.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\managerpanel.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\volumeslider.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\remove.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rename.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\resize-box.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rss.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rsschannelback.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\RSSLogo.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rsstabdivider.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\scroll-left.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\scroll-right.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\search-go.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\search.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\text-ellipsis.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\throbber.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\toolbarsplitter.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\transparent_1px.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_02.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_03.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_04.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_06.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_07.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_08.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_09.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_10.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_11.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_12.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_13.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_14.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_15.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_16.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_18.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_19.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_20.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_21.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\close-hot.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\close-normal.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\loadingMid.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\proxy.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\template.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\template.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\templateFF.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\throbber.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\weather.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\yahoo.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lichen.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\logo-about.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\logo.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\maps.bmp <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\menuseparatorback.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\modify-save.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\modify.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\modifyhot.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\music.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\news.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-main.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-search.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-weather.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-widgets.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\orange.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\pixsy.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\relatedlinks.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-collapse.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-delete.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-expand.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-feed.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-folder-remove.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-folder-rename.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-folder.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-found.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-reload.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-subscribe.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rssback.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\rsstopback.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\search-over.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\search.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchbar\searchbar-background-left.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchbar\searchbar-background-right.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchqutb.css <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\settings.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\shopping.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\siteinfo.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-bluelite.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-bluesky.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-grey.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-lichen.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-orange.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-yellow.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\technorati.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\throbber.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\toolbarsplitter.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\video.bmp <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\weather.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\web.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_allocine.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_bliptv.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_calcal.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_calculator.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_gservices.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_sudoku.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_todo.jpg <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_todo.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_trio.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_uconverter.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widgets-square-16px.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\widgets.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\wikipedia.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\yahoosearch.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\yellow.gif <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\youtube.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\chrome\skin\zoom.png <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\components\windowmediator.js <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\manifest.xml <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\SearchquTb.dll <br/>c:\program files\Windows Searchqu Toolbar\ToolBar\uninstall.exe <br/>c:\program files\Windows Searchqu Toolbar\UNWISE.EXE <br/>c:\program files\Windows Searchqu Toolbar\UnwiseLauncher.exe <br/>c:\windows\system32\d3d9caps.dat <br/>c:\windows\system32\f3PSSavr.scr <br/>D:\Autorun.inf <br/>D:\New Folder.exe <br/>D:\setup.exe <br/>. <br/>. <br/>((((((((((((((((((((((((( 2011-08-20 至 2011-09-20 的新的档案 ))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>2011-08-25 00:58 . 2007-09-26 00:18 249994 --sha-r- C:\SSCVIIHOST.exe <br/>. <br/>. <br/>. <br/>(((((((((((((((((((((((((((((((((((((((( 在三个月内被修改的档案 )))))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>2011-08-20 07:15 . 2011-08-20 07:15 73728 ----a-w- c:\windows\system32\javacpl.cpl <br/>2011-08-20 07:15 . 2011-08-20 07:15 472808 ----a-w- c:\windows\system32\deployJava1.dll <br/>2011-08-13 01:19 . 2011-05-14 05:19 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl <br/>2011-07-05 04:59 . 2011-07-05 04:59 35544 ----a-w- c:\windows\system32\drivers\AntiDrv.sys <br/>2011-06-29 03:01 . 2010-07-22 07:30 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys <br/>2011-06-29 03:01 . 2010-07-22 07:30 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys <br/>2011-09-01 05:40 . 2011-05-09 02:21 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll <br/>. <br/>. <br/>((((((((((((((((((((((((((((((((((((( 重要登入点 )))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>*注意* 空白与合法缺省登录将不会被显示 <br/>REGEDIT4 <br/>. <br/>[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] <br/>2011-06-25 16:30 1491928 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] <br/>"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-06-25 1491928] <br/>. <br/>[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] <br/>[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] <br/>[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] <br/>[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] <br/>. <br/>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] <br/>"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-06-25 1491928] <br/>. <br/>[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] <br/>[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] <br/>[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] <br/>[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] <br/>. <br/>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616] <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952] <br/>"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392] <br/>"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168] <br/>"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168] <br/>"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168] <br/>"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744] <br/>"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072] <br/>"RTHDCPL"="RTHDCPL.EXE" [2010-04-06 19523104] <br/>"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-07 281768] <br/>"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-12 110696] <br/>"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-12 13666408] <br/>"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-06-25 884696] <br/>"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] <br/>"360Safebox"="c:\program files\360Safebox\SafeBoxTray.exe" [2011-09-01 2291032] <br/>. <br/>c:\documents and settings\Cookie\Start Menu\Programs\Startup\ <br/>IPMSG for Win32.lnk - c:\program files\IPMsg\ipmsg.exe [2010-8-10 210432] <br/>MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2010-7-8 576000] <br/>. <br/>c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\ <br/>HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360] <br/>. <br/>[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200804] <br/> Ime File REG_SZ GOOGLEPINYIN2.IME <br/>. <br/>[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] <br/>"%windir%\\Network Diagnostic\\xpnetdiag.exe"= <br/>"%windir%\\system32\\sessmgr.exe"= <br/>"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= <br/>"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= <br/>"c:\\Program Files\\uTorrent\\uTorrent.exe"= <br/>"c:\\Program Files\\Activision\\Prototype\\prototypef.exe"= <br/>"c:\\Program Files\\IPMsg\\ipmsg.exe"= <br/>"c:\\Program Files\\Bonjour\\mDNSResponder.exe"= <br/>"c:\\Program Files\\360\\360Safe\\safemon\\360tray.exe"= <br/>"c:\\Program Files\\360\\360Safe\\LiveUpdate360.exe"= <br/>"c:\\Program Files\\KWMUSIC\\bin\\KwMV.exe"= <br/>"c:\\Program Files\\KWMUSIC\\bin\\kwmusic.exe"= <br/>"c:\\Program Files\\Skype\\Phone\\Skype.exe"= <br/>. <br/>[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] <br/>"1034:TCP"= 1034:TCP:Akamai NetSession Interface <br/>"5000:UDP"= 5000:UDP:Akamai NetSession Interface <br/>. <br/>R0 HookPort;HookPort;c:\windows\system32\drivers\hookport.sys [1/9/2010 6:17 AM 54400] <br/>R1 360netmon;360netmon;c:\windows\system32\drivers\360netmon.sys [5/18/2011 5:01 AM 154968] <br/>R1 360SelfProtection;360SelfProtection;c:\windows\system32\drivers\360SelfProtection.sys [5/18/2011 5:01 AM 134488] <br/>R1 BAPIDRV;BAPIDRV;c:\windows\system32\drivers\BAPIDRV.SYS [5/18/2011 5:01 AM 83416] <br/>R1 EfiMon;EfiSystemMon;c:\windows\system32\drivers\EfiMon.sys [8/7/2008 10:40 PM 19072] <br/>R1 qutmdserv;Quantum DeepScanner Servers;c:\windows\system32\drivers\qutmdrv.sys [5/18/2011 5:01 AM 167640] <br/>R1 qutmipc;qutmipc;c:\windows\system32\drivers\qutmipc.sys [5/18/2011 5:01 AM 33240] <br/>R1 SafeBoxAnti;SafeBoxAnti;c:\windows\system32\drivers\AntiDrv.sys [7/5/2011 12:59 AM 35544] <br/>R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [4/14/2008 5:42 AM 14336] <br/>R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [7/22/2010 3:30 AM 136360] <br/>R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [6/28/2011 11:01 PM 428200] <br/>R2 ZhuDongFangYu;主动防御;c:\program files\360\360Safe\deepscan\ZhuDongFangYu.exe [3/15/2011 5:41 AM 171152] <br/>S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [7/20/2010 7:22 AM 1691480] <br/>S3 ComputerZ;ComputerZ;c:\program files\360HardwareMaster\ComputerZ.sys [7/22/2011 12:19 AM 23368] <br/>S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [12/18/2009 10:58 AM 11336] <br/>S3 HPFXFAX;HPFXFAX;c:\windows\system32\drivers\hpfxfax.sys [7/22/2010 9:49 PM 20504] <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] <br/>HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 <br/>hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc <br/>Akamai REG_MULTI_SZ Akamai <br/>. <br/> ‘计划任务’ 文件夹 里的内容 <br/>. <br/>2011-09-20 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job <br/>- c:\program files\Ask.com\UpdateTask.exe [2011-06-25 16:30] <br/>. <br/>. <br/>------- 而外的扫描 ------- <br/>. <br/>uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=GRxdm035YYPH&ptb=nVSBDBVLjs8NUFm_c3f49Q <br/>uDefault_Search_URL = hxxp://www.google.com/ie <br/>uInternet Settings,ProxyOverride = *.local <br/>uSearchAssistant = hxxp://www.google.com/ie <br/>uSearchURL,(Default) = hxxp://www.google.com/search?q=%s <br/>IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 <br/>IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 <br/>IE: 添加网址到360安全桌面 - c:\program files\360\360DeskTop\Bin\addapp.html <br/>LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll <br/>Trusted Zone: pps.tv <br/>Trusted Zone: ppstream.com <br/>Trusted Zone: webscache.com <br/>TCP: DhcpNameServer = 124.106.5.2 124.106.6.2 <br/>TCP: Interfaces\{A55EB9FA-B636-4A85-990A-15BB26C78A18}: NameServer = 8.8.8.8 <br/>FF - ProfilePath - c:\documents and settings\Cookie\Application Data\Mozilla\Firefox\Profiles\2rxwcr31.default\ <br/>FF - prefs.js: browser.startup.homepage - hxxp://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=GRxdm035YYPH&ptb=nVSBDBVLjs8NUFm_c3f49Q <br/>FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=GRxdm035YYPH&ptb=nVSBDBVLjs8NUFm_c3f49Q&ind=2010110705&ptnrS=GRxdm035YYPH&si=&n=77cfdaf1&psa=&st=kwd&searchfor= <br/>. <br/>. <br/>************************************************************************** <br/>. <br/>catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net <br/>Rootkit scan 2011-09-20 05:17 <br/>Windows 5.1.2600 Service Pack 3 NTFS <br/>. <br/>扫描被隐藏的进程 。。。 <br/>. <br/>扫描被隐藏的启动组 。。。 <br/>. <br/>扫描被隐藏的文件 。。。 <br/>. <br/>. <br/>c:\windows\system32\wbem\Performance\WmiApRpl_new.ini 950 bytes <br/>. <br/>扫描完成 <br/>被隐藏的档案: 1 <br/>. <br/>************************************************************************** <br/>. <br/>--------------------- LOCKED REGISTRY KEYS --------------------- <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\WPAEvents] <br/>@Denied: (Full) (LocalSystem) <br/>"OOBETimer"=hex: <br/>. <br/>--------------------- 运行进程下的动态链接库 --------------------- <br/>. <br/>- - - - - - - > 'lsass.exe'(784) <br/>c:\program files\Avira\AntiVir Desktop\avsda.dll <br/>. <br/>- - - - - - - > 'explorer.exe'(3480) <br/>c:\windows\system32\WININET.dll <br/>c:\program files\RocketDock\RocketDock.dll <br/>c:\windows\system32\ieframe.dll <br/>c:\windows\system32\webcheck.dll <br/>c:\windows\system32\WPDShServiceObj.dll <br/>c:\windows\system32\PortableDeviceTypes.dll <br/>c:\windows\system32\PortableDeviceApi.dll <br/>. <br/>------------------------ 其他运行进程 ------------------------ <br/>. <br/>c:\windows\system32\nvsvc32.exe <br/>c:\program files\Avira\AntiVir Desktop\avguard.exe <br/>c:\program files\Bonjour\mDNSResponder.exe <br/>c:\documents and settings\All Users.WINDOWS\Application Data\EPSON\EPW!3 SSRP\E_S30RP1.EXE <br/>c:\program files\Java\jre6\bin\jqs.exe <br/>c:\program files\Avira\AntiVir Desktop\avshadow.exe <br/>c:\progra~1\Bandoo\Bandoo.exe <br/>c:\windows\system32\wscntfy.exe <br/>c:\windows\system32\conime.exe <br/>c:\windows\RTHDCPL.EXE <br/>c:\windows\system32\RUNDLL32.EXE <br/>. <br/>************************************************************************** <br/>. <br/>完成时间: 2011-09-20 05:20:52 - 电脑已重新启动 <br/>ComboFix-quarantined-files.txt 2011-09-20 09:20 <br/>. <br/>Pre-Run: 36,404,318,208 bytes free <br/>Post-Run: 36,252,786,688 bytes free <br/>. <br/>- - End Of File - - BD6D560F06266131E0BE622DAE6A31BD <br/> <br/> <br/>thank you very much
Posted 9/20/2011 10:10 AM
#92342
User avatar

shannemark Advanced member

Date Joined Nov 2016
Total Posts: 32
hello mr robert <br/>I ran the hijackedthis and here is the log: <br/> <br/>Logfile of Trend Micro HijackThis v2.0.4 <br/>Scan saved at 6:01:11 PM, on 9/20/2011 <br/>Platform: Windows XP SP2 (WinNT 5.01.2600) <br/>MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) <br/>Boot mode: Normal <br/> <br/>Running processes: <br/>C:\WINDOWS\System32\smss.exe <br/>C:\WINDOWS\system32\winlogon.exe <br/>C:\WINDOWS\system32\services.exe <br/>C:\WINDOWS\system32\lsass.exe <br/>C:\WINDOWS\system32\svchost.exe <br/>C:\WINDOWS\System32\svchost.exe <br/>C:\Program Files\AVAST Software\Avast\AvastSvc.exe <br/>C:\WINDOWS\system32\spoolsv.exe <br/>C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe <br/>C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe <br/>C:\WINDOWS\Explorer.EXE <br/>C:\WINDOWS\System32\svchost.exe <br/>C:\WINDOWS\System32\svchost.exe <br/>C:\WINDOWS\system32\svchost.exe <br/>C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe <br/>c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe <br/>C:\WINDOWS\RTHDCPL.EXE <br/>C:\WINDOWS\system32\igfxpers.exe <br/>C:\WINDOWS\system32\igfxtray.exe <br/>C:\WINDOWS\system32\igfxsrvc.exe <br/>C:\WINDOWS\system32\hkcmd.exe <br/>C:\Program Files\Common Files\Java\Java Update\jusched.exe <br/>C:\Program Files\Google\Google Pinyin 2\GooglePinyinDaemon.exe <br/>C:\Program Files\AVAST Software\Avast\avastUI.exe <br/>C:\Program Files\Google\Google Pinyin 2\GooglePinyinService.exe <br/>C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe <br/>C:\Documents and Settings\jhoy\Bluebirds\BlueBirds.exe <br/>C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe <br/>C:\WINDOWS\system32\ctfmon.exe <br/>C:\Program Files\IPMsg\ipmsg.exe <br/>C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe <br/>C:\WINDOWS\system32\wscntfy.exe <br/>C:\Program Files\Mozilla Firefox\firefox.exe <br/>C:\WINDOWS\System32\svchost.exe <br/>C:\Program Files\Digsby\lib\digsby-app.exe <br/>C:\Program Files\Mozilla Firefox\plugin-container.exe <br/>C:\Documents and Settings\jhoy\My Documents\Downloads\HijackThis.exe <br/> <br/>R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) <br/>O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) <br/>O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll <br/>O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll <br/>O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll <br/>O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll <br/>O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll <br/>O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll <br/>O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll <br/>O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\bin\jp2ssv.dll <br/>O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll <br/>O3 - Toolbar: Digsby Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll <br/>O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll <br/>O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll <br/>O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe <br/>O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE <br/>O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC <br/>O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName <br/>O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe <br/>O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 <br/>O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe <br/>O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe <br/>O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" <br/>O4 - HKLM\..\Run: [Google Pinyin 2 Autoupdater] "C:\Program Files\Google\Google Pinyin 2\GooglePinyinDaemon.exe" <br/>O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui <br/>O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray <br/>O4 - HKCU\..\Run: [bluebirds] C:\Documents and Settings\jhoy\Bluebirds\BlueBirds.exe <br/>O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" <br/>O4 - HKCU\..\Run: [\\COOKIE\EPSON Stylus C90 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZP.EXE /FU "C:\DOCUME~1\jhoy\LOCALS~1\Temp\E_S3B.tmp" /EF "HKCU" <br/>O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe <br/>O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') <br/>O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') <br/>O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') <br/>O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') <br/>O4 - Startup: IPMSG for Win32.lnk = C:\Program Files\IPMsg\ipmsg.exe <br/>O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm <br/>O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm <br/>O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 <br/>O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html <br/>O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll <br/>O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll <br/>O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL <br/>O9 - Extra button: ?ì3μ - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe <br/>O9 - Extra 'Tools' menuitem: ?ì3μ(FlashGet) - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe <br/>O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe <br/>O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe <br/>O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab <br/>O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll <br/>O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\WINDOWS\system32\urlmon.dll <br/>O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll <br/>O18 - Protocol: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll <br/>O18 - Protocol: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll <br/>O18 - Protocol: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll <br/>O18 - Protocol: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll <br/>O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll <br/>O18 - Protocol: ipp - (no CLSID) - (no file) <br/>O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll <br/>O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll <br/>O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll <br/>O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll <br/>O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll <br/>O18 - Protocol: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll <br/>O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll <br/>O18 - Protocol: msdaipp - (no CLSID) - (no file) <br/>O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL <br/>O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL <br/>O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll <br/>O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll <br/>O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll <br/>O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll <br/>O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll <br/>O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll <br/>O20 - Winlogon Notify: TPSvc - TPSvc.dll (file missing) <br/>O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll <br/>O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll <br/>O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe <br/>O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe <br/>O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe <br/>O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe <br/>O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe <br/>O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe <br/>O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe <br/>O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe <br/> <br/>-- <br/>End of file - 11019 bytes <br/> <br/> <br/>malwarebytes log: <br/> <br/>Malwarebytes' Anti-Malware 1.51.2.1300 <br/>www.malwarebytes.org <br/> <br/>Database version: 7750 <br/> <br/>Windows 5.1.2600 Service Pack 2 (Safe Mode) <br/>Internet Explorer 6.0.2900.2180 <br/> <br/>9/20/2011 5:40:51 PM <br/>mbam-log-2011-09-20 (17-40-51).txt <br/> <br/>Scan type: Full scan (C:\|D:\|) <br/>Objects scanned: 309493 <br/>Time elapsed: 19 minute(s), 47 second(s) <br/> <br/>Memory Processes Infected: 0 <br/>Memory Modules Infected: 0 <br/>Registry Keys Infected: 0 <br/>Registry Values Infected: 0 <br/>Registry Data Items Infected: 0 <br/>Folders Infected: 0 <br/>Files Infected: 14 <br/> <br/>Memory Processes Infected: <br/>(No malicious items detected) <br/> <br/>Memory Modules Infected: <br/>(No malicious items detected) <br/> <br/>Registry Keys Infected: <br/>(No malicious items detected) <br/> <br/>Registry Values Infected: <br/>(No malicious items detected) <br/> <br/>Registry Data Items Infected: <br/>(No malicious items detected) <br/> <br/>Folders Infected: <br/>(No malicious items detected) <br/> <br/>Files Infected: <br/>c:\system volume information\_restore{066ec068-9935-4419-b7bc-dbc1ad9eef13}\RP6\A0000633.exe (Spyware.Agent) -> Quarantined and deleted successfully. <br/>c:\system volume information\_restore{066ec068-9935-4419-b7bc-dbc1ad9eef13}\RP6\A0000634.exe (Spyware.Agent) -> Quarantined and deleted successfully. <br/>c:\system volume information\_restore{066ec068-9935-4419-b7bc-dbc1ad9eef13}\RP6\A0000635.exe (Spyware.Agent) -> Quarantined and deleted successfully. <br/>c:\system volume information\_restore{066ec068-9935-4419-b7bc-dbc1ad9eef13}\RP6\A0000636.exe (Spyware.Agent) -> Quarantined and deleted successfully. <br/>c:\system volume information\_restore{066ec068-9935-4419-b7bc-dbc1ad9eef13}\RP6\A0000637.exe (Spyware.Agent) -> Quarantined and deleted successfully. <br/>c:\system volume information\_restore{066ec068-9935-4419-b7bc-dbc1ad9eef13}\RP6\A0000638.exe (Spyware.Agent) -> Quarantined and deleted successfully. <br/>c:\system volume information\_restore{066ec068-9935-4419-b7bc-dbc1ad9eef13}\RP6\A0000639.exe (Spyware.Agent) -> Quarantined and deleted successfully. <br/>c:\system volume information\_restore{066ec068-9935-4419-b7bc-dbc1ad9eef13}\RP6\A0000640.exe (Trojan.Downloader.Gen) -> Quarantined and deleted successfully. <br/>c:\system volume information\_restore{066ec068-9935-4419-b7bc-dbc1ad9eef13}\RP6\A0000641.dll (Trojan.Agent) -> Quarantined and deleted successfully. <br/>c:\system volume information\_restore{066ec068-9935-4419-b7bc-dbc1ad9eef13}\RP6\A0000642.exe (Backdoor.Wuca) -> Quarantined and deleted successfully. <br/>c:\system volume information\_restore{066ec068-9935-4419-b7bc-dbc1ad9eef13}\RP6\A0000643.dll (Trojan.Agent) -> Quarantined and deleted successfully. <br/>c:\system volume information\_restore{066ec068-9935-4419-b7bc-dbc1ad9eef13}\RP6\A0000644.exe (Rogue.Installer) -> Quarantined and deleted successfully. <br/>d:\system volume information\_restore{066ec068-9935-4419-b7bc-dbc1ad9eef13}\RP6\A0000645.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully. <br/>d:\system volume information\_restore{066ec068-9935-4419-b7bc-dbc1ad9eef13}\RP6\A0000646.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
Posted 9/20/2011 11:29 AM
#92343
User avatar

Robert Mateescu Advanced member

Date Joined Nov 2016
Total Posts: 427
Hi shannemark, <br/> <br/>The second set of logs belongs to another computer. <br/>I will kindly ask you to start a new topic for this PC, as it will make my work a lot easier. <br/> <br/>Thank you.
Robert Mateescu
Senior Support Technician EN
[url]support@bullguard.com[/url]
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security

You have a BullGuard related problem? Contact our Support team directly via Live Chat for immediate assistance: http://www.bullguard.com/support.aspx!
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Saturday, December 10, 2016, 2:23 AM (GMT +1)
There are a total of 61,163 posts in 13,450 threads.
In the last 3 days there were 1 new threads and 3 reply posts.

Who's online

This forum has 37,969 registered members. Please welcome our newest member, Heisenberg.
There are currently no users on-line.